Language Selection

English French German Italian Portuguese Spanish

LinuxSecurity.com Advisories

Syndicate content LinuxSecurity - Security Advisories
The central voice for Linux and Open Source security news.
Updated: 48 sec ago

Debian LTS: DLA-2835-1: rsyslog security update>

10 hours 22 min ago
Two heap overflows were fixed in the rsyslog logging daemon. CVE-2019-17041

Debian LTS: DLA-2834-1: uriparser security update>

10 hours 28 min ago
Out-of-bounds read for an incomplete URI with an IPv6 address containing an embedded IPv4 address has been fixed in uriparser, a library to parse Uniform Resource Identifiers (URIs).

Fedora 35: xen 2021-03645e9807>

10 hours 37 min ago
guests may exceed their designated memory limit [XSA-385, CVE-2021-28706] PoD operations on misaligned GFNs [XSA-388, CVE-2021-28704, CVE-2021-28707 CVE-2021-28708] issues with partially successful P2M updates on x86 [XSA-389, CVE-2021-28705, CVE-2021-28709] certain VT-d IOMMUs may not work in shared page table mode [XSA-390, CVE-2021-28710]

Fedora 35: golang-github-containerd-ttrpc 2021-79ba5abef6>

10 hours 37 min ago
Update containerd and moby-engine - Security fix for CVE-2021-41190

Fedora 35: moby-engine 2021-79ba5abef6>

10 hours 37 min ago
Update containerd and moby-engine - Security fix for CVE-2021-41190

Fedora 35: containerd 2021-79ba5abef6>

10 hours 37 min ago
Update containerd and moby-engine - Security fix for CVE-2021-41190

RedHat: RHSA-2021-4859:03 Important: kpatch-patch security update>

15 hours 17 min ago
An update is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

RedHat: RHSA-2021-4861:06 Important: Red Hat JBoss Web Server 5.6.0>

15 hours 17 min ago
Updated Red Hat JBoss Web Server 5.6.0 packages are now available for Red Hat Enterprise Linux 7 and Red Hat Enterprise Linux 8. Red Hat Product Security has rated this release as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

RedHat: RHSA-2021-4866:02 Moderate: samba security update>

15 hours 17 min ago
An update for samba is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

RedHat: RHSA-2021-4875:04 Important: kernel-rt security and bug fix update>

15 hours 17 min ago
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

RedHat: RHSA-2021-4871:05 Important: kernel security and bug fix update>

15 hours 17 min ago
An update for kernel is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

RedHat: RHSA-2021-4863:06 Important: Red Hat JBoss Web Server 5.6.0>

16 hours 15 min ago
Red Hat JBoss Web Server 5.6.0 zip release is now available for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, and Microsoft Windows. Red Hat Product Security has rated this release as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

openSUSE: 2021:3815-1 important: netcdf>

20 hours 40 min ago
An update that fixes 16 vulnerabilities is now available.

RedHat: RHSA-2021-4851:03 Low: Red Hat AMQ Broker 7.9.1 release and>

21 hours 17 min ago
Red Hat AMQ Broker 7.9.1 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

RedHat: RHSA-2021-4829:04 Important: OpenShift Container Platform 4.8.22>

21 hours 17 min ago
Red Hat OpenShift Container Platform release 4.8.22 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

Debian: DSA-5015-1: samba security update>

Tuesday 30th of November 2021 07:19:55 AM
Andrew Bartlett discovered that Samba, a SMB/CIFS file, print, and login server for Unix, may map domain users to local users in an undesired way. This could allow a user in an AD domain to potentially become root on domain members.

Ubuntu 5158-1: ImageMagick vulnerabilities>

Tuesday 30th of November 2021 07:08:11 AM
Several security issues were fixed in ImageMagick.

Fedora 35: kernel 2021-19ad835cb3>

Monday 29th of November 2021 08:22:50 PM
The 5.15.5 stable kernel update contains a number of important fixes across the tree.

Fedora 34: kernel 2021-c0dc424b7d>

Monday 29th of November 2021 08:12:06 PM
The 5.15.5 stable kernel update contains a number of important fixes across the tree.

openSUSE: 2021:1513-1 moderate: tor>

Monday 29th of November 2021 07:17:31 PM
An update that fixes one vulnerability is now available.

More in Tux Machines

Okular PDF digital signature improvements coming "soon" thanks to NLnet

Starting on January I will be working on a project named "Improve Okular digital signature support" that has received a grant from the NLnet foundation as part of the NGI Assure fund. This will allow me to work part time on Okular (in case it's not clear I work on Okular on a "when I have time-hobby" basis right now), the planned improvements are: 1. Support for signing unsigned signatures. I know it sounds confusing, think about it like something like the old "sign here" boxes on printed paper forms. Read more

FPGA SoC modules gain networking carrier and new PolarFire SoC model

Enclustra’s “Mercury+ PE3” carrier for its FPGA/SoC Mercury/Mercury+ modules can act as an SBC or plug into a PC via PCIe x8. It offers QSFP+, 4x SFP+, FireFly, and 2x GbE. We also examine a new “Mercury+ MP1” module based on the RISC-V based PolarFire SoC. In May, Switzerland based Enclustra announced a Mercury+ ST1 baseboard for its FPGA/SoC powered Mercury and Mercury+ compute modules. These include a Xilinx Zynq UltraScale+ MPSoC based Mercury+ XU6 module that was announced at the same time. Now the company has unveiled a more feature-rich Mercury+ PE3 board for the Mercury/Mercury+ product line. Farther below, we report on a similarly “in development” Mercury+ MP1 module based on Microchip’s based PolarFire SoC, which includes RISC-V based CPU cores and Microchip’s PolarFire FPGA. Read more

IBM/Red Hat/Fedora Leftovers

  • IBM applauds Knative’s application to join the Cloud Native Computing Foundation

    Today, Knative applied to become an incubating project at the Cloud Native Computing Foundation. Today’s news is a major step in the right direction for the future of Knative. Knative adds the necessary components that enable Kubernetes users to more quickly deploy and manage their workloads on Kubernetes — but without the need to become Kubernetes experts. Additionally, Knative adds “serverless” runtime semantics, allowing users to reap the benefit of features such as quick load-based scaling and scaling to zero when idle.

  • 3 ways to optimize Ansible Automation Platform for scale and performance | Enable Sysadmin

    Try these settings to optimize performance with Ansible Automation Platform on a massive scale.

  • Introduction to Ansible prompts and runtime variables

    This tutorial is part of a series we dedicated to Ansible. Previously we talked about the Ansible basics, then we focused on some Ansible modules we can use to perform some very common administration tasks, and we also talked about Ansible loops. In this article, instead, we learn how to create interactive prompts we can use to ask for user input and how to pass variables at runtime.

  • MIXAL on Fedora | Adam Young’s Web Log

    The examples in The Art of Computer Programming (TAOCP) are in the MIXAL programming language. In order to see these examples run, I want to install the tools on my Fedora box. They are packaged as RPMS, so this is trivial. Here are the steps to run and debug a sample program in MIXAL.

  • Fedora Contributor Annual Survey Data Set Available – Fedora Community Blog

    Over the summer of 2021, the Fedora Council held the first annual Contributor Survey. The survey received 800 complete responses, which exceeded the goal of 500. We have processed the data, which are available for download. Coordination of the survey was a wonderful community effort. Fedora Council member Aleksandra Fedorova proposed and led the survey effort with support from Marie Nordin (FCAIC). Many teams across the Fedora Project contributed, including: the Mindshare Committee, the Outreach Revamp Team, the Design Team, the Websites & Apps Team, and the Community Platform Engineering Team. Aleksandra and Marie presented a session at Nest with Fedora which goes further into the process and outcomes. Over the last couple months, the work of cleaning up the dataset has been underway. This has been a slow process as there are just a couple of people working on that regularly. An example of “cleaning” would be folks who chose “Other”, filled in “idk”, when the option “I don’t know” existed. Those answers need to be integrated in order to have a more accurate dataset. We removed fill-in answers due to the fact that some people identified themselves, intentionally or not. As we process the data, we are noting feedback to improve the survey for 2022.

WordPress 5.9 Beta 1

WordPress 5.9 Beta 1 is now available for testing! This version of the WordPress software is under development. You don’t want to run this version on a production site. Instead, it is recommended that you run this on a test site. This will allow you to test out the new version. Read more Also: People of WordPress: Devin Maeztri