Language Selection

English French German Italian Portuguese Spanish

LinuxSecurity.com Advisories

Syndicate content
The central voice for Linux and Open Source security news.
Updated: 1 hour 35 min ago

Red Hat: 2014:1033-01: java-1.6.0-ibm: Critical Advisory

Thursday 7th of August 2014 02:59:00 PM
LinuxSecurity.com: Updated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security [More...]

Red Hat: 2014:1031-01: 389-ds-base: Important Advisory

Thursday 7th of August 2014 02:59:00 PM
LinuxSecurity.com: Updated 389-ds-base packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security [More...]

Mandriva: 2014:156: ocsinventory

Thursday 7th of August 2014 11:09:00 AM
LinuxSecurity.com: Updated ocsinventory packages fix security vulnerability: Multiple cross-site scripting (XSS) vulnerabilities in the OCS Reports Web Interface in OCS Inventory NG allow remote attackers to inject arbitrary web script or HTML via unspecified vectors (CVE-2014-4722). [More...]

Mandriva: 2014:155: kernel

Thursday 7th of August 2014 06:18:00 AM
LinuxSecurity.com: Multiple vulnerabilities has been found and corrected in the Linux kernel: Multiple buffer overflows in drivers/staging/wlags49_h2/wl_priv.c in the Linux kernel before 3.12 allow local users to cause a [More...]

Debian: 2998-1: openssl: Summary

Wednesday 6th of August 2014 07:45:00 PM
LinuxSecurity.com: Security Report Summary

Red Hat: 2014:1025-01: kernel: Important Advisory

Wednesday 6th of August 2014 01:41:00 PM
LinuxSecurity.com: Updated kernel packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 6.2 Advanced Update Support. The Red Hat Security Response Team has rated this update as having [More...]

Red Hat: 2014:1023-01: kernel: Important Advisory

Wednesday 6th of August 2014 01:40:00 PM
LinuxSecurity.com: Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having [More...]

Mandriva: 2014:153: mediawiki

Wednesday 6th of August 2014 01:39:00 PM
LinuxSecurity.com: Updated mediawiki packages fix security vulnerabilities: MediaWiki before 1.23.2 is vulnerable to JSONP injection in Flash, XSS in mediawiki.page.image.pagination.js, and clickjacking between OutputPage and ParserOutput. [More...]

Mandriva: 2014:154: readline

Wednesday 6th of August 2014 01:39:00 PM
LinuxSecurity.com: Updated readline packages fix security vulnerability: Steve Kemp discovered the _rl_tropen() function in readline insecurely handled a temporary file. This could allow a local attacker to perform symbolic link attacks (CVE-2014-2524). [More...]

Mandriva: 2014:152: glibc

Wednesday 6th of August 2014 01:31:00 PM
LinuxSecurity.com: Updated glibc packages fix security issues: Stephane Chazelas discovered that directory traversal issue in locale handling in glibc. glibc accepts relative paths with .. components in the LC_* and LANG variables. Together with typical OpenSSH [More...]

Mandriva: 2014:151: cups

Wednesday 6th of August 2014 01:24:00 PM
LinuxSecurity.com: Updated cups packages fix security vulnerability: In CUPS before 1.7.4, a local user with privileges of group=lp can write symbolic links in the rss directory and use that to gain '@SYSTEM' group privilege with cupsd (CVE-2014-3537). [More...]

Ubuntu: 2307-1: GPGME vulnerability

Wednesday 6th of August 2014 09:38:00 AM
LinuxSecurity.com: GPGME could be made to crash or run programs as your login if it processeda specially crafted certificate.

Mandriva: 2014:150: tor

Wednesday 6th of August 2014 07:55:00 AM
LinuxSecurity.com: Updated tor package fixes security vulnerability: Tor before 0.2.4.23 maintains a circuit after an inbound RELAY_EARLY cell is received by a client, which makes it easier for remote attackers to conduct traffic-confirmation attacks by using the pattern [More...]

Mandriva: 2014:149: php

Wednesday 6th of August 2014 06:43:00 AM
LinuxSecurity.com: Multiple vulnerabilities has been discovered and corrected in php: Use-after-free vulnerability in ext/spl/spl_array.c in the SPL component in PHP through 5.5.14 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact via [More...]

Red Hat: 2014:1013-01: php: Moderate Advisory

Wednesday 6th of August 2014 02:32:00 AM
LinuxSecurity.com: Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Moderate [More...]

Red Hat: 2014:1012-01: php53 and php: Moderate Advisory

Wednesday 6th of August 2014 01:47:00 AM
LinuxSecurity.com: Updated php53 and php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having Moderate [More...]

Red Hat: 2014:1011-01: resteasy-base: Moderate Advisory

Tuesday 5th of August 2014 09:30:00 PM
LinuxSecurity.com: Updated resteasy-base packages that fix one security issue are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Moderate [More...]

Red Hat: 2014:1008-01: samba: Important Advisory

Tuesday 5th of August 2014 04:31:00 PM
LinuxSecurity.com: Updated samba packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having [More...]

Red Hat: 2014:1009-01: samba4: Important Advisory

Tuesday 5th of August 2014 04:25:00 PM
LinuxSecurity.com: Updated samba4 packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having [More...]

Debian: 2997-1: reportbug: Summary

Tuesday 5th of August 2014 02:09:00 PM
LinuxSecurity.com: Security Report Summary

More in Tux Machines

Red Hat CTO unexpectedly quits, amid rumors of executive 'friction'

No-one among the rank and file at Red Hat seem to have seen this coming. In a move the Linux giant's staffers said was "shocking" and a "punch in the gut," long-time Red Hat chief technology officer Brian Stevens has resigned. In a short press release, the company announced: "Brian Stevens will step down as CTO." In the same release, Red Hat's president and chief executive Jim Whitehurst said, "We want to thank Brian for his years of service and numerous contributions to Red Hat’s business. We wish him well in his future endeavors." Read more

Is Microsoft engaging in digital imperialism?

Windows, the common carrier of Microsoft, is such a sordid mess that it suffers regular glitches and conducts mass surveillance on users. Microsoft knows that without Windows it cannot survive, so dirty tricks resume in a very big way. This is not a beep on the radar but somewhat of a surge. Nothing is going to change in Munich, but Microsoft is trying to maintain an international/universal perception that the migration to GNU/Linux was a disaster. Numerous anonymous blogs were created to attack Munich over this and provocateurs of Microsoft loved citing them, only to be repeatedly proven wrong. Microsoft is trying to make an example out of Munich in all sorts of nefarious ways. We need to defend Munich from this malicious assault by the convicted monopolist and corrupt enterprise that’s acting as though it fights for its very survival (while indeed laying off tens of thousands of employees). Read more

Shortlist of open source software used at NASA lab

Yes! We use a lot of open source. The short list includes Python, GitHub, Processing, VLC, jQuery, D3.js, Blender, VRUI, ImageJ, VMD, ParaView, MeshLab, VNC, ImageMagick, SWIG, Emacs, and many more. We like using open source because it gives us more flexibility because of licensing and allows us the opportunity to contribute back to the community using our expertise. Our favorite open source project that we work on is OpenMDAO. This project is run out of another Division at our Center. Our team provides some programming support. OpenMDAO is an open source Multidisciplinary Design Analysis and Optimization (MDAO) framework, written in Python. You can use it to develop an integrated analysis and design environment for your engineering challenges. Read more

GSoC: Thumping the Malaria and voyaging in cosmos with KStars

Let's talk about my project now. KStars is desktop planetarium application under KDE Education Projects. I developed QML based cool interface to enable users to browse through image database of community of astrophotographers (i.e. astrobin.com) which contains more than 1,20,000 (number is increasing everyday) real time and very high resolution images along with various information related to them (i.e. Date on which image was captured, Bortle Dark-Sky Scale, RA Centre, DEC Centre, Telescope or Camera used, Description added by astrophotographer etc). I am sure that this browser will enthrall school children by showing them real time images of stars and galaxies located at hundreds of light year far from earth. Read more