Find the information you need for your favorite open source distribution .
An issue has been found in gst-plugins-bad1.0, which contains several GStreamer plugins from the "bad" set. The issue is related to use-after-free of some pointers within the MXF
postgresql-mulicorn python version was non conformant to PEP440, and may break unreleated software like pip, a python package manager, used for local development of python packages.
Multiple vulnerabilities were found in mediawiki, a website engine for collaborative work, that could lead to information disclosure, privilege escalation, or denial of service.
An issue has been found in minizip, a compression library. When using long filenames, an integer overflow might happen, which results in a heap-based buffer overflow in zipOpenNewFileInZip4_64().
Thomas Neil James Shadwell reported that cryptojs, a collection of cryptographic algorithms implemented in JavaScript, had default PBKDF2 settings 1000 times weaker than when specified back in 1993, and 1.3M times weaker than OWASP's current recommendations.
Vulnerabilities were found in opensc, a set of libraries and utilities to access smart cards, which could lead to application crash or PIN bypass.
python-requestbuilder python version was non conformant to PEP440, and may break unreleated software like pip, a python package manager, used for local development of python packages.
Python version reported by reportbug, a debian tool for bug reporting was incorrect (not PEP440 compliant) and may break unreleated software like pip, a python package manager, used for local development of python packages.
node-json5 a pure javascript implementation of JSON5 standard, was vulnerable to prototype injection during parsing. For Debian 10 buster, this problem has been fixed in version
Multiple vulnerabilities were discovered in freeimage, library for graphics image formats. CVE-2020-21427
Pierre Rudloff discovered a potential XSS vulnerability in Symfony, a PHP framework. Some Twig filters in CodeExtension use `is_safe=html` but do not actually ensure their input is safe. Symfony now escapes the output of the affected filters.
It was discovered that there was a potential buffer overflow in strongswan, a IPsec-based VPN (Virtual Private Network) server. A vulnerability related to processing public Diffie-Hellman key
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information leaks or clickjacking.
A vulnerability was found in GnuTLS, a secure communications library, which may facilitate a timing attack to compromise a cryptographic system. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding. Only
Multiple vulnerabilities were fixed in GIMP, the GNU Image Manipulation Program. CVE-2022-30067
Several security vulnerabilities have been discovered in Wordpress, a popular content management framework, which may lead to exposure of sensitive information to an unauthorized actor in WordPress or allowing unauthenticated attackers to discern the email addresses of users who have published public
Several security vulnerabilities have been discovered in ActiveMQ, a Java message broker. CVE-2020-13920
A flaw was discovered in Netty, a Java NIO client/server socket framework. The HTTP/2 protocol implementation allowed a denial of service (server resource consumption) because request cancellation can reset many streams quickly. This problem is also known as Rapid Reset Attack.
A buffer overflow vulnerability has been found in lwip, a small independent implementation of the TCP/IPv4/IPv6 protocol suite, which allows an attacker to access information via a crafted ICMPv6 package. This vulnerability has been assigned CVE-2020-22283.
Debian Bug : 1001062 1021659 Multiple vulnerabilties have been found in freelrdp2, a free implementation of the Remote Desktop Protocol (RDP). The vulnerabilties potentially allows
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
