Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -5 articles for you...
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorymoderatecode execution

Ubuntu 22.04 LTS USN-5947-1 Moderate: Twig Code Execution Issues

Several security issues were fixed in Twig.. =========================================================================Ubuntu Security Notice USN-5947-1 March 13, 2023 php-twig, twig vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 ESM Summary: Several security issues were fixed in Twig. Software Description: - php-twig: Flexible, fast, and secure template engine for PHP - twig: Flexible, fast, and secure template engine for PHP Details: Fabien Potencier discovered that Twig was not properly enforcing sandbox policies when dealing with objects automatically cast to strings by PHP. An attacker could possibly use this issue to expose sensitive information. This issue was only fixed in Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. (CVE-2019-9942) Marlon Starkloff discovered that Twig was not properly enforcing closure constraints in some of its array filtering functions. An attacker could possibly use this issue to execute arbitrary code. This issue was only fixed in Ubuntu 20.04 ESM. (CVE-2022-23614) Dariusz Tytko discovered that Twig was not properly verifying input data utilized when defining pathnames used to access files in a system. An attacker could possibly use this issue to access unauthorized resources and expose sensitive information. (CVE-2022-39261) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS: php-twig 3.3.8-2ubuntu4+esm1 Ubuntu 20.04 LTS: php-twig 2.12.5-1ubuntu0.1~esm1 Ubuntu 18.04 LTS: php-twig 2.4.6-1ubuntu0.1~esm1 Ubuntu 16.04 ESM: php-twig 1.23.1-1ubuntu4+esm1 In general, astandard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5947-1 CVE-2019-9942, CVE-2022-23614, CVE-2022-39261 Package Information: . April 2023 Ubuntu Security Report USN-5950-1 highlights critical issues with Django affecting server-side applications, posing major security threats.. Twig Vulnerabilities, PHP-Twig Update, User Data Protection. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Mar 13, 2023 Important Ubuntu
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydebianphp issue

Debian 10 Buster DLA-3147-1 Moderate: Twig Arbitrary File Read Risk

It was discovered that there was a potential arbitrary file read vulnerability in twig, a PHP templating library. It was caused by insufficient validation of template names in 'source' and 'include' statements. . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3147-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Chris Lamb October 11, 2022 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : twig Version : 2.6.2-2+deb10u1 CVE ID : CVE-2022-39261 Debian Bug : #1020991 It was discovered that there was a potential arbitrary file read vulnerability in twig, a PHP templating library. It was caused by insufficient validation of template names in 'source' and 'include' statements. For Debian 10 buster, this problem has been fixed in version 2.6.2-2+deb10u1. We recommend that you upgrade your twig packages. For the detailed security status of twig please refer to its security tracker page at: Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Enhance twig framework to mitigate potential file exposure vulnerability highlighted in Debian LTS Advisory DLA-3147-1.. Debian Twig Update, PHP Security Risk, Arbitrary File Read, LTS Advisory. . LinuxSecurity.com Team

Calendar 2 Oct 11, 2022 Debian LTS
Banner 2 1028x280 1708121730 1 1771599631
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorycriticalDebian

Debian: DSA-4419-1 Critical: Twig Information Disclosure

Fabien Potencier discovered that twig, a template engine for PHP, did not correctly enforce sandboxing. This could result in potential information disclosure. . - ------------------------------------------------------------------------- Debian Security Advisory DSA-4419-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Sebastien Delafond March 29, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : twig CVE ID : CVE-2019-9942 Fabien Potencier discovered that twig, a template engine for PHP, did not correctly enforce sandboxing. This could result in potential information disclosure. For the stable distribution (stretch), this problem has been fixed in version 1.24.0-2+deb9u1. We recommend that you upgrade your twig packages. For the detailed security status of twig please refer to its security tracker page at: Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . A recent security patch for Twig tackles information leakage vulnerabilities as highlighted in Debian DSA-4419-1. Users are advised to upgrade for improved protection.. Twig Security Update, Information Disclosure, Debian DSA-4419-1, PHP Template Engine. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 29, 2019 Critical Debian
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorycriticalremote code execution

Debian: DSA-3343-1 Critical Twig Remote Code Execution Advisory

James Kettle, Alain Tiemblo, Christophe Coevoet and Fabien Potencier discovered that twig, a templating engine for PHP, did not correctly process its input. End users allowed to submit twig templates could use specially crafted code to trigger remote code execution, even in . - ------------------------------------------------------------------------- Debian Security Advisory DSA-3343-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Sebastien Delafond August 26, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : twig James Kettle, Alain Tiemblo, Christophe Coevoet and Fabien Potencier discovered that twig, a templating engine for PHP, did not correctly process its input. End users allowed to submit twig templates could use specially crafted code to trigger remote code execution, even in sandboxed templates. For the stable distribution (jessie), this problem has been fixed in version 1.16.2-1+deb8u1. For the testing (stretch) and unstable (sid) distributions, this problem has been fixed in version 1.20.0-1. We recommend that you upgrade your twig packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Enhance twig components to mitigate threats of remote code execution in PHP scripts as outlined in the Debian Security Notice DSA-3343-1.. Twig Security Update, Remote Code Execution, Debian Advisories. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Aug 26, 2015 Critical Debian
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here