Language Selection

English French German Italian Portuguese Spanish

LinuxSecurity.com Advisories

Syndicate content
The central voice for Linux and Open Source security news.
Updated: 1 day 7 hours ago

Gentoo: GLSA-201802-06: LibreOffice: Information disclosure

Tuesday 20th of February 2018 01:55:00 AM
LinuxSecurity.com: A vulnerability in LibreOffice might allow remote attackers to read arbitrary files.

Gentoo: GLSA-201802-05: Ruby: Command injection

Tuesday 20th of February 2018 01:55:00 AM
LinuxSecurity.com: A vulnerability has been found in Ruby which may allow for arbitrary command execution.

Gentoo: GLSA-201802-04: MySQL: Multiple vulnerabilities

Tuesday 20th of February 2018 01:54:00 AM
LinuxSecurity.com: Multiple vulnerabilities were found in MySQL, the worst of which may allow remote execution of arbitrary code.

Gentoo: GLSA-201802-03: Mozilla Firefox: Multiple vulnerabilities

Tuesday 20th of February 2018 01:54:00 AM
LinuxSecurity.com: Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code.

SUSE: 2018:0482-1: important: the Linux Kernel

Tuesday 20th of February 2018 12:08:00 AM
LinuxSecurity.com: An update that solves 9 vulnerabilities and has 44 fixes is now available.

Gentoo: GLSA-201802-02: Chromium, Google Chrome: Multiple vulnerabilities

Monday 19th of February 2018 11:20:00 PM
LinuxSecurity.com: Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the execution of arbitrary code.

Debian: DSA-4119-1: libav security update

Monday 19th of February 2018 10:44:00 PM
LinuxSecurity.com: Several security issues have been corrected in multiple demuxers and decoders of the libav multimedia library. A full list of the changes is available at https://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v11.12

Ubuntu 3574-1: Bind vulnerability

Monday 19th of February 2018 08:21:00 PM
LinuxSecurity.com: Bind could be made to crash if it received specially crafted network traffic.

openSUSE: 2018:0473-1: important: quagga

Monday 19th of February 2018 03:13:00 PM
LinuxSecurity.com: An update that fixes 5 vulnerabilities is now available.

SUSE: 2018:0472-1: important: xen

Monday 19th of February 2018 03:11:00 PM
LinuxSecurity.com: An update that solves 10 vulnerabilities and has two fixes is now available.

openSUSE: 2018:0468-1: important: exim

Monday 19th of February 2018 12:08:00 PM
LinuxSecurity.com: An update that fixes one vulnerability is now available.

Fedora 26: p7zip Security Update

Saturday 17th of February 2018 10:17:00 PM
LinuxSecurity.com: Improve security patch

Debian: DSA-4117-1: gcc-4.9 security update

Saturday 17th of February 2018 02:36:00 PM
LinuxSecurity.com: This update doesn't fix a vulnerability in GCC itself, but instead provides support for building retpoline-enabled Linux kernel updates. For the oldstable distribution (jessie), this problem has been fixed

Debian: DSA-4118-1: tomcat-native security update

Saturday 17th of February 2018 01:58:00 PM
LinuxSecurity.com: Jonas Klempel reported that tomcat-native, a library giving Tomcat access to the Apache Portable Runtime (APR) library's network connection (socket) implementation and random-number generator, does not properly handle fields longer than 127 bytes when parsing the AIA-Extension field

Debian LTS: DLA-1286-1: quagga security update

Friday 16th of February 2018 11:32:00 PM
LinuxSecurity.com: Several vulnerabilities have been discovered in Quagga, a routing daemon. The Common Vulnerabilities and Exposures project identifies the following issues:

Debian: DSA-4116-1: plasma-workspace security update

Friday 16th of February 2018 09:46:00 PM
LinuxSecurity.com: Krzysztof Sieluzycki discovered that the notifier for removable devices in the KDE Plasma workspace performed insufficient sanitisation of FAT/VFAT volume labels, which could result in the execution of arbitrary shell commands if a removable device with a malformed disk label is

Debian LTS: DLA-1285-1: bind9 security update

Friday 16th of February 2018 09:33:00 PM
LinuxSecurity.com: BIND, a DNS server implementation, was found to be vulnerable to a denial of service flaw was found in the handling of DNSSEC validation. A remote attacker could use this flaw to make named exit unexpectedly with an

ArchLinux: 201802-8: irssi: multiple issues

Friday 16th of February 2018 06:39:00 PM
LinuxSecurity.com: The package irssi before version 1.1.1-1 is vulnerable to multiple issues including arbitrary code execution, information disclosure and denial of service.

SUSE: 2018:0464-1: important: p7zip

Friday 16th of February 2018 06:08:00 PM
LinuxSecurity.com: An update that solves three vulnerabilities and has one errata is now available.

openSUSE: 2018:0459-1: important: xen

Friday 16th of February 2018 12:12:00 PM
LinuxSecurity.com: An update that solves 10 vulnerabilities and has three fixes is now available.

More in Tux Machines

Android Leftovers

GNOME Shell vs. KDE Plasma Graphics Tests On Wayland vs. X.Org Server

A premium member this week had requested some benchmarks of openSUSE Tumbleweed when looking at the performance of KDE Plasma vs. GNOME Shell in some open-source graphics/gaming tests while also looking at the Wayland vs. X.Org Server performance. With KDE Plasma 5.12 that openSUSE Tumbleweed has picked up, there is much better Wayland session support compared to previous releases. While KDE developers aren't yet ready to declare their Wayland session the default, in my experience so far it's been working out very well but still routinely will find application crashes in Kate and the like when testing under the KWin's Wayland compositor. Read more

Stable kernels 4.15.6, 4.14.22, 4.9.84, 4.4.118 and 3.18.96

Android Leftovers