Language Selection

English French German Italian Portuguese Spanish

LinuxSecurity.com Advisories

Syndicate content
The central voice for Linux and Open Source security news.
Updated: 7 hours 11 min ago

Mandriva: 2015:183: wireshark

13 hours 36 min ago
LinuxSecurity.com: Updated wireshark package fixes security vulnerabilies: The WCP dissector could crash (CVE-2015-2188). The pcapng file parser could crash (CVE-2015-2189). [More...]

Mandriva: 2015:182: tcpdump

14 hours 15 min ago
LinuxSecurity.com: Updated tcpdump package fixes security vulnerabilities: Several vulnerabilities have been discovered in tcpdump. These vulnerabilities might result in denial of service (application crash) or, potentially, execution of arbitrary code (CVE-2015-0261, [More...]

Mandriva: 2015:145-1: libxfont

14 hours 20 min ago
LinuxSecurity.com: Updated libxfont packages fix security vulnerabilities: Ilja van Sprundel discovered that libXfont incorrectly handled font metadata file parsing. A local attacker could use this issue to cause libXfont to crash, or possibly execute arbitrary code in order to [More...]

Mandriva: 2015:147-1: libtiff

14 hours 24 min ago
LinuxSecurity.com: Updated libtiff packages fix security vulnerabilities: The libtiff image decoder library contains several issues that could cause the decoder to crash when reading crafted TIFF images (CVE-2014-8127, CVE-2014-8128, CVE-2014-8129, CVE-2014-8130, [More...]

Mandriva: 2015:181: drupal

14 hours 30 min ago
LinuxSecurity.com: Updated drupal packages fix security vulnerabilities: An information disclosure vulnerability was discovered in Drupal before 7.27. When pages are cached for anonymous users, form state may leak between anonymous users. Sensitive or private information [More...]

Red Hat: 2015:0750-01: postgresql: Moderate Advisory

14 hours 41 min ago
LinuxSecurity.com: Updated postgresql packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security [More...]

Red Hat: 2015:0749-01: libxml2: Moderate Advisory

14 hours 41 min ago
LinuxSecurity.com: Updated libxml2 packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security [More...]

Red Hat: 2015:0751-01: kernel-rt: Important Advisory

14 hours 41 min ago
LinuxSecurity.com: Updated kernel-rt packages that fix two security issues and several bugs are now available for Red Hat Enterprise MRG 2.5. Red Hat Product Security has rated this update as having Important security [More...]

Mandriva: 2015:180: apache-mod_wsgi

Monday 30th of March 2015 05:45:00 AM
LinuxSecurity.com: Updated apache-mod_wsgi package fixes security vulnerabilities: apache-mod_wsgi before 4.2.4 contained an off-by-one error in applying a limit to the number of supplementary groups allowed for a daemon process group. The result could be that if more groups [More...]

Mandriva: 2015:029-1: binutils

Monday 30th of March 2015 05:39:00 AM
LinuxSecurity.com: Multiple vulnerabilities has been found and corrected in binutils: Multiple integer overflows in the (1) _objalloc_alloc function in objalloc.c and (2) objalloc_alloc macro in include/objalloc.h in GNU libiberty, as used by binutils 2.22, allow remote attackers to cause [More...]

Mandriva: 2015:179: coreutils

Monday 30th of March 2015 05:30:00 AM
LinuxSecurity.com: Updated coreutils packages fix security vulnerability: Bertrand Jacquin and Fiedler Roman discovered date and touch incorrectly handled user-supplied input. An attacker could possibly use this to cause a denial of service or potentially execute code [More...]

Mandriva: 2015:178: ctags

Monday 30th of March 2015 05:20:00 AM
LinuxSecurity.com: Updated ctags package fixes security vulnerability: A denial of service issue was discovered in ctags 5.8. A remote attacker could cause excessive CPU usage and disk space consumption via a crafted JavaScript file by triggering an infinite loop [More...]

Mandriva: 2015:077: python-numpy

Friday 27th of March 2015 02:21:00 PM
LinuxSecurity.com: Updated python-numpy packages fix security vulnerabilities: f2py insecurely used a temporary file. A local attacker could use this flaw to perform a symbolic link attack to modify an arbitrary file accessible to the user running f2py (CVE-2014-1858, CVE-2014-1859). [More...]

Mandriva: 2015:076: python3

Friday 27th of March 2015 02:09:00 PM
LinuxSecurity.com: Updated python3 packages fix security vulnerabilities: ZipExtFile.read goes into 100% CPU infinite loop on maliciously binary edited zips (CVE-2013-7338). [More...]

Mandriva: 2015:075: python

Friday 27th of March 2015 01:48:00 PM
LinuxSecurity.com: Updated python packages fix security vulnerabilities: A vulnerability was reported in Python's socket module, due to a boundary error within the sock_recvfrom_into() function, which could be exploited to cause a buffer overflow. This could be used [More...]

Mandriva: 2015:074: openldap

Friday 27th of March 2015 01:21:00 PM
LinuxSecurity.com: A vulnerability has been discovered and corrected in openldap: The deref_parseCtrl function in servers/slapd/overlays/deref.c in OpenLDAP 2.4.13 through 2.4.40 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an empty [More...]

Mandriva: 2015:073: openldap

Friday 27th of March 2015 01:15:00 PM
LinuxSecurity.com: Multiple vulnerabilities has been discovered and corrected in openldap: The deref_parseCtrl function in servers/slapd/overlays/deref.c in OpenLDAP 2.4.13 through 2.4.40 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an empty [More...]

Mandriva: 2015:072: gnutls

Friday 27th of March 2015 01:07:00 PM
LinuxSecurity.com: Updated gnutls packages fix security vulnerabilities: Suman Jana reported a vulnerability that affects the certificate verification functions of gnutls 3.1.x and gnutls 3.2.x. A version 1 intermediate certificate will be considered as a CA certificate [More...]

Mandriva: 2015:071: libpng12

Friday 27th of March 2015 01:00:00 PM
LinuxSecurity.com: Updated libpng12 package fixes security vulnerabilities: The png_do_expand_palette function in libpng before 1.6.8 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a PLTE chunk of zero bytes or a NULL palette, [More...]

Mandriva: 2015:070: libvirt

Friday 27th of March 2015 12:49:00 PM
LinuxSecurity.com: Updated libvirt packages fixes security vulnerabilities: The qemuDomainMigratePerform and qemuDomainMigrateFinish2 functions in qemu/qemu_driver.c in libvirt do not unlock the domain when an ACL check fails, which allow local users to cause a denial of service [More...]

More in Tux Machines

Linux Mint 18 Will Arrive in 2016, Linux Mint 17.2 and LMDE 2 Coming Very Soon

The Linux Mint developers have announced today, March 30, in their monthly newsletter, that the team works hard these days to release the final version of the LMDE (Linux Mint Debian Edition) 2 (codename Betsy), as well as to implement its awesome new features to the upcoming Linux Mint 17.2 update of the current stable distribution of the project, Rebecca. Read more

Cinnamon Developers Working to Improve Loading Times for the Desktop

The Linux Mint developers are also working on the Cinammon desktop environment, so the distribution is not their entire focus. They are now trying to make it load faster and they say they already had some success. Read more

How the current intellectual property landscape impacts open source

Meet Doug Kim. He's a computer engineer-turned-lawyer who chairs the Intellectual Property Practice Group at McNair Law Firm in Columbia, South Carolina. Doug's practice includes patent preparation and prosecution, trademark, service mark preparation and prosecution, and securing copyright registrations in areas that include Geographical Information Systems (GIS), software, books, music, product packaging, and distribution. He has expertise in software, method, and mechanical patents as well as open source licensing. Read more

Black Lab Linux Wants Ubuntu 10.04 Users to Upgrade to Their Professional Desktop

Black Lab Software, the creator of the Black Lab Linux series of computer operating systems based on the world’s most popular Linux distribution, Ubuntu, announced earlier today, March 30, on their Twitter account, that they will offer customers who use Ubuntu 10.04 LTS a fully supported upgrade path to their Professional Desktop edition. Read more