LinuxSecurity.com

openSUSE 15.6 Helm Important Security Update 2026-0948-1

23.03.2026 16:15 An update that can now be installed.

openSUSE 15.6 runc Essential Update for version 2026-0949-1 released

23.03.2026 16:15 An update that can now be installed.

SUSE Enterprise Server 15 SP6 runc Important Security Update 2026-0949-1

23.03.2026 16:15 # Security update for runc Announcement ID: SUSE-SU-2026:0949-1 Release Date: 2026-03-20T18:09:05Z Rating: important References:

openSUSE Backports SLE-15-SP6 Chromium Important Security Fix 2026-0093-1

23.03.2026 09:46 An update that fixes 26 vulnerabilities is now available.

openSUSE Backports SLE-15-SP7 Chromium Important Issue Fix 2026-0094-1

23.03.2026 09:46 An update that fixes 26 vulnerabilities is now available.

Debian DLA-4505-1 ruby-rack Critical Directory Listing XSS

23.03.2026 09:46 Two vulnerabilities were discovered in ruby-rack, a modular Ruby webserver interface. CVE-2026-22860 Rack::Directory's path check used a string prefix match on the expanded path. A request like /../root_example/ could escape the

RHEL 8.9 Coreupdate Vital Memory Buffer Overflow Patch 2026-acb1234567b

23.03.2026 09:46 Add a patch for several CVEs: CVE-2026-1764 - Heap Buffer Overflow in GNOME localsearch MP3 Extractor CVE-2026-1765 - Heap Buffer Overflow in GNOME localsearch MP3 Extractor CVE-2026-1766 - Heap Buffer Overflow in GNOME localsearch MP3 Extractor (ID3v2.3

Fedora 43 Xen Update DoS Use After Free XSA-480 XSA-481

23.03.2026 09:46 Use after free of paging structures in EPT Xenstored DoS by unprivileged domain

Fedora 43 scitokens-cpp Important Boundary Validation Update Found

23.03.2026 09:46 Fix scope path boundary validation to deny sibling-prefix authorization bypasses Reject parent-directory traversal in scope paths, including encoded traversal forms Add regression tests covering sibling-prefix and traversal authorization checks

Debian DSA-6175-1 libyaml-syck-perl Severe Denial of Service and Code Exec

23.03.2026 03:15 Several vulnerabilities were discovered in libyaml-syck-perl, a Perl module providing a fast, lightweight YAML loader and dumper, which may result in denial of service and potentially arbitrary code execution. For the oldstable distribution , this problem has been fixed in version 1.34-2+deb12u2.

Ubuntu Jammy SPIP Security Vulnerability Identified as CVE-2023-4567

22.03.2026 20:46 Jul Blobul discovered that SPIP, a website engine for publishing, is prone to a privilege escalation vulnerability. For the stable distribution , this problem has been fixed in version 4.4.13+dfsg-0+deb13u1. We recommend that you upgrade your spip packages.

Fedora 42 Chromium 146.0.7680.80 Vital Fix for Out of Bounds Write Issue

22.03.2026 14:03 Update to 146.0.7680.80 * CVE-2026-3909: Out of bounds write in Ski

Fedora 42 python-scitokens Path Traversal SQL Fix FEDORA-2026-dec8f790f7

22.03.2026 14:03 Remove legacy parent SciToken chaining behavior from token initialization and claim handling Harden Enforcer scope path traversal validation Clean up documentation references to parent/chained SciTokens

Fedora 42 python-ujson 5.12.0 Buffer Overflow DoS Advisory 2026-0f099ed388

22.03.2026 14:03 Update to 5.12.0. This release updates the license field in the Python metadata and fixes a buffer overflow/infinite loop from indent handling.

Fedora 43 python-scitokens Advisory 2026-727b73bfa0 Path Traversal Fix