Find the information you need for your favorite open source distribution .
The initscript distributed with the setserial package (which is not installed or enabled by default) uses predictable temporary file names, and should not be used. setserial-2.17-4 and earlier versions are affected.
Updated man packages fixing a local GID man exploit and a potential GID man to root exploit, as well as a problem with the man paths of Red Hat Linux 5.x and 6.x.
Bugzilla-2.14 is a general security update. Multiple problems resolved.
A security audit has been done by Solar Designer on xinetd, and theresults are now being made available as a preemptive measure.
An input validation error in the debugging functionality of all currently released versions of sendmail can enable a local user to gain root access.
If a server sends fetchmail anegative number, fetchmail will attempt to write data outside the bounds ofthe array.
When subjected to the PROTOS LDAPv3 test suite, versions ofOpenLDAP 1.2 through 1.2.11 and 2.0 through 2.0.7 were found tohave vulnerabilities which could be exploited by causing themto attempt to decode an improperly encoded request.
These updates close vulnerabilities due to potential bufferoverflows in the Kerberos-aware telnet server included in thekrb5-workstation package.
These packages fix a problem where buffer overflows can provide root access to local users.
If Squid wasconfigured in accelerator-only mode, it was possible for remote usersto portscan machines through the Squid proxy, potentially allowing foraccess to machines not otherwise available.
Procmail, an autonomous mail processor, as shipped in Red Hat Linux 5.2,6.2, 7, and 7.1, handles signals unsafely.
New squid packages are available for Red Hat Linux 7.0 that fix a possible security problem with Squid's HTTP accelerator feature.
Procmail, an autonomous mail processor, as shipped in Red Hat Linux 5.2, 6.2, 7, and 7.1, handles signals unsafely.
Multiple vulnerabilities including a flaw in the pseudo-random unber generation exist in previous versions of OpenSSL.
Elm had a buffer overflow when handling very long message-ids. Thisoverwrote other header fields, and could potentially cause more damage.
vipw, from the util-linux package in Red Hat Linux 7.1, included a new option that allowed editing of the /etc/shadow file as well as /etc/passwd. However, this option did not take measures to ensure that the file remained only readable by root.
These updated packages fix a buffer overflow in thefaces reader. A remote site could cause arbitrary code to be executed asthe user running Netscape.
A boundary checking case in xinetd's string handling was fixed in the 2.3.0release of xinetd.
These updated packages fix a buffer overflow in the faces reader.
A boundary checking case in xinetd's string handling was fixed in the 2.3.0 release of xinetd.
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
