Alerts This Week
Warning Icon 1 560
Alerts This Week
Warning Icon 1 560

Stay Secure with the Latest Linux Advisories

Opensuse Large Esm H800
openSUSE

openSUSE Chromedriver Moderate Security Issues Fixed 2026-10958-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed libmozjs Moderate Update CVE-2025-70103

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Perl HTML Parser Moderate CVE-2026-8829 Advisory

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H800
openSUSE

openSUSE Tumbleweed kernel-devel Moderate Security Issue 2026-10954-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Gleam Moderate Threat Fixed 2026-10953-1

Calendar White Jun 08, 2026
moderate
Ubuntu Large Esm H900
Ubuntu

Ubuntu 25.10 Systemd Critical Arbitrary Code Exec DNS Issues USN-8402-1

Calendar White Jun 08, 2026
Critical
Opensuse Large Esm H800
openSUSE

openSUSE Epiphany Important Password Handling Issue CVE-2023-26081

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS 8399-1 Pillow Denial of Service Risk CVE-2026-42308

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS Poppler Critical DoS Code Execution Vuln USN-8400-1

Calendar White Jun 08, 2026
Critical
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -1 articles for you...
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorySuSEimportant

SUSE Linux Micro 6.2 python313 Important Security Update 2026-21104-1

An update that solves seven vulnerabilities and contains one feature can now be installed.. # Security update for python313 Announcement ID: SUSE-SU-2026:21104-1 Release Date: 2026-04-13T09:55:48Z Rating: important References: * bsc#1257181 * bsc#1259240 * bsc#1259611 * bsc#1259734 * bsc#1259735 * bsc#1259989 * bsc#1260026 * jsc#PED-15850 Cross-References: * CVE-2025-13462 * CVE-2026-1299 * CVE-2026-2297 * CVE-2026-3479 * CVE-2026-3644 * CVE-2026-4224 * CVE-2026-4519 CVSS scores: * CVE-2025-13462 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-13462 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2025-13462 ( NVD ): 2.0 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-1299 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-1299 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N * CVE-2026-1299 ( NVD ): 6.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-2297 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-2297 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2026-2297 ( NVD ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-3479 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-3479 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2026-3479 ( NVD ): 0.0 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-3644 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-3644 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-3644 ( NVD ): 6.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-4224 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-4224 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-4224 ( NVD ): 6.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-4519 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:H/VA:N/SC:L/SI:H/SA:N * CVE-2026-4519 ( SUSE ): 6.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:N * CVE-2026-4519 ( NVD ): 7.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Micro 6.2 An update that solves seven vulnerabilities and contains one feature can now be installed. ## Description: This update for python313 fixes the following issues: Update to version 3.13.13. * CVE-2025-13462: incorrect parsing of TarInfo when GNU long name and type AREGTYPE are combined can lead to misinterpretation of tar archives (bsc#1259611). * CVE-2026-2297: incorrectly handled hook in FileLoader can lead to validation bypass (bsc#1259240). * CVE-2026-3479: improper resource argument validation in `pkgutil.get_data()` can lead to path traversal (bsc#1259989). * CVE-2026-3644: incomplete control charactervalidation in http.cookies can lead to input validation bypass (bsc#1259734). * CVE-2026-4224: parsing XML with deeply nested DTD content models can lead to C stack overflow (bsc#1259735). * CVE-2026-4519: failure to sanitize leading dashes in URLs in the `webbrowser.open()` API can lead to web browser command line option injection (bsc#1260026). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-539=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * python313-base-debuginfo-3.13.13-160000.1.1 * python313-base-3.13.13-160000.1.1 * python313-curses-3.13.13-160000.1.1 * python313-core-debugsource-3.13.13-160000.1.1 * libpython3_13-1_0-3.13.13-160000.1.1 * libpython3_13-1_0-debuginfo-3.13.13-160000.1.1 * python313-3.13.13-160000.1.1 * python313-debugsource-3.13.13-160000.1.1 * python313-curses-debuginfo-3.13.13-160000.1.1 * python313-debuginfo-3.13.13-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-13462.html * https://www.suse.com/security/cve/CVE-2026-1299.html * https://www.suse.com/security/cve/CVE-2026-2297.html * https://www.suse.com/security/cve/CVE-2026-3479.html * https://www.suse.com/security/cve/CVE-2026-3644.html * https://www.suse.com/security/cve/CVE-2026-4224.html * https://www.suse.com/security/cve/CVE-2026-4519.html * https://bugzilla.suse.com/show_bug.cgi?id=1257181 * https://bugzilla.suse.com/show_bug.cgi?id=1259240 * https://bugzilla.suse.com/show_bug.cgi?id=1259611 * https://bugzilla.suse.com/show_bug.cgi?id=1259734 * https://bugzilla.suse.com/show_bug.cgi?id=1259735 * https://bugzilla.suse.com/show_bug.cgi?id=1259989 * https://bugzilla.suse.com/show_bug.cgi?id=1260026 * https://jira.suse.com/browse/PED-15850 . Ensure your systemis secure by updating python313 on SUSE to address seven vulnerabilities and one new feature.. SUSE Linux, python313, security risks, important update, software vulnerabilities. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Apr 16, 2026 Important SuSE
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorymoderateOpenSUSE

openSUSE Python39 Security Risk CVE-2029-3678 SUSE-SU-2029-3175-4

An update that solves one vulnerability can now be installed.. # Security update for python39 Announcement ID: SUSE-SU-2026:0971-1 Release Date: 2026-03-23T14:35:05Z Rating: moderate References: * bsc#1259240 Cross-References: * CVE-2026-2297 CVSS scores: * CVE-2026-2297 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-2297 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2026-2297 ( NVD ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.6 An update that solves one vulnerability can now be installed. ## Description: This update for python39 fixes the following issue: * CVE-2026-2297: validation bypass via incorrectly handled hook in FileLoader (bsc#1259240). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2026-971=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2026-971=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * python39-base-3.9.25-150300.4.96.1 * python39-devel-3.9.25-150300.4.96.1 * libpython3_9-1_0-debuginfo-3.9.25-150300.4.96.1 * python39-dbm-debuginfo-3.9.25-150300.4.96.1 * python39-curses-3.9.25-150300.4.96.1 * python39-debugsource-3.9.25-150300.4.96.1 * python39-tools-3.9.25-150300.4.96.1 * python39-core-debugsource-3.9.25-150300.4.96.1 * python39-tk-3.9.25-150300.4.96.1 * python39-base-debuginfo-3.9.25-150300.4.96.1 * libpython3_9-1_0-3.9.25-150300.4.96.1 * python39-testsuite-3.9.25-150300.4.96.1 * python39-testsuite-debuginfo-3.9.25-150300.4.96.1 *python39-curses-debuginfo-3.9.25-150300.4.96.1 * python39-tk-debuginfo-3.9.25-150300.4.96.1 * python39-doc-devhelp-3.9.25-150300.4.96.1 * python39-dbm-3.9.25-150300.4.96.1 * python39-doc-3.9.25-150300.4.96.1 * python39-idle-3.9.25-150300.4.96.1 * python39-debuginfo-3.9.25-150300.4.96.1 * python39-3.9.25-150300.4.96.1 * openSUSE Leap 15.3 (x86_64) * python39-32bit-3.9.25-150300.4.96.1 * libpython3_9-1_0-32bit-3.9.25-150300.4.96.1 * libpython3_9-1_0-32bit-debuginfo-3.9.25-150300.4.96.1 * python39-base-32bit-debuginfo-3.9.25-150300.4.96.1 * python39-32bit-debuginfo-3.9.25-150300.4.96.1 * python39-base-32bit-3.9.25-150300.4.96.1 * openSUSE Leap 15.3 (aarch64_ilp32) * libpython3_9-1_0-64bit-debuginfo-3.9.25-150300.4.96.1 * python39-base-64bit-debuginfo-3.9.25-150300.4.96.1 * libpython3_9-1_0-64bit-3.9.25-150300.4.96.1 * python39-64bit-3.9.25-150300.4.96.1 * python39-64bit-debuginfo-3.9.25-150300.4.96.1 * python39-base-64bit-3.9.25-150300.4.96.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python39-base-3.9.25-150300.4.96.1 * python39-devel-3.9.25-150300.4.96.1 * libpython3_9-1_0-debuginfo-3.9.25-150300.4.96.1 * python39-dbm-debuginfo-3.9.25-150300.4.96.1 * python39-curses-3.9.25-150300.4.96.1 * python39-debugsource-3.9.25-150300.4.96.1 * python39-tools-3.9.25-150300.4.96.1 * python39-core-debugsource-3.9.25-150300.4.96.1 * python39-base-debuginfo-3.9.25-150300.4.96.1 * python39-tk-3.9.25-150300.4.96.1 * libpython3_9-1_0-3.9.25-150300.4.96.1 * python39-testsuite-3.9.25-150300.4.96.1 * python39-testsuite-debuginfo-3.9.25-150300.4.96.1 * python39-curses-debuginfo-3.9.25-150300.4.96.1 * python39-tk-debuginfo-3.9.25-150300.4.96.1 * python39-doc-devhelp-3.9.25-150300.4.96.1 * python39-dbm-3.9.25-150300.4.96.1 * python39-doc-3.9.25-150300.4.96.1 * python39-idle-3.9.25-150300.4.96.1 * python39-debuginfo-3.9.25-150300.4.96.1 *python39-3.9.25-150300.4.96.1 * openSUSE Leap 15.6 (x86_64) * python39-32bit-3.9.25-150300.4.96.1 * libpython3_9-1_0-32bit-3.9.25-150300.4.96.1 * libpython3_9-1_0-32bit-debuginfo-3.9.25-150300.4.96.1 * python39-base-32bit-debuginfo-3.9.25-150300.4.96.1 * python39-32bit-debuginfo-3.9.25-150300.4.96.1 * python39-base-32bit-3.9.25-150300.4.96.1 ## References: * https://www.suse.com/security/cve/CVE-2026-2297.html * https://bugzilla.suse.com/show_bug.cgi?id=1259240 . SUSE security advisory addresses a moderate impact vulnerability in python39, requiring prompt attention for users.. openSUSE security, python update, CVE-2026-2297, moderate vulnerability, patch instructions. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Mar 23, 2026 Important SuSE
Banner 1 1028x280 1708121660 1771599717
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoracritical

Fedora 41: uv 0.8.8 Critical ZIP Validation Threat CVE-2025-54368

Update uv to version 0.8.8. Update the h2 crate to version 0.4.12. The builds in this update also address CVE-2025-54368.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-92fd810e1d 2025-08-19 04:44:05.202870+00:00 -------------------------------------------------------------------------------- Name : uv Product : Fedora 41 Version : 0.8.8 Release : 1.fc41 URL : https://github.com/astral-sh/uv Summary : An extremely fast Python package installer and resolver, written in Rust Description : An extremely fast Python package installer and resolver, written in Rust. Designed as a drop-in replacement for common pip and pip-tools workflows. Highlights: \u2022 \u2696\ufe0f Drop-in replacement for common pip, pip-tools, and virtualenv commands. \u2022 \u26a1\ufe0f 10-100x faster than pip and pip-tools (pip-compile and pip-sync). \u2022 \U0001f4be Disk-space efficient, with a global cache for dependency deduplication. \u2022 \U0001f40d Installable via curl, pip, pipx, etc. uv is a static binary that can be installed without Rust or Python. \u2022 \U0001f9ea Tested at-scale against the top 10,000 PyPI packages. \u2022 \U0001f5a5\ufe0f Support for macOS, Linux, and Windows. \u2022 \U0001f9f0 Advanced features such as dependency version overrides and alternative resolution strategies. \u2022 \u2049\ufe0f Best-in-class error messages with a conflict-tracking resolver. \u2022 \U0001f91d Support for a wide range of advanced pip features, including editable installs, Git dependencies, direct URL dependencies, local dependencies, constraints, source distributions, HTML and JSON indexes, and more. -------------------------------------------------------------------------------- Update Information: Update uv to version 0.8.8. Update the h2 crate to version 0.4.12. The builds in this update also addressCVE-2025-54368. -------------------------------------------------------------------------------- ChangeLog: * Sat Aug 9 2025 Benjamin A. Beasley - 0.8.8-1 - Update to 0.8.8 (close RHBZ#2387194) * Sat Aug 9 2025 Benjamin A. Beasley - 0.8.6-1 - Update to 0.8.6 * Wed Aug 6 2025 Benjamin A. Beasley - 0.8.5-1 - Update to 0.8.5 (close RHBZ#2386647) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2386891 - rust-h2-0.4.12 is available https://bugzilla.redhat.com/show_bug.cgi?id=2386891 [ 2 ] Bug #2387194 - uv-0.8.8 is available https://bugzilla.redhat.com/show_bug.cgi?id=2387194 [ 3 ] Bug #2387242 - CVE-2025-54368 uv: uv ZIP Archive Validation Vulnerability [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2387242 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-92fd810e1d' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Upgrade uv to version 0.8.8 addressing severe ZIP validation vulnerabilities on Fedora 41. Utilize dnf for secure installation.. Fedora 41 update, uv package manager, ZIP validation security. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Aug 19, 2025 Critical Fedora
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydebianapplication

Debian: DLA-4200-1 critical: symfony validation bypass and redirects

Security vulnerabilities were found in symfony, a PHP framework for web and console applications and a set of reusable PHP components, which could lead to validation bypass or open redirects. . ------------------------------------------------------------------------- Debian LTS Advisory DLA-4200-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Guilhem Moulin May 31, 2025 https://wiki.debian.org/LTS ------------------------------------------------------------------------- Package : symfony Version : 4.4.19+dfsg-2+deb11u7 CVE ID : CVE-2024-50343 CVE-2024-50345 Security vulnerabilities were found in symfony, a PHP framework for web and console applications and a set of reusable PHP components, which could lead to validation bypass or open redirects. CVE-2024-50343 It was discovered input ending with `\n` could bypass Validators. CVE-2024-50345 Sam Mush discovered that due to URI parsing mismatch between common browsers and the Request class, an attacker could supply a specially crafted URI to bypass validation and redirect users to another domain. For Debian 11 bullseye, these problems have been fixed in version 4.4.19+dfsg-2+deb11u7. We recommend that you upgrade your symfony packages. For the detailed security status of symfony please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/symfony Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Symfony update addresses significant security flaws, including bypass of validation and potential open redirect issues. Immediate upgrade is advised.. Symfony Security Update, Debian LTS Advisory, PHP Framework Security. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 May 31, 2025 Critical Debian LTS
Banner 1 1028x280 1708121660 1771599717
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorymoderatesoftware update

Mageia: 2023-0059 Moderate: Sox Validation Fix for Multiple Flaws

CVE-2019-13590: sox-fmt validation CVE-2021-3643 and CVE-2021-23210: voc validation CVE-2021-23159 and CVE-2021-23172: hcom validation CVE-2021-33844: wav validation CVE-2021-40426: sphere validation . MGASA-2023-0059 - Updated sox packages fix security vulnerability Publication date: 27 Feb 2023 URL: https://advisories.mageia.org/MGASA-2023-0059.html Type: security Affected Mageia releases: 8 CVE: CVE-2019-13590, CVE-2021-23159, CVE-2021-23172, CVE-2021-23210, CVE-2021-33844, CVE-2021-3643, CVE-2021-40426, CVE-2022-3165, CVE-2022-31650 CVE-2019-13590: sox-fmt validation CVE-2021-3643 and CVE-2021-23210: voc validation CVE-2021-23159 and CVE-2021-23172: hcom validation CVE-2021-33844: wav validation CVE-2021-40426: sphere validation CVE-2022-31650: aiff validation CVE-2022-31651: reject implausible rate References: - https://bugs.mageia.org/show_bug.cgi?id=30291 - https://talosintelligence.com/vulnerability_reports/TALOS-2021-1434 - https://lists.debian.org/debian-lts-announce/2023/02/msg00009.html - https://www.cve.org/CVERecord?id=CVE-2019-13590 - https://www.cve.org/CVERecord?id=CVE-2021-23159 - https://www.cve.org/CVERecord?id=CVE-2021-23172 - https://www.cve.org/CVERecord?id=CVE-2021-23210 - https://www.cve.org/CVERecord?id=CVE-2021-33844 - https://www.cve.org/CVERecord?id=CVE-2021-3643 - https://www.cve.org/CVERecord?id=CVE-2021-40426 - https://www.cve.org/CVERecord?id=CVE-2022-3165 - https://www.cve.org/CVERecord?id=CVE-2022-31650 SRPMS: - 8/core/sox-14.4.3-0.git20200117.3.1.mga8 . Recent updates to sox packages address various validation vulnerabilities in Mageia editions, thereby enhancing overall system security.. Sox Security,Mageia Software Update,Validate Flaws. . LinuxSecurity.com Team

Calendar 2 Feb 27, 2023 Mageia
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorymoderateupdate

openSUSE: 2022:10242-1 Moderate: Python-Slixmpp Certificate Validation Fix

An update that fixes one vulnerability is now available. . openSUSE Security Update: Security update for python-slixmpp ______________________________________________________________________________ Announcement ID: openSUSE-SU-2022:10242-1 Rating: moderate References: #1205433 Cross-References: CVE-2022-45197 Affected Products: openSUSE Backports SLE-15-SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for python-slixmpp fixes the following issues: - CVE-2022-45197: Fixed certificate hostname validation (boo#1205433) Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP4: zypper in -t patch openSUSE-2022-10242=1 Package List: - openSUSE Backports SLE-15-SP4 (aarch64 i586 ppc64le s390x x86_64): python3-slixmpp-1.4.2-bp154.2.3.1 References: https://www.suse.com/security/cve/CVE-2022-45197.html https://bugzilla.suse.com/1205433 . New version released for python-slixmpp on openSUSE, addressing hostname verification problem. Essential security patch issued.. openSUSE Security, python-slixmpp, hostname Validation, Moderate Fix, Software Update. . LinuxSecurity.com Team

Calendar 2 Dec 11, 2022 OpenSUSE
Banner 1 1028x280 1708121660 1771599717
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoraupdate

Fedora 24 Advisory: 2017-a73bc7ac5d Critical Validation Fix in Fedmsg

Fix validation logic in the base consumer The base consumer is intended to only derive its validation switch from the on-disk configuration if the child class doesn't override the validate_signatures switch. There was a bug here where the default value provided in the base class made it appear as if *all* child consumers had turned *off* validation, which is incorrect. This fix turns on. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2017-a73bc7ac5d 2017-01-27 18:29:56.052283 -------------------------------------------------------------------------------- Name : fedmsg Product : Fedora 24 Version : 0.18.2 Release : 1.fc24 URL : https://github.com/fedora-infra/fedmsg Summary : Tools for Fedora Infrastructure real-time messaging Description : Python API used around Fedora Infrastructure to send and receive messages with zeromq. Includes some CLI tools. -------------------------------------------------------------------------------- Update Information: Fix validation logic in the base consumer The base consumer is intended to only derive its validation switch from the on-disk configuration if the child class doesn't override the validate_signatures switch. There was a bug here where the default value provided in the base class made it appear as if *all* child consumers had turned *off* validation, which is incorrect. This fix turns on signature validation by default while preserving the ability of child consumersto override the on-disk configuration in special cases. - Fixes: CVE-2017-1000001 - Reviewed-by: Patrick Uiterwijk -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade fedmsg' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details onthe GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. . Enhances authentication procedures in fedmsg, guaranteeing accurate signature verifications. Upgrade your Fedora 24 systems without delay.. Fedora 24, fedmsg, security update, validation checks, signature verification. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jan 27, 2017 Critical Fedora
217
Ls Advisories Oracle Esm H240
Price Tag 1security advisorymoderatesecurity update

Oracle Linux 7: ELSA-2016-1086 Moderate Update: libndp Hop Limit

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2016-1086 https://linux.oracle.com/errata/ELSA-2016-1086.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: libndp-1.2-6.el7_2.i686.rpm libndp-1.2-6.el7_2.x86_64.rpm libndp-devel-1.2-6.el7_2.i686.rpm libndp-devel-1.2-6.el7_2.x86_64.rpm SRPMS: https://oss.oracle.com:443/ol7/SRPMS-updates/libndp-1.2-6.el7_2.src.rpm Description of changes: [1.2-6] - libndp: fix hop limit validation [CVE-2016-3698] [1.2-5] - libndp: validate the IPv6 hop limit [CVE-2016-3698] - libndb: reject redirect and router advertisements from non-link-local [CVE-2016-3698] . Oracle Linux patches addressing vulnerabilities in libndp while improving security measures and ensuring the integrity of hop limit validation.. Oracle Linux, libndp security update, ELSA-2016-1086, patch management. . LinuxSecurity.com Team

Calendar 2 May 17, 2016 Oracle
Banner 1 1028x280 1708121660 1771599717
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here