Language Selection

English French German Italian Portuguese Spanish

LinuxSecurity.com Advisories

Syndicate content
The central voice for Linux and Open Source security news.
Updated: 1 day 1 hour ago

Fedora 22 libwmf-0.2.8.4-45.fc22

Friday 10th of July 2015 03:13:00 PM
LinuxSecurity.com: CVE-2015-0848 heap overflow when decoding BMP imagesCVE-2015-4588 RLE decoding doesn't check that the "count" fits into the imageCVE-2015-4695 meta_pen_create heap buffer overflowCVE-2015-4696 wmf2gd/wmf2eps use after free

Fedora 21 mariadb-10.0.20-1.fc21

Friday 10th of July 2015 03:12:00 PM
LinuxSecurity.com: This is an update to most recent version 10.0.20, that also fixes CVE-2015-3152.

Fedora 22 s3ql-2.13-1.fc22

Friday 10th of July 2015 03:12:00 PM
LinuxSecurity.com: Update to 2.13

Fedora 21 openssh-6.6.1p1-13.fc21

Friday 10th of July 2015 03:11:00 PM
LinuxSecurity.com: This update brings security fix for two announced vulnerabilities. Namely XSECURITY restrictions bypass under certain conditions AND weakness of agent locking (ssh-add -x) to password guessing (more info in related bugs). For more information see related bugs.

Fedora 21 cups-x2go-3.0.1.3-1.fc21

Friday 10th of July 2015 03:10:00 PM
LinuxSecurity.com: * New upstream version (3.0.1.2): - cups-x2go{,.conf}: port to File::Temp. Use Text::ParseWords to split up the ps2pdf command line correctly. Don't use system() but IPC::Open2::open2(). Capture the ps2pdf program's stdout and write it to the temporary file handle "manually". Should fix problems reported by Jan Bi on IRC. - cups-x2go: fix commented out second ps2pdf definition to output PDF data to stdout. * New upstream version (3.0.1.3): - cups-x2go: import tempfile() function from File::Temp module. - cups-x2go: only repeat the last X, not the whole ".pdfX" string (or the like.) - cups-x2go: actually print "real" executed command instead of the "original" one with placeholders. - cups-x2go: read output from ghostscript, don't write a filehandle to the temporary file. Fixes a hanging ghostscript call and... well... random junk, instead of a "real" PDF file. - cups-x2go: use parentheses around function arguments. - cups-x2go: fix binmode() call, :raw layer is implicit. - cups-x2go: fix print call... Does not allow to separate parameters with a comma. - cups-x2go: add correct :raw layer to binmode calls. - cups-x2go: fix tiny typo. - cups-x2go: read data from GS and STDIN in chunks of 8 kbytes, instead of everything at once. Handles large print jobs gracefully. - cups-x2go: add parentheses to close() calls. - cups-x2go: delete PDF and title temporary files automatically. - cups-x2go: unlink PS temporary file on-demand in END block. Also move closelog to END block, because we want to print diagnosis messages in the END block. - cups-x2go: don't use unlink() explicitly. Trust File::Temp and our END block to clean up correctly. - cups-x2go: there is no continue in perl for stepping forward a loop. Still not. I keep forgetting that. Use next. (Partly) Fixes: #887. - cups-x2go: use the same temp file template for PS, PDF and title files. Use appropriate suffixes if necessary when generating PDF and title temp files. (Fully) Fixes: #887.Update to 3.0.1.1:- Add a short README that provides some getting started information.Update to 3.0.1.1:- Add a short README that provides some getting started information.

Gentoo: 201507-12 libCapsiNetwork: Denial of Service

Friday 10th of July 2015 02:52:00 PM
LinuxSecurity.com: A buffer overflow in libcapsinetwork might allow remote attackers to cause a Denial of Service condition.

Gentoo: 201507-19 MySQL: Multiple vulnerabilities

Friday 10th of July 2015 09:29:00 AM
LinuxSecurity.com: Multiple vulnerabilities have been found in MySQL, allowing attackers to execute arbitrary code or cause Denial of Service.

Gentoo: 201507-18 Chromium: Multiple vulnerabilities

Friday 10th of July 2015 09:24:00 AM
LinuxSecurity.com: Multiple vulnerabilities have been found in Chromium allowing remote attackers to bypass security restrictions.

Gentoo: 201507-17 SNMP: Denial of Service

Friday 10th of July 2015 09:20:00 AM
LinuxSecurity.com: A vulnerability in SNMP could lead to Denial of Service condition.

Gentoo: 201507-11 Perl: Denial of Service

Friday 10th of July 2015 04:23:00 AM
LinuxSecurity.com: A vulnerability in Perl allows a remote attacker to cause Denial of Service.

Gentoo: 201507-10 t1utils: Arbitrary code execution

Friday 10th of July 2015 04:07:00 AM
LinuxSecurity.com: A buffer overflow in t1utils could result in execution of arbitrary code or Denial of Service.

Debian: 3307-1: pdns-recursor: Summary

Thursday 9th of July 2015 06:20:00 PM
LinuxSecurity.com: Security Report Summary

Debian: 3306-1: pdns: Summary

Thursday 9th of July 2015 06:12:00 PM
LinuxSecurity.com: Security Report Summary

Slackware: 2015-190-01: openssl: Security Update

Thursday 9th of July 2015 04:38:00 PM
LinuxSecurity.com: New openssl packages are available for Slackware 14.0, 14.1, and -current to fix a security issue. [More Info...]

Ubuntu: 2656-1: Firefox vulnerabilities

Thursday 9th of July 2015 04:22:00 PM
LinuxSecurity.com: Firefox could be made to crash or run programs as your login if itopened a malicious website.

Red Hat: 2015:1219-01: php54-php: Moderate Advisory

Thursday 9th of July 2015 04:07:00 PM
LinuxSecurity.com: Updated php54-php packages that fix multiple security issues are now available for Red Hat Software Collections 2. Red Hat Product Security has rated this update as having Moderate security [More...]

Red Hat: 2015:1218-01: php: Moderate Advisory

Thursday 9th of July 2015 03:59:00 PM
LinuxSecurity.com: Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security [More...]

Gentoo: 201507-09 PyPAM: Arbitrary code execution

Thursday 9th of July 2015 02:55:00 PM
LinuxSecurity.com: A double free vulnerability in PyPAM could result in execution of arbitrary code or Denial of Service.

Ubuntu: 2672-1: NSS vulnerabilities

Thursday 9th of July 2015 01:44:00 PM
LinuxSecurity.com: Several security issues were fixed in NSS.

Ubuntu: 2671-1: Django vulnerabilities

Thursday 9th of July 2015 07:43:00 AM
LinuxSecurity.com: Several security issues were fixed in Django.

More in Tux Machines

Leftovers: Ubuntu Touch

Canonical Patches Two BIND Vulnerabilities in All Supported Ubuntu OSes, Update Now

On July 28, Canonical, through Marc Deslauriers, published details about the availability of a new important update for the BIND packages in the Ubuntu 15.04, Ubuntu 14.04 LTS, and Ubuntu 12.04 LTS operating systems. Read more

KDE and Akademy

  • KDE unveils Plasma Mobile, a free and open Linux OS for phones
    Move over, Ubuntu Touch and Android. There's new competition in town. The KDE community just unveiled Plasma Mobile, a free and open-source mobile operating system. This is nothing new for the KDE project. Before Ubuntu Touch was ever announced, the KDE community had a long-term vision of convergence. Plasma 5 on the desktop has a “converged shell” that can switch between different interfaces for different device types. KDE even attempted to release tablets with their Plasma software preinstalled, but this never worked out.
  • Keeping Up With Akademy 2015 In A Coruña
    For KDE fans interested in the Akademy conference that started on Saturday in A Coruña, Galicia, Spain, there are a lot of daily reports coming out of the event.
  • Akademy A Coruña Photos
  • Akademy 2015 videos available
    Video recordings of the Akademy talks are now available in a low quality version to enable them to be released quickly. Higher quality version will be available later.

Second Release Candidate of NetBSD 7.0 Brings Latest OpenSSL and BIND Updates

On July 28, the NetBSD Project, through Soren Jacobsen, announced the immediate availability for download and testing of the second RC (Release Candidate) version of the anticipated NetBSD 7.0 distribution. Read more