Language Selection

English French German Italian Portuguese Spanish Advisories

Syndicate content LinuxSecurity - Security Advisories
The central voice for Linux and Open Source security news.
Updated: 1 hour 7 min ago

Fedora 31: pdfbox FEDORA-2019-88f53a7433

Saturday 14th of September 2019 12:39:49 PM
Update to 2.0.16

Fedora 31: irssi FEDORA-2019-d2257607b8

Saturday 14th of September 2019 12:38:55 PM
This is new version of irssi fixing CVE-2019-15717.

Fedora 31: SDL FEDORA-2019-f5558abfef

Saturday 14th of September 2019 12:38:50 PM
This release fixes a heap buffer over-read in BlitNtoN() function when processing an invalid BMP image.

Fedora 31: dovecot FEDORA-2019-ea638fb605

Saturday 14th of September 2019 12:38:16 PM
* CVE-2019-11500: IMAP protocol parser does not properly handle NUL byte when scanning data in quoted strings, leading to out of bounds heap memory writes

Fedora 31: pdfresurrect FEDORA-2019-b20614ff74

Saturday 14th of September 2019 12:38:15 PM
* Security fix for CVE-2019-14267 * Security fix for CVE-2019-14934

Fedora 31: chromium FEDORA-2019-b90f48e9aa

Saturday 14th of September 2019 12:37:52 PM
Chromium 76.0.3809.132 update

openSUSE: 2019:2129-1: moderate: libmirage

Saturday 14th of September 2019 08:10:23 AM
An update that fixes one vulnerability is now available.

Fedora 29: sphinx FEDORA-2019-bdadf4c6f5

Friday 13th of September 2019 09:54:57 PM
Security fix for CVE-2019-14511

Fedora 29: libextractor FEDORA-2019-5628767261

Friday 13th of September 2019 09:54:55 PM
Patch for CVE-2019-15531

Debian LTS: DLA-1919-1: linux-4.9 security update

Friday 13th of September 2019 09:21:38 PM
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

Fedora 30: sphinx FEDORA-2019-9231a18768

Friday 13th of September 2019 09:13:34 PM
Security fix for CVE-2019-14511

Fedora 30: libextractor FEDORA-2019-62b65ed7f6

Friday 13th of September 2019 09:13:29 PM
Patch for CVE-2019-15531

Debian LTS: DLA-1920-1: golang-go.crypto security update

Friday 13th of September 2019 12:19:49 PM
This package ignored the value of the Hash header, which allows an attacker to spoof it. An attacker can not only embed arbitrary Armor Headers, but also prepend arbitrary text to cleartext messages without invalidating the signatures.

Debian LTS: DLA-1921-1: dnsmasq security update

Friday 13th of September 2019 10:40:28 AM
Samuel R Lovejoy discovered a security vulnerability in dnsmasq. Carefully crafted packets by DNS servers might result in out of bounds read operations, potentially leading to a crash and denial

openSUSE: 2019:2128-1: moderate: srt

Thursday 12th of September 2019 10:58:46 PM
An update that fixes one vulnerability is now available.

SUSE: 2019:2370-1 moderate: python-urllib3

Thursday 12th of September 2019 06:27:47 PM
An update that fixes four vulnerabilities is now available.

SUSE: 2019:2368-1 important: cri-o

Thursday 12th of September 2019 06:24:52 PM
An update that fixes one vulnerability is now available.

SUSE: 2019:2373-1 important: curl

Thursday 12th of September 2019 06:17:02 PM
An update that fixes two vulnerabilities is now available.

SUSE: 2019:2369-1 moderate: cri-o

Thursday 12th of September 2019 06:13:25 PM
An update that fixes one vulnerability is now available.

SUSE: 2019:2339-2 important: curl

Thursday 12th of September 2019 06:02:19 PM
An update that fixes one vulnerability is now available.

More in Tux Machines

Ubuntu: Vivaldi, Screen Mirroring Android, Snap Statistics and Ubuntu on LinuxONE III

  • Vivaldi Web Browser 2.8 Released! How to Install it in Ubuntu

    Vivaldi web browser released the new stable version 2.8 today. Here’s how to install it in Ubuntu 18.04 and higher.

  • Try Screen Mirroring Android Using Wi-Fi on Ubuntu!

    In the previous article, I once discussed screen mirroring on Ubuntu using Scrcpy. I like Scrcpy because this application is very light and runs very well when Screen Mirroring. And in this article, I will try Screen Mirroring using Wi-fi(wifi). Screen Mirroring using wifi has several benefits. One of them is, we don't need to connect the device with a cable. So, when we are presentation a demo of an application made for smartphones, we can move freely because we don't use connecting cables when used for screen mirroring.

  • Popular snaps per distro

    From a distance, Linux is one big, confusing ball of passionate users and hardcore technical jargon. But as you zoom in, you can start seeing patterns – and differences. Indeed, the individual and vastly varied choice of a favorite distribution has played a major part in shaping the community conversation in the Linux space. But does this also reflect on the application usage patterns? We wanted to have a look at how users on different distributions consume snaps. So we crunched some numbers and checked the top five snaps for Ubuntu, Debian, Fedora, CentOS, Arch Linux, and Manjaro users.

  • Ubuntu on the new LinuxONE III

    A few months ago I visited the IBM offices in Poughkeepsie to sync up with colleagues, record an episode of Terminal Talk, and let’s be honest, visit some mainframes. A lot of assembly still happens in Poughkeepsie, and they have a big client center with mainframes on display, including several inside a datacenter that they give tours of. I was able to see a z14 in operation, as well as several IBM LinuxONE machines. Getting to tour datacenters is a lot of fun, and even though I wouldn’t have meaningful technical interactions with them, there’s something about seeing these massive machines that I work with every day in person that brings me a lot of joy. Now I have to go back! On September 12th, the newest mainframe was announced, the IBM z15 and accompanying Linux version, the IBM LinuxONE III. To celebrate, I joined my colleagues in the IBM Silicon Valley lab for a launch event watch party and, of course, cake.

Arch Linux Review in 2019

In constant development since 2002, Arch Linux isn’t new. It’s built up a large, loyal following of users who love Arch’s “Keep It Simple, Stupid” approach, where minimalism and choice reign supreme. No Arch Linux installation is the same, and that’s the appeal to Arch users. It isn’t the friendliest Linux distro for beginners, but if you’re looking to truly understand what a Linux distro can do, Arch Linux could be for you. At number 15 on the Distowatch popularity list over the past 12 months, Arch is also one of the most well-known Linux distros. Let’s find out why this minimalist distro continues to be popular. Read more

Audiocasts/Shows/Video: Ubuntu Podcast, Choose Linux, BSD Now and ArcoLinux 19.09 Run Through

  • Ubuntu Podcast from the UK LoCo: S12E24 – Gran Turismo

    This week we’ve been cataloging hardware (mostly crusty Thinkpads). We interview Kyle Fazzari, serior robotics engineer at Canonical, bring you some command line love and go over all your feedback. It’s Season 12 Episode 24 of the Ubuntu Podcast! Alan Pope, Mark Johnson and Kyle Fazzari are connected and speaking to your brain.

  • Introducing New People to Linux | Choose Linux 18

    There’s lots to consider when setting someone up with Linux for the first time. User needs and expectations, distro choice, hardware, and so much more. We discuss our experiences, and ask some fundamental questions.

  • git commit FreeBSD | BSD Now 316

    NetBSD LLVM sanitizers and GDB regression test suite, Ada—The Language of Cost Savings, Homura - a Windows Games Launcher for FreeBSD, FreeBSD core team appoints a WG to explore transition to Git, OpenBSD 6.6 Beta tagged, Project Trident 12-U5 update now available, and more.

  • ArcoLinux 19.09 Run Through

    In this video, we are looking at ArcoLinux 19.09 with XFCE 4.14.

Mozilla Leftovers

  • Mozilla Localization (L10N): L10n Report: September Edition

    Please note some of the information provided in this report may be subject to change as we are sometimes sharing information about projects that are still in early stages and are not final yet.

  • Will Kahn-Greene: Markus v2.0.0 released! Better metrics API for Python projects.

    Markus is a Python library for generating metrics.

  • This Week In Rust: This Week in Rust 304

    Hello and welcome to another issue of This Week in Rust! Rust is a systems language pursuing the trifecta: safety, concurrency, and speed. This is a weekly summary of its progress and community. Want something mentioned? Tweet us at @ThisWeekInRust or send us a pull request. Want to get involved? We love contributions.

  • Mozilla VR Blog: Virtual identities in Hubs

    Identity is a complicated concept—who are we really? Most of us have government IDs that define part of our identity, but that’s just a starting point. We present ourselves differently depending on context—who we are with our loved ones might not be the same as who we are at work, but both are legitimate representations of ourselves. Virtual spaces make this even harder. We might maintain many virtual identities with different degrees of overlap. Having control over our representation and identity online is a critical component of safety and privacy, and platforms should prioritize user agency. More importantly, autonomy and privacy are intrinsically intertwined. If everyone saw my google searches, I would probably change what I search for. If I knew my employer could monitor my interactions when I’m not at work, I would behave differently. Privacy isn’t just about protecting information about myself, it’s about allowing me to express myself.