Find the information you need for your favorite open source distribution .
Update to 6.6. ---- Version 6.5 - address CVE-2018-10773, CVE-2018-10774, CVE-2018-10775 - fix injection of Fedora LDFLAGS
Update zziplib to 0.13.69 version, fixes all known CVEs for the package.
Security critical patch update for OpenJDK (July CPU). See https://www.oracle.com/security-alerts/cpujul2018.html
Security critical patch update for OpenJDK (July CPU). See https://www.oracle.com/security-alerts/cpujul2018.html
# New upstream release 2.3 Fixes possible tag truncation security bug in AEAD API, see RHBZ#1602752 ## 2.3 - 2018-07-18 * SECURITY ISSUE: finalize_with_tag() allowed tag truncation by default which can allow tag forgery in some cases. The method now enforces the min_tag_length provided to the GCM constructor. * Added support for Python 3.7. * Added extract_timestamp()
New version 2.6.2. Security fix for CVE-2018-14339, CVE-2018-14340, CVE-2018-14341, CVE-2018-14342, CVE-2018-14343, CVE-2018-14344, CVE-2018-14367, CVE-2018-14368, CVE-2018-14369, CVE-2018-14370.
Security critical patch update for OpenJDK (July CPU). See https://www.oracle.com/security-alerts/cpujul2018.html
Fix for CVE-2018-13785: the libpng10 library was vulnerable to an integer overflow and resultant divide-by-zero in the pngrutil.c:png_check_chunk_length() function. An attacker could exploit this to cause a denial of service via a crafted PNG file.
Fix for CVE-2018-13785: the libpng10 library was vulnerable to an integer overflow and resultant divide-by-zero in the pngrutil.c:png_check_chunk_length() function. An attacker could exploit this to cause a denial of service via a crafted PNG file.
Security critical patch update for OpenJDK (July CPU). See http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixJAVA
**PHP version 7.2.8** (19 Jul 2018) **Core:** * Fixed bug php#76534 (PHP hangs on 'illegal string offset on string references with an error handler). (Laruence) * Fixed bug php#76520 (Object creation leaks memory when executed over HTTP). (Nikita) * Fixed bug php#76502 (Chain of mixed exceptions and errors does not serialize properly). (Nikita) **Date:** * Fixed bug php#76462
Fixes **CVE-2017-11332**, **CVE-2017-11358**, and **CVE-2017-11359**. ---- **Prevents division by zero in `src/ao.c`** This bug is hard to reproduce, depending on the HW configuration or installed OS parts. For me, it can be reproduced only in `mock`. In this update, error message should be displayed instead of SIGFPE.
**PHP version 7.1.20** (19 Jul 2018) **Core:** * Fixed bug php#76534 (PHP hangs on 'illegal string offset on string references with an error handler). (Laruence) * Fixed bug php#76502 (Chain of mixed exceptions and errors does not serialize properly). (Nikita) **Date:** * Fixed bug php#76462 (Undefined property: DateInterval::$f). (Anatol) **exif:** * Fixed bug php#76423 (Int
Update to 1.2.6 to fix a local authenticated privilege escalation bug (CVE-2018-10900). The issue has been discovered and responsibly disclosed by Denis Andzakovic: https://pulsesecurity.co.nz/advisories/NM-VPNC-Privesc
This update includes the latest upstream release, **httpd 2.4.34**, with multiple bug fixes and enhancements. See for more information on the changes in this version. A security vulnerability is addressed in this update: * `mod_md`: DoS via Coredumps on specially crafted requests (CVE-2018-8011)
New version of dcraw is available 9.28.0 Security fix for CVE-2018-5801
Update to 1.2.6 to fix a local authenticated privilege escalation bug (CVE-2018-10900). The issue has been discovered and responsibly disclosed by Denis Andzakovic: https://pulsesecurity.co.nz/advisories/NM-VPNC-Privesc
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
