Language Selection

English French German Italian Portuguese Spanish

LinuxSecurity.com Advisories

Syndicate content LinuxSecurity - Security Advisories
The central voice for Linux and Open Source security news.
Updated: 27 min 34 sec ago

openSUSE: 2021:1350-1 important: chromium>

Tuesday 12th of October 2021 11:58:47 AM
An update that fixes 25 vulnerabilities is now available.

RedHat: RHSA-2021-3810:01 Moderate: libxml2 security update>

Tuesday 12th of October 2021 11:32:47 AM
An update for libxml2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

RedHat: RHSA-2021-3798:01 Moderate: openssl security update>

Tuesday 12th of October 2021 11:32:33 AM
An update for openssl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

RedHat: RHSA-2021-3801:01 Important: kernel security and bug fix update>

Tuesday 12th of October 2021 11:32:28 AM
An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

RedHat: RHSA-2021-3807:01 Low: 389-ds-base security and bug fix update>

Tuesday 12th of October 2021 11:32:21 AM
An update for 389-ds-base is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

RedHat: RHSA-2021-3811:01 Moderate: rh-mysql80-mysql security, bug fix,>

Tuesday 12th of October 2021 10:13:16 AM
An update for rh-mysql80-mysql is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

Debian LTS: DLA-2783-1: hiredis security update>

Tuesday 12th of October 2021 07:23:31 AM
It was discovered that there was an integer-overflow vulnerability in hiredis, a C client library for communicating with Redis databases. This occurred within the handling and parsing of 'multi-bulk' replies.

RedHat: RHSA-2021-3771:01 Important: grafana security update>

Tuesday 12th of October 2021 06:56:04 AM
An update for grafana is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

RedHat: RHSA-2021-3770:01 Important: grafana security update>

Tuesday 12th of October 2021 06:48:17 AM
An update for grafana is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

RedHat: RHSA-2021-3769:01 Important: grafana security update>

Tuesday 12th of October 2021 06:45:31 AM
An update for grafana is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

RedHat: RHSA-2021-3768:01 Important: kpatch-patch security update>

Tuesday 12th of October 2021 05:36:10 AM
An update for kpatch-patch is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

SUSE: 2021:391-1 suse/sles12sp5 Security Update>

Tuesday 12th of October 2021 05:16:15 AM
The container suse/sles12sp5 was updated. The following patches have been included in this update:

SUSE: 2021:390-1 suse/sles12sp4 Security Update>

Tuesday 12th of October 2021 05:03:36 AM
The container suse/sles12sp4 was updated. The following patches have been included in this update:

RedHat: RHSA-2021-3767:02 Important: kernel security update>

Tuesday 12th of October 2021 04:59:10 AM
An update for kernel is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

Mageia 2021-0471: libreoffice security update>

Tuesday 12th of October 2021 04:57:18 AM
LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an

RedHat: RHSA-2021-3766:01 Important: kernel security update>

Tuesday 12th of October 2021 03:45:16 AM
An update for kernel is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

Fedora 33: kernel 2021-9dd76a1ed0>

Monday 11th of October 2021 05:36:34 PM
The 5.14.10 stable kernel update contains a number of important fixes across the tree

openSUSE: 2021:1345-1: git>

Monday 11th of October 2021 05:35:59 PM
An update that fixes one vulnerability is now available.

Fedora 34: kernel 2021-ffda3d6fa1>

Monday 11th of October 2021 05:33:46 PM
The 5.14.10 stable kernel update contains a number of important fixes across the tree

openSUSE: 2021:1341-1 important: mupdf>

Monday 11th of October 2021 05:33:27 PM
An update that fixes two vulnerabilities is now available.

More in Tux Machines

Mabox Linux 21.11 Herbolth released

After almost half year of development, the next major Mabox Linux 21.11 release codename Herbolth is ready for download. Read more

today's howtos

  • Hashing out the hash command on Linux | Network World

    When you type “hash” on a Linux system, you could get one of two very different responses depending on the shell you are using. If you are using bash or a related shell such as ksh, you should see a list of the commands that you have used since your terminal session began, sometimes with a count of how many times each command was used. This can be more useful than using the history command if you just want to see your very recent command activity, but the hash command is not a single executable. Instead, it relies on your shell.

  • Learn About Blender and Maybe Get a Free Book – What’s Not to Like?

    The event is Blender 101, an online event from the All Things Open folks, which will feature Jason van Gumster, author of Blender for Dummies, which is popular enough to now be in its fourth edition. Better yet, some copies of the book will be given away “to randomly chosen attendees.”

  • Why must you use ./ to run your Ubuntu scripts? The meaning of Linux's dot slash explained. - Coffee Talk: Java, News, Stories and Opinions

    When you run your own executable command or shell script on Linux, you must prepend ./ to the Unix command. But why? Why must you use a dot slash to run commands in Unix? You don’t have to do that in Windows with a batch file.

  • What Is Doas and How to Install It

    Doas is a privilege escalation program similar to sudo. It is designed to be as lightweight and simple as possible. It is the default privilege escalation program for OpenBSD but also available for other UNIX-like operating systems through the OpenDoas program.

  • Shell Aliases Every Linux User Needs - Invidious

    One of the most common questions I get from new-to-Linux users is, "How can I become a power user?" Well, learning the terminal and the terminal commands is the best thing you can do. And big part of becoming more proficient at the command line is creating your own Bash aliases. So today, I'm taking a fresh install of Ubuntu and adding aliases to it's bashrc. These are aliases that I think most, if not all, Ubuntu users would find helpful.

Season of KDE and Creating a Rust/QML Project

  • Season of KDE Kicks Off
  • Season of KDE 2022

    I am Ayush Singh, a second-year student of the Indian Institute of Technology, Dhanbad, India. My application has been accepted in the Season of KDE 2022. I will be working on writing a Rust wrapper for KConfig KDE Framework. This post describes my journey with KDE and why I submitted this Project for the Season of KDE.

  • Creating Rust/QML Project

    For the last few months, I have been pushing Rust/QT development along. I am the author of ki18n crate and am currently in the middle of creating kconfig crate as a part of Season of KDE 2022. In this post, I will walk you through creating a new Rust/QML project using cargo-generate templates. I made these templates to encourage more people to test out Qt development with Rust.

Security Leftovers

  • Security updates for Wednesday

    Security updates have been issued by CentOS (httpd), Debian (libxfont, lrzsz, nss, openjdk-17, policykit-1, webkit2gtk, and wpewebkit), Mageia (polkit), openSUSE (expat, json-c, kernel, polkit, qemu, rust1.55, rust1.57, thunderbird, unbound, and webkit2gtk3), Oracle (httpd:2.4, java-11-openjdk, and polkit), Red Hat (httpd:2.4, OpenShift Container Platform 3.11.570, polkit, and Red Hat OpenStack Platform 16.1 (etcd)), Scientific Linux (polkit), Slackware (polkit), SUSE (aide, expat, firefox, json-c, kernel, polkit, qemu, rust, rust1.55, rust1.57, thunderbird, unbound, and webkit2gtk3), and Ubuntu (policykit-1 and xorg-server).

  • Qualys Research Team Warns of Significant polkit Vulnerability Affecting All Linux Users [Ed: This headline is false. It affects systemd users. And systemd isn't Linux, it's IBM vendor lock-in which isn't even compliant with UNIX philosophy.]
  • New DeadBolt ransomware targets QNAP devices, asks 50 BTC for master key [Ed: Why would anyone even connect a storage device to the open Internet in the fist place? "Smart" hype?]

    A new DeadBolt ransomware group is encrypting QNAP NAS devices worldwide using what they claim is a zero-day vulnerability in the device's software.

  • New DeadBolt Ransomware Targets NAT Devices