Find the information you need for your favorite open source distribution .
CVE-2015-1239 Fix for denial of service (process crash) via a crafted PDF.
Two heap buffer over read conditions were found in gpac. CVE-2018-13005
unzip and untar target tasks in ant allows the extraction of files outside the target directory. A crafted zip or tar file submitted to an Ant build could create or overwrite arbitrary files with the
CVE-2018-11439 Fix for a heap-based buffer over-read via a crafted audio file.
Linux 4.9 has been packaged for Debian 8 as linux-4.9. This provides a supported upgrade path for systems that currently use kernel packages from the "jessie-backports" suite.
Linux 4.9 has been packaged for Debian 8 as linux-4.9. This provides a supported upgrade path for systems that currently use kernel packages from the "jessie-backports" suite.
The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD has too wide permissions, which means that anyone who can send a message using the same raw protocol that sudo and SSSD use can read the sudo
CVE-2015-1854 A flaw was found while doing authorization of modrdn operations. An unauthenticated attacker able to issue an ldapmodrdn call to
It was discovered that there were two issues in znc, a modular IRC bouncer: * There was insufficient validation of lines coming from the network
The previous update to linux failed to build for the armhf (ARM EABI hard-float) architecture. This update corrects that. For all other architectures, there is no need to upgrade or reboot again. For reference, the relevant part of the original advisory text follows.
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
Several vulnerabilities were discovered in CUPS, the Common UNIX Printing System. These issues have been identified with the following CVE ids: CVE-2018-4180
Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code, denial of service or attacks on encrypted emails.
Multiple vulnerabilities were found in the interpreter for the Ruby language. The Common Vulnerabilities and Exposures project identifies the following issues:
It was discovered that there was a symlink attack in the Cinnamon desktop environment. An attacker could overwrite an arbitrary file on the filesystem via
It was discovered that there was a discovered a path traversal flaw in ruby-sprockets, a Rack-based asset packaging system. A remote attacker could take advantage of this flaw to read arbitrary files outside an application's root directory via "file://" requests.
Several security vulnerabilities were found in Bouncy Castle, a Java implementation of cryptographic algorithms. CVE-2016-1000338
There have been a number of updates to the set of Certificate Authority (CA) certificates that are considered "valid" or otherwise should be trusted.
It was discovered that the Soup HTTP library performed insuffient validation of cookie requests which could result in an out-of-bounds memory read.
Several vulnerabilities were found in phpMyAdmin, the web-based MySQL administration interface, including SQL injection attacks, denial of service, arbitrary code execution, cross-site scripting, server-side request forgery, authentication bypass, and file system traversal.
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
