Find the information you need for your favorite open source distribution .
Timo Sirainen discovered several overflow problems in BitchX.
New KDE 3.1.1a packages are available for Slackware 9.0 which fix a security problem with the handling of PS and PDF documents.
This issue may allow a remoteattacker controlling a malicious IMAP server to execute code onyour machine as the user running mutt if you connect to the IMAPserver using mutt.
The sendmail packages in Slackware 8.0, 8.1, and 9.0 have been patchedto fix a security problem. Note that this vulnerablity is NOT the sameone that was announced on March 3rd and requires a new fix.
The samba packages in Slackware 8.1 and -current have been patched to fixa security problem. All sites running samba should upgrade.
A remote vulnerability exists that can result in commands can be executed with administrative privileges.
On servers which are configured to allow anonymous read-only access, this bug could be used by anonymous users to gain write privileges.
Upgraded to dhcp-3.0pl2, which fixes several buffer overflow vulnerabilities, including some which may allow remote attackers to execute arbitrary code on affected systems, though no exploits are known yet.
New Samba packages are available for Slackware 8.1 and -current to fix a security problem and provide other bugfixes and improvements.
Slackware has noted that they've fixed the recent mm, glibc, openssl, php, and openssh vulnerabilities recently discovered.
Slackware has updated apache to fix the recent chunked encoding vulnerability.
autilus was patched and recompiled to fix a problem which would allow a malicious user to mount a symlink attack to overwrite another user's files.
New sudo packages are available to fix a security problem which may allow users to become root, or to execute arbitrary code as root.
Patched to link to the shared zlib on the system instead of statically linking to the included zlib source. Also, use mktemp to create files in /tmp files more safely.
Fixes the zlib vulnerability and supplementary groups are removed from a server process after changing uid and gid.
New zlib packages are available to fix a security problem which may impactprograms that link with zlib.
Joost Pol discoverd an off-by-one bug in OpenSSH's channel code that can allow a local attacker to obtain root privileges.
This fixes several security problems in the POST handling code used for uploading files through forms. All sites using PHP are urged to upgrade as soon as possible.
There exist several signedness bugs within the rsync program which allow remote attackers to write 0-bytes to almost arbitrary stack-locations, therefore being able to control the programflow and obtaining a shell remotely.
New packages are now available to address security issues with the atscheduler program (found in Slackware 8.0's bin.tgz package), sudo, andxchat.
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
