Find the information you need for your favorite open source distribution .
Christer Öberg of Wkit Security AB found a problem in joe (Joe's Own Editor).
slrn might overflow a buffer which could result into executingarbitraty code encoded in the message.
This is an update to the DSA-032-1 advisory. The powerpc packagethat was listed in that advisory was unfortunately compiled onthe wrong system which caused it to not work on a Debian GNU/Linux 2.2system.
The version of GNU libc that was distributed with Debian GNU/Linux 2.2 suffered from 2 security problems.
Former versions of sgml-tools created temporary files directly in /tmp in an insecure fashion.
It has been reported that the AsciiSrc and MultiSrc widget in the Athena widget library handle temporary files insecurely.
It has been reported that a local user could tweak Midnight Commander of another user into executing a random program under the user id of the person running Midnight Commander.
It has been reported that one can tweak man2html remotely into consuming all available memory. This has been fixed by Nicolás Lichtmaier with help of Stephan Kulow.
Fumitoshi Ukai and Denis Barbier have found several potential buffer overflow bugs in our version of ePerl as distributed in all of our distributions.
The author of analog, Stephen Turner, has found a buffer overflow bug in all versions of analog except of version 4.16.
There are two problems with the version of proftpd that is in Debian 2.2 (potato).
The most recent advisory covering sudo missed one architecture that was released with 2.2. Therefore this advisory is only an addition to DSA 031-1 and only adds the relevant package for the powerpc architecture.
In Debian Security Advisory DSA 011-1 we have reported insecure creation of temporary files in the mgetty package that have been fixed. For details please read the main advisory.
In Debian Security Advisory DSA 029-1 we have reported several vulnerabilities in proftpd that have been fixed. For details please read the main advisory.
Todd Miller announced a new version of sudo which corrects a buffer overflow that could potentially be used to gain root privilages on the local system.
Several people have noted a number of problems in several components of the X Window System sample implementation.
Chris Evans, Joseph S. Myers, Michal Zalewski, Alan Cox, and others have noted a number of problems in several components of the X Window System sample implementation.
Remote DOS & potential buffer overflow exist with previous versions of proftpd
Styx has reported that the program `man' mistakenly passes maliciousstrings through routines that were not meant to use them as format strings.
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
