Language Selection

English French German Italian Portuguese Spanish

LinuxSecurity.com Advisories

Syndicate content LinuxSecurity - Security Advisories
The central voice for Linux and Open Source security news.
Updated: 3 hours 25 min ago

Fedora 34: ghostscript 2021-256c80b4eb>

8 hours 26 min ago
Rebase with Security fix for CVE-2021-3781

Fedora 34: dovecot-fts-xapian 2021-e5f64ca6ce>

8 hours 26 min ago
Rebuild for dovecot 2.3.16 ---- Rebuild for dovecot 2.3.16

Fedora 33: lynx 2021-232161e4d5>

8 hours 50 min ago
- fix disclosure of HTTP auth credentials via SNI data (CVE-2021-38165)

RedHat: RHSA-2021-3559:01 Important: rh-ruby27-ruby security update>

Monday 20th of September 2021 03:59:08 AM
An update for rh-ruby27-ruby is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

Debian: DSA-4974-1: nextcloud-desktop security update>

Sunday 19th of September 2021 06:35:13 AM
Two vulnerabilities were discovered in the Nextcloud desktop client, which could result in information disclosure. For the oldstable distribution (buster), these problems have been fixed

Debian LTS: DLA-2761-1: openssl1.0 security update>

Saturday 18th of September 2021 06:58:09 PM
The legacy 1.0 version of OpenSSL, a cryptography library for secure communication, fails to validate alternate trust chains in some conditions. In particular this breaks connecting to servers that use Let's Encrypt certificates, starting 2021-10-01.

openSUSE: 2021:3140-1 moderate: xen>

Saturday 18th of September 2021 02:19:11 PM
An update that solves one vulnerability and has one errata is now available.

Debian LTS: DLA-2760-1: nettle security update>

Saturday 18th of September 2021 12:46:40 PM
Multiple vulnerabilities were discovered in nettle, a low level cryptographic library, which could result in denial of service (remote crash in RSA decryption via specially crafted ciphertext, crash on ECDSA signature verification) or incorrect verification of ECDSA signatures.

Debian LTS: DLA-2759-1: gnutls28 alternate chains verification>

Friday 17th of September 2021 06:28:21 PM
GnuTLS, a portable cryptography library, fails to validate alternate trust chains in some conditions. In particular this breaks connecting to servers that use Let's Encrypt certificates, starting 2021-10-01.

Fedora 33: haproxy 2021-cd5ee418f6>

Friday 17th of September 2021 11:20:28 AM
Update to 2.2.17

Fedora 33: wordpress 2021-f53d1bbf50>

Friday 17th of September 2021 11:20:27 AM
Upstream annoucement: [WordPress 5.8.1 Security and Maintenance Release](https://wordpress.org/news/2021/09/wordpress-5-8-1-security-and- maintenance-release/)

Fedora 33: xen 2021-fed53cbc7d>

Friday 17th of September 2021 11:20:25 AM
Another race in XENMAPSPACE_grant_table handling [XSA-384, CVE-2021-28701] bugfix for XSA-380

SUSE: 2021:330-1 caasp/v4.5/kube-scheduler Security Update>

Friday 17th of September 2021 04:29:52 AM
The container caasp/v4.5/kube-scheduler was updated. The following patches have been included in this update:

SUSE: 2021:328-1 caasp/v4.5/kube-proxy Security Update>

Friday 17th of September 2021 04:28:33 AM
The container caasp/v4.5/kube-proxy was updated. The following patches have been included in this update:

SUSE: 2021:325-1 caasp/v4.5/kube-controller-manager Security Update>

Friday 17th of September 2021 04:26:46 AM
The container caasp/v4.5/kube-controller-manager was updated. The following patches have been included in this update:

SUSE: 2021:322-1 caasp/v4.5/kube-apiserver Security Update>

Friday 17th of September 2021 04:24:54 AM
The container caasp/v4.5/kube-apiserver was updated. The following patches have been included in this update:

Ubuntu 5073-2: Linux kernel (GCP) vulnerabilities>

Friday 17th of September 2021 02:39:45 AM
Several security issues were fixed in the Linux kernel.

Slackware: 2021-259-01: httpd Security Update>

Friday 17th of September 2021 12:22:20 AM
New httpd packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.

openSUSE: 2021:3123-1 moderate: libcroco>

Thursday 16th of September 2021 08:17:32 PM
An update that fixes one vulnerability is now available.

openSUSE: 2021:1279-1 moderate: haserl>

Thursday 16th of September 2021 05:18:43 PM
An update that fixes one vulnerability is now available.

More in Tux Machines

6 Best Ways to Improve Linux Security

The Linux OS has historically been regarded as more secure than Windows or macOS thanks to how it handles user permissions and because it’s open-source software. One of the other big reasons for that faith in Linux’s security was the fact that it isn’t as popular among users worldwide. With Windows being the leader in terms of user adoption. While experts still agree that Linux is a secure OS, some very valid concerns have started popping up in recent years. For one, Linux has seen a boost in popularity as of late, paired with an increase in interest from cybercriminals. But more than that, despite its secure design, Linux is vulnerable to attack. Read more

Try this Linux web browser dedicated solely to web applications

When I'm on the go, I need everything to work as efficiently as possible. And although you might be thinking, "But a web browser is as efficient as it gets, right?" That depends on what task you're doing and what site you're working with. This is especially so in the modern age of web applications and with constantly on-the-move staff. Instead of always having a full-blown, kitchen-sink-type web browser, sometimes we need something a bit more stripped-down, a tool that is geared toward one thing and one thing only—web applications. Read more

Graphics: GL, Libinput, NVIDIA, and AMD

  • Mike Blumenkrantz: Underwater

    I got a request recently to fix up the WebGL Aquarium demo. I’ve had this bookmarked for a while since it’s one of the only test cases for GL_EXT_multisampled_render_to_texture I’m aware of, at least when running Chrome in EGL mode. Naturally, I decided to do both at once since this would be yet another extension that no native desktop driver in Mesa currently supports.

  • xf86-input-libinput 1.2.0

    This release introduces support for touchpad gestures that will be available as part of X server 21.1. Additionally high-resolution scrolling data is now acquired from libinput if available and sent downstream to X server. The default scroll distance has been bumped to 120 in the process, but this should not affect correctly written clients.

  • xf86-input-libinput 1.2 Brings Touchpad Gestures, High Resolution Scrolling - Phoronix

    For those continuing to make use of the X.Org Server, xf86-input-libinput 1.2 is now available for integrating the latest functionality of libinput input handling library. Libinput 1.19 released last week with support for hold gesture types and high resolution wheel scrolling. The xf86-input-libinput 1.2 release for this X.Org DDX now supports touchpad gestures and high resolution scrolling data as well when pairing this driver with libinput 1.19. In the case of the hold gestures, it requires to be used in conjunction with the forthcoming X.Org Server 21.1 release.

  • NVIDIA Prepares The Linux Kernel For Future Laptops With EC-Driven Backlights - Phoronix

    NVIDIA is contributing a new open-source driver to the upstream Linux kernel for dealing with upcoming laptops where the backlight controls are handled by the device's embedded controller (EC). With Linux 5.16 later this year NVIDIA is ready with the "wmaa-backlight-wmi" driver for EC-based backlight controls for upcoming laptop/notebook computers.

  • AMD Continues CRIU Work To Checkpoint/Restore ROCm Compute Workloads - Phoronix

    Earlier this year AMD went public with prototyping CRIU support for Radeon GPUs around ROCm to be able to checkpoint/freeze running compute workloads and to then restore them at a later point. This CRIU focus is driven by their big accelerator needs and forthcoming supercomputers for migrating workloads particularly within containers. AMD continues working on CRIU support for GPUs and last week provided an update on the project.

today's howtos

  • Getting started with JBoss | Enable Sysadmin

    JBoss Enterprise Application Platform (EAP) is an enterprise-grade, open source platform to deploy highly transactional and scalable web applications. It includes everything you need to build, run, deploy, and manage enterprise-level Java applications in different environments—including on-premises, virtual environments, and private, public, and hybrid clouds. This article explains some of what I have learned during my time with JBoss EAP, its operating modes, installing it, and managing the JBoss service. I will also show how to build and deploy a sample web application archive (WAR) file so that you can learn alongside me.

  • How to scale GRUB menu on 4K displays

    Several weeks ago, I installed Kubuntu 20.04 on my IdeaPad Y50-70, a somewhat old but rather capable 15.6-inch laptop with a 4K screen resolution. Predictably, the device wasn't usable in its native screen mode, and I had to make everything bigger, scaling and all that. In the end, I managed to create an ergonomically comfortable setup, with two exceptions - the login menu, and the boot menu. The former gave me some grief, but I was able to get it sorted. With GRUB, there were more problems. One, the menu wouldn't show, even though I had a dual-boot configuration in place. Two, the menu was tiny, with the text barely readable. So I embarked on a journey of GRUB modifications, hence this tutorial. Let me show you how you can make the GRUB menu bigger on HD/UHD displays.

  • Use this Linux command-line tool to learn more about your NVMe drives | Opensource.com

    NVMe stands for Non-Volatile Memory Express, and it refers to how software and storage communicate across PCIe and other protocols, including TCP. It's an open specification led by a non-profit organization and defines several forms of solid-state storage. My laptop has an NVMe drive, as does my desktop. And they're fast. I love how quickly my computers boot and how quickly they're able to read and write data. There's no perceptible delay. It also didn't take long for me to get curious about the technology driving this ultra-fast storage, so I did a little investigation. I learned that NVMe drives consume less power while delivering much faster access to data compared to even SSD drives over SATA. That was interesting, but I wanted to know more about my particular NVMe drives, and I wanted to know how they compared with other drives. Could I securely erase the drive? How could I check its integrity? Those questions led me to an Internet search that yielded an open source project with a collection of tools to manage NVMe drives. It's called nvme-cli.

  • Delta Chat, Overview and Installation

    The email messenger, Delta Chat, is a Germany communication app which everyone can use and just works friends and family even without them using the same application. This article overviews it and give installation guide for Ubuntu and Android users. Let's chat!

  • How to install Node.js & NPM on Debian 11

    Node.js is an open-source, cross-platform runtime environment for developing server-side and networking applications built on Chrome's V8 JavaScript engine. It uses an event-driven, non-blocking I/O model that makes it lightweight and efficient. NPM(Node Package Manager) is the default package manager for Node.js. It comes installed when you install Node.js. You can do almost everything with it since it provides access to thousands of packages that can be downloaded and installed in your application's project directory through the command-line interface. In this article, we will learn what Nodejs is and how to install it on a Linux machine using a non-root user account.

  • How to Install pgAdmin 5 PostgreSQL Administration Tool on Debian 11

    pgAdmin is a free and open-source graphical administration tool for PostgreSQL which is easy to use. It supports PostgreSQL 9.6 and above, and it can be run on multiple operating systems, including Windows, macOS, and Linux.

  • Install Filebeat on CentOS 8 - Unixcop

    Filebeat is used to ship logs to logstash or Elastic search to filter and use them as per requirement. Whether you’re collecting from security devices, cloud, containers, hosts, or OT, Filebeat helps you keep the simple things simple by offering a lightweight way to forward and centralize logs and files. Filebeat consists of two main components: inputs and harvesters. These components work together to tail files and send event data to the output that you specify. An input is responsible for managing the harvesters and finding all sources to read from.

  • How to Install FreeRADIUS and Daloradius on Ubuntu 20.04 – VITUX

    RADIUS is a AAA (authentication, authorization, and accounting) protocol that helps in controlling network access. In other words, RADIUS protocol is used for connection management between the Network Access Server (NAS) and Authentication server. The connection between two ends(NAC-NAS or NAS-Authentication server) is initiated after a successful negotiation on the network layer by exchanging packets containing necessary information such as NAS identification, authentication port number etc. In simple words, it can be said that RADIUS provides authentication, authorization, and account information from an Authentication server to a device requesting access.