Find the information you need for your favorite open source distribution .
Several vulnerabilities were found in QEMU, a fast processor emulator: CVE-2018-17958
Several issues in wireshark, a network traffic analyzer, have been found. Dissectors of - ISAKMP, a Internet Security Association and Key Management Protocol
Two vulnerabilities were found in Policykit, a framework for managing administrative policies and privileges: CVE-2018-19788
krb5, a MIT Kerberos implementation, had several flaws in LDAP DN checking, which could be used to circumvent a DN containership check by supplying special parameters to some calls.
Several stack exhaustion conditions were found in mxml that can easily crash when parsing xml files.
The PostgreSQL project has release a new minor release of the 9.4 branch. For Debian 8 "Jessie", this has been uploaded as version
It was discovered that tmpreaper, a program that cleans up files in directories based on their age, is vulnerable to a race condition. This vulnerability might be exploited by local attackers to perform privilege escalation.
Multiple vulnerabilities were found in the journald component of systemd which can lead to a crash or code execution. CVE-2018-16864
Several vulnerabilities have been resolved in libjpeg-turbo, Debian's default JPEG implemenation. CVE-2016-3616
(amended to refer to jessie in the sources.list entry below, instead of stable) Max Justicz discovered a vulnerability in APT, the high level package manager.
Max Justicz discovered a vulnerability in APT, the high level package manager. The code handling HTTP redirects in the HTTP transport method doesn't properly sanitize fields transmitted over the wire. This vulnerability could be used by an attacker located as a man-in-the-middle between APT and a mirror to inject
It was discovered that aria2 (the lightweight command-line download utility) can store passed user credentials in a log file when using the --log option. This might allow local users to obtain sensitive information by reading this file.
A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return '/' (the root directory) instead of '' (the empty string / no home directory). This could impact services that
Several issues in wireshark, a tool that captures and analyzes packets off the wire, have been found by different people. These are basically issues with length checks or invalid memory access in
Several flaws were corrected in SQLite, an SQL database engine. CVE-2017-2518
A heap-buffer-overflow vulnerability was discovered in libsndfile, the library for reading and writing files containing sampled sound. This flaw might be triggered by remote attackers to cause denial of service (out of bounds read and application crash).
Several vulnerabilities were discovered in libcaca, a graphics library that outputs text: integer overflows, floating point exceptions or invalid memory reads may lead to a denial-of-service (application crash) if a malformed image file is processed.
Several security vulnerabilities were corrected in the libav multimedia library which may lead to a denial-of-service, information disclosure or the execution of arbitrary code if a malformed file is processed.
It was discovered that there was a content-spoofing vulnerability in the default 404 pages in the Django web development framework. For more information, please see:
Multiple issues were fixed in Qt. CVE-2018-15518 A double-free or corruption during parsing of a specially crafted
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
