Language Selection

English French German Italian Portuguese Spanish

LinuxSecurity.com Advisories

Syndicate content
The central voice for Linux and Open Source security news.
Updated: 10 hours 16 min ago

Fedora 25 kdelibs3-3.5.10-84.fc25

Sunday 12th of March 2017 06:01:00 PM
LinuxSecurity.com: This kdelibs3 (KDE 3 compatibility libraries) update fixes the security issues:* CVE-2016-6232 (karchive): Extraction of tar files possible to arbitrary systemlocations * CVE-2017-6410 (kio): Information Leak when accessing https whenusing a malicious PAC file for the KDE 3 compatibility libraries. (Securityupdates for KDE Frameworks 5 (kf5-karchive resp. kf5-kio) and for the KDE 4compatibility libraries (kdelibs 4) have already been submitted.) In addition,the KDE 3 compatibility version of KCrash was modified to use the DrKonqi fromPlasma 5 rather than from kde-runtime 4. (The original KDE 3 DrKonqi was alreadydropped years ago.) The kde-runtime 4 DrKonqi is not installed by default andwill be removed entirely in future Fedora versions, the Plasma 5 version ofDrKonqi can also be used for legacy applications.

Fedora 25 freeipa-4.4.3-2.fc25

Wednesday 8th of March 2017 09:21:00 AM
LinuxSecurity.com: Fixed CVE 2017-2590: freeipa: ipa: Insufficient permission check for ca-del, ca-disable and ca-enable commands [fedora-all]

Fedora 25 drupal7-metatag-1.21-1.fc25

Wednesday 8th of March 2017 09:19:00 AM
LinuxSecurity.com: * [7.x-1.21](https://www.drupal.org/project/metatag/releases/7.x-1.21) *[Moderately Critical - Information disclosure - SA-CONTRIB-2017-019](https://www.drupal.org/node/2852937)

Fedora 25 suricata-3.2.1-1.fc25

Wednesday 8th of March 2017 09:17:00 AM
LinuxSecurity.com: This is a new upstream feature and security release. Improvements include:bypass; pre-filter -- fast packet keywords; TLS improvements; ICS protocoladditions: DNP3 CIP/ENIP; SHA1/SHA256 for file matching, logging & extraction;NIC offloading disabled by default; unix socket enabled by default; and AppLayer stats. Documentation: http://suricata.readthedocs.io/en/suricata-3.2/

Fedora 25 mingw-gtk-vnc-0.7.0-1.fc25

Wednesday 8th of March 2017 09:17:00 AM
LinuxSecurity.com: Security fix for CVE-2017-5884, CVE-2017-5885

Red Hat: 2017:0462-01: java-1.8.0-ibm: Moderate Advisory

Wednesday 8th of March 2017 08:51:00 AM
LinuxSecurity.com: An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 6 Supplementary and Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact [More...]

Fedora 24 drupal7-metatag-1.21-1.fc24

Wednesday 8th of March 2017 08:46:00 AM
LinuxSecurity.com: * [7.x-1.21](https://www.drupal.org/project/metatag/releases/7.x-1.21) *[Moderately Critical - Information disclosure - SA-CONTRIB-2017-019](https://www.drupal.org/node/2852937)

Fedora 24 cacti-1.0.4-1.fc24

Wednesday 8th of March 2017 08:45:00 AM
LinuxSecurity.com: - Update to 1.0.4 Release notes: http://www.cacti.net/release_notes_1_0_0.phphttp://www.cacti.net/release_notes_1_0_1.phphttp://www.cacti.net/release_notes_1_0_2.phphttp://www.cacti.net/release_notes_1_0_3.phphttp://www.cacti.net/release_notes_1_0_4.php

Fedora 24 xen-4.6.4-8.fc24

Wednesday 8th of March 2017 08:45:00 AM
LinuxSecurity.com: cirrus_bitblt_cputovideo does not check if memory region is safe [XSA-209,CVE-2017-2620] (#1425420)

Fedora 24 suricata-3.2.1-1.fc24

Wednesday 8th of March 2017 08:41:00 AM
LinuxSecurity.com: This is a new upstream feature and security release. Improvements include:bypass; pre-filter -- fast packet keywords; TLS improvements; ICS protocoladditions: DNP3 CIP/ENIP; SHA1/SHA256 for file matching, logging & extraction;NIC offloading disabled by default; unix socket enabled by default; and AppLayer stats. Documentation: http://suricata.readthedocs.io/en/suricata-3.2/

Fedora 24 mingw-gtk-vnc-0.7.0-1.fc24

Wednesday 8th of March 2017 08:41:00 AM
LinuxSecurity.com: Security fix for CVE-2017-5884, CVE-2017-5885

Debian: 3803-1: texlive-base: Summary

Wednesday 8th of March 2017 03:41:00 AM
LinuxSecurity.com: Security Report Summary

Slackware: 2017-066-02: mozilla-thunderbird: Security Update

Wednesday 8th of March 2017 01:38:00 AM
LinuxSecurity.com: New mozilla-thunderbird packages are available for Slackware 14.1, 14.2, and -current to fix security issues. [More Info...]

Fedora 25 mupdf-1.10a-4.fc25

Tuesday 7th of March 2017 08:32:00 AM
LinuxSecurity.com: Security fix for CVE-2017-6060 CVE-2017-5896 ---- Add comment with explanationof disabled debuginfo

Fedora 25 cacti-1.0.4-1.fc25

Tuesday 7th of March 2017 08:24:00 AM
LinuxSecurity.com: - Update to 1.0.4 Release notes: http://www.cacti.net/release_notes_1_0_0.phphttp://www.cacti.net/release_notes_1_0_1.phphttp://www.cacti.net/release_notes_1_0_2.phphttp://www.cacti.net/release_notes_1_0_3.phphttp://www.cacti.net/release_notes_1_0_4.php

Fedora 25 canl-c-2.1.8-1.fc25

Monday 6th of March 2017 07:54:00 PM
LinuxSecurity.com: Security fix in CA certificate chain verification (better check untrusted CAcertificates from peer, more strict error handling).

Red Hat: 2017:0448-01: ansible and openshift-ansible: Important Advisory

Monday 6th of March 2017 12:12:00 PM
LinuxSecurity.com: An update for ansible and openshift-ansible is now available for Red Hat OpenShift Container Platform 3.2, Red Hat OpenShift Container Platform 3.3, and Red Hat OpenShift Container Platform 3.4. [More...]

Debian: 3802-1: zabbix: Summary

Sunday 5th of March 2017 04:32:00 PM
LinuxSecurity.com: Security Report Summary

Fedora 24 bind99-9.9.9-4.P6.fc24

Sunday 5th of March 2017 04:14:00 PM
LinuxSecurity.com: Security fix for CVE-2017-3135 (unaffected), fixes regression made byCVE-2016-8864

Fedora 24 libICE-1.0.9-8.fc24

Sunday 5th of March 2017 04:12:00 PM
LinuxSecurity.com: Security fix for CVE-2017-2626

More in Tux Machines

Security Leftovers

  • Someone is putting lots of work into hacking Github developers [Ed: Dan Goodin doesn't know that everything is under attack and cracking attempts just about all the time?]
    Open-source developers who use Github are in the cross-hairs of advanced malware that has steal passwords, download sensitive files, take screenshots, and self-destruct when necessary.
  • Security Orchestration and Incident Response
    Technology continues to advance, and this is all a changing target. Eventually, computers will become intelligent enough to replace people at real-time incident response. My guess, though, is that computers are not going to get there by collecting enough data to be certain. More likely, they'll develop the ability to exhibit understanding and operate in a world of uncertainty. That's a much harder goal. Yes, today, this is all science fiction. But it's not stupid science fiction, and it might become reality during the lifetimes of our children. Until then, we need people in the loop. Orchestration is a way to achieve that.

Leftover: Development (Linux)

  • Swan: Better Linux on Windows
    If you are a Linux user that has to use Windows — or even a Windows user that needs some Linux support — Cygwin has long been a great tool for getting things done. It provides a nearly complete Linux toolset. It also provides almost the entire Linux API, so that anything it doesn’t supply can probably be built from source. You can even write code on Windows, compile and test it and (usually) port it over to Linux painlessly.
  • Lint for Shell Scripters
    It used to be one of the joys of writing embedded software was never having to deploy shell scripts. But now with platforms like the Raspberry Pi becoming very common, Linux shell scripts can be a big part of a system–even the whole system, in some cases. How do you know your shell script is error-free before you deploy it? Of course, nothing can catch all errors, but you might try ShellCheck.
  • Android: Enabling mainline graphics
    Android uses the HWC API to communicate with graphics hardware. This API is not supported on the mainline Linux graphics stack, but by using drm_hwcomposer as a shim it now is. The HWC (Hardware Composer) API is used by SurfaceFlinger for compositing layers to the screen. The HWC abstracts objects such as overlays and 2D blitters and helps offload some work that would normally be done with OpenGL. SurfaceFlinger on the other hand accepts buffers from multiple sources, composites them, and sends them to the display.
  • Collabora's Devs Make Android's HWC API Work in Mainline Linux Graphics Stack
    Collabora's Mark Filion informs Softpedia today about the latest work done by various Collabora developers in collaboration with Google's ChromeOS team to enable mainline graphics on Android. The latest blog post published by Collabora's Robert Foss reveals the fact that both team managed to develop a shim called drm_hwcomposer, which should enable Android's HWC (Hardware Composer) API to communicate with the graphics hardware, including Android 7.0's version 2 HWC API.

today's howtos

Reports From and About Cloud Native Computing Foundation (CNCF)