Alerts This Week
Warning Icon 1 619
Alerts This Week
Warning Icon 1 619

Stay Secure with the Latest Linux Advisories

Opensuse Large Esm H800
openSUSE

openSUSE Chromedriver Moderate Security Issues Fixed 2026-10958-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed libmozjs Moderate Update CVE-2025-70103

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Perl HTML Parser Moderate CVE-2026-8829 Advisory

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H800
openSUSE

openSUSE Tumbleweed kernel-devel Moderate Security Issue 2026-10954-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Gleam Moderate Threat Fixed 2026-10953-1

Calendar White Jun 08, 2026
moderate
Ubuntu Large Esm H900
Ubuntu

Ubuntu 25.10 Systemd Critical Arbitrary Code Exec DNS Issues USN-8402-1

Calendar White Jun 08, 2026
Critical
Opensuse Large Esm H800
openSUSE

openSUSE Epiphany Important Password Handling Issue CVE-2023-26081

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS 8399-1 Pillow Denial of Service Risk CVE-2026-42308

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS Poppler Critical DoS Code Execution Vuln USN-8400-1

Calendar White Jun 08, 2026
Critical
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -6 articles for you...
100
Ls Advisories Suse Esm H240
Price Tag 1security advisoryimportantsnakeyaml

SUSE: 2024:2568-1 Important: Fixes for Zip Slip Threat in TestNG

* bsc#1205628 Cross-References: * CVE-2022-4065 . # Security update for mockito, snakeyaml, testng Announcement ID: SUSE-SU-2024:2568-1 Rating: important References: * bsc#1205628 Cross-References: * CVE-2022-4065 CVSS scores: * CVE-2022-4065 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2022-4065 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2022-4065 ( NVD ): 5.5 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L Affected Products: * Development Tools Module 15-SP5 * Development Tools Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 Module 4.3 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for mockito, snakeyaml, testng fixes the following issues: mockito was updated to version 5.11.0: * Added bundle manifest to the mockito-core artifact * Mockito 5 is making core changes to ensure compatibility with future JDK versions. * Switch the Default MockMaker to mockito-inline (not applicable to mockito- android) * Mockito 2.7.6 introduced the mockito-inline mockmaker based on the "inline bytecode" principle, offering compatibility advantages over the subclass mockmaker * This change avoids JDK restrictions, such as violating module boundaries and leaking subclass creation * Legitimate use cases for the subclass mockmaker: * Scenarios where the inline mockmaker does not function, such as on Graal VM's native image * If avoiding mocking final classes, the subclass mockmaker remains a viable option, although issues may arise on JDK 17+ * Mockito aims to support both mockmakers, allowing users to choose based on their requirements. * Update the Minimum Supported Java Version to 11 * Mockito 5 raised the minimum supported Java version to 11 * Community member @reta contributed to this change. * Users still on JDK 8 can continue using Mockito 4, with minimal API differences between versions * New type() Method on ArgumentMatcher * The ArgumentMatcher interface now includes a new type() method to support varargs methods, addressing previous limitations * Users can now differentiate between matching calls with any exact number of arguments or match any number of arguments * Mockito 5 provides a default implementation of the new method, ensuring backward compatibility. * No obligation for users to implement the new method; Mockito 5 considers Void.type by default for varargs handling * ArgumentCaptor is now fullytype-aware, enabling capturing specific subclasses on a generic method. * byte-buddy does not bundle asm, but uses objectweb-asm as external library snake-yaml was updated to version 2.2: * Changes of version 2.2: * Define default scalar style as PLAIN (for polyglot Maven) * Add missing 'exports org.yaml.snakeyaml.inspector' to module-info.java * Changes of version 2.1: * Heavy Allocation in Emitter.analyzeScalar(String) due to Regex Overhead * Use identity in toString() for sequences to avoid OutOfMemoryError * NumberFormatException from SnakeYAML due to int overflow for corrupt YAML version * Document size limit should be applied to single document notthe whole input stream * Detect invalid Unicode code point (thanks to Tatu Saloranta) * Remove Trusted*Inspector classes from main sources tree * Changes of version 2.0: * Rollback to Java 7 target * Add module-info.java * Migrate to Java 8 * Remove many deprecated constructors * Remove long deprecated methods in FlowStyle * Do not allow global tags by default * Yaml.LoadAs() signature to support Class

Calendar 2 Jul 22, 2024 Important SuSE
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryhigh severityfedora

Fedora 40, FEDORA-2024-129d8ca6fc High: TestNG Type Confusion Issue

Change for system JDK from 17 to 21. upstream security release 122.0.6261.94 High CVE-2024-1938: Type Confusion in V8 High CVE-2024-1939: Type Confusion in V8 fixed bug with requires. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-129d8ca6fc 2024-03-07 22:24:39.963937 -------------------------------------------------------------------------------- Name : testng Product : Fedora 40 Version : 7.8.0 Release : 5.fc40 URL : Summary : Java-based testing framework Description : TestNG is a testing framework inspired from JUnit and NUnit but introducing some new functionality, including flexible test configuration, and distributed test running. It is designed to cover unit tests as well as functional, end-to-end, integration, etc. -------------------------------------------------------------------------------- Update Information: Change for system JDK from 17 to 21. upstream security release 122.0.6261.94 High CVE-2024-1938: Type Confusion in V8 High CVE-2024-1939: Type Confusion in V8 fixed bug with requires Automatic update for lucene-9.9.2-1.fc40. bump java source/target to 1.8, fixes 2266639 -------------------------------------------------------------------------------- ChangeLog: * Sat Mar 2 2024 Jiri Vanek - 7.8.0-5 - Rebuilt for java-21-openjdk as system jdk * Fri Mar 1 2024 Jiri Vanek - 7.8.0-4 - bump of release for for java-21-openjdk as system jdk -------------------------------------------------------------------------------- References: [ 1 ] Bug #2123726 - consoleImageViewer crashes at start https://bugzilla.redhat.com/show_bug.cgi?id=2123726 [ 2 ] Bug #2261062 - directory-maven-plugin: FTBFS in Fedora rawhide/f40 https://bugzilla.redhat.com/show_bug.cgi?id=2261062 [ 3 ] Bug #2266639 - directory-maven-plugin fails to build with java-21-openjdk https://bugzilla.redhat.com/show_bug.cgi?id=2266639 [ 4 ] Bug #2266934 -CVE-2024-1938 chromium: type confusion [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2266934 [ 5 ] Bug #2266937 - CVE-2024-1939 chromium: type confusion [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2266937 [ 6 ] Bug #2267486 - Include Java 21 as system Java Change in Fedora 40 Beta https://bugzilla.redhat.com/show_bug.cgi?id=2267486 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-129d8ca6fc' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . The latest Fedora update for TestNG addresses significant vulnerabilities related to type confusion in V8, alongside modifications to the JDK.. Fedora 40 update, testng security fix, type confusion, system JDK change, high severity security. . LinuxSecurity.com Team

Calendar 2 Mar 07, 2024 Fedora
Banner 3 1028x280 1708121785 1771599793
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorymoderatepath traversal

Mageia 8 MGASA-2023-0220 Moderate: TestNG Path Traversal Risk

Path traversal in zip files (CVE-2022-4065) References: - https://bugs.mageia.org/show_bug.cgi?id=31741 - https://lists.suse.com/pipermail/sle-security-updates/2023-March/014264.html . MGASA-2023-0220 - Updated testng packages fix security vulnerability Publication date: 07 Jul 2023 URL: https://advisories.mageia.org/MGASA-2023-0220.html Type: security Affected Mageia releases: 8 CVE: CVE-2022-4065 Path traversal in zip files (CVE-2022-4065) References: - https://bugs.mageia.org/show_bug.cgi?id=31741 - https://lists.suse.com/pipermail/sle-security-updates/2023-March/014264.html - https://www.cve.org/CVERecord?id=CVE-2022-4065 SRPMS: - 8/core/testng-6.14.3-4.1.mga8 . Mageia security patch MGASA-2023-0220 resolves directory traversal vulnerabilities in zip archives, safeguarding system stability.. Mageia Update, TestNG Security, Path Traversal, Security Patch, Software Fix. . LinuxSecurity.com Team

Calendar 2 Jul 07, 2023 Mageia
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here