Language Selection

English French German Italian Portuguese Spanish

LinuxSecurity.com Advisories

Syndicate content
The central voice for Linux and Open Source security news.
Updated: 11 hours 38 min ago

Fedora 25: kernel Security Update

Monday 20th of November 2017 05:59:00 PM
LinuxSecurity.com: The 4.13.13 update contains a number of important fixes across the tree.

Fedora 27: postgresql Security Update

Monday 20th of November 2017 04:57:00 PM
LinuxSecurity.com: update to 9.6.6 per release notes: https://www.postgresql.org/docs/9.6/static/release-9-6-6.html

RedHat: RHSA-2017-3248:01 Low: .NET Core security update

Monday 20th of November 2017 11:47:00 AM
LinuxSecurity.com: A security update for .NET Core on RHEL is now available. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

Fedora 27: kernel Security Update

Monday 20th of November 2017 01:04:00 AM
LinuxSecurity.com: The 4.13.13 update contains a number of important fixes across the tree.

Fedora 27: jbig2dec Security Update

Monday 20th of November 2017 01:04:00 AM
LinuxSecurity.com: update to 0.14 (bugfix release)

Fedora 27: roundcubemail Security Update

Monday 20th of November 2017 01:04:00 AM
LinuxSecurity.com: Upstream announcement for **version 1.3.3** This is a security update to the stable version 1.3. It primarily fixes a recently discovered file disclosure vulnerability caused by insufficient input validation in conjunction with file- based attachment plugins, which are used by default. More details will be published under CVE-2017-16651. We strongly recommend to update all productive

Fedora 26: kernel Security Update

Sunday 19th of November 2017 11:18:00 PM
LinuxSecurity.com: The 4.13.13 update contains a number of important fixes across the tree.

Fedora 26: roundcubemail Security Update

Sunday 19th of November 2017 11:17:00 PM
LinuxSecurity.com: Upstream announcement for **version 1.3.3** This is a security update to the stable version 1.3. It primarily fixes a recently discovered file disclosure vulnerability caused by insufficient input validation in conjunction with file- based attachment plugins, which are used by default. More details will be published under CVE-2017-16651. We strongly recommend to update all productive

Gentoo: GLSA-201711-16: CouchDB: Multiple vulnerabilities

Sunday 19th of November 2017 08:52:00 PM
LinuxSecurity.com: Multiple vulnerabilities have been found in CouchDB, the worst of which could lead to the remote execution of arbitrary shell commands.

Gentoo: GLSA-201711-15: PHPUnit: Remote code execution

Sunday 19th of November 2017 08:47:00 PM
LinuxSecurity.com: A vulnerability was discovered in PHPUnit which may allow an unauthenticated remote attacker to execute arbitrary PHP code. [More...]

Gentoo: GLSA-201711-14: IcedTea: Multiple vulnerabilities

Sunday 19th of November 2017 08:35:00 PM
LinuxSecurity.com: Multiple vulnerabilities have been found in IcedTea, the worst of which may allow execution of arbitrary code.

Gentoo: GLSA-201711-13: Adobe Flash Player: Multiple vulnerabilities

Sunday 19th of November 2017 08:26:00 PM
LinuxSecurity.com: Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code.

Debian: DSA-4042-1: libxml-libxml-perl security update

Sunday 19th of November 2017 10:36:00 AM
LinuxSecurity.com: A use-after-free vulnerability was discovered in XML::LibXML, a Perl interface to the libxml2 library, allowing an attacker to execute arbitrary code by controlling the arguments to a replaceChild() call.

Debian: DSA-4041-1: procmail security update

Sunday 19th of November 2017 08:55:00 AM
LinuxSecurity.com: Jakub Wilk reported a heap-based buffer overflow vulnerability in procmail's formail utility when processing specially-crafted email headers. A remote attacker could use this flaw to cause formail to crash, resulting in a denial of service or data loss.

Fedora 26: qt5-qtwebengine Security Update

Saturday 18th of November 2017 06:46:00 PM
LinuxSecurity.com: An update of QtWebEngine to the security and bugfix release 5.9.2, including: Chromium Snapshot: * Security fixes from Chromium up to version 61.0.3163.79 Including: CVE-2017-5092, CVE-2017-5093, CVE-2017-5095, CVE-2017-5097, CVE-2017-5099, CVE-2017-5102, CVE-2017-5103, CVE-2017-5107, CVE-2017-5112, CVE-2017-5114, CVE-2017-5117 and CVE-2017-5118 * Fixed Skia to to render text

Debian: DSA-4040-1: imagemagick security update

Friday 17th of November 2017 11:51:00 PM
LinuxSecurity.com: This update fixes several vulnerabilities in imagemagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or the execution of arbitrary code if malformed image files are processed.

Fedora 25: firefox Security Update

Friday 17th of November 2017 11:27:00 PM
LinuxSecurity.com: Updated to the latest version - Firefox 57 Please note that this update is incompatible with many recent Firefox add-ons, please see Fedora Magazine article for details: https://fedoramagazine.org/firefox-57-coming-soon-quantum- leap/ ---- Update to Firefox 57 a.k.a. Quantum This update may break your installed extension, please see this Fedora Magazine article for details:

Fedora 27: qt5-qtwebengine Security Update

Friday 17th of November 2017 04:43:00 PM
LinuxSecurity.com: An update of QtWebEngine to the security and bugfix release 5.9.2, including: Chromium Snapshot: * Security fixes from Chromium up to version 61.0.3163.79 Including: CVE-2017-5092, CVE-2017-5093, CVE-2017-5095, CVE-2017-5097, CVE-2017-5099, CVE-2017-5102, CVE-2017-5103, CVE-2017-5107, CVE-2017-5112, CVE-2017-5114, CVE-2017-5117 and CVE-2017-5118 * Fixed Skia to

Fedora 27: knot-resolver Security Update

Friday 17th of November 2017 04:43:00 PM
LinuxSecurity.com: Major update for Knot DNS and Knot Resolver: Knot Resolver 1.5.0 (2017-11-02) Darwin Improvements ------------ - new module ta_signal_query supporting Signaling Trust Anchor Knowledge using Keytag Query (RFC 8145 section 5); it is enabled by default - attempt validation for more records but require it for

Fedora 27: knot Security Update

Friday 17th of November 2017 04:43:00 PM
LinuxSecurity.com: Major update for Knot DNS and Knot Resolver: Knot Resolver 1.5.0 (2017-11-02) Darwin Improvements ------------ - new module ta_signal_query supporting Signaling Trust Anchor Knowledge using Keytag Query (RFC 8145 section 5); it is enabled by default - attempt validation for more records but require it for