Find the information you need for your favorite open source distribution .
Samuel R Lovejoy discovered a security vulnerability in dnsmasq. Carefully crafted packets by DNS servers might result in out of bounds read operations, potentially leading to a crash and denial
The Oniguruma regular expressions library, notably used in PHP mbstring, is vulnerable to stack exhaustion. A crafted regular expression can crash the process.
Several security vulnerabilities were found in icedtea-web, an implementation of the Java Network Launching Protocol (JNLP). CVE-2019-10181
It was discovered that there was a stack-based buffer over-read in memcached, the in-memory object caching system. For Debian 8 "Jessie", this issue has been fixed in memcached version
It was discovered that there was a heap-based buffer overread vulnerability in expat, an XML parsing library. A specially-crafted XML input could fool the parser into changing
"Zerons" and Qualys discovered that a buffer overflow triggerable in the TLS negotiation code of the Exim mail transport agent could result in the execution of arbitrary code with root privileges.
Several newly-referenced issues have been fixed in the FreeType 2 font engine.
It was discovered that there was an arbitrary code execution vulnerability in the pump BOOTP and DHCP client. When copying the body of the server response, the ethernet packet
Several security issues have been corrected in multiple demuxers and decoders of the libav multimedia library.
A vulnerability has been discovered in Python, an interactive high-level object-oriented language, that is relevant for cookie handling. By using a malicious server an attacker might steal cookies that are meant for other
jianglin found an issue in libextractor, a library that extracts meta-data from files of arbitrary type.
Hongxu Chen found several issues in djvulibre, a library and set of tools to handle images in the DjVu format.
Several vulnerabilities were discovered in Subversion, a version control system. The Common Vulnerabilities and Exposures project identifies the following problems:
Nick Roessler and Rafi Rubin discovered that the IMAP and ManageSieve protocol parsers in the Dovecot email server do not properly validate input (both pre- and post-login). A remote attacker can take advantage
Two security vulnerabilities were found in the Apache HTTP server. CVE-2019-10092
Multiple vulnerabilities have been discovered in faad2, the Freeware Advanced Audio Coder: CVE-2018-19502
Multiple vulnerabilities have been found in xymon, the network monitoring application. Remote attackers might leverage these vulnerabilities in the CGI parsing code (including buffer overflows and XSS) to cause denial of service, or any other unspecified impact.
Even Rouault found an issue in tiff, a library providing support for the Tag Image File Format. Wrong handling off integer overflow checks, that are based on undefined
It was discovered that there was a remote arbitrary code vulnerability in commons-beanutils, a set of utilities for manipulating JavaBeans code.
JsHuang found an issue in libmspack, a library for Microsoft compression format. Opening a crafted chm file might result in a buffer overflow which might
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
