Language Selection

English French German Italian Portuguese Spanish

LinuxSecurity.com Advisories

Syndicate content LinuxSecurity - Security Advisories
The central voice for Linux and Open Source security news.
Updated: 3 hours 16 min ago

Fedora 34: kernel 2021-fe826f202e>

Wednesday 7th of July 2021 08:58:19 PM
The 5.12.14 stable kernel update contains a number of important fixes across the tree.

Fedora 34: php 2021-d867b595d1>

Wednesday 7th of July 2021 08:58:15 PM
**PHP version 7.4.21** (01 Jul 2021) **Core:** * Fixed bug php#81068 (Double free in realpath_cache_clean()). (Dimitry Andric) * Fixed bug php#76359 (open_basedir bypass through adding ".."). (cmb) * Fixed bug php#81090 (Typed property performance degradation with .= operator). (Nikita) * Fixed bug php#81070 (Integer underflow in memory limit comparison). (Peter van Dommelen) *

Ubuntu 5008-2: Avahi vulnerability>

Wednesday 7th of July 2021 03:35:21 PM
Avahi could be made to denial of service if it received a specially crafted input.

Ubuntu 5008-1: Avahi vulnerabilities>

Wednesday 7th of July 2021 03:03:00 PM
Several security issues were fixed in Avahi.

CentOS: CESA-2021-2658: Important CentOS 7 linuxptp >

Wednesday 7th of July 2021 02:17:20 PM
Upstream details at : https://access.redhat.com/errata/RHSA-2021:2658

RedHat: RHSA-2021-2666:01 Important: kernel security and bug fix update>

Wednesday 7th of July 2021 10:56:51 AM
An update for kernel is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

RedHat: RHSA-2021-2668:01 Important: kpatch-patch security update>

Wednesday 7th of July 2021 10:56:23 AM
An update is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

SciLinux: SLSA-2021-2658-1 Important: linuxptp on SL7.x x86_64>

Wednesday 7th of July 2021 10:26:41 AM
linuxptp: missing length check of forwarded messages (CVE-2021-3570) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 - linuxptp-2.0-2.el7_9.1.x86_64.rpm - linuxptp-debuginfo-2.0-2.el7_9.1.x86_64.rpm - Scientific Linux Development Team

Ubuntu 5006-1: PHP vulnerabilities>

Wednesday 7th of July 2021 09:31:43 AM
Several security issues were fixed in PHP.

Ubuntu 5007-1: libuv vulnerability>

Wednesday 7th of July 2021 09:27:28 AM
libuv could be made to crash or expose sensitive information if it received a specially crafted input.

Gentoo: GLSA-202107-10: TCG TPM2 Software Stack: Information disclosure>

Wednesday 7th of July 2021 05:05:20 AM
A bug in TCG TPM2 Software Stack may result in information disclosure to a local attacker.

Gentoo: GLSA-202107-13: GLib: Multiple vulnerabilities>

Wednesday 7th of July 2021 05:04:06 AM
Multiple vulnerabilities have been found in GLib, the worst of which could result in the arbitrary execution of code.

Gentoo: GLSA-202107-12: Schism Tracker: Multiple vulnerabilities>

Wednesday 7th of July 2021 05:03:38 AM
Multiple vulnerabilities have been found in Schism Tracker, the worst of which could result in denial of service.

Gentoo: GLSA-202107-11: OpenDoas: Insufficient environment filtering>

Wednesday 7th of July 2021 05:02:03 AM
A vulnerability in OpenDoas could lead to privilege escalation.

Gentoo: GLSA-202107-09: Mozilla Firefox: Multiple vulnerabilities>

Wednesday 7th of July 2021 04:54:53 AM
Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which could result in the arbitrary execution of code.

RedHat: RHSA-2021-2465:01 Moderate: Red Hat build of Eclipse Vert.x 4.1.0>

Wednesday 7th of July 2021 02:30:43 AM
An update is now available for Red Hat build of Eclipse Vert.x. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For

RedHat: RHSA-2021-2663:01 Important: Ansible security and bug fix update>

Wednesday 7th of July 2021 12:47:49 AM
An update for ansible is now available for Ansible Engine 2.9 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

RedHat: RHSA-2021-2664:01 Important: Ansible security and bug fix update>

Wednesday 7th of July 2021 12:47:22 AM
An update for ansible is now available for Ansible Engine 2 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

Mageia 2021-0314: httpcomponents-client security update>

Tuesday 6th of July 2021 09:13:33 PM
Priyank Nigam discovered that HttpComponents Client could misinterpret malformed authority component in a request URI and pick the wrong target host for request execution (CVE-2020-13956). References:

Fedora 33: glibc 2021-f29b4643c7>

Tuesday 6th of July 2021 09:04:22 PM
This `glibc` update re-enables `valgrind` suppression support for string functions. It addresses `valgrind` false positives on the aarch64 architecture in particular. ---- This glibc update fixes a use-after-free in the `mq_notify` function (CVE-2021-33574).

More in Tux Machines

Videos and Shows: MX Linux 21 and More

today's howtos

  • How to Install and Configure Postgres 14 on Fedora 34

    Postgresql is an open source object-relational database system with over 30 years of active development that has earned it a strong reputation for reliability, feature robustness, and performance. Postgres, is a free and open-source relational database management system emphasizing extensibility and SQL compliance. It was originally named POSTGRES, referring to its origins as a successor to the Ingres database developed at the University of California, Berkeley. PostgreSQL is used as the primary data store or data warehouse for many web, mobile, geospatial, and analytics applications. PostgreSQL can store structured and unstructured data in a single product.

  • Master-Slave replication with MariaDB

    This is how I configured Master-Slave replication with MariaDB. Since MariaDB is fork of MySQL, you should follow the same steps.

  • WAZUH Agent Installation - Unixcop

    The Wazuh agent is multi-platform and runs on the hosts that the user wants to monitor. It communicates with the Wazuh manager, sending data in near real time through an encrypted and authenticated channel. The agent developed considering the need to monitor a wide variety of different endpoints without impacting their performance. Therefore, it is supported on the most popular operating systems and only requires about 0.1 GB of RAM

  • Penetration Testing Tools for Beginners - blackMORE Ops

    Karkinos is a light-weight Beginner Friendly Penetration Testing Tool, which is basically a ‘Swiss Army Knife’ for pen-testing and/or hacking CTF’s.

  • Should you use Docker on your VPS server? - The Jerusalem Post

    Unlike other popular tools that can trace their roots back to the nineties or even earlier, Docker didn't exist until 2013. Yet, in a very short period of time, it has managed to become something of a household name (assuming the household consists primarily of IT specialists). But what is Docker exactly? How did it manage to become so popular so quickly? And how can you deploy it on your VPS? Let's find out.

  • Hacking tools: Set up the hacking stick with Kali Linux - Market Research Telecast

    Kali Linux is a useful helper in many situations: It contains a number of hacking tools that you can try out immediately. The often cumbersome setup of the programs is no longer necessary. This not only allows you to detect security problems, the tools supplied are also suitable for saving data and much more. With little effort you can create a bootable USB stick with which you can see for yourself.

  • Sending logs to Humio using the elasticsearch-http() destination of syslog-ng - Blog - syslog-ng Community - syslog-ng Community

    One of the most popular syslog-ng destinations is Elasticsearch. Humio, a log management provider, supports a broad range of ingest options and interfaces, including an Elasticsearch-compatible API. Last week, Humio announced Humio Community Edition, which provides the full Humio experience for free, with some limitations on daily ingestion and retention time. I tested the Community Edition, and it works perfectly well with syslog-ng. If you come from the Humio side, you might wonder what syslog-ng is. It is an application for high performance central log collection. Traditionally, syslog messages were collected centrally and saved to text files. Nowadays, syslog-ng acts more like a log management layer: collects log messages from hosts, saves them for long term storage, but also forwards them to multiple destinations, like SIEMs and other log analysis solutions. This way, it is enough to collect log messages only once, and syslog-ng delivers the right log messages to the right destinations in the right format, after some initial processing. Humio is available as a cloud service or self-hosted, where you can send all your logs for storage and analysis. It has an easy-to-use interface to query log messages which can be extended with further analytics possibilities from the Humio marketplace. From this blog, you can learn how to get started with Humio and syslog-ng. While Humio provides many other APIs for log ingestion, I focus on the elasticsearch-http() destination of syslog-ng, demonstrating that there is no vendor lock-in: the same driver works equally well for Elastic’s Elasticsearch, AWS’s OpenSearch and for Humio.

  • Mastering Linux Administration - Book Review

    People frequently inquire about the best ways to learn Linux. I’ve already done extensive research on the subject and written three articles on how to learn Linux online. Candidates that are serious about learning Linux can get started immediately by joining online communities or purchasing video courses. Books, on the other hand, have always been the best source of in-depth knowledge on any topic, including learning Linux. In this article, I’ll be discussing Mastering Linux Administration, a book that will undoubtedly help you get closer to your objective of learning Linux. Alexandru Calcatinge and Julian Balog wrote the book; both have over ten years of experience in programming or Linux system administration.

  • Deploy Quarkus applications to Kubernetes using a Helm chart | Opensource.com

    Serverless functions are driving the fast adoption of DevOps development and deployment practices today. Knative on Kubernetes is one of the most popular serverless platforms to adopt serverless function architectures successfully. But developers must understand how serverless capabilities are specified using a combination of Kubernetes APIs, Knative resources, and function-oriented programming. DevOps teams also need to standardize runtime stacks (that is, application runtime, builder image, deployment configuration, and health check) to execute the functions on Kubernetes. What if you, a developer, could set this up with familiar technology and practice? This article guides you on the way developers can get started with serverless function deployment with the Quarkus Helm chart on Kubernetes. Furthermore, developers can avoid the extra work of developing a function from scratch, optimizing the application, and deploying it to Kubernetes. If you haven't experienced using Helm for cloud-native application deployments on Kubernetes, I will tell you what Helm is and what benefits you have with it. Helm is one of the most popular package managers for Kubernetes. Helm provides a chart that simplifies Kubernetes resources within a single package file for an application build and deployment. Developers can install the chart to Kubernetes using the Helm command-line interface or graphical dashboard.

  • How to Customize the Linux Terminal Splash Screen

    The terminal is like a virtual second home for many Linux users since they spend most of their working time typing commands in it. It's important to personalize the terminal to your heart's desire if you don't want to bore yourself with the dull, black command-line screen. Linux offers you the choice to customize any facet of the terminal—its appearance, behaviour, color schemes, font, and splash screen. In this article, we'll take a look at how you can customize your Linux terminal's splash screen to jazz up your command-line sessions.

  • How to Install & Configure Postgres 14 on OpenSUSE Leap 15.3

    Postgresql is an open source object-relational database system with over 30 years of active development that has earned it a strong reputation for reliability, feature robustness, and performance. Postgres, is a free and open-source relational database management system emphasizing extensibility and SQL compliance. It was originally named POSTGRES, referring to its origins as a successor to the Ingres database developed at the University of California, Berkeley. PostgreSQL is used as the primary data store or data warehouse for many web, mobile, geospatial, and analytics applications. PostgreSQL can store structured and unstructured data in a single product.

  • How to run Redis 6 with Docker and Docker-Compose

    In this guide we are going to explore how to run Redis 6 locally with docker and docker compose. This can be helpful if you want to run Redis locally without installing it in your server or if you want to run multiple versions of Redis seamlessly.

  • Install OpenVPN Server on Debian 11/Debian 10 - kifarunix.com

    In this guide, we are going to learn how to install OpenVPN Server on Debian 11/Debian 10.

  • Some quick framework laptop power saving tips – Kevin's musings

    Some of these may apply to all laptops and some may be frame.work specific, but I thought I would throw them out there to help folks out.

  • How To Install Nginx with Let’s Encrypt SSL on Ubuntu 20.04 LTS - idroot

    In this tutorial, we will show you how to install Nginx with Let’s Encrypt SSL on Ubuntu 20.04 LTS. For those of you who didn’t know, Let’s Encrypt is a Certificate Authority (CA) that provides an easy way to obtain and install free TLS/SSL certificates, thereby enabling encrypted HTTPS on web servers. This guide will tell you about installing the Nginx web server, installing the Certbot, generating an SSL certificate with Certbot, and creating additional SSL configuration to get the A+ from the SSL test SSL Labs. This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the Nginx with free SSL on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.

  • How to install SpeedCrunch on Linux

    Are you in need of a scientific calculator for your Linux PC? Can’t find anything good to use? Check out SpeedCrunch! It’s a high-precision, scientific calculator that sports tons of features and a speedy keyboard-driven interface. Here’s how to set it up on your system.

  • How to install OBS Studio on Elementary OS 6.0 - Invidious

    In this video, we are looking at how to install OBS Studio on Elementary OS 6.0. Enjoy!

  • How to Enable Nautilus Typeahead Search in Ubuntu - OMG! Ubuntu!

    In this post I show you how to get the Nautilus typeahead feature back on all supported versions of Ubuntu. Nautilus’ type ahead functionality was retired way back in 2013. Ubuntu devs continued to patch the feature back in until 2017 when they switched to a more ‘vanilla’ GNOME desktop experience. So chances are you’ve adapted to life with out it. Thankfully in the world of open source: if you have an itch, you can scratch it — and fans of Nautilus typeahead search have done just that.

  • How to install the Skeuos GTK theme on Linux

    Skeuos is a GTK3/4 theme for Gnome Shell, as well as other GTK-based desktop environments on Linux. It comes in several different color variants and sports a clean, slick design that is sure to spice up your Linux setup. Here’s how to install the Skeuos GTK theme on your system.

6 Reasons Why Experienced Linux Users Would Love elementary OS

elementary OS has a reputation for being great for newcomers to Linux, but in a way, that's selling the operating system short. There are ample reasons for experienced, committed Linux users to check out elementary OS as well. It is one of the most exciting free desktops around, and here are just a few reasons why it's worth a look. 1. A Consistent and Attractive Design Traditional desktop Linux attempts to build a functional desktop out of various components that all come from different developers and projects. Most options have come a long way since the early days, but even on the most popular Linux desktops, you can still find a wide variance in how apps look and function. On elementary OS, there's a way app icons are supposed to look, a way to design app windows, and a proper way to use color. The project has a very detailed set of Human Interface Guidelines to guide developers and app designers. Read more

Raspberry Pi CM4 powered industrial mini-PC is loaded with options

CompuLab’s $201-and-up “IOT-GATE-RPi” gateway features the RPi CM4 plus GbE, 10/100, DVI-D, 3x USB 2.0, 40-pin, and optional 4G, WiFi/BT, COM, CAN, DIO, USB 3.0, NVMe, and PoE. In 2017, CompuLab announced a compact IOT-GATE-RPi gateway equipped with a Raspberry Pi Compute Module 3. The company has now followed up with a slightly larger gateway with the same name that advances to the Raspberry Pi Compute Module 4 (RPi CM4). The new IOT-GATE-RPi starts at $201, with volume discounts ranging down to $134 in 1K quantities. Read more