Language Selection

English French German Italian Portuguese Spanish

LinuxSecurity.com Advisories

Syndicate content
The central voice for Linux and Open Source security news.
Updated: 5 hours 16 min ago

Mandriva: 2014:154: readline

Wednesday 6th of August 2014 01:39:00 PM
LinuxSecurity.com: Updated readline packages fix security vulnerability: Steve Kemp discovered the _rl_tropen() function in readline insecurely handled a temporary file. This could allow a local attacker to perform symbolic link attacks (CVE-2014-2524). [More...]

Mandriva: 2014:152: glibc

Wednesday 6th of August 2014 01:31:00 PM
LinuxSecurity.com: Updated glibc packages fix security issues: Stephane Chazelas discovered that directory traversal issue in locale handling in glibc. glibc accepts relative paths with .. components in the LC_* and LANG variables. Together with typical OpenSSH [More...]

Mandriva: 2014:151: cups

Wednesday 6th of August 2014 01:24:00 PM
LinuxSecurity.com: Updated cups packages fix security vulnerability: In CUPS before 1.7.4, a local user with privileges of group=lp can write symbolic links in the rss directory and use that to gain '@SYSTEM' group privilege with cupsd (CVE-2014-3537). [More...]

Ubuntu: 2307-1: GPGME vulnerability

Wednesday 6th of August 2014 09:38:00 AM
LinuxSecurity.com: GPGME could be made to crash or run programs as your login if it processeda specially crafted certificate.

Mandriva: 2014:150: tor

Wednesday 6th of August 2014 07:55:00 AM
LinuxSecurity.com: Updated tor package fixes security vulnerability: Tor before 0.2.4.23 maintains a circuit after an inbound RELAY_EARLY cell is received by a client, which makes it easier for remote attackers to conduct traffic-confirmation attacks by using the pattern [More...]

Mandriva: 2014:149: php

Wednesday 6th of August 2014 06:43:00 AM
LinuxSecurity.com: Multiple vulnerabilities has been discovered and corrected in php: Use-after-free vulnerability in ext/spl/spl_array.c in the SPL component in PHP through 5.5.14 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact via [More...]

Red Hat: 2014:1013-01: php: Moderate Advisory

Wednesday 6th of August 2014 02:32:00 AM
LinuxSecurity.com: Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Moderate [More...]

Red Hat: 2014:1012-01: php53 and php: Moderate Advisory

Wednesday 6th of August 2014 01:47:00 AM
LinuxSecurity.com: Updated php53 and php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having Moderate [More...]

Red Hat: 2014:1011-01: resteasy-base: Moderate Advisory

Tuesday 5th of August 2014 09:30:00 PM
LinuxSecurity.com: Updated resteasy-base packages that fix one security issue are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Moderate [More...]

Red Hat: 2014:1008-01: samba: Important Advisory

Tuesday 5th of August 2014 04:31:00 PM
LinuxSecurity.com: Updated samba packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having [More...]

Red Hat: 2014:1009-01: samba4: Important Advisory

Tuesday 5th of August 2014 04:25:00 PM
LinuxSecurity.com: Updated samba4 packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having [More...]

Debian: 2997-1: reportbug: Summary

Tuesday 5th of August 2014 02:09:00 PM
LinuxSecurity.com: Security Report Summary

Ubuntu: 2306-2: GNU C Library regression

Tuesday 5th of August 2014 01:40:00 PM
LinuxSecurity.com: USN-2306-1 introduced a regression in the GNU C Library.

Red Hat: 2014:1004-01: yum-updatesd: Important Advisory

Tuesday 5th of August 2014 12:00:00 AM
LinuxSecurity.com: An updated yum-updatesd package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having [More...]

Ubuntu: 2306-1: GNU C Library vulnerabilities

Monday 4th of August 2014 12:28:00 PM
LinuxSecurity.com: Several security issues were fixed in the GNU C Library.

More in Tux Machines

Google Chrome 38 Beta Brings New Guest Mode and Easier Incognito Mode Switching

The developers have explained that the user switching feature has been redesigned and it will make changing profiles and into the incognito mode a lot simple. They have also added a new experimental Guest mode, a new experimental UI for Chrome supervised users has been implemented, and numerous under-the-hood changes have been made for stability and performance. "This release adds support for the new element thanks to the hard work of community contributor Yoav Weiss, who was able to dedicate his time to implementing this feature in multiple rendering engines because of a successful crowd-funding campaign that raised more than 50% of its funding goal." Read more

PfSense 2.1.5 Is a Free and Powerful FreeBSD-Based Firewall Operating System

PfSense is a free network firewall distribution based on the FreeBSD, it comes with a custom kernel, and a few quite powerful applications that should make its users’ life a lot easier. Most of the firewall distros are Linux-based, but PfSense is a little bit different and is using FreeBSD. Regular users won't feel anything out of the ordinary, but it's an interesting choice for the base. The developers of PfSense are also saying that their distro has been successful in replacing a number of commercial firewalls such as Check Point, Cisco PIX, Cisco ASA, Juniper, Sonicwall, Netgear, Watchguard, Astar, and others. Read more

A free culture event in Pakistan

digital materials freely online. With regards to the open source community in Pakistan, the situation is analogous to that on Wikipedia. Outside of a core group of members of Mozilla Pakistan and Linux Pakistan, the majority of internet users are not familiar with the free culture and open movements. This, in all likelihood, is due to a lack of widespread awareness of the movements. Even as Pakistan is experiencing a widespread internet penetration amongst the public, unfortunately the country has not yet adapted well to the ideas of free culture and open. Copyright protection in Pakistan is a critical issue and copyright infringement and online piracy has always been a concern. With Wikimedia Pakistan, we can help to raise awareness of the advantages and benefits of having open and free platforms, and the major role this could play in developing our market and economy. We all need to play our part in ensuring a bright future for the open and free internet. I think the success of the movement globally depends on participation of people from not only the developed countries but also from the Global South. Read more

Mesa 10.3 release candidate 2

Mesa 10.3 release candidate 2 is now available for testing. The current plan of record is to have an additional release candidate each Friday until the 10.3 release on Friday, September 12th. The tag in the GIT repository for Mesa 10.3-rc2 is 'mesa-10.3-rc2'. I have verified that the tag is in the correct place in the tree. Mesa 10.3 release candidate 2 is available for download at ftp://freedesktop.org/pub/mesa/10.3/ Read more