Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 3 articles for you...
89
security advisoryfedoracriticalFedora 42 mysql8.0 Critical Update DoS Issues FEDORA-2026-b78d5204fe
MySQL 8.0.46 Release notes: https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-46.html Known issue: s390x-specific issue - zlib with DFLTCC compressed pages with low KEY_BLOCK_SIZE values can cause ER_TOO_BIG_ROWSIZE errors in tables near the column count and their size limits.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-b78d5204fe 2026-05-21 03:17:14.913955+00:00 -------------------------------------------------------------------------------- Name : mysql8.0 Product : Fedora 42 Version : 8.0.46 Release : 1.fc42 URL : http://www.mysql.com Summary : MySQL client programs and shared libraries Description : MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon (mysqld) and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. -------------------------------------------------------------------------------- Update Information: MySQL 8.0.46 Release notes: https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-46.html Known issue: s390x-specific issue - zlib with DFLTCC compressed pages with low KEY_BLOCK_SIZE values can cause ER_TOO_BIG_ROWSIZE errors in tables near the column count and their size limits. EOL notice: As of April 2026, with version 8.0.46, MySQL 8.0 reached End of Life (EoL). -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 22 2026 Michal Schorm - 8.0.46-1 - Rebase to 8.0.46 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2461062 - CVE-2026-21998 CVE-2026-22001 CVE-2026-22002 CVE-2026-22004 CVE-2026-22005 CVE-2026-22009 CVE-2026-22015 CVE-2026-22017 CVE-2026-34267 CVE-2026-34270 CVE-2026-34271 CVE-2026-34276 CVE-2026-34278 CVE-2026-34293 ... mysql8.0: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2461062 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-b78d5204fe' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
May 21, 2026
•Critical
Fedora
89
security advisorybuffer overflowsoftware updateFedora 39: FEDORA-2023-7b5c843d27 Urgent: GStreamer Memory Exploit
1.22.7. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-6a4aea6d13 2023-11-19 01:23:27.465357 -------------------------------------------------------------------------------- Name : gstreamer1-vaapi Product : Fedora 39 Version : 1.22.7 Release : 1.fc39 URL : Summary : GStreamer plugins to use VA API video acceleration Description : A collection of GStreamer plugins to let you make use of VA API video acceleration from GStreamer applications. Includes elements for video decoding, display, encoding and post-processing using VA API (subject to hardware limitations). -------------------------------------------------------------------------------- Update Information: 1.22.7 -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 14 2023 Gwyn Ciesla - 1.22.7-1 - 1.22.7 * Tue Sep 26 2023 Nicolas Chauvet - 1.22.6-1 - Update to 1.22.6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2250248 - CVE-2023-44429 gstreamer1-plugins-bad-free: gstreamer: AV1 codec parser buffer overflow [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2250248 [ 2 ] Bug #2250250 - CVE-2023-44446 gstreamer1-plugins-bad-free: gstreamer: MXF demuxer use-after-free vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2250250 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-6a4aea6d13' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Nov 19, 2023
•Critical
Fedora
89
security advisoryFedorafixFedora 28: FEDORA-2018-839720583a Critical Xorg-x11-server Privilege Threat
Fix for CVE-2018-14665. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-839720583a 2018-11-08 02:18:24.114092 --------------------------------------------------------------------------------Name : xorg-x11-server Product : Fedora 28 Version : 1.19.6 Release : 10.fc28 URL : https://www.x.org/wiki/ Summary : X.Org X11 X server Description : X.Org X11 X server --------------------------------------------------------------------------------Update Information: Fix for CVE-2018-14665 --------------------------------------------------------------------------------ChangeLog: * Thu Nov 1 2018 Adam Jackson - 1.19.6-10 - Fix for CVE-2018-14665 * Tue Apr 24 2018 Adam Jackson - 1.19.6-9 - Require mesa-dri-drivers from the servers with GLX support (#1568644) * Mon Apr 23 2018 Adam Jackson - 1.19.6-8 - Bump Xvfb default depth to 24 to match 1.20 --------------------------------------------------------------------------------References: [ 1 ] Bug #1643131 - CVE-2018-14665 xorg-x11-server: Incorrect permission check in Xorg X server allows for privilege escalation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1643131 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-839720583a' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Nov 08, 2018
•Critical
Fedora
197
security advisoryprivilege escalationurgentDebian Jessie DLA-1427-1 Critical: Znc Privilege Escalation Issues
It was discovered that there were two issues in znc, a modular IRC bouncer: * There was insufficient validation of lines coming from the network . Package : znc Version : 1.4-2+deb8u1 CVE IDs : CVE-2018-14055 CVE-2018-14056 Debian Bugs : #903787 #903788 It was discovered that there were two issues in znc, a modular IRC bouncer: * There was insufficient validation of lines coming from the network allowing a non-admin user to escalate his privilege and inject rogue values into znc.conf. (CVE-2018-14055) * A path traversal vulnerability (via "../" being embedded in a web skin name) to access files outside of the allowed directory. (CVE-2018-14056) For Debian 8 "Jessie", these issues have been fixed in znc version 1.4-2+deb8u1. We recommend that you upgrade your znc packages. Regards, - -- ,'`. : :' : Chris Lamb `. `'`
Jul 15, 2018
•Critical
Debian LTS
172
security advisoryprivilege escalationubuntuUbuntu 12.04 LTS USN-2763-1 Critical: Linux-LTS-Trusty Privilege Escalation
The system could be made to crash or run programs as an administrator.. =========================================================================Ubuntu Security Notice USN-2763-1 October 05, 2015 linux-lts-trusty vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.04 LTS Summary: The system could be made to crash or run programs as an administrator. Software Description: - linux-lts-trusty: Linux hardware enablement kernel from Trusty Details: Dmitry Vyukov discovered that the Linux kernel did not properly initialize IPC object state in certain situations. A local attacker could use this to escalate their privileges, expose confidential information, or cause a denial of service (system crash). Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 LTS: linux-image-3.13.0-65-generic 3.13.0-65.106~precise1 linux-image-3.13.0-65-generic-lpae 3.13.0-65.106~precise1 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. If you use linux-restricted-modules, you have to update that package as well to get modules which work with the new kernel version. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-server, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-2763-1 CVE-2015-7613 Package Information: https://launchpad.net/ubuntu/+source/linux-lts-trusty/3.13.0-65.106~precise1 . =========================================================================Ubuntu Security Notice USN-. system, crash, programs, administrator,=============================. . Severity: Critical. LinuxSecurity.com Team
Oct 05, 2015
•Critical
Ubuntu
87
security advisorydebiancommand executionDebian: DSA-3248-1 Urgent: Libphp-Snoopy Code Injection Threat
It was discovered that missing input saniting in Snoopy, a PHP class that simulates a web browser may result in the execution of arbitrary commands. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3248-1
May 02, 2015
•Critical
Debian
172
security advisoryUbuntuDenial of ServiceUbuntu 10.04 LTS: 1598-2 Urgent: Linux Kernel Denial of Service
The system could be made to crash under certain conditions.. =========================================================================Ubuntu Security Notice USN-1597-1 October 05, 2012 linux-ec2 vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 10.04 LTS Summary: The system could be made to crash under certain conditions. Software Description: - linux-ec2: Linux kernel for EC2 Details: A flaw was found in how the Linux kernel passed the replacement session keyring to a child process. An unprivileged local user could exploit this flaw to cause a denial of service (panic). Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 10.04 LTS: linux-image-2.6.32-349-ec2 2.6.32-349.55 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. If you use linux-restricted-modules, you have to update that package as well to get modules which work with the new kernel version. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-server, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-1597-1 CVE-2012-2745 Package Information: https://launchpad.net/ubuntu/+source/linux-ec2/2.6.32-349.55 . A significant security alert has been issued concerning a kernel flaw in Ubuntu that poses risks to system reliability. Immediate software updates are essential to address this issue.. Kernel Exploit, Ubuntu Vulnerability, EC2 Crash, System Stability, Urgent Update. . Severity: Critical. LinuxSecurity.com Team
Oct 05, 2012
•Critical
Ubuntu
91
security advisoryremote code executionservice outageGentoo: 201112-04 High: TinTin++ Remote Code Execution Issue
Multiple vulnerabilities have been reported in TinTin++ which could allow a remote attacker to conduct several attacks, including the execution of arbitrary code and Denial of Service. [More...]. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201111-07 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: TinTin++: Multiple vulnerabilities Date: November 20, 2011 Bugs: #209903 ID: 201111-07 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been reported in TinTin++ which could allow a remote attacker to conduct several attacks, including the execution of arbitrary code and Denial of Service. Background ========= TinTin++ is a free MUD gaming client. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 games-mud/tintin < 1.98.0 > = 1.98.0 Description ========== Multiple vulnerabilities have been discovered in TinTin++. Please review the CVE identifiers referenced below for details. Impact ===== Remote unauthenticated attackers may be able to execute arbitrary code with the privileges of the TinTin++ process, cause a Denial of Service, or truncate arbitrary files in the top level of the home directory belonging to the user running the TinTin++ process. Workaround ========= There is no known workaround at this time. Resolution ========= All TinTin++ users should upgrade to the latest stable version: # emerge --sync # emerge --ask --oneshot --verbose "> =games-mud/tintin-1.98.0" NOTE: This is a legacy GLSA. Updatesfor all affected architectures are available since March 25, 2008. It is likely that your system is already no longer affected by this issue. References ========= [ 1 ] CVE-2008-0671 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0671 [ 2 ] CVE-2008-0672 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0672 [ 3 ] CVE-2008-0673 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0673 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201111-07 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to
Nov 20, 2011
Gentoo
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!