Alerts This Week
Warning Icon 1 677
Alerts This Week
Warning Icon 1 677

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -5 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoraupdate

Fedora 43: cpp-httplib Critical DOS and HTTP Header Issues 2026-e50e41fcea

Update to 0.30.1 Denial of service (DOS) using zip bomb (CVE-2026-22776) CRLF injection in http headers (CVE-2026-21428) Untrusted HTTP Header Handling: X-Forwarded-For/X-Real-IP Trust (CVE-2025-66577) https://github.com/yhirose/cpp-httplib/releases/tag/v0.30.1. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-e50e41fcea 2026-01-22 01:06:41.044206+00:00 -------------------------------------------------------------------------------- Name : cpp-httplib Product : Fedora 43 Version : 0.30.1 Release : 5.fc43 URL : https://github.com/yhirose/cpp-httplib Summary : A C++11 single-file header-only cross platform HTTP/HTTPS library Description : A C++11 single-file header-only cross platform HTTP/HTTPS library. It's extremely easy to setup. Just include the httplib.h file in your code! -------------------------------------------------------------------------------- Update Information: Update to 0.30.1 Denial of service (DOS) using zip bomb (CVE-2026-22776) CRLF injection in http headers (CVE-2026-21428) Untrusted HTTP Header Handling: X-Forwarded-For/X-Real-IP Trust (CVE-2025-66577) https://github.com/yhirose/cpp-httplib/releases/tag/v0.30.1 -------------------------------------------------------------------------------- ChangeLog: * Tue Jan 13 2026 Petr Men\u0161k - 0.30.1-5 - Switch to GCC 15 test fix with active PR * Tue Jan 13 2026 Petr Men\u0161k - 0.30.1-4 - Drop 32 bit support like upstream did * Mon Jan 12 2026 Petr Men\u0161k - 0.30.1-3 - fixup! Fix tests in last release * Mon Jan 12 2026 Petr Men\u0161k - 0.30.1-2 - Fix tests in last release * Mon Jan 12 2026 Petr Men\u0161k - 0.30.1-1 - Update to 0.30.1 (rhbz#2406686) * Sat Aug 30 2025 Orion Poplawski - 0.26.0-1 - Update to 0.26.0 (CVE-2025-53629) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2338561 - cpp-httplib-0.26.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2338561 [ 2 ] Bug #2419549 - CVE-2025-66570 cpp-httplib: cpp-httplib Untrusted HTTP Header Handling [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2419549 [ 3 ] Bug #2419632 - CVE-2025-66577 cpp-httplib: cpp-httplib Untrusted HTTP Header Handling: X-Forwarded-For/X-Real-IP Trust [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2419632 [ 4 ] Bug #2426700 - CVE-2026-21428 cpp-httplib: cpp-httplib: Server-Side Request Forgery via header injection [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2426700 [ 5 ] Bug #2428894 - CVE-2026-22776 cpp-httplib: cpp-httplib: Denial of Service due to excessive memory usage from compressed HTTP request bodies [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2428894 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-e50e41fcea' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Critical update for cpp-httplib on Fedora 43 addressing multiple security issues such as denial of service and header injections.. cpp-httplib update,Fedora 43 security,denial of service,HTTP headers,C++ library fix. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jan 22, 2026 Critical Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorycriticalFedora

Fedora 28: FEDORA-2018-9b54497b6e Critical: HttpKernel Header Issues

## 2.8.44 (2018-08-01) * security #cve-2018-14774 [HttpKernel] fix trusted headers management in HttpCache and InlineFragmentRenderer (nicolas-grekas) * security #cve-2018-14773 [HttpFoundation] Remove support for legacy and risky HTTP headers (nicolas-grekas) * bug #28003 [HttpKernel] Fixes invalid REMOTE_ADDR in inline subrequest when configuring trusted proxy with subnet. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-9b54497b6e 2018-08-14 21:06:35.949517 --------------------------------------------------------------------------------Name : php-symfony Product : Fedora 28 Version : 2.8.44 Release : 1.fc28 URL : https://symfony.com/ Summary : PHP framework for web projects Description : PHP framework for web projects --------------------------------------------------------------------------------Update Information: ## 2.8.44 (2018-08-01) * security #cve-2018-14774 [HttpKernel] fix trusted headers management in HttpCache and InlineFragmentRenderer (nicolas-grekas) * security #cve-2018-14773 [HttpFoundation] Remove support for legacy and risky HTTP headers (nicolas-grekas) * bug #28003 [HttpKernel] Fixes invalid REMOTE_ADDR in inline subrequest when configuring trusted proxy with subnet (netiul) * bug #28045 [HttpFoundation] Fix Cookie::isCleared (ro0NL) * bug #28080 [HttpFoundation] fixed using _method parameter with invalid type (Phobetor) ## 2.8.43 (2018-07-23) * bug #28005 [HttpKernel] Fixed templateExists on parse error of the template name (yceruto) * bug #27997 Serbo-Croatian has Serbian plural rule (kylekatarnls) * bug #27941 [WebProfilerBundle] Fixed icon alignment issue using Bootstrap 4.1.2 (jmsche) * bug #27937 [HttpFoundation] reset callback on StreamedResponse when setNotModified() is called (rubencm) * bug #27927 [HttpFoundation] Suppress side effects in 'get' and 'has' methods of NamespacedAttributeBag (webnet-fr) * bug #27904 [Filesystem] fix lockfile permissions (fritzmg) * bug #27758 [WebProfilerBundle] Prevent toolbar links color override by css (alcalyn) * bug #27831 Check for Hyper terminal on all operating systems. (azjezz) * bug #27794 Add color support for Hyper terminal . (azjezz) * bug #27809 [HttpFoundation] Fix tests: new message for status 425 (dunglas) * bug #27716 [DI] fix dumping deprecated service in yaml (nicolas-grekas) --------------------------------------------------------------------------------ChangeLog: * Wed Aug 1 2018 Shawn Iwinski - 2.8.44-1 - Update to 2.8.44 (CVE-2018-14773 / CVE-2018-14774) * Fri Jul 13 2018 Fedora Release Engineering - 2.8.42-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Mon Jun 25 2018 Shawn Iwinski - 2.8.42-1 - Update to 2.8.42 * Mon May 28 2018 Remi Collet - 2.8.41-1 - update to 2.8.41 * Thu May 24 2018 Remi Collet - 2.8.40-1 - update to 2.8.40 * Fri May 4 2018 Remi Collet - 2.8.39-1 - update to 2.8.39 --------------------------------------------------------------------------------References: [ 1 ] Bug #1611906 - CVE-2018-14773 php-symfony: Legacy HTTP headers allow users to modify URLs and bypass restrictions https://bugzilla.redhat.com/show_bug.cgi?id=1611906 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-9b54497b6e' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./message/ZPFF4KO3R64TMPM7RYEJKJLYYJMW4KRB/ . Explore the recent php-symfony enhancements in Fedora 28 addressing crucial management of trusted headers and potential vulnerabilities related to HTTP headers.. php Symfony security updates,Fedora 28,Web application security. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Aug 14, 2018 Critical Fedora
Banner 1 1028x280 1708121660 1771599717
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorycriticalFedora

Fedora: FEDORA-2018-7f43cbdb69 Critical: PHP Symfony4 HTTP Header Issue

## 4.0.14 (2018-08-01) * security #cve-2018-14774 [HttpKernel] fix trusted headers management in HttpCache and InlineFragmentRenderer (nicolas-grekas) * security #cve-2018-14773 [HttpFoundation] Remove support for legacy and risky HTTP headers (nicolas-grekas) * bug #28003 [HttpKernel] Fixes invalid REMOTE_ADDR in inline subrequest when configuring trusted proxy with subnet. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-7f43cbdb69 2018-08-14 20:15:54.627605 --------------------------------------------------------------------------------Name : php-symfony4 Product : Fedora 27 Version : 4.0.14 Release : 1.fc27 URL : https://symfony.com/ Summary : Symfony PHP framework (version 4) Description : Symfony PHP framework (version 4). NOTE: Does not require PHPUnit bridge. --------------------------------------------------------------------------------Update Information: ## 4.0.14 (2018-08-01) * security #cve-2018-14774 [HttpKernel] fix trusted headers management in HttpCache and InlineFragmentRenderer (nicolas-grekas) * security #cve-2018-14773 [HttpFoundation] Remove support for legacy and risky HTTP headers (nicolas-grekas) * bug #28003 [HttpKernel] Fixes invalid REMOTE_ADDR in inline subrequest when configuring trusted proxy with subnet (netiul) * bug #28007 [FrameworkBundle] fixed guard event names for transitions (destillat) * bug #28045 [HttpFoundation] Fix Cookie::isCleared (ro0NL) * bug #28080 [HttpFoundation] fixed using _method parameter with invalid type (Phobetor) * bug #28052 [HttpKernel] Fix merging bindings for controllers' locators (nicolas-grekas) ## 4.0.13 (2018-07-23) * bug #28005 [HttpKernel] Fixed templateExists on parse error of the template name (yceruto) * bug #27997 Serbo-Croatian has Serbian plural rule (kylekatarnls) * bug #26193 Fix false-positive deprecation notices for TranslationLoader and WriteCheckSessionHandler (iquito) * bug #27941[WebProfilerBundle] Fixed icon alignment issue using Bootstrap 4.1.2 (jmsche) * bug #27937 [HttpFoundation] reset callback on StreamedResponse when setNotModified() is called (rubencm) * bug #27927 [HttpFoundation] Suppress side effects in 'get' and 'has' methods of NamespacedAttributeBag (webnet-fr) * bug #27923 [Form/Profiler] Massively reducing memory footprint of form profiling pages... (VincentChalnot) * bug #27918 [Console] correctly return parameter's default value on "--" (seschwar) * bug #27904 [Filesystem] fix lock file permissions (fritzmg) * bug #27903 [Lock] fix lock file permissions (fritzmg) * bug #27889 [Form] Replace .initialism with .text-uppercase. (vudaltsov) * bug #27902 Fix the detection of the Process new argument (stof) * bug #27885 [HttpFoundation] don't encode cookie name for BC (nicolas-grekas) * bug #27782 [DI] Fix dumping ignore-on-uninitialized references to synthetic services (nicolas-grekas) * bug #27435 [OptionResolver] resolve arrays (Doctrs) * bug #27728 [TwigBridge] Fix missing path and separators in loader paths list on debug:twig output (yceruto) * bug #27837 [PropertyInfo] Fix dock block lookup fallback loop (DerManoMann) * bug #27758 [WebProfilerBundle] Prevent toolbar links color override by css (alcalyn) * bug #27847 [Security] Fix accepting null as $uidKey in LdapUserProvider (louhde) * bug #27834 [DI] Don't show internal service id on binding errors (nicolas-grekas) * bug #27831 Check for Hyper terminal on all operating systems. (azjezz) * bug #27794 Add color support for Hyper terminal . (azjezz) * bug #27809 [HttpFoundation] Fix tests: new message for status 425 (dunglas) * bug #27618 [PropertyInfo] added handling of nullable types in PhpDoc (oxan) * bug #27659 [HttpKernel] Make AbstractTestSessionListener compatible with CookieClearingLogoutHandler (thewilkybarkid) * bug #27752 [Cache] provider does not respect option maxIdLength with versioning enabled (Constantine Shtompel) * bug #27776 [ProxyManagerBridge] Fixsupport of private services (bis) (nicolas-grekas) * bug #27714 [HttpFoundation] fix session tracking counter (nicolas-grekas, dmaicher) * bug #27747 [HttpFoundation] fix registration of session proxies (nicolas-grekas) * bug #27722 Redesign the Debug error page in prod (javiereguiluz) * bug #27716 [DI] fix dumping deprecated service in yaml (nicolas-grekas) ## 4.0.12 (2018-06-25) * bug #27626 [TwigBundle][DX] Only add the Twig WebLinkExtension if the WebLink component is enabled (thewilkybarkid) * bug #27701 [SecurityBundle] Dont throw if "security.http_utils" is not found (nicolas-grekas) * bug #27690 [DI] Resolve env placeholder in logs (ro0NL) * bug #26534 allow_extra_attributes does not throw an exception as documented (deviantintegral) * bug #27668 [Lock] use 'r+' for fopen (fixes issue on Solaris) (fritzmg) * bug #27669 [Filesystem] fix file lock on SunOS (fritzmg) * bug #27662 [HttpKernel] fix handling of nested Error instances (xabbuh) * bug #26845 [Config] Fixing GlobResource when inside phar archive (vworldat) * bug #27382 [Form] Fix error when rendering a DateIntervalType form with exactly 0 weeks (krixon) * bug #27309 Fix surrogate not using original request (Toflar) * bug #27467 [HttpKernel] fix session tracking in surrogate master requests (nicolas-grekas) * bug #27630 [Validator][Form] Remove BOM in some xlf files (gautierderuette) * bug #27596 [Framework][Workflow] Added support for interfaces (vudaltsov) * bug #27593 [ProxyManagerBridge] Fixed support of private services (nicolas-grekas) * bug #27591 [VarDumper] Fix dumping ArrayObject and ArrayIterator instances (nicolas-grekas) * bug #27581 Fix bad method call with guard authentication + session migration (weaverryan) * bug #27576 [Cache] Fix expiry comparisons in array-based pools (nicolas-grekas) * bug #27556 Avoiding session migration for stateless firewall UsernamePasswordJsonAuthenticationListener (weaverryan) * bug #27452 Avoid migration on stateless firewalls (weaverryan) * bug#27568 [DI] Deduplicate generated proxy classes (nicolas-grekas) * bug #27326 [Serializer] deserialize from xml: Fix a collection that contains the only one element (webnet-fr) * bug #27567 [PhpUnitBridge] Fix error on some Windows OS (Nsbx) * bug #27357 [Lock] Remove released semaphore (jderusse) * bug #27416 TagAwareAdapter over non-binary memcached connections corrupts memcache (Aleksey Prilipko) * bug #27514 [Debug] Pass previous exception to FatalErrorException (pmontoya) * bug #27516 Revert "bug #26138 [HttpKernel] Catch HttpExceptions when templating is not installed (cilefen)" (nicolas-grekas) * bug #27318 [Cache] memcache connect should not add duplicate entries on sequential calls (Aleksey Prilipko) * bug #27389 [Serializer] Fix serializer tries to denormalize null values on nullable properties (ogizanagi) * bug #27272 [FrameworkBundle] Change priority of AddConsoleCommandPass to TYPE_BEFORE_REMOVING (upyx) * bug #27396 [HttpKernel] fix registering IDE links (nicolas-grekas) * bug #26973 [HttpKernel] Set first trusted proxy as REMOTE_ADDR in InlineFragmentRenderer. (kmadejski) * bug #27303 [Process] Consider "executable" suffixes first on Windows (sanmai) * bug #27297 Triggering RememberMe's loginFail() when token cannot be created (weaverryan) * bug #27344 [HttpKernel] reset kernel start time on reboot (kiler129) * bug #27365 [Serializer] Check the value of enable_max_depth if defined (dunglas) * bug #27358 [PhpUnitBridge] silence some stderr outputs (ostrolucky) * bug #27366 [DI] never inline lazy services (nicolas-grekas) --------------------------------------------------------------------------------References: [ 1 ] Bug #1611906 - CVE-2018-14773 php-symfony: Legacy HTTP headers allow users to modify URLs and bypass restrictions https://bugzilla.redhat.com/show_bug.cgi?id=1611906 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade--advisory FEDORA-2018-7f43cbdb69' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./message/C6UOUQE6POHW24KKQSB372IGD7OLBN63/ . The recent Fedora update for php-symfony4 addresses significant security vulnerabilities and enhances the handling of HTTP headers to bolster protection.. Fedora Security Update, HTTP Header Management, Security Patches, php-symfony4 Fixes. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Aug 14, 2018 Critical Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedoramoderate severity

Fedora 27: FEDORA-2018-4deae442f2 Moderate: Php-Symfony HTTP Issues

## 2.8.44 (2018-08-01) * security #cve-2018-14774 [HttpKernel] fix trusted headers management in HttpCache and InlineFragmentRenderer (nicolas-grekas) * security #cve-2018-14773 [HttpFoundation] Remove support for legacy and risky HTTP headers (nicolas-grekas) * bug #28003 [HttpKernel] Fixes invalid REMOTE_ADDR in inline subrequest when configuring trusted proxy with subnet. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-4deae442f2 2018-08-14 20:15:54.627492 --------------------------------------------------------------------------------Name : php-symfony Product : Fedora 27 Version : 2.8.44 Release : 1.fc27 URL : https://symfony.com/ Summary : PHP framework for web projects Description : PHP framework for web projects --------------------------------------------------------------------------------Update Information: ## 2.8.44 (2018-08-01) * security #cve-2018-14774 [HttpKernel] fix trusted headers management in HttpCache and InlineFragmentRenderer (nicolas-grekas) * security #cve-2018-14773 [HttpFoundation] Remove support for legacy and risky HTTP headers (nicolas-grekas) * bug #28003 [HttpKernel] Fixes invalid REMOTE_ADDR in inline subrequest when configuring trusted proxy with subnet (netiul) * bug #28045 [HttpFoundation] Fix Cookie::isCleared (ro0NL) * bug #28080 [HttpFoundation] fixed using _method parameter with invalid type (Phobetor) ## 2.8.43 (2018-07-23) * bug #28005 [HttpKernel] Fixed templateExists on parse error of the template name (yceruto) * bug #27997 Serbo-Croatian has Serbian plural rule (kylekatarnls) * bug #27941 [WebProfilerBundle] Fixed icon alignment issue using Bootstrap 4.1.2 (jmsche) * bug #27937 [HttpFoundation] reset callback on StreamedResponse when setNotModified() is called (rubencm) * bug #27927 [HttpFoundation] Suppress side effects in 'get' and 'has' methods of NamespacedAttributeBag (webnet-fr) * bug #27904 [Filesystem] fix lockfile permissions (fritzmg) * bug #27758 [WebProfilerBundle] Prevent toolbar links color override by css (alcalyn) * bug #27831 Check for Hyper terminal on all operating systems. (azjezz) * bug #27794 Add color support for Hyper terminal . (azjezz) * bug #27809 [HttpFoundation] Fix tests: new message for status 425 (dunglas) * bug #27716 [DI] fix dumping deprecated service in yaml (nicolas-grekas) --------------------------------------------------------------------------------ChangeLog: * Wed Aug 1 2018 Shawn Iwinski - 2.8.44-1 - Update to 2.8.44 (CVE-2018-14773 / CVE-2018-14774) * Fri Jul 13 2018 Fedora Release Engineering - 2.8.42-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Mon Jun 25 2018 Shawn Iwinski - 2.8.42-1 - Update to 2.8.42 * Mon May 28 2018 Remi Collet - 2.8.41-1 - update to 2.8.41 * Thu May 24 2018 Remi Collet - 2.8.40-1 - update to 2.8.40 * Fri May 4 2018 Remi Collet - 2.8.39-1 - update to 2.8.39 * Tue Apr 10 2018 Remi Collet - 2.8.38-1 - update to 2.8.38 * Tue Apr 3 2018 Remi Collet - 2.8.37-1 - update to 2.8.37 * Tue Mar 6 2018 Remi Collet - 2.8.36-1 - update to 2.8.36 * Fri Mar 2 2018 Remi Collet - 2.8.35-1 - Update to 2.8.35 * Fri Feb 9 2018 Fedora Release Engineering - 2.8.34-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Mon Jan 29 2018 Remi Collet - 2.8.34-1 - Update to 2.8.34 * Mon Jan 8 2018 Remi Collet - 2.8.33-1 - Update to 2.8.33 - don't run Debug test suite which hangs * Tue Dec 5 2017 Remi Collet - 2.8.32-1 - Update to 2.8.32 * Fri Nov 17 2017 Remi Collet - 2.8.31-1 - Update to 2.8.31 * Tue Nov 14 2017 Remi Collet - 2.8.30-1 - Update to 2.8.30 * Sat Nov 11 2017 Remi Collet - 2.8.29-1 - Update to 2.8.29 --------------------------------------------------------------------------------References: [ 1 ] Bug #1611906 - CVE-2018-14773 php-symfony: Legacy HTTP headers allow users to modify URLs and bypass restrictions https://bugzilla.redhat.com/show_bug.cgi?id=1611906 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-4deae442f2' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./message/EUC2RDMQGNBPXK3GCUZUKLHKSBBOVRD3/ . Fedora 28 php-laravel enhancements tackle critical vulnerabilities and boost web performance. Ensure safety with the updated patches.. php Symfony Security Update, Fedora Security Fixes, Trusted Headers Management. . LinuxSecurity.com Team

Calendar 2 Aug 14, 2018 Fedora
Banner 1 1028x280 1708121660 1771599717
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here