Security Leftovers
-
Door 02: Marketing department or selection bias? - Open Source Security
Josh and Kurt talk about cybersecurity statistics and the value of the data we have.
-
Security updates for Tuesday
Security updates have been issued by Debian (libxstream-java, musl, mutt, pdfresurrect, vips, and zsh), Fedora (libuv, nodejs, thunderbird, and xen), openSUSE (libssh2_org, mutt, neomutt, and thunderbird), Oracle (firefox and thunderbird), Red Hat (firefox, rh-nodejs12-nodejs, rh-php73-php, and thunderbird), Scientific Linux (thunderbird), SUSE (libX11, mariadb, mutt, python-pip, python-setuptools, and python36), and Ubuntu (containerd, php-pear, and sniffit).
-
Two More X.Org Server Security Advisories Issued - Possible Privilege Escalation - Phoronix
Trend Micro's Zero Day Initiative has uncovered two more security issues with the aging X.Org Server that as we roll into 2021 is still powering most of the Linux desktops.
The security researchers found multiple input validation failures with the X.Org Server's XKB keyboard extension. Insufficient checks on different checks could lead to out-of-bounds memory accesses or buffer overflows.
-
X.Org server security advisory: December 1, 2020
X.Org server security advisory: December 1, 2020 Multiple input validation failures in X server XKB extension ============================================================ These issues can lead to privileges elevations for authorized clients on systems where the X server is running privileged. * CVE-2020-14360 / ZDI CAN 11572 XkbSetMap Out-Of-Bounds Access Insufficient checks on the lengths of the XkbSetMap request can lead to out of bounds memory accesses in the X server. * CVE-2020-25712 / ZDI-CAN-11839 XkbSetDeviceInfo Heap-based Buffer Overflow Insufficient checks on input of the XkbSetDeviceInfo request can lead to a buffer overflow on the head in the X server.
-
xorg-server 1.20.10
Xorg-server 1.20.10 has been released. This version fixes security issues that could lead to privilege escalation, or other problems.
- Login or register to post comments
- Printer-friendly version
- 2834 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
digiKam 7.7.0 is releasedAfter three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. |
Dilution and Misuse of the "Linux" Brand
|
Samsung, Red Hat to Work on Linux Drivers for Future TechThe metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. |
today's howtos
|
Recent comments
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago