Find the information you need for your favorite open source distribution .
Multiple cross-site scripting and cross-site request forgery issues were discovered in the DAViCal CalDAV Server.
A vulnerability has been found in php-horde, the Horde Application Framework, which may result in information disclosure via cross-site scripting.
It was discovered that there was unsafe deserialisation issue in cacti, server monitoring system system. Unsafe deserialisation of objects which can lead to abuse of the
More deserialization flaws were discovered in jackson-databind which could allow an unauthenticated user to perform remote code execution. The issue was resolved by extending the blacklist and blocking more classes from polymorphic deserialization.
It was found that freeimage, a graphics library, was affected by the following two security issues: CVE-2019-12211
It was found that Squid, a high-performance proxy caching server for web clients, has been affected by the following security vulnerabilities.
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.
Several security vulnerabilities were found in Ruby that also affected Debian's JRuby package, a pure-Java implementation of Ruby. Attackers were able to call arbitrary Ruby methods, cause a denial-of-service or inject input into HTTP response headers when using the WEBrick module.
In HTMLDOC, there was a one-byte underflow in htmldoc/ps-pdf.cxx caused by a floating point math difference between GCC and Clang.
The OpenSLP package had two open security issues: CVE-2017-17833
phpMyAdmin before 4.9.2 does not escape certain Git information, related to libraries/display_git_revision.lib.php and libraries/Footer.class.php.
Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in denial of service, sandbox bypass, information disclosure or the execution of arbitrary code.
It was discovered that there was an integer overflow vulnerability in librabbitmq, a library for robust messaging between applications and servers.
Several security issues were fixed in libav, a multimedia library for processing audio and video files.
Several vulnerabilities were discovered in the Oniguruma regular expressions library, notably used in PHP mbstring.
A corrupted or specially crafted CRW images might exceed the overall buffersize to cause a denial of service.
The backport of the CVE-2019-13161 fix caused a regression and has been reverted. For Debian 8 "Jessie", this problem has been fixed in version
In mod_tls a crash with empty CRL was fixed. For Debian 8 "Jessie", this problem has been fixed in version 1.3.5e+r1.3.5-2+deb8u5.
Several vulnerabilites are fixed in Asterisk, an Open Source PBX and telephony toolkit. CVE-2019-13161
This update fixes a regression in introduced in 1:5.22+15-2+deb8u5 causing truncated output of the interpreter name, thanks to Christoph Biedl for reporting the problem and cause.
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
