Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 13 articles for you...
89

Fedora 42 Domoticz Important XSS Security Flaw Advisory 2026-627f2db2b7

Too many changes to list. See: https://github.com/domoticz/domoticz/blob/2026.1/History.txt This also fixes a security vulnerability.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-627f2db2b7 2026-04-04 01:02:26.879212+00:00 -------------------------------------------------------------------------------- Name : domoticz Product : Fedora 42 Version : 2026.1 Release : 1.fc42 URL : http://www.domoticz.com Summary : Open source Home Automation System Description : Domoticz is a Home Automation System that lets you monitor and configure various devices like: Lights, Switches, various sensors/meters like Temperature, Rain, Wind, UV, Electra, Gas, Water and much more. Notifications/Alerts can be sent to any mobile device -------------------------------------------------------------------------------- Update Information: Too many changes to list. See: https://github.com/domoticz/domoticz/blob/2026.1/History.txt This also fixes a security vulnerability. -------------------------------------------------------------------------------- ChangeLog: * Wed Mar 25 2026 Michael Cronenworth - 2026.1-1 - New stable release * Sun Mar 22 2026 Bjrn Esser - 2025.2-6 - Rebuild (jsoncpp) * Fri Feb 27 2026 Tom Callaway - 2025.2-5 - rebuild for lua 5.5 * Fri Jan 16 2026 Fedora Release Engineering - 2025.2-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Fri Jan 16 2026 Fedora Release Engineering - 2025.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Wed Jan 14 2026 Michael Cronenworth - 2025.2-2 - Rebuilt for Boost 1.90 * Thu Jan 8 2026 Michael Cronenworth - 2025.2-1 - New stable release * Fri Sep 19 2025 Python Maint - 2025.1-4 - Rebuilt for Python 3.14.0rc3 bytecode * Fri Aug 15 2025 Python Maint - 2025.1-3 - Rebuilt for Python 3.14.0rc2 bytecode * Wed Jul 23 2025 Fedora Release Engineering - 2025.1-2 - Rebuilt forhttps://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2451138 - domoticz-2026.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2451138 [ 2 ] Bug #2451506 - CVE-2026-1001 domoticz: Domoticz: Arbitrary script execution via stored cross-site scripting in web interface [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2451506 [ 3 ] Bug #2451508 - CVE-2026-1001 domoticz: Domoticz: Arbitrary script execution via stored cross-site scripting in web interface [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2451508 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-627f2db2b7' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Stay updated on Fedora 42 Domoticz critical XSS fix with security advisory 2026-627f2db2b7 addressing risks.. Domoticz Patch, Fedora Security, XSS Threat, Home Automation Update, Critical Security Fix. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Apr 04, 2026 Important Fedora
89

Fedora 43 Domoticz Critical Arbitrary Script Exec Advisory 2026-45d8852ca3

Too many changes to list. See: https://github.com/domoticz/domoticz/blob/2026.1/History.txt This also fixes a security vulnerability.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-45d8852ca3 2026-04-04 00:48:12.438594+00:00 -------------------------------------------------------------------------------- Name : domoticz Product : Fedora 43 Version : 2026.1 Release : 1.fc43 URL : http://www.domoticz.com Summary : Open source Home Automation System Description : Domoticz is a Home Automation System that lets you monitor and configure various devices like: Lights, Switches, various sensors/meters like Temperature, Rain, Wind, UV, Electra, Gas, Water and much more. Notifications/Alerts can be sent to any mobile device -------------------------------------------------------------------------------- Update Information: Too many changes to list. See: https://github.com/domoticz/domoticz/blob/2026.1/History.txt This also fixes a security vulnerability. -------------------------------------------------------------------------------- ChangeLog: * Wed Mar 25 2026 Michael Cronenworth - 2026.1-1 - New stable release * Sun Mar 22 2026 Bjrn Esser - 2025.2-6 - Rebuild (jsoncpp) * Fri Feb 27 2026 Tom Callaway - 2025.2-5 - rebuild for lua 5.5 * Fri Jan 16 2026 Fedora Release Engineering - 2025.2-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Fri Jan 16 2026 Fedora Release Engineering - 2025.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Wed Jan 14 2026 Michael Cronenworth - 2025.2-2 - Rebuilt for Boost 1.90 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2451138 - domoticz-2026.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2451138 [ 2 ] Bug #2451507 - CVE-2026-1001 domoticz: Domoticz: Arbitrary script execution via stored cross-site scripting in web interface [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2451507 [ 3 ] Bug #2451509 - CVE-2026-1001 domoticz: Domoticz: Arbitrary script execution via stored cross-site scripting in web interface [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2451509 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-45d8852ca3' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Update fixes critical vulnerability in Fedora 43 Domoticz, addressing arbitrary script execution in web interface.. Domoticz Update, Fedora Security, Script Execution Risk, Cross-Site Scripting. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Apr 04, 2026 Critical Fedora
197

Debian LTS: DLA-4094-1: mercurial Security Advisory Updates

A cross-site scripting vulnerability was discovered in hgweb, the integrated stand-alone web interface of the Mercurial version control system. . ------------------------------------------------------------------------- Debian LTS Advisory DLA-4094-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Andreas Henriksson March 27, 2025 https://wiki.debian.org/LTS ------------------------------------------------------------------------- Package : mercurial Version : 5.6.1-4+deb11u1 CVE ID : CVE-2025-2361 Debian Bug : 1100899 A cross-site scripting vulnerability was discovered in hgweb, the integrated stand-alone web interface of the Mercurial version control system. A problem in mercurial related to CVE-2023-27043 being fixed in python was also adressed. For Debian 11 bullseye, these problems have been fixed in version 5.6.1-4+deb11u1. We recommend that you upgrade your mercurial packages. For the detailed security status of mercurial please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/mercurial Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . A cross-site scripting vulnerability in Mercurial fixed with security updates. Urgent upgrade recommended to maintain system integrity.. cross-site, scripting, vulnerability, hgweb, integrated, stand-alone, interfa. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Mar 27, 2025 Important Debian LTS
87

Debian: DSA-5862-1 moderate: cacti command injection and XSS

Multiple security vulnerabilities have been discovered in Cacti, a web interface for graphing of monitoring systems, which could result in cross-site scripting, SQL injection, or command injection. . - ------------------------------------------------------------------------- Debian Security Advisory DSA-5862-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Salvatore Bonaccorso February 10, 2025 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : cacti CVE ID : CVE-2024-27082 CVE-2024-43362 CVE-2024-43363 CVE-2024-43364 CVE-2024-43365 CVE-2024-45598 CVE-2024-54145 CVE-2025-22604 CVE-2025-24367 CVE-2025-24368 Debian Bug : 1094574 Multiple security vulnerabilities have been discovered in Cacti, a web interface for graphing of monitoring systems, which could result in cross-site scripting, SQL injection, or command injection. For the stable distribution (bookworm), these problems have been fixed in version 1.2.24+ds1-1+deb12u5. We recommend that you upgrade your cacti packages. For the detailed security status of cacti please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/cacti Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Debian Security Advisory DSA-5863-1 outlines vulnerabilities in Cacti involving various exploitation paths.. Debian Security Advisory,cacti security,SQL injection issues,cross-site scripting flaws,command injection vulnerabilities. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Feb 10, 2025 Important Debian
89

Fedora 41 phpMyAdmin 5.2.2 Security Advisory: XSS and DoS Issues

phpMyAdmin 5.2.2 is released Welcome to the release of phpMyAdmin version 5.2.2, the "I should have released this sooner" release. This is primarily a bugfix release but also contains a few security fixes as noted below. fix possible security issue in sql-parser which could cause long execution times. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-4b8ab3834c 2025-01-31 03:06:46.144908+00:00 -------------------------------------------------------------------------------- Name : phpMyAdmin Product : Fedora 41 Version : 5.2.2 Release : 1.fc41 URL : https://www.phpmyadmin.net/ Summary : A web interface for MySQL and MariaDB Description : phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fields, execute any SQL statement, manage keys on fields, manage privileges,export data into various formats and is available in 50 languages -------------------------------------------------------------------------------- Update Information: phpMyAdmin 5.2.2 is released Welcome to the release of phpMyAdmin version 5.2.2, the "I should have released this sooner" release. This is primarily a bugfix release but also contains a few security fixes as noted below. fix possible security issue in sql-parser which could cause long execution times that could create a DOS attack (thanks to Maximilian Krög) fix an XSS vulnerability in the check tables feature (PMASA-2025-1, thanks to bluebird) fix an XSS vulnerability in the Insert tab (PMASA-2025-2, thanks to frequent contributor Kamil Tekiela) fix possible security issue with library code slim/psr7 (CVE-2023-30536) fix possible security issue relating to iconv (CVE-2024-2961, PMASA-2025-3) fix a full path disclosure in the Monitoring tab issue #18268 Fix UI issue the theme manager is disabled issue Allow opening server breadcrumb links in new tab withCtrl/Meta key issue #19141 Add cookie prefix '-__Secure-' to cookies to help prevent cookie smuggling issue #18106 Fix renaming database with a view issue #18120 Fix bug with numerical tables during renaming database issue #16851 Fix ($cfg['Order']) default column order doesn't have have any effect since phpMyAdmin 4.2.0 issue #18258 Speed improvements when exporting a database issue #18769 Improved collations support for MariaDB 10.10 There are many, many more fixes that you can see in the ChangeLog file included with this release or online -------------------------------------------------------------------------------- ChangeLog: * Wed Jan 22 2025 Remi Collet - 5.2.2-1 - update to 5.2.2 (2025-01-21, security and bugfix release) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2327066 - CVE-2023-44270 phpMyAdmin: Improper input validation in PostCSS [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2327066 [ 2 ] Bug #2331110 - CVE-2024-55565 phpMyAdmin: nanoid mishandles non-integer values [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2331110 [ 3 ] Bug #2334300 - CVE-2024-56522 phpMyAdmin: unserializeTCPDFtag uses != (aka loose comparison) and does not use a constant-time function to compare TCPDF tag hashes [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2334300 [ 4 ] Bug #2334303 - CVE-2024-56519 phpMyAdmin: setSVGStyles does not sanitize the SVG font-family attribute [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2334303 [ 5 ] Bug #2334305 - CVE-2024-56521 phpMyAdmin: CURLOPT_SSL_VERIFYHOST and CURLOPT_SSL_VERIFYPEER are set unsafely when libcurl is used [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2334305 [ 6 ] Bug #2334346 - CVE-2024-56527 phpMyAdmin: Error function lacks an htmlspecialchars call for the error message. [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2334346 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-4b8ab3834c' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . The latest release of phpMyAdmin 5.2.2 in Fedora 41 comes with essential security updates that target several vulnerabilities.. phpMyAdmin Update, Fedora Security, Web Application Updates, PHP Security Risks. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jan 31, 2025 Critical Fedora
197

Debian 11: DLA-4027-1 Critical: Sympa Authentication Bypass Issue

A flaw was found in Sympa’s web interface, a modern mailing list manager. An attacker may bypass authentication by using an arbitrary e-mail address when the generic SSO loging feature was enabled. . ------------------------------------------------------------------------- Debian LTS Advisory DLA-4027-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Markus Koschany January 21, 2025 https://wiki.debian.org/LTS ------------------------------------------------------------------------- Package : sympa Version : 6.2.60~dfsg-4+deb11u1 CVE ID : CVE-2024-55919 Debian Bug : 1090188 A flaw was found in Sympa’s web interface, a modern mailing list manager. An attacker may bypass authentication by using an arbitrary e-mail address when the generic SSO loging feature was enabled. For Debian 11 bullseye, this problem has been fixed in version 6.2.60~dfsg-4+deb11u1. We recommend that you upgrade your sympa packages. For the detailed security status of sympa please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/sympa Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Debian LTS Advisory DLA-4028-1 addresses a critical vulnerability in the Dovecot email server; users are urged to apply the patch without delay. security advisory, Debian Sympa, authentication bypass, mailing list security. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jan 20, 2025 Critical Debian LTS
202

openSUSE: 2024:0358-1 moderate: qbittorrent security patch

An update that fixes one vulnerability is now available. . openSUSE Security Update: Security update for qbittorrent ______________________________________________________________________________ Announcement ID: openSUSE-SU-2024:0358-1 Rating: moderate References: #1232731 Cross-References: CVE-2024-51774 Affected Products: openSUSE Backports SLE-15-SP6 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for qbittorrent fixes the following issues: - Update to version 5.0.1 (fixes boo#1232731 CVE-2024-51774) Added features: * Add "Simple pread/pwrite" disk IO type Bug fixes: * Don't ignore SSL errors (boo#1232731 CVE-2024-51774) * Don't try to apply Mark-of-the-Web to nonexistent files * Disable "Move to trash" option by default * Disable the ability to create torrents with a piece size of 256MiB * Allow to choose Qt style * Always notify user about duplicate torrent * Correctly handle "torrent finished after move" event * Correctly apply filename filter when `!qB` extension is enabled * Improve color scheme change detection * Fix button state for SSL certificate check Web UI: * Fix CSS that results in hidden torrent list in some browsers * Use proper text color to highlight items in all filter lists * Fix 'rename files' dialog cannot be opened more than once * Fix UI of Advanced Settings to show all settings * Free resources allocated by web session once it is destructed Search: * Import correct libraries Other changes: * Sync flag icons with upstream Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP6: zypper in -t patch openSUSE-2024-358=1 Package List: - openSUSE Backports SLE-15-SP6 (aarch64 ppc64le s390x x86_64): qbittorrent-5.0.1-bp156.3.6.1 qbittorrent-nox-5.0.1-bp156.3.6.1 References: https://www.suse.com/security/cve/CVE-2024-51774.html https://bugzilla.suse.com/1232731 . OpenSUSE has released a security update for qbittorrent, addressing several moderate vulnerabilities, while improving the functionality of the web interface and resolving various bugs.. openSUSE patch, qbittorrent update, software security fix. . LinuxSecurity.com Team

Calendar%202 Nov 08, 2024 OpenSUSE
98

Red Hat Linux 6.2 RHSA-2000:014-16 Critical: Piranha Web GUI Remote Exploit

The GUI portion of Piranha may allow any remote attacker to execute commands on the server. . -----BEGIN PGP SIGNED MESSAGE------ --------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: Piranha web GUI exposure Advisory ID: RHSA-2000:014-16 Issue date: 2000-04-18 Updated on: 2000-04-26 Product: Red Hat Linux Keywords: piranha Cross references: php - ---------------------------------------------------------------------1. Topic: The GUI portion of Piranha may allow any remote attacker to execute commands on the server. This may allow a remote attacker to launch additional exploits against a web site from inside the web server. This is an updated release that disables Piranha's web GUI interface unless the site administrator enables it explicitly. 2. Relevant releases/architectures: Red Hat Linux 6.2 - i386 alpha sparc 3. Problem description: When Piranha is installed, it generates a 'secure' web interface ID using the HTML .htaccess method. The information for the account is placed in /home/httpd/html/piranha/secure/passwords which was supposed to be released with a blank password. Unfortunately, the password that is actually on the CD is 'Q'. The original intent was that, when the administrator installed Piranha rpms onto their box, that they would change the default blank password to a password of their own choosing. This is not a hidden account. Its only use is to protect the web pages from unauthorized access. The security problem arises from the file. It is possible to execute commands by entering 'blah;some-command' into the password fields. Everything after the semicolon is executed with the same privilege as the webserver. Because of this, it is possible to compromise the webserver or do serious damage to files on the site that are owned by the user 'nobody' or to export a shell using xterm. Updated piranha packagesreleased as version 0.14.3-1 fixed the security vulnerability while still require for the default behavior of requiring the web administrator to reset the password before making the web site public. Because of the security concerns from the community and in order to protect innocent administrators that might not be aware of the need to change the password for Piranha's interface before going live on the Internet, Red Hat is releasing a new set of packages that disable the piranha web interface by default. The site administrator will have to enable the service from the command line by resetting the password as detailed on the main page of the piranha utility. The new packages that include these changes are known as version piranha-0.4.14-1. Users of Red Hat Linux 6.2 are strongly encouraged to upgrade to the new packages if they are actively using piranha on their system (upgrade instructions follow) or to remove the piranha-gui package altogether by issuing the following command: rpm -e piranha-gui 4. Solution: For each RPM for your particular architecture, run: rpm -Fvh [filename] where filename is the name of the RPM. When you install the update for the piranha-gui, please take a moment to review the instructions presented on the following URL (). This should guide you through the process of installing a password for use with the GUI. 5. Bug IDs fixed ( for more info): N/A 6. Obsoleted by: N/A 7. Conflicts with: N/A 8. RPMs required: Red Hat Linux 6.2: intel: alpha: sparc: sources: 9. Verification: MD5 sum Package Name - --------------------------------------------------------------------------7c9cad243857f3e90cb73457619ad3a0 6.2/SRPMS/piranha-0.4.14-1.src.rpm 179e502f88f149fe3bfb285af851a6d3 6.2/alpha/piranha-0.4.14-1.alpha.rpm 881622bc6403c2af38834c0deaf05d44 6.2/alpha/piranha-docs-0.4.14-1.alpha.rpm 7ffc63ec6f236afc0b19298ec29e6774 6.2/alpha/piranha-gui-0.4.14-1.alpha.rpm 1e04357c0ebb004185b834152667c644 6.2/i386/piranha-0.4.14-1.i386.rpm 5b6649f14979e1b2fbdb763d88e9a3ac 6.2/i386/piranha-docs-0.4.14-1.i386.rpm 1a49816f280dc7a9b83ba9bab42a247f 6.2/i386/piranha-gui-0.4.14-1.i386.rpm 4153b861f030a17745463c1749732b58 6.2/sparc/piranha-0.4.14-1.sparc.rpm dc964993d9a3b6c967e5c4455bc24221 6.2/sparc/piranha-docs-0.4.14-1.sparc.rpm 97071e07e2f34fecf80ba48f61e70ba6 6.2/sparc/piranha-gui-0.4.14-1.sparc.rpm These packages are GPG signed by Red Hat, Inc. for security. Our key is available at: You can verify each package with the following command: rpm --checksig If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg 10. References: This vulnerability was discovered and researched by Allen Wilson and Dan Ingevaldson of Internet Security Systems. Red Hat would like to thank ISS for the assistance in getting this problem fixed quickly. Cristian - --- ----------------------------------------------------------------------Cristian Gafton -- This email address is being protected from spambots. You need JavaScript enabled to view it. -- Red Hat, Inc. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "How could this be a problem in a country where we have Intel and Microsoft?" --Al Gore on Y2K -----BEGIN PGP SIGNATURE-----Version: 2.6.2 iQCVAwUBOQeN/fGvxKXU9NkBAQE7LwP/QnZL0RAfs5odNDee0htT3pxp8IxefuzY jg8aedrbqkbZHzUflaGsFZN1KlXXwpelQ1kO9ro2YAewDvOVRgUFZyEM0gOIRpaJ mAK3cgQageGG09Gg58X+Ov+3AD64R89ufv30YFakrblRYYCLmvZRn4e2zE97DgZM Qk5LS0w9ZoM=lrT3 -----END PGP SIGNATURE----- . The vulnerability notice RHSA-2021:045-10 details flaws within the Apache HTTP Server for CentOS, encouraging users to adhere to recommended upgrade procedures for resolution.. Piranha Security Fix, Red Hat Linux Update, Command Execution Risk. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jun 08, 2023 Critical Red Hat
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200