Language Selection

English French German Italian Portuguese Spanish

Latest Secunia Security Advisories

Filed under

Highly critical

  1. Gentoo update for pound fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
  2. Link

  3. Mandriva update for xpm fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.


Less critical

  1. Gentoo updates for horde, horde-vacation, horde-turba, horde-passwd, horde-nag, horde-mnemo, horde-kronolith, horde-imp, horde-accounts, horde-forwards and horde-chora. These fix a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks.
  2. Link

  3. Gentoo: A security issue has been reported in phpmyadmin, which can be exploited by malicious, local users to disclose sensitive information.

    The problem is that the file "[version]_create.sql" is left world-readable with the password for the pma user after the installation process.

    Change password for the MySQL pma user (see original advisory) and update to "dev-db/phpmyadmin-2.6.2-r1" or later.

  4. Link

  5. Mandriva update for perl fixes a vulnerability, which potentially can be exploited by malicious, local users to gain escalated privileges.
  6. Link

  7. Mandriva update for squid fixes two vulnerabilities, which can be exploited by malicious people to gain knowledge of sensitive information or cause a DoS (Denial of Service).
  8. Link

More in Tux Machines

How to Run Android Apps and Games on Linux

Want to run Android apps on Linux? How about play Android games? Several options are available, but the one that works the best is Anbox, a useful tool that runs your favorite Android apps on Linux without emulation. Here’s how to get it up and running on your Linux PC today. Read more Also: 8 Best Android Apps For Kids To Help Children Learn With Fun | 2018 Edition

SUSE: openSUSE Tumbleweed and SUSE in HPC

  • Krita, Linux Kernel, KDEConnect Get Updated in Tumbleweed
    There have been a few openSUSE Tumbleweed snapshots released in the past two weeks that brought some new features and fixes to users. This blog will go over the past two snapshots. The last snapshot, 20180416, had several packages updated. The adobe-sourceserifpro-fonts package updated to version 2.000; with the change, the fonts were refined to make the Semibold and Bold heavier. Both dbus-1 and dbus-1-x11 were updated to 1.12.6, which fixed some regreations introduced in version 1.10.18 and 1.11.0. The gtk-vnc 0.7.2 package deprecated the manual python2 binding, which will be deleted in the next release, in favor of GObject introspection. Notifications that caused a crash were fixed in kdeconnect-kde 1.3.0. The 4.16.2 Linux Kernel made ip_tunnel, ipv6, ip6_gre, ip6_tunnel and vti6 better to validate user provided tunnel names. Due to a build system failure, not all 4.16.2 binaries were built correctly; this will be resolved in the 20180417 snapshot, which will be released shortly. Krita 4.0.1 had multiple fixes from its major version upgrade. The visual diff and merge tool meld 3.19.0 added new features like a new per-pane status bar with selectors for syntax highlighting and text encoding. Python Imaging Library python-Pillow 5.1.0 removed the freetype-2.9.patch and YaST had several packages with a version bump.
  • SUSE Linux Enterprise High Performance Computing in the SLE 15 Beta Program!
  • SUSE Linux Enterprise 15 Prepares HPC Module
    The upcoming release of SUSE Linux Enterprise 15 is offering an HPC (High Performance Computing) module for development, control, and compute nodes. Today that SLE15-HPC module is now available in beta.

OPNsense 18.1.6

For more than 3 years now, OPNsense is driving innovation through modularising and hardening the code base, quick and reliable firmware upgrades, multi-language support, fast adoption of upstream software updates as well as clear and stable 2-Clause BSD licensing. Read more

Turris MOX is a Modular & Open Source Router

A company from the Czech Republic is trying to raise money to bring a modular and open source router to the public. It has a number of features that can’t be found in the current line up of routers available for purchase. Read more