Language Selection

English French German Italian Portuguese Spanish

LinuxSecurity.com Advisories

Syndicate content LinuxSecurity - Security Advisories
The central voice for Linux and Open Source security news.
Updated: 1 hour 9 min ago

Ubuntu 4080-1: OpenJDK 8 vulnerabilities

Tuesday 30th of July 2019 08:09:00 PM
Several security issues were fixed in OpenJDK.

Debian LTS: DLA-1730-4: libssh2 regression update

Tuesday 30th of July 2019 05:44:34 PM
Several more boundary checks have been backported to libssh2's src/sftp.c. Furthermore, all boundary checks in src/sftp.c now result in an LIBSSH2_ERROR_BUFFER_TOO_SMALL error code, rather than a

SUSE: 2019:2021-1 important: java-1_8_0-openjdk

Tuesday 30th of July 2019 05:12:34 PM
An update that solves 8 vulnerabilities and has one errata is now available.

Ubuntu 4079-1: SoX vulnerabilities

Tuesday 30th of July 2019 04:59:43 PM
SoX could be made to crash if it received a specially crafted MP3 file.

RedHat: RHSA-2019-1951:01 Moderate: nss and nspr security, bug fix,

Tuesday 30th of July 2019 03:51:35 PM
An update for nss and nspr is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

Ubuntu 4078-1: OpenLDAP vulnerabilities

Tuesday 30th of July 2019 03:12:56 PM
Several security issues were fixed in OpenLDAP.

SciLinux: SLSA-2019-1873-1 Important: kernel on SL7.x x86_64

Tuesday 30th of July 2019 03:10:29 PM
kernel: nfs: use-after-free in svc_process_common() (CVE-2018-16884) * kernel: insufficient input validation in kernel mode driver in Intel i915 graphics leads to privilege escalation (CVE-2019-11085) * kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence (CVE-2018-16871) * kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c, ipmi_si_mem_io.c, ipmi_si_port_ [More...]

RedHat: RHSA-2019-2000:01 Low: Red Hat OpenShift Enterprise final

Tuesday 30th of July 2019 02:56:05 PM
This is the final notification for the retirement of Red Hat OpenShift Enterprise 3.6 and Red Hat OpenShift Container Platform 3.7. This notification applies only to those customers with subscriptions for Red Hat OpenShift Enterprise 3.6 and Red Hat OpenShift Container Platform 3.7.

SciLinux: SLSA-2019-1898-1 Low: httpd on SL7.x x86_64

Tuesday 30th of July 2019 02:29:16 PM
httpd: Weak Digest auth nonce generation in mod_auth_digest (CVE-2018-1312) SL7 x86_64 httpd-2.4.6-89.el7_6.1.x86_64.rpm httpd-debuginfo-2.4.6-89.el7_6.1.x86_64.rpm httpd-devel-2.4.6-89.el7_6.1.x86_64.rpm httpd-tools-2.4.6-89.el7_6.1.x86_64.rpm mod_ldap-2.4.6-89.el7_6.1.x86_64.rpm mod_proxy_html-2.4.6-89.el7_6.1.x86_64.rpm mod_session-2.4.6-89.el7_6.1.x86_64.rpm [More...]

openSUSE: 2019:1816-1: moderate: openexr

Tuesday 30th of July 2019 02:18:27 PM
An update that fixes three vulnerabilities is now available.

SUSE: 2019:2018-1 important: polkit

Tuesday 30th of July 2019 02:16:39 PM
An update that fixes one vulnerability is now available.

openSUSE: 2019:1815-1: important: chromium

Tuesday 30th of July 2019 02:15:46 PM
An update that fixes three vulnerabilities is now available.

openSUSE: 2019:1813-1: important: MozillaThunderbird

Tuesday 30th of July 2019 02:15:13 PM
An update that fixes 10 vulnerabilities is now available.

openSUSE: 2019:1815-1: important: chromium

Tuesday 30th of July 2019 02:14:28 PM
An update that fixes three vulnerabilities is now available.

openSUSE: 2019:1814-1: important: virtualbox

Tuesday 30th of July 2019 02:11:48 PM
An update that fixes 52 vulnerabilities is now available.

SUSE: 2019:2020-1 important: mariadb, mariadb-connector-c

Tuesday 30th of July 2019 02:11:00 PM
An update that fixes three vulnerabilities is now available.

RedHat: RHSA-2019-1972:01 Important: ruby:2.5 security update

Tuesday 30th of July 2019 12:00:10 PM
An update for the ruby:2.5 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

RedHat: RHSA-2019-1973:01 Important: kernel-alt security and bug fix update

Tuesday 30th of July 2019 09:18:10 AM
An update for kernel-alt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

RedHat: RHSA-2019-1971:01 Important: kernel-rt security and bug fix update

Tuesday 30th of July 2019 07:03:14 AM
An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

RedHat: RHSA-2019-1968:01 Important: qemu-kvm-rhev security and bug fix

Tuesday 30th of July 2019 06:40:13 AM
An update for qemu-kvm-rhev is now available for Red Hat Virtualization for Red Hat Virtualization Host 7. Red Hat Product Security has rated this update as having a Important security impact. A Common Vulnerability Scoring System (CVSS) base score,

More in Tux Machines

Games: Baba, Dicey Dungeons, Factorio and Enabling GameMode

  • Excellent rule-changing puzzle game Baba Is You is getting an official level editor

    Baba Is You, the truly excellent puzzle game where you have to break the rules of each level to beat them is getting a big update soon. See Also: previous thoughts on it here. How do you break these rules? Well, on each level there's logic blocks you can push around to change everything. Turn yourself into a rock, a jellyfish, make it so touching a wall wins instead of a flag you can't access and all kinds of really crazy things it becomes quite hilarious.

  • Dicey Dungeons outsold Terry Cavanagh's last two Steam games in the first month

    Terry Cavanagh, the indie developer behind VVVVVV, Super Hexagon and the latest Dicey Dungeons has a new blog post out talking about how well Dicey Dungeons has done and what's to come next. Leading up to the release, Cavanagh was doing a blog post each day for seven days. This latest post from yesterday then, is long overdue considering Dicey Dungeons launched in August.

  • Factorio is leaving Early Access in September next year

    As a result of the team behind Factorio feeling like it's going on for too long, they've now set a proper release date. In their latest Friday Facts update, they mentioned how their "when it's done" approach has served them well to create a high-quality game "but if we continued this way, we would be doing it basically forever". Part of the issue is that they want to work on new features and add content, instead of constant polishing. So they're setting a date publicly now "so we have to stick with it". With that in mind, it's going to leave Early Access on September 25, 2020. Development is not ending once they hit the big 1.0, they also don't want to say it's 100% finished either. Like a lot of games, as long as the money keeps coming in they will likely keep adding to it.

  • Enabling GameMode on Linux for best gaming performance

Red Hat Enterprise Linux and CentOS Now Patched Against Latest Intel CPU Flaws

After responding to the latest security vulnerabilities affecting Intel CPU microarchitectures, Red Hat has released new Linux kernel security updates for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7 operating systems to address the well-known ZombieLoad v2 flaw and other issues. The CentOS community also ported the updates for their CentOS Linux 6 and CentOS Linux 7 systems. The security vulnerabilities patched in this new Linux kernel security update are Machine Check Error on Page Size Change (IFU) (CVE-2018-12207), TSX Transaction Asynchronous Abort (TAA) (CVE-2019-11135), Intel GPU Denial Of Service while accessing MMIO in lower power state (CVE-2019-0154), and Intel GPU blitter manipulation that allows for arbitrary kernel memory write (CVE-2019-0155). Read more

Android Leftovers

Firefox vs. Chrome Browser Performance On Intel Ice Lake + Power/Memory Usage Tests

Using Firefox 70 (including WebRender) and Google Chrome 78, here are our latest round of Linux web browser benchmarks tested on the Dell XPS Ice Lake laptop. Making this round of Linux browser benchmarking more interesting is also including power consumption and RAM usage metrics for the different browser benchmarks. For those wondering about whether Firefox or Chrome makes the most sense for Linux laptops, these benchmarks from the Dell XPS with Intel Core i7-1065G7 will hopefully be useful. Ubuntu 19.10 with the Linux 5.3 kernel was running on this Intel Ice Lake laptop while using the official builds of Mozilla Firefox 70.0 (both out of the box and with WebRender) and Google Chrome 78. The AC system power consumption was monitored on battery and the total RAM usage was being monitored throughout testing as well. All of the benchmarking was carried out using the Phoronix Test Suite. Read more