Language Selection

English French German Italian Portuguese Spanish

LinuxSecurity.com Advisories

Syndicate content
The central voice for Linux and Open Source security news.
Updated: 12 hours 50 min ago

Gentoo: 201612-08 LinuxCIFS utils: Buffer overflow

Sunday 4th of December 2016 06:14:00 AM
LinuxSecurity.com: A vulnerability in LinuxCIFS utils' "cifscreds" PAM module might allow remote attackers to have an unspecified impact via unknown vectors.

Gentoo: 201612-02 DavFS2: Local privilege escalation

Friday 2nd of December 2016 08:35:00 AM
LinuxSecurity.com: A vulnerability in DavFS2 allows local users to gain root privileges.

Gentoo: 201612-01 GnuPG: RNG output is predictable

Friday 2nd of December 2016 04:42:00 AM
LinuxSecurity.com: Due to a design flaw, the output of GnuPG's Random Number Generator (RNG) is predictable.

Fedora 23 mujs-0-6.20161031gita0ceaf5.fc23

Thursday 1st of December 2016 05:24:00 PM
LinuxSecurity.com: Security fix for CVE-2016-7504, CVE-2016-7505, CVE-2016-7506, CVE-2016-9017,CVE-2016-9108, CVE-2016-9109, CVE-2016-9294

Fedora 23 zathura-pdf-mupdf-0.3.0-3.fc23

Thursday 1st of December 2016 05:24:00 PM
LinuxSecurity.com: Security fix for CVE-2016-7504, CVE-2016-7505, CVE-2016-7506, CVE-2016-9017,CVE-2016-9108, CVE-2016-9109, CVE-2016-9294

Fedora 23 moin-1.9.9-1.fc23

Thursday 1st of December 2016 05:23:00 PM
LinuxSecurity.com: Update to 1.9.9 (bugfix release for CVE-2016-7146, CVE-2016-7148)

Red Hat: 2016:2843-01: firefox: Critical Advisory

Thursday 1st of December 2016 02:15:00 PM
LinuxSecurity.com: An update for firefox is now available for Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6, and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact [More...]

Fedora 24 calamares-2.4.4-5.fc24

Thursday 1st of December 2016 01:54:00 PM
LinuxSecurity.com: A security update that fixes Calamares bug CAL-405:https://calamares.io/bugs/browse/CAL-405 When installing with a LUKS-encrypted`/` partition, Calamares was always creating a keyfile to decode `/` and storingit in the initramfs. It did that even with an unencrypted separate `/boot`partition. As a result, the keyfile would be stored in cleartext on the `/boot`partition, and it was possible to unlock the `/` partition without ever enteringa passphrase. This completely defeated the security of LUKS. Please note thatthis only affects manual partitioning. The automatic partitioning never leaves`/boot` unencrypted (and it is, in fact, recommended to also always encrypt`/boot` when doing manual partitioning). This update fixes the `dracutlukscfg`module to not add the keyfile to `install_items` in the `dracut` configuration(so that `dracut` will not include it onto the initramfs) if `/boot` is separateand unencrypted.

Fedora 24 moin-1.9.9-1.fc24

Thursday 1st of December 2016 01:53:00 PM
LinuxSecurity.com: Update to 1.9.9 (bugfix release for CVE-2016-7146, CVE-2016-7148)

Fedora 25 calamares-2.4.4-5.fc25

Thursday 1st of December 2016 11:02:00 AM
LinuxSecurity.com: A security update that fixes Calamares bug CAL-405:https://calamares.io/bugs/browse/CAL-405 When installing with a LUKS-encrypted`/` partition, Calamares was always creating a keyfile to decode `/` and storingit in the initramfs. It did that even with an unencrypted separate `/boot`partition. As a result, the keyfile would be stored in cleartext on the `/boot`partition, and it was possible to unlock the `/` partition without ever enteringa passphrase. This completely defeated the security of LUKS. Please note thatthis only affects manual partitioning. The automatic partitioning never leaves`/boot` unencrypted (and it is, in fact, recommended to also always encrypt`/boot` when doing manual partitioning). This update fixes the `dracutlukscfg`module to not add the keyfile to `install_items` in the `dracut` configuration(so that `dracut` will not include it onto the initramfs) if `/boot` is separateand unencrypted.

Fedora 25 jenkins-1.651.3-2.fc25

Thursday 1st of December 2016 11:00:00 AM
LinuxSecurity.com: Security fix for CVE-2016-9299

Fedora 25 jenkins-remoting-2.62.3-1.fc25

Thursday 1st of December 2016 11:00:00 AM
LinuxSecurity.com: Security fix for CVE-2016-9299

Fedora 25 moin-1.9.9-1.fc25

Thursday 1st of December 2016 10:58:00 AM
LinuxSecurity.com: Update to 1.9.9 (bugfix release for CVE-2016-7146, CVE-2016-7148)

Debian: 3727-1: hdf5: Summary

Wednesday 30th of November 2016 06:40:00 AM
LinuxSecurity.com: Security Report Summary

Fedora 25 p7zip-16.02-2.fc25

Wednesday 30th of November 2016 12:39:00 AM
LinuxSecurity.com: Security fix for CVE-2016-9296

Fedora 25 teeworlds-0.6.4-2.fc25

Wednesday 30th of November 2016 12:35:00 AM
LinuxSecurity.com: Update to 0.6.4

Fedora 25 vagrant-1.8.5-2.fc25

Wednesday 30th of November 2016 12:35:00 AM
LinuxSecurity.com: Fix nfs_cleanup security race and permissions (rhbz#1395040).

Fedora 25 drupal7-7.52-1.fc25

Wednesday 30th of November 2016 12:34:00 AM
LinuxSecurity.com: https://www.drupal.org/SA-CORE-2016-005

Fedora 24 teeworlds-0.6.4-2.fc24

Tuesday 29th of November 2016 10:58:00 PM
LinuxSecurity.com: Update to 0.6.4

Fedora 24 vagrant-1.8.1-5.fc24

Tuesday 29th of November 2016 10:58:00 PM
LinuxSecurity.com: Fix nfs_cleanup security race and permissions (rhbz#1395040).