Find the information you need for your favorite open source distribution .
Juraj Somorovsky, Robert Merget and Nimrod Aviram discovered a padding oracle attack in OpenSSL. If an application encounters a fatal protocol error and then calls
A vulnerability was discovered in uw-imap, the University of Washington IMAP Toolkit, that might allow remote attackers to execute arbitrary OS commands if the IMAP server name is untrusted input (e.g., entered by a
Garming Sam reported an out-of-bounds read in the ldb_wildcard_compare() function of ldb, a LDAP-like embedded database, resulting in denial of service.
Potential buffer over-reads in readelf.c have been found in file, a popular file type guesser. For Debian 8 "Jessie", these problems have been fixed in version
Two issues have been found in bind9, the Internet Domain Name Server. CVE-2019-6465
Multiple vulnerabilities have been discovered in SoX (Sound eXchange), a sound processing program: CVE-2017-15370
Several vulnerabilities were found in QEMU, a fast processor emulator: CVE-2018-12617
Several issues have been found by different authors in gpac, an Open Source multimedia framework for research and academic purposes.
An information leak issue was discovered in phpMyAdmin. An attacker can read any file on the server that the web server's user can access. This is related to the mysql.allow_local_infile PHP
Several issues have been found in exiv2, a EXIF/IPTC/XMP metadata manipulation tool.
Multiple vulnerabilities have been discovered in liblivemedia, the LIVE555 RTSP server library: CVE-2019-6256
Several issues in elfutils, a collection of utilities to handle ELF objects, have been found either by fuzzing or by using an AddressSanitizer.
A newer version of waagent is needed for several features of the Azure platform. For Debian 8 "Jessie", this problem has been fixed in version
Mike Salvatore discovered that the fixes for these heap-based buffer overflows had not been properly applied in the Debian package. For Debian 8 "Jessie", this problem has been fixed in version
Sylvain Beucler and Dan Walma discovered several directory traversal issues in DFArc, a frontend and extensions manager for the Dink Smallwood game, allowing an attacker to overwrite arbitrary files on the user's system.
Drupal core uses the third-party PEAR Archive_Tar library. This library has released a security update which impacts some Drupal configurations. Refer to CVE-2018-1000888 for details. Also a possible
Chris Coulson discovered a flaw in systemd leading to denial of service. An unprivileged user could take advantage of this issue to crash PID1 by sending a specially crafted D-Bus message on the system bus.
Multiple security issues were found in the rdesktop RDP client, which could result in denial of service, information disclosure and the execution of arbitrary code.
Joergen Ibsen reported an issue with uriparser, a URI parsing library compliant with RFC 3986.
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
