Language Selection

English French German Italian Portuguese Spanish

LinuxSecurity.com Advisories

Syndicate content
The central voice for Linux and Open Source security news.
Updated: 9 hours 15 min ago

Mandriva: 2014:154: readline

Wednesday 6th of August 2014 01:39:00 PM
LinuxSecurity.com: Updated readline packages fix security vulnerability: Steve Kemp discovered the _rl_tropen() function in readline insecurely handled a temporary file. This could allow a local attacker to perform symbolic link attacks (CVE-2014-2524). [More...]

Mandriva: 2014:152: glibc

Wednesday 6th of August 2014 01:31:00 PM
LinuxSecurity.com: Updated glibc packages fix security issues: Stephane Chazelas discovered that directory traversal issue in locale handling in glibc. glibc accepts relative paths with .. components in the LC_* and LANG variables. Together with typical OpenSSH [More...]

Mandriva: 2014:151: cups

Wednesday 6th of August 2014 01:24:00 PM
LinuxSecurity.com: Updated cups packages fix security vulnerability: In CUPS before 1.7.4, a local user with privileges of group=lp can write symbolic links in the rss directory and use that to gain '@SYSTEM' group privilege with cupsd (CVE-2014-3537). [More...]

Ubuntu: 2307-1: GPGME vulnerability

Wednesday 6th of August 2014 09:38:00 AM
LinuxSecurity.com: GPGME could be made to crash or run programs as your login if it processeda specially crafted certificate.

Mandriva: 2014:150: tor

Wednesday 6th of August 2014 07:55:00 AM
LinuxSecurity.com: Updated tor package fixes security vulnerability: Tor before 0.2.4.23 maintains a circuit after an inbound RELAY_EARLY cell is received by a client, which makes it easier for remote attackers to conduct traffic-confirmation attacks by using the pattern [More...]

Mandriva: 2014:149: php

Wednesday 6th of August 2014 06:43:00 AM
LinuxSecurity.com: Multiple vulnerabilities has been discovered and corrected in php: Use-after-free vulnerability in ext/spl/spl_array.c in the SPL component in PHP through 5.5.14 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact via [More...]

Red Hat: 2014:1013-01: php: Moderate Advisory

Wednesday 6th of August 2014 02:32:00 AM
LinuxSecurity.com: Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Moderate [More...]

Red Hat: 2014:1012-01: php53 and php: Moderate Advisory

Wednesday 6th of August 2014 01:47:00 AM
LinuxSecurity.com: Updated php53 and php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having Moderate [More...]

Red Hat: 2014:1011-01: resteasy-base: Moderate Advisory

Tuesday 5th of August 2014 09:30:00 PM
LinuxSecurity.com: Updated resteasy-base packages that fix one security issue are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Moderate [More...]

Red Hat: 2014:1008-01: samba: Important Advisory

Tuesday 5th of August 2014 04:31:00 PM
LinuxSecurity.com: Updated samba packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having [More...]

Red Hat: 2014:1009-01: samba4: Important Advisory

Tuesday 5th of August 2014 04:25:00 PM
LinuxSecurity.com: Updated samba4 packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having [More...]

Debian: 2997-1: reportbug: Summary

Tuesday 5th of August 2014 02:09:00 PM
LinuxSecurity.com: Security Report Summary

Ubuntu: 2306-2: GNU C Library regression

Tuesday 5th of August 2014 01:40:00 PM
LinuxSecurity.com: USN-2306-1 introduced a regression in the GNU C Library.

Red Hat: 2014:1004-01: yum-updatesd: Important Advisory

Tuesday 5th of August 2014 12:00:00 AM
LinuxSecurity.com: An updated yum-updatesd package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having [More...]

Ubuntu: 2306-1: GNU C Library vulnerabilities

Monday 4th of August 2014 12:28:00 PM
LinuxSecurity.com: Several security issues were fixed in the GNU C Library.

Gentoo: 201408-01 Zend Framework: SQL injection

Monday 4th of August 2014 05:33:00 AM
LinuxSecurity.com: A vulnerability in Zend Framework could allow a remote attacker to inject SQL commands.

Debian: 2996-1: icedove: Summary

Sunday 3rd of August 2014 04:53:00 AM
LinuxSecurity.com: Security Report Summary

Debian: 2995-1: lzo2: Summary

Sunday 3rd of August 2014 03:38:00 AM
LinuxSecurity.com: Security Report Summary

More in Tux Machines

Simplenote want developers to make a GNU/Linux implementation

Matt Mullenweg founder and CEO of Automattic which is responsible for WordPress.com has reached out to people who develop software on the GNU/Linux platform to find someone who will bring the Simplenote application to GNU/Linux. Read more

How to set up Raspberry Pi, the little computer you can cook into DIY tech projects

You don't need an electrical engineering degree to build a robot army. With the $35 Raspberry Pi B+, you can create robots and connected devices on the cheap, with little more than an Internet connection and a bunch of spare time. The Raspberry Pi is a computer about the size of a credit card. The darling of the do-it-yourself electronics crowd, the Pi was originally designed to teach kids computer and programming skills without the need for expensive computer labs. People have used Raspberry Pis for everything from robots to cheap home media centers. The Pi sports USB ports, HDMI video, and a host of other peripherals. The latest version, the B+, sports 512MB of RAM and uses a MicroSD card instead of a full-size card. Read more

LibreOffice Ported To 64-bit ARM (AArch64)

As more and more open-source programs get brought up for 64-bit ARM, LibreOffice is the latest to receive such AArch64 enablement. As of today in LibreOffice Git is the initial AArch64 support. Over one thousand new lines of code were added to LibreOffice by Red Hat's Stephan Bergmann for allowing the open-source office suite to build on the ARMv8 64-bit architecture. LibreOffice already runs on many CPU architectures from x86 to Alpha and SPARC with ARM64 just being the latest. Read more

SUSE's Flavio Castelli on Docker's Rise Among Linux Distros

Docker has only gained traction since its launch a little over a year ago as more companies join the community's efforts on a regular basis. On July 30, the first official Docker build for openSUSE was released, making this distribution the latest among many to join the fray. I connected with Flavio Castelli, a senior software engineer at SUSE, who works extensively on SUSE Linux Enterprise and has played a major role in bringing official Docker support to openSUSE. In this interview, he discuses the importance of bringing Docker to each Linux distribution, the future of Docker on SUSE Linux Enterprise, and other interesting developments in the Docker ecosystem. Read more