Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 9,991 articles for you...
197
security advisorysecurity issuecriticalDebian 11 haveged Critical Local Privilege Escalation Vuln DLA-4616-1
Dirk Mueller discovered that a flaw in the function performing a credential check on the command socket of haveged, a userspace entropy daemon, may result in local privilege escalation. For Debian 11 bullseye, this problem has been fixed in version 1.9.14-1+deb11u1.. Debian LTS Advisory DLA-4616-1
Jun 05, 2026
•Critical
Debian LTS
197
security advisorycriticaldebianDebian 11 Exim4 Critical Update DLA-4615-1 CVE-2026-48840
Warisjeet Singh discovered that Exim, a mail transport agent, does not properly handle PROXY frames whose declared payload length is too short for the claimed address family, which may result in information disclosure in configurations with SUPPORT_PROXY and 'host_proxy' set. For Debian 11 bullseye, this problem has been fixed in version. Debian LTS Advisory DLA-4615-1
Jun 05, 2026
•Critical
Debian LTS
172
security advisorydenial of servicecriticalUbuntu 20.04 Postfix Critical Denial of Service USN-8253-2 CVE-2026-43964
Postfix could be made to crash if it received specially crafted network traffic.. ========================================================================== Ubuntu Security Notice USN-8253-2 June 03, 2026 postfix vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: Postfix could be made to crash if it received specially crafted network traffic. Software Description: - postfix: High-performance mail transport agent Details: USN-8253-1 fixed a vulnerability in Postfix. This update provides the corresponding fix for Postfix on Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: Kamil Frankowicz discovered that Postfix incorrectly handled certain enhanced status codes. A remote attacker could possibly use this issue to cause Postfix to crash, resulting in a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS postfix 3.4.13-0ubuntu1.4+esm1 Available with Ubuntu Pro Ubuntu 18.04 LTS postfix 3.3.0-1ubuntu0.4+esm4 Available with Ubuntu Pro Ubuntu 16.04 LTS postfix 3.1.0-3ubuntu0.4+esm4 Available with Ubuntu Pro Ubuntu 14.04 LTS postfix 2.11.0-1ubuntu1.2+esm4 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8253-2 https://ubuntu.com/security/notices/USN-8253-1 CVE-2026-43964 . A critical update for Postfix helps mitigate denial of service on Ubuntu 14.04 to 20.04 LTS against crafted traffic.. Postfix Security Update, Ubuntu20.04 Advisory, Denial of Service Threat. . Severity: Critical. LinuxSecurity.com Team
Jun 05, 2026
•Critical
Ubuntu
172
security advisorycriticalarbitrary code executionUbuntu 26.04 Robocode Critical Network Attack and Code Exec Vuln USN-8385-1
Several security issues were fixed in Robocode.. ========================================================================== Ubuntu Security Notice USN-8385-1 June 04, 2026 robocode vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 26.04 LTS - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Several security issues were fixed in Robocode. Software Description: - robocode: An engaging and educational programming game Details: It was discovered that Robocode could be tricked into making network requests to attacker-controlled systems. An attacker could possibly use this issue to cause external service interaction, resulting in information disclosure. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-10648) Lim Sim Yee discovered that Robocode did not properly validate file paths in the CacheCleaner component. An attacker could possibly use this issue to delete arbitrary files. (CVE-2025-14306) Lim Sim Yee discovered that Robocode did not securely create temporary files in the AutoExtract component. An attacker could possibly use this issue to manipulate temporary files, resulting in arbitrary code execution. (CVE-2025-14307) Lim Sim Yee discovered that Robocode did not properly validate data lengths in the Buffer class. An attacker could possibly use this issue to trigger an integer overflow, resulting in arbitrary code execution. (CVE-2025-14308) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 26.04 LTS robocode 1.9.3.9-4ubuntu0.26.04.1~esm1 Available with Ubuntu Pro Ubuntu 24.04 LTS robocode 1.9.3.9-3ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 22.04 LTS robocode 1.9.3.9-2ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 20.04 LTS robocode 1.9.3.7-1ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 18.04 LTS robocode 1.9.3.1-1ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 16.04 LTS robocode 1.9.2.5-2ubuntu0.1~esm1 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8385-1 CVE-2019-10648, CVE-2025-14306, CVE-2025-14307, CVE-2025-14308 . Multiple security weaknesses fixed in Robocode for Ubuntu 16.04 to 26.04 LTS, including critical code execution risks.. Robocode vulnerabilities, Ubuntu security issues, security update advisory. . Severity: Critical. LinuxSecurity.com Team
Jun 05, 2026
•Critical
Ubuntu
172
security advisorydenial of serviceremote accessUbuntu Exim Critical Denial of Service SMTP Smuggling Vuln 8382-1
Several security issues were fixed in Exim.. ========================================================================== Ubuntu Security Notice USN-8382-1 June 03, 2026 exim4 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: Several security issues were fixed in Exim. Software Description: - exim4: Exim is a mail transport agent Details: Timo Longin discovered that Exim incorrectly handled certain SMTP messages in PIPELINING/CHUNKING configurations. A remote attacker could possibly use this issue to perform SMTP smuggling. This issue only affected Ubuntu 14.04 LTS. (CVE-2023-51766) It was discovered that Exim incorrectly handled certain malformed JSON data in headers. A remote attacker could possibly use this issue to crash Exim, resulting in a denial of service, or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS. (CVE-2026-40685) It was discovered that Exim incorrectly handled certain malformed UTF-8 headers. A remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 20.04 LTS. (CVE-2026-40686) It was discovered that Exim incorrectly handled certain SPA resources. A remote attacker could possibly use this issue to crash Exim, resulting in a denial of service, or obtain sensitive information. This issue only affected Ubuntu 20.04 LTS. (CVE-2026-40687) It was discovered that Exim incorrectly handled certain CHUNKING transfers in some GnuTLS configurations. A remote attacker could possibly use this issue to crash Exim, resulting in a denial of service, or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS. (CVE-2026-45185) Warisjeet Singh discovered that Exim incorrectly handled certain proxy connections in builds with proxy support enabled. A remote attacker could possibly use this issue to obtain sensitive information.This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2026-48840) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS exim4 4.93-13ubuntu1.12+esm1 Available with Ubuntu Pro exim4-base 4.93-13ubuntu1.12+esm1 Available with Ubuntu Pro exim4-daemon-heavy 4.93-13ubuntu1.12+esm1 Available with Ubuntu Pro exim4-daemon-light 4.93-13ubuntu1.12+esm1 Available with Ubuntu Pro exim4-dev 4.93-13ubuntu1.12+esm1 Available with Ubuntu Pro eximon4 4.93-13ubuntu1.12+esm1 Available with Ubuntu Pro Ubuntu 18.04 LTS exim4 4.90.1-1ubuntu1.10+esm6 Available with Ubuntu Pro exim4-base 4.90.1-1ubuntu1.10+esm6 Available with Ubuntu Pro exim4-daemon-heavy 4.90.1-1ubuntu1.10+esm6 Available with Ubuntu Pro exim4-daemon-light 4.90.1-1ubuntu1.10+esm6 Available with Ubuntu Pro exim4-dev 4.90.1-1ubuntu1.10+esm6 Available with Ubuntu Pro eximon4 4.90.1-1ubuntu1.10+esm6 Available with Ubuntu Pro Ubuntu 16.04 LTS exim4 4.86.2-2ubuntu2.6+esm9 Available with Ubuntu Pro exim4-base 4.86.2-2ubuntu2.6+esm9 Available with Ubuntu Pro exim4-daemon-heavy 4.86.2-2ubuntu2.6+esm9 Available with Ubuntu Pro exim4-daemon-light 4.86.2-2ubuntu2.6+esm9 Available with Ubuntu Pro exim4-dev 4.86.2-2ubuntu2.6+esm9 Available with Ubuntu Pro eximon4 4.86.2-2ubuntu2.6+esm9 Available with Ubuntu Pro Ubuntu 14.04 LTS exim4 4.82-3ubuntu2.4+esm9 Available with Ubuntu Pro exim4-base 4.82-3ubuntu2.4+esm9 Available with Ubuntu Pro exim4-daemon-heavy 4.82-3ubuntu2.4+esm9 Available with Ubuntu Pro exim4-daemon-light 4.82-3ubuntu2.4+esm9 Available with Ubuntu Pro exim4-dev 4.82-3ubuntu2.4+esm9 Available with Ubuntu Pro eximon4 4.82-3ubuntu2.4+esm9 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8382-1 CVE-2023-51766, CVE-2026-40685, CVE-2026-40686, CVE-2026-40687, CVE-2026-45185, CVE-2026-48840 . Multiple security issues in Exim on Ubuntu require attention to prevent remote attacks and potential service disruption.. Exim security, Ubuntu vulnerabilities, mail transport agent, remote access, denial of service. . Severity: Critical. LinuxSecurity.com Team
Jun 05, 2026
•Critical
Ubuntu
172
security advisorycriticalUbuntuUbuntu 16.04 LTS Tomcat Critical Auth Bypass Issues USN-8383-1
Several security issues were fixed in Tomcat.. ========================================================================== Ubuntu Security Notice USN-8383-1 June 04, 2026 tomcat6, tomcat7 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: Several security issues were fixed in Tomcat. Software Description: - tomcat7: Servlet and JSP engine - tomcat6: Servlet and JSP engine Details: It was discovered that Tomcat incorrectly handled digest authentication. A remote attacker could possibly use this issue to bypass authentication restrictions. (CVE-2026-43512) It was discovered that Tomcat incorrectly handled case sensitivity in LockOutRealm. A remote attacker could possibly use this issue to bypass account lockout protections and obtain sensitive information. (CVE-2026-43513) It was discovered that Tomcat incorrectly handled authorization when multiple method constraints defined the same HTTP method. A remote attacker could possibly use this issue to bypass authorization restrictions. (CVE-2026-43515) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS libtomcat7-java 7.0.68-1ubuntu0.4+esm4 Available with Ubuntu Pro tomcat7 7.0.68-1ubuntu0.4+esm4 Available with Ubuntu Pro Ubuntu 14.04 LTS libtomcat6-java 6.0.39-1ubuntu0.1+esm3 Available with Ubuntu Pro libtomcat7-java 7.0.52-1ubuntu0.16+esm2 Available with Ubuntu Pro tomcat6 6.0.39-1ubuntu0.1+esm3 Available with Ubuntu Pro tomcat7 7.0.52-1ubuntu0.16+esm2 Available with Ubuntu Pro After astandard system update you need to restart Tomcat to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8383-1 CVE-2026-43512, CVE-2026-43513, CVE-2026-43515 . Several security issues in Tomcat found in Ubuntu 14.04 and 16.04 require immediate attention to maintain system integrity.. Ubuntu security, Tomcat updates, system vulnerabilities, authentication risks, Linux server management. . Severity: Critical. LinuxSecurity.com Team
Jun 05, 2026
•Critical
Ubuntu
89
security advisoryfedoraupdateFedora 44 Transmission 4.1.2 Important Clickjacking Fix CVE-2026-38978
4.1.2, fix for CVE-2026-38978. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-c032fac814 2026-06-05 04:25:00.359120+00:00 -------------------------------------------------------------------------------- Name : transmission Product : Fedora 44 Version : 4.1.2 Release : 1.fc44 URL : http://www.transmissionbt.com Summary : A lightweight GTK+ BitTorrent client Description : Transmission is a free, lightweight BitTorrent client. It features a simple, intuitive interface on top on an efficient, cross-platform back-end. -------------------------------------------------------------------------------- Update Information: 4.1.2, fix for CVE-2026-38978 -------------------------------------------------------------------------------- ChangeLog: * Wed Jun 3 2026 Gwyn Ciesla - 4.1.2-1 - 4.1.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2483871 - transmission-4.1.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2483871 [ 2 ] Bug #2484367 - CVE-2026-38978 transmission: Transmission: Clickjacking weakness in WebUI and RPC response paths [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2484367 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-c032fac814' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list
Jun 05, 2026
•Important
Fedora
89
security advisoryfedoraapplication issueFedora 44 libre 4.8.1 Critical Update Details for Real-Time Communication
libre v4.8.1 (2026-05-28) fmt/pl: add pl_strip_html() sys/fs: add getpwuid fallback for fs_gethome tls: remove unused include rsa.h ice: check source address of incoming application packets. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-837d6ef455 2026-06-05 04:25:00.359060+00:00 -------------------------------------------------------------------------------- Name : libre Product : Fedora 44 Version : 4.8.1 Release : 1.fc44 URL : https://github.com/baresip/re Summary : Generic library for real-time communications Description : Libre is a generic library for real-time communications with async I/O support. Features are a SIP stack (RFC 3261), SDP, RTP and RTCP, SRTP and SRTCP (Secure RTP), DNS client, STUN/TURN/ICE stack, BFCP, HTTP stack with client/server, Websockets, Jitter buffer, async I/O (poll, epoll, select, kqueue), UDP/TCP/TLS/DTLS transport, JSON parser and Real Time Messaging Protocol (RTMP). -------------------------------------------------------------------------------- Update Information: libre v4.8.1 (2026-05-28) fmt/pl: add pl_strip_html() sys/fs: add getpwuid fallback for fs_gethome tls: remove unused include rsa.h ice: check source address of incoming application packets websock: Fix integer overflow in websock_decode() masked frame check https://github.com/baresip/re/security/advisories/GHSA-hvxv-v2gp-v93h https://github.com/baresip/baresip/issues/3705 -------------------------------------------------------------------------------- ChangeLog: * Thu May 28 2026 Robert Scheck 4.8.1-1 - Upgrade to 4.8.1 (#2482756) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2482756 - libre-4.8.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2482756 -------------------------------------------------------------------------------- This update can be installed with the "dnf" updateprogram. Use su -c 'dnf upgrade --advisory FEDORA-2026-837d6ef455' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Jun 05, 2026
•Important
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!