Find the information you need for your favorite open source distribution .
A security hole has been found that does not affect the default configuration of Red Hat Linux, but can affect some custom configurations of Red Hat Linux 7.1 only. The bug is specific to the Linux 2.4 kernel series.
A local denial of service attack and root compromise of the kernel have been corrected, drivers have been updated, and NFS version 3 has been integrated.
A remote site could gain access to the browser history, and possibly other data.
These new updated packages fix temporary file creation issuesin the pine mail client and the pico text editor that comes with pine.
The Network Time Daemon (xntpd on Red Hat Linux 6.2 and earlier, ntpd on Red Hat Linux 7.0) does not properly check the size of a buffer used to hold incoming data from the network.
This update fixes problems with the init script and the PAM configuration file.
Updated openssh packages are now available for Red Hat Linux 7. These packages reduce the amount of information a passive attacker can deduce from observing an encrypted session.
Updated Kerberos 5 packages are now available for Red Hat Linux 6 and 7. These packages fix a vulnerability in the handling of Kerberos IV ticket files. Updated pam_krb5 packages are now available for Red Hat Linux 7.
licq as shipped with Red Hat Linux 7 is vulnerable to two security problems: An overrunnable buffer in its logging code, and an unguarded system() call to execute an external browser when receiving an URL.
Temporary files (in the sgml-tools package) were created without any special permissions, and so in most cases would be world-readable.
An example of a 'format string' vulnerability was present in the IMAP code in versions of mutt previous to 1.2.5.
When starting, joe looks for a configuration file in the current working directory, the user's home directory, and /etc/joe. A malicious user can use a symlink attack by putting a file in the cwd if it is world writable.
New Zope packages are available which fix numerous security vulnerabilities. This advisory supercedes all other Zope and Zope-Hotfix advisories from Red Hat, Inc.
Updated analog packages are available which fix a buffer overflow vulnerability.
New vixie-cron packages are available that fix a buffer overflow in the 'crontab' command; this could allow certain users to gain elevated privileges.
Three security holes fixed in new kernel, and several other updates and bug fixes have been applied as well.
The XEmacs package as shipped with Red Hat Linux 7 has a security problemwith gnuserv and gnuclient, due to a buffer overflow and weak security.
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
