Language Selection

English French German Italian Portuguese Spanish

LinuxSecurity.com Advisories

Syndicate content LinuxSecurity - Security Advisories
The central voice for Linux and Open Source security news.
Updated: 2 hours 27 min ago

Debian: DSA-5012-1: openjdk-17 security update>

Tuesday 23rd of November 2021 04:30:57 PM
Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service, incorrect Kerberos ticket use, selection of weak ciphers or information disclosure.

openSUSE: 2021:3773-1 important: bind>

Tuesday 23rd of November 2021 04:29:47 PM
An update that fixes one vulnerability is now available.

openSUSE: 2021:3770-1 important: java-1_8_0-openjdk>

Tuesday 23rd of November 2021 04:19:58 PM
An update that fixes 11 vulnerabilities is now available.

RedHat: RHSA-2021-4774:02 Important: kernel security update>

Tuesday 23rd of November 2021 03:42:13 PM
An update for kernel is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

RedHat: RHSA-2021-4788:02 Moderate: krb5 security update>

Tuesday 23rd of November 2021 03:42:05 PM
An update for krb5 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

Ubuntu 5154-1: FreeRDP vulnerabilities>

Tuesday 23rd of November 2021 11:31:00 AM
Several security issues were fixed in FreeRDP.

RedHat: RHSA-2021-4765:03 Moderate: Release of OpenShift Serverless Client>

Tuesday 23rd of November 2021 09:41:36 AM
Release of OpenShift Serverless Client kn 1.19.0 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

RedHat: RHSA-2021-4766:03 Moderate: Release of OpenShift Serverless 1.19.0>

Tuesday 23rd of November 2021 09:41:34 AM
Release of OpenShift Serverless 1.19.0 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

RedHat: RHSA-2021-4767:03 Moderate: Red Hat Integration Camel Extensions>

Tuesday 23rd of November 2021 09:41:30 AM
Red Hat Integration Camel Extensions for Quarkus 2.2 is now GA. The purpose of this text-only errata is to inform you about the security issues fixed since the tech preview 2 release. Red Hat Product Security has rated this update as having a security impact

RedHat: RHSA-2021-4768:03 Important: kernel security update>

Tuesday 23rd of November 2021 09:41:25 AM
An update for kernel is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

RedHat: RHSA-2021-4771:02 Moderate: rpm security update>

Tuesday 23rd of November 2021 09:41:22 AM
An update for rpm is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support, Red Hat Enterprise Linux 7.6 Telco Extended Update Support, and Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions.

Debian LTS: DLA-2825-1: libmodbus security update>

Monday 22nd of November 2021 11:07:58 AM
Two issues have been found in libmodbus, a library for the Modbus protocol. Both issues are related to out of bound reads, which could result in a

openSUSE: 2021:3759-1 important: postgresql14>

Monday 22nd of November 2021 10:30:14 AM
An update that fixes two vulnerabilities is now available.

openSUSE: 2021:3762-1 important: postgresql13>

Monday 22nd of November 2021 10:21:30 AM
An update that fixes two vulnerabilities is now available.

openSUSE: 2021:1498-1 moderate: barrier>

Monday 22nd of November 2021 10:20:20 AM
An update that fixes two vulnerabilities is now available.

openSUSE: 2021:3758-1 important: postgresql12>

Monday 22nd of November 2021 10:19:04 AM
An update that fixes two vulnerabilities is now available.

Ubuntu 5153-1: LibreOffice vulnerabilities>

Monday 22nd of November 2021 08:52:09 AM
LibreOffice could incorrectly validate document signatures.

openSUSE: 2021:1494-1 moderate: hylafax+>

Sunday 21st of November 2021 10:17:52 AM
An update that contains security fixes can now be installed.

Debian LTS: DLA-2823-2: salt regression update>

Saturday 20th of November 2021 08:41:02 PM
The security update of Salt, a remote execution manager, to fix CVE-2021-21996 introduced a regression in salt/fileclient.py which raised an unexpected exception and made file.managed states fail.

Mageia 2021-0519: php security update>

Saturday 20th of November 2021 03:32:06 PM
Header injection via default_mimetype / default_charset mbstring may use pointer from some previous request Unexpected behavior with arrays and JIT Special character is breaking the path in xml function (CVE-2021-21707) XMLReader::getParserProperty may throw with a valid property

More in Tux Machines

RK3399K based module and SBC can operate at -20 to 80℃

Forlinx announced a “FET3399K-C SOM” that runs Android 7.1 or Linux on a Rockchip RK3399K with up to 4GB LPDDR3 and 32GB eMMC plus -20 to 80℃ support. An “OK3399K-C” SBC based on it offers GbE, 4x USB, HDMI, MIPI DSI/CSI, M.2, and mini-PCIe. Forlinx announced an update to its FET3399-C SOM and OK3399-C SBC that advances from the the Rockchip RK3399 to the RK3399K, enabling a wider -20 to 80℃ operating range instead of 0 to 80℃ . The FET3399K-C SOM and OK3399K-C SBC appear to be otherwise identical to the year-old originals. Since we missed that announcement, we cover the boards in detail below. Read more

Android Leftovers

Files and GTK 4

Let’s start with some history. GTK 4 has been in development since 2016 and it’s been expected that the Files application would be ported, obviously. In 2018, a Google Summer of Code project from Ernestas Kulik produced a port of Files to GTK 3.9x, the development version of what would become GTK 4. It included a port of the custom EelCanvas widget (used to implement the Files icon view). Although it was not meant for general use, Ernestas’s port was very useful, both for the development of GTK 4 itself, as well as the preparation of the Files app for the future. Many compatible changes were applied to the master branch, which both improved the code design and laid the preparations for a later port to GTK 4. Read more

today's howtos

  • How to install RethinkDB in Rocky Linux/Alma Linux/Centos 8

    RethinkDB is a free and open-source, distributed document-oriented database originally created by the company of the same name. It is a free and open-source NoSQL database system that makes it easier for building realtime apps. It comes with a graphical user interface that can be accessible from the web browser and used to manage the database. It uses JSON to load the applications into and read the database. RethinkDB is built to store JSON documents and you can scale it to multiple machines easily. It is easy to set up and has a simple query language that supports table joins and group by.

  • How to install Ubuntu MATE 21.10 - Invidious

    In this video, I am going to show how to install Ubuntu MATE 21.10.

  • How to install Node.js on Fedora 35 – NextGenTips

    In today’s guide, I am going to take you through the installation of node.js on Fedora 35. Node.js is an open-source cross-platform, backend javascript runtime environment that runs on the V8 engine and executes javascript code outside of a web browser. A Node.js app runs in a single process, without creating a new thread for every request. It provides a set of asynchronous I/O primitives in its standard library that prevent javascript code from blocking and generally, libraries from node.js are written using non-blocking paradigms, making blocking behaviour the exceptions rather than the norm. When Node.js performs an I/O operation, like reading from the network, accessing a database or the filesystem, instead of blocking the thread and wasting CPU cycles waiting, Node.js will resume the operations when the response comes back. This allows Node.js to handle thousands of concurrent connections with a single server without introducing the burden of managing thread concurrency, which could be a significant source of bugs.

  • How to Quickly Start a Django Project and a Django App - SitePoint

    In this tutorial, we’ll learn the difference between a Django project and a Django app, and how to start a new Django project. Django is the Python web framework of choice for building web applications. It’s a mature, full-featured, flexible and open-source framework that lets you build anything from a simple CRUD application to a more complex, multi-app project like a photo-sharing app.

  • How to Make iptables Firewall Rules Persistent on Debian/Ubuntu

    Here’s how to keep iptables firewall rules persistent between reboots, so you don’t lost them after the system is rebooted. Iptables is a command-line firewall utility in Linux operating system that uses policy chains to allow or block traffic. However, by default iptables rules will not survive through a server reboot. They are reset when you reboot your Linux system. So, how do I persist iptables rules? The iptables store the rules in the system memory. In other words, it do not save these rules persistently to the disk as a file. Fortunately, there is a very easy way to keep these iptables rules persistently to a disk, which I will show you now.

  • How to Install Telegraf Configure InfluxDB2 output in Rocky Linux/CentOS 8

    In this guide we are going to learn how to install Telegraf and configure InfluxDB v2 output on a Rocky Linux server 8. This guide also works for any RHEL 8 based server like Alma Linux 8, Centos 8, Oracle Linux 8 etc. Telegraf is a plugin-driven server agent for collecting & reporting metrics, and is the first piece of the TICK stack. Telegraf has plugins to source a variety of metrics directly from the system it’s running on, pull metrics from third-party APIs, or even listen for metrics via a statsd and Kafka consumer services. It also has output plugins to send metrics to a variety of other datastores, services, and message queues, including InfluxDB, Graphite, OpenTSDB, Datadog, Librato, Kafka, MQTT, NSQ, and many others.

  • How To Install System Information Tool HardInfo 0.6 Alpha (GTK3) On Ubuntu, Pop!_OS Or Linux Mint From PPA - Linux Uprising Blog

    HardInfo is a graphical system information (hardware, system info, software) and benchmark tool. Since there have not been any new HardInfo releases since 2009 (but the tool is still under development), I have created a PPA to easily install HardInfo 0.6 alpha (from Git) built with GTK3 on Ubuntu, Pop!_OS and Linux Mint. At the end of the post, you'll also find links with newer, third-party HardInfo packages for Arch Linux and Fedora. Hardinfo system hardware information Linux The application can display system hardware information such as CPU (cores, frequencies, cache, etc.), RAM (available RAM, memory sockets, etc.), motherboard and BIOS, GPU, disks, peripherals, temperatures and much more. What's more, the tool can also show software information like the used Linux distribution and version, kernel information and loaded modules, installed development tools versions, as well as system information like boot history, memory usage, filesystem usage, display (e.g. the screen resolution, the session type: X11 or Wayland, etc.), and more.

  • How To Install MariaDB on Fedora 35 - idroot

    In this tutorial, we will show you how to install MariaDB on Fedora 35. For those of you who didn’t know, MariaDB is an open-source one of the most popular relational database management systems (RDBMS) that is a highly compatible drop-in replacement of MySQL. It offers a better storage engine along with faster caching and query performance. This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the MariaDB 10.6 on a Fedora 35.

  • Install Cassandra In CentOS Linux - OSTechNix

    Cassandra is an open-source distributed database management system with a wide column store and a NoSQL database that can handle massive amounts of data across many commodity servers with no single point of failure. It was created by the Apache Software Foundation and is written in Java. In this article, we will go through the step-by-step process to install Cassandra in CentOS 7 Linux.