Language Selection

English French German Italian Portuguese Spanish

LinuxSecurity.com Advisories

Syndicate content
The central voice for Linux and Open Source security news.
Updated: 9 hours 48 min ago

Fedora 24 libpng-1.6.27-1.fc24

Wednesday 4th of January 2017 04:25:00 PM
LinuxSecurity.com: libpng 1.6.27 release, fixing a potential security issue. For details, seehttps://sourceforge.net/p/png-mng/mailman/message/35575076/

Fedora 24 seamonkey-2.46-1.fc24

Wednesday 4th of January 2017 04:24:00 PM
LinuxSecurity.com: Update to 2.46 Fixes various security issues, seehttp://www.mozilla.org/security/known-vulnerabilities/seamonkey.html for moreinfo. No more includes Chatzilla and DOM Inspector in the package -- installthem yourself now (as usual other addons) from https://addons.mozilla.org

Gentoo: 201701-15 Mozilla Firefox, Thunderbird: Multiple vulnerabilities

Wednesday 4th of January 2017 10:31:00 AM
LinuxSecurity.com: Multiple vulnerabilities have been found in Mozilla Firefox and Thunderbird the worst of which could lead to the execution of arbitrary code.

Red Hat: 2017:0014-01: ghostscript: Moderate Advisory

Wednesday 4th of January 2017 06:17:00 AM
LinuxSecurity.com: An update for ghostscript is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which [More...]

Red Hat: 2017:0013-01: ghostscript: Moderate Advisory

Wednesday 4th of January 2017 06:13:00 AM
LinuxSecurity.com: An update for ghostscript is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which [More...]

Fedora 24 borgbackup-1.0.9-1.fc24

Tuesday 3rd of January 2017 04:27:00 PM
LinuxSecurity.com: upstream version 1.0.9 (BZ#1406277)

Fedora 24 freeipa-4.3.2-4.fc24

Tuesday 3rd of January 2017 04:26:00 PM
LinuxSecurity.com: - Fixes 1395311 - CVE-2016-9575 ipa: Insufficient permission check incertprofile-mod - Fixes 1370493 - CVE-2016-7030 ipa: DoS attack againstkerberized services by abusing password policy ---- - Fixes 1395311 -CVE-2016-9575 ipa: Insufficient permission check in certprofile-mod - Fixes1370493 - CVE-2016-7030 ipa: DoS attack against kerberized services by abusingpassword policy

Fedora 25 borgbackup-1.0.9-1.fc25

Tuesday 3rd of January 2017 03:25:00 PM
LinuxSecurity.com: upstream version 1.0.9 (BZ#1406277)

Red Hat: 2017:0003-01: systemd: Moderate Advisory

Tuesday 3rd of January 2017 02:44:00 PM
LinuxSecurity.com: An update for systemd is now available for Red Hat Enterprise Linux 7.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact [More...]

Red Hat: 2017:0004-01: kernel: Important Advisory

Tuesday 3rd of January 2017 02:40:00 PM
LinuxSecurity.com: An update for kernel is now available for Red Hat Enterprise Linux 7.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact [More...]

Debian: 3750-2: libphp-phpmailer: Summary

Tuesday 3rd of January 2017 01:33:00 PM
LinuxSecurity.com: Security Report Summary

Gentoo: 201701-15 Mozilla Firefox, SeaMonkey, Thunderbird: Multiple

Tuesday 3rd of January 2017 08:02:00 AM
LinuxSecurity.com: Multiple vulnerabilities have been found in Mozilla Firefox, SeaMonkey, and Thunderbird the worst of which could lead to the execution of arbitrary code.

Fedora 25 bzip2-1.0.6-21.fc25

Monday 2nd of January 2017 02:58:00 PM
LinuxSecurity.com: CVE-2016-3189 bzip2: heap use after free in bzip2recover

Fedora 25 seamonkey-2.46-1.fc25

Monday 2nd of January 2017 02:57:00 PM
LinuxSecurity.com: Update to 2.46 Fixes various security issues, seehttp://www.mozilla.org/security/known-vulnerabilities/seamonkey.html for moreinfo. No more includes Chatzilla and DOM Inspector in the package -- installthem yourself now (as usual other addons) from https://addons.mozilla.org

Fedora 25 dovecot-2.2.27-1.fc25

Monday 2nd of January 2017 02:52:00 PM
LinuxSecurity.com: - Fixed crash in auth process when auth-policy was configured and authenticationwas aborted/failed without a username set. - director: If two users haddifferent tags but the same hash, the users may have been redirected to thewrong tag's hosts. - Index files may have been thought incorrectly lost, causing"Missing middle file seq=.." to be logged and index rebuild. This happened moreeasily with IMAP hibernation enabled. - Various fixes to restoring statecorrectly in un-hibernation. - dovecot.index files were commonly 4 bytes peremail too large. This is because 3 bytes per email were being wasted that couldhave been used for IMAP keywords. - Various fixes to handle dovecot.list.indexcorruption better. - lib-fts: Fixed assert-crash in address tokenizer withspecific input. - Fixed assert-crash in HTML to text parsing with specific input(e.g. for FTS indexing or snippet generation) - doveadm sync -1: Fixed handlingmailbox GUID conflicts. - sdbox, mdbox: Perform full index rebuild if corruptionis detected inside lib-index, which runs index fsck. - quota: Don't skip quotachecks when moving mails between different quota roots. - search: Multiplesequence sets or UID sets in search parameters weren't handled correctly. Theywere incorrectly merged together.

Gentoo: 201701-14 LZO: Multiple vulnerabilities

Monday 2nd of January 2017 10:20:00 AM
LinuxSecurity.com: An integer overflow in LZO might allow remote attackers to execute arbitrary code or cause a Denial of Service condition.

Gentoo: 201701-13 HDF5: Multiple vulnerabilities

Monday 2nd of January 2017 09:55:00 AM
LinuxSecurity.com: Multiple vulnerabilities have been found in HDF5 which could lead to the arbitrary execution of code.

Gentoo: 201701-12 memcached: Multiple vulnerabilities

Monday 2nd of January 2017 09:44:00 AM
LinuxSecurity.com: Multiple vulnerabilities have been found in memcached which could lead to the remote execution of arbitrary code.

Gentoo: 201701-11 musl: Integer overflow

Monday 2nd of January 2017 09:37:00 AM
LinuxSecurity.com: An integer overflow in musl might allow an attacker to execute arbitrary code.

Gentoo: 201701-10 libotr, Pidgin OTR: Remote execution of arbitrary code

Monday 2nd of January 2017 09:23:00 AM
LinuxSecurity.com: Multiple vulnerabilities have been found in libotr and Pidgin OTR, allowing remote attackers to execute arbitrary code.

More in Tux Machines

today's howtos

More Games

Graphics in Linux

  • More Radeon & AMDGPU Fixes Line-Up For Linux 4.10
    Alex Deucher has sent in another batch of fixes for the Radeon and AMDGPU DRM drivers for the Linux 4.10 kernel. These fixes include support for a few peculiar Southern Islands graphics processors in AMDGPU and Radeon drivers. The affected SI GPUs now supported are those needing the "si58" memory controller microcode. Unfortunately, haven't been able to find much other details on the particular SI chips affected.
  • Mesa 17.0 Saw Less Code Changes Than Earlier Releases, But More Notable Features
    With Mesa 17.0 up to its release candidates and being under a feature freeze, I explored this morning how the size of the changes for Mesa 17.0 compare to earlier Mesa milestones. Mesa 17.0 ships with many exciting end-user changes such as OpenGL 4.5 for RadeonSI, OpenGL 4.5 for Haswell, many RADV and ANV Vulkan driver improvements, improved OpenGL 4.x Nouveau support, and many other features I'll recap shortly in a Mesa 17.0 feature overview article.
  • The open source Vulkan driver 'radv' for AMD on Linux has patches for geometry shader support
    Dave Airlie sent in a massive patch-set of 31 patches for 'radv', the open source AMD Vulkan driver, to support geometry shaders.

Leftovers: OSS