Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 2 articles for you...
89
security advisoryFedoraupdate informationFedora 39: Security Advisory for krb5 Updates and Memory Leak Resolution
This update fixes multiple CVEs and rebases to the latest upstream version: * Tue Jul 09 2024 Julien Rische - 1.21.3-1 - New upstream version (1.21.3) - CVE-2024-26458: Memory leak in src/lib/rpc/pmap_rmt.c Resolves: rhbz#2266732. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-df2c70dba9 2024-07-17 01:17:43.892553 -------------------------------------------------------------------------------- Name : krb5 Product : Fedora 39 Version : 1.21.3 Release : 1.fc39 URL : https://web.mit.edu/kerberos/www/ Summary : The Kerberos network authentication system Description : Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of sending passwords over the network in unencrypted form. -------------------------------------------------------------------------------- Update Information: This update fixes multiple CVEs and rebases to the latest upstream version: * Tue Jul 09 2024 Julien Rische - 1.21.3-1 - New upstream version (1.21.3) - CVE-2024-26458: Memory leak in src/lib/rpc/pmap_rmt.c Resolves: rhbz#2266732 - CVE-2024-26461: Memory leak in src/lib/gssapi/krb5/k5sealv3.c Resolves: rhbz#2266741 - CVE-2024-26462: Memory leak in src/kdc/ndr.c Resolves: rhbz#2266743 - Add missing SPDX license identifiers Resolves: rhbz#2265333 * Mon Jul 08 2024 Julien Rische - 1.21.2-6 - CVE-2024-37370 CVE-2024-37371: GSS message token handling Resolves: rhbz#2294678 rhbz#2294680 - Fix double free in klist's show_ccache() Resolves: rhbz#2257301 - Do not include files with "~" termination in krb5-tests -------------------------------------------------------------------------------- ChangeLog: * Tue Jul 9 2024 Julien Rische - 1.21.3-1 - New upstream version (1.21.3) - CVE-2024-26458: Memory leak in src/lib/rpc/pmap_rmt.c Resolves: rhbz#2266732 - CVE-2024-26461: Memory leak insrc/lib/gssapi/krb5/k5sealv3.c Resolves: rhbz#2266741 - CVE-2024-26462: Memory leak in src/kdc/ndr.c Resolves: rhbz#2266743 - Add missing SPDX license identifiers Resolves: rhbz#2265333 * Mon Jul 8 2024 Julien Rische - 1.21.2-4 - CVE-2024-37370 CVE-2024-37371: GSS message token handling Resolves: rhbz#2294678 rhbz#2294680 - Fix double free in klist's show_ccache() Resolves: rhbz#2257301 - Do not include files with "~" termination in krb5-tests -------------------------------------------------------------------------------- References: [ 1 ] Bug #2257301 - Fix double free in klist's show_ccache() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2257301 [ 2 ] Bug #2265333 - Exhaustive SPDX license expression in specfile https://bugzilla.redhat.com/show_bug.cgi?id=2265333 [ 3 ] Bug #2266732 - TRIAGE CVE-2024-26458 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2266732 [ 4 ] Bug #2266741 - TRIAGE CVE-2024-26461 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2266741 [ 5 ] Bug #2266743 - TRIAGE CVE-2024-26462 krb5: Memory leak at /krb5/src/kdc/ndr.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2266743 [ 6 ] Bug #2294678 - CVE-2024-37370 krb5: GSS message token handling [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2294678 [ 7 ] Bug #2294680 - CVE-2024-37371 krb5: GSS message token handling [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2294680 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-df2c70dba9' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with theFedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Jul 17, 2024
•Important
Fedora
89
security advisoryfedorasoftware updateFedora 34 Firefox 2022-52cf882b08: Critical Browser Update
- Updated to latest upstream (97.0). --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-52cf882b08 2022-02-15 01:16:36.629225 --------------------------------------------------------------------------------Name : firefox Product : Fedora 34 Version : 97.0 Release : 1.fc34 URL : https://www.firefox.com/en-US/?redirect_source=mozilla-org Summary : Mozilla Firefox Web browser Description : Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. --------------------------------------------------------------------------------Update Information: - Updated to latest upstream (97.0) --------------------------------------------------------------------------------ChangeLog: * Tue Feb 8 2022 Martin Stransky - 97.0-1 - Updated to 97.0 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-52cf882b08' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Feb 14, 2022
•Critical
Fedora
172
security advisorycritical issueupdate instructionsUbuntu 20.04 LTS USN-5032-1: Critical Docker Security Fix
This update provides a new upstream version.. =========================================================================Ubuntu Security Notice USN-5032-1 August 05, 2021 docker.io vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS Summary: This update provides a new upstream version. Software Description: - docker.io: Linux container runtime Details: Several vulnerabilities were fixed in Docker. This update provides a new upstream version that fixed them. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: docker.io 20.10.7-0ubuntu1~20.04.1 Ubuntu 18.04 LTS: docker.io 20.10.7-0ubuntu1~18.04.1 After a standard system update you need to restart Docker to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5032-1 https://bugs.launchpad.net/ubuntu/+source/docker.io/+bug/1938908 Package Information: https://launchpad.net/ubuntu/+source/docker.io/20.10.7-0ubuntu1~20.04.1 https://launchpad.net/ubuntu/+source/docker.io/20.10.7-0ubuntu1~18.04.1 . Ubuntu's USN-5032-2 tackles security issues in Docker, necessitating updates for impacted versions.. Docker Updates, Ubuntu Security, Container Runtime, Critical Security Fixes. . Severity: Critical. LinuxSecurity.com Team
Aug 05, 2021
•Critical
Ubuntu
89
security advisorymoderatefedoraFedora 34: 2021-58a467b209 Important: Firefox Security Patch
Update to latest upstream version.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-43e458d707 2021-01-28 01:42:36.158072 --------------------------------------------------------------------------------Name : thunderbird Product : Fedora 33 Version : 78.6.1 Release : 1.fc33 URL : https://wiki.mozilla.org/Thunderbird:Home_Page Summary : Mozilla Thunderbird mail/newsgroup client Description : Mozilla Thunderbird is a standalone mail and newsgroup client. --------------------------------------------------------------------------------Update Information: Update to latest upstream version. --------------------------------------------------------------------------------ChangeLog: * Thu Jan 14 2021 Jan Horak - 78.6.1-1 - Update to 78.6.1 build1 --------------------------------------------------------------------------------References: [ 1 ] Bug #1914997 - thunderbird-78.6.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1914997 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-43e458d707' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Jan 27, 2021
•Important
Fedora
89
security advisoryfedoraupdateFedora 33: FEDORA-2020-25247f0fe7 Moderate: Thunderbird Update
Update to latest upstream version.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-25247f0fe7 2020-11-02 01:10:35.849418 --------------------------------------------------------------------------------Name : thunderbird Product : Fedora 33 Version : 78.4.0 Release : 1.fc33 URL : https://wiki.mozilla.org/Thunderbird:Home_Page Summary : Mozilla Thunderbird mail/newsgroup client Description : Mozilla Thunderbird is a standalone mail and newsgroup client. --------------------------------------------------------------------------------Update Information: Update to latest upstream version. --------------------------------------------------------------------------------ChangeLog: * Thu Oct 22 2020 Jan Horak - 78.4.0-1 - Update to 78.4.0 build1 * Wed Oct 7 2020 Jan Horak - 78.3.1-2 - Reenable s390x --------------------------------------------------------------------------------References: [ 1 ] Bug #1885769 - thunderbird-78.4.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1885769 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-25247f0fe7' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Nov 01, 2020
Fedora
89
security advisorysoftware updateFedoraFedora 31: FEDORA-2020-07c5770aa1 Critical: Thunderbird Major Update
Rebase to latest upstream version.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-07c5770aa1 2020-10-20 19:02:39.491550 --------------------------------------------------------------------------------Name : thunderbird Product : Fedora 31 Version : 78.3.1 Release : 1.fc31 URL : https://wiki.mozilla.org/Thunderbird:Home_Page Summary : Mozilla Thunderbird mail/newsgroup client Description : Mozilla Thunderbird is a standalone mail and newsgroup client. --------------------------------------------------------------------------------Update Information: Rebase to latest upstream version. --------------------------------------------------------------------------------ChangeLog: * Wed Sep 30 2020 Jan Horak - 78.3.1-1 - Update to 78.3.1 build1 * Tue Sep 8 2020 Jan Horak - 68.12.0-1 - Update to 68.12.0 build1 --------------------------------------------------------------------------------References: [ 1 ] Bug #1852658 - thunderbird-78.3.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1852658 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-07c5770aa1' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Oct 20, 2020
•Critical
Fedora
89
security advisorysoftware updateFedoraFedora 32: FEDORA-2020-a4157703ce Update for ThunderBird Mail Client
Update to latest upstream stable version.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-a4157703ce 2020-08-15 01:13:05.545622 --------------------------------------------------------------------------------Name : thunderbird Product : Fedora 32 Version : 68.11.0 Release : 1.fc32 URL : https://wiki.mozilla.org/Thunderbird:Home_Page Summary : Mozilla Thunderbird mail/newsgroup client Description : Mozilla Thunderbird is a standalone mail and newsgroup client. --------------------------------------------------------------------------------Update Information: Update to latest upstream stable version. --------------------------------------------------------------------------------ChangeLog: * Thu Aug 6 2020 Jan Horak - 68.11.0-1 - Update to 68.11.0 build1 * Sat Aug 1 2020 Fedora Release Engineering - 68.10.0-3 - Second attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Wed Jul 29 2020 Fedora Release Engineering - 68.10.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild --------------------------------------------------------------------------------References: [ 1 ] Bug #1866677 - please ship thunderbird-68.11 https://bugzilla.redhat.com/show_bug.cgi?id=1866677 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-a4157703ce' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailinglist --
Aug 14, 2020
•Critical
Fedora
89
security advisoryupdateFedoraFedora 31: FEDORA-2019-bd19067cb4 Moderate: nbdkit Denial of Service
New upstream version 1.14.2. Fixes second Denial of Service attack: . --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-bd19067cb4 2019-09-29 00:00:30.332772 --------------------------------------------------------------------------------Name : nbdkit Product : Fedora 31 Version : 1.14.2 Release : 1.fc31 URL : https://github.com/libguestfs/nbdkit Summary : NBD server Description : NBD is a protocol for accessing block devices (hard disks and disk-like things) over the network. nbdkit is a toolkit for creating NBD servers. The key features are: * Multithreaded NBD server written in C with good performance. * Minimal dependencies for the basic server. * Liberal license (BSD) allows nbdkit to be linked to proprietary libraries or included in proprietary code. * Well-documented, simple plugin API with a stable ABI guarantee. Lets you to export "unconventional" block devices easily. * You can write plugins in C or many other languages. * Filters can be stacked in front of plugins to transform the output. In Fedora, 'nbdkit' is a meta-package which pulls in the core server and a useful subset of plugins and filters. If you want just the server, install 'nbdkit-server'. To develop plugins, install the 'nbdkit-devel' package and start by reading the nbdkit(1) and nbdkit-plugin(3) manual pages. --------------------------------------------------------------------------------Update Information: New upstream version 1.14.2. Fixes second Denial of Service attack: --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-bd19067cb4' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. Moredetails on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Sep 28, 2019
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!