Language Selection

English French German Italian Portuguese Spanish

LinuxSecurity.com Advisories

Syndicate content LinuxSecurity - Security Advisories
The central voice for Linux and Open Source security news.
Updated: 3 hours 23 min ago

Fedora 34: vim 2021-968f57ec98>

Saturday 16th of October 2021 04:44:57 PM
The newest upstream commit Security fix for CVE-2021-3796 Security fix for CVE-2021-3778

Fedora 34: libopenmpt 2021-7cc30bb3dd>

Saturday 16th of October 2021 04:44:24 PM
https://lib.openmpt.org/libopenmpt/2021/10/04/security- updates-0.5.12-0.4.24-0.3.33/

Debian: DSA-4988-1: libreoffice security update>

Saturday 16th of October 2021 03:23:57 PM
Two security issues have been discovered in LibreOffice's support for digital signatures in ODF documents, which could result in incorrect signature indicators/timestamps being presented.

openSUSE: 2021:3451-1 important: MozillaFirefox>

Saturday 16th of October 2021 11:15:44 AM
An update that fixes 20 vulnerabilities is now available.

SUSE: 2021:412-1 suse/sle15 Security Update>

Saturday 16th of October 2021 05:19:24 AM
The container suse/sle15 was updated. The following patches have been included in this update:

SUSE: 2021:411-1 suse/sle15 Security Update>

Saturday 16th of October 2021 05:13:56 AM
The container suse/sle15 was updated. The following patches have been included in this update:

Debian LTS: DLA-2785-1: linux-4.19 security update>

Friday 15th of October 2021 07:50:44 PM
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

openSUSE: 2021:1358-1 important: opera>

Friday 15th of October 2021 05:18:40 PM
An update that fixes three vulnerabilities is now available.

openSUSE: 2021:1359-1: libaom>

Friday 15th of October 2021 05:17:32 PM
An update that fixes one vulnerability is now available.

Fedora 34: chromium 2021-116eff380f>

Friday 15th of October 2021 03:23:21 PM
Update to 94.0.4606.81. Built with is_official_build=true, which disables all sorts of debugging check functions that upstream turned on in 94. These debugging checks were failing and causing the program to crash in ... fun ways. It also fixes the usual pile of security issues, most notably: CVE-2021-37974 CVE-2021-37975 CVE-2021-37976 CVE-2021-37977 CVE-2021-37978 CVE-2021-37979

Fedora 34: xen 2021-80bbe7def0>

Friday 15th of October 2021 03:22:51 PM
PCI devices with RMRRs not deassigned correctly [XSA-386, CVE-2021-28702] (#2011248)

Fedora 33: xen 2021-0b7a484688>

Friday 15th of October 2021 02:54:11 PM
PCI devices with RMRRs not deassigned correctly [XSA-386, CVE-2021-28702] (#2011248)

openSUSE: 2021:1357-1 important: the Linux Kernel>

Friday 15th of October 2021 02:17:37 PM
An update that solves 6 vulnerabilities and has 43 fixes is now available.

Debian: DSA-4987-1: squashfs-tools security update>

Friday 15th of October 2021 08:58:53 AM
Richard Weinberger reported that unsquashfs in squashfs-tools, the tools to create and extract Squashfs filesystems, does not check for duplicate filenames within a directory. An attacker can take advantage of this flaw for writing to arbitrary files to the filesystem if a malformed

openSUSE: 2021:3447-1 important: the Linux Kernel>

Friday 15th of October 2021 08:30:39 AM
An update that solves 6 vulnerabilities and has 44 fixes is now available.

openSUSE: 2021:3445-1 important: rpm>

Friday 15th of October 2021 08:16:44 AM
An update that contains security fixes can now be installed.

openSUSE: 2021:1355-1 moderate: mbedtls>

Friday 15th of October 2021 05:16:09 AM
An update that fixes one vulnerability is now available.

Ubuntu 5091-3: Linux kernel (Azure) regression>

Thursday 14th of October 2021 09:54:36 PM
USN-5091-1 introduced a regression in the Linux kernel for Microsoft Azure cloud systems.

RedHat: RHSA-2021-3873:01 Important: Red Hat Advanced Cluster Management>

Thursday 14th of October 2021 06:45:55 PM
Red Hat Advanced Cluster Management for Kubernetes 2.2.9 General Availability release images, which provide security updates, one or more container updates, and bug fixes. Red Hat Product Security has rated this update as having a security impact

Debian: DSA-4984-1: tomcat9 security update>

Thursday 14th of October 2021 04:33:21 PM
Two vulnerabilities were discovered in the Tomcat servlet and JSP engine, which could result in denial of service. For the oldstable distribution (buster), these problems have been fixed

More in Tux Machines

Review: Ubuntu 21.10

Ubuntu 21.10 (code name Impish Indri) and its many variant flavors were released on October 14. This release is a non-Long Term Support release, meaning it will be supported for nine months. Like all new releases of Ubuntu, Ubuntu 21.10 comes with numerous updates and enhancements. The most notable of these changes are the customized GNOME 40 desktop and Firefox being a Snap instead of a Deb package. Both of these changes are explored in depth in this review. Installing Ubuntu 21.10 I began by downloading the 2.9GB ISO and copying it to a flash drive. Booting the computer from the flash drive resulted in an extremely familiar experience. Unfortunately, the new installer currently being worked on did not make it into this release, so Ubuntu 21.10 still provides the same installation experience as all the recent releases of Ubuntu. Read more

Indie dev finds that Linux users generate more, better bug reports

An indie developer has found an interesting observation: Though only 5.8% of his game's buyers were playing on Linux, they generated over 38% of the bug reports. Not because the Linux platform was buggier, either. Only 3 of the roughly 400 bug reports submitted by Linux users were platform specific, that is, would only happen on Linux. The developer, posting as Koderski for developer Kodera Software on Reddit, makes indie game ΔV: Rings of Saturn—that's Delta V, or DV, for the non-rocket-science-literate. It's a hard science, physics-based space mining and piracy game that I quite like, personally, for its blend of playability that still honors the basics of spaceflight. If you quite like the space combat of, say, The Expanse, DV is a sim that might be for you. Koderski says he's sold a little over 12,000 copies of his game, and about 700 of those were bought by Linux players. "I got 1040 bug reports in total, out of which roughly 400 are made by Linux players," says Koderski's post. "That’s one report per 11.5 users on average, and one report per 1.75 Linux players. That’s right, an average Linux player will get you 650% more bug reports." Koderski's numbers are a limited sample size drawn from one person's experience, but tell a compelling story. Read more

today's howtos

  • How to use and install Stremio on Linux

    Stremio is a media center that allows users to watch movies, TV shows, and even YouTube videos instantaneously. It also supports DLNA and many other features. Here’s how to use Stremio on Linux.

  • Deploying containers with Consfigurator

    For some months now I’ve been working on some patches to Consfigurator to add support for Linux containers. My goal is to make Consfigurator capable of both performing the initial setup of a container and of entering the running container to apply configuration. For the case of unprivileged LXCs running as non-root, my work-in-progress branch can now do both of these things. As Consfigurator enters the container directly using system calls, it should be decently fast at configuring multiple containers on a host, and it will also be possible to have it do this in parallel. The initial setup for the container uses Consfigurator’s existing support for building root filesystems, and it should be easy to extend that to support arbitrary GNU/Linux distributions by teaching Consfigurator how to invoke bootstrapping tools other than debootstrap(8).

  • Vincent Bernat: FRnOG #34: how we deployed a datacenter in one click

    The presentation, in French, was recorded. I have added English subtitles.

  • How to install FileZilla on a Chromebook

    Today we are looking at how to install FileZilla on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

  • How to Install Zoom Client on Fedora 35 - LinuxCapable

    Zoom is a communications technology platform that provides videotelephony and real-time online chat services through a cloud-based peer-to-peer software platform and is used for teleconferencing, telecommuting, distance education, and much more.

  • How to Install Sails.js Framework with Nginx on Rocky Linux 8 - LinuxCapable

    Sails.js is a Javascript framework that you can use to easily and quickly build customized enterprise-grade for Node.js. It resembles the MVC architecture from such frameworks as Ruby on Rails, but with improved support for the more data-oriented modern style of developing web applications and is compatible with other front-end including Angular, React, iOS, Android, Windows Phone, and much more. In the following tutorial, you will learn how to install Sails.js and access the web-based interface by installing and configuring an Nginx reverse proxy setup on Rocky Linux 8.

  • How to Zip and Unzip Files on Android (RAR, ZIP, 7Z) - Make Tech Easier

    If your job demands that you send many large files, or if you just want an easy way to send a large number of pictures to someone, zip files are a necessity – even on your phone! This article shows how to compress or decompress large files on your Android smartphone.

  • How to Install Python Pip / PIP3 on Debian 11 Bullseye - LinuxCapable

    PIP is the standard package manager for installing Python packages. With PIP, you can list, search and download to install packages from the Python Package Index (PyPI). PIP was first included with the Python installer since version 3.4 for Python 3 release and 2.7.9 for Python 2 and is well utilized with many Python projects. In the following tutorial, you will learn how to install the PIP / PIP2 or PIP3 on Debian 11 Bullseye operating system.

  • How to Install Google Chrome on openSUSE Leap 15 - LinuxCapable

    ogle Chrome is the most used Internet Explorer software on the earth, with a recent update in 2021 that Chrome is currently the primary browser of more than 2.65 billion internet users. However, as you would know, after installing openSUSE, only Mozilla Firefox is packaged with the distribution but luckily, installing Google Chrome is a straightforward task. In the following tutorial, you will learn how to install Google Chrome in three various ways in stable, beta, or unstable versions on openSUSE Leap 15.

  • How to browse Reddit from the Linux desktop with Giara

    If you like Reddit but prefer to browse from an app, Giara may be for you. It is a Linux app that allows users to consume Reddit content from the desktop. In this guide, we’ll show you how to install it and use it on your system. Note: You must have a Reddit account to make use of the Giara application on Linux. To create a new Reddit account, head over to Reddit and click on the new “sign up” button.

  • How to Install Brave Browser on openSUSE Leap 15 - LinuxCapable

    Brave is a free and open-source web browser developed by Brave Software, Inc. based on the Chromium web browser. Brave is a privacy-focused Internet web browser, which distinguishes itself from other browsers by automatically blocking online advertisements and website trackers in its default settings. Brave has claimed its browser puts less strain on your computer’s performance than Google Chrome, regardless of how much you ask of it. Even with multiple tabs open at once, Brave uses less memory than Google Chrome-like, up to 66% less. In the following tutorial, you will learn how to install Brave on openSUSE Leap 15.

  • How to Install / Upgrade to Latest Nginx Mainline or Stable on openSUSE Leap 15 - LinuxCapable

    For those using openSUSE 15 Leap, you might have noticed that installing Nginx directly from its repository does not install the latest stable or mainline version. This is a common trend in most distributions that focus on the stability of packages and provide only urgent bug or security updates until the subsequent major distribution. For most, using the default Nginx that comes bundled with the repository will be preferred, but often many require and want the latest version of stable or mainline for updated features. The following tutorial will cover installing the last stable or mainline versions of Nginx on openSUSE 15 Leap.

  • How to Add a User to Sudoers on openSUSE - LinuxCapable

    When installing openSUSE, the user account that was created during the initial setup has sudo rights. However, there may be a need to add additional sudo users or make the default user have sudo rights. This is a straightforward process with a few commands. In the following tutorial, you will learn to add a user to the sudoers group on any openSUSE system.

  • How to easily download and install apps on Linux with AppImage Pool

    AppImagePool is an AppImageHub client for Linux. With it, users can easily browse and download AppImages from the AppImageHub store. Here’s how to get it working on your Linux system.

Security Leftovers