Language Selection

English French German Italian Portuguese Spanish

LinuxSecurity.com Advisories

Syndicate content LinuxSecurity - Security Advisories
The central voice for Linux and Open Source security news.
Updated: 1 hour 38 min ago

Fedora 33: busybox 2021-5a95823596>

Wednesday 24th of November 2021 08:05:24 PM
Update to 1.34.1. Resolves CVE-2021-42373 CVE-2021-42374 CVE-2021-42375 CVE-2021-42376 CVE-2021-42377 CVE-2021-42378 CVE-2021-42379 CVE-2021-42380 CVE-2021-42381 CVE-2021-42382 CVE-2021-42383 CVE-2021-42384 CVE-2021-42385 CVE-2021-42386 (Fedora 35+ already have 1.34.1)

Fedora 33: getdata 2021-3b8bb26909>

Wednesday 24th of November 2021 08:05:23 PM
0.11.0, fix use after free, CVE-2021-20204

Fedora 33: php 2021-c8043fa05f>

Wednesday 24th of November 2021 08:05:22 PM
**PHP version 7.4.26** (18 Nov 2021) **Core:** * Fixed bug php#81518 (Header injection via default_mimetype / default_charset). (cmb) **Date:** * Fixed bug php#81500 (Interval serialization regression since 7.3.14 / 7.4.2). (cmb) **MBString:** * Fixed bug php#76167 (mbstring may use pointer from some previous request). (cmb, cataphract) **MySQLi:** * Fixed bug php#81494

Fedora 35: getdata 2021-e2b64c614b>

Wednesday 24th of November 2021 08:04:59 PM
0.11.0, fix use after free, CVE-2021-20204

Fedora 34: busybox 2021-c52c0fe490>

Wednesday 24th of November 2021 07:59:07 PM
Update to 1.34.1. Resolves CVE-2021-42373 CVE-2021-42374 CVE-2021-42375 CVE-2021-42376 CVE-2021-42377 CVE-2021-42378 CVE-2021-42379 CVE-2021-42380 CVE-2021-42381 CVE-2021-42382 CVE-2021-42383 CVE-2021-42384 CVE-2021-42385 CVE-2021-42386 (Fedora 35+ already have 1.34.1)

Fedora 34: getdata 2021-197545a753>

Wednesday 24th of November 2021 07:59:06 PM
0.11.0, fix use after free, CVE-2021-20204

openSUSE: 2021:1501-1 important: the Linux Kernel>

Wednesday 24th of November 2021 04:26:34 PM
An update that solves 6 vulnerabilities, contains one feature and has 22 fixes is now available.

openSUSE: 2021:1502-1 important: bind>

Wednesday 24th of November 2021 04:25:15 PM
An update that fixes one vulnerability is now available.

openSUSE: 2021:1500-1 important: java-1_8_0-openjdk>

Wednesday 24th of November 2021 04:19:27 PM
An update that fixes 11 vulnerabilities is now available.

RedHat: RHSA-2021-4837:02 Important: mailman:2.1 security update>

Wednesday 24th of November 2021 09:41:32 AM
An update for the mailman:2.1 module is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

RedHat: RHSA-2021-4838:02 Important: mailman:2.1 security update>

Wednesday 24th of November 2021 09:41:27 AM
An update for the mailman:2.1 module is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

RedHat: RHSA-2021-4839:02 Important: mailman:2.1 security update>

Wednesday 24th of November 2021 09:41:23 AM
An update for the mailman:2.1 module is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

SciLinux: SLSA-2021-4782-1 Moderate: openssh on SL7.x x86_64>

Wednesday 24th of November 2021 09:31:54 AM
openssh: privilege escalation when AuthorizedKeysCommand or AuthorizedPrincipalsCommand are configured (CVE-2021-41617) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE SL7 x86_64 openssh-7.4p1-22.el7_9.x86_64.rpm openssh-askpass-7.4p1-22.el7_9.x86_64.rpm openssh-clients-7.4p1-22.e [More...]

SciLinux: SLSA-2021-4788-1 Moderate: krb5 on SL7.x x86_64>

Wednesday 24th of November 2021 09:30:17 AM
krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that lacks server field (CVE-2021-37750) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE SL7 x86_64 krb5-debuginfo-1.15.1-51.el7_9.i686.rpm krb5-debuginfo-1.15.1-51.el7_9.x86_64.rpm krb5- [More...]

SciLinux: SLSA-2021-4777-1 Important: kernel on SL7.x x86_64>

Wednesday 24th of November 2021 09:29:59 AM
kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after- free (CVE-2020-36385) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * scsi: ibmvfc: Avoid link down on FS9100 canister reboot * crash in qla2x00_status_entry() because of corrupt srb * qedf driver: race c [More...]

RedHat: RHSA-2021-4826:02 Important: mailman:2.1 security update>

Tuesday 23rd of November 2021 09:41:21 PM
An update for the mailman:2.1 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

Fedora 35: vim 2021-5cd9df120e>

Tuesday 23rd of November 2021 08:21:04 PM
The newest upstream commit Security fix for CVE-2021-3968 Security fix for CVE-2021-3973 Security fix for CVE-2021-3974

Fedora 35: libxls 2021-033a5fe9e5>

Tuesday 23rd of November 2021 08:20:54 PM
Security fix for CVE-2021-27836

Fedora 34: libxls 2021-785cdbddf9>

Tuesday 23rd of November 2021 08:10:48 PM
Security fix for CVE-2021-27836

Fedora 34: roundcubemail 2021-167865df98>

Tuesday 23rd of November 2021 08:10:10 PM
**Version 1.4.12** * Enigma: Fix bug where signature verification could fail for non-ascii bodies (#7919) * Fix bug where contacts search didn't work with addressbook_search_mods set to an empty array (#7974) * Fix bug causing some HTML message content to be not centered in Elastic skin (#7911) * Fix bug where consecutive LDAP searches could return wrong results (#8064) * Fix bug

More in Tux Machines

Best Free and Open Source Alternatives to Autodesk Sketchbook

Autodesk, Inc. is an American multinational software company that makes software products and services for the architecture, engineering, construction, product design, manufacturing, media, education, and entertainment industries. It bills itself as a “… leader in 3D design, engineering and entertainment software”. The company was founded in 1982 by John Walker, who was a joint developer of the first versions of AutoCAD, the company’s best known software application. Autodesk is listed on the Nasdaq stock exchange, it has over 11,000 employees, and is headquartered in the San Francisco Bay Area. While Autodesk develops many high quality applications they are proprietary software. And the vast majority of their products are not available for Linux. This series looks at the best free and open source alternatives. Read more

Today in Techrights

Open source mind mapping with Draw.io

There's something special about maps. I remember opening the front book cover of JRR Tolkien's The Hobbit when I was younger, staring at the hand-drawn map of Middle Earth, and feeling the wealth of possibility contained in the simple drawing. Aside from their obvious purpose of actually describing where things are in relation to other things, I think maps do a great job of expressing potential. You could step outside and take the road this way or that way, and if you do, just think of all the new and exciting things you'll be able to see. Read more

19 Absolute Simple Things About Linux Terminal Every Ubuntu User Should Know

Terminal often intimidates new users. However, once you get to know it, you gradually start liking it. Well, that happens with most Linux users. Even if you are using Ubuntu as a desktop system, you may have to enter the terminal at times. New users are often clueless about many things. Some knowledge of basic Linux commands always helps in such cases but this article is not about that. This article focuses on explaining small, basic and often ignored things about using the terminal. This should help new Ubuntu desktop users to know the terminal and use it with slightly more efficiency. Read more