Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -5 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedorasoftware fix

Fedora 33: FEDORA-2021-d4c1c98a58 Moderate: DjVu Stack Overflow

This update fixes several issues in djvulibre. These are mostly related to opening of corrupted files.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-d4c1c98a58 2021-05-11 01:15:16.743966 --------------------------------------------------------------------------------Name : djvulibre Product : Fedora 33 Version : 3.5.27 Release : 27.fc33 URL : Summary : DjVu viewers, encoders, and utilities Description : DjVu is a web-centric format and software platform for distributing documents and images. DjVu can advantageously replace PDF, PS, TIFF, JPEG, and GIF for distributing scanned documents, digital documents, or high-resolution pictures. DjVu content downloads faster, displays and renders faster, looks nicer on a screen, and consume less client resources than competing formats. DjVu images display instantly and can be smoothly zoomed and panned with no lengthy re-rendering. DjVuLibre is a free (GPL'ed) implementation of DjVu, including viewers, decoders, simple encoders, and utilities. The browser plugin is in its own separate sub-package. --------------------------------------------------------------------------------Update Information: This update fixes several issues in djvulibre. These are mostly related to opening of corrupted files. --------------------------------------------------------------------------------ChangeLog: * Mon May 3 2021 Marek Kasik - 3.5.27-27 - Avoid unsigned short overflow in GBitmap when allocating row buffer - Resolves: #1943424 * Mon May 3 2021 Marek Kasik - 3.5.27-26 - Avoid stack overflow in DjVuPort by remembering which file we are opening - Resolves: #1943411, #1943685 * Mon May 3 2021 Marek Kasik - 3.5.27-25 - Check input pool for NULL - Resolves: #1943410 * Mon May 3 2021 Marek Kasik - 3.5.27-24 - Avoid integer overflow when allocating bitmap - Resolves: #1943409 * Mon May 3 2021 Marek Kasik - 3.5.27-23 - Checkimage size for 0 - Resolves: #1943408 --------------------------------------------------------------------------------References: [ 1 ] Bug #1943685 - CVE-2021-3500 djvulibre: Stack overflow in function DJVU::DjVuDocument::get_djvu_file() via crafted djvu file https://bugzilla.redhat.com/show_bug.cgi?id=1943685 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-d4c1c98a58' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . The latest DjVu revision for Fedora 33 addresses critical stack overflow vulnerabilities and file corruption problems. Discover the installation process and the implications of these updates.. DjVu Update,Fedora 33,Software Fixes,Stack Overflow,Security Issues. . LinuxSecurity.com Team

Calendar 2 May 10, 2021 Fedora
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorynetwork securitycode execution

Red Hat Enterprise Linux 7: RHSA-2014:1008-01 Important Samba Update

Updated samba packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS). -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Important: samba security and bug fix update Advisory ID: RHSA-2014:1008-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2014:1008.html Issue date: 2014-08-05 CVE Names: CVE-2014-3560 ==================================================================== 1. Summary: Updated samba packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: Samba is an open-source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. A heap-based buffer overflow flaw was found in Samba's NetBIOS message block daemon (nmbd). An attacker on the local network could use this flaw to send specially craftedpackets that, when processed by nmbd, could possibly lead to arbitrary code execution with root privileges. (CVE-2014-3560) This update also fixes the following bug: * Prior to this update, Samba incorrectly used the O_TRUNC flag when using the open(2) system call to access the contents of a file that was already opened by a different process, causing the file's previous contents to be removed. With this update, the O_TRUNC flag is no longer used in the above scenario, and file corruption no longer occurs. (BZ#1115490) All Samba users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, the smb service will be restarted automatically. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1115490 - Samba file corruption as a result of failed lock check 1126010 - CVE-2014-3560 samba: remote code execution in nmbd 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: samba-4.1.1-37.el7_0.src.rpm x86_64: libsmbclient-4.1.1-37.el7_0.i686.rpm libsmbclient-4.1.1-37.el7_0.x86_64.rpm libwbclient-4.1.1-37.el7_0.i686.rpm libwbclient-4.1.1-37.el7_0.x86_64.rpm samba-client-4.1.1-37.el7_0.x86_64.rpm samba-common-4.1.1-37.el7_0.x86_64.rpm samba-debuginfo-4.1.1-37.el7_0.i686.rpm samba-debuginfo-4.1.1-37.el7_0.x86_64.rpm samba-libs-4.1.1-37.el7_0.i686.rpm samba-libs-4.1.1-37.el7_0.x86_64.rpm samba-winbind-4.1.1-37.el7_0.x86_64.rpm samba-winbind-modules-4.1.1-37.el7_0.i686.rpm samba-winbind-modules-4.1.1-37.el7_0.x86_64.rpm Red Hat Enterprise Linux Client Optional (v.7): x86_64: libsmbclient-devel-4.1.1-37.el7_0.i686.rpm libsmbclient-devel-4.1.1-37.el7_0.x86_64.rpm libwbclient-devel-4.1.1-37.el7_0.i686.rpm libwbclient-devel-4.1.1-37.el7_0.x86_64.rpm samba-4.1.1-37.el7_0.x86_64.rpm samba-dc-4.1.1-37.el7_0.x86_64.rpm samba-dc-libs-4.1.1-37.el7_0.x86_64.rpm samba-debuginfo-4.1.1-37.el7_0.i686.rpm samba-debuginfo-4.1.1-37.el7_0.x86_64.rpm samba-devel-4.1.1-37.el7_0.i686.rpm samba-devel-4.1.1-37.el7_0.x86_64.rpm samba-pidl-4.1.1-37.el7_0.x86_64.rpm samba-python-4.1.1-37.el7_0.x86_64.rpm samba-test-4.1.1-37.el7_0.x86_64.rpm samba-test-devel-4.1.1-37.el7_0.x86_64.rpm samba-vfs-glusterfs-4.1.1-37.el7_0.x86_64.rpm samba-winbind-clients-4.1.1-37.el7_0.x86_64.rpm samba-winbind-krb5-locator-4.1.1-37.el7_0.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: samba-4.1.1-37.el7_0.src.rpm x86_64: libsmbclient-4.1.1-37.el7_0.i686.rpm libsmbclient-4.1.1-37.el7_0.x86_64.rpm libwbclient-4.1.1-37.el7_0.i686.rpm libwbclient-4.1.1-37.el7_0.x86_64.rpm samba-client-4.1.1-37.el7_0.x86_64.rpm samba-common-4.1.1-37.el7_0.x86_64.rpm samba-debuginfo-4.1.1-37.el7_0.i686.rpm samba-debuginfo-4.1.1-37.el7_0.x86_64.rpm samba-libs-4.1.1-37.el7_0.i686.rpm samba-libs-4.1.1-37.el7_0.x86_64.rpm samba-winbind-4.1.1-37.el7_0.x86_64.rpm samba-winbind-modules-4.1.1-37.el7_0.i686.rpm samba-winbind-modules-4.1.1-37.el7_0.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v.7): x86_64: libsmbclient-devel-4.1.1-37.el7_0.i686.rpm libsmbclient-devel-4.1.1-37.el7_0.x86_64.rpm libwbclient-devel-4.1.1-37.el7_0.i686.rpm libwbclient-devel-4.1.1-37.el7_0.x86_64.rpm samba-4.1.1-37.el7_0.x86_64.rpm samba-dc-4.1.1-37.el7_0.x86_64.rpm samba-dc-libs-4.1.1-37.el7_0.x86_64.rpm samba-debuginfo-4.1.1-37.el7_0.i686.rpm samba-debuginfo-4.1.1-37.el7_0.x86_64.rpm samba-devel-4.1.1-37.el7_0.i686.rpm samba-devel-4.1.1-37.el7_0.x86_64.rpm samba-pidl-4.1.1-37.el7_0.x86_64.rpm samba-python-4.1.1-37.el7_0.x86_64.rpm samba-test-4.1.1-37.el7_0.x86_64.rpm samba-test-devel-4.1.1-37.el7_0.x86_64.rpm samba-vfs-glusterfs-4.1.1-37.el7_0.x86_64.rpm samba-winbind-clients-4.1.1-37.el7_0.x86_64.rpm samba-winbind-krb5-locator-4.1.1-37.el7_0.x86_64.rpm Red Hat Enterprise Linux Server (v.7): Source: samba-4.1.1-37.el7_0.src.rpm ppc64: libsmbclient-4.1.1-37.el7_0.ppc.rpm libsmbclient-4.1.1-37.el7_0.ppc64.rpm libwbclient-4.1.1-37.el7_0.ppc.rpm libwbclient-4.1.1-37.el7_0.ppc64.rpm samba-4.1.1-37.el7_0.ppc64.rpm samba-client-4.1.1-37.el7_0.ppc64.rpm samba-common-4.1.1-37.el7_0.ppc64.rpm samba-debuginfo-4.1.1-37.el7_0.ppc.rpm samba-debuginfo-4.1.1-37.el7_0.ppc64.rpm samba-libs-4.1.1-37.el7_0.ppc.rpm samba-libs-4.1.1-37.el7_0.ppc64.rpm samba-winbind-4.1.1-37.el7_0.ppc64.rpm samba-winbind-modules-4.1.1-37.el7_0.ppc.rpm samba-winbind-modules-4.1.1-37.el7_0.ppc64.rpm s390x: libsmbclient-4.1.1-37.el7_0.s390.rpm libsmbclient-4.1.1-37.el7_0.s390x.rpm libwbclient-4.1.1-37.el7_0.s390.rpm libwbclient-4.1.1-37.el7_0.s390x.rpm samba-4.1.1-37.el7_0.s390x.rpm samba-client-4.1.1-37.el7_0.s390x.rpm samba-common-4.1.1-37.el7_0.s390x.rpm samba-debuginfo-4.1.1-37.el7_0.s390.rpm samba-debuginfo-4.1.1-37.el7_0.s390x.rpm samba-libs-4.1.1-37.el7_0.s390.rpm samba-libs-4.1.1-37.el7_0.s390x.rpm samba-winbind-4.1.1-37.el7_0.s390x.rpm samba-winbind-modules-4.1.1-37.el7_0.s390.rpm samba-winbind-modules-4.1.1-37.el7_0.s390x.rpm x86_64: libsmbclient-4.1.1-37.el7_0.i686.rpm libsmbclient-4.1.1-37.el7_0.x86_64.rpm libwbclient-4.1.1-37.el7_0.i686.rpm libwbclient-4.1.1-37.el7_0.x86_64.rpm samba-4.1.1-37.el7_0.x86_64.rpm samba-client-4.1.1-37.el7_0.x86_64.rpm samba-common-4.1.1-37.el7_0.x86_64.rpm samba-debuginfo-4.1.1-37.el7_0.i686.rpm samba-debuginfo-4.1.1-37.el7_0.x86_64.rpm samba-libs-4.1.1-37.el7_0.i686.rpm samba-libs-4.1.1-37.el7_0.x86_64.rpm samba-python-4.1.1-37.el7_0.x86_64.rpm samba-winbind-4.1.1-37.el7_0.x86_64.rpm samba-winbind-modules-4.1.1-37.el7_0.i686.rpm samba-winbind-modules-4.1.1-37.el7_0.x86_64.rpm Red Hat Enterprise Linux Server Optional (v.7): ppc64: libsmbclient-devel-4.1.1-37.el7_0.ppc.rpm libsmbclient-devel-4.1.1-37.el7_0.ppc64.rpm libwbclient-devel-4.1.1-37.el7_0.ppc.rpm libwbclient-devel-4.1.1-37.el7_0.ppc64.rpm samba-dc-4.1.1-37.el7_0.ppc64.rpm samba-dc-libs-4.1.1-37.el7_0.ppc64.rpm samba-debuginfo-4.1.1-37.el7_0.ppc.rpm samba-debuginfo-4.1.1-37.el7_0.ppc64.rpm samba-devel-4.1.1-37.el7_0.ppc.rpm samba-devel-4.1.1-37.el7_0.ppc64.rpm samba-pidl-4.1.1-37.el7_0.ppc64.rpm samba-python-4.1.1-37.el7_0.ppc64.rpm samba-test-4.1.1-37.el7_0.ppc64.rpm samba-test-devel-4.1.1-37.el7_0.ppc64.rpm samba-winbind-clients-4.1.1-37.el7_0.ppc64.rpm samba-winbind-krb5-locator-4.1.1-37.el7_0.ppc64.rpm s390x: libsmbclient-devel-4.1.1-37.el7_0.s390.rpm libsmbclient-devel-4.1.1-37.el7_0.s390x.rpm libwbclient-devel-4.1.1-37.el7_0.s390.rpm libwbclient-devel-4.1.1-37.el7_0.s390x.rpm samba-dc-4.1.1-37.el7_0.s390x.rpm samba-dc-libs-4.1.1-37.el7_0.s390x.rpm samba-debuginfo-4.1.1-37.el7_0.s390.rpm samba-debuginfo-4.1.1-37.el7_0.s390x.rpm samba-devel-4.1.1-37.el7_0.s390.rpm samba-devel-4.1.1-37.el7_0.s390x.rpm samba-pidl-4.1.1-37.el7_0.s390x.rpm samba-python-4.1.1-37.el7_0.s390x.rpm samba-test-4.1.1-37.el7_0.s390x.rpm samba-test-devel-4.1.1-37.el7_0.s390x.rpm samba-winbind-clients-4.1.1-37.el7_0.s390x.rpm samba-winbind-krb5-locator-4.1.1-37.el7_0.s390x.rpm x86_64: libsmbclient-devel-4.1.1-37.el7_0.i686.rpm libsmbclient-devel-4.1.1-37.el7_0.x86_64.rpm libwbclient-devel-4.1.1-37.el7_0.i686.rpm libwbclient-devel-4.1.1-37.el7_0.x86_64.rpm samba-dc-4.1.1-37.el7_0.x86_64.rpm samba-dc-libs-4.1.1-37.el7_0.x86_64.rpm samba-debuginfo-4.1.1-37.el7_0.i686.rpm samba-debuginfo-4.1.1-37.el7_0.x86_64.rpm samba-devel-4.1.1-37.el7_0.i686.rpm samba-devel-4.1.1-37.el7_0.x86_64.rpm samba-pidl-4.1.1-37.el7_0.x86_64.rpm samba-test-4.1.1-37.el7_0.x86_64.rpm samba-test-devel-4.1.1-37.el7_0.x86_64.rpm samba-vfs-glusterfs-4.1.1-37.el7_0.x86_64.rpm samba-winbind-clients-4.1.1-37.el7_0.x86_64.rpm samba-winbind-krb5-locator-4.1.1-37.el7_0.x86_64.rpm Red Hat Enterprise Linux Workstation (v.7): Source: samba-4.1.1-37.el7_0.src.rpm x86_64: libsmbclient-4.1.1-37.el7_0.i686.rpm libsmbclient-4.1.1-37.el7_0.x86_64.rpm libwbclient-4.1.1-37.el7_0.i686.rpm libwbclient-4.1.1-37.el7_0.x86_64.rpm samba-4.1.1-37.el7_0.x86_64.rpm samba-client-4.1.1-37.el7_0.x86_64.rpm samba-common-4.1.1-37.el7_0.x86_64.rpm samba-debuginfo-4.1.1-37.el7_0.i686.rpm samba-debuginfo-4.1.1-37.el7_0.x86_64.rpm samba-libs-4.1.1-37.el7_0.i686.rpm samba-libs-4.1.1-37.el7_0.x86_64.rpm samba-python-4.1.1-37.el7_0.x86_64.rpm samba-winbind-4.1.1-37.el7_0.x86_64.rpm samba-winbind-modules-4.1.1-37.el7_0.i686.rpm samba-winbind-modules-4.1.1-37.el7_0.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: libsmbclient-devel-4.1.1-37.el7_0.i686.rpm libsmbclient-devel-4.1.1-37.el7_0.x86_64.rpm libwbclient-devel-4.1.1-37.el7_0.i686.rpm libwbclient-devel-4.1.1-37.el7_0.x86_64.rpm samba-dc-4.1.1-37.el7_0.x86_64.rpm samba-dc-libs-4.1.1-37.el7_0.x86_64.rpm samba-debuginfo-4.1.1-37.el7_0.i686.rpm samba-debuginfo-4.1.1-37.el7_0.x86_64.rpm samba-devel-4.1.1-37.el7_0.i686.rpm samba-devel-4.1.1-37.el7_0.x86_64.rpm samba-pidl-4.1.1-37.el7_0.x86_64.rpm samba-test-4.1.1-37.el7_0.x86_64.rpm samba-test-devel-4.1.1-37.el7_0.x86_64.rpm samba-vfs-glusterfs-4.1.1-37.el7_0.x86_64.rpm samba-winbind-clients-4.1.1-37.el7_0.x86_64.rpm samba-winbind-krb5-locator-4.1.1-37.el7_0.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://access.redhat.com/security/cve/CVE-2014-3560 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFT4TkGXlSAg2UNWIIRAjeIAKCNyxPHgOVCrcCBUnfD7qB8rRpZKQCfXxMU X+IkQlg8K91fZatbsAcPLzw=duRj -----END PGP SIGNATURE----- -- Enterprise-watch-listmailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Red Hat enhances samba with crucial patches tackling vulnerabilities related to code execution and file corruption concerns for Enterprise Linux 8.. Samba Security Update, Red Hat Advisory, Network Security Issues, Enterprise Linux Fixes, Code Execution Patch. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Aug 05, 2014 Important Red Hat
Banner 2 1028x280 1708121730 1 1771599631
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorymoderatedenial of service

Ubuntu 12.04 LTS USN-1545-1 Moderate: Nova File Corruption Issue

Nova could be made to overwrite or corrupt arbitrary files in the compute host file system.. =========================================================================Ubuntu Security Notice USN-1545-1 August 22, 2012 nova vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.04 LTS - Ubuntu 11.10 Summary: Nova could be made to overwrite or corrupt arbitrary files in the compute host file system. Software Description: - nova: OpenStack Compute cloud infrastructure Details: Padraig Brady discovered that the fix for CVE-2012-3361 was incomplete and an authenticated user could still corrupt arbitrary files on the host running Nova. A remote attacker could use this to cause a denial of service or possibly gain privileges. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 LTS: python-nova 2012.1+stable~20120612-3ee026e-0ubuntu1.3 Ubuntu 11.10: python-nova 2011.3-0ubuntu6.10 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-1545-1 CVE-2012-3447 Package Information: https://launchpad.net/ubuntu/+source/nova/2012.1+stable~20120612-3ee026e-0ubuntu1.3 https://launchpad.net/ubuntu/+source/nova/2011.3-0ubuntu6.10 . The Ubuntu Security Notice USN-1546-1 tackles a critical OpenStack vulnerability posing a risk of unauthorized access on server instances.. Ubuntu Nova Security Notice, File Corruption Issue, Denial of Service Threat. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Aug 22, 2012 Important Ubuntu
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorycritical issueRed Hat Powertools

Red Hat Powertools RHSA-2000:122-06 Critical: Diskcheck Race Issue

A race vulnerability exists in the diskcheck package.. ` --------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: race condition exists in diskcheck Advisory ID: RHSA-2000:122-06 Issue date: 2000-12-01 Updated on: 2000-12-08 Product: Red Hat Powertools Keywords: N/A Cross references: N/A --------------------------------------------------------------------- 1. Topic: A race vulnerability exists in the diskcheck package. 2. Relevant releases/architectures: Red Hat Powertools 6.0 - noarch Red Hat Powertools 6.1 - noarch Red Hat Powertools 6.2 - noarch Red Hat Powertools 7.0 - noarch 3. Problem description: A race vulnerability exists where a user can replace the tempfile used by diskcheck with symlinks to other files on the system, making it possible to corrupt those files. This update fixes the vulnerability as well as problems with diskcheck sending mail if /var is on a full partition. All users should upgrade to the version below. NOTE: The version of diskcheck shipped in Powertools 7 does not have the race condition, but should be upgraded to fix the problem with /var being on a full partition. 4. Solution: For each RPM for your particular architecture, run: rpm -Fvh [filename] where filename is the name of the RPM. 5. Bug IDs fixed ( for more info): 11724 - tempfile has easily guessed name and follows symlinks 21901 - diskcheck sends empty email if filesystem where tmp file is created fills up 6. RPMs required: Red Hat Powertools 6.2: noarch: sources: Red Hat Powertools 7.0: noarch: sources: 7. Verification: MD5 sum Package Name -------------------------------------------------------------------------- 33ec0067e449f3411982f3280d5b51a7 6.2/SRPMS/diskcheck-3.1.1-12.src.rpm ad5b2b48440b9ce431bd31b9d28bde92 6.2/noarch/diskcheck-3.1.1-12.noarch.rpm b7670bab7d16b9903735728c65c1a971 7.0/SRPMS/diskcheck-3.1.1-12.src.rpm e54d258f082219443106341074cecdbf 7.0/noarch/diskcheck-3.1.1-12.noarch.rpm These packages are GPG signed by Red Hat, Inc. for security. Our key is available at: You can verify each package with the following command: rpm --checksig If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg 8. References: N/A Copyright(c) 2000 Red Hat, Inc. `. Improvements made to concurrency management in diskcheck have been established to maintain system integrity and prevent data loss.. diskcheck race condition, Red Hat security advisory, system integrity fix. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Dec 05, 2000 Critical Red Hat
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here