Find the information you need for your favorite open source distribution .
dialog previously did not create them safely which made itsusceptible to a symlink attack.
Lez discovered a format string problem in stunnel. Brian Hatchresponded by stating he was already preparing a new release withmultiple security fixes.
Matt Kraai reported that he found a problem in the way dialogcreates lock-files: it did not create them safely which made itsusceptible to a symlink attack.
A busy week for the Zope team: on Monday another security alert wasreleased revealing a potential problem found by Peter Kelly.
Previous versions allowed users with privileges in one folder could gain privileges in another folder.
Michel Kaempf reported a security problem in slocate on bugtraqwhich was originally discovered by zorgon.
When nano (a free pico clone) unexpectedly diesit tries a warning message to a new file with a predictable name.
New fsh packages exist to fix potential symlink attack vulnerabilities.
Alan Cox discovered that GNU ed (a classed line editor tool)created temporary files unsafely.
cons.saver does not check if it is started with a valid stdout, potentially causing a denial of service.
ghostscript uses temporary files to do some of its work. Unfortunatelythe method used to create those files wasn't secure
Topi Miettinen audited elvis-tiny and raised an issue covering the useand creation of temporary files.
A buffer overflow in ncurses, linked to the "cda" binary, allowed a rootexploit. The problem is fixed in xmcd 2.5pl1-7.1.
The version of the ncurses display library shipped with Debian GNU/Linux 2.2is vulnerable to several buffer overflows in the parsing of terminfodatabase files.
hacksware reported a buffer overflow in the AFS packet parsing code inethereal.
When joe dies to a signal instead of a normal exit it is vulnerable to a symlink attack.
Several buffer overflows were found which allow an attacker to make tcpdump crash.
Sebastian Krahmer found a problem in the modprobe utility that could beexploited by local users to run arbitrary commands as root if themachine is running a kernel with kmod enabled.
Mandrake has recently released a security advisory against CUPSraising two issues
The version of Vixie Cron shipped with Debian GNU/Linux 2.2 is vulnerable toa local attack, discovered by Michal Zalewski.
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
