Language Selection

English French German Italian Portuguese Spanish

LinuxSecurity.com Advisories

Syndicate content LinuxSecurity - Security Advisories
The central voice for Linux and Open Source security news.
Updated: 3 hours 13 min ago

Fedora 30: matrix-synapse FEDORA-2019-80f1943143

Saturday 3rd of August 2019 09:14:33 PM
This release includes four security fixes: - Prevent an attack where a federated server could send redactions for arbitrary events in v1 and v2 rooms. - Prevent a denial-of-service attack where cycles of redaction events would make Synapse spin infinitely. - Prevent an attack where users could be joined or parted from public rooms without their consent. - Fix a vulnerability where a

Mageia 2019-0217: kernel security update

Saturday 3rd of August 2019 07:19:59 PM
This kernel update is based on the upstream 5.1.20 and fixes atleast the following security issue: With Xen, virtual device backends and device models running in domain 0, or other backend driver domains, need to be able to map guest memory

Debian LTS: DLA-1871-1: vim security update

Saturday 3rd of August 2019 08:22:32 AM
Several minor issues have been fixed in vim, a highly configurable text editor.

Gentoo: GLSA-201908-02: libpng: Multiple vulnerabilities

Saturday 3rd of August 2019 07:27:16 AM
Multiple vulnerabilities have been found in libpng, the worst of which could result in a Denial of Service condition.

Gentoo: GLSA-201908-01: Binutils: Multiple vulnerabilities

Saturday 3rd of August 2019 07:23:27 AM
Multiple vulnerabilities have been found in Binutils, the worst of which may allow remote attackers to cause a Denial of Service condition. [More...]

Fedora 30: java-11-openjdk FEDORA-2019-a9825cfb3d

Friday 2nd of August 2019 09:17:52 PM
July CPU update. See: http://openjdk.java.net/groups/vulnerability/advisories/2019-07-16 and https://mail.openjdk.java.net/pipermail/jdk-updates-dev/2019-July/001423.html

SUSE: 2019:2043-1 moderate: openexr

Friday 2nd of August 2019 05:10:59 PM
An update that fixes one vulnerability is now available.

SUSE: 2019:2042-1 moderate: python-Django

Friday 2nd of August 2019 02:10:32 PM
An update that fixes one vulnerability is now available.

Ubuntu 4079-2: SoX vulnerabilities

Thursday 1st of August 2019 09:09:32 PM
SoX could be made to crash if it received a specially crafted MP3 file.

SUSE: 2019:2034-1 moderate: python-Django1

Thursday 1st of August 2019 05:18:23 PM
An update that fixes one vulnerability is now available.

SUSE: 2019:2035-1 important: polkit

Thursday 1st of August 2019 05:14:54 PM
An update that fixes one vulnerability is now available.

SUSE: 2019:2036-1 important: java-1_8_0-openjdk

Thursday 1st of August 2019 05:13:17 PM
An update that solves 8 vulnerabilities and has one errata is now available.

openSUSE: 2019:1824-1: important: rmt-server

Thursday 1st of August 2019 05:11:20 PM
An update that solves two vulnerabilities and has 10 fixes is now available.

openSUSE: 2019:1826-1: moderate: openexr

Thursday 1st of August 2019 05:10:31 PM
An update that fixes three vulnerabilities is now available.

Debian LTS: DLA-1868-1: squirrelmail security update

Thursday 1st of August 2019 10:55:45 AM
A XSS vulnerability was discovered in SquirrelMail. Due to improper handling of RCDATA and RAWTEXT type elements, the built-in sanitization mechanism can be bypassed. Malicious script content from HTML e-mails can be executed within the application context via

Ubuntu 4085-1: Sigil vulnerability

Thursday 1st of August 2019 10:21:08 AM
Sigil could be made to overwrite files.

Ubuntu 4084-1: Django vulnerabilities

Thursday 1st of August 2019 09:05:01 AM
Several security issues were fixed in Django.

Ubuntu 4069-2: Linux kernel (HWE) vulnerabilities

Thursday 1st of August 2019 02:52:17 AM
Several security issues were fixed in the Linux kernel.

Fedora 30: proftpd FEDORA-2019-e9187610c3

Wednesday 31st of July 2019 11:01:16 PM
This update addresses an arbitrary file copy vulnerability in mod_copy in ProFTPD, which allowed for remote code execution and information disclosure without authentication due to not honoring `` constraints. Upstream bug: http://bugs.proftpd.org/show_bug.cgi?id=4372

SUSE: 2019:2031-1 important: subversion

Wednesday 31st of July 2019 08:18:47 PM
An update that fixes two vulnerabilities is now available.

More in Tux Machines

Audiocasts/Shows: System76, Pinebook and "The Linux Defender"

3 emerging open source projects to keep an eye on

The exciting thing about open source is that nobody needs permission to try something new. That's a formula that allows new ideas to emerge all the time. Here are three open source projects that are still in their early stages but show real promise. This Linux is utterly unapologetic in catering to technology hobbyists, enthusiasts, and power users. It's for the amateurs, in that best and most original sense of the word—those who love what they do. Awesome. So isn't Endeavour the perfect name? If what you want is to roll your sleeves up and level up while still enjoying a gentle start and a friendly community, this could be a great way to go about it. Read more

Android Leftovers

Raspberry Pi 4: Chronicling the Desktop Experience – Email – Week 5

This is a weekly blog about the Raspberry Pi 4 (“RPI4”), the latest product in the popular Raspberry Pi range of single-board computers. Last week’s blog looked at whether the RPI4 cuts the mustard as a desktop web browser. It does although with a few reservations. This week’s blog focuses on another absolutely essential desktop activity. Managing your email. My email requirements are very simple. I use Gmail for my personal email. It offers ample storage, threads, rich text features, useful keyboard shortcuts, and more. It gives me access to my email whatever device and platform I’m using. For the RPI4 to replace my desktop, I need quick and easy access to Gmail. Read more