Language Selection

English French German Italian Portuguese Spanish

LinuxSecurity.com Advisories

Syndicate content
The central voice for Linux and Open Source security news.
Updated: 35 min 3 sec ago

Fedora 27: kernel Security Update

Friday 12th of January 2018 02:44:00 PM
LinuxSecurity.com: The 4.14.13 stable kernel update contains a number of important fixes across the tree. This is also the first update to contain some spectre mitigations. Some patches for variant 1 as well as the initial retpoline build for variant 2. These variant 2 mitigations will improve with further patches, and once compiler support is improved.

Debian: DSA-4084-1: gifsicle security update

Friday 12th of January 2018 12:21:00 PM
LinuxSecurity.com: It was discovered that gifsicle, a tool for manipulating GIF image files, contained a flaw that could lead to arbitrary code execution. For the oldstable distribution (jessie), this problem has been fixed

Fedora 27: awstats Security Update

Friday 12th of January 2018 01:53:00 AM
LinuxSecurity.com: Security fix for CVE-2017-1000501

Gentoo: GLSA-201801-12: icoutils: Multiple vulnerabilities

Thursday 11th of January 2018 11:50:00 PM
LinuxSecurity.com: Multiple vulnerabilities have been found in icoutils, the worst of which may lead to arbitrary code execution.

Gentoo: GLSA-201801-13: TigerVNC: Multiple vulnerabilities

Thursday 11th of January 2018 11:50:00 PM
LinuxSecurity.com: Multiple vulnerabilities have been found in TigerVNC, the worst of which may lead to arbitrary code execution.

Gentoo: GLSA-201801-11: PySAML2: Security bypass

Thursday 11th of January 2018 11:50:00 PM
LinuxSecurity.com: A vulnerability in PySAML2 might allow remote attackers to bypass authentication.

ArchLinux: 201801-10: intel-ucode: access restriction bypass

Thursday 11th of January 2018 09:57:00 PM
LinuxSecurity.com: The package intel-ucode before version 20180108-1 is vulnerable to access restriction bypass.

SUSE: 2018:0069-1: important: the Linux Kernel

Thursday 11th of January 2018 06:10:00 PM
LinuxSecurity.com: An update that fixes two vulnerabilities is now available.

SUSE: 2018:0068-1: important: microcode_ctl

Thursday 11th of January 2018 06:09:00 PM
LinuxSecurity.com: An update that fixes one vulnerability is now available.

SUSE: 2018:0067-1: important: ucode-intel

Thursday 11th of January 2018 06:09:00 PM
LinuxSecurity.com: An update that fixes one vulnerability is now available.

openSUSE: 2018:0066-1: important: ucode-intel

Thursday 11th of January 2018 03:08:00 PM
LinuxSecurity.com: An update that fixes one vulnerability is now available.

SUSE: 2018:0065-1: important: Fixing security issues on OBS toolchain

Thursday 11th of January 2018 03:06:00 PM
LinuxSecurity.com: An update that solves three vulnerabilities and has 5 fixes is now available.

Debian LTS: DLA-1240-1: ming security update

Thursday 11th of January 2018 11:54:00 AM
LinuxSecurity.com: Multiple vulnerabilities have been discovered in Ming: CVE-2017-11732

Debian: DSA-4083-1: poco security update

Thursday 11th of January 2018 08:51:00 AM
LinuxSecurity.com: Stephan Zeisberg discovered that poco, a collection of open source C++ class libraries, did not correctly validate file paths in ZIP archives. An attacker could leverage this flaw to create or overwrite arbitrary files.

Fedora 27: electron-cash Security Update

Wednesday 10th of January 2018 10:39:00 PM
LinuxSecurity.com: Yet another security issue

Fedora 27: microcode_ctl Security Update

Wednesday 10th of January 2018 10:39:00 PM
LinuxSecurity.com: Update to upstream 2.1-15. 20180108. Includes fix for Spectre.

Fedora 27: heketi Security Update

Wednesday 10th of January 2018 10:39:00 PM
LinuxSecurity.com: Security fix for CVE-2017-15103 and CVE-2017-15104

Fedora 26: electrum Security Update

Wednesday 10th of January 2018 10:24:00 PM
LinuxSecurity.com: Depend on https://bodhi.fedoraproject.org/updates/FEDORA-2018-92de33f3b9

Fedora 26: python-jsonrpclib Security Update

Wednesday 10th of January 2018 10:24:00 PM
LinuxSecurity.com: Depenency for Electrum that have a security issue in all the releases.

Fedora 26: firefox Security Update

Wednesday 10th of January 2018 10:24:00 PM
LinuxSecurity.com: - Update to 57.0.4 - Security fixes to address the Meltdown and Spectre timing attacks - https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new- class-timing-attack/ - Require new nss 3.34 (fixed #1531031) - Disabled ARM on all Fedoras due to #1523912

More in Tux Machines

Games: DRAG, Geneshift, Balloonatics and More

Tumbleweed Update

  • Tumbleweed Rolls Forward with New versions of Mesa, Squid, Xen
    This week provided a pretty healthy amount of package updates for openSUSE’s rolling distribution Tumbleweed. There were three snapshots released since the last blog and some of the top packages highlighted this week are from Mesa, Squid, Xen and OpenSSH. The Mesa update from version 17.2.6 to 17.3.2 in snapshot 20180116 provided multiple fixes in the RADV Vulkan driver and improvements of the GLSL shader cache. The Linux Kernel provides some fixes for the security vulnerabilities of Meltdown in version 4.14.13 and added a prevent buffer overrun on memory hotplug during migration for KVM with s390. The snapshot had many more package updates like openssh 7.6p1, which tightened configuration access rights. A critical fix when updating Flatpak packages live was made with the gnome-software version 3.26.4 update. File systems package btrfsprogs 4.14.1 provided cleanups and some refactoring while wireshark 2.4.4 made some fixes for dissector crashes. Xen 4.10.0_10 added a few patches. Rounding out the snapshot, ModemManager 1.6.12 fixed connection state machine when built against libqmi and blacklisted a few devices to include some Pycom devices.
  • openSUSE Tumbleweed Rolls To Mesa 17.3, Linux 4.14.13
    OpenSUSE has continued rolling in the new year with several key package updates in January. Exciting us a lot is that openSUSE Tumbleweed has migrated from Mesa 17.2 to now Mesa 17.3. Mesa 17.3.2 is the version currently in openSUSE's rolling-release.

India Digital Open Summit 2018

Compact Quark-based embedded computer sells for $120

Advantech’s “UBC-222” is an embedded computer that runs Yocto Linux on an Intel Quark X1000 with up to 1GB DDR3, dual 10/100 LAN ports, and a mini-PCIe socket with LTE-ready SIM slot. Read more