Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 15 articles for you...
89
security advisorydenial of servicesecurity issueFedora 42 uriparser Critical DoS Issue FEDORA-2026-593d463bbf
Update to uriparser-1.0.1.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-593d463bbf 2026-05-15 22:44:59.632843+00:00 -------------------------------------------------------------------------------- Name : uriparser Product : Fedora 42 Version : 1.0.1 Release : 1.fc42 URL : https://uriparser.github.io/ Summary : URI parsing library - RFC 3986 Description : Uriparser is a strictly RFC 3986 compliant URI parsing library written in C. uriparser is cross-platform, fast, supports Unicode and is licensed under the New BSD license. -------------------------------------------------------------------------------- Update Information: Update to uriparser-1.0.1. -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 30 2026 Sandro Mani - 1.0.1-1 - Update to 1.0.1 * Sat Jan 17 2026 Fedora Release Engineering - 1.0.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2463210 - CVE-2026-42371 uriparser: uriparser: Denial of Service via numeric truncation with oversized URIs [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2463210 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-593d463bbf' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
May 15, 2026
•Critical
Fedora
89
security advisorydenial of servicefedoraFedora 44 uriparser Critical Denial of Service 2026-57515ed8b1
Update to uriparser-1.0.1.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-57515ed8b1 2026-05-05 00:53:44.303273+00:00 -------------------------------------------------------------------------------- Name : uriparser Product : Fedora 44 Version : 1.0.1 Release : 1.fc44 URL : https://uriparser.github.io/ Summary : URI parsing library - RFC 3986 Description : Uriparser is a strictly RFC 3986 compliant URI parsing library written in C. uriparser is cross-platform, fast, supports Unicode and is licensed under the New BSD license. -------------------------------------------------------------------------------- Update Information: Update to uriparser-1.0.1. -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 30 2026 Sandro Mani - 1.0.1-1 - Update to 1.0.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2463210 - CVE-2026-42371 uriparser: uriparser: Denial of Service via numeric truncation with oversized URIs [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2463210 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-57515ed8b1' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
May 05, 2026
•Critical
Fedora
202
security advisorymoderateOpenSUSEopenSUSE 15.6 uriparser Moderate Stack Consumption Issue 2026-0444-1
An update that solves one vulnerability can now be installed.. # Security update for uriparser Announcement ID: SUSE-SU-2026:0444-1 Release Date: 2026-02-11T09:59:48Z Rating: moderate References: * bsc#1255000 Cross-References: * CVE-2025-67899 CVSS scores: * CVE-2025-67899 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-67899 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-67899 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves one vulnerability can now be installed. ## Description: This update for uriparser fixes the following issues: * CVE-2025-67899: large input containing many commas can cause unbounded recursion and stack consumption (bsc#1255000). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-444=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2026-444=1 ## Package List: * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * uriparser-0.8.5-150000.3.11.1 * uriparser-debuginfo-0.8.5-150000.3.11.1 * uriparser-devel-0.8.5-150000.3.11.1 * liburiparser1-debuginfo-0.8.5-150000.3.11.1 * uriparser-debugsource-0.8.5-150000.3.11.1 * liburiparser1-0.8.5-150000.3.11.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * uriparser-0.8.5-150000.3.11.1 * uriparser-debuginfo-0.8.5-150000.3.11.1 * uriparser-devel-0.8.5-150000.3.11.1 * liburiparser1-debuginfo-0.8.5-150000.3.11.1 * uriparser-debugsource-0.8.5-150000.3.11.1 * liburiparser1-0.8.5-150000.3.11.1 * openSUSE Leap 15.6 (x86_64) * liburiparser1-32bit-debuginfo-0.8.5-150000.3.11.1 * liburiparser1-32bit-0.8.5-150000.3.11.1 ## References: * https://www.suse.com/security/cve/CVE-2025-67899.html * https://bugzilla.suse.com/show_bug.cgi?id=1255000 . Update for uriparser on openSUSE addresses stack consumption issue. Learn how to patch it quickly here.. openSUSE Patch Uriparser Stack Consumption Security Fix. . LinuxSecurity.com Team
Feb 11, 2026
OpenSUSE
100
security advisorymoderateSuSEopenSUSE Leap 15.6 SUSE-SU-2026-0456-4 libxml2 Minor Memory Leak Alert
An update that solves one vulnerability can now be installed.. # Security update for uriparser Announcement ID: SUSE-SU-2026:0444-1 Release Date: 2026-02-11T09:59:48Z Rating: moderate References: * bsc#1255000 Cross-References: * CVE-2025-67899 CVSS scores: * CVE-2025-67899 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-67899 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-67899 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves one vulnerability can now be installed. ## Description: This update for uriparser fixes the following issues: * CVE-2025-67899: large input containing many commas can cause unbounded recursion and stack consumption (bsc#1255000). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-444=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2026-444=1 ## Package List: * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * uriparser-0.8.5-150000.3.11.1 * uriparser-debuginfo-0.8.5-150000.3.11.1 * uriparser-devel-0.8.5-150000.3.11.1 * liburiparser1-debuginfo-0.8.5-150000.3.11.1 * uriparser-debugsource-0.8.5-150000.3.11.1 * liburiparser1-0.8.5-150000.3.11.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * uriparser-0.8.5-150000.3.11.1 * uriparser-debuginfo-0.8.5-150000.3.11.1 * uriparser-devel-0.8.5-150000.3.11.1 * liburiparser1-debuginfo-0.8.5-150000.3.11.1 * uriparser-debugsource-0.8.5-150000.3.11.1 * liburiparser1-0.8.5-150000.3.11.1 * openSUSE Leap 15.6 (x86_64) * liburiparser1-32bit-debuginfo-0.8.5-150000.3.11.1 * liburiparser1-32bit-0.8.5-150000.3.11.1 ## References: * https://www.suse.com/security/cve/CVE-2025-67899.html * https://bugzilla.suse.com/show_bug.cgi?id=1255000 . Discover the moderate security update for uriparser addressing CVE-2025-67899 affecting SUSE systems.. uriparser update,SUSE security,unbounded recursion,CVE-2025-67899. . LinuxSecurity.com Team
Feb 11, 2026
SuSE
89
security advisoryfedoraimportantFedora 43: uriparser Important Unbounded Recursion Fix CVE-2025-67899
Update to uriparser-1.0.0, fixes CVE-2025-67899.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-5c12420f33 2025-12-20 00:52:30.902724+00:00 -------------------------------------------------------------------------------- Name : uriparser Product : Fedora 43 Version : 1.0.0 Release : 1.fc43 URL : https://uriparser.github.io/ Summary : URI parsing library - RFC 3986 Description : Uriparser is a strictly RFC 3986 compliant URI parsing library written in C. uriparser is cross-platform, fast, supports Unicode and is licensed under the New BSD license. -------------------------------------------------------------------------------- Update Information: Update to uriparser-1.0.0, fixes CVE-2025-67899. -------------------------------------------------------------------------------- ChangeLog: * Mon Dec 15 2025 Sandro Mani - 1.0.0-1 - Update to 1.0.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2423026 - CVE-2025-67899 uriparser: uriparser: Unbounded recursion and stack consumption via large input [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2423026 [ 2 ] Bug #2423027 - CVE-2025-67899 uriparser: uriparser: Unbounded recursion and stack consumption via large input [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2423027 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-5c12420f33' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Dec 20, 2025
•Important
Fedora
172
security advisorydenial of servicesecurity updateUbuntu 7356-1: uriparser Security Advisory Updates
Several security issues were fixed in uriparser.. ========================================================================== Ubuntu Security Notice USN-7356-1 March 19, 2025 uriparser vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: Several security issues were fixed in uriparser. Software Description: - uriparser: Strictly RFC 3986 compliant URI parsing library Details: It was discovered that uriparser did not correctly handle certain inputs, which could lead to an integer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2024-34402, CVE-2024-34403) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS liburiparser1 0.9.7+dfsg-2ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 22.04 LTS liburiparser1 0.9.6+dfsg-1ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 20.04 LTS liburiparser1 0.9.3-2ubuntu0.1~esm3 Available with Ubuntu Pro Ubuntu 18.04 LTS liburiparser1 0.8.4-1+deb9u2ubuntu0.1+esm1 Available with Ubuntu Pro Ubuntu 16.04 LTS liburiparser1 0.8.4-1ubuntu0.16.04.1~esm4 Available with Ubuntu Pro Ubuntu 14.04 LTS liburiparser1 0.7.5-1ubuntu2+esm4 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7356-1 CVE-2024-34402, CVE-2024-34403 . Significant security update for uriparser to mitigate integer overflow issues affecting multiple Ubuntu versions.. security, uriparser, ===================================================. . Severity: Important. LinuxSecurity.com Team
Mar 19, 2025
•Important
Ubuntu
100
security advisoryimportantinteger overflowSUSE: 2024:1860-1 Important: Uriparser Integer Overflow Fix Advisory
* bsc#1223887 * bsc#1223888 Cross-References: * CVE-2024-34402 . # Security update for uriparser Announcement ID: SUSE-SU-2024:1860-1 Rating: important References: * bsc#1223887 * bsc#1223888 Cross-References: * CVE-2024-34402 * CVE-2024-34403 CVSS scores: * CVE-2024-34402 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2024-34403 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for uriparser fixes the following issues: * CVE-2024-34402: Fixed integer overflow protection in ComposeQueryEngine (bsc#1223887). * CVE-2024-34403: Fixed integer overflow protection in ComposeQueryMallocExMm (bsc#1223888). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1860=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-1860=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1860=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-1860=1 ## Package List: * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390xx86_64) * uriparser-debugsource-0.8.5-150000.3.8.1 * uriparser-0.8.5-150000.3.8.1 * liburiparser1-0.8.5-150000.3.8.1 * liburiparser1-debuginfo-0.8.5-150000.3.8.1 * uriparser-devel-0.8.5-150000.3.8.1 * uriparser-debuginfo-0.8.5-150000.3.8.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * uriparser-debugsource-0.8.5-150000.3.8.1 * uriparser-0.8.5-150000.3.8.1 * liburiparser1-0.8.5-150000.3.8.1 * liburiparser1-debuginfo-0.8.5-150000.3.8.1 * uriparser-devel-0.8.5-150000.3.8.1 * uriparser-debuginfo-0.8.5-150000.3.8.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * uriparser-debugsource-0.8.5-150000.3.8.1 * uriparser-0.8.5-150000.3.8.1 * liburiparser1-0.8.5-150000.3.8.1 * liburiparser1-debuginfo-0.8.5-150000.3.8.1 * uriparser-devel-0.8.5-150000.3.8.1 * uriparser-debuginfo-0.8.5-150000.3.8.1 * openSUSE Leap 15.5 (x86_64) * liburiparser1-32bit-debuginfo-0.8.5-150000.3.8.1 * liburiparser1-32bit-0.8.5-150000.3.8.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * uriparser-debugsource-0.8.5-150000.3.8.1 * uriparser-0.8.5-150000.3.8.1 * liburiparser1-0.8.5-150000.3.8.1 * liburiparser1-debuginfo-0.8.5-150000.3.8.1 * uriparser-devel-0.8.5-150000.3.8.1 * uriparser-debuginfo-0.8.5-150000.3.8.1 * openSUSE Leap 15.6 (x86_64) * liburiparser1-32bit-debuginfo-0.8.5-150000.3.8.1 * liburiparser1-32bit-0.8.5-150000.3.8.1 ## References: * https://www.suse.com/security/cve/CVE-2024-34402.html * https://www.suse.com/security/cve/CVE-2024-34403.html * https://bugzilla.suse.com/show_bug.cgi?id=1223887 * https://bugzilla.suse.com/show_bug.cgi?id=1223888 . The recent CentOS patch for netfilter resolves critical buffer overflow vulnerabilities, bolstering overall system integrity.. SUSE Updates, Uriparser Security, Integer Overflow Fix, Linux Security Advisory. . Severity: Important. LinuxSecurity.com Team
Aug 19, 2024
•Important
SuSE
89
security advisoryFedorasoftware patchFedora 40 2024-a7b8b6bfe2 Critical Uriparser Security Update
Update to uriparser-0.9.8.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-a7b8b6bfe2 2024-05-21 01:17:25.932122 -------------------------------------------------------------------------------- Name : uriparser Product : Fedora 40 Version : 0.9.8 Release : 1.fc40 URL : https://uriparser.github.io/ Summary : URI parsing library - RFC 3986 Description : Uriparser is a strictly RFC 3986 compliant URI parsing library written in C. uriparser is cross-platform, fast, supports Unicode and is licensed under the New BSD license. -------------------------------------------------------------------------------- Update Information: Update to uriparser-0.9.8. -------------------------------------------------------------------------------- ChangeLog: * Sun May 5 2024 Sandro Mani - 0.9.8-1 - Update to 0.9.8 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2278811 - CVE-2024-34402 CVE-2024-34403 uriparser: various flaws [fedora-38] https://bugzilla.redhat.com/show_bug.cgi?id=2278811 [ 2 ] Bug #2278812 - CVE-2024-34402 CVE-2024-34403 uriparser: various flaws [fedora-39] https://bugzilla.redhat.com/show_bug.cgi?id=2278812 [ 3 ] Bug #2278813 - CVE-2024-34402 CVE-2024-34403 uriparser: various flaws [fedora-40] https://bugzilla.redhat.com/show_bug.cgi?id=2278813 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-a7b8b6bfe2' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
May 21, 2024
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!