Language Selection

English French German Italian Portuguese Spanish

LinuxSecurity.com Advisories

Syndicate content LinuxSecurity - Security Advisories
The central voice for Linux and Open Source security news.
Updated: 3 hours 40 min ago

Fedora 35: kernel 2021-19ad835cb3>

10 hours 16 min ago
The 5.15.5 stable kernel update contains a number of important fixes across the tree.

Fedora 34: kernel 2021-c0dc424b7d>

10 hours 27 min ago
The 5.15.5 stable kernel update contains a number of important fixes across the tree.

openSUSE: 2021:1513-1 moderate: tor>

11 hours 21 min ago
An update that fixes one vulnerability is now available.

RedHat: RHSA-2021-4848:07 Moderate: Migration Toolkit for Containers (MTC)>

14 hours 57 min ago
The Migration Toolkit for Containers (MTC) 1.5.2 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from

RedHat: RHSA-2021-4844:01 Important: samba security update>

20 hours 56 min ago
An update for samba is now available for Red Hat Gluster Storage 3.5 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

RedHat: RHSA-2021-4845:05 Moderate: Red Hat OpenShift Container Storage>

20 hours 57 min ago
An update is now available for Red Hat OpenShift Container Storage 4.8.5 on Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

RedHat: RHSA-2021-4843:01 Important: samba security update>

20 hours 57 min ago
An update for samba is now available for Red Hat Gluster Storage 3.5 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,

RedHat: RHSA-2021-4833:04 Important: OpenShift Container Platform 4.9.9>

20 hours 57 min ago
Red Hat OpenShift Container Platform release 4.9.9 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.9.

Debian LTS: DLA-2832-1: opensc security update>

Monday 29th of November 2021 06:13:39 AM
Several vulnerabilities were fixed in the OpenSC smart card utilities. CVE-2019-15945

Fedora 35: stargz-snapshotter 2021-6dc68dbe4d>

Sunday 28th of November 2021 09:24:31 PM
Release of stargz snapshotter v0.10.1. This release contains the mitigation for CVE-2021-41190. Please see the release note for details. https://github.com/containerd/stargz-snapshotter/releases/tag/v0.10.1 ---- Update to v0.10.0. See changes at https://github.com/containerd/stargz- snapshotter/releases/tag/v0.10.0

Fedora 34: stargz-snapshotter 2021-d250fc2622>

Sunday 28th of November 2021 08:11:31 PM
Release of stargz snapshotter v0.10.1. This release contains the mitigation for CVE-2021-41190. Please see the release note for details. https://github.com/containerd/stargz-snapshotter/releases/tag/v0.10.1 ---- Update to v0.10.0. See changes at https://github.com/containerd/stargz- snapshotter/releases/tag/v0.10.0

Debian LTS: DLA-2831-1: libntlm security update>

Sunday 28th of November 2021 04:12:10 PM
Stack-based buffer over-reads for crafted NTLM requests were fixed in libntlm, a library that implements Microsoft's NTLM authentication. For Debian 9 stretch, this problem has been fixed in version

Debian: DSA-5014-1: icu security update>

Sunday 28th of November 2021 10:58:02 AM
Rongxin Wu discovered a use-after-free vulnerability in the International Components for Unicode (ICU) library which could result in denial of service or potentially the execution of arbitrary code.

Debian LTS: DLA-2830-1: tar security update>

Sunday 28th of November 2021 09:39:03 AM
An infinite loop when --sparse is used with file shrinkage during read access was fixed in the GNU tar archiving utility. For Debian 9 stretch, this problem has been fixed in version

Fedora 34: puppet 2021-224df1788e>

Saturday 27th of November 2021 08:10:03 PM
Update to 7.12.1

Fedora 34: suricata 2021-c7fd9e9126>

Saturday 27th of November 2021 08:09:58 PM
This is a security update to address CVE-2021-35063 and other misc bugs.

Fedora 35: puppet 2021-1c0e788093>

Saturday 27th of November 2021 07:45:39 PM
Update to 7.12.1

Debian LTS: DLA-2829-1: libvpx security update>

Saturday 27th of November 2021 06:19:53 PM
An out-of-bounds buffer read on truncated key frames in vp8_decode_frame has been fixed in libvpx, a popular library for the VP8 and VP9 video codecs. For Debian 9 stretch, this problem has been fixed in version

Debian LTS: DLA-2828-1: libvorbis security update>

Saturday 27th of November 2021 04:38:58 PM
Several vulnerabilities were fixed in libvorbis, a popular library for the Vorbis audio codec. CVE-2017-14160

Debian LTS: DLA-2827-1: bluez security update>

Saturday 27th of November 2021 07:11:49 AM
Several vulnerabilities were discovered in BlueZ, the Linux Bluetooth protocol stack. An attacker could cause a denial-of-service (DoS) or leak information.

More in Tux Machines

Audiocasts/Shows: Late Night Linux, Destination Linux, and More

Kernel: Slowdown, CephFS, and FS-Cache / CacheFiles

  • How a performance boost in Linux kernel for one family of Intel chips slowed its latest Alder Lake processors

    The mixture of performance and efficiency CPUs in Intel’s 12th-gen Core processors, code-named Alder Lake, hasn’t just been causing problems for some Windows gamers – it almost led to complications for Linux. Phoronix’s Michael Larabel noticed a performance hit in the kernel a fortnight ago – in a work-in-progress release candidate, we should stress – and a fix for the scheduling code landed a little later. It turned out the kernel suffered on Alder Lake chips due to a performance-enhancing tweak for another Intel processor family: the multiple-Atom-core-based Jacobsville. This year, Intel officially canned its Lakefield chips. These consisted of a performance core called Sunny Cove as well as Atom-class efficiency cores dubbed Tremont. Crucially, there are still multi-Tremont-core embedded processors out there, such as Snow Ridge. These are server and infrastructure-oriented components with up to 24 cores. The first proposed cut of kernel 5.16, specifically 5.16-rc1, contained a revision to the scheduler that makes it aware that some clusters of cores share a block of L2 cache – as seen in Snow Ridge and Jacobsville.

  • Testing the Linux Kernel CephFS Client with xfstests

    I do a lot of testing with the kernel cephfs client these days, and have had a number of people ask about how I test it. For now, I’ll gloss over the cluster setup since there are other tutorials for that.

  • Major Rewrite Of Linux's FS-Cache / CacheFiles So It's Smaller & Simpler - Phoronix

    As part of David Howells of Red Hat long-term work on improving the caching code used by network file-systems, he today posted a big patch series rewriting the fscache and cachefiles code as the latest significant step on that adventure. Howells posted a set of 64 patches for rewriting the kernel's fscache and cachefiles code. Linux's fsache is a general purpose cache used by network file-systems while cachefiles is for providing a caching back-end for mounted local file-systems. The Red Hat engineer has been working on this rewrite for more than the past year.

Ubuntu Weekly Newsletter and Ubuntu Desktop on Google Clown

  • Ubuntu Weekly Newsletter Issue 711

    Welcome to the Ubuntu Weekly Newsletter, Issue 711 for the week of November 21 – 27, 2021. The full version of this issue is available here.

  • Launch Ubuntu Desktop on Google Cloud

    This tutorial shows you how to set up a Ubuntu Desktop on Google Cloud. If you need a graphic interface to your virtual desktop on the cloud, this tutorial will teach you how to set up a desktop environment just like what you can get on your own computer.

Open Hardware/Modding: ESP32, 3-D Printing, Raspberry Pi Pico, PocketBeagle

  • Wireless thermal printer kit features M5Stack ATOM Lite controller - CNX Software

    This is certainly not the first ESP32 thermal printer solution, as there are various implementations including bitbank2 thermal printer Arduino connecting ESP32 and nRF52 boards to the printer over Bluetotoh LE, or a Arduino sketches to print bitmaps over serial or MQTT.

  • Generate Fully Parametric, 3D-Printable Speaker Enclosures | Hackaday

    Having the right speaker enclosure can make a big difference to sound quality, so it’s no surprise that customizable ones are a common project for those who treat sound seriously. In that vein, [zx82net]’s Universal Speaker Box aims to give one everything they need to craft the perfect enclosure.

  • Z80 Video Output Via The Raspberry Pi Pico | Hackaday

    Building basic computers from the ground up is a popular pastime in the hacker community. [Kevin] is one such enthusiast, and decided to whip up a video interface for his retro Z80 machine.

  • The Calculator Charm: Calculatorium Leviosa! | Hackaday

    Have you ever tried waving your hand around like a magic wand and summoning a calculator? We would guess not since you’d probably look a little silly doing so. That is unless you had [Andrei’s] cool gesture-controlled calculator. [Andrei] thought it would be helpful to use a calculator in his research lab without having to take his gloves off and the results are pretty cool. His hardware consists of a PocketBeagle, an OLED, and an MPU6050 inertial measurement unit for capturing his hand motions using an accelerometer and gyroscope. The hardware is pretty straightforward, so the beauty of this project lies in its machine learning implementation.