Find the information you need for your favorite open source distribution .
Two security vulnerabilities have been discovered in the Tomcat servlet and JSP engine. CVE-2022-42252
Multiple security vulnerabilities have been discovered in OpenImageIO, a library for reading and writing images. Buffer overflows and out-of-bounds read and write programming errors may lead to a denial of service (application crash) or the execution of arbitrary code if a malformed image
It was discovered that there was a potential buffer-overflow vulnerability in ghostscript, a popular interpreter for the PostScript language used, for example, to generate PDF files.
The firmware-nonfree package has been updated to include addtional firmware that may be requested by some drivers in Linux 5.10, availble for Debian LTS as backported kernel.
Multiple security issues were discovered in svgpp: a C++ library for parsing and rendering Scalable Vector Graphics (SVG) files. CVE-2021-44960
Multiple potential security vulnerabilities in some Intel® Processors have been found which may allow information disclosure or may allow escalation of privilege. Intel is releasing firmware updates to mitigate this potential vulnerabilities.
An issue has been found in duktape, an embeddable Javascript engine. It was discovered that a special crafted js file could result in a SEGV due to reaching some stack limits.
Local privilege escalation for some sudo configurations has been fixed in systemd, the default init system in Debian. For Debian 10 buster, this problem has been fixed in version 241-7~deb10u9.
It was discovered that there were a number of vulnerabilies in the xrdp Remote Desktop Protocol (RDP) server: * CVE-2022-23480: Prevent a series of potential buffer overflow
Multiple vulnerabilities were found in Json-smart library. Json-smart is a performance focused, JSON processor lib written in Java. CVE-2021-31684
An issue has been found in linmicrohttpd, a library embedding HTTP server functionality. Parsing crafted POST requests result in an out of bounds read, which might cause a DoS (Denial of Service).
It was discovered that joblib did not completely sanitize arguments to pre_dispatch, allowing arbitrary code execution. The earlier attempt via DLA-3193-1 was incomplete.
Several out of bounds memory access and buffer overflows were fixed in xrdp, an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP)
Jan-Niklas Sohn discovered that a use-after-free flaw in the Composite extension of the X.org X server may result in privilege escalation if the X server is running under the root user.
Several security vulnerabilities have been discovered in unbound, a validating, recursive, caching DNS resolver. CVE-2022-3204
Multiple vulnerabilities were discovered in runc, the Open Container Project runtime, which is often used with virtualization environments such as Docker. Malicious Docker images or OCI bundles could breach isolation.
Multiple vulnerabilities were found in LibreOffice an office productivity software suite, leading to arbitrary script execution, improper certificate validation, and weak encryption of password storage in the userâs configuration database.
This update includes the changes in tzdata 2023b for the Perl bindings. For the list of changes, see DLA-3366-1. For Debian 10 buster, this problem has been fixed in version
This update includes the changes in tzdata 2023b. Notable changes are: - - Egypt uses DST again, starting on April.
One of the security fixes released as DLA 3315 introduced a regression in the processing WAV files with variable bitrate encoding. Updated sox packages are available to correct this issue.
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
