Language Selection

English French German Italian Portuguese Spanish

LinuxSecurity.com Advisories

Syndicate content LinuxSecurity - Security Advisories
The central voice for Linux and Open Source security news.
Updated: 3 hours 29 min ago

SUSE: 2022:633-1 sles-15-sp3-chost-byos-v20220510-x86-64 Security Update>

Monday 16th of May 2022 07:18:39 AM
The container sles-15-sp3-chost-byos-v20220510-x86-64 was updated. The following patches have been included in this update:

RedHat: RHSA-2022-2253:01 Important: pcs security update>

Monday 16th of May 2022 06:17:53 AM
An update for pcs is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

RedHat: RHSA-2022-2256:01 Important: pcs security update>

Monday 16th of May 2022 06:17:30 AM
An update for pcs is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

RedHat: RHSA-2022-2255:01 Important: pcs security update>

Monday 16th of May 2022 06:17:15 AM
An update for pcs is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

Fedora 35: et 2022-185b91b741>

Sunday 15th of May 2022 10:07:46 PM
Several security and stability improvements

Fedora 35: supertux 2022-88e3257aef>

Sunday 15th of May 2022 10:06:51 PM
Fix CVE-2022-30292

Fedora 35: ecdsautils 2022-bf58612696>

Sunday 15th of May 2022 10:06:41 PM
Fixes CVE-2022-24884 (Improper Verification of ECDSA Signatures). In previous versions ecdsautils would erroneously accept all-zero signatures as valid. More information can be found here: https://github.com/freifunk- gluon/ecdsautils/security/advisories/GHSA-qhcg-9ffp-78pw

Fedora 34: et 2022-80b92b2a04>

Sunday 15th of May 2022 09:45:34 PM
Several security and stability improvements

Fedora 34: ecdsautils 2022-7704d5e885>

Sunday 15th of May 2022 09:45:12 PM
Fixes CVE-2022-24884 (Improper Verification of ECDSA Signatures). In previous versions ecdsautils would erroneously accept all-zero signatures as valid. More information can be found here: https://github.com/freifunk- gluon/ecdsautils/security/advisories/GHSA-qhcg-9ffp-78pw

Fedora 36: et 2022-e3a794b591>

Sunday 15th of May 2022 09:10:08 PM
Several security and stability improvements

Mageia 2022-0187: clamav security update>

Sunday 15th of May 2022 08:07:46 AM
Infinite loop vulnerability in the CHM file parser. Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions. (CVE-2022-20770) Infinite loop vulnerability in the TIFF file parser. Issue affects versions

Mageia 2022-0186: cairo security update>

Sunday 15th of May 2022 08:07:45 AM
cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) because of mishandling of an unexpected malloc(0) call. (CVE-2017-9814) References:

Mageia 2022-0185: curl security update>

Sunday 15th of May 2022 08:07:44 AM
CERTINFO never-ending busy-loop. (CVE-2022-27781) TLS and SSH connection too eager reuse. (CVE-2022-27782) References: - https://bugs.mageia.org/show_bug.cgi?id=30410

Mageia 2022-0184: freetype2 security update>

Sunday 15th of May 2022 08:07:43 AM
FreeType commit 1e2eb65048f75c64b68708efed6ce904c31f3b2f was discovered to contain a heap buffer overflow via the function sfnt_init_face. (CVE-2022-27404) FreeType commit 53dfdcd8198d2b3201a23c4bad9190519ba918db was discovered to

Mageia 2022-0183: xmlrpc-c security update>

Sunday 15th of May 2022 08:07:42 AM
xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context. (CVE-2022-25235) References:

Mageia 2022-0182: python-waitress security update>

Sunday 15th of May 2022 08:07:41 AM
When using Waitress versions 2.1.0 and prior behind a proxy that does not properly validate the incoming HTTP request matches the RFC7230 standard, Waitress and the frontend proxy may disagree on where one request starts and where it ends. This would allow requests to be smuggled via the front-end proxy to waitress and later behavior. There are two classes of

SUSE: 2022:1015-1 bci/ruby Security Update>

Sunday 15th of May 2022 05:40:40 AM
The container bci/ruby was updated. The following patches have been included in this update:

SUSE: 2022:1014-1 bci/openjdk Security Update>

Sunday 15th of May 2022 05:35:10 AM
The container bci/openjdk was updated. The following patches have been included in this update:

SUSE: 2022:1012-1 bci/golang Security Update>

Sunday 15th of May 2022 05:25:37 AM
The container bci/golang was updated. The following patches have been included in this update:

SUSE: 2022:1011-1 bci/golang Security Update>

Sunday 15th of May 2022 05:25:15 AM
The container bci/golang was updated. The following patches have been included in this update: