Language Selection

English French German Italian Portuguese Spanish

LinuxSecurity.com Advisories

Syndicate content
The central voice for Linux and Open Source security news.
Updated: 9 hours 45 min ago

Gentoo: 201702-04 GnuTLS: Multiple vulnerabilities

Friday 10th of February 2017 06:12:00 PM
LinuxSecurity.com: Multiple vulnerabilities have been found in GnuTLS, the worst of which may allow execution of arbitrary code.

Fedora 24 iio-sensor-proxy-2.1-1.fc24

Friday 10th of February 2017 09:58:00 AM
LinuxSecurity.com: Update to 2.1

Fedora 24 java-1.8.0-openjdk-aarch32-1.8.0.112-3.161109.fc24

Friday 10th of February 2017 09:52:00 AM
LinuxSecurity.com: January 2017 security fixes - http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA

Fedora 25 gtk-vnc-0.7.0-1.fc25

Friday 10th of February 2017 09:45:00 AM
LinuxSecurity.com: Security fix for CVE-2017-5884, CVE-2017-5885

Fedora 25 libwmf-0.2.8.4-50.fc25

Friday 10th of February 2017 09:43:00 AM
LinuxSecurity.com: * various security relevant flaws

Fedora 25 java-1.8.0-openjdk-aarch32-1.8.0.112-3.161109.fc25

Friday 10th of February 2017 09:32:00 AM
LinuxSecurity.com: January 2017 security fixes - http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA

Ubuntu: 3190-2: Linux kernel (Raspberry Pi 2) vulnerabilities

Thursday 9th of February 2017 07:57:00 PM
LinuxSecurity.com: Several security issues were fixed in the kernel.

Debian: 3785-1: jasper: Summary

Thursday 9th of February 2017 05:39:00 PM
LinuxSecurity.com: Security Report Summary

Fedora 24 openssl-1.0.2k-1.fc24

Thursday 9th of February 2017 04:10:00 PM
LinuxSecurity.com: Minor upstream release fixing CVE-2016-8610, CVE-2017-3731, CVE-2017-3732.

Fedora 24 mariadb-10.1.21-1.fc24

Thursday 9th of February 2017 04:09:00 PM
LinuxSecurity.com: Important change: * most of the utilities were move to the new sub-package"server-utils" Other enhancements: (see changelog) * CVE fixes, SPECfilefixes, patches revision, tests blacklist revisions * Preparation and testing ofthe Cracklib plugin to be added

Fedora 24 spice-0.12.8-2.fc24

Thursday 9th of February 2017 04:01:00 PM
LinuxSecurity.com: Add upstream patches fixing CVE-2016-9577 and CVE-2016-9578

Fedora 24 gnome-boxes-3.20.4-1.fc24

Thursday 9th of February 2017 04:00:00 PM
LinuxSecurity.com: gnome-boxes 3.20.4 release, fixing a possible security issue with storing theexpress installation password in clear text. - Store the user password in thekeyring during an express installation. - Fix typo in debug string. - Fix printfformat strings.

Fedora 24 viewvc-1.1.26-1.fc24

Thursday 9th of February 2017 03:56:00 PM
LinuxSecurity.com: Version 1.1.26 (released 24-Jan-2017) * security fix: escape nav_data name toavoid XSS attack Version 1.1.25 (released 15-Sep-2016) * fix _rev2optrevassertion on long input

Debian: 3784-1: viewvc: Summary

Thursday 9th of February 2017 09:13:00 AM
LinuxSecurity.com: Security Report Summary

Red Hat: 2017:0263-01: java-1.8.0-ibm: Critical Advisory

Thursday 9th of February 2017 07:58:00 AM
LinuxSecurity.com: An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 6 Supplementary and Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact [More...]

Ubuntu: 3194-1: OpenJDK 7 vulnerabilities

Thursday 9th of February 2017 03:17:00 AM
LinuxSecurity.com: Several security issues were fixed in OpenJDK 7.

Fedora 25 redis-3.2.7-1.fc25

Wednesday 8th of February 2017 11:31:00 PM
LinuxSecurity.com: Upstream 3.2.7 (important security fix)

Fedora 25 viewvc-1.1.26-1.fc25

Wednesday 8th of February 2017 11:31:00 PM
LinuxSecurity.com: Version 1.1.26 (released 24-Jan-2017) * security fix: escape nav_data name toavoid XSS attack Version 1.1.25 (released 15-Sep-2016) * fix _rev2optrevassertion on long input

Fedora 25 bitlbee-3.5.1-1.fc25

Wednesday 8th of February 2017 11:28:00 PM
LinuxSecurity.com: BitlBee 3.5.1 (30 Jan 2017) =========================== - purple: Fix crash onfile transfer requests from unknown contacts. This was the result of anincomplete fix in the previous release and may result in remote DoS. Read thefull security advisory at: https://bugs.bitlbee.org/ticket/1282 - After someinvestigation we decided to reclassify a crash fix from the previous release asa security issue. Read the full security advisory at:https://bugs.bitlbee.org/ticket/1281 - Included help.txt in the release tarball,which was missing in the previous release and resulted in adding python as abuild dependency. The release tarball of 3.5.1 does not require python.

Fedora 25 mariadb-10.1.21-1.fc25

Wednesday 8th of February 2017 11:28:00 PM
LinuxSecurity.com: Important change: * Most of the utilities were move to the new sub-package"server-utils" Other enhancements: (see changelog) * CVE fixes, SPECfilefixes, patches revision, tests blacklist revisions * Preparation and testing ofthe Cracklib plugin to be added

More in Tux Machines

Android Leftovers

Linux Devices

  • How does the PocketCHIP compare to the Raspberry Pi?
    When the Raspberry Pi hit the tech scene, it made a huge impact. It wasn't the first tiny computer, by any means—the Chumby, the PogoPlug, and other hackable systems on chips preceded it—but there hadn't been anything quite so intentionally open and affordable as the Pi. You didn't have to hack the Pi, you just put an OS on an SD card, booted, and you were running an open source computer. The computer you were running only used a dozen watts of power, and it wasn't encased in a bulky plastic body that would end up in the landfill when you decided to upgrade.
  • LibreELEC 8.0.0 Officially Released for Raspberry Pi SBCs with Kodi 17 "Krypton"
    The development team behind the open-source LibreELEC operating system for Raspberry Pi and other embedded devices proudly announced today, February 22, 2017, the release and general availability of LibreELEC 8.0.0. Dubbed Krypton, LibreELEC 8.0.0 has been in development since early October last year, during which it received over 200 nightly builds, no less than ten official Alpha versions, and a total of three Beta releases. It's built around the recently released Kodi 17 "Krypton" open-source media center, so you'll enjoy all of its cool new features.
  • Tiny, rugged, fanless mini-PC runs Linux on quad-core Bay Trail
    ADL Embedded Solutions unveiled a tiny rugged mini-PC with quad- or dual-core Atom E3800 SoCs, HD video, 2x GbE, wide DC input, and -40 to 70°C temps. A couple of months ago, San Diego-based ADL Embedded Solutions unveiled a compact ADLE3800SEC single-board computer, featuring quad- and dual-core Atom E3800 processors and based on a new, 75 x 75mm “Edge-Connect” SBC form-factor. Now, the company has built a rugged, 86 x 81 x 33mm “ADLEPC-1500” mini-PC around it.
  • Understanding the Second Phone: That is Now Almost Always Also a Smartphone
    As I am finishing the new TomiAhonen Almanac 2017 edition, as always when looking at the data, I am noticing patterns. Ones that catch my eye are the exceptions. Where a given trend line does not conform to the overall industry growth curves. The 'second phone' fits this pattern. It is 'bucking the trend'. I have been reporting on second phones on this blog and in my books for ages and I have been asking for industry analysts to go measure their count. This is still a murky area for which very little data exists but we can estimate its size reasonably well if we take the total population of phones in use, and subtract the number of mobile phone owners who report having at least one active mobile phone and account. So the current numbers fresh from the TomiAhonen Almanac 2017, tell us that the world has 5.15 Billion unique mobile phone users (owners) - this is a number that increasingly is now also reported by others like Ericsson, Cisco and the GSM Association; and I did the comparison of this data point earlier this week to see how valid it is. (It is very valid).
  • FLOSS Weekly 422: Arduino Update

Ubuntu Leftovers: Augmented Reality Helmets With Ubuntu, Ubuntu 17.10 Plans

  • [VIDEO] Mortenson Talks about How Daqri Smart Helmet Puts BIM Advantages on the Job [Ed: Ubuntu-based]
    Los Angeles-based AR specialist Daqri appears to have made a next-gen breakthrough with the latest version of its Smart Helmet, which was joined earlier this month by a new sister product, Smart Glasses. Daqri unveiled the latter device in Las Vegas at the annual Consumer Electronics Show, which this year featured a raft of new AR products from several manufacturers. Architects are among the market targets for the lightweight Smart Glasses.
  • Skanska UK to test Daqri augmented reality-enabled hard hats
  • Ubuntu-Powered Robots and Augmented Reality Helmets to Be Showcased at MWC 2017
    As expected, Canonical will be present once again at the MWC (Mobile World Congress) event this year, where the company behind the popular Ubuntu Linux operating system will showcase its latest innovations. MWC 2017 is taking place first thing next week, between February 27 and March 2, and we've been informed earlier by Canonical that they are currently finalizing arrangements for their presence at the world's largest gathering for the mobile industry, at stand 3k31 in Hall P3.
  • Ubuntu 17.10 to Ship with Nautilus 3.24 File Manager, without Type-Ahead Search
    Ubuntu GNOME's Jeremy Bicha is announcing today that the soon-to-be-released Nautilus 3.24 file manager will be implemented in the Ubuntu 17.10 operating system, whose development will start in late April this year. It's a known fact that Ubuntu is always shipping with an older Nautilus version because Canonical always includes some patches to offer certain functionality to users. And it looks like these patches need to be updated every time a new Nautilus version is out, though some of them have failed to work do to the file manager's constant refactoring.

Qt 5.9 Alpha Released

I am happy to inform you that Qt 5.9 Alpha has been released today. Qt 5.9 Alpha is an important milestone on our way to the final Qt 5.9.0 release, which is targeted to be released by the end of May 2017. The Alpha release is available only as source packages. Binary installers will be available via the online installer in conjunction with the Beta release as well as development snapshots during the coming weeks. Read more