Language Selection

English French German Italian Portuguese Spanish

LinuxSecurity.com Advisories

Syndicate content
The central voice for Linux and Open Source security news.
Updated: 3 hours 41 min ago

Debian: 3084-1: openvpn: Summary

Monday 1st of December 2014 03:28:00 PM
LinuxSecurity.com: Security Report Summary

Ubuntu: 2429-1: ppp vulnerability

Monday 1st of December 2014 10:52:00 AM
LinuxSecurity.com: ppp could be made to crash or run programs as an administrator if it openeda specially crafted file.

Debian: 3083-1: mutt: Summary

Sunday 30th of November 2014 08:48:00 AM
LinuxSecurity.com: Security Report Summary

Debian: 3082-1: flac: Summary

Sunday 30th of November 2014 08:37:00 AM
LinuxSecurity.com: Security Report Summary

Debian: 3081-1: libvncserver: Summary

Saturday 29th of November 2014 10:59:00 AM
LinuxSecurity.com: Security Report Summary

Debian: 3080-1: openjdk-7: Summary

Saturday 29th of November 2014 07:44:00 AM
LinuxSecurity.com: Security Report Summary

Debian: 3079-1: ppp: Summary

Saturday 29th of November 2014 06:43:00 AM
LinuxSecurity.com: Security Report Summary

Mandriva: 2014:237: perl-Mojolicious

Friday 28th of November 2014 09:21:00 AM
LinuxSecurity.com: Updated perl-Mojolicious package fixes security vulnerability: An assumption in Mojolicious before 5.48 CGI parameter handling that can result in parameter injection attacks. [More...] _______________________________________________________________________

Mandriva: 2014:236: file

Friday 28th of November 2014 09:15:00 AM
LinuxSecurity.com: Updated file packages fix security vulnerability: An out-of-bounds read flaw was found in file's donote() function in the way the file utility determined the note headers of a elf file. This could possibly lead to file executable crash (CVE-2014-3710). [More...]

Mandriva: 2014:235: perl-Plack

Friday 28th of November 2014 05:51:00 AM
LinuxSecurity.com: Updated perl-Plack package fixes security vulnerability: Plack::App::File would previously strip trailing slashes off provided paths. This in combination with the common pattern of serving files with Plack::Middleware::Static could allow an attacker to bypass a [More...]

Mandriva: 2014:234: libksba

Friday 28th of November 2014 05:48:00 AM
LinuxSecurity.com: Updated libksba packages fix security vulnerability: By using special crafted S/MIME messages or ECC based OpenPGP data, it is possible to create a buffer overflow, which could lead to a denial of service (CVE-2014-9087). [More...]

Ubuntu: 2427-1: Libksba vulnerability

Thursday 27th of November 2014 02:52:00 PM
LinuxSecurity.com: Libksba could be made to crash or run programs if it opened a speciallycrafted file.

Ubuntu: 2426-1: FLAC vulnerabilities

Thursday 27th of November 2014 02:17:00 PM
LinuxSecurity.com: FLAC could be made to crash or run programs as your login if it opened aspecially crafted file.

Mandriva: 2014:229: libvncserver

Wednesday 26th of November 2014 11:03:00 AM
LinuxSecurity.com: Updated libvncserver packages fix security vulnerabilities: A malicious VNC server can trigger incorrect memory management handling by advertising a large screen size parameter to the VNC client. This would result in multiple memory corruptions and could allow remote [More...]

Mandriva: 2014:228: phpmyadmin

Wednesday 26th of November 2014 04:33:00 AM
LinuxSecurity.com: Multiple vulnerabilities has been discovered and corrected in phpmyadmin: * Multiple XSS vulnerabilities (CVE-2014-8958). [More...]

Debian: 3076-1: wireshark: Summary

Tuesday 25th of November 2014 03:52:00 PM
LinuxSecurity.com: Security Report Summary

Ubuntu: 2422-1: Squid vulnerabilities

Tuesday 25th of November 2014 12:26:00 PM
LinuxSecurity.com: Squid could be made to crash if it received specially crafted networktraffic.

Mandriva: 2014:227: ffmpeg

Tuesday 25th of November 2014 08:06:00 AM
LinuxSecurity.com: Multiple vulnerabilities has been discovered and corrected in ffmpeg: The decode_init function in libavcodec/huffyuv.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a crafted width in huffyuv data with the predictor set to median and [More...]

Mandriva: 2014:226: imagemagick

Tuesday 25th of November 2014 06:51:00 AM
LinuxSecurity.com: Updated imagemagick packages fix security vulnerabilities: ImageMagick is vulnerable to a denial of service due to out-of-bounds memory accesses in the resize code (CVE-2014-8354), PCX parser (CVE-2014-8355), DCM decoder (CVE-2014-8562), and JPEG decoder [More...]

Mandriva: 2014:225: ruby

Tuesday 25th of November 2014 06:45:00 AM
LinuxSecurity.com: Updated ruby packages fix security vulnerabilities: Will Wood discovered that Ruby incorrectly handled the encodes() function. An attacker could possibly use this issue to cause Ruby to crash, resulting in a denial of service, or possibly execute arbitrary [More...]

More in Tux Machines

Git 2.2.1 Released To Fix Critical Security Issue

Today's Git vulnerability affects those using the Git client on case-insensitive file-systems. On case-insensitive platforms like Windows and OS X, committing to .Git/config could overwrite the user's .git/config and could lead to arbitrary code execution. Fortunately with most Phoronix readers out there running Linux, this isn't an issue thanks to case-sensitive file-systems. Read more

Ubuntu 15.04 Alpha 1 For Its Various Flavors

While Ubuntu itself no longer puts out alpha/beta releases in favor of just testing out the daily Live ISOs, the various Ubuntu flavors still participating in the traditional release process have done their first alpha releases this afternoon for Ubuntu 15.04. Read more

Robolinux 7.7.1 LXDE Runs Windows Apps with Stealth VM

Robolinux 7.7.1, a fast and easy-to-use Linux distribution based on Debian has just received a new desktop environment, LXDE, making this the third second flavor of the distribution. Read more

Jolla's Sailfish OS Update 10 Is Now Available

The tenth update to Jolla's Sailfish mobile operating system is now available. This update is version 1.1.1.26 and is codenamed Vaarainjärvi. This latest update to Jolla's Sailfish OS includes the device lock now supporting alpha-numeric codes, copy-paste support between Android and native Sailfish apps, Mail app improvements, new overlays for maps, search improvements, unification to the accounts framework, new MMS settings, UI improvements, and an assortment of other improvements. Read more