Language Selection

English French German Italian Portuguese Spanish

LinuxSecurity.com Advisories

Syndicate content
The central voice for Linux and Open Source security news.
Updated: 8 hours 59 min ago

Gentoo: GLSA-201802-06: LibreOffice: Information disclosure

Tuesday 20th of February 2018 01:55:00 AM
LinuxSecurity.com: A vulnerability in LibreOffice might allow remote attackers to read arbitrary files.

Gentoo: GLSA-201802-05: Ruby: Command injection

Tuesday 20th of February 2018 01:55:00 AM
LinuxSecurity.com: A vulnerability has been found in Ruby which may allow for arbitrary command execution.

Gentoo: GLSA-201802-04: MySQL: Multiple vulnerabilities

Tuesday 20th of February 2018 01:54:00 AM
LinuxSecurity.com: Multiple vulnerabilities were found in MySQL, the worst of which may allow remote execution of arbitrary code.

Gentoo: GLSA-201802-03: Mozilla Firefox: Multiple vulnerabilities

Tuesday 20th of February 2018 01:54:00 AM
LinuxSecurity.com: Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code.

SUSE: 2018:0482-1: important: the Linux Kernel

Tuesday 20th of February 2018 12:08:00 AM
LinuxSecurity.com: An update that solves 9 vulnerabilities and has 44 fixes is now available.

Gentoo: GLSA-201802-02: Chromium, Google Chrome: Multiple vulnerabilities

Monday 19th of February 2018 11:20:00 PM
LinuxSecurity.com: Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the execution of arbitrary code.

Debian: DSA-4119-1: libav security update

Monday 19th of February 2018 10:44:00 PM
LinuxSecurity.com: Several security issues have been corrected in multiple demuxers and decoders of the libav multimedia library. A full list of the changes is available at https://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v11.12

Ubuntu 3574-1: Bind vulnerability

Monday 19th of February 2018 08:21:00 PM
LinuxSecurity.com: Bind could be made to crash if it received specially crafted network traffic.

openSUSE: 2018:0473-1: important: quagga

Monday 19th of February 2018 03:13:00 PM
LinuxSecurity.com: An update that fixes 5 vulnerabilities is now available.

SUSE: 2018:0472-1: important: xen

Monday 19th of February 2018 03:11:00 PM
LinuxSecurity.com: An update that solves 10 vulnerabilities and has two fixes is now available.

openSUSE: 2018:0468-1: important: exim

Monday 19th of February 2018 12:08:00 PM
LinuxSecurity.com: An update that fixes one vulnerability is now available.

Fedora 26: p7zip Security Update

Saturday 17th of February 2018 10:17:00 PM
LinuxSecurity.com: Improve security patch

Debian: DSA-4117-1: gcc-4.9 security update

Saturday 17th of February 2018 02:36:00 PM
LinuxSecurity.com: This update doesn't fix a vulnerability in GCC itself, but instead provides support for building retpoline-enabled Linux kernel updates. For the oldstable distribution (jessie), this problem has been fixed

Debian: DSA-4118-1: tomcat-native security update

Saturday 17th of February 2018 01:58:00 PM
LinuxSecurity.com: Jonas Klempel reported that tomcat-native, a library giving Tomcat access to the Apache Portable Runtime (APR) library's network connection (socket) implementation and random-number generator, does not properly handle fields longer than 127 bytes when parsing the AIA-Extension field

Debian LTS: DLA-1286-1: quagga security update

Friday 16th of February 2018 11:32:00 PM
LinuxSecurity.com: Several vulnerabilities have been discovered in Quagga, a routing daemon. The Common Vulnerabilities and Exposures project identifies the following issues:

Debian: DSA-4116-1: plasma-workspace security update

Friday 16th of February 2018 09:46:00 PM
LinuxSecurity.com: Krzysztof Sieluzycki discovered that the notifier for removable devices in the KDE Plasma workspace performed insufficient sanitisation of FAT/VFAT volume labels, which could result in the execution of arbitrary shell commands if a removable device with a malformed disk label is

Debian LTS: DLA-1285-1: bind9 security update

Friday 16th of February 2018 09:33:00 PM
LinuxSecurity.com: BIND, a DNS server implementation, was found to be vulnerable to a denial of service flaw was found in the handling of DNSSEC validation. A remote attacker could use this flaw to make named exit unexpectedly with an

ArchLinux: 201802-8: irssi: multiple issues

Friday 16th of February 2018 06:39:00 PM
LinuxSecurity.com: The package irssi before version 1.1.1-1 is vulnerable to multiple issues including arbitrary code execution, information disclosure and denial of service.

SUSE: 2018:0464-1: important: p7zip

Friday 16th of February 2018 06:08:00 PM
LinuxSecurity.com: An update that solves three vulnerabilities and has one errata is now available.

openSUSE: 2018:0459-1: important: xen

Friday 16th of February 2018 12:12:00 PM
LinuxSecurity.com: An update that solves 10 vulnerabilities and has three fixes is now available.