Alerts This Week
Warning Icon 1 677
Alerts This Week
Warning Icon 1 677

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 1 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoraDoS

Fedora 39: FEDORA-2024-d5ea2b345 critical: libxml DoS Vulnerabilities

Bugfix release. Includes security fixes for CVE-2021-42260 and CVE-2023-34194 and a fix for incorrect text element encoding (upstream isssue #51).. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-c9dc0ac419 2024-01-12 00:59:08.472906 -------------------------------------------------------------------------------- Name : tinyxml Product : Fedora 38 Version : 2.6.2 Release : 28.fc38 URL : Summary : A simple, small, C++ XML parser Description : TinyXML is a simple, small, C++ XML parser that can be easily integrating into other programs. Have you ever found yourself writing a text file parser every time you needed to save human readable data or serialize objects? TinyXML solves the text I/O file once and for all. (Or, as a friend said, ends the Just Another Text File Parser problem.) -------------------------------------------------------------------------------- Update Information: Bugfix release. Includes security fixes for CVE-2021-42260 and CVE-2023-34194 and a fix for incorrect text element encoding (upstream isssue #51). -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 3 2024 Dominik Mierzejewski - 2.6.2-28 - apply Debian patch to fix CVE-2021-42260 (rhbz#2253716, rhbz#2253718) - apply Debian patch to fix CVE-2023-34194 and its duplicate, CVE-2023-40462 (rhbz#2254376, rhbz#2254381) - fix incorrect text element encoding (upstream isssue #51) - compile and run tests * Sat Jul 22 2023 Fedora Release Engineering - 2.6.2-27 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2253716 - CVE-2021-42260 tinyxml: infinite loop causes crash https://bugzilla.redhat.com/show_bug.cgi?id=2253716 [ 2 ] Bug #2254376 - CVE-2023-34194 tinyxml: reachable assertion may lead to denial ofservice https://bugzilla.redhat.com/show_bug.cgi?id=2254376 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-c9dc0ac419' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Fedora 38 has rolled out an update to rectify several vulnerabilities in libxml, tackling denial-of-service threats and encoding errors.. Fedora TinyXML Update,TinyXML Security Fixes,XML Parser Bugfixes. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jan 12, 2024 Critical Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoracritical

Fedora 39: 2024-80e6578a01 Critical: tinyxml DoS Issues Fixed

Bugfix release. Includes security fixes for CVE-2021-42260 and CVE-2023-34194 and a fix for incorrect text element encoding (upstream isssue #51).. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-80e6578a01 2024-01-08 01:23:05.713168 -------------------------------------------------------------------------------- Name : tinyxml Product : Fedora 39 Version : 2.6.2 Release : 28.fc39 URL : Summary : A simple, small, C++ XML parser Description : TinyXML is a simple, small, C++ XML parser that can be easily integrating into other programs. Have you ever found yourself writing a text file parser every time you needed to save human readable data or serialize objects? TinyXML solves the text I/O file once and for all. (Or, as a friend said, ends the Just Another Text File Parser problem.) -------------------------------------------------------------------------------- Update Information: Bugfix release. Includes security fixes for CVE-2021-42260 and CVE-2023-34194 and a fix for incorrect text element encoding (upstream isssue #51). -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 3 2024 Dominik Mierzejewski - 2.6.2-28 - apply Debian patch to fix CVE-2021-42260 (rhbz#2253716, rhbz#2253718) - apply Debian patch to fix CVE-2023-34194 and its duplicate, CVE-2023-40462 (rhbz#2254376, rhbz#2254381) - fix incorrect text element encoding (upstream isssue #51) - compile and run tests -------------------------------------------------------------------------------- References: [ 1 ] Bug #2253716 - CVE-2021-42260 tinyxml: infinite loop causes crash https://bugzilla.redhat.com/show_bug.cgi?id=2253716 [ 2 ] Bug #2254376 - CVE-2023-34194 tinyxml: reachable assertion may lead to denial of service https://bugzilla.redhat.com/show_bug.cgi?id=2254376 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-80e6578a01' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . The recent Fedora patch upgrade bolsters TinyXML by integrating essential security enhancements, thereby increasing the software's stability and improving its encoding capabilities.. TinyXML Update,Fedora Security Advisory,DoS Protection,C++ XML Parser. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jan 08, 2024 Critical Fedora
Banner 3 1028x280 1708121785 1771599793
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydenial of servicecritical

Debian 10 Buster: DLA-3701-1 Critical: tinyxml DoS Threat

A reachable assertion issue has been discovered in tinyxml, a C++ XML parsing library, which could lead to denial of service via a crafted XML document with a '\0' located after whitespace. . ------------------------------------------------------------------------- Debian LTS Advisory DLA-3701-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Guilhem Moulin December 31, 2023 https://wiki.debian.org/LTS ------------------------------------------------------------------------- Package : tinyxml Version : 2.6.2-4+deb10u2 CVE ID : CVE-2023-34194 CVE-2023-40462 Debian Bug : 1059315 A reachable assertion issue has been discovered in tinyxml, a C++ XML parsing library, which could lead to denial of service via a crafted XML document with a '\0' located after whitespace. For Debian 10 buster, these problems have been fixed in version 2.6.2-4+deb10u2. We recommend that you upgrade your tinyxml packages. For the detailed security status of tinyxml please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/tinyxml Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . A vulnerability in tinyxml could result in service disruption through crafted XML documents. Consult the advisory for further information.. tinyxml Security Update, Debian 10 Buster, XML Parsing Library. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Dec 30, 2023 Critical Debian LTS
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorymoderateDoS

openSUSE 15.5 Security Advisory 2023:4958-1 Moderate: tinyxml DoS

This update for tinyxml fixes the following issues: CVE-2023-34194: Fixed reachable assertion may lead to denial of service (bsc#1218040).. # Security update for tinyxml Announcement ID: SUSE-SU-2023:4958-1 Rating: moderate References: * bsc#1218040 Cross-References: * CVE-2023-34194 CVSS scores: * CVE-2023-34194 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2023-34194 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Package Hub 15 15-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for tinyxml fixes the following issues: * CVE-2023-34194: Fixed reachable assertion may lead to denial of service (bsc#1218040). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2023-4958=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2023-4958=1 * openSUSE Leap 15.4 zypper in -t patch openSUSE-SLE-15.4-2023-4958=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libtinyxml0-2.6.2-150000.3.6.1 * libtinyxml0-debuginfo-2.6.2-150000.3.6.1 * tinyxml-devel-2.6.2-150000.3.6.1 * tinyxml-debugsource-2.6.2-150000.3.6.1 * tinyxml-docs-2.6.2-150000.3.6.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * libtinyxml0-2.6.2-150000.3.6.1 * libtinyxml0-debuginfo-2.6.2-150000.3.6.1 * tinyxml-devel-2.6.2-150000.3.6.1 *tinyxml-debugsource-2.6.2-150000.3.6.1 * tinyxml-docs-2.6.2-150000.3.6.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * libtinyxml0-2.6.2-150000.3.6.1 * libtinyxml0-debuginfo-2.6.2-150000.3.6.1 * tinyxml-devel-2.6.2-150000.3.6.1 * tinyxml-debugsource-2.6.2-150000.3.6.1 * tinyxml-docs-2.6.2-150000.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2023-34194.html * https://bugzilla.suse.com/show_bug.cgi?id=1218040 . Upgrade for tinyxml tackling CVE-2023-34194 rated as moderate. Make sure your openSUSE installations are protected and current.. openSUSE Security,tinyxml update,DoS correction,software patch. . LinuxSecurity.com Team

Calendar 2 Dec 22, 2023 OpenSUSE
Banner 3 1028x280 1708121785 1771599793
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorydenial of servicemoderate severity

openSUSE: 2023:4958-1 moderate: tinyxml denial of service

* bsc#1218040 Cross-References: * CVE-2023-34194 . # Security update for tinyxml Announcement ID: SUSE-SU-2023:4958-1 Rating: moderate References: * bsc#1218040 Cross-References: * CVE-2023-34194 CVSS scores: * CVE-2023-34194 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2023-34194 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Package Hub 15 15-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for tinyxml fixes the following issues: * CVE-2023-34194: Fixed reachable assertion may lead to denial of service (bsc#1218040). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2023-4958=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2023-4958=1 * openSUSE Leap 15.4 zypper in -t patch openSUSE-SLE-15.4-2023-4958=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libtinyxml0-2.6.2-150000.3.6.1 * libtinyxml0-debuginfo-2.6.2-150000.3.6.1 * tinyxml-devel-2.6.2-150000.3.6.1 * tinyxml-debugsource-2.6.2-150000.3.6.1 * tinyxml-docs-2.6.2-150000.3.6.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * libtinyxml0-2.6.2-150000.3.6.1 * libtinyxml0-debuginfo-2.6.2-150000.3.6.1 * tinyxml-devel-2.6.2-150000.3.6.1 * tinyxml-debugsource-2.6.2-150000.3.6.1 * tinyxml-docs-2.6.2-150000.3.6.1 * openSUSELeap 15.4 (aarch64 ppc64le s390x x86_64) * libtinyxml0-2.6.2-150000.3.6.1 * libtinyxml0-debuginfo-2.6.2-150000.3.6.1 * tinyxml-devel-2.6.2-150000.3.6.1 * tinyxml-debugsource-2.6.2-150000.3.6.1 * tinyxml-docs-2.6.2-150000.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2023-34194.html * https://bugzilla.suse.com/show_bug.cgi?id=1218040 . An update for tinyxml addresses a significant denial of service issue, with detailed setup guidelines provided.. SUSE Security Advisory, Tinyxml Denial Service, OpenSUSE Patch. . LinuxSecurity.com Team

Calendar 2 Dec 22, 2023 SuSE
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydenial of servicesoftware update

Debian 10 Buster DLA-3130-1: Tinyxml Denial Of Service Advisory

An issue has been found in tinyxml, a C++ XML parsing library. Crafted XML messages could lead to an infinite loop in TiXmlParsingData::Stamp(), which results in a denial of service. . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3130-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Thorsten Alteholz October 01, 2022 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : tinyxml Version : 2.6.2-4+deb10u1 CVE ID : CVE-2021-42260 An issue has been found in tinyxml, a C++ XML parsing library. Crafted XML messages could lead to an infinite loop in TiXmlParsingData::Stamp(), which results in a denial of service. For Debian 10 buster, this problem has been fixed in version 2.6.2-4+deb10u1. We recommend that you upgrade your tinyxml packages. For the detailed security status of tinyxml please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/tinyxml Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . The Fedora Security Advisory FSA-5120-1 resolves a security vulnerability within the libxml2 library that can lead to XML manipulation risks.. Debian LTS, TinyXML Security Fix, Denial of Service, Software Update. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 30, 2022 Critical Debian LTS
Banner 3 1028x280 1708121785 1771599793
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydenial of servicedebian

Debian 9: DLA-2990-1 Moderate: Libxml2 Denial Of Service

An issue has been found in tinyxml, a C++ XML parsing library. Crafted XML messages could lead to an infinite loop in . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2988-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Thorsten Alteholz May 01, 2022 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : tinyxml Version : 2.6.2-4+deb9u1 CVE ID : CVE-2021-42260 An issue has been found in tinyxml, a C++ XML parsing library. Crafted XML messages could lead to an infinite loop in TiXmlParsingData::Stamp(), which results in a denial of service. For Debian 9 stretch, this problem has been fixed in version 2.6.2-4+deb9u1. We recommend that you upgrade your tinyxml packages. For the detailed security status of tinyxml please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/tinyxml Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Enhance tinyxml modules to address security vulnerabilities resulting from specially designed XML messages that may lead to service interruptions.. Debian Security, Tinyxml Update, Denial Of Service, XML Parsing Library. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Apr 30, 2022 Important Debian LTS
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorydenial of servicesoftware update

Mageia 8: MGASA-2021-0514 Critical Advisory on TinyXML DoS Vulnerability

TinyXML through 2.6.2 has an infinite loop in TiXmlParsingData::Stamp in tinyxmlparser.cpp via the TIXML_UTF_LEAD_0 case. It can be triggered by a crafted XML message and leads to a denial of service. (CVE-2021-42260) References: . MGASA-2021-0514 - Updated tinyxml packages fix security vulnerability Publication date: 18 Nov 2021 URL: https://advisories.mageia.org/MGASA-2021-0514.html Type: security Affected Mageia releases: 8 CVE: CVE-2021-42260 TinyXML through 2.6.2 has an infinite loop in TiXmlParsingData::Stamp in tinyxmlparser.cpp via the TIXML_UTF_LEAD_0 case. It can be triggered by a crafted XML message and leads to a denial of service. (CVE-2021-42260) References: - https://bugs.mageia.org/show_bug.cgi?id=29642 - - https://www.cve.org/CVERecord?id=CVE-2021-42260 SRPMS: - 8/core/tinyxml-2.6.2-12.1.mga8 . Mageia 2021-0514 implements an update for TinyXML addressing a denial of service risk initiated by specially designed XML inputs.. TinyXML Security Update, Mageia 8, DoS Vulnerability, Software Patching, XML Parsing Error. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Nov 18, 2021 Critical Mageia
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here