Language Selection

English French German Italian Portuguese Spanish

LinuxSecurity.com Advisories

Syndicate content LinuxSecurity - Security Advisories
The central voice for Linux and Open Source security news.
Updated: 3 hours 53 min ago

SciLinux: SLSA-2021-2314-1 Important: kernel on SL7.x x86_64>

11 hours 35 sec ago
kernel: Integer overflow in Intel(R) Graphics Drivers (CVE-2020-12362) * kernel: Use after free via PI futex state (CVE-2021-3347) * kernel: use-after-free in n_tty_receive_buf_common function in drivers/tty/n_tty.c (CVE-2020-8648) * kernel: Improper input validation in some Intel(R) Graphics Drivers (CVE-2020-12363) * kernel: Null pointer dereference in some Intel(R) Graphics Drivers (CVE [More...]

RedHat: RHSA-2021-2445:01 Important: Red Hat Ceph Storage 4.2 Security and>

11 hours 36 min ago
An update for ceph, ceph-ansible, ceph-iscsi, python-waitress, and tcmu-runner is now available for Red Hat Ceph Storage 4.2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

RedHat: RHSA-2021-2439:01 Important: Open Liberty 21.0.0.6 Runtime security>

15 hours 42 min ago
Open Liberty 21.0.0.6 Runtime is now available from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

Ubuntu 4988-1: ImageMagick vulnerabilities>

16 hours 36 min ago
Several security issues were fixed in ImageMagick.

SciLinux: SLSA-2021-2417-1 Important: gupnp on SL7.x x86_64>

16 hours 38 min ago
gupnp: allows DNS rebinding which could result in tricking browser into triggering actions against local UPnP services (CVE-2021-33516) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE --- SL7 x86_64 gupnp-1.0.2-6.el7_9.i686.rpm gupnp-1.0.2-6.el7_9.x86_64.rpm gupnp-debuginfo-1.0.2-6.el7_ [More...]

RedHat: RHSA-2021-2286:01 Moderate: OpenShift Container Platform 4.7.16>

Tuesday 15th of June 2021 05:47:22 AM
Red Hat OpenShift Container Platform release 4.7.16 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.7.

SUSE: 2021:251-1 ses/7/rook/ceph Security Update>

Tuesday 15th of June 2021 04:12:06 AM
The container ses/7/rook/ceph was updated. The following patches have been included in this update:

SUSE: 2021:250-1 ses/7/ceph/ceph Security Update>

Tuesday 15th of June 2021 04:08:45 AM
The container ses/7/ceph/ceph was updated. The following patches have been included in this update:

SUSE: 2021:249-1 ses/7/ceph/grafana Security Update>

Tuesday 15th of June 2021 04:05:27 AM
The container ses/7/ceph/grafana was updated. The following patches have been included in this update:

SUSE: 2021:248-1 ses/7/cephcsi/cephcsi Security Update>

Tuesday 15th of June 2021 04:04:05 AM
The container ses/7/cephcsi/cephcsi was updated. The following patches have been included in this update:

Fedora 33: kernel-tools 2021-db2bb87f35>

Monday 14th of June 2021 09:21:58 PM
The 5.12.10 stable kernel update contains a number of important fixes across the tree.

Fedora 33: kernel 2021-db2bb87f35>

Monday 14th of June 2021 09:21:57 PM
The 5.12.10 stable kernel update contains a number of important fixes across the tree.

Fedora 34: kernel-tools 2021-bc2a819bc5>

Monday 14th of June 2021 09:06:45 PM
The 5.12.10 stable kernel update contains a number of important fixes across the tree.

Fedora 34: kernel 2021-bc2a819bc5>

Monday 14th of June 2021 09:06:44 PM
The 5.12.10 stable kernel update contains a number of important fixes across the tree.

RedHat: RHSA-2021-2417:01 Important: gupnp security update>

Monday 14th of June 2021 04:58:50 PM
An update for gupnp is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability

RedHat: RHSA-2021-2420:01 Important: dhcp security update>

Monday 14th of June 2021 04:58:23 PM
An update for dhcp is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

RedHat: RHSA-2021-2419:01 Important: dhcp security update>

Monday 14th of June 2021 04:32:23 PM
An update for dhcp is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

RedHat: RHSA-2021-2422:01 Important: gupnp security update>

Monday 14th of June 2021 04:17:23 PM
An update for gupnp is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

RedHat: RHSA-2021-2416:01 Important: dhcp security update>

Monday 14th of June 2021 04:08:23 PM
An update for dhcp is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

RedHat: RHSA-2021-2414:01 Important: dhcp security update>

Monday 14th of June 2021 03:52:24 PM
An update for dhcp is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions.

More in Tux Machines

KDE: Akademy, Bug Triaging, Packaging Work by Norbert Preining, and Krita on Simplifying Grammar Checks for Manual

  • Akademy 2021 at Home

    Once again I plan to be at Akademy. I almost silently attended last year edition. OK… I had a talk there but didn’t blog. I even didn’t post my traditional sketchnotes post. I plan to do better this year. I’ll try to sketchnote again, we’ll see how that works out. Oddly enough, I might do the 2020 post after the 2021 one.

  • KDE's Nate Graham: Bug triaging is the foundation of quality and we need more of it

    Bug triaging is a largely invisible and often thankless task. But it’s the foundation of quality in our software offerings. Every day, our users file between 30 and 50 bug reports on https://bugs.kde.org, and often up to 100 right after a big release! Many will be duplicates of pre-existing issues and need to be marked as such. Quite a few will be caused by issues outside of KDE’s control and this also needs to be marked as such. Many will be crash reports with missing or useless backtraces, and their reporters need to be asked to add the missing information to make the bug report actionable. And the rest need to be prioritized, moved to the right component, tagged appropriately, and eventually fixed.

  • Debian's Cinnamon desktop maintainer quits because he thinks KDE is better now

    Norbert Preining, the maintainer of the Cinnamon desktop packages for Debian is quitting as he no longer uses it - though others have volunteered to take his place. The origins of the Cinnamon desktop go back to 2011 and the release of the controversial GNOME 3 desktop, which introduced radical changes. Some Linux users preferred the desktop metaphor offered by GNOME 2.x, including the Linux Mint team. The MATE desktop was a fork of GNOME 2, while the Linux Mint folk made Cinnamon, a fork of GNOME 3 designed to retain the design of GNOME 2, using the Mint Gnome Shell Extensions (MGSE). Cinnamon later became a full fork of GNOME 3. Cinnamon remains the default desktop for Linux Mint (which also offers MATE and Xfce editions), but is also available for other distributions including Debian. Mint itself is based on Ubuntu, though there is also a Linux Mint Debian edition (LMDE).

  • Simplifying Grammar Checks for Manuals.

    Like most online manuals, the Krita manual has a contributor’s guide. It’s filled with things like “who is our assumed audience?”, “what is the dialect of English we should use?”, etc. It’s not a perfect guide, outdated in places, definitely, but I think it does it’s job. So, sometimes I, who officially maintains the Krita manual, look at other project’s contributor’s guides. And usually what I find there is…

SUSE/OpenSUSE: IBM LinuxONE, openSUSE 15.3 Overview and More

Mozilla: Federal Communications Commission (FCC) Lobbying, Firefox Tweaks and More

  • Mozilla joins call for fifth FCC Commissioner appointment

    In a letter sent to the White House on Friday, June 11, 2021, Mozilla joined over 50 advocacy groups and unions asking President Biden and Vice President Harris to appoint the fifth FCC Commissioner. Without a full team of appointed Commissioners, the Federal Communications Commission (FCC) is limited in its ability to move forward on crucial tech agenda items such as net neutrality and on addressing the country’s digital divide.

  • Don’t Like Firefox’s New Look? Try These Tweaks

    if Firefox's fancy new look has left you feeling frustrated and out of sorts check out this trifecta of tweaks, all of which help tame the browser's new UI.

  • Niko Matsakis: CTCFT 2021-06-21 Agenda

    The second “Cross Team Collaboration Fun Times” (CTCFT) meeting will take place one week from today, on 2021-06-21 (in your time zone)! This post describes the main agenda items for the meeting; you’ll find the full details (along with a calendar event, zoom details, etc) on the CTCFT website.

Software: Surveys, ActivityWatch, Kubernetes, PingMe and More

  • Best 10 Open-source Survey collection self-hosted tools

    Are you looking for open-source survey management solutions? Here we have collected the best free open-source survey tools that you can download, install and setup on your own server. Let's start talking about surveys, and then we will show you 10 open sources that will help you to manage your survey, collect data without having to worry about vendor lock-in or data lose. Because of the emergence of surveys that contain a lot of information, we have many solutions to manage surveys, analyze and deal with them to take the whole benefit from it. These open sources improve the referendum process and make full use of the questionnaire by assisting in the managing, making the right decision, making the researcher away from bias due to accurate statistics and reports, saves the time and effort required for the analysis process, and it helps predict what customers will do based on the survey.

  • ActivityWatch is a Free Personal Activity Tracker with Focus on Privacy

    ActivityWatch is a cross-platform automated time tracker that helps you track and understand how you spend your time on your devices. You probably spend many hours a week behind your computer. But which programs or web pages do you open the most, and when and for how long? How much time do you typically spend on your computer? You can find out the answers to these questions with ActivityWatch. In short, ActivityWatch is an app that automatically tracks how you spend time on your devices. It can be used to keep track of your productivity, time spent on different projects, bad screen habits, or just to understand how you spend your time. For example, if you spend too much time on Facebook or Twitter or some other website or application, you can use your ActivityWatch logs to determine how much time you actually spend on these sites.

  • Upgrading Homelab Kubernetes Cluster from 1.20 to 1.21

    Calico 3.19 has been released with support for Kubernetes 1.21. Also, the CKA exam environment is running Kubernetes 1.21 which I’m currently studying for, therefore it’s time to upgrade.

  • Send Messages From Your Scripts To Multiple Messaging Platforms Using PingMe

    PingMe is a command line tool for sending messages or alerts from Linux, Windows or macOS to various messaging platforms like Discord, Slack, Telegram, Microsoft Teams, Twillio, Mastodon, and more.

  • Try this new open source tool for data analytics | Opensource.com

    Data analytics is a trendy field with many solutions available. One of them is Cube.js, an open source analytical platform. You can think of Cube.js as a layer between your data sources and applications. As the diagram below shows, Cube.js supports serverless data warehouses and most modern relational database management systems (RDBMS). You can work with any JavaScript front-end library for data visualization, and Cube.js will take care of the rest, including access control, performance, concurrency, and more.

  • Keep track of your IRC chats with ZNC | Opensource.com

    For a bit more than a year, I've been wondering if it is possible to bolt the open source Matrix communications network to Internet Relay Chat (IRC) in such a way that I can still use my ZNC IRC bouncer without an extra proliferation of nicknames. The answer, is amusingly, yes. But first, some background. What's IRC? IRC has been around since August 1988, and it's been a staple of real-time communications ever since. It's also one of the early open source projects, as the code for the original IRC server was eventually shared. Over the years, it's been quite useful for meeting many developers' real-time communication needs, although not without its own share of drama. However, it has been resilient and is still widely used despite newer options.