Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -4 articles for you...
89
security advisoryfedoraupdate recommendationsFedora 43: imhex Security Advisory for lunasvg CVE Updates 2025-58c0baba42
Unbundle plutovg from lunasvg, this avoids shipping a duplicate library with conflicting files. Update lunasvg to consume the plutovg version already available in the repositories and to fix various CVEs. Rebuild imhex for the updated lunasvg.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-58c0baba42 2025-12-10 01:33:03.601991+00:00 -------------------------------------------------------------------------------- Name : imhex Product : Fedora 43 Version : 1.37.4 Release : 3.fc43 URL : https://imhex.werwolv.net/ Summary : A hex editor for reverse engineers and programmers Description : ImHex is a Hex Editor, a tool to display, decode and analyze binary data to reverse engineer their format, extract informations or patch values in them. What makes ImHex special is that it has many advanced features that can often only be found in paid applications. Such features are a completely custom binary template and pattern language to decode and highlight structures in the data, a graphical node-based data processor to pre-process values before they're displayed, a disassembler, diffing support, bookmarks and much much more. At the same time ImHex is completely free and open source under the GPLv2 language. -------------------------------------------------------------------------------- Update Information: Unbundle plutovg from lunasvg, this avoids shipping a duplicate library with conflicting files. Update lunasvg to consume the plutovg version already available in the repositories and to fix various CVEs. Rebuild imhex for the updated lunasvg. -------------------------------------------------------------------------------- ChangeLog: * Mon Dec 1 2025 Simone Caronni - 1.37.4-3 - Rebuild for updated build requirements. -------------------------------------------------------------------------------- References: [ 1 ] Bug #2295891 - lunasvg-3.5.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2295891 [ 2 ] Bug #2341675 - CVE-2024-57719 CVE-2024-57720 CVE-2024-57721 CVE-2024-57722 CVE-2024-57723 CVE-2024-57724 lunasvg: various flaws [epel-9] https://bugzilla.redhat.com/show_bug.cgi?id=2341675 [ 3 ] Bug #2343567 - CVE-2024-55456 lunasvg: From CVEorg collector [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2343567 [ 4 ] Bug #2400407 - file conflict between plutovg-devel and lunasvg-devel https://bugzilla.redhat.com/show_bug.cgi?id=2400407 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-58c0baba42' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Dec 10, 2025
•Important
Fedora
172
security advisorydenial of serviceupdate recommendationsUbuntu 22.10 Moderate: X.Org X Server Denial of Service Threat
Several security issues were fixed in X.Org X Server.. =========================================================================Ubuntu Security Notice USN-5740-1 November 23, 2022 xorg-server, xorg-server-hwe-16.04, xorg-server-hwe-18.04, xwayland vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.10 - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 ESM - Ubuntu 14.04 ESM Summary: Several security issues were fixed in X.Org X Server. Software Description: - xorg-server: X.Org X11 server - xwayland: X server for running X clients under Wayland - xorg-server-hwe-18.04: X.Org X11 server - xorg-server-hwe-16.04: X.Org X11 server Details: It was discovered that X.Org X Server incorrectly handled certain inputs. An attacker could use these issues to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.10: xserver-xorg-core 2:21.1.4-2ubuntu1.1 xwayland 2:22.1.3-2ubuntu0.1 Ubuntu 22.04 LTS: xserver-xorg-core 2:21.1.3-2ubuntu2.3 xwayland 2:22.1.1-1ubuntu0.3 Ubuntu 20.04 LTS: xserver-xorg-core 2:1.20.13-1ubuntu1~20.04.4 xwayland 2:1.20.13-1ubuntu1~20.04.4 Ubuntu 18.04 LTS: xserver-xorg-core 2:1.19.6-1ubuntu4.12 xserver-xorg-core-hwe-18.04 2:1.20.8-2ubuntu2.2~18.04.8 xwayland 2:1.19.6-1ubuntu4.12 Ubuntu 16.04 ESM: xserver-xorg-core 2:1.18.4-0ubuntu0.12+esm4 xserver-xorg-core-hwe-16.04 2:1.19.6-1ubuntu4.1~16.04.6+esm3 xwayland 2:1.18.4-0ubuntu0.12+esm4 Ubuntu 14.04 ESM: xserver-xorg-core 2:1.15.1-0ubuntu2.11+esm6 After a standard system update you need to reboot your computer to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5740-1 CVE-2022-3550, CVE-2022-3551 Package Information: https://launchpad.net/ubuntu/+source/xorg-server/2:21.1.4-2ubuntu1.1 https://launchpad.net/ubuntu/+source/xwayland/2:22.1.3-2ubuntu0.1 https://launchpad.net/ubuntu/+source/xorg-server/2:21.1.3-2ubuntu2.3 https://launchpad.net/ubuntu/+source/xwayland/2:22.1.1-1ubuntu0.3 https://launchpad.net/ubuntu/+source/xorg-server/2:1.20.13-1ubuntu1~20.04.4 https://launchpad.net/ubuntu/+source/xorg-server/2:1.19.6-1ubuntu4.12 https://launchpad.net/ubuntu/+source/xorg-server-hwe-18.04/2:1.20.8-2ubuntu2.2~18.04.8 . Several vulnerabilities in the X.Org X Server have been resolved, leading to update advisories for impacted Ubuntu releases.. X.Org X Server Security, Ubuntu Patch, Denial of Service, Code Execution. . Severity: Important. LinuxSecurity.com Team
Nov 23, 2022
•Important
Ubuntu
91
security advisorygentoocode executionGentoo: GLSA-202003-06 Moderate: Ruby Remote Code Execution Risk
Multiple vulnerabilities have been found in Ruby, the worst of which could lead to the remote execution of arbitrary code.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202003-06 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Ruby: Multiple vulnerabilities Date: March 13, 2020 Bugs: #696004 ID: 202003-06 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been found in Ruby, the worst of which could lead to the remote execution of arbitrary code. Background ========= Ruby is an interpreted object-oriented programming language. The elaborate standard library includes an HTTP server ("WEBRick") and a class for XML parsing ("REXML"). Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-lang/ruby < 2.4.9:2.4 > = 2.4.9:2.4 < 2.5.7:2.5 > = 2.5.7:2.5 Description ========== Multiple vulnerabilities have been discovered in Ruby. Please review the CVE identifiers referenced below for details. Impact ===== A remote attacker could execute arbitrary code, have unauthorized access by bypassing intended path matching or cause a Denial of Service condition. Workaround ========= There is no known workaround at this time. Resolution ========= All Ruby 2.4.x users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =dev-lang/ruby-2.4.9:2.4" All Ruby 2.5.x users should upgrade to the latest version: # emerge --sync # emerge --ask--oneshot --verbose "> =dev-lang/ruby-2.5.7:2.5" References ========= [ 1 ] CVE-2019-15845 https://nvd.nist.gov/vuln/detail/CVE-2019-15845 [ 2 ] CVE-2019-16201 https://nvd.nist.gov/vuln/detail/CVE-2019-16201 [ 3 ] CVE-2019-16254 https://nvd.nist.gov/vuln/detail/CVE-2019-16254 [ 4 ] CVE-2019-16255 https://nvd.nist.gov/vuln/detail/CVE-2019-16255 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202003-06 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to
Mar 12, 2020
Gentoo
87
security advisorycritical fixupdate recommendationsDebian: DSA-2695-1 Critical: Chromium Browser Remote Issues
Several vulnerabilities have been discovered in the chromium web browser. Multiple use-after-free, out-of-bounds read, memory safety, and cross-site scripting issues were discovered and corrected. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2695-1
May 29, 2013
•Critical
Debian
87
security advisorybuffer overflowdebianDebian: DSA 1083-1 Critical: Buffer Overflow In Motor Package
Updated package.. - --------------------------------------------------------------------------Debian Security Advisory DSA 1083-1
May 31, 2006
•Critical
Debian
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!