Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 5 articles for you...
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorymoderateCVE reference

openSUSE 15.4, 15.5 Moderate: xmltooling Server-Side Request Forgery

This update for xmltooling fixes the following issues: CVE-2023-36661: Fix server-side request forgery vulnerability (bsc#1212359). # Security update for xmltooling Announcement ID: SUSE-SU-2023:3089-1 Rating: moderate References: * #1212359 Cross-References: * CVE-2023-36661 CVSS scores: * CVE-2023-36661 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2023-36661 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * Server Applications Module 15-SP4 * Server Applications Module 15-SP5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Real Time 15 SP3 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.2 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.2 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for xmltooling fixes the following issues: * CVE-2023-36661: Fix server-side request forgery vulnerability (bsc#1212359) ## Patch Instructions: To install this SUSE Moderate update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run thecommand listed for your product: * openSUSE Leap 15.4 zypper in -t patch openSUSE-SLE-15.4-2023-3089=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2023-3089=1 * Server Applications Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP4-2023-3089=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2023-3089=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-3089=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-3089=1 * SUSE Linux Enterprise Real Time 15 SP3 zypper in -t patch SUSE-SLE-Product-RT-15-SP3-2023-3089=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-3089=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2023-3089=1 * SUSE Manager Proxy 4.2 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2023-3089=1 * SUSE Manager Retail Branch Server 4.2 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.2-2023-3089=1 * SUSE Manager Server 4.2 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.2-2023-3089=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2023-3089=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * libxmltooling-lite9-3.1.0-150300.3.3.1 * libxmltooling9-3.1.0-150300.3.3.1 * xmltooling-debugsource-3.1.0-150300.3.3.1 * xmltooling-schemas-3.1.0-150300.3.3.1 * libxmltooling-lite9-debuginfo-3.1.0-150300.3.3.1 * xmltooling-debuginfo-3.1.0-150300.3.3.1 * libxmltooling-devel-3.1.0-150300.3.3.1 * libxmltooling9-debuginfo-3.1.0-150300.3.3.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libxmltooling-lite9-3.1.0-150300.3.3.1 * libxmltooling9-3.1.0-150300.3.3.1 * xmltooling-debugsource-3.1.0-150300.3.3.1 * xmltooling-schemas-3.1.0-150300.3.3.1 * libxmltooling-lite9-debuginfo-3.1.0-150300.3.3.1 * xmltooling-debuginfo-3.1.0-150300.3.3.1 * libxmltooling-devel-3.1.0-150300.3.3.1 * libxmltooling9-debuginfo-3.1.0-150300.3.3.1 * Server Applications Module 15-SP4 (aarch64 ppc64le s390x x86_64) * libxmltooling-lite9-3.1.0-150300.3.3.1 * libxmltooling9-3.1.0-150300.3.3.1 * xmltooling-debugsource-3.1.0-150300.3.3.1 * xmltooling-schemas-3.1.0-150300.3.3.1 * libxmltooling-lite9-debuginfo-3.1.0-150300.3.3.1 * xmltooling-debuginfo-3.1.0-150300.3.3.1 * libxmltooling-devel-3.1.0-150300.3.3.1 * libxmltooling9-debuginfo-3.1.0-150300.3.3.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libxmltooling-lite9-3.1.0-150300.3.3.1 * libxmltooling9-3.1.0-150300.3.3.1 * xmltooling-debugsource-3.1.0-150300.3.3.1 * xmltooling-schemas-3.1.0-150300.3.3.1 * libxmltooling-lite9-debuginfo-3.1.0-150300.3.3.1 * xmltooling-debuginfo-3.1.0-150300.3.3.1 * libxmltooling-devel-3.1.0-150300.3.3.1 * libxmltooling9-debuginfo-3.1.0-150300.3.3.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (aarch64 x86_64) * libxmltooling-lite9-3.1.0-150300.3.3.1 * libxmltooling9-3.1.0-150300.3.3.1 * xmltooling-debugsource-3.1.0-150300.3.3.1 * xmltooling-schemas-3.1.0-150300.3.3.1 * libxmltooling-lite9-debuginfo-3.1.0-150300.3.3.1 * xmltooling-debuginfo-3.1.0-150300.3.3.1 * libxmltooling-devel-3.1.0-150300.3.3.1 * libxmltooling9-debuginfo-3.1.0-150300.3.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libxmltooling-lite9-3.1.0-150300.3.3.1 * libxmltooling9-3.1.0-150300.3.3.1 * xmltooling-debugsource-3.1.0-150300.3.3.1 * xmltooling-schemas-3.1.0-150300.3.3.1 * libxmltooling-lite9-debuginfo-3.1.0-150300.3.3.1 * xmltooling-debuginfo-3.1.0-150300.3.3.1 *libxmltooling-devel-3.1.0-150300.3.3.1 * libxmltooling9-debuginfo-3.1.0-150300.3.3.1 * SUSE Linux Enterprise Real Time 15 SP3 (x86_64) * libxmltooling-lite9-3.1.0-150300.3.3.1 * libxmltooling9-3.1.0-150300.3.3.1 * xmltooling-debugsource-3.1.0-150300.3.3.1 * xmltooling-schemas-3.1.0-150300.3.3.1 * libxmltooling-lite9-debuginfo-3.1.0-150300.3.3.1 * xmltooling-debuginfo-3.1.0-150300.3.3.1 * libxmltooling-devel-3.1.0-150300.3.3.1 * libxmltooling9-debuginfo-3.1.0-150300.3.3.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * libxmltooling-lite9-3.1.0-150300.3.3.1 * libxmltooling9-3.1.0-150300.3.3.1 * xmltooling-debugsource-3.1.0-150300.3.3.1 * xmltooling-schemas-3.1.0-150300.3.3.1 * libxmltooling-lite9-debuginfo-3.1.0-150300.3.3.1 * xmltooling-debuginfo-3.1.0-150300.3.3.1 * libxmltooling-devel-3.1.0-150300.3.3.1 * libxmltooling9-debuginfo-3.1.0-150300.3.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libxmltooling-lite9-3.1.0-150300.3.3.1 * libxmltooling9-3.1.0-150300.3.3.1 * xmltooling-debugsource-3.1.0-150300.3.3.1 * xmltooling-schemas-3.1.0-150300.3.3.1 * libxmltooling-lite9-debuginfo-3.1.0-150300.3.3.1 * xmltooling-debuginfo-3.1.0-150300.3.3.1 * libxmltooling-devel-3.1.0-150300.3.3.1 * libxmltooling9-debuginfo-3.1.0-150300.3.3.1 * SUSE Manager Proxy 4.2 (x86_64) * libxmltooling-lite9-3.1.0-150300.3.3.1 * libxmltooling9-3.1.0-150300.3.3.1 * xmltooling-debugsource-3.1.0-150300.3.3.1 * xmltooling-schemas-3.1.0-150300.3.3.1 * libxmltooling-lite9-debuginfo-3.1.0-150300.3.3.1 * xmltooling-debuginfo-3.1.0-150300.3.3.1 * libxmltooling-devel-3.1.0-150300.3.3.1 * libxmltooling9-debuginfo-3.1.0-150300.3.3.1 * SUSE Manager Retail Branch Server 4.2 (x86_64) * libxmltooling-lite9-3.1.0-150300.3.3.1 * libxmltooling9-3.1.0-150300.3.3.1 * xmltooling-debugsource-3.1.0-150300.3.3.1 *xmltooling-schemas-3.1.0-150300.3.3.1 * libxmltooling-lite9-debuginfo-3.1.0-150300.3.3.1 * xmltooling-debuginfo-3.1.0-150300.3.3.1 * libxmltooling-devel-3.1.0-150300.3.3.1 * libxmltooling9-debuginfo-3.1.0-150300.3.3.1 * SUSE Manager Server 4.2 (ppc64le s390x x86_64) * libxmltooling-lite9-3.1.0-150300.3.3.1 * libxmltooling9-3.1.0-150300.3.3.1 * xmltooling-debugsource-3.1.0-150300.3.3.1 * xmltooling-schemas-3.1.0-150300.3.3.1 * libxmltooling-lite9-debuginfo-3.1.0-150300.3.3.1 * xmltooling-debuginfo-3.1.0-150300.3.3.1 * libxmltooling-devel-3.1.0-150300.3.3.1 * libxmltooling9-debuginfo-3.1.0-150300.3.3.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libxmltooling-lite9-3.1.0-150300.3.3.1 * libxmltooling9-3.1.0-150300.3.3.1 * xmltooling-debugsource-3.1.0-150300.3.3.1 * xmltooling-schemas-3.1.0-150300.3.3.1 * libxmltooling-lite9-debuginfo-3.1.0-150300.3.3.1 * xmltooling-debuginfo-3.1.0-150300.3.3.1 * libxmltooling-devel-3.1.0-150300.3.3.1 * libxmltooling9-debuginfo-3.1.0-150300.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2023-36661.html * https://bugzilla.suse.com/show_bug.cgi?id=1212359 . The update for xmltooling addresses CVE-2023-36661, which pertains to a server-side request forgery vulnerability assessed as moderate in severity.. xmltooling security, openSUSE update, server-side request forgery. . LinuxSecurity.com Team

Calendar 2 Aug 01, 2023 OpenSUSE
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorymoderatedebian

Debian 10 Buster DLA-3464-1 Moderate: Xmltooling SSRF Issue Resolved

Jurien de Jong discovered that the parsing of KeyInfo elements within the XMLTooling library may result in server-side request forgery. For Debian 10 buster, this problem has been fixed in version . -------------------------------------------------------------------------Debian LTS Advisory DLA-3464-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Santiago Ruano Rincón June 21, 2023 https://wiki.debian.org/LTS -------------------------------------------------------------------------Package : xmltooling Version : 3.0.4-1+deb10u2 Debian Bug : 1037948 CVE ID : not yet available Jurien de Jong discovered that the parsing of KeyInfo elements within the XMLTooling library may result in server-side request forgery. For Debian 10 buster, this problem has been fixed in version 3.0.4-1+deb10u2. We recommend that you upgrade your xmltooling packages. For the detailed security status of xmltooling please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/xmltooling Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Debian LTS addresses a vulnerability concerning server-side request forgery in xmltooling. It is advised to update to version 3.0.4-1+deb10u2 to ensure security.. Debian LTS, xmltooling update, server-side request forgery. . LinuxSecurity.com Team

Calendar 2 Jun 21, 2023 Debian LTS
Banner 3 1028x280 1708121785 1771599793
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorymoderateserver-side request forgery

Debian: DSA-5432-1 Moderate: Xmltooling Server-Side Request Forgery

Jurien de Jong discovered that the parsing of KeyInfo elements within the XMLTooling library may result in server-side request forgery. For the oldstable distribution (bullseye), this problem has been fixed . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5432-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff June 18, 2023 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : xmltooling CVE ID : not yet available Jurien de Jong discovered that the parsing of KeyInfo elements within the XMLTooling library may result in server-side request forgery. For the oldstable distribution (bullseye), this problem has been fixed in version 3.2.0-3+deb11u1. For the stable distribution (bookworm), this problem has been fixed in version 3.2.3-1+deb12u1. We recommend that you upgrade your xmltooling packages. For the detailed security status of xmltooling please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/xmltooling Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Debian DSA-5433-1 tackles xmlcore vulnerability leading to cross-site scripting in bullseye.. xmltooling update, debian security, server-side request forgery. . LinuxSecurity.com Team

Calendar 2 Jun 18, 2023 Debian
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorymoderatedenial of service

openSUSE: 2019:1276-1 Moderate: xmltooling Denial of Service Fix

An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for xmltooling ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:1276-1 Rating: moderate References: #1129537 Cross-References: CVE-2019-9628 Affected Products: openSUSE Leap 42.3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for xmltooling fixes the following issue: Security issue fixed: - CVE-2019-9628: Fixed an improper handling of exception in XMLTooling library which could result in denial of service against the application using XMLTooling (bsc#1129537). This update was imported from the SUSE:SLE-12-SP1:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 42.3: zypper in -t patch openSUSE-2019-1276=1 Package List: - openSUSE Leap 42.3 (x86_64): libxmltooling-devel-1.5.6-12.1 libxmltooling6-1.5.6-12.1 libxmltooling6-debuginfo-1.5.6-12.1 xmltooling-debugsource-1.5.6-12.1 xmltooling-schemas-1.5.6-12.1 References: https://www.suse.com/security/cve/CVE-2019-9628.html https://bugzilla.suse.com/1129537 -- . openSUSE Security Update for xmltooling that resolves a moderate security vulnerability identified as CVE-2019-9628. To implement the patch, please follow the outlined steps.. openSUSE Security, xmltooling Update, Security Issue, Denial of Service, Patch Recommendations. . LinuxSecurity.com Team

Calendar 2 Apr 25, 2019 OpenSUSE
Banner 3 1028x280 1708121785 1771599793
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorydenial of serviceupdate

openSUSE: 2020:2346-2 High Severity Vulnerability in libxml2 Exploited

An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for xmltooling ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:1235-1 Rating: moderate References: #1129537 Cross-References: CVE-2019-9628 Affected Products: openSUSE Leap 15.0 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for xmltooling fixes the following issues: Security issue fixed: - CVE-2019-9628: Fixed an improper handling of exception in XMLTooling library which could result in denial of service against the application using XMLTooling (bsc#1129537). This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.0: zypper in -t patch openSUSE-2019-1235=1 Package List: - openSUSE Leap 15.0 (x86_64): libxmltooling-devel-1.6.4-lp150.2.3.1 libxmltooling7-1.6.4-lp150.2.3.1 libxmltooling7-debuginfo-1.6.4-lp150.2.3.1 xmltooling-debugsource-1.6.4-lp150.2.3.1 xmltooling-schemas-1.6.4-lp150.2.3.1 References: https://www.suse.com/security/cve/CVE-2019-9628.html https://bugzilla.suse.com/1129537 -- . openSUSE has issued a security update targeting a moderate vulnerability in xmltooling, which addresses a flaw that might cause a Denial of Service (DoS) issue. openSUSE Update, xmltooling Security, moderate Threat, Denial Of Service. . LinuxSecurity.com Team

Calendar 2 Apr 18, 2019 OpenSUSE
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorymoderatedenial of service

SUSE: 2020:0915-2 Moderate: xmltooling Denial Of Service Issue

An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for xmltooling ______________________________________________________________________________ Announcement ID: SUSE-SU-2019:0928-1 Rating: moderate References: #1129537 Cross-References: CVE-2019-9628 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP4 SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Server 12-SP4 SUSE Linux Enterprise Server 12-SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for xmltooling fixes the following issue: Security issue fixed: - CVE-2019-9628: Fixed an improper handling of exception in XMLTooling library which could result in denial of service against the application using XMLTooling (bsc#1129537). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP4: zypper in -t patch SUSE-SLE-SDK-12-SP4-2019-928=1 - SUSE Linux Enterprise Software Development Kit 12-SP3: zypper in -t patch SUSE-SLE-SDK-12-SP3-2019-928=1 - SUSE Linux Enterprise Server 12-SP4: zypper in -t patch SUSE-SLE-SERVER-12-SP4-2019-928=1 - SUSE Linux Enterprise Server 12-SP3: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2019-928=1 Package List: - SUSE Linux Enterprise Software Development Kit 12-SP4 (aarch64 ppc64le s390x x86_64): libxmltooling-devel-1.5.6-3.9.1 xmltooling-debugsource-1.5.6-3.9.1 - SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64 ppc64le s390x x86_64): libxmltooling-devel-1.5.6-3.9.1 xmltooling-debugsource-1.5.6-3.9.1 - SUSE Linux Enterprise Server 12-SP4 (aarch64 ppc64le s390x x86_64): libxmltooling6-1.5.6-3.9.1 libxmltooling6-debuginfo-1.5.6-3.9.1 xmltooling-debugsource-1.5.6-3.9.1 xmltooling-schemas-1.5.6-3.9.1 - SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64): libxmltooling6-1.5.6-3.9.1 libxmltooling6-debuginfo-1.5.6-3.9.1 xmltooling-debugsource-1.5.6-3.9.1 xmltooling-schemas-1.5.6-3.9.1 References: https://www.suse.com/security/cve/CVE-2019-9628.html https://bugzilla.suse.com/1129537 _______________________________________________ sle-security-updates mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. http://lists.suse.com/mailman/listinfo/sle-security-updates . Learn how to resolve the moderate security vulnerability in xmltooling for SUSE Linux Enterprise by following the provided patch application steps. SUSE Security Update, xmltooling, denial of service. . LinuxSecurity.com Team

Calendar 2 Apr 10, 2019 SuSE
Banner 3 1028x280 1708121785 1771599793
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorydenial of servicemoderate severity

SUSE: 2021:0922-1 Moderate Vulnerability in Networklib Security Risk

An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for xmltooling ______________________________________________________________________________ Announcement ID: SUSE-SU-2019:0929-1 Rating: moderate References: #1129537 Cross-References: CVE-2019-9628 Affected Products: SUSE Linux Enterprise Module for Server Applications 15 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for xmltooling fixes the following issues: Security issue fixed: - CVE-2019-9628: Fixed an improper handling of exception in XMLTooling library which could result in denial of service against the application using XMLTooling (bsc#1129537). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Server Applications 15: zypper in -t patch SUSE-SLE-Module-Server-Applications-15-2019-929=1 Package List: - SUSE Linux Enterprise Module for Server Applications 15 (aarch64 ppc64le s390x x86_64): libxmltooling-devel-1.6.4-3.3.2 libxmltooling7-1.6.4-3.3.2 libxmltooling7-debuginfo-1.6.4-3.3.2 xmltooling-debugsource-1.6.4-3.3.2 xmltooling-schemas-1.6.4-3.3.2 References: https://www.suse.com/security/cve/CVE-2019-9628.html https://bugzilla.suse.com/1129537 _______________________________________________ sle-security-updates mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. http://lists.suse.com/mailman/listinfo/sle-security-updates . Patch released for SUSE xmltooling addresses CVE-2019-9628; moderate severity, resolves denial of service vulnerability.. SUSE Linux Security, xmltooling Update, Denial of Service Fix. . LinuxSecurity.com Team

Calendar 2 Apr 10, 2019 SuSE
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorydenial of serviceupdate instructions

Ubuntu: USN-3921-1 Moderate: XMLTooling Denial Of Service

xmltooling could be made to crash if it opened a specially crafted file.. ========================================================================Ubuntu Security Notice USN-3921-1 March 26, 2019 xmltooling vulnerability ======================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.10 - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: xmltooling could be made to crash if it opened a specially crafted file. Software Description: - xmltooling: C++ XML parsing library with encryption support Details: It was discovered that XMLTooling incorrectly handled certain XML files with invalid data. An attacker could use this issue to cause XMLTooling to crash, resulting in a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.10: libxmltooling8 3.0.2-1ubuntu1.1 Ubuntu 18.04 LTS: libxmltooling7 1.6.4-1ubuntu2.1 Ubuntu 16.04 LTS: libxmltooling6v5 1.5.6-2ubuntu0.3 Ubuntu 14.04 LTS: libxmltooling6 1.5.3-2+deb8u3ubuntu0.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-3921-1 CVE-2019-9628 Package Information: https://launchpad.net/ubuntu/+source/xmltooling/3.0.2-1ubuntu1.1 https://launchpad.net/ubuntu/+source/xmltooling/1.6.4-1ubuntu2.1 https://launchpad.net/ubuntu/+source/xmltooling/1.5.6-2ubuntu0.3 https://launchpad.net/ubuntu/+source/xmltooling/1.5.3-2+deb8u3ubuntu0.1 . The Ubuntu Security Advisory USN-3922-1 details a vulnerability in libxyz that could lead to a remote exploitation, impacting several versions of Ubuntu.. xmltooling, denial of service, Ubuntu update, security notice. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Mar 26, 2019 Important Ubuntu
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here