Language Selection

English French German Italian Portuguese Spanish

LinuxSecurity.com Advisories

Syndicate content LinuxSecurity - Security Advisories
The central voice for Linux and Open Source security news.
Updated: 3 hours 17 min ago

SUSE: 2021:400-1 suse/sle15 Security Update>

Wednesday 13th of October 2021 05:49:18 AM
The container suse/sle15 was updated. The following patches have been included in this update:

SUSE: 2021:399-1 suse/sle15 Security Update>

Wednesday 13th of October 2021 05:49:03 AM
The container suse/sle15 was updated. The following patches have been included in this update:

RedHat: RHSA-2021-3838:01 Important: thunderbird security update>

Wednesday 13th of October 2021 05:32:04 AM
An update for thunderbird is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

RedHat: RHSA-2021-3840:01 Important: thunderbird security update>

Wednesday 13th of October 2021 05:29:32 AM
An update for thunderbird is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

Fedora 33: mediawiki 2021-56d8173b5e>

Tuesday 12th of October 2021 07:47:22 PM
https://www.mediawiki.org/wiki/Release_notes/1.35#MediaWiki_1.35.4

Fedora 33: redis 2021-8913c7900c>

Tuesday 12th of October 2021 07:47:15 PM
**Redis 6.0.16** - Released Mon Oct 4 12:00:00 IDT 2021 Upgrade urgency: SECURITY, contains fixes to security issues. Security Fixes: * (**CVE-2021-41099**) Integer to heap buffer overflow handling certain string commands and network payloads, when proto-max-bulk-len is manually configured to a non-default, very large value [reported by yiyuaner]. *

Fedora 33: xstream 2021-fbad11014a>

Tuesday 12th of October 2021 07:47:14 PM
``` * Mon Oct 04 2021 Didik Supriadi - 1.4.18-2 - Enable activation, cglib, dom4j, jdom, and jdom2 * Fri Oct 01 2021 Didik Supriadi - 1.4.18-1 - Update to version 1.4.18 ```

Fedora 34: flatpak 2021-4b201d15e6>

Tuesday 12th of October 2021 07:46:05 PM
Update to 1.10.5 Fix CVE-2021-41133

Fedora 34: httpd 2021-2a10bc68a4>

Tuesday 12th of October 2021 07:46:03 PM
This update addresses CVE-2021-42013. It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these

Fedora 34: mediawiki 2021-eee8b7514f>

Tuesday 12th of October 2021 07:45:15 PM
https://www.mediawiki.org/wiki/Release_notes/1.35#MediaWiki_1.35.4

Debian: DSA-4984-1: flatpak security update>

Tuesday 12th of October 2021 05:27:27 PM
It was discovered that sandbox restrictions in Flatpak, an application deployment framework for desktop apps, could be bypassed for a Flatpak app with direct access to AF_UNIX sockets, by manipulating the VFS using mount-related syscalls that are not blocked by Flatpak's denylist

openSUSE: 2021:3387-1 important: the Linux Kernel>

Tuesday 12th of October 2021 05:23:33 PM
An update that solves 7 vulnerabilities and has 53 fixes is now available.

SciLinux: SLSA-2021-3801-1 Important: kernel on SL7.x x86_64>

Tuesday 12th of October 2021 05:05:43 PM
kernel: Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks (CVE-2021-22543) * kernel: powerpc: KVM guest OS users can cause host OS memory corruption (CVE-2021-37576) * kernel: SVM nested virtualization issue in KVM (AVIC support) (CVE-2021-3653) * kernel: SVM nested virtualization issue in KVM (VMLOAD/VMSAVE) (CVE-2021-3656) For more details about the security issue(s), [More...]

SciLinux: SLSA-2021-3810-1 Moderate: libxml2 on SL7.x x86_64>

Tuesday 12th of October 2021 05:05:23 PM
libxml2: Use after free via namespace node in XPointer ranges (CVE-2016-4658) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 libxml2-2.9.1-6.el7_9.6.i686.rpm libxml2-2.9.1-6.el7_9.6.x86_64.rpm libxml2-debuginfo-2.9.1-6.el7_9.6.i686.rpm libxml2-debuginfo-2.9.1-6.el7_9.6 [More...]

SciLinux: SLSA-2021-3798-1 Moderate: openssl on x86_64>

Tuesday 12th of October 2021 05:04:45 PM
openssl: integer overflow in CipherUpdate (CVE-2021-23840) * openssl: NULL pointer dereference in X509_issuer_and_serial_hash() (CVE-2021-23841) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE - Scientific Linux Development Team

SciLinux: SLSA-2021-3807-1 Low: 389-ds-base on SL7.x x86_64>

Tuesday 12th of October 2021 05:04:12 PM
389-ds-base: CRYPT password hash with asterisk allows any bind attempt to succeed (CVE-2021-3652) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * A plugin can create an index. Even if the index can be used immediately (for searches) the index remains offline until further rein [More...]

RedHat: RHSA-2021-3816:01 Important: httpd:2.4 security update>

Tuesday 12th of October 2021 12:18:10 PM
An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

openSUSE: 2021:1350-1 important: chromium>

Tuesday 12th of October 2021 11:58:47 AM
An update that fixes 25 vulnerabilities is now available.

RedHat: RHSA-2021-3810:01 Moderate: libxml2 security update>

Tuesday 12th of October 2021 11:32:47 AM
An update for libxml2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

RedHat: RHSA-2021-3798:01 Moderate: openssl security update>

Tuesday 12th of October 2021 11:32:33 AM
An update for openssl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

More in Tux Machines

Linux for Starters: Your Guide to Linux – Wine – Part 21

This is a series that offers a gentle introduction to Linux for newcomers. Part 20 of this series explored VirtualBox, virtualisation software that lets you run operating systems (including Windows) as a guest operating system. With VirtualBox you can therefore run Windows software on a Linux machine. There is another, and very different way, of running native Windows software. It’s called Wine. Wine (originally an acronym for “Wine Is Not an Emulator”) is a free and open-source compatibility layer that aims to allow computer programs developed for Microsoft Windows to run on Unix-like operating systems including Linux. Read more

Android Leftovers

Redcore Linux Still Aims to Bring Gentoo Linux to the Masses, Now Ships with Linux 5.14

Over the past five years, Redcore Linux’s goal has always been to bring the power of the source-based Gentoo Linux operating system to the masses, offering users up-to-date and hardened live ISO images with the most recent KDE Plasma desktop environment and a carefully selected set of applications for office, multimedia, gaming, and Internet browsing needs. Read more

Ubuntu 21.04 and 20.04 LTS Users Get New Linux Kernel Security Update, Patch Now

Coming only three weeks after the previous kernel security update, the new one is currently only available for Ubuntu 21.04 (Hirsute Hippo) and Ubuntu 20.04.3 LTS (Focal Fossa) systems running the Linux 5.11 kernel series, and it’s available for all supported architectures and kernel flavors that Ubuntu supports. Read more