Alerts This Week
Warning Icon 1 537
Alerts This Week
Warning Icon 1 537

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -5 articles for you...
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorygentoosoftware update

Gentoo GLSA-200812-12 Normal: Honeyd Symlink Attack Risk

An insecure temporary file usage has been reported in Honeyd, possibly leading to symlink attacks.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200812-12 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Honeyd: Insecure temporary file creation Date: December 12, 2008 Bugs: #237481 ID: 200812-12 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= An insecure temporary file usage has been reported in Honeyd, possibly leading to symlink attacks. Background ========= Honeyd is a small daemon that creates virtual hosts on a network. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-analyzer/honeyd < 1.5c-r1 > = 1.5c-r1 Description ========== Dmitry E. Oboukhov reported an insecure temporary file usage within the "test.sh" script. Impact ===== A local attacker could perform symlink attacks and overwrite arbitrary files with the privileges of the user running the application. Workaround ========= There is no known workaround at this time. Resolution ========= All Honeyd users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =net-analyzer/honeyd-1.5c-r1" References ========= [ 1 ] CVE-2008-3928 https://www.cve.org/CVERecord?id=CVE-2008-3928 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200812-12 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuringthe confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org/. License ====== Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . Honeyd running on Gentoo is vulnerable to insecure temporary file generation, which may expose it to symlink hijacking. It is advisable to perform an upgrade.. Honeyd Security,Symlink Exploit,Gentoo Advisory,Temporary File Risk,Honeyd Update. . LinuxSecurity.com Team

Calendar 2 Dec 12, 2008 Gentoo
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydenial of servicecritical

Debian: DSA-1674-1 Critical: Jailer Insecure Temp File Issue

Javier Fernandez-Sanguino Pena discovered that updatejail, a component of the chroot maintenance tool Jailer, creates a predictable temporary file name, which may lead to local denial of service through a symlink attack.. - ------------------------------------------------------------------------Debian Security Advisory DSA-1674-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Moritz Muehlenhoff November 30, 2008 http://www.debian.org/security/faq - ------------------------------------------------------------------------Package : jailer Vulnerability : insecure temp file generation Debian-specific: no CVE Id(s) : CVE-2008-5139 Debian Bug : 410548 Javier Fernandez-Sanguino Pena discovered that updatejail, a component of the chroot maintenance tool Jailer, creates a predictable temporary file name, which may lead to local denial of service through a symlink attack. For the stable distribution (etch), this problem has been fixed in version 0.4-9+etch1. For the upcoming stable distribution (lenny) and the unstable distribution (sid), this problem has been fixed in version 0.4-10. We recommend that you upgrade your jailer package. Upgrade instructions - --------------------wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - -------------------------------Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: Size/MD5 checksum: 27372 403ad34e153f4dbc14621b2bca464487 Size/MD5 checksum: 27920a6bead6286022c54e73bfe1f51e5e5f3 Size/MD5 checksum: 599 2a59c032c5da19b3443c0bd5c573a6e6 Architecture independent packages: Size/MD5 checksum: 11688 8e042e660665df9b8657399ec3845cc8 These files will probably be moved into the stable distribution on its next update. - ---------------------------------------------------------------------------------For apt-get: deb https://www.debian.org/security/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Critical local DoS flaw in Jailer patched in Debian Security Advisory DSA-1674-2. Ensure you update immediately.. Jailer Insecure, Debian Update, Local Denial, Security Advisory, Temp File Issue. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Nov 30, 2008 Critical Debian
Banner 4 1028x280 1708121825 1771600306
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorymoderateFedora

Fedora Core 2: FEDORA-2004-506 Moderate: Samba Path Traversal Vulnerability

Fix to temp file vulnerability in /etc/psf/etc2ps. ---------------------------------------------------------------------Fedora Update Notification FEDORA-2004-505 2004-12-06 ---------------------------------------------------------------------Product : Fedora Core 2 Name : netatalk Version : 1.6.4 Release : 2.2 Summary : AppleTalk networking programs Description : This package enables Linux to talk to Macintosh computers via the AppleTalk networking protocol. It includes a daemon to allow Linux to act as a file server over EtherTalk or IP for Mac's. ---------------------------------------------------------------------Update Information: Fix to temp file vulnerability in /etc/psf/etc2ps ---------------------------------------------------------------------* Thu Nov 04 2004 Charles Bennett 2:1.6.4-2.2 - patch temp file vulnerability with etc2ps ---------------------------------------------------------------------This update can be downloaded from: 9bf44cda93788111fe8ed3cdcbf365fd SRPMS/netatalk-1.6.4-2.2.src.rpm 363604d8323bc9a2744ed16241001184 x86_64/netatalk-1.6.4-2.2.x86_64.rpm 9bfd83337a6ea52626a0c228fb42ae65 x86_64/netatalk-devel-1.6.4-2.2.x86_64.rpm e430821cf0c2b269c08526c34875f0d2 x86_64/debug/netatalk-debuginfo-1.6.4-2.2.x86_64.rpm 3f527935d802a3c9e48114f7ae5bd18f i386/netatalk-1.6.4-2.2.i386.rpm ad7a6a8482dace695a7d7ee83ac4092a i386/netatalk-devel-1.6.4-2.2.i386.rpm 1b9b53168ea47b4c319c443253f5e633 i386/debug/netatalk-debuginfo-1.6.4-2.2.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- --Charlie Bennett 10 Technology Park Drive OS Engineer Westford, MA Red Hat, Inc. Desk: +1 978 392-3147 (new!) This email address is being protected from spambots. You need JavaScript enabled to view it. Cell: +1 617 543-6513 This email address is being protected from spambots. You need JavaScript enabled to view it., This email address is being protected from spambots. You need JavaScript enabled to view it. AIM: ccb23fish .... unless of course the fish happens to be a bass. --fedora-announce-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . This patch resolves a temporary file vulnerability in netatalk for Fedora Core 2, improving both safety and performance.. Fedora Netatalk Update, Temp File Security Patch, AppleTalk Issues. . LinuxSecurity.com Team

Calendar 2 Dec 06, 2004 Fedora
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryRed Hattype threat

Red Hat: RHSA-2001:070-02 Critical: mktemp Directory Creation

The version of mktemp shipped with Red Hat Linux prior to version 7 does not support creating temporary directories.. ` --------------------------------------------------------------------- Red Hat, Inc. Red Hat Security Advisory Synopsis: Updated mktemp packages available Advisory ID: RHSA-2001:070-02 Issue date: 2001-05-15 Updated on: 2001-05-21 Product: Red Hat Linux Keywords: mktemp directory creation -d Cross references: Obsoletes: --------------------------------------------------------------------- 1. Topic: The version of mktemp shipped with Red Hat Linux prior to version 7 does not support creating temporary directories. 2. Relevant releases/architectures: Red Hat Linux 5.2 - alpha, i386, sparc Red Hat Linux 6.2 - alpha, i386, sparc 3. Problem description: Older versions of mktemp don't support the "-d" parameter to create temporary directories safely. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed ( for more info): 6. RPMs required: Red Hat Linux 5.2: SRPMS: alpha: i386: sparc: Red Hat Linux 6.2: SRPMS: alpha: i386: sparc: 7. Verification: MD5 sum Package Name -------------------------------------------------------------------------- 94ea90c56aa2c048913c1671f44a6cf5 5.2/en/os/SRPMS/mktemp-1.5-2.1.5x.src.rpm 07cc49b2258e6ce4f00bded444ee3d00 5.2/en/os/alpha/mktemp-1.5-2.1.5x.alpha.rpm 862bf906743dba738210d8e7644e2cd3 5.2/en/os/i386/mktemp-1.5-2.1.5x.i386.rpm b37d318692785b7d5120fd194c1f07b2 5.2/en/os/sparc/mktemp-1.5-2.1.5x.sparc.rpm 834ae7978e494618ae0efd9bf762dea9 6.2/en/os/SRPMS/mktemp-1.5-2.1.6x.src.rpm 85775d4f8a7a5443010018dfdfc5d69e 6.2/en/os/alpha/mktemp-1.5-2.1.6x.alpha.rpm e3e46dea469df08b98934713b7dfc129 6.2/en/os/i386/mktemp-1.5-2.1.6x.i386.rpm 8dcb3ffc8b48f9d50a4e4976f7f00f5b 6.2/en/os/sparc/mktemp-1.5-2.1.6x.sparc.rpm These packages are GPG signed by Red Hat, Inc. for security. Our key is available at: You can verify each package with the following command: rpm --checksig If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg 8. References: Copyright(c) 2000, 2001 Red Hat, Inc. `. Recent mktemp enhancements introduced for Red Hat Linux focus on bolstering the protection of temporary directories.. mktemp Update, Red Hat Linux Advisory, Directory Creation Fix. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 May 22, 2001 Critical Red Hat
Banner 4 1028x280 1708121825 1771600306
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here