Find the information you need for your favorite open source distribution .
Crafted remote packets can result in a denial of service, or possibly execute arbitrary code as the 'pcap' user.
Updated kdepim packages are now available that fix a local buffer overflowvulnerability.
cvs can attempt to create files and directories in the root file system
By exploiting these two issues it may be possible to make Ethereal crash by injecting an intentionally malformed packet
Updated kernel packages are now available that fix a security vulnerability which may allow local users to gain root privileges.
A carefully-crafted configuration file can cause an exploitable bufferoverflow and would allow the attacker to execute arbitrary code in thecontext of the server (in default configurations as the 'apache' user).
Updated httpd packages that fix two minor security issues in the Apache Webserver are now available for Red Hat Linux 8.0 and 9.
An attacker could create a carefully crafteddirectory on a website such that, if a user connects to that directoryusing the lftp client and subsequently issues a 'ls' or 'rels' command, theattacker could execute arbitrary code on the users machine.
Phong Nguyen identified a severe bug in the way GnuPG creates and usesElGamal keys, when those keys are used both to sign and encrypt data. Thisvulnerability can be used to trivially recover the private key.
A heap overflow bug exists in rsync versions prior to 2.5.7. On machineswhere the rsync server has been enabled, a remote attacker could use thisflaw to execute arbitrary code as an unprivileged user.
Updated Net-SNMP packages are available to correct a security vulnerabilityand other bugs.
Updated kernel packages are now available that fix a security vulnerabilityleading to a possible privilege escalation.
Multiple integer overflows in the transfer and enumeration of fontlibraries in XFree86 allow local or remote attackers to cause a denial ofservice or execute arbitrary code via heap-based and stack-based bufferoverflow attacks.
Updated stunnel packages are now available for Red Hat Linux 7.1, 7.2, 7.3,and 8.0 systems. These updates address problems stemming from improper useof non-reentrant functions in signal handlers.
Updated Pan packages that close a denial of service vulnerability are nowavailable.
Updated iproute packages that close a locally-exploitable denial of servicevulnerability are now available.
Updated EPIC packages which fix an exploitable buffer overflow vulnerabilityare now available.
Updated XFree86 packages for Red Hat Linux 9 provide securityfixes to font libraries and XDM.
Updated zebra packages that close a locally-exploitable and aremotely-exploitable denial of service vulnerability are now available.
Updated glibc packages that resolve vulnerabilities and address several bugsare now available.
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
