Find the information you need for your favorite open source distribution .
ClamAV, an anti-virus utility for Unix, has released the version 0.100.1. Installing this new version is required to make use of all current virus signatures and to avoid warnings.
CVE-2018-14767 Fix for missing input validation, which could result in denial of service and potentially the execution of arbitrary code.
An out of bound read was discoverd in libConfuse, a configuration file parser library. CVE-2018-14447
It was discovered that there was a denial of service or (potentially code execution) vulnerability in libxcursor, a library designed to help locate and load cursors for the X Window System.
CVE-2018-10906 This is a fix for a restriction bypass of the "allow_other" option when SELinux is active.
It was found that rubyzip, a Ruby module for reading and writing zip files, contained a Directory Traversal vulnerability that can be exploited to write arbitrary files to the filesystem.
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation or denial of service. CVE-2018-5390 (SegmentSmack)
An unprivileged user of dblink or postgres_fdw could bypass the checks intended to prevent use of server-side credentials, such as a ~/.pgpass file owned by the operating-system user running the server. Servers allowing peer authentication on local connections are particularly
Multiple vulnerabilities have been discovered in various parsers of Blender, a 3D modeller/ renderer. Malformed .blend model files and malformed multimedia files (AVI, BMP, HDR, CIN, IRIS, PNG, TIFF) may result in the execution of arbitrary code.
Various vulnerabilities leading to denial of service or possible unspecified other impacts were discovered in sam2p, an utility to convert raster images to EPS, PDF, and other formats.
The following vulnerability was discovered in wpa_supplicant. CVE-2018-14526: | An issue was discovered in rsn_supp/wpa.c in wpa_supplicant 2.0
The security update for slurm-llnl introduced a regression in the fix for CVE-2018-10995 which broke accounting. For Debian 8 "Jessie", this problem has been fixed in version
It was discovered that there were several vulnerabilities in libsmpack, a library used to handle Microsoft compression formats. A remote attacker could craft malicious .CAB, .CHM or .KWAJ files
It was discovered that the Apache XML Security for C++ library performed insufficient validation of KeyInfo hints, which could result in denial of service via NULL pointer dereferences when processing malformed XML data.
It was discovered that there was a directory traversal vulnerability in cgit, a web frontend for Git repositories. For Debian 8 "Jessie", this issue has been fixed in cgit version
The fix for CVE-2018-10886 was incomplete in the previous upload. New changes was implemented upstream which check and resolve symlinks before expanding the archives.
It was found that the security update of busybox announced as DLA-1445-1 to prevent the exploitation of CVE-2011-5325, a symlinking attack, was too strict in case of cpio archives. This update restores the old behavior.
Various vulnerabilities were discovered in graphicsmagick, a collection of image processing tools and associated libraries, resulting in denial of service, information disclosure, and a variety of buffer overflows and overreads.
Several vulnerabilities have been discovered in mutt, a sophisticated text-based Mail User Agent, resulting in denial of service, stack-based buffer overflow, arbitrary command execution, and directory traversal
The security update of busybox announced as DLA-1445-1 introduced a regression due to an incomplete fix for CVE-2015-9261. It was no longer possible to decompress gzip archives which exceeded a certain file size.
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
