Language Selection

English French German Italian Portuguese Spanish

LinuxSecurity.com Advisories

Syndicate content
The central voice for Linux and Open Source security news.
Updated: 1 week 6 days ago

Fedora 27: libidn Security Update

Friday 6th of April 2018 03:04:00 PM
LinuxSecurity.com: Update to the latest upstream release, which fixes CVE-2017-14062.

Fedora 27: php Security Update

Friday 6th of April 2018 03:03:00 PM
LinuxSecurity.com: **PHP version 7.1.16** (29 Mar 2018) **Core:** * Fixed bug php#76025 (Segfault while throwing exception in error_handler). (Dmitry, Laruence) * Fixed bug php#76044 ('date: illegal option -- -' in ./configure on FreeBSD). (Anatol) **FPM:** * Fixed bug php#75605 (Dumpable FPM child processes allow bypassing opcache access controls). (Jakub Zelenka) **GD:** * Fixed bug php#73957

Fedora 27: bchunk Security Update

Friday 6th of April 2018 03:03:00 PM
LinuxSecurity.com: - spec cleanup, silent rpmlint - remove upstreamed patches, fixes rhbz #1507577 - update to 1.2.2

Fedora 27: librelp Security Update

Friday 6th of April 2018 03:03:00 PM
LinuxSecurity.com: rebase and fixed CVE-2018-1000140

Fedora 26: nodejs Security Update

Friday 6th of April 2018 02:38:00 PM
LinuxSecurity.com: https://nodejs.org/en/blog/release/v8.11.0/

Fedora 26: php Security Update

Friday 6th of April 2018 02:38:00 PM
LinuxSecurity.com: **PHP version 7.1.16** (29 Mar 2018) **Core:** * Fixed bug php#76025 (Segfault while throwing exception in error_handler). (Dmitry, Laruence) * Fixed bug php#76044 ('date: illegal option -- -' in ./configure on FreeBSD). (Anatol) **FPM:** * Fixed bug php#75605 (Dumpable FPM child processes allow bypassing opcache access controls). (Jakub Zelenka) **GD:** * Fixed bug php#73957

Fedora 26: bchunk Security Update

Friday 6th of April 2018 02:38:00 PM
LinuxSecurity.com: - spec cleanup, silent rpmlint - remove upstreamed patches, fixes rhbz #1507577 - update to 1.2.2

Fedora 26: librelp Security Update

Friday 6th of April 2018 02:37:00 PM
LinuxSecurity.com: rebase && fixed CVE-2018-1000140

SciLinux: Important: thunderbird on SL6.x i386/x86_64

Friday 6th of April 2018 02:04:00 PM
LinuxSecurity.com: This update upgrades Thunderbird to version 52.7.0. * Mozilla: Memory safety bugs fixed in Firefox 59 and Firefox ESR 52.7 (MFSA 2018-07) (CVE-2018-5125) * Mozilla: Memory safety bugs fixed in Firefox ESR 52.7 (MFSA 2018-07) (CVE-2018-5145) * Mozilla: Vorbis audio processing out of bounds write (MFSA 2018-08) (CVE-2018-5146) * Mozilla: Buffer overflow manipulating SVG animatedPathSegList (MF [More...]

SciLinux: Important: thunderbird on SL7.x x86_64

Friday 6th of April 2018 02:04:00 PM
LinuxSecurity.com: This update upgrades Thunderbird to version 52.7.0. * Mozilla: Memory safety bugs fixed in Firefox 59 and Firefox ESR 52.7 (MFSA 2018-07) (CVE-2018-5125) * Mozilla: Memory safety bugs fixed in Firefox ESR 52.7 (MFSA 2018-07) (CVE-2018-5145) * Mozilla: Vorbis audio processing out of bounds write (MFSA 2018-08) (CVE-2018-5146) * Mozilla: Buffer overflow manipulating SVG animatedPathSegList (MF [More...]

Fedora 28: koji Security Update

Friday 6th of April 2018 11:11:00 AM
LinuxSecurity.com: Fixes for CVE-2018-1002150.

Fedora 27: httpd Security Update

Thursday 5th of April 2018 11:59:00 PM
LinuxSecurity.com: This update includes the latest upstream release of the Apache HTTP Server, version 2.4.33. A number of security vulnerabilities are fixed in this release: * *Low*: Possible out of bound read in mod_cache_socache (CVE-2018-1303) * *Low*: Possible out of bound access after failure in reading the HTTP request (CVE-2018-1301) * *Low*: Weak Digest auth nonce generation in mod_auth_digest

Fedora 27: mod_http2 Security Update

Thursday 5th of April 2018 11:58:00 PM
LinuxSecurity.com: This update includes the latest upstream release of mod_http2, version 1.10.16. This includes a security fix (CVE-2018-1302): When an HTTP/2 stream was destroyed after being handled, mod_http2 could have written a NULL pointer potentially to an already freed memory. The memory pools maintained by the server make this vulnerabilty hard to trigger in usual configurations, the

SciLinux: Important: libvorbis on SL6.x i386/x86_64

Thursday 5th of April 2018 09:39:00 PM
LinuxSecurity.com: Mozilla: Vorbis audio processing out of bounds write (MFSA 2018-08) (CVE-2018-5146) SL6 x86_64 libvorbis-1.2.3-5.el6_9.1.i686.rpm libvorbis-1.2.3-5.el6_9.1.x86_64.rpm libvorbis-debuginfo-1.2.3-5.el6_9.1.i686.rpm libvorbis-debuginfo-1.2.3-5.el6_9.1.x86_64.rpm libvorbis-devel-1.2.3-5.el6_9.1.i686.rpm libvorbis-devel-1.2.3-5.el6_9.1.x86_64.rpm i386 libvorbis-1.2.3 [More...]

SUSE: 2018:0879-1: important: apache2

Thursday 5th of April 2018 09:09:00 PM
LinuxSecurity.com: An update that solves 6 vulnerabilities and has one errata is now available.

RedHat: RHSA-2018-0647:01 Important: thunderbird security update

Thursday 5th of April 2018 08:23:00 PM
LinuxSecurity.com: An update for thunderbird is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

Ubuntu 3619-2: Linux kernel (Xenial HWE) vulnerabilities

Thursday 5th of April 2018 08:21:00 PM
LinuxSecurity.com: Several security issues were fixed in the Linux kernel.

RedHat: RHSA-2018-0648:01 Important: thunderbird security update

Thursday 5th of April 2018 08:05:00 PM
LinuxSecurity.com: An update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

RedHat: RHSA-2018-0649:01 Important: libvorbis security update

Thursday 5th of April 2018 08:02:00 PM
LinuxSecurity.com: An update for libvorbis is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

Debian: DSA-4167-1: sharutils security update

Thursday 5th of April 2018 05:02:00 PM
LinuxSecurity.com: A buffer-overflow vulnerability was discovered in Sharutils, a set of utilities handle Shell Archives. An attacker with control on the input of the unshar command, could crash the application or execute arbitrary code in the its context.

More in Tux Machines

Android/ChromeOS/Google Leftovers

Games: SC-Controller 0.4.2, Campo Santo, Last Epoch and More

Android Leftovers

Ryzen 7 2700X CPUFreq Scaling Governor Benchmarks On Ubuntu Linux

With this week's Ryzen 5 2600X + Ryzen 7 2700X benchmarks some thought the CPUFreq scaling driver or rather its governors may have been limiting the performance of these Zen+ CPUs, so I ran some additional benchmarks this weekend. Those launch-day Ryzen 5 2600X / Ryzen 7 2700X Ubuntu Linux benchmarks were using the "performance" governor, but some have alleged that the performance governor may now actually hurt AMD systems... Ondemand, of course, is the default CPUFreq governor on Ubuntu and most other Linux distributions. Some also have said the "schedutil" governor that makes use of the kernel's scheduler utilization data may do better on AMD. So I ran some extra benchmarks while changing between CPUFreq's ondemand (default), performance (normally the best for performance, and what was used in our CPU tests), schedutil (the newest option), and powersave (if you really just care about conserving power). Read more