The central voice for Linux and Open Source security news.
This past weekend, the globally recognized Common Vulnerabilities and Exposures (CVE) database, essential for tracking security flaws in software and systems, narrowly avoided going offline due to funding issues with the U.S. government. For us Linux security admins and open-source developers, the near-disruption wasn't just a bureaucratic oversight''it was a stark reminder of how fragile one of the most vital cornerstones of global cybersecurity truly is. With vulnerabilities being discovered and weaponized faster than ever, the CVE database is a critical tool to help administrators track, prioritize, and remediate issues. Losing or fragmenting access to this central repository could open the door to chaos, confusion, and exploitation.
As Kubernetes and cloud-native technologies become increasingly integral to IT infrastructures, we Linux security admins must adapt to a rapidly changing environment where agility and security converge. A recent CNCF survey highlights a significant uptick in Kubernetes deployment, with most organizations using container technology as a backbone for their applications.
Ransomware attacks are surging''and in 2024, damages topped $30 billion .
Recently, the infamous China-linked threat actor UNC5174 has launched a sophisticated campaign targeting Linux systems, employing an evolved variant of the SNOWLIGHT malware and a new tool called VShell. This campaign's sophistication lies in its use of advanced techniques and an open-source Remote Access Trojan (RAT) notorious for its stealth and efficiency.
Use after free in Site Isolation. (CVE-2025-3066) Inappropriate implementation in Custom Tabs. (CVE-2025-3067) Inappropriate implementation in Intents. (CVE-2025-3068) Inappropriate implementation in Extensions. (CVE-2025-3069) Insufficient validation of untrusted input in Extensions.
Two vulnerabilities have been discovered in GraphicsMagick, a set of ommand-line applications to manipulate image files, which may result in denial of service or the execution of arbitrary code if malformed image files are processed.
This release fixes CVE-2024-13939 (leaking the length of a secret string)
Update the openssl crate to version 0.10.72. Update the openssl-sys crate to version 0.9.107. This update addresses CVE-2025-3416 / RUSTSEC-2025-0022 (a possible use-after- free issue in two public functions). A survey of dependent packages in Fedora shows that none of them use the affected API, or do not use them in a way that
Update the openssl crate to version 0.10.72. Update the openssl-sys crate to version 0.9.107. This update addresses CVE-2025-3416 / RUSTSEC-2025-0022 (a possible use-after- free issue in two public functions). A survey of dependent packages in Fedora shows that none of them use the affected API, or do not use them in a way that
MySQL 8.0.41 Reease notes: https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-41.html