LinuxSecurity.com Advisories

Syndicate content
The central voice for Linux and Open Source security news.
Updated: 1 hour 34 min ago

Mandriva: 2014:070: yaml

Thu, 10/04/2014 - 5:34am
LinuxSecurity.com: Updated yaml packages fix security vulnerabilities: Florian Weimer of the Red Hat Product Security Team discovered a heap-based buffer overflow flaw in LibYAML, a fast YAML 1.1 parser and emitter library. A remote attacker could provide a YAML document [More...]

Mandriva: 2014:069: perl-YAML-LibYAML

Thu, 10/04/2014 - 5:33am
LinuxSecurity.com: Updated perl-YAML-LibYAML packages fix security vulnerabilities: Florian Weimer of the Red Hat Product Security Team discovered a heap-based buffer overflow flaw in LibYAML, a fast YAML 1.1 parser and emitter library. A remote attacker could provide a YAML document [More...]

Debian: 2899-1: openafs: Summary

Wed, 09/04/2014 - 4:00pm
LinuxSecurity.com: Security Report Summary

Mandriva: 2014:068: openssh

Wed, 09/04/2014 - 8:49am
LinuxSecurity.com: Updated openssh packages fixes security vulnerabilities: sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located [More...]

Red Hat: 2014:0380-01: flash-plugin: Critical Advisory

Wed, 09/04/2014 - 5:18am
LinuxSecurity.com: An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having Critical [More...]

Mandriva: 2014:067: openssl

Wed, 09/04/2014 - 3:53am
LinuxSecurity.com: Updated openssl packages fix security vulnerability: The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a [More...]

Debian: 2897-1: tomcat7: Summary

Tue, 08/04/2014 - 2:26pm
LinuxSecurity.com: Security Report Summary

Slackware: 2014-098-01: openssl: Security Update

Tue, 08/04/2014 - 12:28pm
LinuxSecurity.com: New openssl packages are available for Slackware 14.0, 14.1, and -current to fix security issues. [More Info...]

Debian: 2896-2: openssl: Summary

Tue, 08/04/2014 - 9:47am
LinuxSecurity.com: Security Report Summary

Gentoo: 201404-07 OpenSSL: Information Disclosure

Tue, 08/04/2014 - 6:37am
LinuxSecurity.com: Multiple Information Disclosure vulnerabilities in OpenSSL allow remote attackers to obtain sensitive information via various vectors.

Gentoo: 201404-06 Mesa: Multiple vulnerabilities

Tue, 08/04/2014 - 5:28am
LinuxSecurity.com: Multiple vulnerabilities in Mesa could result in execution of arbitrary code or Denial of Service.

Red Hat: 2014:0376-01: openssl: Important Advisory

Mon, 07/04/2014 - 11:32pm
LinuxSecurity.com: Updated openssl packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having [More...]

Ubuntu: 2124-2: OpenJDK 6 regression

Mon, 07/04/2014 - 10:41pm
LinuxSecurity.com: USN-2124-1 introduced a regression in OpenJDK 6.

Ubuntu: 2165-1: OpenSSL vulnerabilities

Mon, 07/04/2014 - 6:04pm
LinuxSecurity.com: OpenSSL could be made to expose sensitive information over the network,possibly including private keys.

Gentoo: 201404-05 OpenAFS: Multiple vulnerabilities

Mon, 07/04/2014 - 5:52pm
LinuxSecurity.com: Multiple vulnerabilities have been found in OpenAFS, worst of which can allow attackers to execute arbitrary code

Debian: 2896-1: openssl: Summary

Mon, 07/04/2014 - 5:37pm
LinuxSecurity.com: Security Report Summary

Gentoo: 201404-04 Crack: Arbitrary code execution

Mon, 07/04/2014 - 4:50pm
LinuxSecurity.com: A vulnerability in Crack might allow remote attackers to execute arbitrary code.

Gentoo: 201404-03 OptiPNG: User-assisted execution of arbitrary code

Mon, 07/04/2014 - 4:33pm
LinuxSecurity.com: A use-after-free error in OptiPNG could result in execution of arbitrary code or Denial of Service.

Ubuntu: 2164-1: OpenSSH vulnerability

Mon, 07/04/2014 - 3:28pm
LinuxSecurity.com: A malicious server could bypass OpenSSH SSHFP DNS record checking.

Ubuntu: 2163-1: PHP vulnerability

Mon, 07/04/2014 - 9:12am
LinuxSecurity.com: PHP could be made to crash if it processed a specially crafted file.