Alerts This Week
Warning Icon 1 609
Alerts This Week
Warning Icon 1 609

Stay Secure with the Latest Linux Advisories

Fedora Large Esm H800
Fedora

Fedora 44 Transmission 4.1.2 Important Clickjacking Fix CVE-2026-38978

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 libre 4.8.1 Critical Update Details for Real-Time Communication

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 NextCloud Update Denial of Service JSON Tampering 2026-30881a5be7

Calendar White Jun 05, 2026
Important
Fedora Large Esm H800
Fedora

Fedora 44 python-starlette Security Fix for CVE-2026-48710

Calendar White Jun 05, 2026
Critical
Fedora Large Esm H900
Fedora

Fedora 44 perl-Cpanel-JSON-XS Moderate Denial of Service CVE-2026-9516

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 rubygem-yard High Path Traversal Fix Vuln 2026-acefc1fe48

Calendar White Jun 05, 2026
high
Fedora Large Esm H800
Fedora

Fedora 44 Rust Sequoia Sop Low-Severity Fix Advisory 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Fedora Large Esm H900
Fedora

Fedora 44 rust-sequoia-sq Low Threat Security Advisory 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Fedora Large Esm H900
Fedora

Fedora 44 rust-sequoia-wot Low Severity Security Fix 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -5 articles for you...
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorybuffer overflowimportant

openSUSE: 2020:2033-1 Important: Slurm Buffer Overflow and X11 Threat

An update that fixes two vulnerabilities is now available. . openSUSE Security Update: Security update for slurm ______________________________________________________________________________ Announcement ID: openSUSE-SU-2020:2033-1 Rating: important References: #1178890 #1178891 Cross-References: CVE-2020-27745 CVE-2020-27746 Affected Products: openSUSE Leap 15.1 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for slurm fixes the following issues: - CVE-2020-27745: PMIx - fix potential buffer overflows from use of unpackmem() (bsc#1178890). - CVE-2020-27746: X11 forwarding - fix potential leak of the magic cookie when sent as an argument to the xauth command (bsc#1178891). This update was imported from the SUSE:SLE-15-SP1:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.1: zypper in -t patch openSUSE-2020-2033=1 Package List: - openSUSE Leap 15.1 (x86_64): libpmi0-18.08.9-lp151.2.14.1 libpmi0-debuginfo-18.08.9-lp151.2.14.1 libslurm33-18.08.9-lp151.2.14.1 libslurm33-debuginfo-18.08.9-lp151.2.14.1 perl-slurm-18.08.9-lp151.2.14.1 perl-slurm-debuginfo-18.08.9-lp151.2.14.1 slurm-18.08.9-lp151.2.14.1 slurm-auth-none-18.08.9-lp151.2.14.1 slurm-auth-none-debuginfo-18.08.9-lp151.2.14.1 slurm-config-18.08.9-lp151.2.14.1 slurm-config-man-18.08.9-lp151.2.14.1 slurm-cray-18.08.9-lp151.2.14.1 slurm-cray-debuginfo-18.08.9-lp151.2.14.1 slurm-debuginfo-18.08.9-lp151.2.14.1 slurm-debugsource-18.08.9-lp151.2.14.1 slurm-devel-18.08.9-lp151.2.14.1 slurm-doc-18.08.9-lp151.2.14.1 slurm-hdf5-18.08.9-lp151.2.14.1 slurm-hdf5-debuginfo-18.08.9-lp151.2.14.1 slurm-lua-18.08.9-lp151.2.14.1 slurm-lua-debuginfo-18.08.9-lp151.2.14.1 slurm-munge-18.08.9-lp151.2.14.1 slurm-munge-debuginfo-18.08.9-lp151.2.14.1 slurm-node-18.08.9-lp151.2.14.1 slurm-node-debuginfo-18.08.9-lp151.2.14.1 slurm-openlava-18.08.9-lp151.2.14.1 slurm-pam_slurm-18.08.9-lp151.2.14.1 slurm-pam_slurm-debuginfo-18.08.9-lp151.2.14.1 slurm-plugins-18.08.9-lp151.2.14.1 slurm-plugins-debuginfo-18.08.9-lp151.2.14.1 slurm-seff-18.08.9-lp151.2.14.1 slurm-sjstat-18.08.9-lp151.2.14.1 slurm-slurmdbd-18.08.9-lp151.2.14.1 slurm-slurmdbd-debuginfo-18.08.9-lp151.2.14.1 slurm-sql-18.08.9-lp151.2.14.1 slurm-sql-debuginfo-18.08.9-lp151.2.14.1 slurm-sview-18.08.9-lp151.2.14.1 slurm-sview-debuginfo-18.08.9-lp151.2.14.1 slurm-torque-18.08.9-lp151.2.14.1 slurm-torque-debuginfo-18.08.9-lp151.2.14.1 slurm-webdoc-18.08.9-lp151.2.14.1 References: https://www.suse.com/security/cve/CVE-2020-27745.html https://www.suse.com/security/cve/CVE-2020-27746.html https://bugzilla.suse.com/1178890 https://bugzilla.suse.com/1178891 _______________________________________________ openSUSE Security Announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe, email This email address is being protected from spambots. You need JavaScript enabled to view it. List Netiquette: https://en.opensuse.org/openSUSE:Mailing_list_netiquette List Archives: . A significant Fedora security patch resolves issues related to samba, tackling potential vulnerabilities linked to remote code execution and file sharing protocols.. openSUSE Security, Slurm Update, Buffer Overflow, X11 Forwarding. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Nov 26, 2020 Important OpenSUSE
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydebianbug fix

Debian 8: DLA-1500-2 Low Severity OpenSSH X11 Forwarding Fix

The security update of OpenSSH announced as DLA 1500-1 introduced a bug in openssh-client: when X11 forwarding is enabled (via system-wide configuration in ssh_config or via -X command line switch), but no DISPLAY . Package : openssh Version : 1:6.7p1-5+deb8u7 Debian Bug : 908652 The security update of OpenSSH announced as DLA 1500-1 introduced a bug in openssh-client: when X11 forwarding is enabled (via system-wide configuration in ssh_config or via -X command line switch), but no DISPLAY is set, the client produces a "DISPLAY "(null)" invalid; disabling X11 forwarding" warning. These bug was introduced by the patch set to fix the CVE-2016-1908 issue. For reference, the following is the relevant section of the original announcement: CVE-2016-1908 OpenSSH mishandled untrusted X11 forwarding when the X server disables the SECURITY extension. Untrusted connections could obtain trusted X11 forwarding privileges. Reported by Thomas Hoger. For Debian 8 "Jessie", this problem has been fixed in version 1:6.7p1-5+deb8u7. We recommend that you upgrade your openssh packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . OpenSSH security patch resolves X11 forwarding vulnerability. Ensure that your openssh packages for Debian 8 are updated to mitigate these concerns.. OpenSSH Update, Debian Bug Fix, X11 Forwarding Issue, Linux Security Patches. . Severity: Low. LinuxSecurity.com Team

Calendar 2 Sep 12, 2018 Low Debian LTS
Banner 2 1028x280 1708121730 1 1771599631
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoracritical

Fedora 22: FEDORA-2016-40a657cee1 Critical Level Dropbear Input Validation

CVE-2016-3116 dropbear: X11 forwarding input not validated properly. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-40a657cee1 2016-03-23 23:17:33.338868 -------------------------------------------------------------------------------- Name : dropbear Product : Fedora 22 Version : 2016.72 Release : 1.fc22 URL : https://matt.ucc.asn.au/dropbear/dropbear.html Summary : Lightweight SSH server and client Description : Dropbear is a relatively small SSH server and client. It's particularly useful for "embedded"-type Linux (or other Unix) systems, such as wireless routers. -------------------------------------------------------------------------------- Update Information: CVE-2016-3116 dropbear: X11 forwarding input not validated properly -------------------------------------------------------------------------------- References: [ 1 ] Bug #1316826 - CVE-2016-3116 dropbear: X11 forwarding input not validated properly [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1316826 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update dropbear' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/admin/lists/package-announce.lists.fedoraproject.org/ . Fedora Update Notification FEDORA-2016-40a657cee1 2016-03-23 23:17:33.338868 Name : dropbear Product. cve-2016-3116, dropbear, forwarding, input, validated, properly, --------------------------------. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 24, 2016 Critical Fedora
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydebianremote

Debian: DSA-1576-1 Critical OpenSSH Randomness Attack Mitigated

Jan Pechanec discovered that ssh fails back to creating a trusted X11 cookie if creating an untrusted cookie fails, potentially exposing the local display to a malicious remote server when using X11 forwarding.. - ------------------------------------------------------------------------Debian Security Advisory DSA-1576-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Florian Weimer May 14, 2008 http://www.debian.org/security/faq - ------------------------------------------------------------------------Package : openssh Vulnerability : predictable random number generator Problem type : remote Debian-specific: yes CVE Id(s) : CVE-2008-0166 The recently announced vulnerability in Debian's openssl package (DSA-1571-1, CVE-2008-0166) indirectly affects OpenSSH. As a result, all user and host keys generated using broken versions of the openssl package must be considered untrustworthy, even after the openssl update has been applied. 1. Install the security updates This update contains a dependency on the openssl update and will automatically install a corrected version of the libss0.9.8 package, and a new package openssh-blacklist. Once the update is applied, weak user keys will be automatically rejected where possible (though they cannot be detected in all cases). If you are using such keys for user authentication, they will immediately stop working and will need to be replaced (see step 3). OpenSSH host keys can be automatically regenerated when the OpenSSH security update is applied. The update will prompt for confirmation before taking this step. 2. Update OpenSSH known_hosts files The regeneration of host keys will cause a warning to be displayed when connecting to the system using SSH until the host key is updated in the known_hosts file. The warning will look like this: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that the RSA host key has just been changed. In this case, the host key has simply been changed, and you should update the relevant known_hosts file as indicated in the error message. It is recommended that you use a trustworthy channel to exchange the server key. It is found in the file /etc/ssh/ssh_host_rsa_key.pub on the server; it's fingerprint can be printed using the command: ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key.pub In addition to user-specific known_hosts files, there may be a system-wide known hosts file /etc/ssh/known_hosts. This is file is used both by the ssh client and by sshd for the hosts.equiv functionality. This file needs to be updated as well. 3. Check all OpenSSH user keys The safest course of action is to regenerate all OpenSSH user keys, except where it can be established to a high degree of certainty that the key was generated on an unaffected system. Check whether your key is affected by running the ssh-vulnkey tool, included in the security update. By default, ssh-vulnkey will check the standard location for user keys (~/.ssh/id_rsa, ~/.ssh/id_dsa and ~/.ssh/identity), your authorized_keys file (~/.ssh/authorized_keys and ~/.ssh/authorized_keys2), and the system's host keys (/etc/ssh/ssh_host_dsa_key and /etc/ssh/ssh_host_rsa_key). To check all your own keys, assuming they are in the standard locations (~/.ssh/id_rsa, ~/.ssh/id_dsa, or ~/.ssh/identity): ssh-vulnkey To check all keys on your system: sudo ssh-vulnkey -a To check a key in a non-standard location: ssh-vulnkey /path/to/key Ifssh-vulnkey says "Unknown (no blacklist information)", then it has no information about whether that key is affected. In this case, you can examine the modification time (mtime) of the file using "ls -l". Keys generated before September 2006 are not affected. Keep in mind that, although unlikely, backup procedures may have changed the file date back in time (or the system clock may have been incorrectly set). If in doubt, generate a new key and remove the old one from any servers. 4. Regenerate any affected user keys OpenSSH keys used for user authentication must be manually regenerated, including those which may have since been transferred to a different system after being generated. New keys can be generated using ssh-keygen, e.g.: $ ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/home/user/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/user/.ssh/id_rsa. Your public key has been saved in /home/user/.ssh/id_rsa.pub. The key fingerprint is: 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00 user@host 5. Update authorized_keys files (if necessary) Once the user keys have been regenerated, the relevant public keys must be propagated to any authorized_keys files (and authorized_keys2 files, if applicable) on remote systems. Be sure to delete the lines containing old keys from those files.. In addition to countermeasures to mitigate the randomness vulnerability, this OpenSSH update fixes several other vulnerabilities: CVE-2008-1483: Timo Juhani Lindfors discovered that, when using X11 forwarding, the SSH client selects an X11 forwarding port without ensuring that it can be bound on all address families. If the system is configured with IPv6 (even if it does not have working IPv6 connectivity), this could allow a local attacker on the remote serverto hijack X11 forwarding. CVE-2007-4752: Jan Pechanec discovered that ssh fails back to creating a trusted X11 cookie if creating an untrusted cookie fails, potentially exposing the local display to a malicious remote server when using X11 forwarding. For the stable distribution (etch), these problems have been fixed in version 4.3p2-9etch1. Currently, only a subset of all supported architectures have been built; further updates will be provided when they become available. For the unstable distribution (sid) and the testing distribution (lenny), these problems have been fixed in version 4.7p1-9. We recommend that you upgrade your openssh packages and take the measures indicated above. Upgrade instructions - --------------------wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - -------------------------------Source archives: Size/MD5 checksum: 275168 920f559caa1c8c737b016c08df2bde05 Size/MD5 checksum: 3694141 05eec6b473990bff4fc70921b232794b Size/MD5 checksum: 1074 89930d72e9aff6b344efd35a130e4faa Size/MD5 checksum: 799 aeaa45e0bfbf7f966e3c7fca9181d99d Size/MD5 checksum: 920186 239fc801443acaffd4c1f111948ee69c Architecture independent packages: Size/MD5 checksum: 2121928 fa1ba22d98f91f18b326ee1bfd31bcbb Size/MD5 checksum: 1060 44ec3f52add1876d7b2c1bd3fa3cdbfd Size/MD5 checksum: 92162 9ae37916a6dc269318aff1215b6638cf alpha architecture (DEC Alpha) Size/MD5 checksum: 198496 69fe6fc4002ec592e1756cee28ffd85b Size/MD5 checksum: 782120e5746f3c12a52f72b75cffee8e1c3a6f Size/MD5 checksum: 100402 fda20ac6b68a6882534384e6ce4e6efd Size/MD5 checksum: 213724 118390296bbf6d6d208d39a07895852e Size/MD5 checksum: 266518 be53eb9497ea993e0ae7db6a0a4dcd3a amd64 architecture (AMD x86_64 (AMD64)) Size/MD5 checksum: 183848 bd6c4123fe0e72f7565e455b25eb037c Size/MD5 checksum: 244406 f70bf398d91eb4b8fe27cc5b03548b16 Size/MD5 checksum: 171512 0b8afcf2b96ad97323152342e83dd3bf Size/MD5 checksum: 709734 556332c58aeee82628d35ebf71d15ac1 Size/MD5 checksum: 99896 14d2f97314e7b4b6cb97540667d7f544 hppa architecture (HP PA RISC) Size/MD5 checksum: 189608 5267dec18e00f3e88bd53b3adfe23e62 Size/MD5 checksum: 100438 2ebd2edd75c440c062eaafab5a97b177 Size/MD5 checksum: 250556 1ca2aa080853748ab343381d9f9ffc6b Size/MD5 checksum: 198424 d99af9d81fe074f9b16928cae835ce56 Size/MD5 checksum: 733664 e6abc3231e7d274a5a73321ea3761974 i386 architecture (Intel ia32) Size/MD5 checksum: 660432 16f0807e7871c23af0660e529837cb76 Size/MD5 checksum: 224178 aaedc883a11ba7273e5ddeb496a3488a Size/MD5 checksum: 100000 fd41f726ff14b7f8ab0dfc1c6b43be2c Size/MD5 checksum: 162630 f197dbdfe7a92bd4992d8c77c76b4488 Size/MD5 checksum: 154028 5df04dc7c5474b30e515047740bd0c38 ia64 architecture (Intel ia64) Size/MD5 checksum: 269868 1646034b7db5a862ea17d0d6928900ff Size/MD5 checksum: 961594 394027253cbaeba863f07e7fee848dcb Size/MD5 checksum: 101280 f3e421145857106615ce19cb05508a7a Size/MD5 checksum: 251840 24ba6fd53e10e754845fc4361257d0ff Size/MD5 checksum: 338256 4ff1206f8f3c618f7bfd406f88b38841 powerpc architecture (PowerPC) Size/MD5 checksum: 237040 b50b3e1ac8586eb55a5f06201dd3edf2 Size/MD5 checksum: 173322 f1fa458555b787a2b7fc786da7974b91 Size/MD5 checksum: 700518 fd43ca106400be36545f31b955667e22 Size/MD5 checksum: 101080a5005e3e3447f8eb75d99746a2704b8d Size/MD5 checksum: 168320 61848a42ed513d232fceea6eb335e315 sparc architecture (Sun SPARC/UltraSPARC) Size/MD5 checksum: 218132 ce7a2f44e51c2fe6df31ec567ce65d28 Size/MD5 checksum: 99544 61cd81c98576feea92fb865856311b7d Size/MD5 checksum: 639770 6085da0b96f1e9ee87abec7206eb7ef8 Size/MD5 checksum: 166706 99368689bddbc70f98ef5f51aa19051a Size/MD5 checksum: 158360 07bf438d8e0d3fd02ff37371ff8645d6 These files will probably be moved into the stable distribution on its next update. - ---------------------------------------------------------------------------------For apt-get: deb https://www.debian.org/security/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Ubuntu unveils OpenSSL upgrade to address vulnerabilities in encryption and bolster defense mechanisms. Keep your system secure!. OpenSSH Update, Debain Security Advisory, Remote Threat Resolution, SSH Key Management. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 May 14, 2008 Critical Debian
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here