Find the information you need for your favorite open source distribution .
Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service. CVE-2018-1093
Multiple vulnerabilities have been discovered in the libtiff library and the included tools, which may result in denial of service: CVE-2017-11613
The Qualys Research Labs discovered multiple vulnerabilities in procps, a set of command line and full screen utilities for browsing procfs. The Common Vulnerabilities and Exposures project identifies the following problems:
Several vulnerabilities have been found in the Apache HTTPD server. CVE-2017-15710
Several issues that could result in a crash within different dissectors have been fixed. Other issues are related to memory leaks or heap-based buffer overflows.
CVE-2017-18248 It was found that by submitting a print job with an invalid username, the CUPS server can be crashed, when D-Bus support is enabled (which
Multiple vulnerabilities have been discovered in Ming: CVE-2018-7866
It was found that the open_envvar function in xdg-utils does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct
Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in denial of service, informations leaks or privilege escalation.
Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code, denial of service or attacks on encrypted emails.
Several security vulnerabilities were discovered in ImageMagick, an image manipulation program, that allow remote attackers to cause a denial of service via CPU exhaustion (infinite loop) or heap-based buffer overreads with a crafted image file.
Several vulnerabilities were discovered in MAD, an MPEG audio decoder library, which could result in denial of service if a malformed audio file is processed.
It was discovered that there was an issue in the curl a command-line tool for downloading (eg.) data over HTTP. curl could have be tricked into reading data beyond the end of a heap
A heap-based buffer overflow was discovered in the LZWDecodeCompat function in tif_lzw.c (LibTIFF 4.0.9 and earlier). This vulnerability might be leveraged by remote attackers to crash the client via a crafted TIFF LZW file.
A heap-based buffer overflow was discovered in the LZWDecodeCompat function in tif_lzw.c (LibTIFF 4.0.9 and earlier). This vulnerability might be leveraged by remote attackers to crash the client via a crafted TIFF LZW file.
An authenticated remote attacker can execute arbitrary code in Firebird SQL Server versions 2.5.7 and 3.0.2 by executing a malformed SQL statement. The only known solution is to disable external UDF libraries from being loaded. In order to achieve this, the default configuration has changed to UdfAccess=None.
Harry Sintonen have discovered a cookie injection vulnerability in wget caused by insufficient input validation, enabling an external attacker to inject arbitrary cookie values cookie jar file, adding new
Several security issues have been found in the Mozilla Firefox web browser: Multiple memory safety errors and other implementation errors may lead to the execution of arbitrary code or denial of service.
Several issues have been discovered in PHP (recursive acronym for PHP: Hypertext Preprocessor), a widely-used open source general-purpose scripting language that is especially suited for web development and can be embedded into HTML.
This update includes the changes in tzdata 2018e for the Perl bindings. For the list of changes, see DLA-1371-1. For Debian 7 "Wheezy", these problems have been fixed in version
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
