Language Selection

English French German Italian Portuguese Spanish

LinuxSecurity.com Advisories

Syndicate content
The central voice for Linux and Open Source security news.
Updated: 8 hours 44 min ago

Gentoo: 201411-10 Asterisk: Multiple Vulnerabilities

Sunday 23rd of November 2014 01:20:00 PM
LinuxSecurity.com: Multiple vulnerabilities have been found in Asterisk, the worst of which could lead to Denial of Service.

Gentoo: 201411-09 Ansible: Privilege escalation

Sunday 23rd of November 2014 01:17:00 PM
LinuxSecurity.com: Multiple vulnerabilities has been found in Ansible which may allow local privilege escalation.

Gentoo: 201411-08 Aircrack-ng: User-assisted execution of arbitrary code

Sunday 23rd of November 2014 01:15:00 PM
LinuxSecurity.com: Multiple vulnerabilities have been found in Aircrack-ng, possibly resulting in local privilege escalation, remote code execution, or Denial of Service.

Gentoo: 201411-07 Openswan: Denial of Service

Sunday 23rd of November 2014 01:12:00 PM
LinuxSecurity.com: A NULL pointer dereference in Openswan may allow remote attackers to cause Denial of Service.

Mandriva: 2014:224: krb5

Friday 21st of November 2014 12:42:00 PM
LinuxSecurity.com: Updated krb5 packages fix security vulnerability: The kadm5_randkey_principal_3 function in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13 sends old keys in a response to a -randkey -keepold request, which allows remote [More...]

Mandriva: 2014:223: wireshark

Friday 21st of November 2014 12:39:00 PM
LinuxSecurity.com: Updated wireshark packages fix security vulnerabilities: SigComp UDVM buffer overflow (CVE-2014-8710). AMQP crash (CVE-2014-8711). [More...]

Mandriva: 2014:222: libvirt

Friday 21st of November 2014 12:36:00 PM
LinuxSecurity.com: Updated libvirt packages fix security vulnerability: Eric Blake discovered that libvirt incorrectly handled permissions when processing the qemuDomainFormatXML command. An attacker with read-only privileges could possibly use this to gain access to certain [More...]

Mandriva: 2014:221: php-smarty

Friday 21st of November 2014 12:33:00 PM
LinuxSecurity.com: [More...] _______________________________________________________________________

Mandriva: 2014:220: qemu

Friday 21st of November 2014 12:30:00 PM
LinuxSecurity.com: Updated qemu packages fix security vulnerabilities: Michael S. Tsirkin discovered that QEMU incorrectly handled vmxnet3 devices. A local guest could possibly use this issue to cause a denial of service, or possibly execute arbitrary code on the host [More...]

Mandriva: 2014:219: srtp

Friday 21st of November 2014 12:21:00 PM
LinuxSecurity.com: Updated srtp package fixes security vulnerability: Fernando Russ from Groundworks Technologies reported a buffer overflow flaw in srtp, Cisco's reference implementation of the Secure Real-time Transport Protocol (SRTP), in how [More...]

Mandriva: 2014:218: asterisk

Friday 21st of November 2014 07:51:00 AM
LinuxSecurity.com: Multiple vulnerabilities has been discovered and corrected in asterisk: Remote crash when handling out of call message in certain dialplan configurations (CVE-2014-6610). [More...]

Gentoo: 201411-06 Adobe Flash Player: Multiple vulnerabilities

Friday 21st of November 2014 07:35:00 AM
LinuxSecurity.com: Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code.

Debian: 3074-2: php5: Summary

Wednesday 19th of November 2014 05:50:00 AM
LinuxSecurity.com: Security Report Summary

Mandriva: 2014:215: gnutls

Wednesday 19th of November 2014 04:27:00 AM
LinuxSecurity.com: Updated gnutls package fix security vulnerability: An out-of-bounds memory write flaw was found in the way GnuTLS parsed certain ECC (Elliptic Curve Cryptography) certificates or certificate signing requests (CSR). A malicious user could create a [More...]

Debian: 3074-1: php5: Summary

Tuesday 18th of November 2014 04:12:00 PM
LinuxSecurity.com: Security Report Summary

Red Hat: 2014:1873-01: libvirt: Moderate Advisory

Tuesday 18th of November 2014 02:47:00 PM
LinuxSecurity.com: Updated libvirt packages that fix three security issues and one bug are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security [More...]

Red Hat: 2014:1872-01: kernel: Important Advisory

Tuesday 18th of November 2014 02:44:00 PM
LinuxSecurity.com: Updated kernel packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 6.4 Extended Update Support. Red Hat Product Security has rated this update as having Important security [More...]

Red Hat: 2014:1870-01: libXfont: Important Advisory

Tuesday 18th of November 2014 02:06:00 PM
LinuxSecurity.com: Updated libXfont packages that fix three security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security [More...]

Mandriva: 2014:214: dbus

Tuesday 18th of November 2014 01:00:00 PM
LinuxSecurity.com: Updated dbus packages fixes the following security issues: Alban Crequy and Simon McVittie discovered several vulnerabilities in the D-Bus message daemon: [More...]

Mandriva: 2014:213: curl

Tuesday 18th of November 2014 12:51:00 PM
LinuxSecurity.com: Updated curl packages fix security vulnerability: Symeon Paraschoudis discovered that the curl_easy_duphandle() function in cURL has a bug that can lead to libcurl eventually sending off sensitive data that was not intended for sending, while performing [More...]

More in Tux Machines

Leftovers: Screenshots

Quad-core media player runs Kodi/XBMC on OpenElec Linux

SolidRun’s tiny, $100 “CuBoxTV” media player runs OpenElec Linux and Kodi (formerly XBMC) on a quad-core i.MX6 SoC, and offers 100Mbps+ video decoding. The CuBoxTV is the first Freescale i.MX6 based media player to run the Kodi (formerly XBMC) multimedia distribution, says Israel-based SolidRun. CuBoxTV is closely based on the company’s latest i.MX6 based CuBox mini-PC, which now sells for $80 to $140, depending on the number of Cortex-A9 i.MX6 cores and other features. The CuBoxTV, which is available only with the quad-core i.MX6 SoC, goes for a sale price of $100. Read more

Canonical Is Still Considering Turning the Phone into a Mini-PC

Canonical is working to complete their idea of convergence with the launch of Ubuntu Touch, a new operating system for mobile devices. The desktop flavor of Ubuntu will eventually share the same code with the mobile one, and their plans go even further than that. Read more

Bq Introduces More Android Devices, But Still No Ubuntu Phones

Bq held a media event today where many were hoping the first Ubuntu Phone would be officially unveiled, but that was not the case with Ubuntu receiving no mentions during the event. Bq is one of Canonical's first two Ubuntu Phone partners and they had plans to ship the first Ubuntu Phone by the end of 2014. The other phone partner, Meizu, has previously said the MX4 with Ubuntu Touch would come in December. Read more