Explore top 10 tips to secure your open-source projects now. Read More
×An update that solves 15 vulnerabilities and has one bug fix can now be installed.. openSUSE security update: security update for chromium ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:21363-1 Rating: critical References: * bsc#1271415 Cross-References: * CVE-2026-15764 * CVE-2026-15765 * CVE-2026-15766 * CVE-2026-15767 * CVE-2026-15768 * CVE-2026-15769 * CVE-2026-15770 * CVE-2026-15771 * CVE-2026-15772 * CVE-2026-15773 * CVE-2026-15774 * CVE-2026-15775 * CVE-2026-15776 * CVE-2026-15777 * CVE-2026-15778 Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves 15 vulnerabilities and has one bug fix can now be installed. Description: This update for chromium fixes the following issues: Changes in chromium: - Chromium 150.0.7871.124 (boo#1271415): * CVE-2026-15764: Use after free in Ozone * CVE-2026-15765: Use after free in Ozone * CVE-2026-15766: Uninitialized Use in Skia * CVE-2026-15767: Heap buffer overflow in libyuv * CVE-2026-15768: Insufficient policy enforcement in HTML-in-Canvas * CVE-2026-15769: Insufficient validation of untrusted input in Linux Toolkit Theming * CVE-2026-15770: Uninitialized Use in V8 * CVE-2026-15771: Insufficient validation of untrusted input in Media * CVE-2026-15772: Use after free in GPU * CVE-2026-15773: Use after free in Core * CVE-2026-15774: Use after free in Skia * CVE-2026-15775: Insufficient policy enforcement in V8 * CVE-2026-15776: Type Confusion in V8 * CVE-2026-15777: Use after free in UI * CVE-2026-15778: Insufficient validation of untrusted input in Navigation Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-packagehub-424=1 PackageList: - openSUSE Leap 16.0: chromedriver-150.0.7871.124-bp160.1.1 chromium-150.0.7871.124-bp160.1.1 References: * https://www.suse.com/security/cve/CVE-2026-15764.html * https://www.suse.com/security/cve/CVE-2026-15765.html * https://www.suse.com/security/cve/CVE-2026-15766.html * https://www.suse.com/security/cve/CVE-2026-15767.html * https://www.suse.com/security/cve/CVE-2026-15768.html * https://www.suse.com/security/cve/CVE-2026-15769.html * https://www.suse.com/security/cve/CVE-2026-15770.html * https://www.suse.com/security/cve/CVE-2026-15771.html * https://www.suse.com/security/cve/CVE-2026-15772.html * https://www.suse.com/security/cve/CVE-2026-15773.html * https://www.suse.com/security/cve/CVE-2026-15774.html * https://www.suse.com/security/cve/CVE-2026-15775.html * https://www.suse.com/security/cve/CVE-2026-15776.html * https://www.suse.com/security/cve/CVE-2026-15777.html * https://www.suse.com/security/cve/CVE-2026-15778.html . Critical security update for openSUSE Leap 16.0 addressing 15 distinct vulnerabilities in Chromium software.. openSUSE security, critical update, Chromium issues. . Severity: Critical. LinuxSecurity.com Team
An update that solves 6 vulnerabilities can now be installed.. # python313-Pillow-12.3.0-2.1 on GA media Announcement ID: openSUSE-SU-2026:11283-1 Rating: moderate Cross-References: * CVE-2026-54058 * CVE-2026-54060 * CVE-2026-55380 * CVE-2026-59198 * CVE-2026-59200 * CVE-2026-59204 CVSS scores: * CVE-2026-54058 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-54058 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-54060 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-55380 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-59198 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-59198 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-59200 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-59200 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-59204 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-59204 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N Affected Products: * openSUSE Tumbleweed An update that solves 6 vulnerabilities can now be installed. ## Description: These are all security issues fixed in the python313-Pillow-12.3.0-2.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * python313-Pillow 12.3.0-2.1 * python313-Pillow-tk 12.3.0-2.1 * python314-Pillow 12.3.0-2.1 * python314-Pillow-tk 12.3.0-2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-54058.html * https://www.suse.com/security/cve/CVE-2026-54060.html * https://www.suse.com/security/cve/CVE-2026-55380.html * https://www.suse.com/security/cve/CVE-2026-59198.html * https://www.suse.com/security/cve/CVE-2026-59200.html * https://www.suse.com/security/cve/CVE-2026-59204.html . An update for python313-Pillow resolves six issues in openSUSETumbleweed, enhancing system security efficiently.. openSUSE security python Pillow vulnerabilities update. . Severity: moderate. LinuxSecurity.com Team
An update that solves one vulnerability can now be installed.. # python315-3.15.0~b3-2.1 on GA media Announcement ID: openSUSE-SU-2026:11286-1 Rating: moderate Cross-References: * CVE-2026-11940 CVSS scores: * CVE-2026-11940 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2026-11940 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N Affected Products: * openSUSE Tumbleweed An update that solves one vulnerability can now be installed. ## Description: These are all security issues fixed in the python315-3.15.0~b3-2.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * python315 3.15.0~b3-2.1 * python315-curses 3.15.0~b3-2.1 * python315-dbm 3.15.0~b3-2.1 * python315-idle 3.15.0~b3-2.1 * python315-profiling 3.15.0~b3-2.1 * python315-tk 3.15.0~b3-2.1 * python315-x86-64-v3 3.15.0~b3-2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-11940.html . High impact update available for openSUSE Tumbleweed, resolving security issue in python315 package. Act promptly.. openSUSE security, python315 update, software vulnerability resolution. . Severity: moderate. LinuxSecurity.com Team
An update that solves one vulnerability can now be installed.. # gpsd-3.27.5-3.1 on GA media Announcement ID: openSUSE-SU-2026:11276-1 Rating: moderate Cross-References: * CVE-2026-58459 Affected Products: * openSUSE Tumbleweed An update that solves one vulnerability can now be installed. ## Description: These are all security issues fixed in the gpsd-3.27.5-3.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * gpsd 3.27.5-3.1 * gpsd-clients 3.27.5-3.1 * gpsd-devel 3.27.5-3.1 * gpsd-qt6-devel 3.27.5-3.1 * libQgpsmm32 3.27.5-3.1 * libgps32 3.27.5-3.1 * python3-gpsd 3.27.5-3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-58459.html . An openSUSE update resolves a moderate security issue in gpsd package, enhancing system safety.. openSUSE gpsd update security issue moderate severity. . Severity: moderate. LinuxSecurity.com Team
Release notes for xrdp v0.10.6.1 (2026/07/06) General announcements This release fixes 10 vulnerabilities and 1 regression introduced by a vulnerability fix in the previous release. If you like xrdp, please consider sponsoring or donating to the project. We. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-05c06fa0a8 2026-07-16 01:19:18.912160+00:00 -------------------------------------------------------------------------------- Name : xrdp Product : Fedora 44 Version : 0.10.6.1 Release : 1.fc44 URL : http://www.xrdp.org/ Summary : Open source remote desktop protocol (RDP) server Description : xrdp provides a fully functional RDP server compatible with a wide range of RDP clients, including FreeRDP and Microsoft RDP client. -------------------------------------------------------------------------------- Update Information: Release notes for xrdp v0.10.6.1 (2026/07/06) General announcements This release fixes 10 vulnerabilities and 1 regression introduced by a vulnerability fix in the previous release. If you like xrdp, please consider sponsoring or donating to the project. We accept financial contributions through Open Collective, and direct donations to individual developers via GitHub Sponsors are also welcome. Security fixes CVE-2026-41252 CVE-2026-41521 CVE-2026-44178 CVE-2026-42218 CVE-2026-44978 CVE-2026-54538 CVE-2026-55238 CVE-2026-55626 CVE-2026-55639 CVE-2026-55645 New features None Bug fixes regression: Fix SEGV in xrdp when running over TLS (#3793) -------------------------------------------------------------------------------- ChangeLog: * Tue Jul 7 2026 Bojan Smojver - 1:0.10.6.1-1 - Update to 0.10.6.1 - CVE-2026-41252, CVE-2026-41521, CVE-2026-44178, CVE-2026-42218 - CVE-2026-44978, CVE-2026-54538, CVE-2026-55238, CVE-2026-55626 - CVE-2026-55639, CVE-2026-55645 * Sat Jun 13 2026 Yaakov Selkowitz - 1:0.10.6-3 - Rebuilt for openssl4.0 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-05c06fa0a8' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-19354 http://linux.oracle.com/errata/ELSA-2026-19354.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: PackageKit-1.2.6-2.0.1.el9_8.x86_64.rpm PackageKit-command-not-found-1.2.6-2.0.1.el9_8.x86_64.rpm PackageKit-glib-1.2.6-2.0.1.el9_8.i686.rpm PackageKit-glib-1.2.6-2.0.1.el9_8.x86_64.rpm PackageKit-glib-devel-1.2.6-2.0.1.el9_8.i686.rpm PackageKit-glib-devel-1.2.6-2.0.1.el9_8.x86_64.rpm PackageKit-gstreamer-plugin-1.2.6-2.0.1.el9_8.x86_64.rpm PackageKit-gtk3-module-1.2.6-2.0.1.el9_8.x86_64.rpm aarch64: PackageKit-1.2.6-2.0.1.el9_8.aarch64.rpm PackageKit-command-not-found-1.2.6-2.0.1.el9_8.aarch64.rpm PackageKit-glib-1.2.6-2.0.1.el9_8.aarch64.rpm PackageKit-glib-devel-1.2.6-2.0.1.el9_8.aarch64.rpm PackageKit-gstreamer-plugin-1.2.6-2.0.1.el9_8.aarch64.rpm PackageKit-gtk3-module-1.2.6-2.0.1.el9_8.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/PackageKit-1.2.6-2.0.1.el9_8.src.rpm Related CVEs: CVE-2026-41651 Description of changes: [1.2.6-2.0.1] - remove RHEL vendor patch PackageKit-0.3.8-RHEL-Vendor.conf.patch _______________________________________________ El-errata mailing list
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-26453 http://linux.oracle.com/errata/ELSA-2026-26453.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: 389-ds-base-1.3.11.1-5.0.9.el7_9.x86_64.rpm 389-ds-base-devel-1.3.11.1-5.0.9.el7_9.x86_64.rpm 389-ds-base-libs-1.3.11.1-5.0.9.el7_9.x86_64.rpm 389-ds-base-snmp-1.3.11.1-5.0.9.el7_9.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/389-ds-base-1.3.11.1-5.0.9.el7_9.src.rpm Related CVEs: CVE-2026-9064 Description of changes: [1.3.11.1-5.0.9] - Security fix for CVE-2026-9064 [Orabug: 39570202] [1.3.11.1-5.0.7] - Security fix for CVE-2025-14905 [Orabug: 39146844] [1.3.11.1-5.0.5] - Allow Uniqueness plugin to search uniqueness attributes using custom matching rules [Orabug: 38388205] _______________________________________________ El-errata mailing list
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-16101 http://linux.oracle.com/errata/ELSA-2026-16101.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: host-metering-1.2.0-4.0.1.el7_9.x86_64.rpm host-metering-selinux-1.2.0-4.0.1.el7_9.noarch.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/host-metering-1.2.0-4.0.1.el7_9.src.rpm Related CVEs: CVE-2026-32283 Description of changes: [1.2.0-4.0.1] - Rebuild with new go-toolset-1.19-golang to fix CVE-2026-32283 [Orabug: 39352233] _______________________________________________ El-errata mailing list
Get the latest Linux and open source security news straight to your inbox.