#packagekit — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #packagekit, aggregated by home.social.
-
37 Debian LTS advisories were released in February fixing 145 CVEs across various packages. These include security fixes for bind9, firefox-esr, imagemagick, libpng, mbedtls, openssh, packagekit, perl, postgresql-13, python3.9, systemd and many more.
Debian LTS contributors also prepared updates for more recent releases, Debian 12 (#bookworm), Debian 13 (#trixie) and Debian unstable.
Read the full report: https://www.freexian.com/blog/debian-lts-report-2026-04/?utm_source=mastodon&utm_medium=social
This work is funded by Freexian's Debian LTS offering. Become a sponsor of Debian LTS (https://www.freexian.com/lts/debian/?utm_source=mastodon&utm_medium=social) and enjoy the benefits (https://www.freexian.com/lts/debian/details/#benefits).
#debian #debianlts #freexian #imagemagick #libpng #openssh #packagekit #perl #systemd
-
37 Debian LTS advisories were released in February fixing 145 CVEs across various packages. These include security fixes for bind9, firefox-esr, imagemagick, libpng, mbedtls, openssh, packagekit, perl, postgresql-13, python3.9, systemd and many more.
Debian LTS contributors also prepared updates for more recent releases, Debian 12 (#bookworm), Debian 13 (#trixie) and Debian unstable.
Read the full report: https://www.freexian.com/blog/debian-lts-report-2026-04/?utm_source=mastodon&utm_medium=social
This work is funded by Freexian's Debian LTS offering. Become a sponsor of Debian LTS (https://www.freexian.com/lts/debian/?utm_source=mastodon&utm_medium=social) and enjoy the benefits (https://www.freexian.com/lts/debian/details/#benefits).
#debian #debianlts #freexian #imagemagick #libpng #openssh #packagekit #perl #systemd
-
37 Debian LTS advisories were released in February fixing 145 CVEs across various packages. These include security fixes for bind9, firefox-esr, imagemagick, libpng, mbedtls, openssh, packagekit, perl, postgresql-13, python3.9, systemd and many more.
Debian LTS contributors also prepared updates for more recent releases, Debian 12 (#bookworm), Debian 13 (#trixie) and Debian unstable.
Read the full report: https://www.freexian.com/blog/debian-lts-report-2026-04/?utm_source=mastodon&utm_medium=social
This work is funded by Freexian's Debian LTS offering. Become a sponsor of Debian LTS (https://www.freexian.com/lts/debian/?utm_source=mastodon&utm_medium=social) and enjoy the benefits (https://www.freexian.com/lts/debian/details/#benefits).
#debian #debianlts #freexian #imagemagick #libpng #openssh #packagekit #perl #systemd
-
37 Debian LTS advisories were released in February fixing 145 CVEs across various packages. These include security fixes for bind9, firefox-esr, imagemagick, libpng, mbedtls, openssh, packagekit, perl, postgresql-13, python3.9, systemd and many more.
Debian LTS contributors also prepared updates for more recent releases, Debian 12 (#bookworm), Debian 13 (#trixie) and Debian unstable.
Read the full report: https://www.freexian.com/blog/debian-lts-report-2026-04/?utm_source=mastodon&utm_medium=social
This work is funded by Freexian's Debian LTS offering. Become a sponsor of Debian LTS (https://www.freexian.com/lts/debian/?utm_source=mastodon&utm_medium=social) and enjoy the benefits (https://www.freexian.com/lts/debian/details/#benefits).
#debian #debianlts #freexian #imagemagick #libpng #openssh #packagekit #perl #systemd
-
37 Debian LTS advisories were released in February fixing 145 CVEs across various packages. These include security fixes for bind9, firefox-esr, imagemagick, libpng, mbedtls, openssh, packagekit, perl, postgresql-13, python3.9, systemd and many more.
Debian LTS contributors also prepared updates for more recent releases, Debian 12 (#bookworm), Debian 13 (#trixie) and Debian unstable.
Read the full report: https://www.freexian.com/blog/debian-lts-report-2026-04/?utm_source=mastodon&utm_medium=social
This work is funded by Freexian's Debian LTS offering. Become a sponsor of Debian LTS (https://www.freexian.com/lts/debian/?utm_source=mastodon&utm_medium=social) and enjoy the benefits (https://www.freexian.com/lts/debian/details/#benefits).
#debian #debianlts #freexian #imagemagick #libpng #openssh #packagekit #perl #systemd
-
Here's a harmless little #PoC for the #PackageKit LPE vulnerability (CVE-2026-41651), by @br3zel and myself: https://codeberg.org/hillu/cve-2026-41651-poc
It was a lot of fun to piece together. -
„ #Pack2TheRoot “: #Sicherheitslücke betrifft mehrere #Linux-Distributionen.
Das #Telekom- #Sicherheitsteam hat die Sicherheitslücke „Pack2TheRoot“ entdeckt, die #Rechteausweitung in mehreren #Distributionen ermöglicht.
Das meldet die Telekom auf ihren Sicherheitsseiten. #PackageKit ist ein #Abstraktions_Layer für #D_Bus zum eigentlich sicheren Verwalten von Paketen für beliebige #Distributionen und #Architekturen...
-
„ #Pack2TheRoot “: #Sicherheitslücke betrifft mehrere #Linux-Distributionen.
Das #Telekom- #Sicherheitsteam hat die Sicherheitslücke „Pack2TheRoot“ entdeckt, die #Rechteausweitung in mehreren #Distributionen ermöglicht.
Das meldet die Telekom auf ihren Sicherheitsseiten. #PackageKit ist ein #Abstraktions_Layer für #D_Bus zum eigentlich sicheren Verwalten von Paketen für beliebige #Distributionen und #Architekturen...
-
„ #Pack2TheRoot “: #Sicherheitslücke betrifft mehrere #Linux-Distributionen.
Das #Telekom- #Sicherheitsteam hat die Sicherheitslücke „Pack2TheRoot“ entdeckt, die #Rechteausweitung in mehreren #Distributionen ermöglicht.
Das meldet die Telekom auf ihren Sicherheitsseiten. #PackageKit ist ein #Abstraktions_Layer für #D_Bus zum eigentlich sicheren Verwalten von Paketen für beliebige #Distributionen und #Architekturen...
-
„ #Pack2TheRoot “: #Sicherheitslücke betrifft mehrere #Linux-Distributionen.
Das #Telekom- #Sicherheitsteam hat die Sicherheitslücke „Pack2TheRoot“ entdeckt, die #Rechteausweitung in mehreren #Distributionen ermöglicht.
Das meldet die Telekom auf ihren Sicherheitsseiten. #PackageKit ist ein #Abstraktions_Layer für #D_Bus zum eigentlich sicheren Verwalten von Paketen für beliebige #Distributionen und #Architekturen...
-
„ #Pack2TheRoot “: #Sicherheitslücke betrifft mehrere #Linux-Distributionen.
Das #Telekom- #Sicherheitsteam hat die Sicherheitslücke „Pack2TheRoot“ entdeckt, die #Rechteausweitung in mehreren #Distributionen ermöglicht.
Das meldet die Telekom auf ihren Sicherheitsseiten. #PackageKit ist ein #Abstraktions_Layer für #D_Bus zum eigentlich sicheren Verwalten von Paketen für beliebige #Distributionen und #Architekturen...
-
📢⚠️ #Pack2TheRoot exposes a 12-year-old flaw in Linux’s PackageKit, letting unprivileged users gain root access in seconds. Affects major distros, patch now
Read: https://hackread.com/pack2theroot-linux-packagekit-flaw-full-compromise/
-
📢⚠️ #Pack2TheRoot exposes a 12-year-old flaw in Linux’s PackageKit, letting unprivileged users gain root access in seconds. Affects major distros, patch now
Read: https://hackread.com/pack2theroot-linux-packagekit-flaw-full-compromise/
-
📢⚠️ #Pack2TheRoot exposes a 12-year-old flaw in Linux’s PackageKit, letting unprivileged users gain root access in seconds. Affects major distros, patch now
Read: https://hackread.com/pack2theroot-linux-packagekit-flaw-full-compromise/
-
📢⚠️ #Pack2TheRoot exposes a 12-year-old flaw in Linux’s PackageKit, letting unprivileged users gain root access in seconds. Affects major distros, patch now
Read: https://hackread.com/pack2theroot-linux-packagekit-flaw-full-compromise/
-
📢⚠️ #Pack2TheRoot exposes a 12-year-old flaw in Linux’s PackageKit, letting unprivileged users gain root access in seconds. Affects major distros, patch now
Read: https://hackread.com/pack2theroot-linux-packagekit-flaw-full-compromise/
-
Article sur une faille sur #PackageKit :
https://goodtech.info/pack2theroot-faille-linux-packagekit-root-cve-2026-41651/
Pour info packagekit est traduit en :
- Kabyle : 31%
- Occitan : 27%
- Breton : 22%- Basque, Galicien, Catalan : +60%
-
Article sur une faille sur #PackageKit :
https://goodtech.info/pack2theroot-faille-linux-packagekit-root-cve-2026-41651/
Pour info packagekit est traduit en :
- Kabyle : 31%
- Occitan : 27%
- Breton : 22%- Basque, Galicien, Catalan : +60%
-
Article sur une faille sur #PackageKit :
https://goodtech.info/pack2theroot-faille-linux-packagekit-root-cve-2026-41651/
Pour info packagekit est traduit en :
- Kabyle : 31%
- Occitan : 27%
- Breton : 22%- Basque, Galicien, Catalan : +60%
-
Article sur une faille sur #PackageKit :
https://goodtech.info/pack2theroot-faille-linux-packagekit-root-cve-2026-41651/
Pour info packagekit est traduit en :
- Kabyle : 31%
- Occitan : 27%
- Breton : 22%- Basque, Galicien, Catalan : +60%
-
Article sur une faille sur #PackageKit :
https://goodtech.info/pack2theroot-faille-linux-packagekit-root-cve-2026-41651/
Pour info packagekit est traduit en :
- Kabyle : 31%
- Occitan : 27%
- Breton : 22%- Basque, Galicien, Catalan : +60%
-
⚠️🔒 "Pack2TheRoot" erlaubt laut Telekom‑Security in PackageKit eine Privilegien‑Escalation (TOCTOU, CVE‑2026‑41651, CVSS 8.8). Mehrere Standard‑Distros betroffen — Update auf PackageKit ≥1.3.5 und zeitnahe System‑Patches empfohlen. https://www.heise.de/news/Pack2TheRoot-Sicherheitsluecke-betrifft-mehrere-Linux-Distributionen-11272897.html #Pack2TheRoot #Linux #Security #PackageKit 🐧
-
⚠️🔒 "Pack2TheRoot" erlaubt laut Telekom‑Security in PackageKit eine Privilegien‑Escalation (TOCTOU, CVE‑2026‑41651, CVSS 8.8). Mehrere Standard‑Distros betroffen — Update auf PackageKit ≥1.3.5 und zeitnahe System‑Patches empfohlen. https://www.heise.de/news/Pack2TheRoot-Sicherheitsluecke-betrifft-mehrere-Linux-Distributionen-11272897.html #Pack2TheRoot #Linux #Security #PackageKit 🐧
-
⚠️🔒 "Pack2TheRoot" erlaubt laut Telekom‑Security in PackageKit eine Privilegien‑Escalation (TOCTOU, CVE‑2026‑41651, CVSS 8.8). Mehrere Standard‑Distros betroffen — Update auf PackageKit ≥1.3.5 und zeitnahe System‑Patches empfohlen. https://www.heise.de/news/Pack2TheRoot-Sicherheitsluecke-betrifft-mehrere-Linux-Distributionen-11272897.html #Pack2TheRoot #Linux #Security #PackageKit 🐧
-
⚠️🔒 "Pack2TheRoot" erlaubt laut Telekom‑Security in PackageKit eine Privilegien‑Escalation (TOCTOU, CVE‑2026‑41651, CVSS 8.8). Mehrere Standard‑Distros betroffen — Update auf PackageKit ≥1.3.5 und zeitnahe System‑Patches empfohlen. https://www.heise.de/news/Pack2TheRoot-Sicherheitsluecke-betrifft-mehrere-Linux-Distributionen-11272897.html #Pack2TheRoot #Linux #Security #PackageKit 🐧
-
⚠️🔒 "Pack2TheRoot" erlaubt laut Telekom‑Security in PackageKit eine Privilegien‑Escalation (TOCTOU, CVE‑2026‑41651, CVSS 8.8). Mehrere Standard‑Distros betroffen — Update auf PackageKit ≥1.3.5 und zeitnahe System‑Patches empfohlen. https://www.heise.de/news/Pack2TheRoot-Sicherheitsluecke-betrifft-mehrere-Linux-Distributionen-11272897.html #Pack2TheRoot #Linux #Security #PackageKit 🐧
-
Na gut dass Nix kein #PackageKit unterstützt…
(edit: Nix, nicht NixOS)https://github.security.telekom.com/2026/04/pack2theroot-linux-local-privilege-escalation.html
-
Na gut dass Nix kein #PackageKit unterstützt…
(edit: Nix, nicht NixOS)https://github.security.telekom.com/2026/04/pack2theroot-linux-local-privilege-escalation.html
-
Na gut dass Nix kein #PackageKit unterstützt…
(edit: Nix, nicht NixOS)https://github.security.telekom.com/2026/04/pack2theroot-linux-local-privilege-escalation.html
-
🔓 Root sur Linux en 2 secondes ? C'est la faille Pack2TheRoot
https://goodtech.info/pack2theroot-faille-linux-packagekit-root-cve-2026-41651/
> Une vulnérabilité de 12 ans vient d'être déterrée dans #PackageKit. #Ubuntu, #Fedora, #Debian... presque tout le monde est concerné. Patch disponible (ouf !). #linux
-
🔓 Root sur Linux en 2 secondes ? C'est la faille Pack2TheRoot
https://goodtech.info/pack2theroot-faille-linux-packagekit-root-cve-2026-41651/
> Une vulnérabilité de 12 ans vient d'être déterrée dans #PackageKit. #Ubuntu, #Fedora, #Debian... presque tout le monde est concerné. Patch disponible (ouf !). #linux
-
🔓 Root sur Linux en 2 secondes ? C'est la faille Pack2TheRoot
https://goodtech.info/pack2theroot-faille-linux-packagekit-root-cve-2026-41651/
> Une vulnérabilité de 12 ans vient d'être déterrée dans #PackageKit. #Ubuntu, #Fedora, #Debian... presque tout le monde est concerné. Patch disponible (ouf !). #linux
-
🔓 Root sur Linux en 2 secondes ? C'est la faille Pack2TheRoot
https://goodtech.info/pack2theroot-faille-linux-packagekit-root-cve-2026-41651/
> Une vulnérabilité de 12 ans vient d'être déterrée dans #PackageKit. #Ubuntu, #Fedora, #Debian... presque tout le monde est concerné. Patch disponible (ouf !). #linux
-
Discover the Pack2TheRoot flaw, a high-severity vulnerability (CVE-2026-41651) in PackageKit that has granted local users root access on Linux systems for nearly 12 years. This incident, where AI helped uncover the bug, forces a critical reevaluation of how we audit foundational open-source components. Learn which distributions are affected and why immediate patching to PackageKit 1.3.5 is…
#cybersecurity #pack2theroot #packagekit
🤖 This post was AI-generated.
-
🚨 CVE-2026-41651 (Pack2TheRoot)
PackageKit vulnerable to TOCTOU Race on Transaction Flags leads to arbitrary package installation as root
PackageKit is a a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro, cross-architecture API. PackageKit between and including versions 1.0.2 and 1.3.4 is vulnerable to a time-of-check time-of-use (TOCTOU) race condition on transaction flags that allows unprivileged users to install packages as root and thus leads to a local privilege escalation. This is patched in version 1.3.5.
ℹ️ Additional info on ZEN SecDB https://secdb.nttzen.cloud/cve/detail/CVE-2026-41651
#nttdata #zen #secdb #infosec
#pack2theroot #cve2026411651 #packagekit #toctou -
🚨 CVE-2026-41651 (Pack2TheRoot)
PackageKit vulnerable to TOCTOU Race on Transaction Flags leads to arbitrary package installation as root
PackageKit is a a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro, cross-architecture API. PackageKit between and including versions 1.0.2 and 1.3.4 is vulnerable to a time-of-check time-of-use (TOCTOU) race condition on transaction flags that allows unprivileged users to install packages as root and thus leads to a local privilege escalation. This is patched in version 1.3.5.
ℹ️ Additional info on ZEN SecDB https://secdb.nttzen.cloud/cve/detail/CVE-2026-41651
#nttdata #zen #secdb #infosec
#pack2theroot #cve2026411651 #packagekit #toctou -
🚨 CVE-2026-41651 (Pack2TheRoot)
PackageKit vulnerable to TOCTOU Race on Transaction Flags leads to arbitrary package installation as root
PackageKit is a a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro, cross-architecture API. PackageKit between and including versions 1.0.2 and 1.3.4 is vulnerable to a time-of-check time-of-use (TOCTOU) race condition on transaction flags that allows unprivileged users to install packages as root and thus leads to a local privilege escalation. This is patched in version 1.3.5.
ℹ️ Additional info on ZEN SecDB https://secdb.nttzen.cloud/cve/detail/CVE-2026-41651
#nttdata #zen #secdb #infosec
#pack2theroot #cve2026411651 #packagekit #toctou -
Linux Flaw Exposes Users to Root Access Attacks
A major Linux flaw, dubbed "Pack2TheRoot," has been hiding in plain sight for 12 years, allowing attackers with local access to gain root permissions and wreak havoc on your system - but a patch has finally been released to squash it. This medium-severity vulnerability, scoring 8.8 out of 10, highlights the importance of staying on top of software…
#LinuxFlaw #RootAccess #Cve202641651 #Packagekit #ElevationOfPrivilege
-
Forscher der Deutschen Telekom haben eine kritische #Sicherheitslücke unter #Linux gefunden. Über #PackageKit können Angreifer Root-Zugriff erlangen. Potenziell betroffen sind Distros wie #Ubuntu und #Debian. https://winfuture.de/news,158305.html?utm_source=Mastodon&utm_medium=ManualStatus&utm_campaign=SocialMedia
-
Forscher der Deutschen Telekom haben eine kritische #Sicherheitslücke unter #Linux gefunden. Über #PackageKit können Angreifer Root-Zugriff erlangen. Potenziell betroffen sind Distros wie #Ubuntu und #Debian. https://winfuture.de/news,158305.html?utm_source=Mastodon&utm_medium=ManualStatus&utm_campaign=SocialMedia
-
Forscher der Deutschen Telekom haben eine kritische #Sicherheitslücke unter #Linux gefunden. Über #PackageKit können Angreifer Root-Zugriff erlangen. Potenziell betroffen sind Distros wie #Ubuntu und #Debian. https://winfuture.de/news,158305.html?utm_source=Mastodon&utm_medium=ManualStatus&utm_campaign=SocialMedia
-
Forscher der Deutschen Telekom haben eine kritische #Sicherheitslücke unter #Linux gefunden. Über #PackageKit können Angreifer Root-Zugriff erlangen. Potenziell betroffen sind Distros wie #Ubuntu und #Debian. https://winfuture.de/news,158305.html?utm_source=Mastodon&utm_medium=ManualStatus&utm_campaign=SocialMedia
-
Forscher der Deutschen Telekom haben eine kritische #Sicherheitslücke unter #Linux gefunden. Über #PackageKit können Angreifer Root-Zugriff erlangen. Potenziell betroffen sind Distros wie #Ubuntu und #Debian. https://winfuture.de/news,158305.html?utm_source=Mastodon&utm_medium=ManualStatus&utm_campaign=SocialMedia
-
Here's a harmless little #PoC for the #PackageKit LPE vulnerability (CVE-2026-41651), by @br3zel and myself: https://codeberg.org/hillu/cve-2026-41651-poc
It was a lot of fun to piece together. -
Here's a harmless little #PoC for the #PackageKit LPE vulnerability (CVE-2026-41651), by @br3zel and myself: https://codeberg.org/hillu/cve-2026-41651-poc
It was a lot of fun to piece together. -
Here's a harmless little #PoC for the #PackageKit LPE vulnerability (CVE-2026-41651), by @br3zel and myself: https://codeberg.org/hillu/cve-2026-41651-poc
It was a lot of fun to piece together. -
Forgot your root password? No problem! With #PackageKit <= 1.3.4 you can do all the fun root action on any Linux system you have local access to, no privileges required!
Don't like that? Then PLEASE UPDATE your system ASAP to PackageKit >= 1.3.5 or any fixed distro package. Fixes for this vulnerability should already be available everywhere since today.
You can read more about CVE-2026-41651 on the security researcher's blog:
https://github.security.telekom.com/2026/04/pack2theroot-linux-local-privilege-escalation.html -
Forgot your root password? No problem! With #PackageKit <= 1.3.4 you can do all the fun root action on any Linux system you have local access to, no privileges required!
Don't like that? Then PLEASE UPDATE your system ASAP to PackageKit >= 1.3.5 or any fixed distro package. Fixes for this vulnerability should already be available everywhere since today.
You can read more about CVE-2026-41651 on the security researcher's blog:
https://github.security.telekom.com/2026/04/pack2theroot-linux-local-privilege-escalation.html
