Language Selection

English French German Italian Portuguese Spanish

LinuxSecurity.com Advisories

Syndicate content
The central voice for Linux and Open Source security news.
Updated: 48 min 39 sec ago

Ubuntu: 2416-1: Linux kernel (EC2) vulnerabilities

Monday 24th of November 2014 11:18:00 PM
LinuxSecurity.com: Several security issues were fixed in the kernel.

Ubuntu: 2417-1: Linux kernel vulnerabilities

Monday 24th of November 2014 11:18:00 PM
LinuxSecurity.com: Several security issues were fixed in the kernel.

Ubuntu: 2418-1: Linux kernel (OMAP4) vulnerabilities

Monday 24th of November 2014 11:18:00 PM
LinuxSecurity.com: Several security issues were fixed in the kernel.

Ubuntu: 2415-1: Linux kernel vulnerability

Monday 24th of November 2014 11:18:00 PM
LinuxSecurity.com: The system could be made to deny write access to files.

Red Hat: 2014:1894-01: chromium-browser: Important Advisory

Monday 24th of November 2014 04:46:00 PM
LinuxSecurity.com: Updated chromium-browser packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having Important security [More...]

Red Hat: 2014:1893-01: libXfont: Important Advisory

Monday 24th of November 2014 04:34:00 PM
LinuxSecurity.com: Updated libXfont packages that fix three security issues are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security [More...]

Gentoo: 201411-10 Asterisk: Multiple Vulnerabilities

Sunday 23rd of November 2014 01:20:00 PM
LinuxSecurity.com: Multiple vulnerabilities have been found in Asterisk, the worst of which could lead to Denial of Service.

Gentoo: 201411-09 Ansible: Privilege escalation

Sunday 23rd of November 2014 01:17:00 PM
LinuxSecurity.com: Multiple vulnerabilities has been found in Ansible which may allow local privilege escalation.

Gentoo: 201411-08 Aircrack-ng: User-assisted execution of arbitrary code

Sunday 23rd of November 2014 01:15:00 PM
LinuxSecurity.com: Multiple vulnerabilities have been found in Aircrack-ng, possibly resulting in local privilege escalation, remote code execution, or Denial of Service.

Gentoo: 201411-07 Openswan: Denial of Service

Sunday 23rd of November 2014 01:12:00 PM
LinuxSecurity.com: A NULL pointer dereference in Openswan may allow remote attackers to cause Denial of Service.

Mandriva: 2014:224: krb5

Friday 21st of November 2014 12:42:00 PM
LinuxSecurity.com: Updated krb5 packages fix security vulnerability: The kadm5_randkey_principal_3 function in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13 sends old keys in a response to a -randkey -keepold request, which allows remote [More...]

Mandriva: 2014:223: wireshark

Friday 21st of November 2014 12:39:00 PM
LinuxSecurity.com: Updated wireshark packages fix security vulnerabilities: SigComp UDVM buffer overflow (CVE-2014-8710). AMQP crash (CVE-2014-8711). [More...]

Mandriva: 2014:222: libvirt

Friday 21st of November 2014 12:36:00 PM
LinuxSecurity.com: Updated libvirt packages fix security vulnerability: Eric Blake discovered that libvirt incorrectly handled permissions when processing the qemuDomainFormatXML command. An attacker with read-only privileges could possibly use this to gain access to certain [More...]

Mandriva: 2014:221: php-smarty

Friday 21st of November 2014 12:33:00 PM
LinuxSecurity.com: [More...] _______________________________________________________________________

Mandriva: 2014:220: qemu

Friday 21st of November 2014 12:30:00 PM
LinuxSecurity.com: Updated qemu packages fix security vulnerabilities: Michael S. Tsirkin discovered that QEMU incorrectly handled vmxnet3 devices. A local guest could possibly use this issue to cause a denial of service, or possibly execute arbitrary code on the host [More...]

Mandriva: 2014:219: srtp

Friday 21st of November 2014 12:21:00 PM
LinuxSecurity.com: Updated srtp package fixes security vulnerability: Fernando Russ from Groundworks Technologies reported a buffer overflow flaw in srtp, Cisco's reference implementation of the Secure Real-time Transport Protocol (SRTP), in how [More...]

Mandriva: 2014:218: asterisk

Friday 21st of November 2014 07:51:00 AM
LinuxSecurity.com: Multiple vulnerabilities has been discovered and corrected in asterisk: Remote crash when handling out of call message in certain dialplan configurations (CVE-2014-6610). [More...]

Gentoo: 201411-06 Adobe Flash Player: Multiple vulnerabilities

Friday 21st of November 2014 07:35:00 AM
LinuxSecurity.com: Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code.

More in Tux Machines

UBOS -- a new Linux distro for personal servers and IoT devices

UBOS is a new Linux distro that aims to make it 10x easier to run server-side apps for yourself, or for your family, on hardware you own. Why give your valuable data to Google or some other data overlord, if you can keep it under your own control? All you need is a spare (physical, virtual, or cloud) computer that can run Linux. UBOS automates much of the administration, so you can get on with life. Want to use ownCloud instead of Dropbox? Shaarli instead of delicious? An RSS reader or an Internet-of-Things app? UBOS makes installation and maintenance easy and quick.

Slovak statisticians rely on open source for voting machines

The Slovak Republic’s Bureau of Statistics has used PCs running Ubuntu Linux for recording votes in the country’s municipal election on 29 November. Using open source saves money, says Štefan Tóth, Director Geneŕal of Informatics Section at the agency. For the bureau’s IT system administrators, Ubuntu proves easier to maintain and configure, and the software also withstands malware attacks better than the proprietary alternative, director Tóth confirms Read more

Users Can Backup Linux Systems with Clonezilla Live 2.3.1-18

Clonezilla Live, a Linux distribution based on DRBL, Partclone, and udpcast that lets users perform bare metal backup and recovery with very little effort has been upgraded to version 2.3.1-18 and is now ready for download. Read more

KDE Applications 14.12 - New Features, Frameworks Ports

Today KDE released KDE Applications 14.12, delivering new features and bug fixes to more than a hundred applications. Most of these applications are based on KDE Development Platform 4 but the first applications have been ported to KDE Frameworks 5. Frameworks is a set of modularized libraries providing additional functionality for Qt5, the latest version of the popular Qt cross-platform application framework. KDE app dragons This release marks the beginning of a new style of releases replacing the threesome of KDE Workspaces, Platform and Applications in the 4 series which ended with the latest KDE Applications update last month. Read more