Find the information you need for your favorite open source distribution .
A second regression issue has been resolved in the poppler PDF rendering shared library this time introduced with version 0.26.5-2+deb8u6 (see DLA 1562-2).
This update fixes libstdc++ std::future support on armel, which is necessary to get firefox-esr and thunderbird updates built on that architecture.
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or bypass of the same-origin policy.
It was discovered that there was a XSS injection vulnerability in the LXML HTML/XSS manipulation library for Python. LXML did not remove "javascript:" URLs that used escaping such as
Among others, Andre Heinicke from gpg4win.org found several issues of nsis, a tool for creating quick and user friendly installers for Microsoft Windows operating systems.
Jayakrishna Menon and Christophe Hauser discovered an integer overflow vulnerability in Perl_my_setenv leading to a heap-based buffer overflow with attacker-controlled input.
Several vulnerabilities were found in QEMU, a fast processor emulator: CVE-2016-2391
Multiple security vulnerabilities were found in libarchive, a multi-format archive and compression library. Heap-based buffer over-reads, NULL pointer dereferences and out-of-bounds reads allow remote attackers to cause a denial-of-service (application crash) via
A regression issue has been resolved in the poppler PDF rendering shared library introduced with version 0.26.5-2+deb8u5.
Several security vulnerabilities were discovered in Ghostscript, an interpreter for the PostScript language, which could result in denial of service, the creation of files or the execution of arbitrary code if a malformed Postscript file is processed (despite the dSAFER sandbox being
gnuplot, a command-line driven interactive plotting program, has been examined with fuzzing by Tim Blazytko, Cornelius Aschermann, Sergej Schumilo and Nils Bars.
keepalived has a heap-based buffer overflow when parsing HTTP status codes resulting in DoS or possibly unspecified other impact, because extract_status_code in lib/html.c has no validation of the status code
A buffer overflow was discovered in the URL-authentication backend of the icecast2, the popular open source streaming media server. If the backend is enabled, then any malicious HTTP client can send a request
It was discovered that there can be a denial of service (DoS) vulnerability in squid3 due to a memory leak in SNMP query rejection code when SNMP is enabled. In environments where per-process memory
gnuplot5, a command-line driven interactive plotting program, has been examined with fuzzing by Tim Blazytko, Cornelius Aschermann, Sergej Schumilo and Nils Bars.
A vulnerability in xml-security-c, a library for the XML Digital Security specification, has been found. Different KeyInfo combinations, like signatures without public key, result in incomplete DSA structures that
Two security vulnerabilities were discovered in OTRS, a Ticket Request System, that may lead to privilege escalation or arbitrary file write. CVE-2018-19141
It was discovered that there were two vulnerabilities libphp-phpmailer, an email library for the PHP programming language: * CVE-2017-5223: Local file disclosure vulnerability via relative path
Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in denial of service, sandbox bypass, incomplete TLS identity verification, information disclosure or the execution of arbitrary code.
CVE-2015-5297 Numerical overflow in pointer arithmetic.
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
