LinuxSecurity.com

Debian LTS DLA-4516-1 gst-plugins-ugly1.0 Critical Buffer Overflow Risk 2026-2920

30.03.2026 09:45 Two vulnerabilities were discovered in gst-plugins-ugly1.0, a set of GStreamer plugins from the "ugly" set. CVE-2026-2920 The ASF demuxer did not validate the number of streams against the size of its static streams array. A crafted ASF file with

Fedora 43 Python-Cryptography Addresses Major DNS SAN Security Flaw

30.03.2026 09:45 Update to v46.0.6 This includes a single fix for security issue: * **SECURITY ISSUE**: Fixed a bug where name constraints were not applied to peer names during verification when the leaf certificate contains a wildcard DNS SAN. Ordinary X.509 topologies are not affected by this bug,

Fedora 43 mingw-expat 2.7.5 DoS Risk Update FEDORA-2026-e70c1919fe

30.03.2026 09:45 Update to 2.7.5.

Fedora 43 php-phpseclib3 Critical Info Disclosure CVE-2026-32935

30.03.2026 09:45 Update to v3.0.50; contains fix for CVE-2026-32935

Fedora 43 pypy3.11 JIT Backend Fix Advisory 2026-85a7950dd4

30.03.2026 09:45 Fix jit backend for ppc64le and s390x

Fedora 44 python-cryptography Critical Wildcard DNS Name Constraints Fix

Debian DSA-6187-1 php-phpseclib3 Important AES-CBC Padding Oracle Attack

30.03.2026 02:17 It was discovered that the AES-CBC implementation in the PHP Secure Communications Library was susceptible to a padding oracle timing attack. For the oldstable distribution , these problems have been fixed in version 3.0.19-1+deb12u4. This update also fixes CVE-2023-52892. For the stable distribution , these problems have been fixed in

Debian php-phpseclib Vulnerability DSA-6186-1 Critical Timing Attack Issue

30.03.2026 02:17 It was discovered that the AES-CBC implementation in the PHP Secure Communications Library was susceptible to a padding oracle timing attack. For the oldstable distribution , these problems have been fixed in version 2.0.42-1+deb12u3. This update also fixes CVE-2023-52892. For the stable distribution , these problems have been fixed in

Debian Oldstable phpseclib Key Padding Attack Fix DSA-6185-1 CVE-2026-32935

30.03.2026 02:17 It was discovered that the AES-CBC implementation in the PHP Secure Communications Library was susceptible to a padding oracle timing attack. For the oldstable distribution , these problems have been fixed in version 1.0.20-1+deb12u3. This update also fixes CVE-2023-52892. For the stable distribution , these problems have been fixed in

openSUSE freeipmi Moderate CVE-2026-33554 Threat Advisory

30.03.2026 02:17 An update that solves one vulnerability can now be installed.

openSUSE Tumbleweed python311-oci-sdk Moderate CVE-2025-66418

30.03.2026 02:17 An update that solves one vulnerability can now be installed.

openSUSE Tumbleweed python311-lmdb Moderate Security Update 10430-1

30.03.2026 02:17 An update that solves 5 vulnerabilities can now be installed.

Mageia 9 python-ujson Important Buffer Overflow Memory Leak MGASA-2026-0073

29.03.2026 13:15 MGASA-2026-0073 - Updated python-ujson packages fix security vulnerabilities

Mageia 9 strongswan Important Integer Underflow Fix MGASA-2026-0072

29.03.2026 13:15 MGASA-2026-0072 - Updated strongswan packages fix security vulnerability

Fedora 42 python3.6 Security Fix CVE-2026-4519 Command Injection

29.03.2026 13:15 Security fix for CVE-2026-4519.