Find the information you need for your favorite open source distribution .
Various buffer-overflow and input-non-validation vulnerabilities are fixed in this patch.
Several security related problems have been fixed in the Linux kernel2.4.17 used for the S/390 architecture, mostly by backporting fixesfrom 2.4.18 and incorporating recent security fixes.
This is actually several related advisories, broken down by platform, but all referring to the same recently discovered kernel vulnerabilities.
Due to missing function return value check of internal functions a local attacker can gain root privileges.
Phong Nguyen identified a severe bug in the way GnuPG creates and usesElGamal keys for signing.
Previous versions could be used to send email to arbitrary addresses, which is exploited by spammers.
The cross-site scripting vulnerabilities could allow an attacker to perform administrative operations without authorization, by stealing a session cookie.
A vulnerability was discovered in mpg123, a command-line mp3 player, whereby a response from a remote HTTP server could overflow a buffer allocated on the heap, potentially permitting execution of arbitrary code with the privileges of the user invoking mpg123.
Stefan Esser discovered several security related problems in Gaim, a multi-protocol instant messaging client.
Integer overflow in the do_brk() function of the Linux kernel allows local users to gain root privileges.
The program applies an unchecked-length environment variable into a fixed size buffer.
An attacker could abuse suidperl to discover information about files that should not be accessible to unprivileged users.
The binaries don't drop privileges before executing a command, allowing an attacker to gain access to the local group games.
This vulnerability can be used to trivially recover the private key.
This vulnerability could grant a local attacker "slocate" group privileges, which can access the list of all file pathnames on the system.
A flaw in bounds checking in mremap() in the Linux kernel may allow a local attacker to gain root privileges.
Many of these programs were found to create temporary files in an insecure manner.
A number of buffer overflows could be exploited to crash tcpdump, or execute arbitrary code with the privileges of tcpdump.
A malicious archive (such as a .tar file) could cause arbitrary code to be executed if opened by Midnight Commander.
The IA-64 maintainers fixed several security related bugs in the Linux kernel 2.4.17 used for the IA-64 architecture, mostly by backporting fixes from 2.4.18.
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
