Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Stay Secure with the Latest Linux Advisories

Opensuse Large Esm H800
openSUSE

openSUSE Security Notice 2026-2328-1 Significant Updates on Four Xen Risks

Calendar White Jun 10, 2026
Important
Suse Large Esm H900
SuSE

openSUSE 2026-2328-1 Xen Important Buffer Overflow Patch

Calendar White Jun 10, 2026
Important
Opensuse Large Esm H900
openSUSE

openSUSE Leap 15.6 Important Xen Denial of Service Fix SUSE-SU-2026-2329-1

Calendar White Jun 10, 2026
Important
Suse Large Esm H800
SuSE

openSUSE Important xen Patch for Multiple Threats SUSE-2026-2329-1

Calendar White Jun 10, 2026
Important
Suse Large Esm H900
SuSE

SUSE MariaDB Critical Security Fix 12 Vulnerabilities 2026-2330-1

Calendar White Jun 10, 2026
Critical
Ubuntu Large Esm H900
Ubuntu

Ubuntu 22.04 LTS Exim4 Moderate Regression CVE-2023-42117

Calendar White Jun 10, 2026
Important
Suse Large Esm H800
SuSE

SUSE StrongSwan Important Double-Free CVE-2026-47895 Advisory 2026-2312-1

Calendar White Jun 10, 2026
Important
Suse Large Esm H900
SuSE

SUSE vim Important Command Injection Buffer Overflow Update 2026-2313-1

Calendar White Jun 10, 2026
Important
Suse Large Esm H900
SuSE

openSUSE Important libsoup HTTP Request Smuggling Vulnerability 2026-2314-1

Calendar White Jun 10, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":552,"type":"x","order":1,"pct":78.63,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.27,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.84,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.25,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
100
Ls Advisories Suse Esm H240
Price Tag 1security advisoryupdatebuffer overflow

SUSE 15-SP6: 2024:4290-1 important: libsoup critical issues

* bsc#1233285 * bsc#1233287 * bsc#1233292 Cross-References: . # Security update for libsoup2 Announcement ID: SUSE-SU-2024:4290-1 Release Date: 2024-12-11T11:10:48Z Rating: important References: * bsc#1233285 * bsc#1233287 * bsc#1233292 Cross-References: * CVE-2024-52530 * CVE-2024-52531 * CVE-2024-52532 CVSS scores: * CVE-2024-52530 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-52530 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-52530 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-52531 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-52531 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-52531 ( NVD ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-52532 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-52532 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-52532 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for libsoup2 fixes the following issues: * CVE-2024-52530: Fixed HTTP request smuggling via stripping null bytes from the ends of header names (bsc#1233285) * CVE-2024-52531: Fixed buffer overflow via UTF-8 conversion in soup_header_parse_param_list_strict (bsc#1233292) * CVE-2024-52532: Fixed infinite loop while reading websocket data (bsc#1233287) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the commandlisted for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-4290=1 openSUSE-SLE-15.6-2024-4290=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-4290=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libsoup-2_4-1-debuginfo-2.74.3-150600.4.3.1 * libsoup-2_4-1-2.74.3-150600.4.3.1 * typelib-1_0-Soup-2_4-2.74.3-150600.4.3.1 * libsoup2-debugsource-2.74.3-150600.4.3.1 * libsoup2-devel-2.74.3-150600.4.3.1 * openSUSE Leap 15.6 (x86_64) * libsoup2-devel-32bit-2.74.3-150600.4.3.1 * libsoup-2_4-1-32bit-debuginfo-2.74.3-150600.4.3.1 * libsoup-2_4-1-32bit-2.74.3-150600.4.3.1 * openSUSE Leap 15.6 (noarch) * libsoup2-lang-2.74.3-150600.4.3.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libsoup-2_4-1-64bit-2.74.3-150600.4.3.1 * libsoup-2_4-1-64bit-debuginfo-2.74.3-150600.4.3.1 * libsoup2-devel-64bit-2.74.3-150600.4.3.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libsoup-2_4-1-debuginfo-2.74.3-150600.4.3.1 * libsoup-2_4-1-2.74.3-150600.4.3.1 * typelib-1_0-Soup-2_4-2.74.3-150600.4.3.1 * libsoup2-debugsource-2.74.3-150600.4.3.1 * libsoup2-devel-2.74.3-150600.4.3.1 * Basesystem Module 15-SP6 (noarch) * libsoup2-lang-2.74.3-150600.4.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-52530.html * https://www.suse.com/security/cve/CVE-2024-52531.html * https://www.suse.com/security/cve/CVE-2024-52532.html * https://bugzilla.suse.com/show_bug.cgi?id=1233285 * https://bugzilla.suse.com/show_bug.cgi?id=1233287 * https://bugzilla.suse.com/show_bug.cgi?id=1233292 . Significant news for libsoup2 tackling severe vulnerabilities such as memory leaks and request splitting. Upgrade today!. libsoup2 update, SUSE security advisory, buffer overflow fixes. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Dec 11, 2024 Important SuSE
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedorapatch update

Fedora 40: libsoup3 Security Advisory - Fix for Request Smuggling and Loop

Add patches to fix: CVE-2024-52530 libsoup3: HTTP request smuggling via stripping null bytes from the ends of header names (bug #2325358) CVE-2024-52532 libsoup3: infinite loop while reading websocket data (bug #2325356). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-bd09057dd2 2024-11-28 02:44:05.515188+00:00 -------------------------------------------------------------------------------- Name : libsoup3 Product : Fedora 40 Version : 3.4.4 Release : 5.fc40 URL : https://wiki.gnome.org/Projects/libsoup Summary : Soup, an HTTP library implementation Description : Libsoup is an HTTP library implementation in C. It was originally part of a SOAP (Simple Object Access Protocol) implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. libsoup uses the Glib main loop and is designed to work well with GTK applications. This enables GNOME applications to access HTTP servers on the network in a completely asynchronous fashion, very similar to the Gtk+ programming model (a synchronous operation mode is also supported for those who want it), but the SOAP parts were removed long ago. -------------------------------------------------------------------------------- Update Information: Add patches to fix: CVE-2024-52530 libsoup3: HTTP request smuggling via stripping null bytes from the ends of header names (bug #2325358) CVE-2024-52532 libsoup3: infinite loop while reading websocket data (bug #2325356) -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 12 2024 Milan Crha - 3.4.4-5 - Add a patch to fix CVE-2024-52532 (infinite loop while reading websocket data) * Tue Nov 12 2024 Milan Crha - 3.4.4-4 - Add a patch to fix CVE-2024-52530 (headers: Strictly don't allow NUL bytes) -------------------------------------------------------------------------------- References: [1 ] Bug #2325356 - CVE-2024-52532 libsoup3: infinite loop while reading websocket data [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2325356 [ 2 ] Bug #2325358 - CVE-2024-52530 libsoup3: HTTP request smuggling via stripping null bytes from the ends of header names [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2325358 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-bd09057dd2' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: . New updates for libsoup3 have been launched to fix request smuggling and endless loop vulnerabilities in Fedora 40. Make sure to upgrade immediately!. libsoup3 Security Patch, Fedora Update, Request Smuggling Fix. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Nov 28, 2024 Critical Fedora
Banner 1 1028x280 1708121660 1771599717
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":552,"type":"x","order":1,"pct":78.63,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.27,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.84,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.25,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here