Navigation

Language Selection

Search

Today's Security Advisories

Submitted by srlinuxx on Thursday 14th of April 2005 12:46:49 PM Filed under

Security

Moderately critical

Description:
Fedora has issued an update for openoffice. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.

Solution:
Apply updated Fedora Core 3

less critical

Description:
Gentoo has issued an update for rsnapshot. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges.

Solution:
Update "net-misc/rsnapshot" to 1.2.1 or 1.1.7, or later.

Moderately critical

Solution:
Update "net-misc/rsnapshot" to 1.2.1 or 1.1.7, or later.

Not critical

Description:
MandrakeSoft has issued an update for gaim. This fixes three weaknesses, which can be exploited by malicious people to cause a DoS (Denial of Service).

Solution:
Apply updated packages.

Less critical

Description:
Debian has issued an update for mysql. This fixes some vulnerabilities, which can be exploited by malicious users to bypass certain security restrictions and potentially compromise a vulnerable system and by malicious, local users to perform certain actions on a vulnerable system with escalated privileges.

Solution:
Apply updated packages.

secunia.com.

Login or register to post comments
Printer-friendly version
1544 reads
PDF version

More in Tux Machines

today's howtos

Tried Elementary OS 0.4.1 Loki again - Negatory

The Linux desktop needs a reset. We're now in a post-Ubuntu world, with Unity gone, and we're back in sad and forlorn 2005. There isn't a single major project out there where you can look and say, wow, there's gonna be a fun and exciting year ahead of us. Well, maybe one or two. The rest? Just run-of-the-mill stuff. The forums are quiet, because there isn't anything to report, and rehashing kernel versions and desktop versions isn't really worth anyone's time. I think elementary OS represents this crisis quite well. On its own, it's a badly cobbled release, with too many issues and inconsistencies and a dreadful approach to ergonomics, making it useless to most people, all other things notwithstanding. But it was too buggy for me to even attempt to install it. Not going well. Alas, unless something cardinal changes, I cannot recommend this one at all. The combo of visual glitches, mediocre performance and middling hardware support does not warrant a longer adventure. Perhaps one day this will change, but for now, you're better off with stock Ubuntu. And by that I mean up to Zesty, ad I haven't tried Aardvark yet. Take care, and stay golden. Also: Newbie's Guide to Ubuntu 17.10 Part 3

10 Reasons Why I Switched To Telegram Messenger

Whatsapp may be the best player in the game when it comes to instant messaging apps, but Telegram Messenger is the entire game itself.

How To Install Wine And Run Windows Apps In Linux

All kinds of software are currently available on Linux but every now and then, there is that Windows software or Game which is not available or has no equivalent on Linux Wine makes it possible to run those Windows programs and Games on your Linux desktop. So let’s look at how to install Wine on Linux and run Windows apps on Linux desktop.

Latest News

LXQt 0.12.0 Desktop Environment Released with Better Support for HiDPI Displays

The developers of the Lightweight Qt Desktop Environment (LXQt) were proud to announce today the release and immediate availability for download of the LXQt 0.12.0 desktop environment. Also: LXQt 0.12 released With Better HiDPI Support, More Robust

GNOME 3.27.1 RELEASED

GNOME 3.25.1, the first unstable release in the 3.28 development cycle, is now available. The porting of more modules to meson continues (which is great!), but It's still causing some problems for some modules. See below. If you want to compile GNOME 3.27.1 by yourself, you can use the JHBuild modulesets available here: Also: GNOME 3.27.1 Released

today's leftovers

Another Million Learn About GNU/Linux

Ordinarily, I would not notice or even recommend a brief article in a magazine but this is Popular Science, the Bible of DIY types especially the young and restless who might actually take the plunge into FLOSS (Free/Libre Open Source Software). It’s a general magazine with a million subscribers.
Chromium 62 ready for download

chromium_iconEarlier this week, Google released a security update for its chrome/chromium browser. The new version 62.0.3202.62 plugs the holes of 35 more or less serious issues, several of them have a CVE rating. When the topic of Chromium 62 came up in the comments section of a previous post, I mentioned that I was unable to compile it on Slackware 14.2. Errors like “error: static assertion failed: Bound argument |i| of type |Arg| cannot be converted and bound as |Storage|” yield some results when looked up on the Internet, and they indicate that Slackware’s own gcc-5.3.0 package is too old to compile chromium 62.
Playing with the pine64

So I went for OpenBSD because I know the stuff and who to har^Wkindly ask for help. Spoiler alert, it's boring because it just works.
PrismTech Moves Market-Leading Proven DDS Solution to Open Source as Eclipse Cyclone
Nana Oforiatta Ayim’s Open-Source Encyclopedia of African History Starts With Ghana

It is a rare kind of woman who enjoys a project so vast that it’s practically unfinishable, but Nana Oforiatta Ayim, a Ghanaian gallerist, writer, and historian, never quits what she has started. She’s discussing her work on the "Cultural Encyclopaedia", an attempt to “facilitate the re/ordering of knowledge, narratives, and representations from and about the African continent” through an online resource that includes an A-to-Z index and vertices of clickable images for entries. Eventually, a 54-volume book series—one for each country on the continent—will be published with selections from the encyclopedia's long, long list. Oforiatta Ayim is working with a small team of editors, and, starting with her native country, she has taken on the task of documenting all significant cultural touchstones in the thousands of years of African history. Plus, it will be open source to prevent it from having a top-down logic. “I’m a little bit crazy to take it on,” she says. “But if I’m not going to do it, who is going to be as crazy as me?”
The Only Person I’ll Pair Program with is my Cat

I could argue (to varying degrees of success) that pair programming isn’t productive. Productivity of a practice is an easy thing to attack because, in our capitalist dystopia, it’s the end-all-be-all metric. But I hate pair programming, and it’s not just because I don’t feel productive. It’s a lot more than that.
Reaper: IoT botnet 'worse than Mirai' infects one million organisations worldwide

Check Point first unearthed the botnet, codenamed 'IoT_reaper', at the beginning of September and claims that, since, it's already enslaved millions of IoT devices including routers and IP cameras from firms including GoAhead, D-Link, TP-Link, Avtech, Netgear, MikroTik, Linksys and Synology.
Google will pay out bounties for bad Android app flaws

"Google Play is working with the independent bug bounty platform, HackerOne, and the developers of popular Android apps to implement the Google Play Security Reward Program. Developers of popular Android apps are invited to opt-in to the program, which will incentivize security research in a bug bounty model," says HackerOne.

Syndication & Social Media

Follow the site via RSS/Twitter.

Full RSS:

RSS feeds for particular topics are also available

Twitter:

Content (where original) is available under CC-BY-SA, copyrighted by original author/s.

Tux Machines is proud to be hosted by

Support Tux Machines

Help Support TM
Wall of Appreciation

Linux Gizmos

Linux Today

LinuxSecurity.com Advisories

More on Tux Machines: About ● Gallery ● Forum ● Blogs ● Search ● News ● RSS Feed

Part of Bytes Media ● Sister sites below.

Linux.com

DW Latest Releases

Phoronix

Content available under CC-BY-SA