Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 524
Alerts This Week
Warning Icon 1 524

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 92 articles for you...
219

Rocky Linux 8: RLSA-2025:0281 important: thunderbird memory safety

Important: thunderbird security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2025:0281", "synopsis": "Important: thunderbird security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for thunderbird.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nSecurity Fix(es):\n\n* firefox: thunderbird: Memory safety bugs fixed in Firefox 134, Thunderbird 134, Firefox ESR 128.6, and Thunderbird 128.6 (CVE-2025-0243)\n\n* firefox: thunderbird: Memory safety bugs fixed in Firefox 134, Thunderbird 134, Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird 115.19, and Thunderbird 128.6 (CVE-2025-0242)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 8"], "fixes": [{"ticket": "2336175", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2336175", "description": ""}, {"ticket": "2336181", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2336181", "description": ""}], "cves": [{"name": "CVE-2025-0242", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2025-0242", "cvss3ScoringVector": "UNKNOWN", "cvss3BaseScore": "UNKNOWN", "cwe": "UNKNOWN"}, {"name": "CVE-2025-0243", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2025-0243", "cvss3ScoringVector": "UNKNOWN", "cvss3BaseScore": "UNKNOWN", "cwe": "UNKNOWN"}], "references": [], "publishedAt": "2025-01-17T16:13:58.660055Z", "rpms": {"Rocky Linux 8": {"nvras": ["thunderbird-0:128.6.0-3.el8_10.aarch64.rpm", "thunderbird-0:128.6.0-3.el8_10.src.rpm", "thunderbird-0:128.6.0-3.el8_10.x86_64.rpm","thunderbird-debuginfo-0:128.6.0-3.el8_10.aarch64.rpm", "thunderbird-debuginfo-0:128.6.0-3.el8_10.x86_64.rpm", "thunderbird-debugsource-0:128.6.0-3.el8_10.aarch64.rpm", "thunderbird-debugsource-0:128.6.0-3.el8_10.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Rocky Linux delivers an essential update for Firefox that tackles vulnerabilities related to memory handling to bolster system protection.. Rocky Linux Thunderbird Update, Security Fixes, Memory Safety Bugs, Software Update. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jan 17, 2025 Important Rocky Linux
219

Rocky Linux 8 RLSA-2024:10591 important: thunderbird security update

Important: thunderbird security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2024:10591", "synopsis": "Important: thunderbird security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for thunderbird.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nSecurity Fix(es):\n\n* thunderbird: Potential disclosure of plaintext in OpenPGP encrypted message (CVE-2024-11159)\n\n* firefox: thunderbird: CSP Bypass and XSS Exposure via Web Compatibility Shims (CVE-2024-11694)\n\n* firefox: thunderbird: Unhandled Exception in Add-on Signature Verification (CVE-2024-11696)\n\n* firefox: thunderbird: Select list elements could be shown over another site (CVE-2024-11692)\n\n* firefox: thunderbird: Memory safety bugs fixed in Firefox 133, Thunderbird 133, Firefox ESR 128.5, and Thunderbird 128.5 (CVE-2024-11699)\n\n* firefox: thunderbird: URL Bar Spoofing via Manipulated Punycode and Whitespace Characters (CVE-2024-11695)\n\n* firefox: thunderbird: Improper Keypress Handling in Executable File Confirmation Dialog (CVE-2024-11697)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 8"], "fixes": [{"ticket": "2325896", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2325896", "description": ""}, {"ticket": "2328941", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2328941", "description": ""}, {"ticket": "2328943", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2328943", "description": ""}, {"ticket": "2328946", "sourceBy": "Red Hat", "sourceLink":"https://bugzilla.redhat.com/show_bug.cgi?id=2328946", "description": ""}, {"ticket": "2328947", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2328947", "description": ""}, {"ticket": "2328948", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2328948", "description": ""}, {"ticket": "2328950", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2328950", "description": ""}], "cves": [{"name": "CVE-2024-11159", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2024-11159", "cvss3ScoringVector": "UNKNOWN", "cvss3BaseScore": "UNKNOWN", "cwe": "UNKNOWN"}, {"name": "CVE-2024-11692", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2024-11692", "cvss3ScoringVector": "UNKNOWN", "cvss3BaseScore": "UNKNOWN", "cwe": "UNKNOWN"}, {"name": "CVE-2024-11694", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2024-11694", "cvss3ScoringVector": "UNKNOWN", "cvss3BaseScore": "UNKNOWN", "cwe": "UNKNOWN"}, {"name": "CVE-2024-11695", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2024-11695", "cvss3ScoringVector": "UNKNOWN", "cvss3BaseScore": "UNKNOWN", "cwe": "UNKNOWN"}, {"name": "CVE-2024-11696", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2024-11696", "cvss3ScoringVector": "UNKNOWN", "cvss3BaseScore": "UNKNOWN", "cwe": "UNKNOWN"}, {"name": "CVE-2024-11697", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2024-11697", "cvss3ScoringVector": "UNKNOWN", "cvss3BaseScore": "UNKNOWN", "cwe": "UNKNOWN"}, {"name": "CVE-2024-11699", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2024-11699", "cvss3ScoringVector": "UNKNOWN", "cvss3BaseScore": "UNKNOWN", "cwe": "UNKNOWN"}], "references": [], "publishedAt": "2024-12-19T04:18:05.672002Z", "rpms": {"Rocky Linux 8": {"nvras": ["thunderbird-0:128.5.0-1.el8_10.aarch64.rpm", "thunderbird-0:128.5.0-1.el8_10.src.rpm","thunderbird-0:128.5.0-1.el8_10.x86_64.rpm", "thunderbird-debuginfo-0:128.5.0-1.el8_10.aarch64.rpm", "thunderbird-debuginfo-0:128.5.0-1.el8_10.x86_64.rpm", "thunderbird-debugsource-0:128.5.0-1.el8_10.aarch64.rpm", "thunderbird-debugsource-0:128.5.0-1.el8_10.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Boosting protection for Thunderbird on Rocky Linux 8; crucial upgrades are currently available for improved danger defense.. Thunderbird Security Update, Rocky Linux Thunderbird Fix, Mail Client Security, Important Security Advisory, Thunderbird Vulnerabilities. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Dec 19, 2024 Important Rocky Linux
217

Oracle Linux 8 ELSA-2024-10591: Critical Thunderbird Security Update

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-10591 http://linux.oracle.com/errata/ELSA-2024-10591.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: thunderbird-128.5.0-1.0.1.el8_10.x86_64.rpm aarch64: thunderbird-128.5.0-1.0.1.el8_10.aarch64.rpm SRPMS: https://oss.oracle.com:443/ol8/SRPMS-updates//thunderbird-128.5.0-1.0.1.el8_10.src.rpm Related CVEs: CVE-2024-11159 CVE-2024-11692 CVE-2024-11694 CVE-2024-11695 CVE-2024-11696 CVE-2024-11697 CVE-2024-11699 Description of changes: [128.5.0-1.0.1] - Fix prefs for new nss [Orabug: 37079820] - Add Oracle prefs file [128.5.0] - Add OpenELA debranding [128.5.0-1] - Update to 128.5.0 build1 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux Security Bulletin ELSA-2024-10591 addresses vulnerabilities in the Thunderbird email client, providing critical security updates.. Thunderbird Update, Oracle Linux Security, ELSA Advisory, Important Security Fixes. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Dec 05, 2024 Critical Oracle
217

Oracle Linux 9 ELSA-2024-9552: Important Thunderbird Security Update

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-9552 http://linux.oracle.com/errata/ELSA-2024-9552.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: thunderbird-128.4.0-1.0.1.el9_5.x86_64.rpm aarch64: thunderbird-128.4.0-1.0.1.el9_5.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//thunderbird-128.4.0-1.0.1.el9_5.src.rpm Related CVEs: CVE-2024-9680 CVE-2024-10458 CVE-2024-10459 CVE-2024-10460 CVE-2024-10461 CVE-2024-10462 CVE-2024-10463 CVE-2024-10464 CVE-2024-10465 CVE-2024-10466 CVE-2024-10467 Description of changes: [128.4.0-1.0.1] - Fix prefs for new nss [Orabug: 37079813] - Add Oracle prefs [128.4.0] - Add OpenELA debranding [128.4.0-1] - Update to 128.4.0 build1 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux Security Advisory ELSA-2024-9552 addresses critical vulnerabilities in Thunderbird. Users should apply the patch for enhanced security and stability. Oracle linux updates, Security advisory thunderbird, Important security fixes, Linux packets. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Nov 21, 2024 Important Oracle
99

Slackware 15.0: 2024-304-03 Security Advisory for mozilla-thunderbird

New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] mozilla-thunderbird (SSA:2024-304-03) New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ patches/packages/mozilla-thunderbird-128.4.0esr-i686-1_slack15.0.txz: Upgraded. This release contains security fixes and improvements. For more information, see: https://www.thunderbird.net/en-US/thunderbird/128.4.0esr/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2024-58/ https://www.cve.org/CVERecord?id=CVE-2024-10458 https://www.cve.org/CVERecord?id=CVE-2024-10459 https://www.cve.org/CVERecord?id=CVE-2024-10460 https://www.cve.org/CVERecord?id=CVE-2024-10461 https://www.cve.org/CVERecord?id=CVE-2024-10462 https://www.cve.org/CVERecord?id=CVE-2024-10463 https://www.cve.org/CVERecord?id=CVE-2024-10464 https://www.cve.org/CVERecord?id=CVE-2024-10465 https://www.cve.org/CVERecord?id=CVE-2024-10466 https://www.cve.org/CVERecord?id=CVE-2024-10467 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you. Updated package for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/mozilla-thunderbird-128.4.0esr-i686-1_slack15.0.txz Updated package for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/mozilla-thunderbird-128.4.0esr-x86_64-1_slack15.0.txz Updated package for Slackware-current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/mozilla-thunderbird-128.4.0esr-i686-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/xap/mozilla-thunderbird-128.4.0esr-x86_64-1.txz MD5 signatures: +-------------+ Slackware 15.0 package: 8202f1f4a0aa23bde158c8f1d8d15a63 mozilla-thunderbird-128.4.0esr-i686-1_slack15.0.txz Slackware x86_64 15.0 package: 389ffb2ecb9bca6b5c6207667e655eb0 mozilla-thunderbird-128.4.0esr-x86_64-1_slack15.0.txz Slackware -current package: d46ad813909083e0d31a5ee7f53f9356 xap/mozilla-thunderbird-128.4.0esr-i686-1.txz Slackware x86_64 -current package: 6d22276ef05d2e25e48d04088e2f4e98 xap/mozilla-thunderbird-128.4.0esr-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg mozilla-thunderbird-128.4.0esr-i686-1_slack15.0.txz +-----+ . Take action today by installing the latest mozilla-thunderbird updates for Slackware 15.0 to mitigate security vulnerabilities!. Mozilla Thunderbird Update, Slackware Security Advisory, Security Packages. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Oct 30, 2024 Important Slackware
217

Oracle Linux 8 ELSA-2024-4036: Important Thunderbird Security Updates

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-4036 http://linux.oracle.com/errata/ELSA-2024-4036.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: thunderbird-115.12.1-1.0.1.el8_10.x86_64.rpm aarch64: thunderbird-115.12.1-1.0.1.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//thunderbird-115.12.1-1.0.1.el8_10.src.rpm Related CVEs: CVE-2024-5688 CVE-2024-5690 CVE-2024-5691 CVE-2024-5693 CVE-2024-5696 CVE-2024-5700 CVE-2024-5702 Description of changes: [115.12.1-1.0.1] - Add Oracle prefs file [115.12.1] - Add OpenELA debranding [115.12.1-1] - Update to 115.12.1 build1 [115.12.0-2] - Update to 115.12.0 build2 [115.12.0-1] - Update to 115.12.0 build1 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux Security Advisory ELSA-2024-4045 introduces essential patches for Firefox. Take a look today!. Oracle Linux Updates, Thunderbird Security, ELSA-2024-4036, RPM Updates, Linux Security. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 21, 2024 Important Oracle
217

Oracle Linux 7 ELSA-2024-1498 Critical: Thunderbird Security Update

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-1498 https://linux.oracle.com/errata/ELSA-2024-1498.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: thunderbird-115.9.0-1.0.1.el7_9.x86_64.rpm SRPMS: https://oss.oracle.com:443/ol7/SRPMS-updates//thunderbird-115.9.0-1.0.1.el7_9.src.rpm Related CVEs: CVE-2023-5388 CVE-2024-0743 CVE-2024-1936 CVE-2024-2607 CVE-2024-2608 CVE-2024-2610 CVE-2024-2611 CVE-2024-2612 CVE-2024-2614 Description of changes: [115.9.0-1.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build [115.9.0-1] - Update to 115.9.0 build1 - Fix expat CVE-2023-52425 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . The Oracle Linux Advisory ELSA-2024-1498 offers essential updates for Thunderbird, focusing on remedying vulnerabilities.. Oracle Linux, Thunderbird, Security Update, ELSA-2024-1498, Linux Advisory. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Mar 27, 2024 Critical Oracle
217

Oracle Linux 7: ELSA-2023-7505 Critical Thunderbirds Threat Fix

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2023-7505 https://linux.oracle.com/errata/ELSA-2023-7505.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: thunderbird-115.5.0-1.0.1.el7_9.x86_64.rpm SRPMS: https://oss.oracle.com:443/ol7/SRPMS-updates//thunderbird-115.5.0-1.0.1.el7_9.src.rpm Related CVEs: CVE-2023-6204 CVE-2023-6205 CVE-2023-6206 CVE-2023-6207 CVE-2023-6208 CVE-2023-6209 CVE-2023-6212 Description of changes: [115.5.0-1.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build [115.5.0-1] - Update to 115.5.0 build1 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . The Ubuntu Security Advisory USN-2023-5678 highlights critical patches for Firefox, bolstering its protective features.. Oracle Linux Update, Thunderbird Fix, Security Advisory, Linux Patch, Software Update. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Nov 29, 2023 Critical Oracle
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200