Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 5 articles for you...
89
security advisoryfedoradependency fixFedora 36: 2022-8b0d8fb7da moderate: Type Confusion in Chromium
Minor update for CVE-2022-1096. Also fixes dependency issues for chrome-remote- desktop and sizing issues where some libraries/binaries were not being stripped.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-8b0d8fb7da 2022-05-07 04:08:14.309241 --------------------------------------------------------------------------------Name : chromium Product : Fedora 36 Version : 99.0.4844.84 Release : 1.fc36 URL : https://www.chromium.org/Home/ Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use Description : Chromium is an open-source web browser, powered by WebKit (Blink). --------------------------------------------------------------------------------Update Information: Minor update for CVE-2022-1096. Also fixes dependency issues for chrome-remote-desktop and sizing issues where some libraries/binaries were not being stripped. --------------------------------------------------------------------------------ChangeLog: * Sun Mar 27 2022 Tom Callaway - 99.0.4844.84-1 - update to 99.0.4844.84 - package up libremoting_core.so* for chrome-remote-desktop - strip all the .so files (and binaries) * Sat Mar 19 2022 Tom Callaway - 99.0.4844.74-1 - update to 99.0.4844.74 --------------------------------------------------------------------------------References: [ 1 ] Bug #2068954 - CVE-2022-1096 chromium-browser: Type Confusion in V8 https://bugzilla.redhat.com/show_bug.cgi?id=2068954 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-8b0d8fb7da' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
May 07, 2022
Fedora
89
security advisorymoderatefedoraFedora 33: 2020-640645e518 Moderate: Guacamole-Server Update Information
Updated SPEC file and rebuilt for new dependencies.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-640645e518 2021-01-04 01:05:53.142327 --------------------------------------------------------------------------------Name : guacamole-server Product : Fedora 33 Version : 1.2.0 Release : 3.fc33 URL : https://guacamole.apache.org/ Summary : Server-side native components that form the Guacamole proxy Description : Guacamole is an HTML5 remote desktop gateway. Guacamole provides access to desktop environments using remote desktop protocols like VNC and RDP. A centralized server acts as a tunnel and proxy, allowing access to multiple desktops through a web browser. No browser plugins are needed, and no client software needs to be installed. The client requires nothing more than a web browser supporting HTML5 and AJAX. The main web application is provided by the "guacamole-client" package. --------------------------------------------------------------------------------Update Information: Updated SPEC file and rebuilt for new dependencies. --------------------------------------------------------------------------------ChangeLog: * Sat Dec 26 2020 Simone Caronni - 1.2.0-3 - Do not ship deprecated sysconfig file. - Trim changelog. --------------------------------------------------------------------------------References: [ 1 ] Bug #1853386 - CVE-2020-9498 guacamole-server: Dangling pointer in RDP static virtual channel handling [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1853386 [ 2 ] Bug #1853388 - CVE-2020-9498 guacamole-server: Dangling pointer in RDP static virtual channel handling [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1853388 [ 3 ] Bug #1853391 - CVE-2020-9497 guacamole-server: Improper input validation of RDP static virtual channels [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1853391 [ 4 ] Bug#1853393 - CVE-2020-9497 guacamole-server: Improper input validation of RDP static virtual channels [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1853393 [ 5 ] Bug #1878395 - F34FailsToInstall: libguac-client-kubernetes https://bugzilla.redhat.com/show_bug.cgi?id=1878395 [ 6 ] Bug #1899751 - Dependency error installing libguac-client-kubernetes https://bugzilla.redhat.com/show_bug.cgi?id=1899751 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-640645e518' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Jan 03, 2021
Fedora
89
security advisorycriticalFedoraFedora 32: FEDORA-2020-1a0c7a3b53 Important: Xmlrpc Library Update
Update to latest release of PyDev and fix dependency errors. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-1d0635bd71 2020-04-06 00:15:14.746061 --------------------------------------------------------------------------------Name : xmlrpc Product : Fedora 32 Version : 3.1.3 Release : 24.fc32 URL : https://ws.apache.org/xmlrpc/ Summary : Java XML-RPC implementation Description : Apache XML-RPC is a Java implementation of XML-RPC, a popular protocol that uses XML over HTTP to implement remote procedure calls. --------------------------------------------------------------------------------Update Information: Update to latest release of PyDev and fix dependency errors --------------------------------------------------------------------------------ChangeLog: --------------------------------------------------------------------------------References: [ 1 ] Bug #1736737 - swt-chart: FTBFS in Fedora rawhide/f31 https://bugzilla.redhat.com/show_bug.cgi?id=1736737 [ 2 ] Bug #1791766 - CVE-2019-17570 xmlrpc: Deserialization of server-side exception from faultCause in XMLRPC error response [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1791766 [ 3 ] Bug #1793870 - Broken dependency on xmlrpc package from eclipse-pydev https://bugzilla.redhat.com/show_bug.cgi?id=1793870 [ 4 ] Bug #1799307 - eclipse-pydev: FTBFS in Fedora rawhide/f32 https://bugzilla.redhat.com/show_bug.cgi?id=1799307 [ 5 ] Bug #1807580 - eclipse-pydev requires Python 2 to build https://bugzilla.redhat.com/show_bug.cgi?id=1807580 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-1d0635bd71' at the command line. For more information, refer to the dnf documentation availableat https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Apr 05, 2020
•Important
Fedora
89
security advisorysoftware updateFedoraFedora 32: FEDORA-2020-1d0635bd71 moderate: Eclipse-PyDev Dependency Fix
Update to latest release of PyDev and fix dependency errors. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-1d0635bd71 2020-04-06 00:15:14.746061 --------------------------------------------------------------------------------Name : eclipse-pydev Product : Fedora 32 Version : 7.5.0 Release : 1.fc32 URL : https://www.pydev.org/ Summary : Eclipse Python development plug-in Description : The eclipse-pydev package contains Eclipse plugins for Python development. --------------------------------------------------------------------------------Update Information: Update to latest release of PyDev and fix dependency errors --------------------------------------------------------------------------------ChangeLog: * Tue Mar 24 2020 Mat Booth - 1:7.5.0-1 - Update to latest upstream release - Drop mylyn extension - Drop python 2 cython extension support * Tue Jan 28 2020 Fedora Release Engineering - 1:7.4.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild * Sat Nov 23 2019 Mat Booth - 1:7.4.0-2 - Don't build python 2 extensions for Fedora > = 32 * Wed Nov 20 2019 Mat Booth - 1:7.4.0-1 - Update to latest upstream release * Mon Sep 23 2019 Mat Booth - 1:7.3.0-2 - Ensure c++11 is used when building native part * Mon Sep 9 2019 Mat Booth - 1:7.3.0-1 - Update to latest upstream release * Sun Sep 1 2019 Mat Booth - 1:7.2.1-4 - Temporarily disable cython debugging extension on F32 due to a problem building against python 3.8 * Fri Jun 21 2019 Mat Booth - 1:7.2.1-3 - Fix failure to build against Eclipse 2019-06 * Mon Jun 17 2019 Mat Booth - 1:7.2.1-2 - Rebuild against Lucene 8 * Sat Jun 1 2019 Mat Booth - 1:7.2.1-1 - Update to latest upstream release - Fix missing cython extension for python 2 users --------------------------------------------------------------------------------References: [ 1 ] Bug #1736737 - swt-chart: FTBFS inFedora rawhide/f31 https://bugzilla.redhat.com/show_bug.cgi?id=1736737 [ 2 ] Bug #1791766 - CVE-2019-17570 xmlrpc: Deserialization of server-side exception from faultCause in XMLRPC error response [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1791766 [ 3 ] Bug #1793870 - Broken dependency on xmlrpc package from eclipse-pydev https://bugzilla.redhat.com/show_bug.cgi?id=1793870 [ 4 ] Bug #1799307 - eclipse-pydev: FTBFS in Fedora rawhide/f32 https://bugzilla.redhat.com/show_bug.cgi?id=1799307 [ 5 ] Bug #1807580 - eclipse-pydev requires Python 2 to build https://bugzilla.redhat.com/show_bug.cgi?id=1807580 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-1d0635bd71' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Apr 05, 2020
Fedora
202
security advisorymoderateupdateopenSUSE: 2019:0185-1 Moderate: rmt-server Security Update
An update that solves three vulnerabilities and has 6 fixes is now available.. openSUSE Security Update: Security update for rmt-server ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:0185-1 Rating: moderate References: #1102046 #1102193 #1109307 #1113760 #1113969 #1114831 #1117106 #1118579 #1118584 Cross-References: CVE-2018-14404 CVE-2018-16468 CVE-2018-16470 Affected Products: openSUSE Leap 15.0 ______________________________________________________________________________ An update that solves three vulnerabilities and has 6 fixes is now available. Description: This update for rmt-server to version 1.1.1 fixes the following issues: The following issues have been fixed: - Fixed migration problems which caused some extensions / modules to be dropped (bsc#1118584, bsc#1118579) - Fixed listing of mirrored products (bsc#1102193) - Include online migration paths into offline migration (bsc#1117106) - Sync products that do not have a base product (bsc#1109307) - Fixed SLP auto discovery for RMT (bsc#1113760) Update dependencies for security fixes: - CVE-2018-16468: Update loofah to 2.2.3 (bsc#1113969) - CVE-2018-16470: Update rack to 2.0.6 (bsc#1114831) - CVE-2018-14404: Update nokogiri to 1.8.5 (bsc#1102046) This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.0: zypper in -t patch openSUSE-2019-185=1 Package List: - openSUSE Leap 15.0 (x86_64): rmt-server-1.1.1-lp150.2.12.1 rmt-server-debuginfo-1.1.1-lp150.2.12.1 rmt-server-pubcloud-1.1.1-lp150.2.12.1 References: https://www.suse.com/security/cve/CVE-2018-14404.html https://www.suse.com/security/cve/CVE-2018-16468.html https://www.suse.com/security/cve/CVE-2018-16470.html https://bugzilla.suse.com/1102046 https://bugzilla.suse.com/1102193 https://bugzilla.suse.com/1109307 https://bugzilla.suse.com/1113760 https://bugzilla.suse.com/1113969 https://bugzilla.suse.com/1114831 https://bugzilla.suse.com/1117106 https://bugzilla.suse.com/1118579 https://bugzilla.suse.com/1118584 -- . openSUSE’s rmt-server upgrade addresses several concerns by implementing solutions and dependency enhancements for improved security and efficiency.. openSUSE Security, rmt-server Update, software fix, security advisory. . LinuxSecurity.com Team
Feb 14, 2019
OpenSUSE
89
security advisorysecurity issuebuffer overflowFedora 29: 2018-1959097dfc Critical: Texlive Buffer Overflow
Update pretty much everything in texlive. Apply upstream fix for CVE-2018-17407. Resolve (hopefully) all dependency issues.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-1959097dfc 2018-10-09 00:04:24.598855 --------------------------------------------------------------------------------Name : texlive Product : Fedora 29 Version : 2018 Release : 20.fc29 URL : https://tug.org/texlive/ Summary : TeX formatting system Description : The TeX Live software distribution offers a complete TeX system for a variety of Unix, Macintosh, Windows and other platforms. It encompasses programs for editing, typesetting, previewing and printing of TeX documents in many different languages, and a large collection of TeX macros and font libraries. The distribution includes extensive general documentation about TeX, as well as the documentation for the included software packages. --------------------------------------------------------------------------------Update Information: Update pretty much everything in texlive. Apply upstream fix for CVE-2018-17407. Resolve (hopefully) all dependency issues. --------------------------------------------------------------------------------References: [ 1 ] Bug #1632803 - CVE-2018-17407 texlive: Buffer overflow in t1_check_unusual_charstring function in writet1.c [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1632803 [ 2 ] Bug #1599508 - texlive update still has issues with failed dependencies https://bugzilla.redhat.com/show_bug.cgi?id=1599508 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-1959097dfc' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the FedoraProject GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Oct 09, 2018
•Critical
Fedora
197
security advisorydebiandependency fixDebian 8 DLA-1434-1: Linux-Base Update Critical For Dependencies
The linux-base package has been updated to support the package of Linux 4.9 that was recently added to Debian 8. This resolves a dependency that was not satisfiable by the jessie and jessie-security suites. . Package : linux-base Version : 4.5~deb8u1 Debian Bug : 702482 761614 The linux-base package has been updated to support the package of Linux 4.9 that was recently added to Debian 8. This resolves a dependency that was not satisfiable by the jessie and jessie-security suites. This update also fixes a bug in version ordering in the linux-version command, corrects the package name printed by the perf command when linux-perf-4.9 is needed, and adds bash-completion support for the perf command. For Debian 8 "Jessie", the new version is 4.5~deb8u1. We recommend that you upgrade your linux-base packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -- Ben Hutchings - Debian developer, member of kernel, installer and LTS teams . The new version of the linux-base package is now compatible with Linux kernel 4.9, addressing critical dependencies in Debian 8.. Debian Linux Base Update, Linux Support Package, Dependency Resolution. . Severity: Critical. LinuxSecurity.com Team
Jul 20, 2018
•Critical
Debian LTS
89
security advisoryFedorapackage updateFedora: 2017-ea72793352 critical: fedpkg dependency issue
**Update** - Fixed chain-build - Remove hard dependency of bash-completion from fedpkg **rpkg** - Ignore TestModulesCli if openidc-client is unavailable (cqi) - Port mbs-build to rpkg (mprahl) - Add .vscode to .gitignore (mprahl) - Fix TestPatch.test_rediff in order to run with old version of mock (cqi) - Allow to specify alternative Copr config file - #184 (cqi) - Tests for patch command. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2017-ea72793352 2017-11-23 19:11:32.486230 --------------------------------------------------------------------------------Name : fedpkg Product : Fedora 26 Version : 1.30 Release : 4.fc26 URL : https://pagure.io/fedpkg Summary : Fedora utility for working with dist-git Description : Provides the fedpkg command for working with dist-git --------------------------------------------------------------------------------Update Information: **Update** - Fixed chain-build - Remove hard dependency of bash-completion from fedpkg **rpkg** - Ignore TestModulesCli if openidc-client is unavailable (cqi) - Port mbs-build to rpkg (mprahl) - Add .vscode to .gitignore (mprahl) - Fix TestPatch.test_rediff in order to run with old version of mock (cqi) - Allow to specify alternative Copr config file - #184 (cqi) - Tests for patch command (cqi) - More Tests for mockbuild command (cqi) - More tests for getting spec file (cqi) - Tests for container-build-setup command (cqi) - Test for container-build to use custom config (cqi) - Suppress output from git command within setUp (cqi) - Skip test if rpmfluff is not available (lsedlar) - Allow to override build URL (cqi) - Test for mock-config command (cqi) - Tests for copr-build command (cqi) - Fix arch-override for container-build (lucarval) - Remove unsupported osbs for container-build (lucarval) - cli: add --arches support for koji_cointainerbuild (mlangsdo) - Strip refs/heads/ from branch only once (lsedlar) - Don't installbin and config files (cqi) - Fix kojiprofile selection in cliClient.container_build_koji (cqi) - Avoid branch detection for 'rpkg sources' (praiskup) - Fix encoding in new command (cqi) - Minor wording improvement in help (pgier) - Fix indentation (pviktori) - Add --with and --without options to mockbuild (pviktori) **fedpkg** - Tests for update command (cqi) - Add support for module commands (mprahl) - Clean rest cert related code (cqi) - Remove fedora cert (cqi) - Override build URL for Koji (cqi) - changing anongiturl to use src.fp.o instead of pkgs.fp.o. - #119 (tflink) - Add tests (cqi) - Enable lookaside_namespaced - #130 (cqi) - Detect dist tag correctly for RHEL and CentOS - #141 (cqi) - Remove deprecated call to platform.dist (cqi) - Do not prompt hint for SSL cert if fail to log into Koji (cqi) - Add more container-build options to bash completion (cqi) - Remove osbs from bash completion - #138 (cqi) - Install executables via entry_points - #134 (cqi) - Fix container build target (lsedlar) - Get correct build target for rawhide containers (lsedlar) - Update error message to reflect deprecation of --dist option (pgier) --------------------------------------------------------------------------------References: [ 1 ] Bug #1188634 - fedpkg clone -a should use https:// transport https://bugzilla.redhat.com/show_bug.cgi?id=1188634 [ 2 ] Bug #1509322 - fedpkg > = 1.30-1 depends on bash-completion https://bugzilla.redhat.com/show_bug.cgi?id=1509322 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade fedpkg' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Nov 23, 2017
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!