Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -6 articles for you...
203
security advisorydata lossfixMageia 2025-0107: vim Security Advisory Updates
Vim vulnerable to potential data loss with zip.vim and special crafted zip files. (CVE-2025-29768) References: - https://bugs.mageia.org/show_bug.cgi?id=34097 . MGASA-2025-0107 - Updated vim packages fix security vulnerability Publication date: 19 Mar 2025 URL: https://advisories.mageia.org/MGASA-2025-0107.html Type: security Affected Mageia releases: 9 CVE: CVE-2025-29768 Vim vulnerable to potential data loss with zip.vim and special crafted zip files. (CVE-2025-29768) References: - https://bugs.mageia.org/show_bug.cgi?id=34097 - https://www.openwall.com/lists/oss-security/2025/03/12/4 - https://github.com/vim/vim/security/advisories/GHSA-693p-m996-3rmf - https://www.cve.org/CVERecord?id=CVE-2025-29768 SRPMS: - 9/core/vim-9.1.1202-1.mga9 . Vim experiences a critical security issue leading to potential data loss with crafted zip files. Update advised.. vulnerable, potential, special, crafted, files, (cve-2025-29768). . Severity: Critical. LinuxSecurity.com Team
Mar 19, 2025
•Critical
Mageia
172
security advisorydenial of servicesoftware updateUbuntu 24.04 LTS USN-6906-1 Moderate: python-zipp Denial of Service
python-zipp could be made to crash if certain zip files are used.. ========================================================================== Ubuntu Security Notice USN-6906-1 July 24, 2024 python-zipp vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: python-zipp could be made to crash if certain zip files are used. Software Description: - python-zipp: pathlib-compatible Zipfile object wrapper - Python 3.x Details: It was discovered that python-zipp did not properly handle the zip files with malformed names. An attacker could possibly use this issue to cause a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS python3-zipp 1.0.0-6ubuntu0.1 Ubuntu 22.04 LTS python3-zipp 1.0.0-3ubuntu0.1 Ubuntu 20.04 LTS pypy-zipp 1.0.0-1ubuntu0.1 python-zipp 1.0.0-1ubuntu0.1 python3-zipp 1.0.0-1ubuntu0.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6906-1 CVE-2024-5569 Package Information: https://launchpad.net/ubuntu/+source/python-zipp/1.0.0-6ubuntu0.1 https://launchpad.net/ubuntu/+source/python-zipp/1.0.0-3ubuntu0.1 https://launchpad.net/ubuntu/+source/python-zipp/1.0.0-1ubuntu0.1 . Ubuntu Security Notice USN-6907-1 addresses a python-requests vulnerability that may lead to unexpected behavior when processing malformed HTTP responses.. Python Zipp Security, Ubuntu Updates, Denial of Service, Python Vulnerability, Zip File Handling. . Severity: Important. LinuxSecurity.com Team
Jul 24, 2024
•Important
Ubuntu
203
security advisorydenial of servicesecurity updateMageia: 2019-0001 Critical: Apache Commons Compress DoS Attack Insight
A flaw was found in Apache Commons Compress versions 1.11 to 1.15. A specially crafted ZIP archive can be used to cause an infinite loop inside of Apache Commons Compress' extra field parser used by the ZipFile and ZipArchiveInputStream classes in versions 1.11 to 1.15. This can be used to mount a denial of service attack against services . MGASA-2019-0001 - Updated pache-commons-compress packages fix security vulnerabilities Publication date: 05 Jan 2019 URL: https://advisories.mageia.org/MGASA-2019-0001.html Type: security Affected Mageia releases: 6 CVE: CVE-2018-1324, CVE-2018-11771 A flaw was found in Apache Commons Compress versions 1.11 to 1.15. A specially crafted ZIP archive can be used to cause an infinite loop inside of Apache Commons Compress' extra field parser used by the ZipFile and ZipArchiveInputStream classes in versions 1.11 to 1.15. This can be used to mount a denial of service attack against services that use Compress' zip package (CVE-2018-1324). Apache Commons Compress versions 1.7 to 1.17 are vulnerable to a denial of service attack via crafted ZIP archive. When reading a specially crafted ZIP archive, the read method of ZipArchiveInputStream can fail to return the correct EOF indication after the end of the stream has been reached. When combined with a java.io.InputStreamReader this can lead to an infinite stream, which can be used to mount a denial of service attack against services that use Compress' zip package (CVE-2018-11771). References: - https://bugs.mageia.org/show_bug.cgi?id=22787 - https://lists.fedoraproject.org/archives/list/
Jan 05, 2019
•Critical
Mageia
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!