Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 454
Alerts This Week
Warning Icon 1 454

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":0,"type":"x","order":2,"pct":0,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 9,991 articles for you...
100

SUSE Kernel RT Important Security Update Important 25 Flaws 2026-2857-1

An update that solves 25 vulnerabilities can now be installed.. # Security update for the Linux Kernel RT (Live Patch 8 for SUSE Linux Enterprise 15 SP7) Announcement ID: SUSE-SU-2026:2857-1 Release Date: 2026-07-11T04:04:28Z Rating: important References: * bsc#1256615 * bsc#1260524 * bsc#1262759 * bsc#1263094 * bsc#1263118 * bsc#1263177 * bsc#1263670 * bsc#1264094 * bsc#1264252 * bsc#1264253 * bsc#1264567 * bsc#1264849 * bsc#1265117 * bsc#1265127 * bsc#1265197 * bsc#1265945 * bsc#1266015 * bsc#1266265 * bsc#1267206 * bsc#1267698 * bsc#1267723 * bsc#1267893 * bsc#1268662 * bsc#1269023 * bsc#1269495 Cross-References: * CVE-2025-71089 * CVE-2026-23393 * CVE-2026-31505 * CVE-2026-31533 * CVE-2026-31570 * CVE-2026-31586 * CVE-2026-31685 * CVE-2026-31758 * CVE-2026-43025 * CVE-2026-43027 * CVE-2026-43037 * CVE-2026-43120 * CVE-2026-43190 * CVE-2026-43366 * CVE-2026-43437 * CVE-2026-43494 * CVE-2026-43501 * CVE-2026-45970 * CVE-2026-46120 * CVE-2026-46173 * CVE-2026-46227 * CVE-2026-46243 * CVE-2026-52909 * CVE-2026-52943 * CVE-2026-53362 CVSS scores: * CVE-2025-71089 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-71089 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71089 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71089 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-23393 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23393 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23393 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31505 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31505 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31505 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H *CVE-2026-31533 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31533 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31533 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31570 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:H/SI:N/SA:N * CVE-2026-31570 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31570 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31586 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31586 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31586 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31685 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-31685 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31685 ( NVD ): 9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H * CVE-2026-31758 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31758 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31758 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43025 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43025 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H * CVE-2026-43027 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43027 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43037 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43037 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43120 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N *CVE-2026-43120 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-43120 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43120 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43190 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-43190 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-43190 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-43366 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43366 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43366 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43437 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43437 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43494 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-43494 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43494 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43494 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43501 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-43501 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-43501 ( NVD ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43501 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45970 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-45970 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-45970 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46120 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-46120 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46173 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46173 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46227 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46227 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46227 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46227 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46243 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-46243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-46243 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-46243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-52909 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-52909 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2026-52909 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-52943 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-52943 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-52943 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-52943 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-53362 ( SUSE ): 9.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-53362 ( SUSE ): 8.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications15 SP7 An update that solves 25 vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.7.28 fixes various security issues The following security issues were fixed: * CVE-2025-71089: iommu: disable SVA when CONFIG_X86 is set (bsc#1256615). * CVE-2026-23393: bridge: cfm: Fix race condition in peer_mep deletion (bsc#1260524). * CVE-2026-31505: iavf: fix out-of-bounds writes in iavf_get_ethtool_stats() (bsc#1263094). * CVE-2026-31533: net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption (bsc#1262759). * CVE-2026-31570: can: gw: fix OOB heap access in cgw_csum_crc8_rel() (bsc#1263118). * CVE-2026-31586: mm: blk-cgroup: fix use-after-free in cgwb_release_workfn() (bsc#1263177). * CVE-2026-31685: netfilter: ip6t_eui64: reject invalid MAC header for all packets (bsc#1263670). * CVE-2026-31758: usb: usbtmc: Flush anchored URBs in usbtmc_release (bsc#1264094). * CVE-2026-43025: netfilter: ctnetlink: ignore explicit helper on new expectations (bsc#1264253). * CVE-2026-43027: netfilter: nf_conntrack_helper: pass helper to expect cleanup (bsc#1264252). * CVE-2026-43037: ip6_tunnel: clear skb2-> cb[] in ip4ip6_err() (bsc#1265197). * CVE-2026-43120: RDMA/irdma: Fix double free related to rereg_user_mr (bsc#1264567). * CVE-2026-43190: netfilter: xt_tcpmss: check remaining length before reading optlen (bsc#1264849). * CVE-2026-43366: io_uring/kbuf: check if target buffer list is still legacy on recycle (bsc#1265117). * CVE-2026-43437: ALSA: pcm: fix use-after-free on linked stream runtime in snd_pcm_drain() (bsc#1265127). * CVE-2026-43494: RDS zerocopy attack aka PinTheft (bsc#1265945). * CVE-2026-43501: ipv6: rpl: reserve mac_len headroom when recompressed SRH grows (bsc#1266015). * CVE-2026-45970: bonding: alb: fix UAF in rlb_arp_recv during bond up/down (bsc#1267206). * CVE-2026-46120: ip6_gre: Use cached t-> net in ip6erspan_changelink() (bsc#1267893). * CVE-2026-46173: exit: prevent preemption of oopsing TASK_DEAD task (bsc#1267723). * CVE-2026-46227: sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL (bsc#1267698). * CVE-2026-46243: smb: client: reject userspace cifs.spnego descriptions (CIFSwitch) (bsc#1266265). * CVE-2026-52909: ip6_vti: set netns_immutable on the fallback device (bsc#1268662). * CVE-2026-52943: net: skbuff: fix missing zerocopy reference in pskb_carve helpers (bsc#1269023). * CVE-2026-53362: ipv6: account for fraggap on the paged allocation path (bsc#1269495). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP7 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP7-2026-2857=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP7 (x86_64) * kernel-livepatch-6_4_0-150700_7_28-rt-9-150700.2.1 * kernel-livepatch-6_4_0-150700_7_28-rt-debuginfo-9-150700.2.1 * kernel-livepatch-SLE15-SP7-RT_Update_8-debugsource-9-150700.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-71089.html * https://www.suse.com/security/cve/CVE-2026-23393.html * https://www.suse.com/security/cve/CVE-2026-31505.html * https://www.suse.com/security/cve/CVE-2026-31533.html * https://www.suse.com/security/cve/CVE-2026-31570.html * https://www.suse.com/security/cve/CVE-2026-31586.html * https://www.suse.com/security/cve/CVE-2026-31685.html * https://www.suse.com/security/cve/CVE-2026-31758.html * https://www.suse.com/security/cve/CVE-2026-43025.html * https://www.suse.com/security/cve/CVE-2026-43027.html * https://www.suse.com/security/cve/CVE-2026-43037.html * https://www.suse.com/security/cve/CVE-2026-43120.html * https://www.suse.com/security/cve/CVE-2026-43190.html * https://www.suse.com/security/cve/CVE-2026-43366.html *https://www.suse.com/security/cve/CVE-2026-43437.html * https://www.suse.com/security/cve/CVE-2026-43494.html * https://www.suse.com/security/cve/CVE-2026-43501.html * https://www.suse.com/security/cve/CVE-2026-45970.html * https://www.suse.com/security/cve/CVE-2026-46120.html * https://www.suse.com/security/cve/CVE-2026-46173.html * https://www.suse.com/security/cve/CVE-2026-46227.html * https://www.suse.com/security/cve/CVE-2026-46243.html * https://www.suse.com/security/cve/CVE-2026-52909.html * https://www.suse.com/security/cve/CVE-2026-52943.html * https://www.suse.com/security/cve/CVE-2026-53362.html * https://bugzilla.suse.com/show_bug.cgi?id=1256615 * https://bugzilla.suse.com/show_bug.cgi?id=1260524 * https://bugzilla.suse.com/show_bug.cgi?id=1262759 * https://bugzilla.suse.com/show_bug.cgi?id=1263094 * https://bugzilla.suse.com/show_bug.cgi?id=1263118 * https://bugzilla.suse.com/show_bug.cgi?id=1263177 * https://bugzilla.suse.com/show_bug.cgi?id=1263670 * https://bugzilla.suse.com/show_bug.cgi?id=1264094 * https://bugzilla.suse.com/show_bug.cgi?id=1264252 * https://bugzilla.suse.com/show_bug.cgi?id=1264253 * https://bugzilla.suse.com/show_bug.cgi?id=1264567 * https://bugzilla.suse.com/show_bug.cgi?id=1264849 * https://bugzilla.suse.com/show_bug.cgi?id=1265117 * https://bugzilla.suse.com/show_bug.cgi?id=1265127 * https://bugzilla.suse.com/show_bug.cgi?id=1265197 * https://bugzilla.suse.com/show_bug.cgi?id=1265945 * https://bugzilla.suse.com/show_bug.cgi?id=1266015 * https://bugzilla.suse.com/show_bug.cgi?id=1266265 * https://bugzilla.suse.com/show_bug.cgi?id=1267206 * https://bugzilla.suse.com/show_bug.cgi?id=1267698 * https://bugzilla.suse.com/show_bug.cgi?id=1267723 * https://bugzilla.suse.com/show_bug.cgi?id=1267893 * https://bugzilla.suse.com/show_bug.cgi?id=1268662 * https://bugzilla.suse.com/show_bug.cgi?id=1269023 * https://bugzilla.suse.com/show_bug.cgi?id=1269495 . SUSE Linux Enterprise 15 SP7 has a critical update fixing25 vulnerabilities in kernel RT, enhancing system protection.. Linux Kernel RT, SUSE Linux Enterprise, security patch, system vulnerabilities. . LinuxSecurity.com Team

Calendar%202 Jul 13, 2026 SuSE
217

Oracle Linux 9 PostgreSQL Important Update Advisory ELSA-2026-26204

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-26204 http://linux.oracle.com/errata/ELSA-2026-26204.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable LinuxNetwork: x86_64: pgaudit-18.0-1.module+el9.8.0+90922+3defa420.x86_64.rpm pg_repack-1.5.3-1.module+el9.8.0+90922+3defa420.x86_64.rpm pgvector-0.8.1-1.module+el9.8.0+90922+3defa420.x86_64.rpm postgis-3.6.1-2.module+el9.8.0+90922+3defa420.x86_64.rpm postgis-client-3.6.1-2.module+el9.8.0+90922+3defa420.x86_64.rpm postgis-docs-3.6.1-2.module+el9.8.0+90922+3defa420.x86_64.rpm postgis-upgrade-3.6.1-2.module+el9.8.0+90922+3defa420.x86_64.rpm postgis-utils-3.6.1-2.module+el9.8.0+90922+3defa420.x86_64.rpm postgres-decoderbufs-3.3.1-1.Final.module+el9.8.0+90922+3defa420.x86_64.rpm postgresql-18.4-2.module+el9.8.0+90922+3defa420.x86_64.rpm postgresql-contrib-18.4-2.module+el9.8.0+90922+3defa420.x86_64.rpm postgresql-docs-18.4-2.module+el9.8.0+90922+3defa420.x86_64.rpm postgresql-plperl-18.4-2.module+el9.8.0+90922+3defa420.x86_64.rpm postgresql-plpython3-18.4-2.module+el9.8.0+90922+3defa420.x86_64.rpm postgresql-pltcl-18.4-2.module+el9.8.0+90922+3defa420.x86_64.rpm postgresql-private-devel-18.4-2.module+el9.8.0+90922+3defa420.x86_64.rpm postgresql-private-libs-18.4-2.module+el9.8.0+90922+3defa420.x86_64.rpm postgresql-server-18.4-2.module+el9.8.0+90922+3defa420.x86_64.rpm postgresql-server-devel-18.4-2.module+el9.8.0+90922+3defa420.x86_64.rpm postgresql-static-18.4-2.module+el9.8.0+90922+3defa420.x86_64.rpm postgresql-test-18.4-2.module+el9.8.0+90922+3defa420.x86_64.rpm postgresql-test-rpm-macros-18.4-2.module+el9.8.0+90922+3defa420.noarch.rpm postgresql-upgrade-18.4-2.module+el9.8.0+90922+3defa420.x86_64.rpm postgresql-upgrade-devel-18.4-2.module+el9.8.0+90922+3defa420.x86_64.rpm aarch64: pgaudit-18.0-1.module+el9.8.0+90922+3defa420.aarch64.rpm pg_repack-1.5.3-1.module+el9.8.0+90922+3defa420.aarch64.rpm pgvector-0.8.1-1.module+el9.8.0+90922+3defa420.aarch64.rpm postgis-3.6.1-2.module+el9.8.0+90922+3defa420.aarch64.rpm postgis-client-3.6.1-2.module+el9.8.0+90922+3defa420.aarch64.rpm postgis-docs-3.6.1-2.module+el9.8.0+90922+3defa420.aarch64.rpm postgis-upgrade-3.6.1-2.module+el9.8.0+90922+3defa420.aarch64.rpm postgis-utils-3.6.1-2.module+el9.8.0+90922+3defa420.aarch64.rpm postgres-decoderbufs-3.3.1-1.Final.module+el9.8.0+90922+3defa420.aarch64.rpm postgresql-18.4-2.module+el9.8.0+90922+3defa420.aarch64.rpm postgresql-contrib-18.4-2.module+el9.8.0+90922+3defa420.aarch64.rpm postgresql-docs-18.4-2.module+el9.8.0+90922+3defa420.aarch64.rpm postgresql-plperl-18.4-2.module+el9.8.0+90922+3defa420.aarch64.rpm postgresql-plpython3-18.4-2.module+el9.8.0+90922+3defa420.aarch64.rpm postgresql-pltcl-18.4-2.module+el9.8.0+90922+3defa420.aarch64.rpm postgresql-private-devel-18.4-2.module+el9.8.0+90922+3defa420.aarch64.rpm postgresql-private-libs-18.4-2.module+el9.8.0+90922+3defa420.aarch64.rpm postgresql-server-18.4-2.module+el9.8.0+90922+3defa420.aarch64.rpm postgresql-server-devel-18.4-2.module+el9.8.0+90922+3defa420.aarch64.rpm postgresql-static-18.4-2.module+el9.8.0+90922+3defa420.aarch64.rpm postgresql-test-18.4-2.module+el9.8.0+90922+3defa420.aarch64.rpm postgresql-test-rpm-macros-18.4-2.module+el9.8.0+90922+3defa420.noarch.rpm postgresql-upgrade-18.4-2.module+el9.8.0+90922+3defa420.aarch64.rpm postgresql-upgrade-devel-18.4-2.module+el9.8.0+90922+3defa420.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/pgaudit-18.0-1.module+el9.8.0+90922+3defa420.src.rpm http://oss.oracle.com/ol9/SRPMS-updates/pg_repack-1.5.3-1.module+el9.8.0+90922+3defa420.src.rpm http://oss.oracle.com/ol9/SRPMS-updates/pgvector-0.8.1-1.module+el9.8.0+90922+3defa420.src.rpm http://oss.oracle.com/ol9/SRPMS-updates/postgis-3.6.1-2.module+el9.8.0+90922+3defa420.src.rpm http://oss.oracle.com/ol9/SRPMS-updates/postgres-decoderbufs-3.3.1-1.Final.module+el9.8.0+90922+3defa420.src.rpm http://oss.oracle.com/ol9/SRPMS-updates/postgresql-18.4-2.module+el9.8.0+90922+3defa420.src.rpm Related CVEs: CVE-2026-6473 CVE-2026-6475 CVE-2026-6477 CVE-2026-6478 Description of changes: pgaudit [18.0-1] - Update to 18.0 - Initial import for postgresql18 pg_repack [1.5.3-1] - Update to 1.5.3 - Initial import for postgresql18 [1.5.1-1] - Update to v1.5.1 [1.4.8-2] - Add newbuild dependencies to fix build with lz4 enabled - Related: RHEL-47604 pgvector [0.8.1-1] - Update to 0.8.1 - Initial import for postgresql18 [0.6.2-2] - Enable Portable build - Resolves: RHEL-84405 [0.6.2-1] - Initial packaging postgis [3.6.1-1] - Update to 3.6.1 - Initial import for postgresql18 - Avoid perl(Pg) dependency on RHEL [3.5.3-3] - Rebuild (gdal) [3.5.3-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild [3.5.3-1] - Update to 3.5.3 [3.5.2-2] - Rebuild (SFCGAL) [3.5.2-1] - Update to 3.5.2 [3.5.1-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild [3.5.1-1] - Update to 3.5.1 [3.5.0-3] - Rebuild (GDAL) [3.5.0-2] - Rebuild (gdal) postgres-decoderbufs [3.3.1-1.Final] - Update to 3.3.1.Final - Initial import for postgresql18 postgresql [18.4-1] - Update to 18.4 - Fix CVE-2026-6478 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Explore the important security advisory for Oracle Linux 9 regarding PostgreSQL updates and associated vulnerabilities.. Oracle Linux, PostgreSQL Update, Security Advisory, Important Vulnerability, PostGIS. . LinuxSecurity.com Team

Calendar%202 Jul 13, 2026 Oracle
217

Oracle Linux ELSA-2026-36734 libxml2 Low Fix CVE-2025-6170

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-36734 http://linux.oracle.com/errata/ELSA-2026-36734.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: libxml2-2.9.7-21.el8_10.6.i686.rpm libxml2-2.9.7-21.el8_10.6.x86_64.rpm libxml2-devel-2.9.7-21.el8_10.6.i686.rpm libxml2-devel-2.9.7-21.el8_10.6.x86_64.rpm python3-libxml2-2.9.7-21.el8_10.6.x86_64.rpm aarch64: libxml2-2.9.7-21.el8_10.6.aarch64.rpm libxml2-devel-2.9.7-21.el8_10.6.aarch64.rpm python3-libxml2-2.9.7-21.el8_10.6.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/libxml2-2.9.7-21.el8_10.6.src.rpm Related CVEs: CVE-2025-6170 Description of changes: [2.9.7-21.6] - Fix CVE-2025-6170 (RHEL-182012) _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux advisory ELSA-2026-36734 details a low-severity issue with libxml2, addressing CVE-2025-6170.. Oracle Linux, libxml2, security fix, advisory, CVE-2025-6170. . LinuxSecurity.com Team

Calendar%202 Jul 13, 2026 Oracle
217

Oracle Linux 7 libexif Moderate Fix ELSA-2026-26567 with CVE-2026-40385

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-26567 http://linux.oracle.com/errata/ELSA-2026-26567.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: libexif-0.6.22-2.0.1.el7_9.i686.rpm libexif-0.6.22-2.0.1.el7_9.x86_64.rpm libexif-devel-0.6.22-2.0.1.el7_9.i686.rpm libexif-devel-0.6.22-2.0.1.el7_9.x86_64.rpm libexif-doc-0.6.22-2.0.1.el7_9.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/libexif-0.6.22-2.0.1.el7_9.src.rpm Related CVEs: CVE-2026-40385 CVE-2026-40386 Description of changes: [0.6.22-2.0.1] - Backport fix for CVE-2026-40386 [Orabug: 39574457] - Backport fix for CVE-2026-40385 [Orabug: 39574457] _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Updates for Oracle Linux 7 including fixes for libexif vulnerabilities CVE-2026-40385 and CVE-2026-40386 have been released.. Oracle Linux updates, libexif security fixes, moderate vulnerabilities. . LinuxSecurity.com Team

Calendar%202 Jul 13, 2026 Oracle
89

Fedora 43 ACL Critical Symlink Escalation Fix CVE-2026-54369 CVE-2026-54370

rebase to v2.4.0 to fix CVE-2026-54369 and CVE-2026-54370 Resolves: CVE-2026-54369 Resolves: CVE-2026-54370. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-67504c329b 2026-07-13 01:03:16.984286+00:00 -------------------------------------------------------------------------------- Name : acl Product : Fedora 43 Version : 2.4.0 Release : 1.fc43 URL : https://savannah.nongnu.org/projects/acl Summary : Access control list utilities Description : This package contains the getfacl and setfacl utilities needed for manipulating access control lists. -------------------------------------------------------------------------------- Update Information: rebase to v2.4.0 to fix CVE-2026-54369 and CVE-2026-54370 Resolves: CVE-2026-54369 Resolves: CVE-2026-54370 -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 9 2026 Lukáš Zaoral - 2.4.0-1 - rebase to v2.4.0 to fix the following CVEs: - CVE-2026-54369 - Symlink traversal privilege escalation via libacl functions - CVE-2026-54370 - TOCTOU Symlink Traversal via getfacl/setfacl -------------------------------------------------------------------------------- References: [ 1 ] Bug #2494173 - CVE-2026-54370 acl: TOCTOU Symlink Traversal via getfacl/setfacl [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2494173 [ 2 ] Bug #2494174 - CVE-2026-54369 acl: Symlink traversal privilege escalation via libacl functions [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2494174 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-67504c329b' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key.More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . This advisory reports critical updates for ACL on Fedora 43, addressing symlink traversal risks with CVE-2026-54369 and CVE-2026-54370.. Access Control List, Fedora security, Symlink Escalation, Critical updates. . LinuxSecurity.com Team

Calendar%202 Jul 12, 2026 Fedora
203

Mageia 10 Security Advisory 2026-0044 Bugfix Plugin Update

Security update. Publication date: 12 Jul 2026 URL: https://advisories.mageia.org/MGAA-2026-0044.html Type: bugfix Affected Mageia releases: 10 Description: These are ordinary updates to the last versions of these plugins that couldn't be submitted during Cauldron FREEZE. References: - https://bugs.mageia.org/show_bug.cgi?id=35822 SRPMS: - 10/core/opencpn-climatology-plugin-1.6.36.1-1.git20260510.mga10 - 10/core/opencpn-dashboardsk-plugin-0.3.5-1.mga10 - 10/core/opencpn-iacfleet-plugin-0.33.1-1.mga10 - 10/core/opencpn-meteovache-plugin-1.6.8-1.1.mga10 - 10/core/opencpn-polar-plugin-1.2.38.0-1.mga10 - 10/core/opencpn-radar-plugin-5.7.0-1.mga10 - 10/core/opencpn-sar-plugin-4.4.0-1.mga10 - 10/core/opencpn-watchdog-plugin-2.5.4.0-1.mga10 - 10/core/opencpn-weatherfax-plugin-1.10.18.0-1.mga10 . Stay updated with security fixes in Mageia's latest plugins and improve your system's stability and reliability.. Mageia Updates, Plugin Security, Bugfix Advisory, Mageia Security, System Stability. . LinuxSecurity.com Team

Calendar%202 Jul 11, 2026 Mageia
89

Fedora 44 python-idna Important Denial of Service Fix 2026-822c07add4

Update to the latest version to bring fixes for CVE-2026-45409 and CVE-2024-3651 into the stable releases.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-822c07add4 2026-07-12 01:10:38.798638+00:00 -------------------------------------------------------------------------------- Name : python-idna Product : Fedora 44 Version : 3.18 Release : 1.fc44 URL : https://github.com/kjd/idna Summary : Internationalized Domain Names in Applications (IDNA) Description : A library to support the Internationalised Domain Names in Applications (IDNA) protocol as specified in RFC 5891 . This version of the protocol is often referred to as "IDNA2008" and can produce different results from the earlier standard from 2003. The library is also intended to act as a suitable drop-in replacement for the "encodings.idna" module that comes with the Python standard library but currently only supports the older 2003 specification. -------------------------------------------------------------------------------- Update Information: Update to the latest version to bring fixes for CVE-2026-45409 and CVE-2024-3651 into the stable releases. -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 9 2026 Lumir Balhar - 3.18-1 - Update to 3.18 (rhbz#2483976) * Wed Jun 3 2026 Python Maint - 3.17-2 - Rebuilt for Python 3.15 * Sun May 31 2026 Lumir Balhar - 3.17-1 - Update to 3.17 (rhbz#2480667) * Wed May 13 2026 Lumir Balhar - 3.15-1 - Update to 3.15 (rhbz#2476912) * Mon May 11 2026 Lumir Balhar - 3.14-1 - Update to 3.14 (rhbz#2468686) * Thu Apr 23 2026 Lumir Balhar - 3.13-1 - Update to 3.13 (rhbz#2460821) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2498560 - CVE-2026-45409 python-idna: idna: Denial of Service via specially crafted long inputs [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2498560 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-822c07add4' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Install latest python-idna for critical fixes including DoS vulnerabilities, ensuring application stability and security.. python-idna security update, Fedora security advisory, DoS vulnerabilities, python-idna update, python-idna Denial of Service. . LinuxSecurity.com Team

Calendar%202 Jul 11, 2026 Fedora
89

Fedora 44 xorg-x11-server Important CVE Fixes 2026-28b7854014

Update to xserver 21.1.24, fixes for: CVE-2026-55999, CVE-2025-56000. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-28b7854014 2026-07-12 01:10:38.798625+00:00 -------------------------------------------------------------------------------- Name : xorg-x11-server Product : Fedora 44 Version : 21.1.24 Release : 1.fc44 URL : http://www.x.org Summary : X.Org X11 X server Description : X.Org X11 X server. -------------------------------------------------------------------------------- Update Information: Update to xserver 21.1.24, fixes for: CVE-2026-55999, CVE-2025-56000 -------------------------------------------------------------------------------- ChangeLog: * Wed Jul 8 2026 Peter Hutterer - 21.1.24-1 - Update to xserver 21.1.24 Security fixes for: CVE-2026-55999, CVE-2025-56000 * Sat Jun 13 2026 Yaakov Selkowitz - 21.1.23-2 - Rebuilt for openssl 4.0 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-28b7854014' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives:https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . xorg-x11-server security update fixes CVE-2026-55999 and CVE-2025-56000 for Fedora 44. Install promptly to ensure safety.. X11 Server Update, Fedora Security, CVE Fixes, xorg-x11-server 21.1.24, Fedora 44 Advisory. . LinuxSecurity.com Team

Calendar%202 Jul 11, 2026 Fedora
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":0,"type":"x","order":2,"pct":0,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200