Language Selection

English French German Italian Portuguese Spanish

LinuxSecurity.com Advisories

Syndicate content
The central voice for Linux and Open Source security news.
Updated: 3 hours 56 min ago

Fedora 28: timidity++ Security Update

12 hours 5 min ago
LinuxSecurity.com: - Security fix for [CVE-2017-11546, CVE-2017-11547] - Fix the .desktop files so that opening a .mid file from a GUI filemanager works

Fedora 28: mingw-libtiff Security Update

12 hours 5 min ago
LinuxSecurity.com: http://www.simplesystems.org/libtiff/v4.0.9.html

Fedora 28: cobbler Security Update

12 hours 5 min ago
LinuxSecurity.com: Update to 2.8.3 - Fix security issue

Fedora 27: timidity++ Security Update

12 hours 59 min ago
LinuxSecurity.com: - Security fix for [CVE-2017-11546, CVE-2017-11547] - Fix the .desktop files so that opening a .mid file from a GUI filemanager works

Fedora 27: LibRaw Security Update

12 hours 59 min ago
LinuxSecurity.com: Secunia Advisory SA83507, credits Kasper Leigh Haabb, Secunia Research at Flexera parse_qt: possible integer overflow reject broken/crafted NOKIARAW files Backported 0.19-patch to recover read position if TIFF/EXIF tag is too long

Fedora 27: chromium Security Update

12 hours 59 min ago
LinuxSecurity.com: Update to Chromium 67. Security fix for CVE-2018-6123 CVE-2018-6124 CVE-2018-6125 CVE-2018-6126 CVE-2018-6127 CVE-2018-6128 CVE-2018-6129 CVE-2018-6130 CVE-2018-6131 CVE-2018-6132 CVE-2018-6133 CVE-2018-6134 CVE-2018-6135 CVE-2018-6136 CVE-2018-6137 CVE-2018-6148

Fedora 27: cobbler Security Update

12 hours 59 min ago
LinuxSecurity.com: Update to 2.8.3 - Fix security issue

RedHat: RHSA-2018-1954:01 Important: glusterfs security update

16 hours 21 min ago
LinuxSecurity.com: An update for glusterfs is now available for Native Client for Red Hat Enterprise Linux 7 for Red Hat Storage and Red Hat Gluster Storage 3.3 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact

RedHat: RHSA-2018-1955:01 Important: glusterfs security update

16 hours 23 min ago
LinuxSecurity.com: An update for glusterfs is now available for Native Client for Red Hat Enterprise Linux 6 for Red Hat Storage and Red Hat Gluster Storage 3.3 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact

Debian: DSA-4232-1: xen security update

17 hours 52 min ago
LinuxSecurity.com: This update provides mitigations for the "lazy FPU" vulnerability affecting a range of Intel CPUs, which could result in leaking CPU register states belonging to another vCPU previously scheduled on the same CPU. For additional information please refer to

Fedora 28: kernel Security Update

Wednesday 20th of June 2018 01:57:00 AM
LinuxSecurity.com: The v4.16.16 update contains important fixes across the tree.

Fedora 28: gnupg Security Update

Wednesday 20th of June 2018 01:57:00 AM
LinuxSecurity.com: - New upstream v1.4.23 (#1589802,#1589620,#1589624) - Remove patches included in upstream release - Note that this includes the fix for [CVE-2018-12020]

Fedora 28: mariadb Security Update

Wednesday 20th of June 2018 01:57:00 AM
LinuxSecurity.com: **MariaDB 10.2.15** Release notes: https://mariadb.com/kb/en/library/mariadb-10215-release-notes/ CVEs fixed: CVE-2018-2755 CVE-2018-2761 CVE-2018-2766 CVE-2018-2771 CVE-2018-2781 CVE-2018-2782 CVE-2018-2784 CVE-2018-2787 CVE-2018-2813 CVE-2018-2817 CVE-2018-2819 CVE-2018-2786 CVE-2018-2759 CVE-2018-2777 CVE-2018-2810 New

Fedora 28: nikto Security Update

Wednesday 20th of June 2018 01:55:00 AM
LinuxSecurity.com: Security fix for CVE-2018-11652

Gentoo: GLSA-201806-07: Transmission: Remote code execution

Wednesday 20th of June 2018 12:25:00 AM
LinuxSecurity.com: A vulnerability in Transmission could allow a remote attacker to execute arbitrary RPC commands.

Gentoo: GLSA-201806-06: Chromium, Google Chrome: User-assisted execution of arbitrary code

Wednesday 20th of June 2018 12:24:00 AM
LinuxSecurity.com: A vulnerablity has been found in Chromium and Chrome that could allow a remote attacker to execute arbitrary code.

Gentoo: GLSA-201806-05: cURL: Multiple vulnerabilities

Wednesday 20th of June 2018 12:22:00 AM
LinuxSecurity.com: Multiple vulnerabilities have been found in cURL, the worst of which could result in a Denial of Service condition.

Slackware: 2018-170-01: gnupg Security Update

Tuesday 19th of June 2018 10:39:00 PM
LinuxSecurity.com: New gnupg packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue.

ArchLinux: 201806-11: pass: arbitrary code execution

Tuesday 19th of June 2018 09:18:00 PM
LinuxSecurity.com: The package pass before version 1.7.2-1 is vulnerable to arbitrary code execution.

RedHat: RHSA-2018-1949:01 Moderate: ansible security and bug fix update

Tuesday 19th of June 2018 07:28:00 PM
LinuxSecurity.com: An update for ansible is now available for Red Hat Ansible Engine 2.5 for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

More in Tux Machines

GNOME Desktop: Flatpak and Random Wallpaper Gnome Extension

  • Flatpak in detail, part 2
    The first post in this series looked at runtimes and extensions. Here, we’ll look at how flatpak keeps the applications and runtimes on your system organized, with installations, repositories, branches, commits and deployments.
  • Flatpak – a history
    I’ve been working on Flatpak for almost 4 years now, and 1.0 is getting closer. I think it might be interesting at this point to take a retrospective look at the history of Flatpak.
  • Random Wallpaper Gnome Extension Changes Your Desktop Background With Images From Various Online Sources
    Random Wallpaper is an extension for Gnome Shell that can automatically fetch wallpapers from a multitude of online sources and set it as your desktop background. The automatic wallpaper changer comes with built-in support for downloading wallpapers from unsplash.com, desktopper.co, wallhaven.cc, as well as support for basic JSON APIs or files. The JSON support is in fact my favorite feature in Random Wallpaper. That's because thanks to it and the examples available on the Random Wallpaper GitHub Wiki, one can easily add Chromecast Images, NASA Picture of the day, Bing Picture of the day, and Google Earth View (Google Earth photos from a selection of around 1500 curated locations) as image sources.

today's howtos

KDE: QtPad, Celebrating 10 Years with KDE, GSoC 2018

  • QtPad - Modern Customizable Sticky Note App for Linux
    In this article, we'll focus on how to install and use QtPad on Ubuntu 18.04. Qtpad is a unique and highly customizable sticky note application written in Qt5 and Python3 tailored for Unix systems.
  • Celebrating 10 Years with KDE
    Of course I am using KDE software much longer. My first Linux distribution, SuSE 6.2 (the precursor to openSUSE), came with KDE 1.1.1 and was already released 19 years ago. But this post is not celebrating the years I am using KDE software. Exactly ten years ago, dear Albert committed my first contribution to KDE. A simple patch for a problem that looked obvious to fix, but waiting for someone to actually do the work. Not really understanding the consequences, it marks the start of my journey within the amazing KDE community.
  • GSoC 2018 – Coding Period (May 28th to June 18th): First Evaluation and Progress with LVM VG
    I got some problems during the last weeks of Google Summer of Code which made me deal with some challenges. One of these challenges was caused by a HD physical problem. I haven’t made a backup of some work and had to rework again in some parts of my code. As I already knew how to proceed, it was faster than the first time. I had to understand how the device loading process is made in Calamares to load a preview of the new LVM VG during its creation in Partition Page. I need to list it as a new storage device in this page and deal with the revert process. I’ve implemented some basic fixes and tried to improve it.

Open Hardware: Good for Your Brand, Good for Your Bottom Line

Chip makers are starting to catch on to the advantages of open, however. SiFive has released an entirely open RISC-V development board. Its campaign on the Crowd Supply crowd-funding website very quickly raised more than $140,000 USD. The board itself is hailed as a game-changer in the world of hardware. Developments like these will ensure that it won't be long before the hardware equivalent of LEGO's bricks will soon be as open as the designs built using them. Read more