Language Selection

English French German Italian Portuguese Spanish

LinuxSecurity.com Advisories

Syndicate content
The central voice for Linux and Open Source security news.
Updated: 4 hours 37 min ago

ArchLinux: 201807-14: jenkins: multiple issues

Thursday 26th of July 2018 09:10:00 AM
LinuxSecurity.com: The package jenkins before version 2.133-1 is vulnerable to multiple issues including access restriction bypass, arbitrary filesystem access, cross-site scripting and information disclosure.

Fedora 28: httpd Security Update

Wednesday 25th of July 2018 07:51:00 PM
LinuxSecurity.com: This update includes the latest upstream release, **httpd 2.4.34**, with multiple bug fixes and enhancements. See http://www.apache.org/dist/httpd/CHANGES_2.4.34 for more information on the changes in this version. A security vulnerability is addressed in this update: * `mod_md`: DoS via Coredumps on specially crafted requests (CVE-2018-8011)

Fedora 27: dcraw Security Update

Wednesday 25th of July 2018 06:45:00 PM
LinuxSecurity.com: New version of dcraw is available 9.28.0 Security fix for CVE-2018-5801

CentOS: CESA-2018-2251: Important CentOS 6 thunderbird

Wednesday 25th of July 2018 06:43:00 PM
LinuxSecurity.com: Upstream details at : https://access.redhat.com/errata/RHSA-2018:2251

CentOS: CESA-2018-2252: Important CentOS 7 thunderbird

Wednesday 25th of July 2018 04:11:00 PM
LinuxSecurity.com: Upstream details at : https://access.redhat.com/errata/RHSA-2018:2252

CentOS: CESA-2018-2242: Moderate CentOS 7 java-1.8.0-openjdk

Wednesday 25th of July 2018 04:10:00 PM
LinuxSecurity.com: Upstream details at : https://access.redhat.com/errata/RHSA-2018:2242

CentOS: CESA-2018-2240: Important CentOS 7 openslp

Wednesday 25th of July 2018 04:10:00 PM
LinuxSecurity.com: Upstream details at : https://access.redhat.com/errata/RHSA-2018:2240

CentOS: CESA-2018-2241: Moderate CentOS 6 java-1.8.0-openjdk

Wednesday 25th of July 2018 03:44:00 PM
LinuxSecurity.com: Upstream details at : https://access.redhat.com/errata/RHSA-2018:2241

SciLinux: Important: thunderbird on SL6.x i386/x86_64

Wednesday 25th of July 2018 03:34:00 PM
LinuxSecurity.com: This update upgrades Thunderbird to version 52.9.1. * Mozilla: Memory safety bugs fixed in Firefox 61, Firefox ESR 60.1, and Firefox ESR 52.9 (CVE-2018-5188) * Mozilla: Buffer overflow using computed size of canvas element (CVE-2018-12359) * Mozilla: Use-after-free using focus() (CVE-2018-12360) * Mozilla: Integer overflow in SSSE3 scaler (CVE-2018-12362) * Mozilla: Use-after-free when appe [More...]

Ubuntu 3722-2: ClamAV vulnerabilities

Wednesday 25th of July 2018 03:23:00 PM
LinuxSecurity.com: ClamAV could be made to hang if it opened a specially crafted file.

SciLinux: Important: thunderbird on SL7.x x86_64

Wednesday 25th of July 2018 03:21:00 PM
LinuxSecurity.com: This update upgrades Thunderbird to version 52.9.1. * Mozilla: Memory safety bugs fixed in Firefox 61, Firefox ESR 60.1, and Firefox ESR 52.9 (CVE-2018-5188) * Mozilla: Buffer overflow using computed size of canvas element (CVE-2018-12359) * Mozilla: Use-after-free using focus() (CVE-2018-12360) * Mozilla: Integer overflow in SSSE3 scaler (CVE-2018-12362) * Mozilla: Use-after-free when appe [More...]

openSUSE: 2018:2055-1: important: Chromium

Wednesday 25th of July 2018 03:09:00 PM
LinuxSecurity.com: An update that fixes 26 vulnerabilities is now available.

openSUSE: 2018:2054-1: important: Chromium

Wednesday 25th of July 2018 03:08:00 PM
LinuxSecurity.com: An update that fixes 26 vulnerabilities is now available.

RedHat: RHSA-2018-2258:01 Important: qemu-kvm-rhev security update

Wednesday 25th of July 2018 02:19:00 PM
LinuxSecurity.com: An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform 12. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

Debian LTS: DLA-1441-1: sympa security update

Tuesday 24th of July 2018 10:53:00 PM
LinuxSecurity.com: A vulnerability has been discovered in Sympa, a modern mailing list manager, that allows write access to files on the server filesystem. This flaw allows to create or modify any file writable by the Sympa user, located on the server filesystem, using the function of Sympa

Debian LTS: DLA-1440-1: libarchive-zip-perl security update

Tuesday 24th of July 2018 10:48:00 PM
LinuxSecurity.com: The libarchive-zip-perl package is vulnerable to a directory traversal attack in Archive::Zip. It was found that the Archive::Zip module did not properly sanitize paths while extracting zip files. An attacker able to provide a specially crafted archive for processing could use

Debian LTS: DLA-1439-1: resiprocate security update

Tuesday 24th of July 2018 10:13:00 PM
LinuxSecurity.com: CVE-2018-12584 A flaw in function ConnectionBase::preparseNewBytes of resip/stack/ConnectionBase.cxx has been detected, that

RedHat: RHSA-2018-2251:01 Important: thunderbird security update

Tuesday 24th of July 2018 09:35:00 PM
LinuxSecurity.com: An update for thunderbird is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

RedHat: RHSA-2018-2252:01 Important: thunderbird security update

Tuesday 24th of July 2018 09:34:00 PM
LinuxSecurity.com: An update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

RedHat: RHSA-2018-2255:01 Critical: java-1.7.0-oracle security update

Tuesday 24th of July 2018 09:14:00 PM
LinuxSecurity.com: An update for java-1.7.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which

More in Tux Machines

A Look At The Windows vs. Linux Scaling Performance Up To 64 Threads With The AMD 2990WX

This past week we looked at the Windows 10 vs. Linux performance for AMD's just-launched Ryzen Threadripper 2990WX and given the interest from that then ran some Windows Server benchmarks to see if the performance of this 64-thread CPU would be more competitive to Linux. From those Windows vs. Linux tests there has been much speculation that the performance disparity is due to Windows scheduler being less optimized for high core/thread count processors and its NUMA awareness being less vetted than the Linux kernel. For getting a better idea, here are benchmarks of Windows Server 2019 preview versus Ubuntu Linux when testing varying thread/core counts for the AMD Threadripper 2990WX. Toggled via the BIOS was SMT as well as various CCX configurations and each step of the way comparing the Windows Server 2019 Build 17733 performance to that of Ubuntu 18.04 LTS with the Linux 4.18 kernel in various multi-threaded benchmarks supported under both operating systems. Read more

Kernel: RISC-V and Virtual Machine

  • RISC-V's Linux Kernel Support Is Getting Into Good Shape, Userspace Starting To Work
    The RISC-V open-source processor ISA support within the mainline kernel is getting into good shape, just a few releases after this new architecture port was originally added to the Linux Git tree. The RISC-V code for Linux 4.19 includes the ISA-mandated timers and first-level interrupt controllers, which are needed to actually get user-space up and running. Besides the RISC-V first-level interrupt controller, Linux 4.19 also adds support for SiFive's platform-level interrupt controller that interfaces with the actual devices.
  • A Hearty Batch Of KVM Updates Land In Linux 4.19
    There is a lot of new feature work for the Kernel-based Virtual Machine (KVM) within the Linux 4.19 kernel.

Kate/KTextEditor Picks Up Many Improvements To Enhance KDE Text Editing

Even with KDE's annual Akademy conference happening this past week in Vienna, KDE development has been going strong especially on the usability front. The Kate text editor and the KTextEditor component within KDE Frameworks 5 have been the largest benefactors of recent improvements. This KDE text editing code now has support for disabling syntax highlighting entirely if preferred. When using syntax highlighting, there have been many KTextEditor enhancements to improve the experience as well as improvements to the highlighting for a variety of languages from JavaScript to YAML to AppArmor files. Read more

KStars v2.9.8 released

KStars 2.9.8 is released for Windows, MacOS, and Linux. It is a hotfix release that contains bug fixes and stability improvements over the last release. Read more Also: KDE Itinerary - How did we get here?