Find the information you need for your favorite open source distribution .
Tobias Maedel discovered that the mod_copy module of ProFTPD, a FTP/SFTP/FTPS server, performed incomplete permission validation for the CPFR/CPTO commands.
It was discovered that there were two vulnerabilities in the Django web development framework: * CVE-2019-14232: Prevent a possible denial-of-service in
Simon McVittie spotted a memory leak regression in the way CVE-2019-13012 had been resolved for glib2.0 in Debian jessie.
Several minor issues have been fixed in vim, a highly configurable text editor.
A XSS vulnerability was discovered in SquirrelMail. Due to improper handling of RCDATA and RAWTEXT type elements, the built-in sanitization mechanism can be bypassed. Malicious script content from HTML e-mails can be executed within the application context via
Several vulnerabilities were discovered in WPA supplicant / hostapd. Some of them could only partially be mitigated, please read below for details.
Various minor issues have been addressed in the GLib library. GLib is a useful general-purpose C library used by projects such as GTK+, GIMP, and GNOME.
Several more boundary checks have been backported to libssh2's src/sftp.c. Furthermore, all boundary checks in src/sftp.c now result in an LIBSSH2_ERROR_BUFFER_TOO_SMALL error code, rather than a
The following issues have been found in sdl-image1.2, the 1.x version of the image file loading library. CVE-2018-3977
An issue with quoting has been found in patch, a tool to apply a diff file to an original, when invoking ed. In order to avoid this, ed is now directly started instead of calling a shell which starts ed.
Various security problems have been additionally fixed in libssh2, an SSH client implementation written in C++.
Jann Horn discovered that the ptrace subsystem in the Linux kernel mishandles the management of the credentials of a process that wants to create a ptrace relationship, allowing a local user to obtain root privileges under certain scenarios.
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
The following issues have been found in libsdl2-image, the image file loading library.
Several vulnerabilities were found in libxslt the XSLT 1.0 processing library. CVE-2016-4610
A vulnerability was found in the Bind DNS Server. Limits on simultaneous tcp connections have not been enforced correctly and could
Squid, a high-performance proxy caching server for web clients, has been found vulnerable to denial of service attacks associated with HTTP authentication header processing.
Vulnerabilities have been discovered in nss, the Mozilla Network Security Service library.
Handling of symlinks in patch, a tool to apply a diff file to an original, was wrong in certain cases.
It was discovered that there was an integer overflow vulnerability in exiv2, a tool to manipulate images containing (eg.) EXIF metadata. This could have resulted in a denial of service via a specially-
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
