Language Selection

English French German Italian Portuguese Spanish

LinuxSecurity.com Advisories

Syndicate content LinuxSecurity - Security Advisories
The central voice for Linux and Open Source security news.
Updated: 43 min 17 sec ago

Debian LTS: DLA-1758-1: debian-security-support update

Saturday 20th of April 2019 12:09:00 PM
debian-security-support, the Debian security support coverage checker, has been updated in jessie. The jessie relevant changes are: * Mark spice-xpi as end-of-life for Jessie.

openSUSE: 2019:1250-1: moderate: glibc

Saturday 20th of April 2019 11:08:00 AM
An update that solves one vulnerability and has two fixes is now available.

Debian: DSA-4434-1: drupal7 security update

Saturday 20th of April 2019 08:03:00 AM
A cross-site scripting vulnerability has been found in Drupal, a fully-featured content management framework. For additional information, please refer to the upstream advisory at https://www.drupal.org/sa-core-2019-006 .

Fedora 29: wireshark Security Update

Friday 19th of April 2019 03:09:00 PM
New version 3.0.1 Security fix for CVE-2019-10894, CVE-2019-10895, CVE-2019-10896, CVE-2019-10897, CVE-2019-10898, CVE-2019-10899, CVE-2019-10900, CVE-2019-10901, CVE-2019-10902, CVE-2019-10903

CentOS: CESA-2019-0774: Important CentOS 6 java-1.8.0-openjdk

Friday 19th of April 2019 02:53:00 PM
Upstream details at : https://access.redhat.com/errata/RHSA-2019:0774

CentOS: CESA-2019-0775: Important CentOS 7 java-1.8.0-openjdk

Friday 19th of April 2019 02:51:00 PM
Upstream details at : https://access.redhat.com/errata/RHSA-2019:0775

CentOS: CESA-2019-0778: Moderate CentOS 7 java-11-openjdk

Friday 19th of April 2019 02:39:00 PM
Upstream details at : https://access.redhat.com/errata/RHSA-2019:0778

openSUSE: 2019:1246-1: moderate: blueman

Friday 19th of April 2019 02:09:00 PM
An update that contains security fixes can now be installed.

Fedora 29: osbs-client Security Update

Thursday 18th of April 2019 06:21:00 PM
Fixes for https://bugzilla.redhat.com/show_bug.cgi?id=1697217

Fedora 29: atomic-reactor Security Update

Thursday 18th of April 2019 06:21:00 PM
Fixes for https://bugzilla.redhat.com/show_bug.cgi?id=1694523

Ubuntu 3950-1: ZNC vulnerability

Thursday 18th of April 2019 05:08:00 PM
ZNC could be made to crash or run programs if it received speciallycrafted network traffic.

openSUSE: 2019:1239-1: moderate: libqt5-qtbase

Thursday 18th of April 2019 05:08:00 PM
An update that solves two vulnerabilities and has two fixes is now available.

openSUSE: 2019:1235-1: moderate: xmltooling

Thursday 18th of April 2019 02:14:00 PM
An update that fixes one vulnerability is now available.

SUSE: 2019:0985-1 moderate: php5

Thursday 18th of April 2019 02:11:00 PM
An update that fixes 6 vulnerabilities is now available.

openSUSE: 2019:1236-1: important: wget

Thursday 18th of April 2019 02:10:00 PM
An update that fixes one vulnerability is now available.

openSUSE: 2019:1237-1: moderate: tar

Thursday 18th of April 2019 02:09:00 PM
An update that fixes two vulnerabilities is now available.

SciLinux: Moderate: java-11-openjdk on SL7.x x86_64

Thursday 18th of April 2019 01:19:00 PM
OpenJDK: Slow conversion of BigDecimal to long (Libraries, 8211936) (CVE-2019-2602) * OpenJDK: Incorrect skeleton selection in RMI registry server-side dispatch handling (RMI, 8218453) (CVE-2019-2684) SL7 x86_64 java-11-openjdk-11.0.3.7-0.el7_6.i686.rpm java-11-openjdk-11.0.3.7-0.el7_6.x86_64.rpm java-11-openjdk-debuginfo-11.0.3.7-0.el7_6.i686.rpm java-11-openjdk-debuginfo- [More...]

SciLinux: Important: java-1.8.0-openjdk on SL6.x i386/x86_64

Thursday 18th of April 2019 12:02:00 PM
OpenJDK: Font layout engine out of bounds access setCurrGlyphID() (2D, 8219022) (CVE-2019-2698) * OpenJDK: Slow conversion of BigDecimal to long (Libraries, 8211936) (CVE-2019-2602) * OpenJDK: Incorrect skeleton selection in RMI registry server-side dispatch handling (RMI, 8218453) (CVE-2019-2684) Bug Fix(es): * assert failure in coalesce.cpp: attempted to spill a non-spillable item SL6 [More...]

openSUSE: 2019:1230-1: moderate: lxc

Thursday 18th of April 2019 11:13:00 AM
An update that fixes one vulnerability is now available.

SUSE: 2019:0977-1 xerces-c

Wednesday 17th of April 2019 08:09:00 PM
An update that fixes one vulnerability is now available.

More in Tux Machines

NomadBSD 1.2 released!

We are pleased to announce the release of NomadBSD 1.2! We would like to thank all the testers who sent us feedback and bug reports. Read more

Review: Alpine Linux 3.9.2

Alpine Linux is different in some important ways compared to most other distributions. It uses different libraries, it uses a different service manager (than most), it has different command line tools and a custom installer. All of this can, at first, make Alpine feel a bit unfamiliar, a bit alien. But what I found was that, after a little work had been done to get the system up and running (and after a few missteps on my part) I began to greatly appreciate the distribution. Alpine is unusually small and requires few resources. Even the larger Extended edition I was running required less than 100MB of RAM and less than a gigabyte of disk space after all my services were enabled. I also appreciated that Alpine ships with some security features, like PIE, and does not enable any services it does not need to run. I believe it is fair to say this distribution requires more work to set up. Installing Alpine is not a point-n-click experience, it's more manual and requires a bit of typing. Not as much as setting up Arch Linux, but still more work than average. Setting up services requires a little more work and, in some cases, reading too since Alpine works a little differently than mainstream Linux projects. I repeatedly found it was a good idea to refer to the project's wiki to learn which steps were different on Alpine. What I came away thinking at the end of my trial, and I probably sound old (or at least old fashioned), is Alpine Linux reminds me of what got me into running Linux in the first place, about 20 years ago. Alpine is fast, light, and transparent. It offered very few surprises and does almost nothing automatically. This results in a little more effort on our parts, but it means that Alpine does not do things unless we ask it to perform an action. It is lean, efficient and does not go around changing things or trying to guess what we want to do. These are characteristics I sometimes miss these days in the Linux ecosystem. Read more

today's howtos

Linux v5.1-rc6

It's Easter Sunday here, but I don't let little things like random major religious holidays interrupt my kernel development workflow. The occasional scuba trip? Sure. But everybody sitting around eating traditional foods? No. You have to have priorities. There's only so much memma you can eat even if your wife had to make it from scratch because nobody eats that stuff in the US. Anyway, rc6 is actually larger than I would have liked, which made me go back and look at history, and for some reason that's not all that unusual. We recently had similar rc6 bumps in both 4.18 and 5.0. So I'm not going to worry about it. I think it's just random timing of pull requests, and almost certainly at least partly due to the networking pull request in here (with just over a third of the changes being networking-related, either in drivers or core networking). Read more Also: Linux 5.1-rc6 Kernel Released In Linus Torvalds' Easter Day Message