Language Selection

English French German Italian Portuguese Spanish

LinuxSecurity.com Advisories

Syndicate content
The central voice for Linux and Open Source security news.
Updated: 8 hours 22 min ago

Debian: 3795-1: bind9: Summary

Saturday 25th of February 2017 09:44:00 PM
LinuxSecurity.com: Security Report Summary

Fedora 25 python-cjson-1.1.0-9.fc25

Saturday 25th of February 2017 08:44:00 PM
LinuxSecurity.com: This update prevents `python-cjson` from crashing when attempting to parseheavily nested JSON structures (which could be exploited for denial of servicepurposes, against any application that uses `python-cjson` to parse arbitraryinput).

Fedora 24 xen-4.6.4-7.fc24

Saturday 25th of February 2017 07:24:00 PM
LinuxSecurity.com: memory leak when destroying guest without PT devices [XSA-207] (#1422492) updatepatches for XSA-208 after upstream revision (no functional change) ---- Qemu:net: mcf_fec: infinite loop while receiving data in mcf_fec_receive[CVE-2016-9776] Qemu: audio: memory leakage in ac97 [CVE-2017-5525] (#1414111)Qemu: audio: memory leakage in es1370 device [CVE-2017-5526] (#1414211) oobaccess in cirrus bitblt copy [XSA-208, CVE-2017-2615] (#1418243)

Fedora 24 python-cjson-1.1.0-9.fc24

Saturday 25th of February 2017 07:22:00 PM
LinuxSecurity.com: This update prevents `python-cjson` from crashing when attempting to parseheavily nested JSON structures (which could be exploited for denial of servicepurposes, against any application that uses `python-cjson` to parse arbitraryinput).

Debian: 3794-1: munin: Summary

Saturday 25th of February 2017 03:39:00 PM
LinuxSecurity.com: Security Report Summary

Fedora 24 quagga-0.99.24.1-5.fc24

Friday 24th of February 2017 06:21:00 PM
LinuxSecurity.com: Fix for CVE-2017-5495

Fedora 25 util-linux-2.28.2-2.fc25

Friday 24th of February 2017 05:55:00 PM
LinuxSecurity.com: Security fix for CVE-2017-2616

Fedora 25 python-PyMySQL-0.7.10-10.fc25

Friday 24th of February 2017 05:53:00 PM
LinuxSecurity.com: Update to 0.7.10

Debian: 3793-1: shadow: Summary

Friday 24th of February 2017 02:01:00 PM
LinuxSecurity.com: Security Report Summary

Red Hat: 2017:0324-01: kernel: Important Advisory

Friday 24th of February 2017 11:51:00 AM
LinuxSecurity.com: An update for kernel is now available for Red Hat Enterprise Linux 6.6 Advanced Update Support and Red Hat Enterprise Linux 6.6 Telco Extended Update Support. [More...]

Red Hat: 2017:0323-01: kernel: Important Advisory

Friday 24th of February 2017 11:47:00 AM
LinuxSecurity.com: An update for kernel is now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, [More...]

More in Tux Machines

Today in Techrights

Leftovers: OSS

  • Are Low-Code Platforms a Good Fit for Feds?
    Open-source code platforms — in part, because they’re often free — have long been a popular choice for digital service creation and maintenance. In recent years, however, some agencies have turned to low-code solutions for intuitive visual features such as drag-and-drop design functionality. As Forrester Research notes, low-code platforms are "application platforms that accelerate app delivery by dramatically reducing the amount of hand-coding required."
  • Crunchy Data Brings Enterprise Open Source POSTGRESQL To U.S. Government With New DISA Security Technical Implementation Guide
    Crunchy Data — a leading provider of trusted open source PostgreSQL and enterprise PostgreSQL technology, support and training — is pleased to announce the publication of a PostgreSQL Security Technical Implementation Guide (STIG) by the U.S. Department of Defense (DoD), making PostgreSQL the first open source database with a STIG. Crunchy Data collaborated with the Defense Information Systems Agency (DISA) to evaluate open source PostgreSQL against the DoD's security requirements and developed the guide to define how open source PostgreSQL can be deployed and configured to meet security requirements for government systems.
  • Democratizing IoT design with open source development boards and communities
    The Internet of Things (IoT) is at the heart of what the World Economic Forum has identified as the Fourth Industrial Revolution, an economic, technical, and cultural transformation that combines the physical, digital, and biological worlds. It is driven by such technologies as ubiquitous connectivity, big data, analytics and the cloud.

Software and today's howtos

Security and Bugs

  • Security updates for Thursday
  • Devops embraces security measures to build safer software
    Devops isn’t simply transforming how developers and operations work together to deliver better software faster, it is also changing how developers view application security. A recent survey from software automation and security company Sonatype found that devops teams are increasingly adopting security automation to create better and safer software.
  • This Xfce Bug Is Wrecking Users’ Monitors
    The Xfce desktop environment for Linux may be fast and flexible — but it’s currently affected by a very serious flaw. Users of this lightweight alternative to GNOME and KDE have reported that the choice of default wallpaper in Xfce is causing damaging to laptop displays and LCD monitors. And there’s damning photographic evidence to back the claims up.