Language Selection

English French German Italian Portuguese Spanish

LinuxSecurity.com Advisories

Syndicate content
The central voice for Linux and Open Source security news.
Updated: 6 hours 58 min ago

RedHat: RHSA-2018-3529:01 Moderate: Red Hat JBoss Enterprise Application

Thursday 8th of November 2018 03:43:00 PM
LinuxSecurity.com: An update is now available for Red Hat JBoss Enterprise Application Platform 7.1 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

RedHat: RHSA-2018-3527:01 Moderate: Red Hat JBoss Enterprise Application

Thursday 8th of November 2018 03:31:00 PM
LinuxSecurity.com: An update is now available for Red Hat JBoss Enterprise Application Platform 7.1. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

SciLinux: Important: spice-server on SL6.x x86_64

Thursday 8th of November 2018 03:10:00 PM
LinuxSecurity.com: spice: Possible buffer overflow via invalid monitor configurations (CVE-2017-7506) SL6 x86_64 spice-server-0.12.4-16.el6_10.2.x86_64.rpm spice-server-debuginfo-0.12.4-16.el6_10.2.x86_64.rpm spice-server-devel-0.12.4-16.el6_10.2.x86_64.rpm - Scientific Linux Development Team

Ubuntu 3813-1: pyOpenSSL vulnerabilities

Thursday 8th of November 2018 02:57:00 PM
LinuxSecurity.com: Several security issues were fixed in pyOpenSSL.

RedHat: RHSA-2018-3522:01 Important: spice-server security update

Wednesday 7th of November 2018 11:02:00 PM
LinuxSecurity.com: An update for spice-server is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

Debian LTS: DLA-1569-2: libdatetime-timezone-perl regression update

Wednesday 7th of November 2018 10:06:00 PM
LinuxSecurity.com: The previous update of libdatetime-timezone-perl to tzdata version 2018g was incomplete due to a newly introduced rule type that this version of libdatetime-timezone-perl could not parse.

Debian LTS: DLA-1571-1: firefox-esr security update

Wednesday 7th of November 2018 10:05:00 PM
LinuxSecurity.com: Multiple security issues have been found in the Mozilla Firefox web browser, which could result in the execution of arbitrary code, privilege escalation or information disclosure.

openSUSE: 2018:3658-1: important: the Linux Kernel

Wednesday 7th of November 2018 09:11:00 PM
LinuxSecurity.com: An update that solves 5 vulnerabilities and has 86 fixes is now available.

Debian LTS: DLA-1570-1: mariadb-10.0 security update

Wednesday 7th of November 2018 07:07:00 PM
LinuxSecurity.com: Several issues have been discovered in the MariaDB database server. The vulnerabilities are addressed by upgrading MariaDB to the new upstream version 10.0.37. Please see the MariaDB 10.0 Release Notes for further details:

Debian LTS: DLA-1569-1: libdatetime-timezone-perl new upstream

Wednesday 7th of November 2018 06:48:00 PM
LinuxSecurity.com: This update includes the changes in tzdata 2018g for the Perl bindings. For the list of changes, see DLA-1363-1. For Debian 8 "Jessie", this problem has been fixed in version

RedHat: RHSA-2018-3521:01 Critical: java-11-openjdk security update

Wednesday 7th of November 2018 06:14:00 PM
LinuxSecurity.com: An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which

Ubuntu 3812-1: nginx vulnerabilities

Wednesday 7th of November 2018 03:57:00 PM
LinuxSecurity.com: Several security issues were fixed in nginx.

openSUSE: 2018:3646-1: important: MozillaThunderbird

Wednesday 7th of November 2018 03:18:00 PM
LinuxSecurity.com: An update that fixes 5 vulnerabilities is now available.

RedHat: RHSA-2018-3519:01 Critical: Red Hat JBoss SOA Platform security

Wednesday 7th of November 2018 01:50:00 AM
LinuxSecurity.com: An update is now available for Red Hat JBoss SOA Platform 5.3.1. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

ArchLinux: 201811-3: ghostscript: sandbox escape

Wednesday 7th of November 2018 12:48:00 AM
LinuxSecurity.com: The package ghostscript before version 9.25-4 is vulnerable to sandbox escape.

Debian LTS: DLA-1568-1: curl security update

Tuesday 6th of November 2018 10:01:00 PM
LinuxSecurity.com: Several vulnerabilities were discovered in cURL, an URL transfer library. CVE-2016-7141

RedHat: RHSA-2018-3517:01 Critical: JBoss Enterprise Application Platform

Tuesday 6th of November 2018 07:06:00 PM
LinuxSecurity.com: An update is now available for Red Hat JBoss Enterprise Application Platform 5 for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which

RedHat: RHSA-2018-3518:01 Critical: JBoss Enterprise Application Platform

Tuesday 6th of November 2018 06:54:00 PM
LinuxSecurity.com: An update is now available for Red Hat JBoss Enterprise Application Platform 5. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which

Ubuntu 3811-1: SpamAssassin vulnerabilities

Tuesday 6th of November 2018 05:47:00 PM
LinuxSecurity.com: Several security issues were fixed in SpamAssassin.

Ubuntu 3810-1: ppp vulnerability

Tuesday 6th of November 2018 05:46:00 PM
LinuxSecurity.com: ppp could be made to crash or bypass authentication if it received specially crafted network traffic.

More in Tux Machines

Samsung Linux on DeX beta hands-on: do almost everything on your phone

Among the various Linux on Android implementations, Samsung’s Linux on DeX definitely looks the most polished ready to use solution, even if it’s still in beta form. Although it uses a two-year-old version of Ubuntu, there is already a lot that can be done from that. Plus, just like Android users, Linux users can be pretty creative and only time will tell if they’ll be able to use Linux on DeX to make almost any Linux distro work. Read more

Android Leftovers

A Look At The GCC 9 Performance On Intel Skylake Against GCC 8, LLVM Clang 7/8

With GCC 9 embarking upon its third stage of development where the focus ships to working on bug/regression fixes in preparation for releasing the GCC 9.1 stable compiler likely around the end of Q1'2019, here is a fresh look at the GCC 9 performance with its latest development code as of this week compared to GCC 8.2.0 stable while using an Intel Core i9 7980XE test system running Ubuntu Linux. For good measure are also fresh results from LLVM Clang 7.0 stable as well as LLVM Clang 8.0 SVN for the latest development state of that competing C/C++ open-source compiler. Read more

This under-$6 SBC runs Linux on RISC-V based C-SKY chip

Hangzhou C-SKY has launched a “C-SKY Linux Development Board” for $5.60 and up, featuring a RISC-V derived, 574MHz C-SKY GX6605S CK610M SoC, 64MB DDR2, an HDMI port, and 2x USB 2.0 ports. Last month, Hangzhou C-SKY Microsystems Co. announced Linux 4.20~5.0 kernel support for its new RISC-V based C-SKY CK810 SoC design. Now, Hangzhou C-SKY has launched a development board that runs Linux on a similar CK610M SoC. The C-SKY Linux Development Board sells for 39-40 Yuan ($5.60 to $7.05) on Taobao and $19.50 to $21.50 on AliExpress. Read more