Language Selection

English French German Italian Portuguese Spanish

LinuxSecurity.com Advisories

Syndicate content
The central voice for Linux and Open Source security news.
Updated: 4 hours 35 min ago

RedHat: RHSA-2017-3227:01 Moderate: openstack-aodh security update

Thursday 16th of November 2017 08:24:00 AM
LinuxSecurity.com: An update for openstack-aodh is now available for Red Hat OpenStack Platform 10.0 (Newton). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

Debian: DSA-4036-1: mediawiki security update

Wednesday 15th of November 2017 10:58:00 PM
LinuxSecurity.com: Multiple security vulnerabilities have been discovered in MediaWiki, a website engine for collaborative work: CVE-2017-8808

Debian: DSA-4035-1: firefox-esr security update

Wednesday 15th of November 2017 10:54:00 PM
LinuxSecurity.com: Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees and other implementation errors may lead to the execution of arbitrary code, denial of service or bypass of the same origin policy.

Fedora 25: php-PHPMailer Security Update

Wednesday 15th of November 2017 10:30:00 PM
LinuxSecurity.com: **Version 5.2.26** (November 4th 2017) * Minor security backport from 6.0 - set Debugoutput in constructor according to SAPI in use, avoiding potential XSS in default debug output.

Fedora 25: hostapd Security Update

Wednesday 15th of November 2017 10:30:00 PM
LinuxSecurity.com: Latest hostapd release with KRACK patches applied.

Fedora 25: perl-Catalyst-Plugin-Static-Simple Security Update

Wednesday 15th of November 2017 10:30:00 PM
LinuxSecurity.com: Security fix for CVE-2017-16248. Catalyst::Plugin::Static::Simple has been changed to not serve static files with dots in the names (i.e. .svn, .git, ...)

Fedora 25: wordpress Security Update

Wednesday 15th of November 2017 10:30:00 PM
LinuxSecurity.com: Update to wordpress 4.8.3. See: https://wordpress.org/news/2017/10/wordpress-4-8-3-security-release/ for details

Fedora 25: xen Security Update

Wednesday 15th of November 2017 10:30:00 PM
LinuxSecurity.com: pin count / page reference race in grant table code [XSA-236, CVE-2017-15597]

Fedora 25: wget Security Update

Wednesday 15th of November 2017 10:30:00 PM
LinuxSecurity.com: new upstream release with CVE fixes

Fedora 25: systemd Security Update

Wednesday 15th of November 2017 10:30:00 PM
LinuxSecurity.com: - systemd-detect-virt QEMU CPUID logic update - Fix rfkill on some thinkpads - Fix systemd-resolved DOS with crafted NSEC packets (LP#1725351) (No need to reboot.)

Fedora 25: lame Security Update

Wednesday 15th of November 2017 10:30:00 PM
LinuxSecurity.com: Update to 3.100 (#1470202, #1505107)

Fedora 25: nagios Security Update

Wednesday 15th of November 2017 10:30:00 PM
LinuxSecurity.com: Try to fix error on update with systemctl

Fedora 26: poppler Security Update

Wednesday 15th of November 2017 08:24:00 PM
LinuxSecurity.com: Security fix for CVE-2017-15565

Fedora 26: firefox Security Update

Wednesday 15th of November 2017 08:24:00 PM
LinuxSecurity.com: Updated to the latest version - Firefox 57 Please note that this update is incompatible with many recent Firefox add-ons, please see Fedora Magazine article for details: https://fedoramagazine.org/firefox-57-coming-soon-quantum- leap/ ---- Update to Firefox 57 a.k.a. Quantum This update may break your installed extension, please see this Fedora Magazine article for details:

Fedora 26: icu Security Update

Wednesday 15th of November 2017 08:24:00 PM
LinuxSecurity.com: Resolves: rhbz#1510932 CVE-2017-14952

Fedora 26: ImageMagick Security Update

Wednesday 15th of November 2017 08:24:00 PM
LinuxSecurity.com: 6.9.9-22

Fedora 26: php-PHPMailer Security Update

Wednesday 15th of November 2017 08:23:00 PM
LinuxSecurity.com: **Version 5.2.26** (November 4th 2017) * Minor security backport from 6.0 - set Debugoutput in constructor according to SAPI in use, avoiding potential XSS in default debug output.

Fedora 26: hostapd Security Update

Wednesday 15th of November 2017 08:23:00 PM
LinuxSecurity.com: Latest hostapd release with KRACK patches applied.

Fedora 26: perl-Catalyst-Plugin-Static-Simple Security Update

Wednesday 15th of November 2017 08:23:00 PM
LinuxSecurity.com: Security fix for CVE-2017-16248. Catalyst::Plugin::Static::Simple has been changed to not serve static files with dots in the names (i.e. .svn, .git, ...)

Fedora 26: rubygem-ox Security Update

Wednesday 15th of November 2017 08:23:00 PM
LinuxSecurity.com: Security fix for CVE-2017-15928

More in Tux Machines

Goodbye Apple, goodbye Microsoft... hello Linux

A year on, my office computer is still humming along happily on Linux Mint. In fact I’m so satisfied that I have taken the final plunge and replaced my home computer with a Linux system as well. Read more

Raspberry Pi arrives on PC/104… sort of

Crowd Supply is hosting a “Pi/104” carrier for the RPi Compute Module 3 featuring PC/104 OneBank expansion, a 40-pin RPi header, and -25 to 80°C support. Here’s something we haven’t seen before. Developer Adam Parker has launched a stackable PC/104 form factor carrier board on Crowd Supply designed to work with the Linux-driven Raspberry Pi Compute Module 3. The industrial-targeted carrier provides -25 to 80°C support and an 8-36V input with screw terminal connector. Read more

Today in Techrights

today's leftovers

  • Blockchain Moves Beyond its 'Moonshot' Phase
  • Some reading
    I've complained previously about disliking benchmarking. More generally, I'm not really a fan of performance analysis. I always feel like I get stuck at coming up with an approach to "it's going slower, why" beyond the basics. I watched a video of Brendan Gregg's talk from kernel recipes, and ended up going down the black hole1 of reading his well written blog. He does a fantastic job of explaining performance analysis concepts as well as the practical tools to do the analysis. He wrote a book several years ago and I happily ordered it. The book explains how to apply the USE method to performance problems across the system. This was helpful to me because it provides a way to generate a list of things to check and how to check them. It addresses the "stuck" feeling I get when dealing with performance problems. The book also provides a good high level overview of operating systems concepts. I'm always looking for references for people who are interested in kernels but don't know where to start and I think this book could fill a certain niche. Even if this book has been out for several years now, I was very excited to discover it.
  • Introducing container-diff, a tool for quickly comparing container images
    The Google Container Tools team originally built container-diff, a new project to help uncover differences between container images, to aid our own development with containers. We think it can be useful for anyone building containerized software, so we’re excited to release it as open source to the development community.
  • NATTT – A Modern Multi-Platform Time Conscious Tracker App
    It’s not that there aren’t already a lot of time tracker apps but my conscience wouldn’t let me sleep if I didn’t tell you about NATTT. So grab your cup of whatever you’re probably drinking as we delve into this app a little. NATTT is an acronym for “Not Another Time Tracking Tool”; a free and multi-platform app with which you can keep track of your work and how much you have spent at it.
  • Running Bitcoin node and ElectrumX server
  • todo.txt done
  • GNOME's Calendar & TODO Applications Are Looking Better For v3.28
    Adding to the growing list of changes for GNOME 3.28 are improvements to the Calendar and To Do applications by Georges Stavracas. Stavracas has been reworking the month view of GNOME Calendar and it's looking much better, some applications for Calendar via libdazzle, and more.
  • Compact DAQ systems offer a choice of 12- or 16-bit I/Os
    Advantech’s Linux-ready “MIC-1810” and “MIC-1816” DAQ computers offer 12- and 16-bit analog I/O, respectively, plus 24x DIOs, Intel CPUs, and 4x USB ports. Advantech’s MIC-1810 and MIC-1816 are digital acquisition computers that run Linux or Windows 7/8/10 on Intel 3rd Gen “Ivy Bridge” processors. If the aging CPU is a turn-off, keep in mind that many DAQ applications don’t require that much processing power, and perhaps Advantech’s “entry-level” label for the systems extends to the price, as well. The 165 x 130 x 59mm, DIN-rail mountable systems should also prove useful for environments with limited space.