Language Selection

English French German Italian Portuguese Spanish

LinuxSecurity.com Advisories

Syndicate content
The central voice for Linux and Open Source security news.
Updated: 5 hours 7 min ago

Ubuntu 3697-1: Linux kernel vulnerabilities

Monday 2nd of July 2018 08:39:00 PM
LinuxSecurity.com: Several security issues were fixed in the Linux kernel.

Ubuntu 3697-2: Linux kernel (OEM) vulnerabilities

Monday 2nd of July 2018 08:39:00 PM
LinuxSecurity.com: Several security issues were fixed in the Linux kernel.

Ubuntu 3696-2: Linux kernel (Xenial HWE) vulnerabilities

Monday 2nd of July 2018 08:38:00 PM
LinuxSecurity.com: Several security issues were fixed in the Linux kernel.

Ubuntu 3696-1: Linux kernel vulnerabilities

Monday 2nd of July 2018 08:31:00 PM
LinuxSecurity.com: Several security issues were fixed in the Linux kernel.

Ubuntu 3695-1: Linux kernel vulnerabilities

Monday 2nd of July 2018 08:30:00 PM
LinuxSecurity.com: Several security issues were fixed in the Linux kernel.

Ubuntu 3695-2: Linux kernel (HWE) vulnerabilities

Monday 2nd of July 2018 08:30:00 PM
LinuxSecurity.com: Several security issues were fixed in the Linux kernel.

SciLinux: Low: libvirt on SL6.x i386/x86_64

Monday 2nd of July 2018 06:44:00 PM
LinuxSecurity.com: libvirt: Resource exhaustion via qemuMonitorIORead() method (CVE-2018-5748) * libvirt: Incomplete fix for CVE-2018-5748 triggered by QEMU guest agent (CVE-2018-1064) SL6 x86_64 libvirt-0.10.2-64.el6.x86_64.rpm libvirt-client-0.10.2-64.el6.i686.rpm libvirt-client-0.10.2-64.el6.x86_64.rpm libvirt-debuginfo-0.10.2-64.el6.i686.rpm libvirt-debuginfo-0.10.2-64.el6.x86_64.rpm [More...]

SciLinux: Moderate: glibc on SL6.x i386/x86_64

Monday 2nd of July 2018 06:44:00 PM
LinuxSecurity.com: glibc: Buffer overflow in glob with GLOB_TILDE (CVE-2017-15670) * glibc: Buffer overflow during unescaping of user names with the ~ operator (CVE-2017-15804) SL6 x86_64 glibc-2.12-1.212.el6.i686.rpm glibc-2.12-1.212.el6.x86_64.rpm glibc-common-2.12-1.212.el6.x86_64.rpm glibc-debuginfo-2.12-1.212.el6.i686.rpm glibc-debuginfo-2.12-1.212.el6.x86_64.rpm glibc-debuginfo- [More...]

SciLinux: Low: samba on SL6.x i386/x86_64

Monday 2nd of July 2018 06:43:00 PM
LinuxSecurity.com: samba: Null pointer indirection in printer server process (CVE-2018-1050) SL6 x86_64 libsmbclient-3.6.23-51.el6.i686.rpm libsmbclient-3.6.23-51.el6.x86_64.rpm samba-client-3.6.23-51.el6.x86_64.rpm samba-common-3.6.23-51.el6.i686.rpm samba-common-3.6.23-51.el6.x86_64.rpm samba-debuginfo-3.6.23-51.el6.i686.rpm samba-debuginfo-3.6.23-51.el6.x86_64.rpm samba-winb [More...]

SciLinux: Moderate: zsh on SL6.x i386/x86_64

Monday 2nd of July 2018 06:39:00 PM
LinuxSecurity.com: zsh: Stack-based buffer overflow in gen_matches_files() at compctl.c (CVE-2018-1083) * zsh: buffer overflow when scanning very long directory paths for symbolic links (CVE-2014-10072) * zsh: buffer overrun in symlinks (CVE-2017-18206) * zsh: buffer overflow in utils.c:checkmailpath() can lead to local arbitrary code execution (CVE-2018-1100) SL6 x86_64 zsh-4.3.11-8.el6.x86_64.rpm [More...]

Fedora 28: phpMyAdmin Security Update

Sunday 1st of July 2018 10:37:00 PM
LinuxSecurity.com: Upstream announcement: The phpMyAdmin team is pleased to announce the release of **phpMyAdmin version 4.8.2**. Among other bug fixes, this contains an important security update and it is highly recommended that all users upgrade immediately. The urgent vulnerability allows an authenticated attacker to exploit a phpMyAdmin feature to show and potentially execute files on the

Fedora 27: nodejs Security Update

Sunday 1st of July 2018 10:24:00 PM
LinuxSecurity.com: Update for security fixes

Debian LTS: DLA-1400-2: tomcat7 regression update

Sunday 1st of July 2018 05:32:00 PM
LinuxSecurity.com: The security update of Tomcat 7 announced as DLA-1400-1 introduced a regression for applications that make use of the Equinox OSGi framework. The MANIFEST file of tomcat-jdbc.jar in libtomcat7-java contains an invalid version number which was automatically derived

Debian LTS: DLA-1410-1: python-pysaml2 security update

Sunday 1st of July 2018 04:51:00 PM
LinuxSecurity.com: Pysaml2, a Python implementation of the Security Assertion Markup Language, would accept any password when run with Python optimizations enabled. This allows attackers to log in as any user without knowing their password.

Fedora 28: kernel Security Update

Sunday 1st of July 2018 02:39:00 AM
LinuxSecurity.com: The v4.17.3 update contains important fixes across the tree.

Fedora 27: libgxps Security Update

Sunday 1st of July 2018 01:36:00 AM
LinuxSecurity.com: Fix integer overflow

Debian: DSA-4237-1: chromium-browser security update

Sunday 1st of July 2018 01:00:00 AM
LinuxSecurity.com:

openSUSE: 2018:1862-1: GraphicsMagick

Saturday 30th of June 2018 03:10:00 PM
LinuxSecurity.com: An update that solves one vulnerability and has one errata is now available.

openSUSE: 2018:1859-1: moderate: Opera

Saturday 30th of June 2018 03:08:00 PM
LinuxSecurity.com: An update that solves one vulnerability and has one errata is now available.

openSUSE: 2018:1860-1: moderate: ImageMagick

Saturday 30th of June 2018 03:08:00 PM
LinuxSecurity.com: An update that fixes 8 vulnerabilities is now available.

More in Tux Machines

today's howtos

Red Hat News

Debian: Google Summer of Code, Debian 9.5, and Tails

  • Google Summer of Code with a Debian Project
    Yes! My project proposal was selected. First of all I want to mention that I began my open source adventure with Debian. I started to participate in the open source events like Hackathons, BSP and Conferences and doing small contribution to different projects and this is how everything started.
  • Debian 9.5 Released: “Rock Solid” GNU/Linux Distro Arrives With Spectre v2 Fix
    Following the fourth point release of Debian 9 “stretch” in March, the developers of the popular GNU/Linux distro have shipped the latest update to its stable distribution. For those who don’t know, Debian 9 is an LTS version that’ll remain supported for 5 years. As one would expect, this point release doesn’t bring any set of new features and keeps focusing on improving an already stable experience by delivering security patches and bug fixes. In case you’re looking for an option that brings new features, you can check out the recently released Linux Mint 19.
  • Your Help Is Needed to Test VeraCrypt Support in the Tails Anonymous OS, GNOME
    The team behind the famous Tails operating system, also known as the Amnesic Incognito Live System or simply Anonymous OS, needs your help to test the integration of the VeraCrypt disk encryption software. In an attempt to provide Tails users with better security, the team is working hard these days on the integration of the VeraCrypt open-source and free disk encryption utility used for on-the-fly encryption of encrypted disk drives into the next-generation Tails OS as well as the GNOME desktop environment it uses by default. This will let Tails users easily unlock encrypted volumes on-the-fly when using the anonymous live system to stay hidden online while protecting their identity and privacy. To makes things even easier, they created the VeraCrypt Mounter utility for unlocking VeraCrypt encrypted drives.

Programming: Perl, RcppClassic, Git-cinnabar, Effective Python

  • Confessions of a recovering Perl hacker
    My name's MikeCamel, and I'm a Perl hacker. There, I've said it. That's the first step. My handle on IRC, Twitter and pretty much everywhere else in the world is "MikeCamel." This is because, back in the day, when there were no chat apps—no apps at all, in fact—I was in a technical "chatroom" and the name "Mike" had been taken. I looked around, and the first thing I noticed on my desk was the Camel Book, the O'Reilly Perl Bible. I have the second edition now, but this was the first edition. Yesterday, I happened to pick up the second edition, the really thick one, to show someone on a video conference call, and it had a thin layer of dust on it. I was a little bit ashamed, but a little bit relieved as well.
  • RcppClassic 0.9.11
    A new maintenance release, now at version 0.9.11, of the RcppClassic package arrived earlier today on CRAN. This package provides a maintained version of the otherwise deprecated initial Rcpp API which no new projects should use as the normal Rcpp API is so much better.
  • Mike Hommey: Announcing git-cinnabar 0.5.0 beta 4
    Git-cinnabar is a git remote helper to interact with mercurial repositories. It allows to clone, pull and push from/to mercurial remote repositories, using git.
  • Russ Allbery: Review: Effective Python