Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
Does sandboxing completely stop hackers?
Loading...
Explore Latest Linux Security advisories
We found -6 articles for you...
219
security advisoryimportantPostgreSQLRocky Linux PostgreSQL Key Credential Recovery and RLSA-2026-28208 Guide
Important: postgresql:13 security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:28208", "synopsis": "Important: postgresql:13 security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for postgres-decoderbufs, module.postgres-decoderbufs, module.pgaudit, module.pg_repack, pgaudit, pg_repack.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "PostgreSQL is an advanced object-relational database management system (DBMS).\n\nSecurity Fix(es):\n\n* postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison (CVE-2026-6478)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 8"], "fixes": [{"ticket": "2477447", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2477447", "description": ""}], "cves": [{"name": "CVE-2026-6478", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6478", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", "cvss3BaseScore": "8.2", "cwe": "CWE-385"}], "references": [], "publishedAt": "2026-06-23T18:00:59.155864Z", "rpms": {"Rocky Linux 8": {"nvras": ["pgaudit-0:1.5.0-1.module+el8.10.0+40055+b85d5ce2.aarch64.rpm", "pgaudit-0:1.5.0-1.module+el8.9.0+1594+4a6adae9.aarch64.rpm", "pgaudit-0:1.5.0-1.module+el8.10.0+40055+b85d5ce2.src.rpm", "pgaudit-0:1.5.0-1.module+el8.9.0+1594+4a6adae9.src.rpm", "pgaudit-0:1.5.0-1.module+el8.10.0+40055+b85d5ce2.x86_64.rpm", "pgaudit-0:1.5.0-1.module+el8.9.0+1594+4a6adae9.x86_64.rpm", "pgaudit-debuginfo-0:1.5.0-1.module+el8.10.0+40055+b85d5ce2.aarch64.rpm", "pgaudit-debuginfo-0:1.5.0-1.module+el8.9.0+1594+4a6adae9.aarch64.rpm","pgaudit-debuginfo-0:1.5.0-1.module+el8.10.0+40055+b85d5ce2.x86_64.rpm", "pgaudit-debugsource-0:1.5.0-1.module+el8.10.0+40055+b85d5ce2.aarch64.rpm", "pgaudit-debugsource-0:1.5.0-1.module+el8.9.0+1594+4a6adae9.aarch64.rpm", "pgaudit-debugsource-0:1.5.0-1.module+el8.10.0+40055+b85d5ce2.x86_64.rpm", "pg_repack-0:1.4.6-3.module+el8.9.0+1594+4a6adae9.aarch64.rpm", "pg_repack-0:1.4.6-3.module+el8.9.0+1603+444d1b54.aarch64.rpm", "pg_repack-0:1.4.6-3.module+el8.10.0+40055+b85d5ce2.aarch64.rpm", "pg_repack-0:1.4.6-3.module+el8.10.0+1862+29bef648.aarch64.rpm", "pg_repack-0:1.4.6-3.module+el8.9.0+1594+4a6adae9.src.rpm", "pg_repack-0:1.4.6-3.module+el8.9.0+1603+444d1b54.src.rpm", "pg_repack-0:1.4.6-3.module+el8.10.0+1862+29bef648.src.rpm", "pg_repack-0:1.4.6-3.module+el8.10.0+40055+b85d5ce2.src.rpm", "pg_repack-0:1.4.6-3.module+el8.9.0+1603+444d1b54.x86_64.rpm", "pg_repack-0:1.4.6-3.module+el8.9.0+1594+4a6adae9.x86_64.rpm", "pg_repack-0:1.4.6-3.module+el8.10.0+1862+29bef648.x86_64.rpm", "pg_repack-0:1.4.6-3.module+el8.10.0+40055+b85d5ce2.x86_64.rpm", "pg_repack-debuginfo-0:1.4.6-3.module+el8.9.0+1603+444d1b54.aarch64.rpm", "pg_repack-debuginfo-0:1.4.6-3.module+el8.10.0+40055+b85d5ce2.aarch64.rpm", "pg_repack-debuginfo-0:1.4.6-3.module+el8.10.0+1862+29bef648.aarch64.rpm", "pg_repack-debuginfo-0:1.4.6-3.module+el8.9.0+1594+4a6adae9.aarch64.rpm", "pg_repack-debuginfo-0:1.4.6-3.module+el8.10.0+40055+b85d5ce2.x86_64.rpm", "pg_repack-debuginfo-0:1.4.6-3.module+el8.10.0+1862+29bef648.x86_64.rpm", "pg_repack-debugsource-0:1.4.6-3.module+el8.10.0+1862+29bef648.aarch64.rpm", "pg_repack-debugsource-0:1.4.6-3.module+el8.9.0+1603+444d1b54.aarch64.rpm", "pg_repack-debugsource-0:1.4.6-3.module+el8.10.0+40055+b85d5ce2.aarch64.rpm", "pg_repack-debugsource-0:1.4.6-3.module+el8.9.0+1594+4a6adae9.aarch64.rpm", "pg_repack-debugsource-0:1.4.6-3.module+el8.10.0+1862+29bef648.x86_64.rpm", "pg_repack-debugsource-0:1.4.6-3.module+el8.10.0+40055+b85d5ce2.x86_64.rpm", "postgres-decoderbufs-0:0.10.0-2.module+el8.9.0+1594+4a6adae9.aarch64.rpm","postgres-decoderbufs-0:0.10.0-2.module+el8.10.0+40055+b85d5ce2.aarch64.rpm", "postgres-decoderbufs-0:0.10.0-2.module+el8.9.0+1603+444d1b54.aarch64.rpm", "postgres-decoderbufs-0:0.10.0-2.module+el8.10.0+1862+29bef648.aarch64.rpm", "postgres-decoderbufs-0:0.10.0-2.module+el8.9.0+1603+444d1b54.src.rpm", "postgres-decoderbufs-0:0.10.0-2.module+el8.10.0+1862+29bef648.src.rpm", "postgres-decoderbufs-0:0.10.0-2.module+el8.9.0+1594+4a6adae9.src.rpm", "postgres-decoderbufs-0:0.10.0-2.module+el8.10.0+40055+b85d5ce2.src.rpm", "postgres-decoderbufs-0:0.10.0-2.module+el8.10.0+40055+b85d5ce2.x86_64.rpm", "postgres-decoderbufs-0:0.10.0-2.module+el8.10.0+1862+29bef648.x86_64.rpm", "postgres-decoderbufs-0:0.10.0-2.module+el8.9.0+1603+444d1b54.x86_64.rpm", "postgres-decoderbufs-0:0.10.0-2.module+el8.9.0+1594+4a6adae9.x86_64.rpm", "postgres-decoderbufs-debuginfo-0:0.10.0-2.module+el8.10.0+1862+29bef648.aarch64.rpm", "postgres-decoderbufs-debuginfo-0:0.10.0-2.module+el8.10.0+40055+b85d5ce2.aarch64.rpm", "postgres-decoderbufs-debuginfo-0:0.10.0-2.module+el8.9.0+1594+4a6adae9.aarch64.rpm", "postgres-decoderbufs-debuginfo-0:0.10.0-2.module+el8.9.0+1603+444d1b54.aarch64.rpm", "postgres-decoderbufs-debuginfo-0:0.10.0-2.module+el8.10.0+40055+b85d5ce2.x86_64.rpm", "postgres-decoderbufs-debuginfo-0:0.10.0-2.module+el8.10.0+1862+29bef648.x86_64.rpm", "postgres-decoderbufs-debugsource-0:0.10.0-2.module+el8.9.0+1603+444d1b54.aarch64.rpm", "postgres-decoderbufs-debugsource-0:0.10.0-2.module+el8.10.0+40055+b85d5ce2.aarch64.rpm", "postgres-decoderbufs-debugsource-0:0.10.0-2.module+el8.10.0+1862+29bef648.aarch64.rpm", "postgres-decoderbufs-debugsource-0:0.10.0-2.module+el8.9.0+1594+4a6adae9.aarch64.rpm", "postgres-decoderbufs-debugsource-0:0.10.0-2.module+el8.10.0+1862+29bef648.x86_64.rpm", "postgres-decoderbufs-debugsource-0:0.10.0-2.module+el8.10.0+40055+b85d5ce2.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Important PostgreSQL security update for Rocky Linux addresses critical timing channel issues. Stay secure with thelatest patch.. PostgreSQL security, Rocky Linux updates, credential recovery, timing channel exploit. . Severity: Important. LinuxSecurity.com Team
Jun 23, 2026
•Important
Rocky Linux
219
security advisoryimportantPostgreSQLRocky Linux PostgreSQL Important Credential Timing Attack RLSA-2026-28208
Important: postgresql:13 security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:28208", "synopsis": "Important: postgresql:13 security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for postgres-decoderbufs, module.postgres-decoderbufs, module.pgaudit, module.pg_repack, pgaudit, pg_repack.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "PostgreSQL is an advanced object-relational database management system (DBMS).\n\nSecurity Fix(es):\n\n* postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison (CVE-2026-6478)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 8"], "fixes": [{"ticket": "2477447", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2477447", "description": ""}], "cves": [{"name": "CVE-2026-6478", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6478", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", "cvss3BaseScore": "8.2", "cwe": "CWE-385"}], "references": [], "publishedAt": "2026-06-23T18:00:59.155864Z", "rpms": {"Rocky Linux 8": {"nvras": ["pgaudit-0:1.5.0-1.module+el8.10.0+40055+b85d5ce2.aarch64.rpm", "pgaudit-0:1.5.0-1.module+el8.9.0+1594+4a6adae9.aarch64.rpm", "pgaudit-0:1.5.0-1.module+el8.10.0+40055+b85d5ce2.src.rpm", "pgaudit-0:1.5.0-1.module+el8.9.0+1594+4a6adae9.src.rpm", "pgaudit-0:1.5.0-1.module+el8.10.0+40055+b85d5ce2.x86_64.rpm", "pgaudit-0:1.5.0-1.module+el8.9.0+1594+4a6adae9.x86_64.rpm", "pgaudit-debuginfo-0:1.5.0-1.module+el8.10.0+40055+b85d5ce2.aarch64.rpm", "pgaudit-debuginfo-0:1.5.0-1.module+el8.9.0+1594+4a6adae9.aarch64.rpm","pgaudit-debuginfo-0:1.5.0-1.module+el8.10.0+40055+b85d5ce2.x86_64.rpm", "pgaudit-debugsource-0:1.5.0-1.module+el8.10.0+40055+b85d5ce2.aarch64.rpm", "pgaudit-debugsource-0:1.5.0-1.module+el8.9.0+1594+4a6adae9.aarch64.rpm", "pgaudit-debugsource-0:1.5.0-1.module+el8.10.0+40055+b85d5ce2.x86_64.rpm", "pg_repack-0:1.4.6-3.module+el8.9.0+1594+4a6adae9.aarch64.rpm", "pg_repack-0:1.4.6-3.module+el8.9.0+1603+444d1b54.aarch64.rpm", "pg_repack-0:1.4.6-3.module+el8.10.0+40055+b85d5ce2.aarch64.rpm", "pg_repack-0:1.4.6-3.module+el8.10.0+1862+29bef648.aarch64.rpm", "pg_repack-0:1.4.6-3.module+el8.9.0+1594+4a6adae9.src.rpm", "pg_repack-0:1.4.6-3.module+el8.9.0+1603+444d1b54.src.rpm", "pg_repack-0:1.4.6-3.module+el8.10.0+1862+29bef648.src.rpm", "pg_repack-0:1.4.6-3.module+el8.10.0+40055+b85d5ce2.src.rpm", "pg_repack-0:1.4.6-3.module+el8.9.0+1603+444d1b54.x86_64.rpm", "pg_repack-0:1.4.6-3.module+el8.9.0+1594+4a6adae9.x86_64.rpm", "pg_repack-0:1.4.6-3.module+el8.10.0+1862+29bef648.x86_64.rpm", "pg_repack-0:1.4.6-3.module+el8.10.0+40055+b85d5ce2.x86_64.rpm", "pg_repack-debuginfo-0:1.4.6-3.module+el8.9.0+1603+444d1b54.aarch64.rpm", "pg_repack-debuginfo-0:1.4.6-3.module+el8.10.0+40055+b85d5ce2.aarch64.rpm", "pg_repack-debuginfo-0:1.4.6-3.module+el8.10.0+1862+29bef648.aarch64.rpm", "pg_repack-debuginfo-0:1.4.6-3.module+el8.9.0+1594+4a6adae9.aarch64.rpm", "pg_repack-debuginfo-0:1.4.6-3.module+el8.10.0+40055+b85d5ce2.x86_64.rpm", "pg_repack-debuginfo-0:1.4.6-3.module+el8.10.0+1862+29bef648.x86_64.rpm", "pg_repack-debugsource-0:1.4.6-3.module+el8.10.0+1862+29bef648.aarch64.rpm", "pg_repack-debugsource-0:1.4.6-3.module+el8.9.0+1603+444d1b54.aarch64.rpm", "pg_repack-debugsource-0:1.4.6-3.module+el8.10.0+40055+b85d5ce2.aarch64.rpm", "pg_repack-debugsource-0:1.4.6-3.module+el8.9.0+1594+4a6adae9.aarch64.rpm", "pg_repack-debugsource-0:1.4.6-3.module+el8.10.0+1862+29bef648.x86_64.rpm", "pg_repack-debugsource-0:1.4.6-3.module+el8.10.0+40055+b85d5ce2.x86_64.rpm", "postgres-decoderbufs-0:0.10.0-2.module+el8.9.0+1594+4a6adae9.aarch64.rpm","postgres-decoderbufs-0:0.10.0-2.module+el8.10.0+40055+b85d5ce2.aarch64.rpm", "postgres-decoderbufs-0:0.10.0-2.module+el8.9.0+1603+444d1b54.aarch64.rpm", "postgres-decoderbufs-0:0.10.0-2.module+el8.10.0+1862+29bef648.aarch64.rpm", "postgres-decoderbufs-0:0.10.0-2.module+el8.9.0+1603+444d1b54.src.rpm", "postgres-decoderbufs-0:0.10.0-2.module+el8.10.0+1862+29bef648.src.rpm", "postgres-decoderbufs-0:0.10.0-2.module+el8.9.0+1594+4a6adae9.src.rpm", "postgres-decoderbufs-0:0.10.0-2.module+el8.10.0+40055+b85d5ce2.src.rpm", "postgres-decoderbufs-0:0.10.0-2.module+el8.10.0+40055+b85d5ce2.x86_64.rpm", "postgres-decoderbufs-0:0.10.0-2.module+el8.10.0+1862+29bef648.x86_64.rpm", "postgres-decoderbufs-0:0.10.0-2.module+el8.9.0+1603+444d1b54.x86_64.rpm", "postgres-decoderbufs-0:0.10.0-2.module+el8.9.0+1594+4a6adae9.x86_64.rpm", "postgres-decoderbufs-debuginfo-0:0.10.0-2.module+el8.10.0+1862+29bef648.aarch64.rpm", "postgres-decoderbufs-debuginfo-0:0.10.0-2.module+el8.10.0+40055+b85d5ce2.aarch64.rpm", "postgres-decoderbufs-debuginfo-0:0.10.0-2.module+el8.9.0+1594+4a6adae9.aarch64.rpm", "postgres-decoderbufs-debuginfo-0:0.10.0-2.module+el8.9.0+1603+444d1b54.aarch64.rpm", "postgres-decoderbufs-debuginfo-0:0.10.0-2.module+el8.10.0+40055+b85d5ce2.x86_64.rpm", "postgres-decoderbufs-debuginfo-0:0.10.0-2.module+el8.10.0+1862+29bef648.x86_64.rpm", "postgres-decoderbufs-debugsource-0:0.10.0-2.module+el8.9.0+1603+444d1b54.aarch64.rpm", "postgres-decoderbufs-debugsource-0:0.10.0-2.module+el8.10.0+40055+b85d5ce2.aarch64.rpm", "postgres-decoderbufs-debugsource-0:0.10.0-2.module+el8.10.0+1862+29bef648.aarch64.rpm", "postgres-decoderbufs-debugsource-0:0.10.0-2.module+el8.9.0+1594+4a6adae9.aarch64.rpm", "postgres-decoderbufs-debugsource-0:0.10.0-2.module+el8.10.0+1862+29bef648.x86_64.rpm", "postgres-decoderbufs-debugsource-0:0.10.0-2.module+el8.10.0+40055+b85d5ce2.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Update for PostgreSQL on Rocky Linux addresses important security fix for credential retrieval via timing attack..PostgreSQL security update, Rocky Linux advisory, important security fix. . Severity: Important. LinuxSecurity.com Team
Jun 23, 2026
•Important
Rocky Linux
200
security advisorysecurity fixremote attackSciLinux: SLSA-2017:2029-1 Moderate: OpenSSH Remote Attack Fixes
A covert timing channel flaw was found in the way OpenSSH handled authentication of non-existent users. A remote unauthenticated attacker could possibly use this flaw to determine valid user names by measuring the timing of server responses. (CVE-2016-6210) * It was found that OpenSSH did not limit password lengths for password authentication. A remote unauthenticated attacker could use this [More...]. Synopsis: Moderate: openssh security, bug fix, and enhancement Advisory ID: SLSA-2017:2029-1 Issue Date: 2017-08-01 CVE Numbers: CVE-2016-6210 CVE-2016-6515 CVE-2016-10009 CVE-2016-10011 CVE-2016-10012 -- The following packages have been upgraded to a later upstream version: openssh (7.4p1). Security Fix(es): * A covert timing channel flaw was found in the way OpenSSH handled authentication of non-existent users. A remote unauthenticated attacker could possibly use this flaw to determine valid user names by measuring the timing of server responses. (CVE-2016-6210) * It was found that OpenSSH did not limit password lengths for password authentication. A remote unauthenticated attacker could use this flaw to temporarily trigger high CPU consumption in sshd by sending long passwords. (CVE-2016-6515) * It was found that ssh-agent could load PKCS#11 modules from arbitrary paths. An attacker having control of the forwarded agent-socket on the server, and the ability to write to the filesystem of the client host, could use this flaw to execute arbitrary code with the privileges of the user running ssh-agent. (CVE-2016-10009) * It was found that the host private key material could possibly leak to the privilege-separated child processes via re-allocated memory. An attacker able to compromise the privilege-separated process could therefore obtain the leaked key information. (CVE-2016-10011) * It was found that the boundary checks in the code implementing support for pre-authentication compression could havebeen optimized out by certain compilers. An attacker able to compromise the privilege-separated process could possibly use this flaw for further attacks against the privileged monitor process. (CVE-2016-10012) -- SL7 x86_64 openssh-7.4p1-11.el7.x86_64.rpm openssh-askpass-7.4p1-11.el7.x86_64.rpm openssh-clients-7.4p1-11.el7.x86_64.rpm openssh-debuginfo-7.4p1-11.el7.x86_64.rpm openssh-keycat-7.4p1-11.el7.x86_64.rpm openssh-server-7.4p1-11.el7.x86_64.rpm openssh-cavs-7.4p1-11.el7.x86_64.rpm openssh-debuginfo-7.4p1-11.el7.i686.rpm openssh-ldap-7.4p1-11.el7.x86_64.rpm openssh-server-sysvinit-7.4p1-11.el7.x86_64.rpm pam_ssh_agent_auth-0.10.3-1.11.el7.i686.rpm pam_ssh_agent_auth-0.10.3-1.11.el7.x86_64.rpm - Scientific Linux Development Team . The recent OpenSSH security bulletin highlights vulnerabilities and proposes necessary upgrades to strengthen the OpenSSH implementation on SL7.x platforms.. openssh upgrade, security fix, timing attack, password vulnerability. . LinuxSecurity.com Team
Aug 21, 2017
Scientific Linux
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
Does sandboxing completely stop hackers?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!