Language Selection

English French German Italian Portuguese Spanish Advisories

Syndicate content
The central voice for Linux and Open Source security news.
Updated: 1 hour 24 min ago

Fedora 26: community-mysql Security Update

Sunday 11th of March 2018 08:00:00 PM **MySQL 5.7.21** Bugs fixed: CVEs fixed: CVE-2018-2696 CVE-2018-2703 CVE-2018-2565 CVE-2018-2573 CVE-2018-2576 CVE-2018-2583 CVE-2018-2586 CVE-2018-2590 CVE-2018-2600 CVE-2018-2612

Fedora 26: ruby Security Update

Sunday 11th of March 2018 08:00:00 PM Fix: Multiple vulnerabilities in RubyGems https://www.ruby-

Fedora 26: transmission Security Update

Sunday 11th of March 2018 07:59:00 PM Fix CVE patch, build with openssl-1.1.x ---- Security fix for CVE-2018-5702 (Mitigate dns rebinding attacks against daemon)

Debian LTS: DLA-1306-1: vips security update

Sunday 11th of March 2018 05:50:00 PM It was discovered that there was NULL function pointer dereference vulnerability in vips, an image processing system for very large images. Remote attackers could cause a denial of service via a specially-crafted

Gentoo: GLSA-201803-04: Newsbeuter: User-assisted execution of arbitrary code

Sunday 11th of March 2018 04:36:00 PM A vulnerability in Newsbeuter may allow remote attackers to execute arbitrary shell commands.

Debian LTS: DLA-1305-1: ming security update

Sunday 11th of March 2018 02:54:00 PM Multiple vulnerabilities have been discovered in Ming: CVE-2018-5251

Debian: DSA-4134-1: util-linux security update

Saturday 10th of March 2018 09:53:00 PM Bjorn Bosselmann discovered that the umount bash completion from util-linux does not properly handle embedded shell commands in a mountpoint name. An attacker with rights to mount filesystems can take advantage of this flaw for privilege escalation if a user (in particular

CentOS: CESA-2018-0378: Important CentOS 7 ruby

Saturday 10th of March 2018 11:53:00 AM Upstream details at :

CentOS: CESA-2018-0377: Important CentOS 7 quagga

Saturday 10th of March 2018 11:52:00 AM Upstream details at :

CentOS: CESA-2018-0414: Important CentOS 7 389-ds-base

Saturday 10th of March 2018 01:08:00 AM Upstream details at :

CentOS: CESA-2018-0406: Moderate CentOS 7 php

Saturday 10th of March 2018 01:07:00 AM Upstream details at :

CentOS: CESA-2018-0418: Moderate CentOS 7 libreoffice

Saturday 10th of March 2018 01:07:00 AM Upstream details at :

CentOS: CESA-2018-0395: Important CentOS 7 kernel

Friday 9th of March 2018 11:54:00 PM Upstream details at :

CentOS: CESA-2018-0469: Important CentOS 6 dhcp

Friday 9th of March 2018 11:50:00 PM Upstream details at :

Debian LTS: DLA-1304-1: zsh security update

Friday 9th of March 2018 05:01:00 PM It was discovered that there were multiple vulnerabilities in the "zsh" shell: * CVE-2014-10070: Fix a privilege-elevation issue if the

RedHat: RHSA-2018-0469:01 Important: dhcp security update

Friday 9th of March 2018 10:07:00 AM An update for dhcp is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

Ubuntu 3594-1: Linux kernel vulnerability

Friday 9th of March 2018 09:26:00 AM The system could be made to expose sensitive information.

SciLinux: Important: dhcp on SL6.x i386/x86_64

Thursday 8th of March 2018 10:24:00 PM dhcp: Buffer overflow in dhclient possibly allowing code execution triggered by malicious server (CVE-2018-5732) * dhcp: Reference count overflow in dhcpd allows denial of service (CVE-2018-5733) SL6 x86_64 dhclient-4.1.1-53.P1.el6_9.3.x86_64.rpm dhcp-4.1.1-53.P1.el6_9.3.x86_64.rpm dhcp-common-4.1.1-53.P1.el6_9.3.x86_64.rpm dhcp-debuginfo-4.1.1-53.P1.el6_9.3.i686.rpm dh [More...]

SUSE: 2018:0638-1: important: xen

Thursday 8th of March 2018 09:09:00 PM An update that solves 10 vulnerabilities and has four fixes is now available.

Debian LTS: DLA-1303-1: python-django security update

Thursday 8th of March 2018 06:55:00 PM Several functions were extremely slow to evaluate certain inputs due to catastrophic backtracking vulnerabilities in several regular expressions.

More in Tux Machines

Ubuntu: Logic Supply and Linux 4.15/Linux 4.16

  • Tiny Apollo Lake based mini-PCs run Ubuntu
    Logic Supply unveiled two 116 x 83 x 34mm mini-PCs built around a Celeron N3350: a CL200 with 3x USB ports and a CL210 that doubles memory to 2GB LPDDR4 and 32GB eMMC, and adds a second mini-DP and GbE port. Logic Supply announced its smallest mini-PCs to date with CL200 and CL210 models that measure just 116 x 83 x 34mm. The CL200 ships with Ubuntu 16.04 while the more advanced CL210 also offers Windows 10 IoT. Both of these “IoT Edge Device” mini-PCs tap Intel’s dual-core, 1.1GHz Celeron N3350 with 6W TDP from the Apollo Lake generation, and support digital media, data acquisition, automation, and network gateway applications.
  • Ubuntu 18.04 LTS Continues Prepping With The Linux 4.15 Kernel
    There were various calls by independent end-users voicing their two cents that Ubuntu 18.04 "Bionic Beaver" should ship with Linux 4.16 instead of Linux 4.15, but that isn't going to happen. In several different places the past few weeks I've seen various remarks made of how "Ubuntu 18.04 should ship with Linux 4.16" on the basis of either better Spectre/Meltdown support, Linux 4.16 will be out in time and neither 4.15 or 4.16 are even LTS releases, better hardware support, or users simply wanting all the goodies in Linux 4.16. But that's simply foolish given Ubuntu 18.04 is being a Long Term Support release and how close the timing ends up being as is.
  • Kernel Team summary: March 21, 2018
    On the road to 18.04 we have a 4.15 based kernel in the Bionic repository.

Graphics: mesa 17.3.7, mesa 18.0.0-rc5, VGA_Switcheroo and More

  • mesa 17.3.7
    Mesa 17.3.7 is now available.
  • Mesa 17.3.7 Released With A Bunch Of Fixes
    While Mesa 18.0 should finally be out on Friday as the major quarterly update to the Mesa 3D drivers, Mesa 17.3.7 is out today and it's a rather big update for being just another point release to last month's 17.3 series. Last week marked the release candidate of Mesa 17.3.7 with 50+ changes and then on Monday came a second release candidate given all the extra patches.
  • mesa 18.0.0-rc5
    The fifth and final release candidate for Mesa 18.0.0 is now available.
  • Mesa 18.0-RC5 Released, Mesa 18.0 Should Finally Be Out On Friday
    Nearly one and a half months since Mesa 18.0-RC4 and nearly one month since last seeing any Git activity on the "18.0" Mesa Git branch, it's finally been updated today with the availability of Mesa 18.0-RC5. Mesa release manager Emil Velikov announced this long-awaited release candidate today. He says this is the fifth and final release candidate. Given the month plus since the last RC, there are many fixes/changes in this release: In fact, more than 80 changes in total for Mesa 18.0-RC5.
  • Improved VGA_Switcheroo Going Into Linux 4.17
    Google's Sean Paul has sent in the final drm-misc-next pull request to DRM-Next of new feature material for the upcoming Linux 4.17 kernel cycle. Most notable with this final drm-misc-next update is the recent VGA_Switcheroo improvements by Lukas Wunner. This is the device link
  • AMD Posts Open-Source Driver Patches For Vega 12
    It's been a while since last hearing anything about the rumored "Vega 12" GPU but coming out this morning are a set of 42 patches providing support for this unreleased GPU within the mainline Linux kernel. Alex Deucher of AMD's Linux driver team sent out the 42 patches this morning providing initial support for Vega 12 within the AMDGPU DRM kernel driver.
  • DXVK Now Has An On-Disk Shader Cache
    DXVK, the exciting project implementing the Direct3D 11 API over Vulkan for Wine gamers, now has an on-disk shader cache.
  • Freedreno's MSM DRM Driver Continues Prepping For Adreno 600 Series Support
    Rob Clark has submitted the MSM DRM driver changes to DRM-Next for the Linux 4.17 kernel for benefiting Qualcomm SoC owners. Changes this cycle for the open-source MSM DRM driver include DSI updates, fixing some race conditions, DebugFS enhancements, MDP5 fixes, and refactoring/prep work for the Adreno 600 series support.
  • NVIDIA's Jetson TK1 Is Being EOL'ed Next Month
    Easily one of our favorite ARM single-board computers ever, the Jetson TK1 from NVIDIA, will be facing retirement next month. A Phoronix reader has tipped us off that NVIDIA has sent out their EOL notice that shipments of the Jetson TK1 developer kits will be ending by the end of April. Following that, it will just live on until distributors run out of their inventory.

Slax Linux Distribution Begins Planning For Its First 2018 Release

Arriving last Christmas was a rejuvenated release of Slax, the long-running, lightweight Linux distribution with its development restarting last year and having shifted from being a Slackware derivative to Debian and moving from KDE to Fluxbox+Compton. Those involved are working on a new Slax release for 2018. Slax lead developer Tomas Matejicek has announced work is underway on the next version of this modern Slax OS with Debian+Fluxbox. Read more Original: Work in progress on next version

Games: The Pillars of the Earth, Steam, Mighty Fight Federation, Civilization VI: Rise and Fall