Alerts This Week
Warning Icon 1 905
Alerts This Week
Warning Icon 1 905

Stay Secure with the Latest Linux Advisories

Opensuse Large Esm H800
openSUSE

openSUSE libyang Important Buffer Overflow Advisory 2026-2381-1

Calendar White Jun 12, 2026
Important
Opensuse Large Esm H900
openSUSE

openSUSE HPLIP Severe Code Execution Denial of Service 2026-2380-1

Calendar White Jun 12, 2026
Critical
Suse Large Esm H900
SuSE

openSUSE HPLIP Critical Escalation DoS Advisory SUSE-2026-2380-1

Calendar White Jun 12, 2026
Critical
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.2 python-Pygments Low Denial of Service CVE-2026-4539

Calendar White Jun 12, 2026
Low
Ubuntu Large Esm H900
Ubuntu

Ubuntu 16.04 LTS GStreamer Base Plugins Critical DoS CVE-2026-2921

Calendar White Jun 12, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 12 Linux Base Update Brings Important Security Fix DLA-4628-1

Calendar White Jun 12, 2026
Informational
Debianlts Large Esm H800
Debian LTS

Debian 12 Kernel-Wedge Update for Linux 6.12 DLA-4627-1

Calendar White Jun 12, 2026
Informational
Opensuse Large Esm H900
openSUSE

openSUSE NetworkManager-libreswan Important Security Update CVE-2024-9050

Calendar White Jun 12, 2026
Important
Opensuse Large Esm H900
openSUSE

openSUSE Rclone Critical Security Update CVE-2026-25680 CVE-2026-25681

Calendar White Jun 12, 2026
Critical
Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":555,"type":"x","order":1,"pct":78.72,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.26,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.82,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.2,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
91
Ls Advisories Gentoo Esm H240
Price Tag%201security advisoryheap overflowGentoo Linux

Gentoo: GLSA-200604-10 Normal: zgv/xzgv Heap Overflow Attack

xzgv and zgv attempt to decode JPEG images within the CMYK/YCCK colour space incorrectly, potentially resulting in the execution of arbitrary code. [More...]. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200604-10 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: zgv, xzgv: Heap overflow Date: April 21, 2006 Bugs: #127008 ID: 200604-10 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= xzgv and zgv attempt to decode JPEG images within the CMYK/YCCK colour space incorrectly, potentially resulting in the execution of arbitrary code. Background ========= xzgv and zgv are picture viewing utilities with a thumbnail based file selector. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 media-gfx/xzgv < 0.8-r2 > = 0.8-r2 2 media-gfx/zgv < 5.8 > = 5.8 ------------------------------------------------------------------- 2 affected packages on all of their supported architectures. ------------------------------------------------------------------- Description ========== Andrea Barisani of Gentoo Linux discovered xzgv and zgv allocate insufficient memory when rendering images with more than 3 output components, such as images using the YCCK or CMYK colour space. When xzgv or zgv attempt to render the image, data from the image overruns a heap allocated buffer. Impact ===== An attacker may be able to construct a malicious image that executes arbitrary code with the permissions of the xzgv orzgv user when attempting to render the image. Workaround ========= There is no known workaround at this time. Resolution ========= All xzgv users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =media-gfx/xzgv-0.8-r2" All zgv users should also upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =media-gfx/zgv-5.8" References ========= [ 1 ] CVE-2006-1060 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200604-10 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org/. License ====== Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.0/ . Buffer overflow in wxyz and abcde could enable remote code execution on Fedora. Urgent patches necessary for users.. Gentoo Security,image rendering update,heap overflow risk. . LinuxSecurity.com Team

Calendar%202 Apr 21, 2006 Gentoo
87
Ls Advisories Debian Esm H240
Price Tag%201security advisorydebianremote execution

Debian: DSA 614-1 Moderate: xzgv Integer Overflow Remote Execution

Luke "infamous41md" discoverd multiple vulnerabilities in xzgv, a picture viewer for X11 with a thumbnail-based selector. Remote exploitation of an integer overflow vulnerability could allow the execution of arbitrary code.. --------------------------------------------------------------------------Debian Security Advisory DSA 614-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Martin Schulze December 21st, 2004 http://www.debian.org/security/faq --------------------------------------------------------------------------Package : xzgv Vulnerability : integer overflows Problem-Type : remote Debian-specific: no CVE ID : CAN-2004-0994 Luke "infamous41md" discoverd multiple vulnerabilities in xzgv, a picture viewer for X11 with a thumbnail-based selector. Remote exploitation of an integer overflow vulnerability could allow the execution of arbitrary code. For the stable distribution (woody) these problems have been fixed in version 0.7-6woody2. For the unstable distribution (sid) these problems have been fixed in version 0.8-3. We recommend that you upgrade your xzgv package immediately. Upgrade Instructions --------------------wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.0 alias woody -------------------------------- Source archives: Size/MD5 checksum: 579 27ae6cedb8409d1a61250227194a6b18 Size/MD5 checksum: 6782 fc970417371b3fab54b0cee4bc9ad695 Size/MD5 checksum: 296814 9a376cc01cf486a2a8901fbc8b040d29 Alpha architecture: Size/MD5 checksum: 199532 b3ac4de63867a36dd018ed530f0d10f7 ARM architecture: Size/MD5 checksum: 187026 299e911e0b72e2ec50a4e2fe483631fd Intel IA-32 architecture: Size/MD5 checksum: 185198 8daddd8cd55896f09bd34a962d506480 Intel IA-64 architecture: Size/MD5 checksum: 219706 d06e18a31733ed58a8f0515d98ae36dd HP Precision architecture: Size/MD5 checksum: 195394 de8fb62bad56ed7b39d14242b82f501d Motorola 680x0 architecture: Size/MD5 checksum: 181580 32bb51323358c9592bcb7a9a6254d378 Big endian MIPS architecture: Size/MD5 checksum: 188456 b9db5a09c63151dd48a8c10670828527 Little endian MIPS architecture: Size/MD5 checksum: 187458 6db543152183971188c0f02b2f06f5e6 PowerPC architecture: Size/MD5 checksum: 189504 c2df06701aef5409b88d342ef826335d IBM S/390 architecture: Size/MD5 checksum: 188976 530d93c6ca5132b42d64ca60c9fab9b0 Sun Sparc architecture: Size/MD5 checksum: 188952 9f5fefef2a5581e77cf94b9ad4e9f042 These files will probably be moved into the stable distribution on its next update. ---------------------------------------------------------------------------------For apt-get: deb https://www.debian.org/security/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. Package info: `apt-cache show ' and https://www.debian.org/distrib/packages . Tackling buffer overflow issues in xzgv to mitigate the threats of unauthorized code execution on Debian platforms.. Debian Security,xzgv Exploits,Remote Code Issues. . LinuxSecurity.com Team

Calendar%202 Dec 21, 2004 Debian
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":555,"type":"x","order":1,"pct":78.72,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.26,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.82,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.2,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here