Alerts This Week
Warning Icon 1 537
Alerts This Week
Warning Icon 1 537

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -4 articles for you...
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorymoderatesecurity issue

openSUSE: 2023:3090-1 Moderate: Guava Temp Directory Issues

This update for guava fixes the following issues: Upgrade to guava 32.0.1:. # Security update for guava Announcement ID: SUSE-SU-2023:3090-1 Rating: moderate References: * #1179926 * #1212401 Cross-References: * CVE-2020-8908 * CVE-2023-2976 CVSS scores: * CVE-2020-8908 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2020-8908 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2023-2976 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-2976 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * Development Tools Module 15-SP4 * Development Tools Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP3 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves two vulnerabilities can now be installed. ## Description: This update for guava fixes the following issues: Upgrade to guava 32.0.1: * CVE-2020-8908: Fixed predictable temporary files and directories used in FileBackedOutputStream (bsc#1179926). * CVE-2023-2976: Fixed a temp directory creation vulnerability (bsc#1212401). ## Patch Instructions: To install this SUSE Moderate update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch openSUSE-SLE-15.4-2023-3090=1 * openSUSE Leap15.5 zypper in -t patch openSUSE-SLE-15.5-2023-3090=1 * Development Tools Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2023-3090=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2023-3090=1 * SUSE Linux Enterprise Real Time 15 SP3 zypper in -t patch SUSE-SLE-Product-RT-15-SP3-2023-3090=1 ## Package List: * openSUSE Leap 15.4 (noarch) * guava-javadoc-32.0.1-150200.3.7.1 * guava-testlib-32.0.1-150200.3.7.1 * guava-32.0.1-150200.3.7.1 * openSUSE Leap 15.5 (noarch) * guava-javadoc-32.0.1-150200.3.7.1 * guava-testlib-32.0.1-150200.3.7.1 * guava-32.0.1-150200.3.7.1 * Development Tools Module 15-SP4 (noarch) * guava-32.0.1-150200.3.7.1 * Development Tools Module 15-SP5 (noarch) * guava-32.0.1-150200.3.7.1 * SUSE Linux Enterprise Real Time 15 SP3 (noarch) * guava-32.0.1-150200.3.7.1 ## References: * https://www.suse.com/security/cve/CVE-2020-8908.html * https://www.suse.com/security/cve/CVE-2023-2976.html * https://bugzilla.suse.com/show_bug.cgi?id=1179926 * https://bugzilla.suse.com/show_bug.cgi?id=1212401 . A recent guava update addresses two critical concerns, specifically the management of temporary files and a potential security risk. Please proceed with the installation.. guava update, SUSE security, moderate advisory, Linux patch, security fixes. . LinuxSecurity.com Team

Calendar 2 Aug 01, 2023 OpenSUSE
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorysecurity issuecritical

Mageia 7: MGASA-2021-0021 Critical: Guava Temp Directory Risk

A temp directory creation vulnerability exist in Guava versions prior to 30.0 allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava com.google.common.io.Files.createTempDir(). The permissions granted to the directory created default to the standard unix-like /tmp ones, leaving the . MGASA-2021-0021 - Updated guava packages fix security vulnerability Publication date: 10 Jan 2021 URL: https://advisories.mageia.org/MGASA-2021-0021.html Type: security Affected Mageia releases: 7 CVE: CVE-2020-8908 A temp directory creation vulnerability exist in Guava versions prior to 30.0 allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava com.google.common.io.Files.createTempDir(). The permissions granted to the directory created default to the standard unix-like /tmp ones, leaving the files open (CVE-2020-8908). References: - https://bugs.mageia.org/show_bug.cgi?id=27965 - https://bugzilla.redhat.com/show_bug.cgi?id=1906919 - https://www.cve.org/CVERecord?id=CVE-2020-8908 SRPMS: - 7/core/guava-25.0-2.1.mga7 . An issue in Guava exposes temporary directories. Information on remediation and impacted versions is included.. Guava Update, Mageia Security Advisory, Temp Directory Risk. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jan 10, 2021 Critical Mageia
Banner 4 1028x280 1708121825 1771600306
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorymoderatelocal access

SUSE: 2018:3487-1 Moderate: kdelibs3 Local Access Issue

An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for kdelibs3 ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3487-1 Rating: moderate References: #958347 Cross-References: CVE-2015-7543 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for kdelibs3 fixes the following issues: - CVE-2015-7543: Insecure creation of temporary directories allowed local users to hijack the IPC by pre-creating the temporary directory (bsc#958347). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-kdelibs3-13846=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-kdelibs3-13846=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-kdelibs3-13846=1 Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): kdelibs3-arts-3.5.10-23.30.5.1 kdelibs3-devel-3.5.10-23.30.5.1 kdelibs3-doc-3.5.10-23.30.5.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (ppc64 s390x x86_64): kdelibs3-arts-32bit-3.5.10-23.30.5.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (x86_64): kdelibs3-32bit-3.5.10-23.30.5.1 kdelibs3-default-style-32bit-3.5.10-23.30.5.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (ia64): kdelibs3-arts-x86-3.5.10-23.30.5.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): kdelibs3-3.5.10-23.30.5.1 kdelibs3-default-style-3.5.10-23.30.5.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): kdelibs3-32bit-3.5.10-23.30.5.1 kdelibs3-default-style-32bit-3.5.10-23.30.5.1 - SUSE Linux Enterprise Server 11-SP4 (ia64): kdelibs3-default-style-x86-3.5.10-23.30.5.1 kdelibs3-x86-3.5.10-23.30.5.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): kdelibs3-debuginfo-3.5.10-23.30.5.1 kdelibs3-debugsource-3.5.10-23.30.5.1 References: https://www.suse.com/security/cve/CVE-2015-7543.html https://bugzilla.suse.com/958347 _______________________________________________ sle-security-updates mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. http://lists.suse.com/mailman/listinfo/sle-security-updates . Important patch for kdelibs3 resolves a temporary folder exploitation vulnerability in SUSE. Secure your system immediately!. SUSE Security, kdelibs3 Update, Temporary Directory Fix, Local User Threat. . LinuxSecurity.com Team

Calendar 2 Oct 26, 2018 SuSE
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedoracritical fix

Fedora 8 R: 2.7.2 Critical: javareconf Temp Directory Issue

Update to R 2.7.2, also fixes security issue with unsafe temp directory handling in javareconf script.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2008-7619 2008-09-05 10:56:15 -------------------------------------------------------------------------------- Name : R Product : Fedora 8 Version : 2.7.2 Release : 1.fc8 URL : https://www.r-project.org/ Summary : A language for data analysis and graphics Description : A language and environment for statistical computing and graphics. R is similar to the award-winning S system, which was developed at Bell Laboratories by John Chambers et al. It provides a wide variety of statistical and graphical techniques (linear and nonlinear modelling, statistical tests, time series analysis, classification, clustering, ...). R is designed as a true computer language with control-flow constructions for iteration and alternation, and it allows users to add additional functionality by defining new functions. For computationally intensive tasks, C, C++ and Fortran code can be linked and called at run time. -------------------------------------------------------------------------------- Update Information: Update to R 2.7.2, also fixes security issue with unsafe temp directory handling in javareconf script. -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 29 2008 Tom "spot" Callaway 2.7.2-1 - update to 2.7.2 - fix spec for alpha compile (bz 458931) - fix security issue in javareconf script (bz 460658) * Mon Jul 7 2008 Tom "spot" Callaway 2.7.1-1 - update to 2.7.1 * Wed May 28 2008 Tom "spot" Callaway 2.7.0-5 - add cairo-devel to BR/R, so that cairo backend gets built * Wed May 21 2008 Tom "spot" Callaway 2.7.0-4 - fixup sed invocation added in -3 - make -devel package depend on base R = version-release - fix bad paths in package html files * Wed May 21 2008 Tom "spot" Callaway 2.7.0-3 - fix poorly constructedfile paths in html/packages.html (bz 442727) * Tue May 13 2008 Tom "spot" Callaway 2.7.0-2 - add patch from Martyn Plummer to avoid possible bad path hardcoding in /usr/bin/Rscript - properly handle ia64 case (bz 446181) * Mon Apr 28 2008 Tom "spot" Callaway 2.7.0-1 - update to 2.70 - rcompgen is no longer a standalone package - redirect javareconf to /dev/null (bz 442366) * Fri Feb 8 2008 Tom "spot" Callaway 2.6.2-1 - properly version the items in the VR bundle - 2.6.2 - don't use setarch for java setup - fix R post script file * Thu Jan 31 2008 Tom "spot" Callaway 2.6.1-4 - multilib handling (thanks Martyn Plummer) - Update indices in the right place. * Mon Jan 7 2008 Tom "spot" Callaway 2.6.1-3 - move INSTALL back into R main package, as it is useful without the other -devel bits (e.g. installing noarch package from CRAN) * Tue Dec 11 2007 Tom "spot" Callaway 2.6.1-2 - based on changes from Martyn Plummer - use configure options rdocdir, rincludedir, rsharedir - use DESTDIR at installation - remove obsolete generation of packages.html - move header files and INSTALL R-devel package * Mon Nov 26 2007 Tom "spot" Callaway 2.6.1-1 - bump to 2.6.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #460658 - R: Insecure auxiliary /tmp file usage (symlink attack possible) https://bugzilla.redhat.com/show_bug.cgi?id=460658 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update R' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ Fedora-package-announce mailinglist This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Fedora 8 R 2.7.2 patch resolves insecure temp folder vulnerability in javareconf script. Important security update included.. Fedora 8 R Update, Critical Fix, R Environment. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 10, 2008 Critical Fedora
Banner 4 1028x280 1708121825 1771600306
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorymoderatesecurity issue

Fedora 8: 2008-7619 Moderate: Unsafe Temp Directory Handling Fix

Update to R 2.7.2, also fixes security issue with unsafe temp directory handling in javareconf script.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2008-7619 2008-09-05 10:56:15 -------------------------------------------------------------------------------- Name : rpy Product : Fedora 8 Version : 1.0.3 Release : 3.fc8 URL : https://sourceforge.net/projects/rpy/ Summary : Python interface to the R language Description : RPy provides a robust Python interface to the R programming language. It can manage all kinds of R objects and can execute arbitrary R functions. All the errors from the R language are converted to Python exceptions. -------------------------------------------------------------------------------- Update Information: Update to R 2.7.2, also fixes security issue with unsafe temp directory handling in javareconf script. -------------------------------------------------------------------------------- ChangeLog: * Fri Aug 29 2008 Tom "spot" Callaway - 1.0.3-3 - rebuild against R-2.7.2 * Tue Jul 8 2008 Tom "spot" Callaway - 1.0.3-2 - rebuild against R 2.7.1 * Wed May 21 2008 José Matos - 1.0.3-1 - Update to 1.0.3 - Backport two patches from upstream (turn off debug and use the lapack version that R was compiled with) * Tue Apr 29 2008 Tom "spot" Callaway - 1.0.2-1 - update to 1.0.2 - R 2.7.0 * Wed Feb 13 2008 José Matos - 1.0.1-5 - BR texinfo -> texinfo-tex * Wed Feb 13 2008 José Matos - 1.0.1-4 - Rebuild for gcc 4.3 * Fri Feb 8 2008 Tom "spot" Callaway - 1.0.1-3 - rebuild for R 2.6.2 * Mon Feb 4 2008 José Matos - 1.0.1-2 - Sometimes _patch_'s guesses are not good enough. Redo patch to setup.py. * Sun Feb 3 2008 José Matos - 1.0.1-1 - New upstream release. * Mon Jan 7 2008 Tom "spot" Callaway - 1.0-0.7.RC3 - find the moved R headers in their new home (/usr/include/R) * Mon Jan 7 2008 Alex Lancaster - 1.0-0.6.RC3 - BuildRequires: R-devel rather than just R * MonNov 26 2007 Tom "spot" Callaway - 1.0-0.5.RC3 - really rebuild against R 2.6.1 - versioned buildrequires for R * Mon Nov 26 2007 Tom "spot" Callaway - 1.0-0.4.RC3 - rebuild against R 2.6.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #460658 - R: Insecure auxiliary /tmp file usage (symlink attack possible) https://bugzilla.redhat.com/show_bug.cgi?id=460658 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update rpy' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ Fedora-package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . R 2.7.2 update addresses a security vulnerability related to improper management of temporary directories in the javareconf script.. Fedora Update,rpy Update,Security Fix,Java Handling. . LinuxSecurity.com Team

Calendar 2 Sep 10, 2008 Fedora
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here