Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -6 articles for you...
100
security advisorymoderatesecurity updateSUSE: 2021:579-1 Moderate: Security Update for SUSE/SLE 15 Release
The container suse/sle15 was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/sle15 ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2021:579-1 Container Tags : suse/sle15:15.4 , suse/sle15:15.4.150400.21.47 Container Release : 150400.21.47 Severity : moderate Type : security References : 1162581 1174504 1187153 1187273 1188623 1191563 1191736 1192248 ----------------------------------------------------------------- The container suse/sle15 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:3799-1 Released: Wed Nov 24 18:07:54 2021 Summary: Recommended update for gcc11 Type: recommended Severity: moderate References: 1187153,1187273,1188623 This update for gcc11 fixes the following issues: The additional GNU compiler collection GCC 11 is provided: To select these compilers install the packages: - gcc11 - gcc-c++11 - and others with 11 prefix. to select them for building: - CC='gcc-11' - CXX='g++-11' The compiler baselibraries (libgcc_s1, libstdc++6 and others) are being replaced by the GCC 11 variants. ----------------------------------------------------------------- Advisory ID: SUSE-RU-2021:3872-1 Released: Thu Dec 2 07:25:55 2021 Summary: Recommended update for cracklib Type: recommended Severity: moderate References: 1191736 This update for cracklib fixes the following issues: - Enable build time tests (bsc#1191736) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2021:3899-1 Released: Fri Dec 3 11:27:41 2021 Summary: Security update for aaa_base Type: security Severity: moderate References: 1162581,1174504,1191563,1192248 This update for aaa_base fixes the following issues: - Allowed ping and ICMP commands without CAP_NET_RAW(bsc#1174504). - Add $HOME/.local/bin to PATH, if it exists (bsc#1192248). - Fixed get_kernel_version.c to work also for recent kernels on the s390/X platform (bsc#1191563). - Support xz compressed kernel (bsc#1162581) The following package changes have been done: - aaa_base-84.87+git20180409.04c9dae-3.52.1 updated - bash-4.4-150400.23.36 updated - boost-license1_66_0-1.66.0-150400.16.1 updated - cpio-2.13-150400.1.23 updated - cracklib-dict-small-2.9.7-11.6.1 updated - cracklib-2.9.7-11.6.1 updated - libblkid1-2.37.2-150400.2.8 updated - libboost_system1_66_0-1.66.0-150400.16.1 updated - libboost_thread1_66_0-1.66.0-150400.16.1 updated - libbz2-1-1.0.8-150400.1.37 updated - libcom_err2-1.46.4-150400.1.9 updated - libcrack2-2.9.7-11.6.1 updated - libdw1-0.185-150400.2.37 updated - libelf1-0.185-150400.2.37 updated - libfdisk1-2.37.2-150400.2.8 updated - libgcc_s1-11.2.1+git610-1.3.9 updated - libgcrypt20-hmac-1.9.4-150400.1.49 updated - libgcrypt20-1.9.4-150400.1.49 updated - libgpg-error0-1.42-150400.1.47 updated - libgpgme11-1.16.0-150400.1.27 updated - libkeyutils1-1.6.3-150400.1.53 updated - libmount1-2.37.2-150400.2.8 updated - libopenssl1_1-hmac-1.1.1l-150400.2.22 updated - libopenssl1_1-1.1.1l-150400.2.22 updated - libp11-kit0-0.23.22-150400.1.6 updated - libreadline7-7.0-150400.23.36 updated - libsigc-2_0-0-2.10.7-150400.1.4 updated - libsmartcols1-2.37.2-150400.2.8 updated - libsolv-tools-0.7.20-150400.1.6 updated - libstdc++6-11.2.1+git610-1.3.9 updated - libsystemd0-249.7-150400.1.14 updated - libudev1-249.7-150400.1.14 updated - libuuid1-2.37.2-150400.2.8 updated - libxml2-2-2.9.12-150400.2.1 updated - libzstd1-1.5.0-150400.1.5 updated - libzypp-17.28.8-150400.1.4 updated - login_defs-4.8.1-150400.7.12 updated - openssl-1_1-1.1.1l-150400.2.22 updated - p11-kit-tools-0.23.22-150400.1.6 updated - p11-kit-0.23.22-150400.1.6 updated - rpm-config-SUSE-1-150400.11.13 updated - shadow-4.8.1-150400.7.12 updated - sles-release-15.4-150400.25.3 updated - system-group-hardware-20170617-150400.21.12updated - util-linux-2.37.2-150400.2.8 updated . Necessary security enhancement for SUSE container suse/sle15, encompassing updates for gcc11, cracklib, and aaa_base vulnerabilities.. SUSE Container Update, Security Update SUSE, Patch Management SUSE, GCC11 Issues. . LinuxSecurity.com Team
Dec 10, 2021 SuSE 89
security advisorybuffer overflowsoftware updateFedora 24 FEDORA-2016-b601141219 Critical: Cracklib Buffer Overflow
Security fix for CVE-2016-6318. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-b601141219 2016-12-11 16:19:33.992232 -------------------------------------------------------------------------------- Name : cracklib Product : Fedora 24 Version : 2.9.6 Release : 4.fc24 URL : Summary : A password-checking library Description : CrackLib tests passwords to determine whether they match certain security-oriented characteristics, with the purpose of stopping usersfrom choosing passwords that are easy to guess. CrackLib performs several tests on passwords: it tries to generate words from a username and gecos entry and checks those words against the password; it checks for simplistic patterns in passwords; and it checks for the password in a dictionary. CrackLib is actually a library containing a particular C function which is used to check the password, as well as other C functions. CrackLib is not a replacement for a passwd program; it must be used in conjunction with an existing passwd program. Install the cracklib package if you need a program to check users' passwords to see if they are at least minimally secure. If you install CrackLib, you will also want to install the cracklib-dicts package. -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2016-6318 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1364944 - CVE-2016-6318 cracklib: Stack-based buffer overflow when parsing large GECOS field https://bugzilla.redhat.com/show_bug.cgi?id=1364944 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade cracklib' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages aresigned with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Dec 11, 2016 •Critical Fedora 
89
security advisorybuffer overflowcriticalFedora 26: FEDORA-2017-a1b2c3d4e5 Severe: OpenSSL Memory Leak Vulnerability
Security fix for CVE-2016-6318. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-bfa785e39e 2016-12-11 16:19:57.248296 -------------------------------------------------------------------------------- Name : cracklib Product : Fedora 25 Version : 2.9.6 Release : 4.fc25 URL : https://sourceforge.net/projects/cracklib/ Summary : A password-checking library Description : CrackLib tests passwords to determine whether they match certain security-oriented characteristics, with the purpose of stopping usersfrom choosing passwords that are easy to guess. CrackLib performs several tests on passwords: it tries to generate words from a username and gecos entry and checks those words against the password; it checks for simplistic patterns in passwords; and it checks for the password in a dictionary. CrackLib is actually a library containing a particular C function which is used to check the password, as well as other C functions. CrackLib is not a replacement for a passwd program; it must be used in conjunction with an existing passwd program. Install the cracklib package if you need a program to check users' passwords to see if they are at least minimally secure. If you install CrackLib, you will also want to install the cracklib-dicts package. -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2016-6318 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1364944 - CVE-2016-6318 cracklib: Stack-based buffer overflow when parsing large GECOS field https://bugzilla.redhat.com/show_bug.cgi?id=1364944 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade cracklib' at the command line. For more information, refer to the dnf documentation availableat https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Dec 11, 2016 •Critical Fedora 
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!