Find the information you need for your favorite open source distribution .
It was discovered that SPIP, a content management system, was vulnerable to SQL injection, remote code execution, and authorization bypass vulnerabilities.
Two vulnerabilities were discovered in Werkzeug, a collection of utilities for WSGI (web) applications. An attacker may inject cookies in specific situations, and cause a denial of service (DoS).
It was discovered that there was a regression in the previous fix for python-cryptography, a Python library offering a number of encryption and cryptography primitives.
Multiple security issues were found in PHP, a widely-used open source general purpose scripting language, which could result in denial of service or incorrect validation of BCrypt hashes.
Vulnerabilities have been found in Node.js, which could result in DNS rebinding or arbitrary code execution. CVE-2022-43548
Triggering arbitrary code execution was possible due to .desktop files registered as application/x-ms-dos-executable MIME handlers in the open source .NET framework Mono.
Several flaws were found in freeradius, a high-performance and highly configurable RADIUS server. CVE-2022-41859
HTTP multi-header compression denial of service has been fixed in curl, a command line tool and library for transferring data with URLs. For Debian 10 buster, this problem has been fixed in version
A vulnerability have been found in libgit2, a cross-platform, linkable library implementation of Git, which may result in remote code execution when cloning a repository on a NTFS-like filesystem or man-in-the-middle attacks due to improper verification of cryptographic Signature.
Code execution through crafted PFS filesystems was fixed in binwalk, a tool and Python module for analyzing binary blobs and executable code. For Debian 10 buster, this problem has been fixed in version
Several vulnerabilities have been discovered in git, a fast, scalable and distributed revision control system. CVE-2023-22490
A new MariaDB minor maintenance release 10.3.38 has been released. It includes fix for a major performance/memory consumption issue (MDEV-29988). For further details, see the MariaDB 10.3 release notes:
Multiple vulnerabilities were found in node-types-url-parse, a Node.js module used to parse URLs, which may result in authorization bypass or redirection to untrusted sites.
Multiple security vulnerabilities have been discovered in Asterisk, an Open Source Private Branch Exchange. Buffer overflows and other programming errors could be exploited for launching a denial of service attack or the execution of arbitrary code.
Denial of service (crash) via a crafted UDP message that leads to internal assert was fixed in sofia-sip, a SIP (Session Initiation Protocol) User-Agent library.
It was discovered that there was a potential memory corrution vulnerability in python-cryptography, a Python library offering a number of encryption and cryptography primitives.
Several flaws were found in tiffcrop, a program distributed by tiff, a library and tools providing support for the Tag Image File Format (TIFF). A specially crafted tiff file can lead to an out-of-bounds write or read resulting in a denial of service.
It was discovered that there was a potential privilege escalation vulnerability in the "amanda" backup utility. The SUID binary located at /lib/amanda/rundump executed /usr/sbin/dump
An Integer Overflow or Wraparound vulnerability was fixed in apr_base64() in the Apache Portable Runtime Utility Library. For Debian 10 buster, this problem has been fixed in version
It was discovered that there was a denial-of-service vulnerability in Django, a Python-based web development framework. Passing certain inputs to multipart forms could have resulted in too
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
