Alerts This Week
Warning Icon 1 562
Alerts This Week
Warning Icon 1 562

Stay Secure with the Latest Linux Advisories

Ubuntu Large Esm H800
Ubuntu

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H800
Ubuntu

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Calendar White Jun 03, 2026
Critical
Oracle Large Esm H900
Oracle

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Calendar White Jun 03, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Calendar White Jun 02, 2026
moderate
Oracle Large Esm H800
Oracle

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Calendar White Jun 02, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Calendar White Jun 02, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -2 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedoramemory corruption

Fedora 42: webkitgtk 2025-40aeebe6d2 critical: memory corruption issues

Enable CSS Overscroll Behavior by default. Change threaded rendering implementation to use Skia API instead of WebCore display list that is not thread safe. Fix rendering when device scale factor change comes before the web view geometry update.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-40aeebe6d2 2025-05-17 02:01:28.575448+00:00 -------------------------------------------------------------------------------- Name : webkitgtk Product : Fedora 42 Version : 2.48.2 Release : 1.fc42 URL : https://www.webkitgtk.org/ Summary : GTK web content engine library Description : WebKitGTK is the port of the WebKit web rendering engine to the GTK platform. -------------------------------------------------------------------------------- Update Information: Enable CSS Overscroll Behavior by default. Change threaded rendering implementation to use Skia API instead of WebCore display list that is not thread safe. Fix rendering when device scale factor change comes before the web view geometry update. Fix network process crash on exit. Fix several crashes and rendering issues. Fix CVE-2025-24223, CVE-2025-31204, CVE-2025-31205, CVE-2025-31206, CVE-2025-31215, CVE-2025-31257 -------------------------------------------------------------------------------- ChangeLog: * Wed May 14 2025 Michael Catanzaro - 2.48.2-1 - Update to 2.48.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2366612 - CVE-2025-24223 webkitgtk: Processing maliciously crafted web content may lead to memory corruption [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2366612 [ 2 ] Bug #2366614 - CVE-2025-31204 webkitgtk: Processing maliciously crafted web content may lead to memory corruption [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2366614 [ 3 ] Bug #2366616 - CVE-2025-31205 webkitgtk: A malicious website mayexfiltrate data cross-origin [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2366616 [ 4 ] Bug #2366618 - CVE-2025-31206 webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2366618 [ 5 ] Bug #2366620 - CVE-2025-31215 webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2366620 [ 6 ] Bug #2366622 - CVE-2025-31257 webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2366622 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-40aeebe6d2' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: . Resolving issues related to memory corruption and unexpected crashes in webkitgtk for Fedora 42 is essential. An upgrade is strongly advised.. Fedora updates, WebKitGTK fixes, open source security, memoryissues. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 May 17, 2025 Critical Fedora
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorysoftware updatememory corruption

Mageia 9: Advisory 2024-0274 Critical: Thunderbird Memory Corruption

Memory corruption in WebGL API. (CVE-2024-6600) Race condition in permission assignment. (CVE-2024-6601) Memory corruption in thread creation. (CVE-2024-6603) Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13, and Thunderbird 115.13. (CVE-2024-6604) . MGASA-2024-0274 - Updated thunderbird packages fix security vulnerabilities Publication date: 21 Jul 2024 URL: https://advisories.mageia.org/MGASA-2024-0274.html Type: security Affected Mageia releases: 9 CVE: CVE-2024-6600, CVE-2024-6601, CVE-2024-6603, CVE-2024-6604 Memory corruption in WebGL API. (CVE-2024-6600) Race condition in permission assignment. (CVE-2024-6601) Memory corruption in thread creation. (CVE-2024-6603) Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13, and Thunderbird 115.13. (CVE-2024-6604) References: - https://bugs.mageia.org/show_bug.cgi?id=33406 - https://www.thunderbird.net/en-US/thunderbird/115.13.0esr/releasenotes/ - https://www.mozilla.org/en-US/security/advisories/mfsa2024-31/ - https://www.cve.org/CVERecord?id=CVE-2024-6600 - https://www.cve.org/CVERecord?id=CVE-2024-6601 - https://www.cve.org/CVERecord?id=CVE-2024-6603 - https://www.cve.org/CVERecord?id=CVE-2024-6604 SRPMS: - 9/core/thunderbird-115.13.0-1.mga9 - 9/core/thunderbird-l10n-115.13.0-1.mga9 . The latest Thunderbird updates address vulnerabilities in Mageia versions, fixing serious memory leaks and enhancing system performance.. Thunderbird Security,Mageia Updates,Memory Corruption Fix,Firefox ESR Security. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jul 21, 2024 Critical Mageia
Banner 4 1028x280 1708121825 1771600306
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorymemory corruptionrace condition

Mageia 2024-0269 Critical: NSS and Firefox Memory Corruption Issues

Memory corruption in WebGL API. (CVE-2024-6600) Race condition in permission assignment. (CVE-2024-6601) Memory corruption in NSS. (CVE-2024-6602) Memory corruption in thread creation. (CVE-2024-6603) Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13, and . MGASA-2024-0269 - Updated nss & firefox packages fix security vulnerabilities Publication date: 16 Jul 2024 URL: https://advisories.mageia.org/MGASA-2024-0269.html Type: security Affected Mageia releases: 9 CVE: CVE-2024-6600, CVE-2024-6601, CVE-2024-6602, CVE-2024-6603, CVE-2024-6604 Memory corruption in WebGL API. (CVE-2024-6600) Race condition in permission assignment. (CVE-2024-6601) Memory corruption in NSS. (CVE-2024-6602) Memory corruption in thread creation. (CVE-2024-6603) Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13, and Thunderbird 115.13. (CVE-2024-6604) References: - https://bugs.mageia.org/show_bug.cgi?id=33386 - https://www.firefox.com/en-US/firefox/115.13.0/releasenotes/?redirect_source=mozilla-org - https://www.mozilla.org/en-US/security/advisories/mfsa2024-30/ - https://firefox-source-docs.mozilla.org/security/nss/releases/nss_3_102.html - https://www.cve.org/CVERecord?id=CVE-2024-6600 - https://www.cve.org/CVERecord?id=CVE-2024-6601 - https://www.cve.org/CVERecord?id=CVE-2024-6602 - https://www.cve.org/CVERecord?id=CVE-2024-6603 - https://www.cve.org/CVERecord?id=CVE-2024-6604 SRPMS: - 9/core/nss-3.102.0-1.mga9 - 9/core/firefox-115.13.0-1.mga9 - 9/core/firefox-l10n-115.13.0-1.mga9 . Mageia 2024-0270 addresses vulnerabilities related to memory safety and additional security concerns in Firefox and NSS. Upgrade immediately for improved protection.. mageia security, firefox fixes, nss updates, memory safety, race condition. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jul 16, 2024 Critical Mageia
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryupdateFedora

Fedora 37: FEDORA-2023-4824704a61 Critical Security Fix For Rust

Security fix for CVE-2023-38497. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-4824704a61 2023-08-17 00:33:38.714903 -------------------------------------------------------------------------------- Name : rust Product : Fedora 37 Version : 1.71.1 Release : 1.fc37 URL : https://rust-lang.org/ Summary : The Rust Programming Language Description : Rust is a systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety. This package includes the Rust compiler and documentation generator. -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2023-38497 -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 7 2023 Josh Stone - 1.71.1-1 - Update to 1.71.1. - Security fix for CVE-2023-38497 * Tue Jul 25 2023 Josh Stone - 1.71.0-3 - Relax the suspicious_double_ref_op lint - Enable the profiler runtime for native hosts * Fri Jul 21 2023 Fedora Release Engineering - 1.71.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2228038 - CVE-2023-38497 rust-cargo: cargo does not respect the umask when extracting dependencies https://bugzilla.redhat.com/show_bug.cgi?id=2228038 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-4824704a61' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . An important patch for Rust in Fedora boosts thread safety and addresses CVE-2023-38497. Take action promptly!. Fedora Update,Rust Programming,Critical Security Fix. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Aug 17, 2023 Critical Fedora
Banner 4 1028x280 1708121825 1771600306
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorysecurity issuefedora

Fedora 36: FEDORA-2022-509887bd99 Critical: SuperTux Thread Safety Fix

Fix CVE-2022-30292. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-509887bd99 2022-05-14 01:48:30.603205 --------------------------------------------------------------------------------Name : supertux Product : Fedora 36 Version : 0.6.3 Release : 4.fc36 URL : https://www.supertux.org Summary : Jump'n run like game Description : SuperTux is a jump'n run like game, Run and jump through multiple worlds, fighting off enemies by jumping on them or bumping them from below. Grabbing power-ups and other stuff on the way. --------------------------------------------------------------------------------Update Information: Fix CVE-2022-30292 --------------------------------------------------------------------------------ChangeLog: * Thu May 5 2022 David King - 0.6.3-4 - Fix CVE-2022-30292 (#2082179) --------------------------------------------------------------------------------References: [ 1 ] Bug #2082179 - CVE-2022-30292 supertux: squirrel: thread_call in sqbaselib.cpp lacks a certain sq_reservestack call [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2082179 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-509887bd99' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct:https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . To fix CVE-2022-30292 in SuperTux on Fedora 36, update via terminal with `sudo dnf update`, then verify with `dnf info supertux` for enhanced security. Fedora SuperTux Security Update, Thread Safety Fix, Gaming Software Patch. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 May 13, 2022 Critical Fedora
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryRed Hat Enterprise Linuxsecurity issues

Red Hat Enterprise Linux 5: RHSA-2012:0305-03 Low: Boost Liberty Issues

Updated boost packages that fix two security issues and two bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System (CVSS) base scores,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Low: boost security and bug fix update Advisory ID: RHSA-2012:0305-03 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2012:0305.html Issue date: 2012-02-21 CVE Names: CVE-2008-0171 CVE-2008-0172 ==================================================================== 1. Summary: Updated boost packages that fix two security issues and two bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 3. Description: The boost packages provide free, peer-reviewed, portable C++ source libraries with emphasis on libraries which work well with the C++ Standard Library. Invalid pointer dereference flaws were found in the way the Boost regular expression library processed certain, invalid expressions. An attacker able to make an application using the Boost library process a specially-crafted regular expression could cause that application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2008-0171) NULL pointer dereference flaws were found in the way the Boostregular expression library processed certain, invalid expressions. An attacker able to make an application using the Boost library process a specially-crafted regular expression could cause that application to crash. (CVE-2008-0172) Red Hat would like to thank Will Drewry for reporting these issues. This update also fixes the following bugs: * Prior to this update, the construction of a regular expression object could fail when several regular expression objects were created simultaneously, such as in a multi-threaded program. With this update, the object variables have been moved from the shared memory to the stack. Now, the constructing function is thread safe. (BZ#472384) * Prior to this update, header files in several Boost libraries contained preprocessor directives that the GNU Compiler Collection (GCC) 4.4 could not handle. This update instead uses equivalent constructs that are standard C. (BZ#567722) All users of boost are advised to upgrade to these updated packages, which fix these issues. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 428316 - CVE-2008-0171 boost regular expression memory corruption flaws 428320 - CVE-2008-0172 boost regular expression NULL dereference flaw 472384 - Thread-safety bug in Boost.Regex-1.33.x 567722 - g++4.4 incompatible with numeric/ublas/matrix_sparse.hpp 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: i386: boost-1.33.1-15.el5.i386.rpm boost-debuginfo-1.33.1-15.el5.i386.rpm boost-doc-1.33.1-15.el5.i386.rpm x86_64: boost-1.33.1-15.el5.i386.rpm boost-1.33.1-15.el5.x86_64.rpm boost-debuginfo-1.33.1-15.el5.i386.rpm boost-debuginfo-1.33.1-15.el5.x86_64.rpm boost-doc-1.33.1-15.el5.x86_64.rpm RHEL Desktop Workstation (v. 5client): Source: i386: boost-debuginfo-1.33.1-15.el5.i386.rpm boost-devel-1.33.1-15.el5.i386.rpm x86_64: boost-debuginfo-1.33.1-15.el5.i386.rpm boost-debuginfo-1.33.1-15.el5.x86_64.rpm boost-devel-1.33.1-15.el5.i386.rpm boost-devel-1.33.1-15.el5.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: i386: boost-1.33.1-15.el5.i386.rpm boost-debuginfo-1.33.1-15.el5.i386.rpm boost-devel-1.33.1-15.el5.i386.rpm boost-doc-1.33.1-15.el5.i386.rpm ia64: boost-1.33.1-15.el5.ia64.rpm boost-debuginfo-1.33.1-15.el5.ia64.rpm boost-devel-1.33.1-15.el5.ia64.rpm boost-doc-1.33.1-15.el5.ia64.rpm ppc: boost-1.33.1-15.el5.ppc.rpm boost-1.33.1-15.el5.ppc64.rpm boost-debuginfo-1.33.1-15.el5.ppc.rpm boost-debuginfo-1.33.1-15.el5.ppc64.rpm boost-devel-1.33.1-15.el5.ppc.rpm boost-devel-1.33.1-15.el5.ppc64.rpm boost-doc-1.33.1-15.el5.ppc.rpm s390x: boost-1.33.1-15.el5.s390.rpm boost-1.33.1-15.el5.s390x.rpm boost-debuginfo-1.33.1-15.el5.s390.rpm boost-debuginfo-1.33.1-15.el5.s390x.rpm boost-devel-1.33.1-15.el5.s390.rpm boost-devel-1.33.1-15.el5.s390x.rpm boost-doc-1.33.1-15.el5.s390x.rpm x86_64: boost-1.33.1-15.el5.i386.rpm boost-1.33.1-15.el5.x86_64.rpm boost-debuginfo-1.33.1-15.el5.i386.rpm boost-debuginfo-1.33.1-15.el5.x86_64.rpm boost-devel-1.33.1-15.el5.i386.rpm boost-devel-1.33.1-15.el5.x86_64.rpm boost-doc-1.33.1-15.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://access.redhat.com/security/cve/CVE-2008-0171 https://access.redhat.com/security/cve/CVE-2008-0172 https://access.redhat.com/security/updates/classification#low 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFPQyRkXlSAg2UNWIIRAroBAKCGEZXW23BE8E+qdfRmVpWrNWAzSwCfeKtZ /sGenut9thSZYPwT80Z7El8=bh8D -----END PGPSIGNATURE----- -- Enterprise-watch-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Revised boost libraries address vulnerabilities and defects for Red Hat Enterprise Linux 5, classified with minimal impact severity.. Red Hat Enterprise Linux, Boost Library Update, Security Issues, Bug Fixes, Low Security Update. . Severity: Low. LinuxSecurity.com Team

Calendar 2 Feb 21, 2012 Low Red Hat
Banner 4 1028x280 1708121825 1771600306
200
Ls Advisories Scientific Esm H240
Price Tag 1security advisorylow severityopenafs

Scientific Linux SL 40-45: Low Severity OpenAFS Security Advisory

Low: openafs security update. Date: Tue, 18 Mar 2008 14:36:50 -0500 Reply-To: Troy Dawson Sender: Security Errata for Scientific Linux From: Troy Dawson Subject: Security ERRATA for openafs on SL41-45 i386/x86_64 Comments: To: "This email address is being protected from spambots. You need JavaScript enabled to view it." Synopsis: Low: openafs security update Issue date: 21-Dec-2007 CVE Names: OpenAFS Security Advisory 2007-003 In pthread-aware fileservers, the "host_glock" pthread lock, accessed via the H_LOCK and H_UNLOCK macros, is used to provide safe access to host structures. This lock is required to be held when updating information pertaining to a host. The RPC handler for the GiveUpAllCallBacks RPC did not hold this lock while performing its work. This errata is already in SL 4.6. So it only applies to SL 40-45 SL 4.x SRPMS: openafs.SLx-1.4.6-58.src.rpm i386: openafs-1.4.6-58.SL4.i386.rpm openafs-authlibs-1.4.6-58.SL4.i386.rpm openafs-authlibs-devel-1.4.6-58.SL4.i386.rpm openafs-client-1.4.6-58.SL4.i386.rpm openafs-compat-1.4.6-58.SL4.i386.rpm openafs-debug-1.4.6-58.SL4.i386.rpm openafs-devel-1.4.6-58.SL4.i386.rpm openafs-kernel-source-1.4.6-58.SL4.i386.rpm openafs-kpasswd-1.4.6-58.SL4.i386.rpm openafs-krb5-1.4.6-58.SL4.i386.rpm openafs-server-1.4.6-58.SL4.i386.rpm x86_64: openafs-1.4.6-58.SL4.x86_64.rpm openafs-authlibs-1.4.6-58.SL4.x86_64.rpm openafs-authlibs-devel-1.4.6-58.SL4.x86_64.rpm openafs-client-1.4.6-58.SL4.x86_64.rpm openafs-compat-1.4.6-58.SL4.x86_64.rpm openafs-debug-1.4.6-58.SL4.x86_64.rpm openafs-devel-1.4.6-58.SL4.x86_64.rpm openafs-kernel-source-1.4.6-58.SL4.x86_64.rpm openafs-kpasswd-1.4.6-58.SL4.x86_64.rpm openafs-krb5-1.4.6-58.SL4.x86_64.rpm openafs-server-1.4.6-58.SL4.x86_64.rpm -Connie Sieh -Troy Dawson . The latest OpenAFS release tackles minor security vulnerabilities; essential for Scientific Linux users. Remain updated on security fixes.. openafs update, Scientific Linux security, Linux errata, OpenAFS security advisory. . Severity: Low. LinuxSecurity.com Team

Calendar 2 Mar 18, 2008 Low Scientific Linux
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here