Language Selection

English French German Italian Portuguese Spanish

LinuxSecurity.com Advisories

Syndicate content LinuxSecurity - Security Advisories
The central voice for Linux and Open Source security news.
Updated: 17 min 46 sec ago

Debian LTS: DLA-2585-1: libupnp security update>

6 hours 50 min ago
libupnp, the portable SDK for UPnP Devices allows remote attackers to cause a denial of service (crash) via a crafted SSDP message due to a NULL pointer dereference in the functions FindServiceControlURLPath and FindServiceEventURLPath in genlib/service_table/service_table.c.

Mageia 2021-0117: kernel security update>

12 hours 38 min ago
This kernel update is based on upstream 5.10.20 and fixes atleast the following security issues: An issue was discovered in the Linux kernel through 5.11.3, as used with Xen PV. A certain part of the netback driver lacks necessary treatment of

Mageia 2021-0116: cups security update>

12 hours 38 min ago
The updated cups packages fix security vulnerability: Out-of-bounds read in the ippReadIO function (CVE-2020-10001). References: - https://bugs.mageia.org/show_bug.cgi?id=28277

Fedora 33: nagios 2021-5689072a7e>

21 hours 22 min ago
Fix for CVE-2020-13977 BZ1849087 Require plugins needed for localhost monitoring (#1932297) Update to 4.4.6

Fedora 32: nagios 2021-b5e897a2e5>

21 hours 22 min ago
Fix for CVE-2020-13977 BZ1849087 Require plugins needed for localhost monitoring (#1932297) Update to 4.4.6

Debian LTS: DLA-2584-1: libcaca security update>

Sunday 7th of March 2021 06:34:49 AM
A buffer overflow issue in caca_resize function in libcaca/caca/canvas.c may lead to local execution of arbitrary code in the user context.

openSUSE: 2021:0389-1 moderate: nodejs8>

Saturday 6th of March 2021 04:17:36 AM
An update that fixes one vulnerability is now available.

openSUSE: 2021:0390-1 moderate: gnome-autoar>

Saturday 6th of March 2021 04:16:40 AM
An update that fixes one vulnerability is now available.

Fedora 34: firefox 2021-578907b183>

Saturday 6th of March 2021 12:36:16 AM
Stability update for hardware accelerated backend (mozbz#1694670). ---- New upstream update (86.0). Should also fix some rendering issues in KDE in certain configurations. Depends on and cannot be pushed stable without https://bodhi.fedoraproject.org/updates/FEDORA-2021-bdc10e21fc .

openSUSE: 2021:0386-1 important: bind>

Friday 5th of March 2021 10:17:19 PM
An update that contains security fixes can now be installed.

openSUSE: 2021:0387-1 important: MozillaThunderbird>

Friday 5th of March 2021 10:16:19 PM
An update that fixes four vulnerabilities is now available.

RedHat: RHSA-2021-0617:01 Important: xterm security update>

Monday 22nd of February 2021 06:13:22 AM
An update for xterm is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

RedHat: RHSA-2021-0619:01 Important: stunnel security update>

Monday 22nd of February 2021 05:41:23 AM
An update for stunnel is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

RedHat: RHSA-2021-0618:01 Important: stunnel security update>

Monday 22nd of February 2021 05:28:49 AM
An update for stunnel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

RedHat: RHSA-2021-0620:01 Important: stunnel security update>

Monday 22nd of February 2021 05:28:23 AM
An update for stunnel is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

openSUSE: 2021:0322-1 important: python-djangorestframework>

Sunday 21st of February 2021 10:14:11 PM
An update that fixes one vulnerability is now available.

Debian: DSA-4861-1: screen security update>

Sunday 21st of February 2021 03:31:22 AM
Felix Weinmann reported a flaw in the handling of combining characters in screen, a terminal multiplexer with VT100/ANSI terminal emulation, which can result in denial of service, or potentially the execution of arbitrary code via a specially crafted UTF-8 character sequence.

Fedora 33: dotnet5.0 2021-b881ee9839>

Saturday 20th of February 2021 08:20:39 PM
This is the update to .NET 5.0 SDK 5.0.103 and Runtime 5.0.3. This includes fixes for CVE-2021-1721 and CVE-2021-24112

Debian LTS: DLA-2574-1: openldap security update>

Saturday 20th of February 2021 07:25:16 PM
A vulnerability in the Certificate List Exact Assertion validation was discovered in OpenLDAP, a free implementation of the Lightweight Directory Access Protocol. An unauthenticated remote attacker can take advantage of this flaw to cause a denial of service (slapd

Debian LTS: DLA-2573-1: libzstd security update>

Saturday 20th of February 2021 06:21:11 PM
It was discovered that zstd, a compression utility, was vulnerable to a race condition: it temporarily exposed, during a very short timeframe, a world-readable version of its input even if the original file had restrictive permissions.

More in Tux Machines

Audiocasts/Shows: Open Source Security Podcast, Linux Action News, and SMLR

Review: Artix Linux in 2021

Artix Linux is a fork (or continuation as an autonomous project) of the Arch-OpenRC and Manjaro-OpenRC projects. Artix Linux offers a lightweight, rolling-release operating system featuring alternative init software options, including OpenRC, runit, and s6. The distribution is available in many editions, including Base, Cinnamon, LXDE, LXQt, MATE, KDE Plasma and Xfce. With all of the desktop options, combined with the available init choices, there are 21 editions, not including community spins from which to choose. All editions appear to be built for 64-bit (x86_64) machines. Picking randomly, I selected Artix's Plasma edition featuring the runit init software. The download for this edition is is 1.3GB. Browsing the other editions it looks like most flavours are about 1.1GB to 1.3GB in size, though the minimal Base edition is a compact 618MB. The project's live media boots to the KDE Plasma desktop. On the desktop we find multiple documentation and README icons. There is also an icon for launching the system installer. The default layout places a panel at bottom of the screen where we can find the application menu and system tray. The default wallpaper is a soft blue while the theme for windows and menus is dark with high contrast fonts. [...] Artix Linux is one of those distributions I really enjoy using and yet struggle to review in a meaningful way because it doesn't really go out of its way to introduce new or exciting features and everything works smoothly. The distribution is wonderfully easy to install, offers top-notch performance, and is unusually light on resources. Artix is somewhat minimal, but still ships enough software to be immediately useful right out of the gate. We can browse the web, install packages, view files, and play videos. Meanwhile the application menu isn't cluttered with a lot of extras. The developers clearly expect us to install the functionality we need, while doing a really good job of providing enough for the desktop environment to feel base-line useful right from the start. Artix does a nice job of balancing performance and functionality while also juggling ease of use against not getting in the way. There is a little documentation, but no initial welcome screen or configuration wizards that might distract the user. The one piece I felt was missing was a graphical package manager which would have made it easier to build the extra functionality I wanted on top of the base distribution. However, that one piece aside, I felt as though Artix was really well designed and put together, at lease for someone like me. It's not a distribution geared toward beginners, it's not a "first distro". It is a bit minimal and requires command line knowledge. However, for someone with a little experience with Linux, for someone who doesn't mind the occasional trip to the command line or installing new applications as needed, then Artix provides an excellent experience. It's fast, light, looks (in my opinion) great with the default theme, and elegantly walks the line between minimalism and having enough applications ready to go out of the box to be immediately useful. I'm unusually impressed with how smooth and trouble-free my experience was with this distribution and the fact it offers such a range of desktop and init diversity is all the more appealing. Read more

Alpine Linux Review: Ultimate Distro for Power Users

Alpine Linux is gathering a lot of attention because of its super-small size and focus on security. However, Alpine is different from some of the other lightweight distros we covered on FOSSLinux. It isn’t your typical desktop distribution as it is terminal-based like Arch and is marketed as a “general purpose distro.” It is currently widely adopted as a Docker container thanks to its ultra-small footprint. However, it can be used for all sorts of Linux deployments that benefit from small, resource-efficient Linux distros. Now, that statement might feel too generic. But don’t worry, as we have put together an in-depth and comprehensive review of Alpine Linux, giving you a detailed look at what it has under the hood and how to use it. As such, by the end, you should have a clear understanding of whether you should consider Alpine Linux as your next Linux distro. So without further ado, let’s dive in. Read more

Programming Leftovers

  • How to manipulate strings in bash

    Without explicit support for variable types, all bash variables are by default treated as character strings. Therefore more often than not, you need to manipulate string variables in various fashions while working on your bash script. Unless you are well-versed in this department, you may end up constantly coming back to Google and searching for tips and examples to handle your specific use case. In the spirit of saving your time and thus boosting your productivity in shell scripting, I compile in this tutorial a comprehensive list of useful string manipulation tips for bash scripting. Where possible I will try to use bash's built-in mechanisms (e.g., parameter expansion) to manipulate strings instead of invoking external tools such as awk, sed or grep. If you find any missing tips, feel free to suggest it in the comment. I will be happy to incorporate it in the article.

  • Python Generators

    Python generators are very powerful for handling operations which require large amount of memory.

  • We got lucky

    If you’re having enough production incidents to be able to evaluate your preparation, you’re probably either unlucky or unprepared ;) If you have infrequent incidents you may be well prepared but it’s hard to tell. Chaos engineering experiments are a great way to test your preparation, and practice incident response in a less stressful context. It may seem like a huge leap from your current level of preparation to running automated chaos monkeys in production, but you don’t need to go straight there. Why not start with practice drills? You could have a game host who comes up with a failure scenario. You can work up to chaos in production.

  • React Testing Library – Tutorial with JavaScript Code Examples

    This post will help you to learn what React Testing Library is, and how you can use it to test your React application. This tutorial will assume you already know some basic JavaScript and understand the basics of how React works. React Testing Library is a testing utility tool that's built to test the actual DOM tree rendered by React on the browser. The goal of the library is to help you write tests that resembles how a user would use your application, so that you'll have more confidence that your application work as intended when a real user do use it.

  • Why I Moved From Ops to DevOps (and why you might want to)