Language Selection

English French German Italian Portuguese Spanish

LinuxSecurity.com Advisories

Syndicate content LinuxSecurity - Security Advisories
The central voice for Linux and Open Source security news.
Updated: 29 min 24 sec ago

RedHat: RHSA-2021-3217:01 Important: Red Hat JBoss Enterprise Application>

Wednesday 18th of August 2021 02:13:03 PM
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 6, 7, and 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

RedHat: RHSA-2021-3218:01 Important: Red Hat JBoss Enterprise Application>

Wednesday 18th of August 2021 02:09:08 PM
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

RedHat: RHSA-2021-3216:01 Important: Red Hat JBoss Enterprise Application>

Wednesday 18th of August 2021 02:06:07 PM
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

RedHat: RHSA-2021-3125:01 Moderate: Red Hat build of Eclipse Vert.x 4.1.2>

Wednesday 18th of August 2021 12:57:03 PM
An update is now available for Red Hat build of Eclipse Vert.x. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For

CentOS: CESA-2021-3160: Important CentOS 7 thunderbird >

Wednesday 18th of August 2021 12:51:04 PM
Upstream details at : https://access.redhat.com/errata/RHSA-2021:3160

CentOS: CESA-2021-3154: Important CentOS 7 firefox >

Wednesday 18th of August 2021 12:50:15 PM
Upstream details at : https://access.redhat.com/errata/RHSA-2021:3154

CentOS: CESA-2021-3158: Important CentOS 7 exiv2 >

Wednesday 18th of August 2021 12:49:24 PM
Upstream details at : https://access.redhat.com/errata/RHSA-2021:3158

SciLinux: SLSA-2021-3154-1 Important: firefox on x86_64>

Wednesday 18th of August 2021 09:33:07 AM
This update upgrades Firefox to version 78.13.0 ESR. * Mozilla: Uninitialized memory in a canvas object could have led to memory corruption (CVE-2021-29980) * Mozilla: Incorrect instruction reordering during JIT optimization (CVE-2021-29984) * Mozilla: Race condition when resolving DNS names could have led to memory corruption (CVE-2021-29986) * Mozilla: Memory corruption as a result of in [More...]

SciLinux: SLSA-2021-3158-1 Important: exiv2 on x86_64>

Wednesday 18th of August 2021 09:32:57 AM
exiv2: Heap-based buffer overflow vulnerability in jp2image.cpp (CVE-2021-31291) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE - Scientific Linux Development Team

RedHat: RHSA-2021-3207:01 Moderate: Red Hat Integration Camel Quarkus>

Wednesday 18th of August 2021 05:55:08 AM
An update to the Red Hat Integration Camel Quarkus tech preview is now available. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact

RedHat: RHSA-2021-3205:01 Moderate: Red Hat Integration Camel-K 1.4 release>

Wednesday 18th of August 2021 05:14:07 AM
A minor version update (from 1.3 to 1.4) is now available for Red Hat Integration Camel K that includes bug fixes and enhancements. The purpose of this text-only errata is to inform you about the security issues fixed in this release.

Ubuntu 5046-1: Linux kernel vulnerabilities>

Tuesday 17th of August 2021 11:27:43 PM
Several security issues were fixed in the Linux kernel.

Ubuntu 5045-1: Linux kernel vulnerabilities>

Tuesday 17th of August 2021 11:00:17 PM
Several security issues were fixed in the Linux kernel.

Ubuntu 5044-1: Linux kernel vulnerabilities>

Tuesday 17th of August 2021 10:59:35 PM
Several security issues were fixed in the Linux kernel.

Fedora 33: kernel 2021-b22606e88b>

Tuesday 17th of August 2021 09:17:53 PM
The 5.13.10 stable kernel update contains a number of important fixes across the tree.

Fedora 33: hivex 2021-775b170f95>

Tuesday 17th of August 2021 09:17:27 PM
New upstream version 1.3.21. Fixes CVE-2021-3622 limit recursion in ri-records.

Fedora 34: c-ares 2021-0a60cbb948>

Tuesday 17th of August 2021 09:13:01 PM
Update to 1.17.2, fixes security issues including CVE-2021-3672.

Fedora 34: python-django 2021-78e501d62a>

Tuesday 17th of August 2021 09:12:29 PM
fix CVE-2021-35042 (rhbz#1978288)

Fedora 34: rust-gettext-rs 2021-79ce3cb64a>

Tuesday 17th of August 2021 09:12:21 PM
- Update newsboat to version 2.24. - Update gettext-rs crate to version 0.7.0. - Update gettext-sys crate to version 0.21.2. - Bump gettext-rs dependency in newsflash to 0.7.0. Also includes a rebuild of newsflash with crossbeam-deque 0.8.1 / 0.7.4 for CVE-2021-32810.

Fedora 34: rust-gettext-sys 2021-79ce3cb64a>

Tuesday 17th of August 2021 09:12:21 PM
- Update newsboat to version 2.24. - Update gettext-rs crate to version 0.7.0. - Update gettext-sys crate to version 0.21.2. - Bump gettext-rs dependency in newsflash to 0.7.0. Also includes a rebuild of newsflash with crossbeam-deque 0.8.1 / 0.7.4 for CVE-2021-32810.

More in Tux Machines

Infrastructure living the ideals of software freedom

Can organisations with limited resources be digitally sovereign and still provide modern services? It is not trivial, but the FSFE proves it's possible. Take a deep dive with us into our infrastructure to learn how we run all the different services within the FSFE and cope with numerous challenges. A story non only for techies. Charity, non-profit organisations run into limits every day: personnel, budget, time, and the pressing question how to use donations most efficiently. When it comes to technical infrastructure, many organisations unfortunately decide to outsource and use proprietary, non-free services. By this, they give up software freedom and thereby digital sovereignty and independence. Since its founding more than 20 years ago, the FSFE has been pursuing the opposite way. Right from the start, we have relied on Free Software although it sometimes meant not being able to use and offer trendy services. Also, given the limited resources, we constantly have to choose between useful features and maintainability. Read more

Ubuntu Frame - A picture is worth a thousand snaps

The development of graphical applications intended for use on IoT devices isn’t trivial. The complexity goes beyond the usual challenges that exist in the classic desktop and server domains. One, the IoT world is much less mature. Two, developers need to take into consideration various edge cases that do not apply to hands-on devices like laptops, for instance. Kiosks, industrial displays and digital signage devices require additional focus and rigor. Ubuntu Frame is a solution designed to simplify and streamline the build and development of products that need graphical output. On a technical level, it is a fullscreen shell, based on Wayland, intended for interactive usage applications. On a product level, Ubuntu Frame bundles communication protocols, input protocols and security policies into a single kit, which can then be used in IoT devices. You can test it today. Read more

LoRa HAT starts at $31

SB Components is crowdfunding a $31-and-up “LoRa HAT for Raspberry Pi” with a 5-Km range at 868MHz or 433MHz. There is also a $47 “LoRa Expansion for Pico” board with a pre-soldered RPi Pico. Raspberry Pi milliner SB Components, which is behind such RPi HATs as the PiFinger fingerprint sensor HAT, has won Kickstarter funding for a simple, low-cost LoRa communications HAT. The LoRa HAT for Raspberry Pi is still available in a super early bird special for 23 UK Pounds ($31), as well as an identical 30-Pound ($40) package discounted from the eventual 40-Pound retail price. Read more

Preparing for PipeWire

In the coming year, PipeWire will replace PulseAudio resulting in better audio on Linux. If you can't wait, here's what you need to know to get started with PipeWire. Unless you use a version of Fedora released in 2021, you may not have heard of PipeWire. However, by this time next year, PipeWire will likely be installed on your computer. Already, many distributions are starting to carry PipeWire (marked as experimental) in their repositories. Still unfinished with its installation varied depending on distribution, PipeWire is about to replace PulseAudio as Linux’s main audio server. If you are unwilling to wait until PipeWire becomes a standard part of a Linux installation, here is what you should know. PipeWire was created by Wim Taymans of Red Hat in 2015. Based on an earlier project called PulseVideo, PipeWire was originally intended as a server for capture and playback of audio and video. The video side of the project is still in development, but the audio side is mature enough that in the spring of 2021 Fedora 34 become the first Linux distribution to install it by default. In Fedora 34, PipeWire is used to manage PulseAudio, JACK, ALSA, and GStreamer-based applications. Read more