Language Selection

English French German Italian Portuguese Spanish

LinuxSecurity.com Advisories

Syndicate content LinuxSecurity - Security Advisories
The central voice for Linux and Open Source security news.
Updated: 2 hours 39 min ago

Ubuntu 5123-1: MySQL vulnerabilities>

7 hours 48 min ago
Several security issues were fixed in MySQL.

RedHat: RHSA-2021-3971:01 Important: Red Hat OpenStack Platform 10.0>

8 hours 20 min ago
An update for redis is now available for Red Hat OpenStack Platform 10 (Newton). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

RedHat: RHSA-2021-3967:01 Important: OpenJDK 11.0.13 security update for>

9 hours 12 min ago
The Red Hat Build of OpenJDK 11 (java-11-openjdk) is now available for portable Linux. Red Hat Product Security has rated this update as having a security impact of Imporant. A Common Vulnerability Scoring System (CVSS) base score, which

RedHat: RHSA-2021-3968:01 Important: OpenJDK 11.0.13 security update for>

9 hours 13 min ago
The Red Hat Build of OpenJDK 11 (java-11-openjdk) is now available for Windows. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

Ubuntu 5122-1: Apport vulnerability>

9 hours 39 min ago
Apport could be made to create files as the administrator.

RedHat: RHSA-2021-3961:01 Important: OpenJDK 8u312 Windows Builds release>

9 hours 40 min ago
The Red Hat Build of OpenJDK 8 (java-1.8.0-openjdk) is now available for Windows. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

RedHat: RHSA-2021-3956:01 Important: xstream security update>

Monday 25th of October 2021 02:51:23 AM
An update for xstream is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

RedHat: RHSA-2021-3955:01 Low: redhat-ds:11 security, bug fix,>

Monday 25th of October 2021 02:37:13 AM
Red Hat Directory Server 11.4 is now available. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

Fedora 34: python-reportlab 2021-13cdc0ab0e>

Sunday 24th of October 2021 07:03:48 PM
- Release 3.6.2

Debian LTS: DLA-2792-1: faad2 security update>

Sunday 24th of October 2021 11:38:44 AM
Several issues have been found in faad2, a freeware Advanced Audio Decoder player. They are related to heap buffer overflows or null pointer dereferences, which both might allow an attacker to execute code by

Mageia 2021-0488: virtualbox security update>

Saturday 23rd of October 2021 03:49:37 PM
This update provides the upstream 6.1.28 maintenance release that fixes atleast the following security vulnerabilities: Vulnerability in the Oracle VM VirtualBox prior to 6.1.28 contains an easily exploitable vulnerability that allows high privileged attacker with

Mageia 2021-0487: ansible security update>

Saturday 23rd of October 2021 08:06:41 AM
Do not include params in exception when a call to set_options fails. Additionally, block the exception that is returned from being displayed to stdout. (CVE-2021-3620) References:

Mageia 2021-0486: flatpak security update>

Saturday 23rd of October 2021 08:06:40 AM
Flatpak apps with direct access to AF_UNIX sockets such as those used by Wayland, Pipewire or pipewire-pulse can trick portals and other host-OS services into treating the Flatpak app as though it was an ordinary, non-sandboxed host-OS process, by manipulating the VFS using recent mount-related syscalls that are not blocked by Flatpak's denylist seccomp

Mageia 2021-0485: tomcat security update>

Saturday 23rd of October 2021 08:06:39 AM
A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of the protection provided by the LockOut Realm. (CVE-2021-30640) Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5.66

Mageia 2021-0484: docker-containerd security update>

Saturday 23rd of October 2021 08:06:38 AM
A bug was found in containerd where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host's filesystem. Changes to file permissions can deny access to the expected owner of the file, widen access to others, or set extended bits like setuid, setgid, and sticky.

Fedora 33: libzapojit 2021-7f5a82ef57>

Friday 22nd of October 2021 11:25:57 PM
Security fix for CVE-2021-39360

Fedora 33: nodejs 2021-cbad295a90>

Friday 22nd of October 2021 11:25:54 PM
## 2021-10-12, Version 14.18.1 'Fermium' (LTS), @danielleadams This is a security release. ### Notable changes * **CVE-2021-22959**: HTTP Request Smuggling due to spaced in headers (Medium) * The http parser accepts requests with a space (SP) right after the header name before the colon. This can lead to HTTP Request Smuggling (HRS). More details will be available at

Fedora 33: vim 2021-84f4cf3244>

Friday 22nd of October 2021 11:25:44 PM
The newest upstream commit Security fix for CVE-2021-3778 Security fix for CVE-2021-3796 Security fix for CVE-2021-3875 Security fix for CVE-2021-3872

Fedora 34: libzapojit 2021-c3395a5df6>

Friday 22nd of October 2021 11:22:52 PM
Security fix for CVE-2021-39360

Fedora 34: nodejs 2021-9807b754d9>

Friday 22nd of October 2021 11:22:47 PM
## 2021-10-12, Version 14.18.1 'Fermium' (LTS), @danielleadams This is a security release. ### Notable changes * **CVE-2021-22959**: HTTP Request Smuggling due to spaced in headers (Medium) * The http parser accepts requests with a space (SP) right after the header name before the colon. This can lead to HTTP Request Smuggling (HRS). More details will be available at