Language Selection

English French German Italian Portuguese Spanish

LinuxSecurity.com Advisories

Syndicate content LinuxSecurity - Security Advisories
The central voice for Linux and Open Source security news.
Updated: 26 min 43 sec ago

RedHat: RHSA-2019-4054:01 Moderate: OpenShift Container Platform 3.11>

Monday 16th of December 2019 08:56:09 AM
An update for openshift-external-storage is now available for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

RedHat: RHSA-2019-4055:01 Important: OpenShift Container Platform 3.11>

Monday 16th of December 2019 08:54:11 AM
An update for jenkins-2-plugins is now available for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

RedHat: RHSA-2019-4052:01 Moderate: OpenShift Container Platform 3.11>

Monday 16th of December 2019 08:52:09 AM
An update for atomic-openshift is now available for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

Debian LTS: DLA-2036-1: thunderbird security update>

Monday 16th of December 2019 08:25:29 AM
Multiple security issues have been found in Thunderbird which could potentially result in the execution of arbitrary code. For Debian 8 "Jessie", these problems have been fixed in version

RedHat: RHSA-2019-4240:01 Critical: openslp security update>

Monday 16th of December 2019 05:05:12 AM
An update for openslp is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

RedHat: RHSA-2019-4238:01 Critical: chromium-browser security update>

Monday 16th of December 2019 04:09:11 AM
An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which

Debian LTS: DLA-2035-1: libpgf security update>

Sunday 15th of December 2019 06:52:30 PM
An issue has been found in libpgf, a library to handle Progressive Graphics File (PGF).

openSUSE: 2019:2687-1: important: java-1_8_0-openjdk>

Sunday 15th of December 2019 04:11:04 PM
An update that fixes 17 vulnerabilities is now available.

Mageia 2019-0393: git security update>

Sunday 15th of December 2019 02:04:05 PM
The updated packages fix security vulnerabilities: The --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths. (CVE-2019-1348)

Mageia 2019-0392: dnsmasq security update>

Sunday 15th of December 2019 02:04:04 PM
A vulnerability was found in dnsmsq through version 2.90, where the memory leak allows remote attackers to cause a denial of service (memory consumption) via vectors involving DHCP response creation. (CVE-2019-14834)

Mageia 2019-0391: libgit2 security update>

Sunday 15th of December 2019 02:04:03 PM
libgit2 has been updated to version 0.28.4 to fix several security issues: * A carefully constructed commit object with a very large number of parents may lead to potential out-of-bounds writes or potential denial of service.

Mageia 2019-0390: libvirt security update>

Sunday 15th of December 2019 02:04:02 PM
Updated libvirt packages fix security vulnerabilities: An information leak which allowed to retrieve the guest hostname under readonly mode (CVE-2019-3886).

Mageia 2019-0389: libcroco security update>

Sunday 15th of December 2019 02:04:01 PM
Updated libcroco packages fix security vulnerabilities: Heap overflow (input: check end of input before reading a byte) (CVE-2017-7960).

openSUSE: 2019:2685-1: moderate: postgresql>

Sunday 15th of December 2019 01:10:35 PM
An update that contains security fixes can now be installed.

Debian: DSA-4584-1: spamassassin security update>

Saturday 14th of December 2019 10:20:46 AM
Two vulnerabilities were discovered in spamassassin, a Perl-based spam filter using text analysis. CVE-2018-11805

Debian LTS: DLA-2034-1: davical security update>

Saturday 14th of December 2019 12:43:22 AM
Multiple cross-site scripting and cross-site request forgery issues were discovered in the DAViCal CalDAV Server.

Debian LTS: DLA-2033-1: php-horde security update>

Friday 13th of December 2019 11:18:57 PM
A vulnerability has been found in php-horde, the Horde Application Framework, which may result in information disclosure via cross-site scripting.

Mageia 2019-0388: kernel security update>

Friday 13th of December 2019 08:38:03 PM
This update provides an update to 5.4 series kernels, currently based on upstream 5.4.2, adding support for new hardware and features, and fixing atleast the following security issue: KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID

Mageia 2019-0387: ncurses security update>

Friday 13th of December 2019 08:38:02 PM
Updated ncurses packages fix security vulnerabilities: Heap-based buffer over-read in the _nc_find_entry function (CVE-2019-17594).

Mageia 2019-0386: signing-party security update>

Friday 13th of December 2019 08:38:00 PM
Updated signing-party package fixes security vulnerability: The gpg-key2ps tool in signing-party contained an unsafe shell call enabling shell injection via a User ID (CVE-2019-11627).

More in Tux Machines

Python Programming

  • Split String in Python

    When a string of multiple words is divided into the specific number of words based on a particular separator then it is called string splitting. Most of the programming languages use the split() method to divide a string into multiple words. The return type of this method is an array for many standard programming languages. the split() method is used in Python also to divide a string into words and it returns a list of words based on the separator. How to split() method can be used in Python is shown in this article by using different examples. Spyder3 editor is used here to write and execute the python script.

  • Send and receive UDP packets via Python

    We already know about two main transport layer protocols like TCP and UDP. For more information about TCP and UDP you can check reference section. In this article we will learn how to send and receive UDP packets using python program.

  • The 7 most popular ways to plot data in Python

    "How do I make plots in Python?" used to have a simple answer: Matplotlib was the only way. Nowadays, Python is the language of data science, and there's a lot more choice. What should you use? This guide will help you decide. It will show you how to use each of the four most popular Python plotting libraries—Matplotlib, Seaborn, Plotly, and Bokeh—plus a couple of great up-and-comers to consider: Altair, with its expressive API, and Pygal, with its beautiful SVG output. I'll also look at the very convenient plotting API provided by pandas. For each library, I've included source code snippets, as well as a full web-based example using Anvil, our platform for building web apps with nothing but Python. Let's take a look.

  • Episode 3: Effective Python and Python at Google Scale

    In this episode, Christopher interviews Brett Slatkin about the 2nd edition of his book Effective Python. Brett talks about the revisions he made for the book, and updating it for the newest versions of Python 3. Christopher asks who is the intended developer for the book. Brett also discusses working on Google App Engine, and what it’s like to develop and maintain Python applications at Google Scale. Brett mentions a brief anecdote about working with Guido van Rossum, while they both worked at Google. He also provides advice about maintaining a large and aging Python code base.

  • Randy Zwitch: Building pyarrow with CUDA support

    The other day I was looking to read an Arrow buffer on GPU using Python, but as far as I could tell, none of the provided pyarrow packages on conda or pip are built with CUDA support. Like many of the packages in the compiled-C-wrapped-by-Python ecosystem, Apache Arrow is thoroughly documented, but the number of permutations of how you could choose to build pyarrow with CUDA support quickly becomes overwhelming. In this post, I’ll show how to build pyarrow with CUDA support on Ubuntu using Docker and virtualenv. These directions are approximately the same as the official Apache Arrow docs, just that I explain them step-by-step and show only the single build toolchain I used.

  • Python String Formatting

    The string Formatting is a very important task of any type of programming language. It helps the user to understand the output of the script properly. The string formatting can be done in Python in various ways, such as using ‘%’ symbol, format() method, string interpolation, etc. This article shows how the string data can be formatted in Python by using different string formatting methods. Spyder3 editor is used here to write and run the script. Two types of formatting parameters can be used in Python. These are positional parameters and keyword parameters. The parameter which is accessed by the index is called the positional parameter and the parameter which is accessed by key is called the keyword parameter. The uses of these parameters are shown in the next part of this article.

  • 30 Days Of Python | Day 3 Project: A Simple Earnings Calculator

    Welcome to the first mini project in the 30 Days of Python series. For this project we're going to be creating a simple console application that will help an employer calculate an employee's earning in a given week. [...] Once you've written your program, you shouldn't be worried if it looks a little bit different to ours. You might have chosen different variable names or prompts, or you might have used a slightly different approach to us. This is absolutely fine. There are often may different ways to write even very short programs like this.

  • When to use the Clean Architecture?

    There are few possible reactions after learning about the Clean Architecture or Hexagonal Architecture (AKA Ports & Adapters) or even merely innocent service layer in Django. Some developers are enthusiastic and try to apply these techniques immediately, some are hesitant, full of doubts. The rest is strongly opposing, declaring openly this is an abomination. Then they say we already have excellent tools, like Django. Then they argue others don’t know about the advanced features of common tools. Then they call you Java developer in disguise. As a speaker and an author of the book Implementing the Clean Architecture , I have faced all the reactions from this spectrum. What two extremes fail to do, is to ask the right question – WHEN? When the Clean Architecture should be used?

Android Leftovers

New Manjaro Linux ARM 20.04 Released For Single Board Computers

With the successful shipment of Manjaro Linux ARM to Pinebook Pro, the Manjaro ARM team has released a new ARM v20.4 for single board computers. The latest version is a successor to the previous ARM 20.02 with major system changes. Manjaro ARM is an Arch and Manjaro Linux-based small distribution by a developer team from Manjaro Linux. The ARM edition is a dedicated operating system for devices using ARM architecture-based processors. Read more

today's howtos