Language Selection

English French German Italian Portuguese Spanish

LinuxSecurity.com Advisories

Syndicate content LinuxSecurity - Security Advisories
The central voice for Linux and Open Source security news.
Updated: 1 hour 20 min ago

RedHat: RHSA-2020-3184:01 Moderate: OpenShift Container Platform 4.3.31>

Wednesday 5th of August 2020 06:28:22 AM
An update for openshift-enterprise-hyperkube-container is now available for Red Hat OpenShift Container Platform 4.3. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

RedHat: RHSA-2020-3183:01 Moderate: OpenShift Container Platform 4.3.31>

Wednesday 5th of August 2020 06:15:22 AM
An update for openshift is now available for Red Hat OpenShift Container Platform 4.3. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

Fedora 32: mingw-curl 2020-ad05132742>

Tuesday 4th of August 2020 09:20:49 PM
Major update includes security fixes.

SUSE: 2020:2122-1 important: the Linux Kernel>

Tuesday 4th of August 2020 08:23:40 PM
An update that solves 13 vulnerabilities and has 70 fixes is now available.

SUSE: 2020:2122-1 important: the Linux Kernel>

Tuesday 4th of August 2020 08:13:18 PM
An update that solves 13 vulnerabilities and has 70 fixes is now available.

SUSE: 2020:2118-1 important: MozillaFirefox>

Tuesday 4th of August 2020 05:42:26 PM
An update that fixes 10 vulnerabilities is now available.

SUSE: 2020:2117-1 important: libX11>

Tuesday 4th of August 2020 05:41:41 PM
An update that fixes one vulnerability is now available.

Ubuntu 4432-2: GRUB2 regression>

Tuesday 4th of August 2020 05:40:29 PM
USN-4432-1 introduced a regression in the GRUB2 bootloader.

SUSE: 2020:14444-1 important: xen>

Tuesday 4th of August 2020 05:39:14 PM
An update that fixes 16 vulnerabilities is now available.

SUSE: 2020:2116-1 important: libX11>

Tuesday 4th of August 2020 02:14:34 PM
An update that fixes one vulnerability is now available.

openSUSE: 2020:1146-1: important: ghostscript>

Tuesday 4th of August 2020 02:13:46 PM
An update that fixes one vulnerability is now available.

Ubuntu 4447-1: libssh vulnerability>

Tuesday 4th of August 2020 12:21:37 PM
libssh could be made to crash if it received a specially crafted request.

SciLinux: SLSA-2020-3284-1 Important: postgresql-jdbc on SL6.x (noarch)>

Tuesday 4th of August 2020 11:04:58 AM
postgresql-jdbc: XML external entity (XXE) vulnerability in PgSQLXML (CVE-2020-13692) SL6 noarch postgresql-jdbc-8.4.704-4.el6_10.noarch.rpm - Scientific Linux Development Team

RedHat: RHSA-2020-3247:01 Important: RHV Manager (ovirt-engine) 4.4>

Tuesday 4th of August 2020 09:29:24 AM
Updated ovirt-engine packages that fix several bugs and add various enhancements are now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

SciLinux: SLSA-2020-3285-1 Important: postgresql-jdbc on SL7.x (noarch)>

Tuesday 4th of August 2020 08:58:16 AM
postgresql-jdbc: XML external entity (XXE) vulnerability in PgSQLXML (CVE-2020-13692) SL7 noarch postgresql-jdbc-9.2.1002-8.el7_8.noarch.rpm postgresql-jdbc-javadoc-9.2.1002-8.el7_8.noarch.rpm - Scientific Linux Development Team

RedHat: RHSA-2020-3308:01 Important: Red Hat JBoss Web Server 5.3.2>

Tuesday 4th of August 2020 07:41:27 AM
Updated Red Hat JBoss Web Server 5.3.2 packages are now available for Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8 and Windows. Red Hat Product Security has rated this release as having a security impact

RedHat: RHSA-2020-3306:01 Important: Red Hat JBoss Web Server 5.3.2>

Tuesday 4th of August 2020 07:32:21 AM
Updated Red Hat JBoss Web Server 5.3.2 packages are now available for Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 7, and Red Hat Enterprise Linux 8. Red Hat Product Security has rated this release as having a security impact

RedHat: RHSA-2020-3305:01 Important: Red Hat JBoss Web Server 3.1 Service>

Tuesday 4th of August 2020 07:18:21 AM
An update is now available for Red Hat JBoss Web Server 3.1, for RHEL 6, RHEL 7 and Windows. Red Hat Product Security has rated this release as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

RedHat: RHSA-2020-3303:01 Important: Red Hat JBoss Web Server 3.1 Service>

Tuesday 4th of August 2020 07:16:23 AM
An update is now available for Red Hat JBoss Web Server 3.1 for RHEL 6 and RHEL 7. Red Hat Product Security has rated this release as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

Debian LTS: DLA-2312-1: libx11 security update>

Tuesday 4th of August 2020 05:50:35 AM
Todd Carson discovered some integer overflows in libX11, which could lead to heap corruption when processing crafted messages from an input method.

More in Tux Machines

Debian Janitor: 8,200 landed changes landed so far

The Debian Janitor is an automated system that commits fixes for (minor) issues in Debian packages that can be fixed by software. It gradually started proposing merges in early December. The first set of changes sent out ran lintian-brush on sid packages maintained in Git. This post is part of a series about the progress of the Janitor. The bot has been submitting merge requests for about seven months now. The rollout has happened gradually across the Debian archive, and the bot is now enabled for all packages maintained on Salsa , GitLab , GitHub and Launchpad. Read more

Optimised authentication methods for Ubuntu Desktop

Still counting on passwords to protect your workstation? When set up properly, alternatives to passwords provide a streamlined user experience while significantly improving security. These alternative authentication methods can also easily be combined to create a custom and adaptive authentication profile. This whitepaper introduces three popular authentication methods that provide a solid alternative to passwords. Perhaps you’d like to configure your laptop for login using a YubiKey hardware token connected to a dock. Another option could be to login with a Duo push notification when not connected to the dock, but use a Google Authenticator one-time password when no network is available. Maybe you need a separate hardware token just for ssh authentication, and you always need to keep a long, complex password for emergency authentication should all other methods fail. All of these scenarios can be easily configured within Ubuntu. Read more

Open Hardware: Arduino, RISC-V and 96Boards

  • Arduino-controlled robot arm is ready to play you in a game of chess

    If you’re tired of playing chess on a screen, then perhaps you could create a robotic opponent like Instructables user Michalsky. The augmented board runs micro-Max source code, enabling chess logic to be executed on an Arduino Mega with room for control functions for a 6DOF robotic arm. The setup uses magnetic pieces, allowing it to pick up human moves via an array of 64 reed switches underneath, along with a couple shift registers. The Mega powers the robot arm accordingly, lifting the appropriate piece and placing it on the correct square.

  • New RISC-V CTO On Open Source Chip Architecture’s Global Data Center Momentum

    With more big international players on board, the foundation's new head of technology sees signs of "state of the art moving forward."

  • Snapdragon 410 based 96Boards CE SBC gets an upgrade

    Geniatech has launched a Linux-ready, $109 “Developer Board 4 V3” compliant with 96Boards CE that offers a Snapdragon 410E, GbE, 3x USB, 802.11ac, GPS, and-25 to 70°C support. Geniatech has released a V3 edition of its 96Boards CE form-factor Developer Board 4 SBC, the third update of the Development Board IV we covered back in 2016. Starting at $109, the Developer Board 4 V3 still runs Linux, Android, and Windows 10 IoT Core on Qualcomm’s 1.2GHz, quad -A53 Snapdragon 410m, although it has been upgraded to the 10-year availability Snapdragon 410E. Geniatech also sells a line of Rockchip based SBCs, among other embedded products.

Audiocasts/Shows: Linux in the Ham Shack and Linux Headlines

  • LHS Episode #360: Zapped

    Welcome to the 360th episode of Linux in the Ham Shack. In this short-topic show, the hosts discuss 1.2GHz distance records, a hybrid antenna for geosynchronous satellite operation, data mode identification for your smart phone, being pwned, Ubuntu 20.04.1, LibreOffice, HamClock and much more. Thanks for listening and hope you have a great week.

  • LHS Episode #361: The Weekender LIV

    It's time once again for The Weekender. This is our bi-weekly departure into the world of amateur radio contests, open source conventions, special events, listener challenges, hedonism and just plain fun. Thanks for listening and, if you happen to get a chance, feel free to call us or e-mail and send us some feedback. Tell us how we're doing. We'd love to hear from you.

  • 2020-08-14 | Linux Headlines

    Google could be extending its Firefox search royalty deal, PyPy leaves the Software Freedom Conservancy, Ubuntu puts out a call for testing, Linspire removes snapd support, Microsoft showcases its open source contributions, and Facebook joins The Linux Foundation.