Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -4 articles for you...
89
security advisoryfedoraupdateFedora 44 gh 2.92.0 Moderate CVE Fixes Advisory FEDORA-2026-5df889949e
Update to 2.92.0 and make telemetry sending opt in.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-5df889949e 2026-05-07 00:51:26.512946+00:00 -------------------------------------------------------------------------------- Name : gh Product : Fedora 44 Version : 2.92.0 Release : 1.fc44 URL : https://github.com/cli/cli Summary : GitHub's official command line tool Description : A command-line interface to GitHub for use in your terminal or your scripts. gh is a tool designed to enhance your workflow when working with GitHub. It provides a seamless way to interact with GitHub repositories and perform various actions right from the command line, eliminating the need to switch between your terminal and the GitHub website. -------------------------------------------------------------------------------- Update Information: Update to 2.92.0 and make telemetry sending opt in. -------------------------------------------------------------------------------- ChangeLog: * Mon May 4 2026 Maxwell G - 2.92.0-1 - Update to 2.92.0. Fixes rhbz#2451741. * Fri Apr 24 2026 Maxwell G - 2.91.0-3 - Make telemetry sending opt in * Fri Apr 24 2026 Maxwell G - 2.91.0-1 - Update to 2.91.0. Fixes rhbz#2451741. * Thu Mar 12 2026 Packit - 2.88.1-1 - Update to 2.88.1 upstream release - Resolves: rhbz#2446304 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2458931 - CVE-2026-39984 gh: improper certificate validation in verifier [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2458931 [ 2 ] Bug #2458984 - CVE-2026-5160 gh: github.com/yuin/goldmark/renderer/html: Cross-site Scripting due to improper URL validation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2458984 -------------------------------------------------------------------------------- This update can be installed with the"dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-5df889949e' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
May 07, 2026
•Critical
Fedora
89
security advisoryfedoraimportantFedora 44 kf6-kuserfeedback Important User Feedback Update 2026-fe3d8d4767
Frameworks 6.25.0 + KDE Plasma 6.6.4. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-fe3d8d4767 2026-04-16 23:40:54.273526+00:00 -------------------------------------------------------------------------------- Name : kf6-kuserfeedback Product : Fedora 44 Version : 6.25.0 Release : 1.fc44 URL : https://invent.kde.org/frameworks/kuserfeedback Summary : Framework for collecting user feedback for apps via telemetry and surveys Description : Framework for collecting user feedback for apps via telemetry and surveys. -------------------------------------------------------------------------------- Update Information: Frameworks 6.25.0 + KDE Plasma 6.6.4 -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 9 2026 Steve Cossette - 6.25.0-1 - 6.25.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2455469 - Configuring WifI network via Network pane appears to not work https://bugzilla.redhat.com/show_bug.cgi?id=2455469 [ 2 ] Bug #2457573 - FE: KDE Frameworks 6.25.0 + Plasma 6.6.4 https://bugzilla.redhat.com/show_bug.cgi?id=2457573 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-fe3d8d4767' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list
Apr 16, 2026
•Important
Fedora
89
security advisoryFedoraDenial of ServiceFedora 42: 2025-c546fd3f09 moderate update for qt6-qtmqtt bug fix
Qt 6.9.1 bugfix release.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-c546fd3f09 2025-06-11 02:45:06.590648+00:00 -------------------------------------------------------------------------------- Name : qt6-qtmqtt Product : Fedora 42 Version : 6.9.1 Release : 1.fc42 URL : http://www.qt.io Summary : Qt6 - Mqtt module Description : MQTT is a machine-to-machine (M2M) protocol utilizing the publish-and-subscribe paradigm, and provides a channel with minimal communication overhead. The Qt MQTT module provides a standard compliant implementation of the MQTT protocol specification. It enables applications to act as telemetry displays and devices to publish telemetry data. -------------------------------------------------------------------------------- Update Information: Qt 6.9.1 bugfix release. -------------------------------------------------------------------------------- ChangeLog: * Tue May 20 2025 Jan Grulich - 6.9.1-1 - 6.9.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2369872 - CVE-2025-5455 qt6: QtCore Assertion Failure Denial of Service [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2369872 [ 2 ] Bug #2371133 - CVE-2025-5683 qt5: Qt ICNS Image Crash Vulnerability [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2371133 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-c546fd3f09' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Jun 11, 2025
Fedora
98
security advisorybug fixlow impactRedHat OpenStack 14.0: Security Fix RHSA-2019-0580 for ceilometer
An update for openstack-ceilometer is now available for Red Hat OpenStack Platform 14.0 (Rocky). Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Low: openstack-ceilometer security and bug fix update Advisory ID: RHSA-2019:0580-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://access.redhat.com/errata/RHSA-2019:0580 Issue date: 2019-03-18 CVE Names: CVE-2019-3830 ==================================================================== 1. Summary: An update for openstack-ceilometer is now available for Red Hat OpenStack Platform 14.0 (Rocky). Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat OpenStack Platform 14.0 - noarch 3. Description: OpenStack Telemetry (ceilometer) collects customer usage data for metering purposes. Telemetry implements bus listener, push, and polling agents for data collection. This data is stored in a database and presented via the REST API. In addition, Telemetry's extensible design means it can be optionally extended to gather customized data sets. The following packages have been upgraded to a later upstream version: openstack-ceilometer (11.0.2). (BZ#1677462) Security Fix(es): * openstack-ceilometer: ceilometer-agent prints sensitive data from config files through log files (CVE-2019-3830) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4.Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1671261 - ceilometer writing snmp credentials to log file 1677389 - CVE-2019-3830 openstack-ceilometer: ceilometer-agent prints sensitive data from config files through log files 6. Package List: Red Hat OpenStack Platform 14.0: Source: openstack-ceilometer-11.0.2-0.20190117115822.50f268f.el7ost.src.rpm noarch: openstack-ceilometer-central-11.0.2-0.20190117115822.50f268f.el7ost.noarch.rpm openstack-ceilometer-common-11.0.2-0.20190117115822.50f268f.el7ost.noarch.rpm openstack-ceilometer-compute-11.0.2-0.20190117115822.50f268f.el7ost.noarch.rpm openstack-ceilometer-ipmi-11.0.2-0.20190117115822.50f268f.el7ost.noarch.rpm openstack-ceilometer-notification-11.0.2-0.20190117115822.50f268f.el7ost.noarch.rpm openstack-ceilometer-polling-11.0.2-0.20190117115822.50f268f.el7ost.noarch.rpm python-ceilometer-11.0.2-0.20190117115822.50f268f.el7ost.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-3830 https://access.redhat.com/security/updates/classification/#low 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBXI+S1dzjgjWX9erEAQgwZhAAnpWFB3VYqpVvRpYY5lFrfQZHcTF1Uptj tAZ7/RYw9zD6FfSQkOECzpT3/PVVxfCvAy9todYEPTiVpH2fr2PU048C2A+7BXFR g8T5Sz3OfVsnB2z970/ci57CyEpK7oBi3uH0fas8XsrT9sXaxmN7Zm6BIlRY8yGO y3+/o/Gi7J/nRgZO1Ts6FaXz0jIcxzJIdNlGwziMJrIPJj+VCXu1eaWTkAdknPES FLXyveK2H3XYEEWLRTd7gTPYuLpA3OjADv9zmh6vyx0e0C+7FhaRzMsYVSNw+Jqu z7JZWJ9OfrlpmhpxK5hInjWgBZZ7FMb7byGpPwHL2GDx4z7C13PKh65ZbaA9IEB8 gln0CK2sFAQtCqm4ZzXZcUd2C4eXmmJgsBgkzsXl/h8dSLxQOKkiu8E0/dj3BJ7J 1jZQtLIWRE/XhfgQhVwE4GMG6DR3SxkAs8HpKsb310rxmfxiDkHd5k7omg7Ewp7K Y+TD7ILv7OXAJ/Uwi1yokUW829k4bg2jo32vf+4Qd2qWgwcl4E2y2lesVwcST3SF vaJrWnqZQPSABrUTJ8RwAO8DyiVkz9UE32oZDRrB66T9gVYc3iTH1FSesUcKnQ4s /1eLsWLjMY7CsdJVcTWfZO68MIb5YWBFJGNpK4TrBXRNDQeB6nEByiJs0DKF5qI+ 768wC4y7IoE=7gh0 -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Mar 18, 2019
•Low
Red Hat
98
security advisoryRed Hatbug fixRed Hat OpenStack 13.0 Security Advisory RHSA-2019-0566 Low: Data Leak
An update for openstack-ceilometer is now available for Red Hat OpenStack Platform 13.0 (Queens). Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Low: openstack-ceilometer security and bug fix update Advisory ID: RHSA-2019:0566-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://access.redhat.com/errata/RHSA-2019:0566 Issue date: 2019-03-14 CVE Names: CVE-2019-3830 ==================================================================== 1. Summary: An update for openstack-ceilometer is now available for Red Hat OpenStack Platform 13.0 (Queens). Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat OpenStack Platform 13.0 - noarch 3. Description: OpenStack Telemetry (ceilometer) collects customer usage data for metering purposes. Telemetry implements bus listener, push, and polling agents for data collection. This data is stored in a database and presented via the REST API. In addition, Telemetry's extensible design means it can be optionally extended to gather customized data sets. Security Fix(es): * openstack-ceilometer: ceilometer-agent prints sensitive data from config files through log files (CVE-2019-3830) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, referto: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1659044 - Undercloud installation fails with --skip-metering-database when telemetry is enabled 1669296 - Rebase openstack-ceilometer to 8944142 1671037 - ceilometer writing snmp credentials to log file 1677389 - CVE-2019-3830 openstack-ceilometer: ceilometer-agent prints sensitive data from config files through log files 6. Package List: Red Hat OpenStack Platform 13.0: Source: openstack-ceilometer-10.0.1-6.el7ost.src.rpm noarch: openstack-ceilometer-central-10.0.1-6.el7ost.noarch.rpm openstack-ceilometer-common-10.0.1-6.el7ost.noarch.rpm openstack-ceilometer-compute-10.0.1-6.el7ost.noarch.rpm openstack-ceilometer-ipmi-10.0.1-6.el7ost.noarch.rpm openstack-ceilometer-notification-10.0.1-6.el7ost.noarch.rpm openstack-ceilometer-polling-10.0.1-6.el7ost.noarch.rpm python-ceilometer-10.0.1-6.el7ost.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-3830 https://access.redhat.com/security/updates/classification/#low 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBXIpX2NzjgjWX9erEAQgGog/+M7rUpzq67vZ+0WP9EBooybvrnlKHPxEQ 1Xqb7v5gWf6F5zUCuWhdP3ySNRAASVpqpEuW0uLKniA7Wyl00pZd3tYvBY+9uDni 0hnRZMHgQFipfBV9NYsrQEYq97KCnNscjx+0ToXhp+OXcDnARLTAx5K0XIiqYvWB Vyf5fTjLq1CjhJpIBWxnyc9V2LPE8cFZvFOSQfvRELIldjbOGIPTG/OUA9UEuGam 6Vd/tFfMsU8YYN49E1Jr+fezM2NT1rbxOu+TKgcGdyxlRUTdJ2WolZkaC5pBmDkx buaixokaYmhyAjsyhhurUKLCtLvfjLJakIBA651LLYTgziNJvC3/VNFXK94eKhFK vy+KXTVQzk9Mu97YyNLOMKoLiTbuC6TuVcf7AQTmigO7dyclc24Zx4eNuFfUl6At e2WO0FIq4xjPYPCCBI/8Bdi/EXf7aKlBlm6oOlzVXUOORcaI+UyqGgoFDHYjdqMz w6T1hQ9/zsI8+Tbt+e5eZJtP5ZjfKIYiIGbGf+bnk7XFsdyuwQ08cSKg+5pK7+qy RoMkDMss+nQNeBC3OvDB1fuRqP7N66qhc8i3KfJM5O91UhSpRQQuhlzNLtDboPSq lGKG7NP/HfmnxK1P/29gJU5djDzMAUfIa4dhbeICClNQ9UXsbhODVgso6kXX9Q6Z 8AwYM/tYfo0=a8KE -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Mar 14, 2019
•Low
Red Hat
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!