Find the information you need for your favorite open source distribution .
Tornado is a scalable, non-blocking Python web framework and asynchronous networking library. CVE-2023-28370
It was discovered that there was a potential Denial of Service (DoS) vulnerability, in Django, a popular Python-based web development framework.
debootstrap has been updated to avoid pulling in usr-is-merged in testing and unstable. This fixes creating testing/unstable chroots after src:usrmerge is removed from the archive.
Multiple vulnerabilities were found in opensc, a set of libraries and utilities to access smart cards, which could lead to application crash, information leak, or PIN bypass.
Multiple vulnerabilities were fixed in node-postcss a tool for transforming styles with JS plugins. CVE-2021-23566
A microcode update has been released for Intel processors, addressing multiple vulnerabilties which potentially could cause local privileged escalation or local DoS.
XStream is a simple java library to serialize objects to XML and back again. Two vulnerabilities were fixed: CVE-2021-43859:
Multiple vulnerabilities were found in sqlparse, a non-validating SQL parser for Python, which can lead to Denial of Service. CVE-2021-32839
Multiple multiple vulnerabilities were discovered in plugins for the GStreamer media framework and its codecs and demuxers, which may result in denial of service or potentially the execution of arbitrary code if a malformed media file is opened.
Multiple vulnerabilities were found in python-urllib3, an HTTP library with thread-safe connection pooling for Python, which could lead to information disclosure or authorization bypass.
It was discovered that there was a remotely exploitable vulnerability in php-laravel-framework, a popular web application framework written in PHP.
HTTP Request Smuggling has been fixed in the Python WSGI HTTP Server Gunicorn. For Debian 11 bullseye, this problem has been fixed in version 20.1.0-1+deb11u1.
Multiple vulnerabilities have been fixed in the PostgreSQL JDBC Driver. CVE-2022-31197
An integer overflow was found in GStreamer a multimedia framework. For Debian 11 bullseye, this problem has been fixed in version 1.18.4-2.1+deb11u1.
Two vulnerabilities were discovered in pgpool2, a connection pool server and replication proxy for PostgreSQL. CVE-2023-22332
Multiple vulnerabilities were discovered in libsoup2.4, an HTTP library for Gtk+ programs. CVE-2024-52530
A heap-based buffer write overflow issue was discovered in UPX, an efficient live-compressor for executables. An attacker could corrupt memory via a crafted file, leading to undefined impact (from denial-of-service to code execution).
This update fixes a regression that broke the python-jinja2 package for Python 2. Note that while this regression has been fixed, running applications
Multiple vulnerabilities have been fixed in the service discovery system Avahi. CVE-2023-1981
Improper Authentication has been fixed in ruby-doorkeeper, an OAuth 2 provider for Rails and Grape. For Debian 11 bullseye, this problem has been fixed in version
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
