Language Selection

English French German Italian Portuguese Spanish

LinuxSecurity.com Advisories

Syndicate content LinuxSecurity - Security Advisories
The central voice for Linux and Open Source security news.
Updated: 3 hours 30 min ago

ArchLinux: 201910-4: ruby-rdoc: cross-site scripting

Thursday 3rd of October 2019 05:16:44 PM
The package ruby-rdoc before version 6.1.2-1 is vulnerable to cross- site scripting.

ArchLinux: 201910-3: systemd: access restriction bypass

Thursday 3rd of October 2019 05:15:04 PM
The package systemd before version 243.0-1 is vulnerable to access restriction bypass.

ArchLinux: 201910-2: ruby: multiple issues

Thursday 3rd of October 2019 05:14:42 PM
The package ruby before version 2.6.5-1 is vulnerable to multiple issues including arbitrary code execution, content spoofing, denial of service and insufficient validation.

ArchLinux: 201910-1: exim: arbitrary code execution

Thursday 3rd of October 2019 05:13:23 PM
The package exim before version 4.92.3-1 is vulnerable to arbitrary code execution.

RedHat: RHSA-2019-2966:01 Important: Red Hat Quay v3.1.1 security update

Thursday 3rd of October 2019 02:58:10 PM
Updated Quay packages that fix several bugs and add various enhancements are now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

openSUSE: 2019:2245-1: moderate: lxc

Thursday 3rd of October 2019 02:20:43 PM
An update that fixes one vulnerability is now available.

SUSE: 2019:2536-1 moderate: sqlite3

Thursday 3rd of October 2019 02:19:14 PM
An update that fixes one vulnerability is now available.

SUSE: 2019:2533-1 moderate: sqlite3

Thursday 3rd of October 2019 02:15:49 PM
An update that fixes one vulnerability is now available.

SciLinux: SLSA-2019-2964-1 Important: patch on SL7.x x86_64

Thursday 3rd of October 2019 11:48:34 AM
patch: do_ed_script in pch.c does not block strings beginning with a ! character (CVE-2018-20969) * patch: OS shell command injection when processing crafted patch files (CVE-2019-13638) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. SL7 x86_64 [More...]

openSUSE: 2019:2244-1: moderate: rust

Thursday 3rd of October 2019 11:14:17 AM
An update that solves two vulnerabilities and has two fixes is now available.

SUSE: 2018:4088-3 important: git

Thursday 3rd of October 2019 11:12:08 AM
An update that fixes one vulnerability is now available.

Ubuntu 4146-2: ClamAV vulnerabilities

Thursday 3rd of October 2019 10:52:54 AM
Several security issues were fixed in ClamAV.

RedHat: RHSA-2019-2964:01 Important: patch security update

Thursday 3rd of October 2019 10:05:11 AM
An update for patch is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

Debian LTS: DLA-1944-1: libapreq2 security update

Thursday 3rd of October 2019 07:49:48 AM
It was discovered that there was a remotely-exploitable null pointer dereference in libapreq2, a library for manipulating HTTP requests. For Debian 8 "Jessie", this issue has been fixed in libapreq2 version

Fedora 29: memcached FEDORA-2019-15d61c1f7f

Wednesday 2nd of October 2019 10:10:06 PM
Security fix for CVE-2019-15026

Fedora 29: zeromq FEDORA-2019-4d8f9a9235

Wednesday 2nd of October 2019 10:10:05 PM
Security fix for CVE-2019-13132

Fedora 30: glpi FEDORA-2019-a1636592a3

Wednesday 2nd of October 2019 09:06:18 PM
**GLPI version 9.4.4** This is a **security release**, upgrading is highly recommended Non exhaustive list of changes: * [security] Prevent account takeover vulnerability , * [security] Prevent execution of XSS on rich text, * fix cache key lenght issues, * fix user picture removal at login, * several fixes on recurring tickets, * fix some transfer errors related to

Fedora 30: memcached FEDORA-2019-68333329e0

Wednesday 2nd of October 2019 09:06:06 PM
security fix for CVE-2019-15026

Fedora 30: zeromq FEDORA-2019-8916b4e890

Wednesday 2nd of October 2019 09:06:05 PM
Security fix for CVE-2019-13132

Debian LTS: DLA-1943-1: jackson-databind security update

Wednesday 2nd of October 2019 08:48:42 PM
More deserialization flaws were discovered in jackson-databind relating to the classes in com.zaxxer.hikari.HikariConfig, com.zaxxer.hikari.HikariDataSource, commons-dbcp and com.p6spy.engine.spy.P6DataSource, which could allow an

More in Tux Machines

Release of PyPy 7.2

  • PyPy v7.2 released

    As always, this release is 100% compatible with the previous one and fixed several issues and bugs raised by the growing community of PyPy users. We strongly recommend updating. Many of the fixes are the direct result of end-user bug reports, so please continue reporting issues as they crop up.

  • PyPy 7.2 released

    Version 7.2 of PyPy, an implementation of the Python language, is out.

  • PyPy 7.2 Released With Full 64-bit AArch64 Support, PyPy 3.6 Beyond Beta

    PyPy 7.2 is out today as a big update for this alternative Python implementation that currently provides interpreters for compatibility with Python 2.7 and Python 3.6. In cooperation with Arm and Crossbar.io, PyPy developers have been working on complete 64-bit ARM (AArch64) support and this summer they achieved getting the PyPy JIT running on 64-bit ARM. PyPy 7.2 is the first release with this 64-bit ARM support now in good standing.

today's leftovers

  • Intel Firmware Binaries Land For AX200/AX201 Bluetooth Linux Support

    With devices beginning to hit store shelves using the new Intel WiFi 6 AX200 series chipsets, the firmware binaries have landed in linux-firmware.git for rounding out support for these latest WiFi/Bluetooth adapters. For a few kernel releases now since earlier this year these new Intel wireless chipsets have been supported by the mainline kernel but the firmware hasn't been part of the de facto linux-firmware.git tree that houses the various firmware binaries for different hardware component support under Linux.

  • Improving distfile mirror structure

    The Gentoo distfile mirror network is essential in distributing sources to our users. It offloads upstream download locations, improves throughput and reliability, guarantees distfile persistency. The current structure of distfile mirrors dates back to 2002. It might have worked well back when we mirrored around 2500 files but it proved not to scale well. Today, mirrors hold almost 70 000 files, and this number has been causing problems for mirror admins.

  • LibreOffice 6.2.7 packages available for Slackware 14.2

    There was a recent update in my repository of LibreOffice packages, but that libreoffice-6.3.2 was just for slackware-current. There’s a recent release in the LibreOffice 6.2 stable series as well (ok… five weeks ago, not that recent…), and so I decided to use my build box’s free weekend to come up with packages for LibreOffice 6.2.7. This release has a security improvement over previous versions, in that it will popup a warning to the user if a document tries to run an embedded script (similar to existing warning mechanism for embedded macros).

Graphics and Standards

  • SHADERed 1.2.3 Released With Support For 3D Textures & Audio Shaders

    SHADERed is the open-source, cross-platform project for creating and testing HLSL/GLSL shaders. While a version number of 1.2.3 may not seem like a big update, some notable additions can be found within this new SHADERed release.

  • Vulkan 1.1.125 Released With SPIR-V 1.4 Support

    Succeeding Vulkan 1.1.124 one week later is now Vulkan 1.1.125 with a lone new extension. Vulkan 1.1.125 has its usual clarifications and corrections to this graphics API specification. Meanwhile the new extension introduced in the overnight v1.1.125 release is VK_KHR_spirv_1_4.

  • Making Movies Accessible for Everyone

    For the first time, people who are deaf or hard of hearing will be able to enjoy the Nairobi leg of the Human Rights Watch Film Festival, opening on October 15.

New Videos: A Look at Xubuntu 19.10 and Crunchbang++ 10