Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -4 articles for you...
89
security advisorysecurity issueupdateFedora 34: 2021-C824326120 Moderate: Rust-Drg Security Update
- Update the tiny_http crate to version 0.8.2. - Introduce a compat package for tiny_http versions 0.6.x. Both versions contain a fix for RUSTSEC-2020-0031 / CVE-2020-35884, and the only dependent application (drg) has been rebuilt against the version containing the fix.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-c824326120 2021-12-13 00:58:52.679415 --------------------------------------------------------------------------------Name : rust-drg Product : Fedora 34 Version : 0.5.1 Release : 4.fc34 URL : Summary : Command line tool to interact with a drogue-cloud instance Description : Command line tool to interact with a drogue-cloud instance. --------------------------------------------------------------------------------Update Information: - Update the tiny_http crate to version 0.8.2. - Introduce a compat package for tiny_http versions 0.6.x. Both versions contain a fix for RUSTSEC-2020-0031 / CVE-2020-35884, and the only dependent application (drg) has been rebuilt against the version containing the fix. --------------------------------------------------------------------------------ChangeLog: * Sat Dec 4 2021 Fabio Valentini - 0.5.1-4 - Rebuilt for tiny_http 0.6.3+ (RUSTSEC-2020-0031 / CVE-2020-35884). * Tue Sep 14 2021 Sahana Prasad - 0.5.1-3 - Rebuilt with OpenSSL 3.0.0 * Fri Jul 23 2021 Fedora Release Engineering - 0.5.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-c824326120' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Dec 12, 2021
•Important
Fedora
89
security advisoryupdatecriticalFedora 32: 2021-bdaf015218 Critical: QtWebEngine Security Fix
This update rebases QtWebEngine to the latest Qt 5 release, 5.15.2, fixing dozens of security issues. (The same version is already shipped on Fedora 33 and Rawhide.) The included kf5-messagelib update backports a fix for compatibility with QtWebEngine 5.15.x. The Chromium version has been updated to 83.0.4103.122, with backported security fixes from Chromium up to version. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-bdaf015218 2021-02-02 02:22:09.324191 --------------------------------------------------------------------------------Name : qt5-qtwebengine Product : Fedora 32 Version : 5.15.2 Release : 7.fc32 URL : https://www.qt.io/ Summary : Qt5 - QtWebEngine components Description : Qt5 - QtWebEngine components. --------------------------------------------------------------------------------Update Information: This update rebases QtWebEngine to the latest Qt 5 release, 5.15.2, fixing dozens of security issues. (The same version is already shipped on Fedora 33 and Rawhide.) The included kf5-messagelib update backports a fix for compatibility with QtWebEngine 5.15.x. The Chromium version has been updated to 83.0.4103.122, with backported security fixes from Chromium up to version 86.0.4240.183. That fixes dozens of security issues compared to 5.14.2. This version also adds the Qt PDF module, a Qt wrapper around PDFium. This is a separate library and cannot cause backwards compatibility issues. In addition, several bugs have been fixed, see the Changes files: * https://code.qt.io/cgit/qt/qtwebengine.git/tree/dist/changes-5.15.0?h=5.15 * https://code.qt.io/cgit/qt/qtwebengine.git/tree/dist/changes-5.15.1?h=5.15 * https://code.qt.io/cgit/qt/qtwebengine.git/tree/dist/changes-5.15.2?h=5.15 Behavior Changes since 5.14.2: * XSS Auditing has been removed, and the XSSAuditingEnabled setting no longer has any effect. * [QTBUG-79864] The viz display compositor is now used by defaulton all platforms, but can be disabled with --disable-viz-display-compositor. * The network layer integration has been rewritten to use Chromium's network service, and now runs in a separate sandboxed process by default. * [QTBUG-83656] CTRL+mouse wheel page zoom fixed, and now works by default. --------------------------------------------------------------------------------ChangeLog: * Sat Jan 23 2021 Kevin Kofler - 5.15.2-7 - Fix sandbox issue on 32-bit architectures with glibc > = 2.31 (from Debian) * Sat Jan 23 2021 Kevin Kofler - 5.15.2-6 - Reenable system ICU on F33+, ICU 67 supported since 5.15.1 according to Debian * Wed Jan 20 2021 Kevin Kofler - 5.15.2-5 - Fix sandbox issue breaking text rendering with glibc 2.33 (#1904652) * Wed Dec 30 2020 Mattia Verga - 5.15.2-4 - Rebuild for gcc bugfix upgrade * Fri Dec 4 2020 Jeff Law - 5.15.2-3 - Fix another missing #include for gcc-11 * Tue Nov 24 2020 Jan Grulich - 5.15.2-2 - Rebuild for qtbase with -no-reduce-relocations option * Fri Nov 20 2020 Jan Grulich - 5.15.2-1 - 5.15.2 * Wed Nov 4 2020 Jeff Law - 5.15.1-3 - Fix missing #includes for gcc-11 * Wed Sep 23 2020 Jan Grulich - 5.15.1-2 - Rebuild (libevent) * Fri Sep 11 2020 Jan Grulich - 5.15.1-1 - 5.15.1 * Fri Sep 4 2020 Than Ngo - 5.15.0-4 - Fix FTBFS * Sat Aug 1 2020 Fedora Release Engineering - 5.15.0-3 - Second attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Wed Jul 29 2020 Fedora Release Engineering - 5.15.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Wed Jun 10 2020 Rex Dieter - 5.15.0-1 - 5.15.0 - f33's icu-67.x currently not compatible, use bundled icu --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-bdaf015218' at the command line. For more information, refer to the dnf documentation availableat https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Feb 01, 2021
•Critical
Fedora
89
security advisorysoftware updateFedoraFedora 27: 2018-97c275d576 Critical: Boost Regex Integer Overflow Fix
Updated Boost libraries are available that fix compatibility with CUDA 9.x compilers and fix a possible integer overflow in Boost.Regex.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-97c275d576 2018-04-27 01:15:50.112043 --------------------------------------------------------------------------------Name : boost Product : Fedora 27 Version : 1.64.0 Release : 6.fc27 URL : https://www.boost.org/ Summary : The free peer-reviewed portable C++ source libraries Description : Boost provides free peer-reviewed portable C++ source libraries. The emphasis is on libraries which work well with the C++ Standard Library, in the hopes of establishing "existing practice" for extensions and providing reference implementations so that the Boost libraries are suitable for eventual standardization. (Some of the libraries have already been included in the C++ 2011 standard and others have been proposed to the C++ Standards Committee for inclusion in future standards.) --------------------------------------------------------------------------------Update Information: Updated Boost libraries are available that fix compatibility with CUDA 9.x compilers and fix a possible integer overflow in Boost.Regex. --------------------------------------------------------------------------------ChangeLog: * Wed Apr 18 2018 Jonathan Wakely - 1.64.0-6 - Add patch for Boost.Regex integer overflow (#1564252) - Add patch for CUDA version macro changes (#1530828) * Wed Feb 28 2018 Jonathan Wakely - 1.64.0-5 - Move Requires: boost-container out of conditional block. * Tue Feb 27 2018 Jonathan Wakely - 1.64.0-5 - Ensure boost metapackage installs boost-container. * Thu Dec 7 2017 Jonathan Wakely - 1.64.0-4 - Patch to fix #1516837 --------------------------------------------------------------------------------References: [ 1 ] Bug #1530828 - Cuda 9 fails to compile when using boost https://bugzilla.redhat.com/show_bug.cgi?id=1530828 [ 2 ] Bug #1564253 - boost: Integer overflow during calculation of max_state_count in regex library [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1564253 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-97c275d576' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Apr 27, 2018
•Critical
Fedora
172
security advisoryupdateubuntuUbuntu 12.04 LTS & 12.10: USN-2149-2 Critical: GTK Compatibility Issue
This update provides a compatibility fix for GTK+.. =========================================================================Ubuntu Security Notice USN-2149-2 March 17, 2014 gtk+3.0 update ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.10 - Ubuntu 12.04 LTS Summary: This update provides a compatibility fix for GTK+. Software Description: - gtk+3.0: GTK+ graphical user interface library Details: USN-2149-1 fixed a vulnerability in librsvg. This update provides a compatibility fix for GTK+ to work with the librsvg security update. Original advisory details: It was discovered that librsvg would load XML external entities by default. If a user were tricked into viewing a specially crafted SVG file, an attacker could possibly obtain access to arbitrary files. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.10: libgtk-3-0 3.6.0-0ubuntu3.3 Ubuntu 12.04 LTS: libgtk-3-0 3.4.2-0ubuntu0.7 After a standard system update you need to restart your session to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-2149-2 https://ubuntu.com/security/notices/USN-2149-1 CVE-2013-1881 Package Information: https://launchpad.net/ubuntu/+source/gtk+3.0/3.6.0-0ubuntu3.3 https://launchpad.net/ubuntu/+source/gtk+3.0/3.4.2-0ubuntu0.7 . Resolution for GTK+ interoperability in Ubuntu 12.04 LTS and 12.10 amid recent security vulnerabilities.. GTK Update, Ubuntu Advisory, Security Fix, GTK Compatibility, Library Update. . Severity: Critical. LinuxSecurity.com Team
Mar 17, 2014
•Critical
Ubuntu
89
security advisoryupdateFedoraFedora PostgreSQL-ODBC 7.3-6.2 Update: 64-Bit Compatibility Issue
This update fixes problems occurring on 64-bit platforms.. ---------------------------------------------------------------------Fedora Update Notification FEDORA-2004-532 2004-12-09 ---------------------------------------------------------------------Product : Fedora Core 2 Name : postgresql-odbc Version : 7.3 Release : 6.2 Summary : PostgreSQL ODBC driver. Description : This package includes the driver needed for applications to access a PostgreSQL system via ODBC (Open Database Connectivity). ---------------------------------------------------------------------Update Information: This update fixes problems occurring on 64-bit platforms. ---------------------------------------------------------------------* Wed Dec 08 2004 Tom Lane 7.3-6.2 - back-port 64-bit fixes from current upstream (bug #139004) - Correct License: annotation. ---------------------------------------------------------------------This update can be downloaded from: cf2713c740512277b1701398200d1780 SRPMS/postgresql-odbc-7.3-6.2.src.rpm cf0b793458c63b044ec188a2be41644a x86_64/postgresql-odbc-7.3-6.2.x86_64.rpm cfc7d5326c2f633379c654fbad45ef24 x86_64/debug/postgresql-odbc-debuginfo-7.3-6.2.x86_64.rpm 8707b6c843ac0779e7b7de4f24f350a1 i386/postgresql-odbc-7.3-6.2.i386.rpm b7d3ec924dc9f9099f8215447e329a24 i386/debug/postgresql-odbc-debuginfo-7.3-6.2.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. -----------------------------------------------------------------------fedora-announce-list mailing list
Dec 09, 2004
•Important
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!