Linux Security

LinuxSecurity.com: Updated dbus-glib packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate [More...]

LinuxSecurity.com: Updated libvirt packages that fix two security issues and three bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low [More...]

LinuxSecurity.com: Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having [More...]

LinuxSecurity.com: Security issues were identified and fixed in firefox: layout/generic/nsObjectFrame.cpp in Mozilla Firefox 3.6.7 does not properly free memory in the parameter array of a plugin instance, which allows remote attackers to cause a denial of service (memory [More...]

LinuxSecurity.com: Ludwig Nussel discovered w3m does not properly handle SSL/TLScertificates with NULL characters in the certificate name. Anattacker could exploit this to perform a man in the middleattack to view sensitive information or alter encryptedcommunications. (CVE-2010-2074) [More...]

LinuxSecurity.com: Multiple vulnerabilities have been fixed in PHP

LinuxSecurity.com: A vulnerability has been fixed in Git which can be exploited by malicious people to execute arbitrary code

LinuxSecurity.com: A stack overflow vulnerability was found in socat that allows an attacker to execute arbitrary code with the privileges of the socat process. [More...]

LinuxSecurity.com: Multiple vulnerabilities has been discovered and corrected in libtiff: The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in ImageMagick, does not properly handle invalid ReferenceBlackWhite values, which allows remote attackers to cause a denial of service [More...]

LinuxSecurity.com: Multiple vulnerabilities has been discovered and corrected in libtiff: The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in ImageMagick, does not properly handle invalid ReferenceBlackWhite values, which allows remote attackers to cause a denial of service [More...]

LinuxSecurity.com: Several remote vulnerabilities have been discovered in PHP 5, an hypertext preprocessor. The Common Vulnerabilities and Exposures project identifies the following problems: [More...]

LinuxSecurity.com: It was discovered that the PC/SC service did not correctly handlemalformed messages. A local attacker could exploit this to executearbitrary code with root privileges. [More...]

LinuxSecurity.com: Updated freetype packages that fix two security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. The Red Hat Security Response Team has rated this update as having [More...]

LinuxSecurity.com: Updated kernel packages that fix multiple security issues and one bug are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having [More...]

LinuxSecurity.com: It was discovered that wget, a command line tool for downloading files from the WWW, uses server-provided file names when creating local files. This may lead to code execution in some scenarios. [More...]

LinuxSecurity.com: An updated gnupg2 package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate [More...]

LinuxSecurity.com: Junjiro R. Okajima discovered that knfsd did not correctly handlestrict overcommit. A local attacker could exploit this to crash knfsd,leading to a denial of service. (Only Ubuntu 6.06 LTS and 8.04 LTS wereaffected.) (CVE-2008-7256, CVE-2010-1643) [More...]

LinuxSecurity.com: This advisory updates wireshark to the latest version(s), fixing several security issues: Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack [More...]

LinuxSecurity.com: It was discovered that a programming error in the archive test mode of cabextract, a program to extract Microsoft Cabinet files, could lead to the execution of arbitrary code. [More...]

LinuxSecurity.com: Several vulnerabilities have been discovered in the Avahi mDNS/DNS-SD daemon. The Common Vulnerabilities and Exposures project identifies the following problems: [More...]