Language Selection

English French German Italian Portuguese Spanish

LinuxSecurity.com Advisories

Syndicate content
The central voice for Linux and Open Source security news.
Updated: 4 hours 38 min ago

openSUSE: 2018:2212-1: important: mutt

Monday 6th of August 2018 03:13:00 PM
LinuxSecurity.com: An update that solves 16 vulnerabilities and has one errata is now available.

openSUSE: 2018:2211-1: moderate: xen

Monday 6th of August 2018 03:12:00 PM
LinuxSecurity.com: An update that solves 5 vulnerabilities and has two fixes is now available.

openSUSE: 2018:2210-1: nautilus

Monday 6th of August 2018 03:12:00 PM
LinuxSecurity.com: An update that fixes one vulnerability is now available.

openSUSE: 2018:2209-1: moderate: libsndfile

Monday 6th of August 2018 03:11:00 PM
LinuxSecurity.com: An update that fixes three vulnerabilities is now available.

openSUSE: 2018:2208-1: moderate: ovmf

Monday 6th of August 2018 03:11:00 PM
LinuxSecurity.com: An update that fixes one vulnerability is now available.

openSUSE: 2018:2206-1: important: java-10-openjdk

Monday 6th of August 2018 03:09:00 PM
LinuxSecurity.com: An update that solves four vulnerabilities and has one errata is now available.

Debian LTS: DLA-1457-1: ant security update

Sunday 5th of August 2018 12:59:00 PM
LinuxSecurity.com: The fix for CVE-2018-10886 was incomplete in the previous upload. New changes was implemented upstream which check and resolve symlinks before expanding the archives.

Debian: DSA-4265-1: xml-security-c security update

Sunday 5th of August 2018 10:44:00 AM
LinuxSecurity.com: It was discovered that the Apache XML Security for C++ library performed insufficient validation of KeyInfo hints, which could result in denial of service via NULL pointer dereferences when processing malformed XML data.

Debian: DSA-4264-1: python-django security update

Sunday 5th of August 2018 10:31:00 AM
LinuxSecurity.com: Andreas Hug discovered an open redirect in Django, a Python web development framework, which is exploitable if django.middleware.common.CommonMiddleware is used and the APPEND_SLASH setting is enabled.

Fedora 28: libao Security Update

Saturday 4th of August 2018 09:46:00 PM
LinuxSecurity.com: Backport fix for CVE 2017-11548

Fedora 28: mingw-xerces-c Security Update

Saturday 4th of August 2018 09:46:00 PM
LinuxSecurity.com: Update to 3.2.1 (CVE-2017-12627)

Fedora 28: mingw-gdal Security Update

Saturday 4th of August 2018 09:46:00 PM
LinuxSecurity.com: Update to 3.2.1 (CVE-2017-12627)

ArchLinux: 201808-3: python2-django: open redirect

Saturday 4th of August 2018 08:04:00 PM
LinuxSecurity.com: The package python2-django before version 1.11.15-1 is vulnerable to open redirect.

ArchLinux: 201808-2: cgit: directory traversal

Saturday 4th of August 2018 08:02:00 PM
LinuxSecurity.com: The package cgit before version 1.2.1-1 is vulnerable to directory traversal.

ArchLinux: 201808-1: python-django: open redirect

Saturday 4th of August 2018 08:00:00 PM
LinuxSecurity.com: The package python-django before version 2.0.8-1 is vulnerable to open redirect.

Debian: DSA-4263-1: cgit security update

Saturday 4th of August 2018 12:05:00 PM
LinuxSecurity.com: Jann Horn discovered a directory traversal vulnerability in cgit, a fast web frontend for git repositories written in C. A remote attacker can take advantage of this flaw to retrieve arbitrary files via a specially crafted request, when 'enable-http-clone=1' (default) is not turned off.

openSUSE: 2018:2188-1: moderate: wireshark

Friday 3rd of August 2018 09:19:00 PM
LinuxSecurity.com: An update that fixes 9 vulnerabilities is now available.

openSUSE: 2018:2184-1: moderate: wireshark

Friday 3rd of August 2018 09:15:00 PM
LinuxSecurity.com: An update that fixes 10 vulnerabilities is now available.

openSUSE: 2018:2180-1: moderate: bouncycastle

Friday 3rd of August 2018 09:09:00 PM
LinuxSecurity.com: An update that fixes one vulnerability is now available.

openSUSE: 2018:2178-1: moderate: libgcrypt

Friday 3rd of August 2018 09:07:00 PM
LinuxSecurity.com: An update that solves one vulnerability and has two fixes is now available.

More in Tux Machines

A Look At The Windows vs. Linux Scaling Performance Up To 64 Threads With The AMD 2990WX

This past week we looked at the Windows 10 vs. Linux performance for AMD's just-launched Ryzen Threadripper 2990WX and given the interest from that then ran some Windows Server benchmarks to see if the performance of this 64-thread CPU would be more competitive to Linux. From those Windows vs. Linux tests there has been much speculation that the performance disparity is due to Windows scheduler being less optimized for high core/thread count processors and its NUMA awareness being less vetted than the Linux kernel. For getting a better idea, here are benchmarks of Windows Server 2019 preview versus Ubuntu Linux when testing varying thread/core counts for the AMD Threadripper 2990WX. Toggled via the BIOS was SMT as well as various CCX configurations and each step of the way comparing the Windows Server 2019 Build 17733 performance to that of Ubuntu 18.04 LTS with the Linux 4.18 kernel in various multi-threaded benchmarks supported under both operating systems. Read more

Kernel: RISC-V and Virtual Machine

  • RISC-V's Linux Kernel Support Is Getting Into Good Shape, Userspace Starting To Work
    The RISC-V open-source processor ISA support within the mainline kernel is getting into good shape, just a few releases after this new architecture port was originally added to the Linux Git tree. The RISC-V code for Linux 4.19 includes the ISA-mandated timers and first-level interrupt controllers, which are needed to actually get user-space up and running. Besides the RISC-V first-level interrupt controller, Linux 4.19 also adds support for SiFive's platform-level interrupt controller that interfaces with the actual devices.
  • A Hearty Batch Of KVM Updates Land In Linux 4.19
    There is a lot of new feature work for the Kernel-based Virtual Machine (KVM) within the Linux 4.19 kernel.

Kate/KTextEditor Picks Up Many Improvements To Enhance KDE Text Editing

Even with KDE's annual Akademy conference happening this past week in Vienna, KDE development has been going strong especially on the usability front. The Kate text editor and the KTextEditor component within KDE Frameworks 5 have been the largest benefactors of recent improvements. This KDE text editing code now has support for disabling syntax highlighting entirely if preferred. When using syntax highlighting, there have been many KTextEditor enhancements to improve the experience as well as improvements to the highlighting for a variety of languages from JavaScript to YAML to AppArmor files. Read more

KStars v2.9.8 released

KStars 2.9.8 is released for Windows, MacOS, and Linux. It is a hotfix release that contains bug fixes and stability improvements over the last release. Read more Also: KDE Itinerary - How did we get here?