Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -6 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedorarequest smuggling

Fedora 37 Varnish Modules Critical Advisory: Request Smuggling & Forgery

New upstream release: A security release. This release includes fix for CVE-2022-45059 (VSV00011) and CVE-2022-45060 (VSV00010). From the upstream release notes: VSV00010 Varnish Request Smuggling Vulnerability Date: 2022-11-08 A request smuggling attack can be performed on Varnish Cache servers by requesting that certain headers are made hop-by-hop, preventing the Varnish. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-0d5dcc031e 2022-11-23 01:15:30.165665 --------------------------------------------------------------------------------Name : varnish-modules Product : Fedora 37 Version : 0.20.0 Release : 4.fc37 URL : https://github.com/varnish/varnish-modules Summary : A collection of modules ("vmods") extending Varnish VCL Description : This is a collection of modules ("vmods") extending Varnish VCL used for describing HTTP request/response policies with additional capabilities. This collection contains the following vmods: bodyaccess, header, saintmode, tcp, var, vsthrottle, xkey --------------------------------------------------------------------------------Update Information: New upstream release: A security release. This release includes fix for CVE-2022-45059 (VSV00011) and CVE-2022-45060 (VSV00010). From the upstream release notes: VSV00010 Varnish Request Smuggling Vulnerability Date: 2022-11-08 A request smuggling attack can be performed on Varnish Cache servers by requesting that certain headers are made hop-by-hop, preventing the Varnish Cache servers from forwarding critical headers to the backend. Among the headers that can be filtered this way are both Content-Length and Host, making it possible for an attacker to both break the HTTP/1 protocol framing, and bypass request to host routing in VCL. VSV00011 Varnish HTTP/2 Request Forgery Vulnerability Date: 2022-11-08 A request forgery attack can be performed on Varnish Cache servers that have the HTTP/2 protocolturned on. An attacker may introduce characters through the HTTP/2 pseudo-headers that are invalid in the context of an HTTP/1 request line, causing the Varnish server to produce invalid HTTP/1 requests to the backend. This may in turn be used to successfully exploit vulnerabilities in a server behind the Varnish server. --------------------------------------------------------------------------------ChangeLog: * Mon Nov 14 2022 Ingvar Hagelund - 0.20.0-4 - Built for varnish-7.1.2 --------------------------------------------------------------------------------References: [ 1 ] Bug #2141842 - CVE-2022-45059 varnish: Request Smuggling Vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2141842 [ 2 ] Bug #2141847 - CVE-2022-45060 varnish: Request Forgery Vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2141847 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-0d5dcc031e' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Stay updated on Varnish security patches for Fedora 37to protect against critical request vulnerabilities and ensure your server's integrity. Request Smuggling, Request Forgery, Varnish Modules, Fedora Security, Patch Release. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Nov 22, 2022 Critical Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorysecurity issuefedora

Fedora 35: FEDORA-2022-2f14ec7663 Critical: Varnish Request Smuggling

New upstream release varnish-6.6.2. A security release. Includes fix for CVE-2022-23959. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-2f14ec7663 2022-02-16 01:25:55.828264 --------------------------------------------------------------------------------Name : varnish-modules Product : Fedora 35 Version : 0.18.0 Release : 5.fc35 URL : https://github.com/varnish/varnish-modules Summary : A collection of modules ("vmods") extending Varnish VCL Description : This is a collection of modules ("vmods") extending Varnish VCL used for describing HTTP request/response policies with additional capabilities. This collection contains the following vmods: bodyaccess, header, saintmode, tcp, var, vsthrottle, xkey --------------------------------------------------------------------------------Update Information: New upstream release varnish-6.6.2. A security release. Includes fix for CVE-2022-23959 --------------------------------------------------------------------------------ChangeLog: * Thu Feb 3 2022 Ingvar Hagelund - 0.18.0-5 - Rebuilt for varnish-6.6.2-2 * Thu Feb 3 2022 Ingvar Hagelund - 0.18.0-4 - Rebuilt for varnish-6.6.2 --------------------------------------------------------------------------------References: [ 1 ] Bug #2045031 - CVE-2022-23959 varnish: HTTP/1 request smuggling vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=2045031 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-2f14ec7663' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . Fedora 36 Upgrade Announcement for varnish-modules featuring essential remedy for HTTP request smuggling vulnerability.. Fedora Security Update, varnish modules, HTTP Request Issue. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Feb 15, 2022 Critical Fedora
Banner 3 1028x280 1708121785 1771599793
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorydenial of servicefedora

Fedora 34: 2021-2ad352ec70 Moderate: Varnish Modules Denial Of Service

- New upstream release - Switched back to original varnish github upstream, as it has catched up - Includes fix for CVE-2021-28543 denial of service attack, VSV00006, bz#1939669. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-2ad352ec70 2021-03-22 02:06:58.359340 --------------------------------------------------------------------------------Name : varnish-modules Product : Fedora 34 Version : 0.17.1 Release : 1.fc34 URL : https://github.com/varnish/varnish-modules Summary : A collection of modules ("vmods") extending Varnish VCL Description : This is a collection of modules ("vmods") extending Varnish VCL used for describing HTTP request/response policies with additional capabilities. This collection contains the following vmods: bodyaccess, header, saintmode, tcp, var, vsthrottle, xkey --------------------------------------------------------------------------------Update Information: - New upstream release - Switched back to original varnish github upstream, as it has catched up - Includes fix for CVE-2021-28543 denial of service attack, VSV00006, bz#1939669 --------------------------------------------------------------------------------ChangeLog: * Wed Mar 17 2021 Ingvar Hagelund 0.17.1-1 - New upstream release - Switched back to original varnish github upstream, as it has catched up - Includes fix for CVE-2021-28543, VSV00006, bz#1939669 --------------------------------------------------------------------------------References: [ 1 ] Bug #1939669 - CVE-2021-28543 varnish-modules: NULL pointer dereference in Varnish Cache via header.append() and header.copy() functions https://bugzilla.redhat.com/show_bug.cgi?id=1939669 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-2ad352ec70' at the command line. For more information,refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . Fedora 35 Update Announcement for varnish-modules resolving service interruption vulnerabilities and upstream version modifications.. Varnish Modules Update,Fedora Security Advisory,Denial Of Service Fix. . LinuxSecurity.com Team

Calendar 2 Mar 21, 2021 Fedora
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here