Language Selection

English French German Italian Portuguese Spanish

LinuxSecurity.com Advisories

Syndicate content LinuxSecurity - Security Advisories
The central voice for Linux and Open Source security news.
Updated: 1 min 57 sec ago

Gentoo: GLSA-201904-23: GLib: Multiple vulnerabilities

Monday 22nd of April 2019 07:37:00 PM
Multiple vulnerabilities have been found in GLib, the worst of which could result in a Denial of Service condition.

Gentoo: GLSA-201904-22: OpenDKIM: Root privilege escalation

Monday 22nd of April 2019 07:35:00 PM
A vulnerability was discovered in Gentoo's ebuild for OpenDKIM which could lead to root privilege escalation.

Gentoo: GLSA-201904-21: SQLite: Remote code execution

Monday 22nd of April 2019 07:32:00 PM
A vulnerability in SQLite may allow for the remote execution of code.

Gentoo: GLSA-201904-20: Apache: Privilege escalation

Monday 22nd of April 2019 07:28:00 PM
A vulnerability in Apache might allow an attacker to escalate privileges.

Debian LTS: DLA-1760-1: wget security update

Monday 22nd of April 2019 07:10:00 PM
Kusano Kazuhiko discovered a buffer overflow vulnerability in the handling of Internationalized Resource Identifiers (IRI) in wget, a network utility to retrieve files from the web, which could result in the execution of

SciLinux: Important: java-1.7.0-openjdk on SL6.x i386/x86_64

Monday 22nd of April 2019 05:33:00 PM
OpenJDK: Font layout engine out of bounds access setCurrGlyphID() (2D, 8219022) (CVE-2019-2698) * OpenJDK: Slow conversion of BigDecimal to long (Libraries, 8211936) (CVE-2019-2602) * OpenJDK: Incorrect skeleton selection in RMI registry server-side dispatch handling (RMI, 8218453) (CVE-2019-2684) SL6 x86_64 java-1.7.0-openjdk-1.7.0.221-2.6.18.0.el6_10.x86_64.rpm java-1.7.0-openjd [More...]

SciLinux: Important: java-1.7.0-openjdk on SL7.x x86_64

Monday 22nd of April 2019 03:06:00 PM
OpenJDK: Font layout engine out of bounds access setCurrGlyphID() (2D, 8219022) (CVE-2019-2698) * OpenJDK: Slow conversion of BigDecimal to long (Libraries, 8211936) (CVE-2019-2602) * OpenJDK: Incorrect skeleton selection in RMI registry server-side dispatch handling (RMI, 8218453) (CVE-2019-2684) SL7 x86_64 java-1.7.0-openjdk-1.7.0.221-2.6.18.0.el7_6.x86_64.rpm java-1.7.0-openjdk [More...]

RedHat: RHSA-2019-0790:01 Important: java-1.7.0-openjdk security update

Monday 22nd of April 2019 10:31:00 AM
An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

RedHat: RHSA-2019-0791:01 Important: java-1.7.0-openjdk security update

Monday 22nd of April 2019 10:31:00 AM
An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

Debian LTS: DLA-1759-1: clamav security update

Monday 22nd of April 2019 09:32:00 AM
Out-of-bounds read and write conditions have been fixed in clamav. CVE-2019-1787

Fedora 29: elementary-camera Security Update

Monday 22nd of April 2019 01:11:00 AM
This update fixes a [bug](https://github.com/mesonbuild/meson/issues/5268) in the Meson build system which caused binaries and libraries to incorrectly be marking as requiring an executable stack. This makes them more vulnerable to security issues, and also can result in errors caused by SELinux denials. This update also provides rebuilds of all the packages that were built with the buggy

Fedora 29: egl-wayland Security Update

Monday 22nd of April 2019 01:11:00 AM
This update fixes a [bug](https://github.com/mesonbuild/meson/issues/5268) in the Meson build system which caused binaries and libraries to incorrectly be marking as requiring an executable stack. This makes them more vulnerable to security issues, and also can result in errors caused by SELinux denials. This update also provides rebuilds of all the packages that were built with the buggy

Fedora 29: elementary-terminal Security Update

Monday 22nd of April 2019 01:11:00 AM
This update fixes a [bug](https://github.com/mesonbuild/meson/issues/5268) in the Meson build system which caused binaries and libraries to incorrectly be marking as requiring an executable stack. This makes them more vulnerable to security issues, and also can result in errors caused by SELinux denials. This update also provides rebuilds of all the packages that were built with the buggy

Fedora 29: ephemeral Security Update

Monday 22nd of April 2019 01:11:00 AM
This update fixes a [bug](https://github.com/mesonbuild/meson/issues/5268) in the Meson build system which caused binaries and libraries to incorrectly be marking as requiring an executable stack. This makes them more vulnerable to security issues, and also can result in errors caused by SELinux denials. This update also provides rebuilds of all the packages that were built with the buggy

Fedora 29: elementary-code Security Update

Monday 22nd of April 2019 01:11:00 AM
This update fixes a [bug](https://github.com/mesonbuild/meson/issues/5268) in the Meson build system which caused binaries and libraries to incorrectly be marking as requiring an executable stack. This makes them more vulnerable to security issues, and also can result in errors caused by SELinux denials. This update also provides rebuilds of all the packages that were built with the buggy

Fedora 29: gnome-characters Security Update

Monday 22nd of April 2019 01:11:00 AM
This update fixes a [bug](https://github.com/mesonbuild/meson/issues/5268) in the Meson build system which caused binaries and libraries to incorrectly be marking as requiring an executable stack. This makes them more vulnerable to security issues, and also can result in errors caused by SELinux denials. This update also provides rebuilds of all the packages that were built with the buggy

Fedora 29: group-service Security Update

Monday 22nd of April 2019 01:11:00 AM
This update fixes a [bug](https://github.com/mesonbuild/meson/issues/5268) in the Meson build system which caused binaries and libraries to incorrectly be marking as requiring an executable stack. This makes them more vulnerable to security issues, and also can result in errors caused by SELinux denials. This update also provides rebuilds of all the packages that were built with the buggy

Fedora 29: gnome-shell-extension-gsconnect Security Update

Monday 22nd of April 2019 01:11:00 AM
This update fixes a [bug](https://github.com/mesonbuild/meson/issues/5268) in the Meson build system which caused binaries and libraries to incorrectly be marking as requiring an executable stack. This makes them more vulnerable to security issues, and also can result in errors caused by SELinux denials. This update also provides rebuilds of all the packages that were built with the buggy

Fedora 29: geocode-glib Security Update

Monday 22nd of April 2019 01:11:00 AM
This update fixes a [bug](https://github.com/mesonbuild/meson/issues/5268) in the Meson build system which caused binaries and libraries to incorrectly be marking as requiring an executable stack. This makes them more vulnerable to security issues, and also can result in errors caused by SELinux denials. This update also provides rebuilds of all the packages that were built with the buggy

Fedora 29: mate-user-admin Security Update

Monday 22nd of April 2019 01:11:00 AM
This update fixes a [bug](https://github.com/mesonbuild/meson/issues/5268) in the Meson build system which caused binaries and libraries to incorrectly be marking as requiring an executable stack. This makes them more vulnerable to security issues, and also can result in errors caused by SELinux denials. This update also provides rebuilds of all the packages that were built with the buggy

More in Tux Machines

Devices: Radiant Software, ASRock and Microsoft

  • Radiant 1.1 Lattice FPGA Design Tools Release Accelerates Design Reuse
    In addition to supporting Windows, Radiant Software 1.1 adds support for the popular Ubuntu LTS 16.4 distribution of Linux. Radiant Software 1.1 is now available for download from Lattices website and currently can be used with a free license.
  • ASRock spins Whiskey Lake-U in thin Mini-ITX, 3.5-inch, and NUC formats
    ASRock announced four products based on Intel’s 8th Gen Whiskey Lake-U: a thin Mini-ITX “IMB-1216” board, a 3.5-inch “SBC-350,” and a NUC 4×4 form-factor “iBox-8365U” mini-PC and NUC-8365U mainboard. ASRock Industrial has been busy lately tapping the latest embedded-oriented x86 chips in products such as the Intel 8th Gen Whiskey Lake-U based iBox-8265U mini-PC, as well as the iBox-R1000 industrial PC and NUC-R1000 mainboard built around the AMD Ryzen Embedded R1000. Now it has announced four more Whiskey Lake-U products aimed at the embedded market.
  • Making Sense of Microsoft’s Acquisition of Express Logic [Ed: Windows is worthless, so Microsoft is buying the competition. Microsoft also bought Danger, Sidekick etc. and it never ended well. Anything Microsoft touches turns to dust. When it bought Skype it was (back then) near-monopoly, but not anymore. Microsoft sometimes announces financial losses.]
    Even the Linux Foundation, home of the Linux kernel, hosts a project called Zephyr, which is an RTOS designed for use-cases, beyond the reach of Linux.

Events: Richard Stallman in Zurich (Switzerland), OpenStack Summit, Linux Fest Northwest

  • Richard Stallman - "Free Software and Your Freedom" (Zurich, Switzerland)
  • SUSE CaaS Platform at Open Infrastructure Summit
    If you’re attending Open Infrastructure Summit this year and have in previous years as well, you might be noticing something a bit different; this year it’s not called OpenStack Summit. While we expect much of the talk will still be about OpenStack, we thought it might be a good idea to include other related technologies as well, like SUSE CaaS Platform, SUSE Cloud Application Platform – the two offerings that combine to form SUSE’s Application Delivery solution – and SUSE Enterprise Storage
  • Gearing Up for Linux Fest Northwest 2019!
    This next weekend (April 26-28th, 2019) I will be in Bellingham at Bellingham Technical College for Linux Fest Northwest to help at the Ubuntu table! I will be demonstrating Ubuntu Studio and my au…
  • Ubuntu Studio at Linux Fest Northwest 2019
    Council Chair Erich Eickmeyer will be in Bellingham, WA, USA this weekend for Linux Fest Northwest 2019, and will be bringing his audio setup to demonstrate Ubuntu Studio at the Ubuntu table. Check out the post on his personal blog!

today's howtos

Put the internet back under your control with the FreedomBox

On today's internet, most of us find ourselves locked into one service provider or the other. We find ourselves tied down to Apple, Facebook, Google, or Microsoft for our e-mail, social networking, calendering -- you name it. It doesn't have to be that way. The FreedomBox Foundation has just released its first commercially available FreedomBox: The Pioneer Edition FreedomBox Home Server Kit. With it, you -- not some company -- control over your internet-based services. The Olimex Pioneer FreedomBox costs less than $100 and is powered by a single-board computer (SBC), the open source hardware-based Olimex A20-OLinuXino-LIME2 board. This SBC is powered by a 1GHz A20/T2 dual core Cortex-A7 processor and dual-core Mali 400 GPU. It also comes with a Gigabyte of RAM, a high-speed 32GB micro SD card for storage with the FreedomBox software pre-installed, two USB ports, SATA-drive support, a Gigabit Ethernet port, and a backup battery. Doesn't sounds like much does it? But, here's the thing: You don't need much to run a personal server. Sure, some of us have been running our own servers at home, the office, or at a hosting site for ages. I'm one of those people. But, it's hard to do. What the FreedomBox brings to the table is the power to let almost anyone run their own server without being a Linux expert. The supplied FreedomBox software is based on Debian Linux. It's designed from the ground-up to make it as hard as possible for anyone to exploit your data. It does this by putting you in control of your own corner of the internet at home. Its simple user interface lets you host your own internet services with little expertise. Read more