Find the information you need for your favorite open source distribution .
Vulnerabilities have been identified in libspring-java, a modular Java/J2EE application framework.
The urllib library in Python ships support for a second, not well known URL scheme for accessing local files ("local_file://"). This scheme can be used to circumvent protections that try to block local file access
Two security vulnerabilities were discovered in openjpeg2, a JPEG 2000 image library. CVE-2016-9112
It was discovered that there were two heap buffer overflows in the Hyperloglog functionality provided by the Redis in-memory key-value database.
Spring Security support plain text passwords using PlaintextPasswordEncoder. If an application using an affected version of Spring Security is leveraging PlaintextPasswordEncoder and a user
Fang-Pen Lin discovered a stack-based buffer-overflow flaw in ZeroMQ, a lightweight messaging kernel library. A remote, unauthenticated client connecting to an application using the libzmq library, running with a
It was discovered that there were multiple cross-site scripting vulnerabilities in the squid3 caching proxy server. For Debian 8 "Jessie", these issues have been fixed in squid3
It was discovered that there was a XML external entity vulnerability in the lemonldap-ng single-sign on system. This may have led to the disclosure of confidential data, denial of service, server side request forgery, port scanning, etc.
Two vulnerabilities have been discovered in pdns, an authoritative DNS server which may result in denial of service via malformed zone records and excessive NOTIFY packets in a master/slave setup.
It was discovered that the Django Python web development framework did not correct identify HTTP connections when a reverse proxy connected via HTTPS.
The update for rdesktop released as 1.8.6-0+deb8u1 introduced a regression which broke RDP protocol negotiation. Updated rdesktop packages are now available to correct this issue.
Three issues have been found for gpac, an Open Source multimedia framework. Two of them are NULL pointer dereferences and one of them is a heap-based
A flaw was found in the amd64 implementation of salsa20. If more than 256 GiB of keystream is generated, or if the counter otherwise grows greater than 32 bits, the amd64 implementation will first generate incorrect output, and then cycle back to previously generated keystream.
It was discovered that Expat, an XML parsing C library, did not properly handle XML input including XML names that contain a large number of colons, potentially resulting in denial of service.
Several minor issues have been fixed in mupdf, a lightweight PDF viewer tailored for display of high quality anti-aliased graphics.
The update issued as DLA-1835-1 caused a regression in the http.client library in Python 3.4 which was broken by the patch intended to fix CVE-2019-9740 and CVE-2019-9947.
Several security vulnerabilities were discovered in the rdesktop RDP client, which could result in buffer overflows and execution of arbitrary code.
Multiple security issues have been found in Thunderbird which may lead to the execution of arbitrary code if malformed email messages are read. For Debian 8 "Jessie", these problems have been fixed in version
Multiple vulnerabilities were discovered in Python, an interactive high-level object-oriented language, including
Multiple vulnerabilities were discovered in Python, an interactive high-level object-oriented language, including
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
