Alerts This Week
Warning Icon 1 566
Alerts This Week
Warning Icon 1 566

Stay Secure with the Latest Linux Advisories

Fedora Large Esm H800
Fedora

Fedora 44 Transmission 4.1.2 Important Clickjacking Fix CVE-2026-38978

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 libre 4.8.1 Critical Update Details for Real-Time Communication

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 NextCloud Update Denial of Service JSON Tampering 2026-30881a5be7

Calendar White Jun 05, 2026
Important
Fedora Large Esm H800
Fedora

Fedora 44 python-starlette Security Fix for CVE-2026-48710

Calendar White Jun 05, 2026
Critical
Fedora Large Esm H900
Fedora

Fedora 44 perl-Cpanel-JSON-XS Moderate Denial of Service CVE-2026-9516

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 rubygem-yard High Path Traversal Fix Vuln 2026-acefc1fe48

Calendar White Jun 05, 2026
high
Fedora Large Esm H800
Fedora

Fedora 44 Rust Sequoia Sop Low-Severity Fix Advisory 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Fedora Large Esm H900
Fedora

Fedora 44 rust-sequoia-sq Low Threat Security Advisory 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Fedora Large Esm H900
Fedora

Fedora 44 rust-sequoia-wot Low Severity Security Fix 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 2 articles for you...
200
Ls Advisories Scientific Esm H240
Price Tag 1security advisorymoderategedit

Scientific Linux: 2005-499-01 Moderate: Gedit, Gftp, And Sysreport Updates

Moderate: sysreport security update. Date: Tue, 14 Jun 2005 14:47:58 -0500 Reply-To: Connie Sieh Sender: Security Errata for Scientific Linux From: Connie Sieh Subject: ERRATA for SL 302/303/304 x86_64 now available Comments: To: scientific , This email address is being protected from spambots. You need JavaScript enabled to view it., This email address is being protected from spambots. You need JavaScript enabled to view it. The following ERRATA for SL 302/303/304 x86_64 are now available from: Synopsis: Moderate: gedit security update Advisory ID: RHSA-2005:499-01 CVE Names: CAN-2005-1686 gedit-2.2.2-4.rhel3.x86_64.rpm Synopsis: Moderate: gftp security update Advisory ID: RHSA-2005:410-01 CVE Names: CAN-2005-0372 gftp-2.0.14-4.x86_64.rpm Synopsis: Low: gzip security update Advisory ID: RHSA-2005:357-01 CVE Names: CAN-2005-0758 CAN-2005-0988 CAN-2005-1228 gzip-1.3.3-12.rhel3.x86_64.rpm Synopsis: Low: mikmod security update Advisory ID: RHSA-2005:506-01 CVE Names: CAN-2003-0427 mikmod-3.1.6-22.EL3.i386.rpm mikmod-3.1.6-22.EL3.x86_64.rpm mikmod-devel-3.1.6-22.EL3.x86_64.rpm Synopsis: Moderate: sysreport security update Advisory ID: RHSA-2005:502-01 CVE Names: CAN-2005-1760 sysreport-1.3.7.2-6.noarch.rpm -Connie Sieh . Regular security patches for Scientific Linux software, covering sysreport, gedit, and gftp. Urgent updates are also provided.. scientific linux, security update, sysreport, gedit, gftp. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jun 14, 2005 Important Scientific Linux
200
Ls Advisories Scientific Esm H240
Price Tag 1security advisorymoderategedit

Moderate Update for Sysreport: Scientific Linux Versions 301 to 304

Moderate: sysreport security update. Date: Tue, 14 Jun 2005 14:42:19 -0500 Reply-To: Connie Sieh Sender: Security Errata for Scientific Linux From: Connie Sieh Subject: ERRATA for SL 301/302/303/304 i386 now available Comments: To: scientific , This email address is being protected from spambots. You need JavaScript enabled to view it., This email address is being protected from spambots. You need JavaScript enabled to view it. The following ERRATA for SL 301/302/303/304 i386 are now available from: Synopsis: Moderate: gedit security update Advisory ID: RHSA-2005:499-01 CVE Names: CAN-2005-1686 gedit-2.2.2-4.rhel3.i386.rpm Synopsis: Moderate: gftp security update Advisory ID: RHSA-2005:410-01 CVE Names: CAN-2005-0372 gftp-2.0.14-4.i386.rpm Synopsis: Low: gzip security update Advisory ID: RHSA-2005:357-01 CVE Names: CAN-2005-0758 CAN-2005-0988 CAN-2005-1228 gzip-1.3.3-12.rhel3.i386.rpm Synopsis: Low: mikmod security update Advisory ID: RHSA-2005:506-01 CVE Names: CAN-2003-0427 mikmod-3.1.6-22.EL3.i386.rpm mikmod-devel-3.1.6-22.EL3.i386.rpm Synopsis: Moderate: sysreport security update Advisory ID: RHSA-2005:502-01 CVE Names: CAN-2005-1760 sysreport-1.3.7.2-6.noarch.rpm -Connie Sieh . Critical patches released for Scientific Linux versions 301/302/303/304, enhancing sysreport and gedit functionalities. Immediate upgrades are advised.. Security Patch, Scientific Linux, Sysreport Update, Gedit Security Fix. . LinuxSecurity.com Team

Calendar 2 Jun 14, 2005 Scientific Linux
Banner 3 1028x280 1708121785 1771599793
200
Ls Advisories Scientific Esm H240
Price Tag 1security advisorytcpdumpgedit

Moderate Security Update for xorg-x11 in Scientific Linux 40 i386

Moderate: xorg-x11 security update. Date: Mon, 13 Jun 2005 16:43:42 -0500 Reply-To: Connie Sieh Sender: Security Errata for Scientific Linux From: Connie Sieh Subject: ERRATA for SL 40 i386 now available Comments: To: scientific , This email address is being protected from spambots. You need JavaScript enabled to view it., This email address is being protected from spambots. You need JavaScript enabled to view it. The following ERRATA for SL 40 i386 are now available from: Synopsis: Low: dbus security update. Advisory ID: RHSA-2005:102-01 CVE Names: CAN-2005-0201 dbus-0.22-12.EL.2.i386.rpm dbus-devel-0.22-12.EL.2.i386.rpm dbus-glib-0.22-12.EL.2.i386.rpm dbus-python-0.22-12.EL.2.i386.rpm dbus-x11-0.22-12.EL.2.i386.rpm Synopsis: Moderate: gedit security update Advisory ID: RHSA-2005:499-01 CVE Names: CAN-2005-1686 gedit-2.8.1-4.i386.rpm gedit-devel-2.8.1-4.i386.rpm Synopsis: Moderate: gftp security update Advisory ID: RHSA-2005:410-01 CVE Names: CAN-2005-0372 gftp-2.0.17-5.i386.rpm Synopsis: Low: gzip security update Advisory ID: RHSA-2005:357-01 CVE Names: CAN-2005-0758 CAN-2005-0988 CAN-2005-1228 gzip-1.3.3-15.rhel4.i386.rpm Synopsis: Updated kernel packages for SL Linux 4.0 Advisory ID: RHSA-2005:420-01 CVE Names: CAN-2005-0136 CAN-2005-1264 kernel-2.6.9-11.EL.i686.rpm kernel-devel-2.6.9-11.EL.i686.rpm kernel-doc-2.6.9-11.EL.noarch.rpm kernel-hugemem-2.6.9-11.EL.i686.rpm kernel-hugemem-devel-2.6.9-11.EL.i686.rpm kernel-smp-2.6.9-11.EL.i686.rpm kernel-smp-devel-2.6.9-11.EL.i686.rpm kernel-module-openafs-2.6.9-11.EL-1.3.82-3.SL.i686.rpm kernel-module-openafs-2.6.9-11.ELsmp-1.3.82-3.SL.i686.rpm kernel-module-openafs-2.6.9-5.0.3.EL-1.3.82-3.SL.i686.rpm kernel-module-openafs-2.6.9-5.0.3.ELsmp-1.3.82-3.SL.i686.rpm kernel-module-openafs-2.6.9-5.0.5.EL-1.3.82-3.SL.i686.rpm kernel-module-openafs-2.6.9-5.0.5.ELsmp-1.3.82-3.SL.i686.rpm Since it was so broken (creating it's own "denial of service") it has been updated. Had to make new kernel-module-openafs anyway for new kernel. openafs-1.3.82-3.SL.i386.rpm openafs-client-1.3.82-3.SL.i386.rpm openafs-compat-1.3.82-3.SL.i386.rpm openafs-debug-1.3.82-3.SL.i386.rpm openafs-devel-1.3.82-3.SL.i386.rpm openafs-kernel-source-1.3.82-3.SL.i386.rpm openafs-kpasswd-1.3.82-3.SL.i386.rpm openafs-krb5-1.3.82-3.SL.i386.rpm openafs-server-1.3.82-3.SL.i386.rpm Synopsis: Low: mikmod security update Advisory ID: RHSA-2005:506-01 CVE Names: CAN-2003-0427 mikmod-3.1.6-32.EL4.i386.rpm mikmod-devel-3.1.6-32.EL4.i386.rpm Synopsis: Low: rsh security update Advisory ID: RHSA-2005:165-01 CVE Names: CAN-2004-0175 rsh-0.17-25.3.i386.rpm rsh-server-0.17-25.3.i386.rpm Synopsis: Moderate: sysreport security update Advisory ID: RHSA-2005:502-01 CVE Names: CAN-2005-1760 sysreport-1.3.15-2.noarch.rpm Synopsis: Low: tcpdump security update Advisory ID: RHSA-2005:505-01 CVE Names: CAN-2005-1267 tcpdump-3.8.2-10.RHEL4.i386.rpm arpwatch-2.1a13-10.RHEL4.i386.rpm libpcap-0.8.3-10.RHEL4.i386.rpm Synopsis: Moderate: xorg-x11 security update Advisory ID: RHSA-2005:198-01 CVE Names: CAN-2005-0605 xorg-x11-6.8.2-1.EL.13.6.i386.rpm xorg-x11-deprecated-libs-6.8.2-1.EL.13.6.i386.rpm xorg-x11-deprecated-libs-devel-6.8.2-1.EL.13.6.i386.rpm xorg-x11-devel-6.8.2-1.EL.13.6.i386.rpm xorg-x11-doc-6.8.2-1.EL.13.6.i386.rpm xorg-x11-font-utils-6.8.2-1.EL.13.6.i386.rpm xorg-x11-libs-6.8.2-1.EL.13.6.i386.rpm xorg-x11-Mesa-libGL-6.8.2-1.EL.13.6.i386.rpm xorg-x11-Mesa-libGLU-6.8.2-1.EL.13.6.i386.rpm xorg-x11-sdk-6.8.2-1.EL.13.6.i386.rpm xorg-x11-tools-6.8.2-1.EL.13.6.i386.rpm xorg-x11-twm-6.8.2-1.EL.13.6.i386.rpm xorg-x11-xauth-6.8.2-1.EL.13.6.i386.rpm xorg-x11-xdm-6.8.2-1.EL.13.6.i386.rpm xorg-x11-Xdmx-6.8.2-1.EL.13.6.i386.rpm xorg-x11-xfs-6.8.2-1.EL.13.6.i386.rpm xorg-x11-Xnest-6.8.2-1.EL.13.6.i386.rpm xorg-x11-Xvfb-6.8.2-1.EL.13.6.i386.rpm fonts-xorg-100dpi-6.8.1.1-1.EL.1.noarch.rpm fonts-xorg-75dpi-6.8.1.1-1.EL.1.noarch.rpm fonts-xorg-base-6.8.1.1-1.EL.1.noarch.rpm fonts-xorg-cyrillic-6.8.1.1-1.EL.1.noarch.rpm fonts-xorg-ISO8859-14-100dpi-6.8.1.1-1.EL.1.noarch.rpm fonts-xorg-ISO8859-14-75dpi-6.8.1.1-1.EL.1.noarch.rpm fonts-xorg-ISO8859-15-100dpi-6.8.1.1-1.EL.1.noarch.rpm fonts-xorg-ISO8859-15-75dpi-6.8.1.1-1.EL.1.noarch.rpm fonts-xorg-ISO8859-2-100dpi-6.8.1.1-1.EL.1.noarch.rpm fonts-xorg-ISO8859-2-75dpi-6.8.1.1-1.EL.1.noarch.rpm fonts-xorg-ISO8859-9-100dpi-6.8.1.1-1.EL.1.noarch.rpm fonts-xorg-ISO8859-9-75dpi-6.8.1.1-1.EL.1.noarch.rpm fonts-xorg-syriac-6.8.1.1-1.EL.1.noarch.rpm fonts-xorg-truetype-6.8.1.1-1.EL.1.noarch.rpm -Connie Sieh -Troy Dawson . Recent adjustments have been made to tackle various security vulnerabilities in Scientific Linux 40 i386, specifically concerning xorg-x11 and dbus, along with several other components.. Scientific Linux, xorg-x11 update, dbus security, security advisories. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jun 13, 2005 Important Scientific Linux
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorymoderatesecurity update

Red Hat: RHSA-2005:410-01 Moderate: gftp Directory Traversal Issue

An updated gFTP package that fixes a directory traversal issue is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team.. - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: gftp security update Advisory ID: RHSA-2005:410-01 Advisory URL: https://access.redhat.com/errata/RHSA-2005:410.html Issue date: 2005-06-13 Updated on: 2005-06-13 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-0372 - ---------------------------------------------------------------------1. Summary: An updated gFTP package that fixes a directory traversal issue is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: gFTP is a multi-threaded FTP client for the X Window System. A directory traversal bug was found in gFTP. If a user can be tricked into downloading a file from a malicious ftp server, it is possible to overwrite arbitrary files owned by the victim. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0372 to this issue. Users ofgftp should upgrade to this updated package, which contains a backported fix for this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/10/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 149109 - CAN-2005-0372 directory traversal issue in gftp 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: 9ad04edd854e04b291b8ad13cdbb1329 gftp-2.0.8-5.src.rpm i386: 43668a3d9304b5bd3e1c10089e0d1aad gftp-2.0.8-5.i386.rpm ia64: f6d35d6320d0c829994dfbfd2059acd8 gftp-2.0.8-5.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: 9ad04edd854e04b291b8ad13cdbb1329 gftp-2.0.8-5.src.rpm ia64: f6d35d6320d0c829994dfbfd2059acd8 gftp-2.0.8-5.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: 9ad04edd854e04b291b8ad13cdbb1329 gftp-2.0.8-5.src.rpm i386: 43668a3d9304b5bd3e1c10089e0d1aad gftp-2.0.8-5.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: 9ad04edd854e04b291b8ad13cdbb1329 gftp-2.0.8-5.src.rpm i386: 43668a3d9304b5bd3e1c10089e0d1aad gftp-2.0.8-5.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: b1f1c96f874c88ca7876bd4b89ea84d8 gftp-2.0.14-4.src.rpm i386: d70901a39c11289a7062f74bbddbbf47 gftp-2.0.14-4.i386.rpm ia64: 25b3c26a26f2ff5f7da7398c76cf1a62 gftp-2.0.14-4.ia64.rpm ppc: e8bd14e811c5f61980523908488f517f gftp-2.0.14-4.ppc.rpm s390: 0c41a94c255a367ca689550da2fc3f61 gftp-2.0.14-4.s390.rpm s390x: 8d5cd4377701caf95823a616cdaccb01 gftp-2.0.14-4.s390x.rpm x86_64: 4f4d275023718ad3999cd454f55ab3ca gftp-2.0.14-4.x86_64.rpm Red Hat Desktop version 3: SRPMS: b1f1c96f874c88ca7876bd4b89ea84d8 gftp-2.0.14-4.src.rpm i386: d70901a39c11289a7062f74bbddbbf47 gftp-2.0.14-4.i386.rpm x86_64: 4f4d275023718ad3999cd454f55ab3ca gftp-2.0.14-4.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: b1f1c96f874c88ca7876bd4b89ea84d8 gftp-2.0.14-4.src.rpm i386: d70901a39c11289a7062f74bbddbbf47 gftp-2.0.14-4.i386.rpm ia64: 25b3c26a26f2ff5f7da7398c76cf1a62 gftp-2.0.14-4.ia64.rpm x86_64: 4f4d275023718ad3999cd454f55ab3ca gftp-2.0.14-4.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: b1f1c96f874c88ca7876bd4b89ea84d8 gftp-2.0.14-4.src.rpm i386: d70901a39c11289a7062f74bbddbbf47 gftp-2.0.14-4.i386.rpm ia64: 25b3c26a26f2ff5f7da7398c76cf1a62 gftp-2.0.14-4.ia64.rpm x86_64: 4f4d275023718ad3999cd454f55ab3ca gftp-2.0.14-4.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: 33d5e9f32fd24288b45d621e02daa0f5 gftp-2.0.17-5.src.rpm i386: 9e9c8b22418ac80d805a43e0d6530fc6 gftp-2.0.17-5.i386.rpm ia64: 60fbcc6fd5db5d4b468c680d89b52cf3 gftp-2.0.17-5.ia64.rpm ppc: f406c09280eac463ce88e5126bb06715 gftp-2.0.17-5.ppc.rpm s390: 2c7593bcd854a18c2ee08c15c59c8459 gftp-2.0.17-5.s390.rpm s390x: d8956d0266bad37b28a7cba9a1ef636f gftp-2.0.17-5.s390x.rpm x86_64: 4718135258fd4a5334f6de3516972ae6 gftp-2.0.17-5.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: 33d5e9f32fd24288b45d621e02daa0f5 gftp-2.0.17-5.src.rpm i386: 9e9c8b22418ac80d805a43e0d6530fc6 gftp-2.0.17-5.i386.rpm x86_64: 4718135258fd4a5334f6de3516972ae6 gftp-2.0.17-5.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: 33d5e9f32fd24288b45d621e02daa0f5 gftp-2.0.17-5.src.rpm i386: 9e9c8b22418ac80d805a43e0d6530fc6 gftp-2.0.17-5.i386.rpm ia64: 60fbcc6fd5db5d4b468c680d89b52cf3 gftp-2.0.17-5.ia64.rpm x86_64: 4718135258fd4a5334f6de3516972ae6 gftp-2.0.17-5.x86_64.rpm Red Hat Enterprise Linux WS version4: SRPMS: 33d5e9f32fd24288b45d621e02daa0f5 gftp-2.0.17-5.src.rpm i386: 9e9c8b22418ac80d805a43e0d6530fc6 gftp-2.0.17-5.i386.rpm ia64: 60fbcc6fd5db5d4b468c680d89b52cf3 gftp-2.0.17-5.ia64.rpm x86_64: 4718135258fd4a5334f6de3516972ae6 gftp-2.0.17-5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://www.cve.org/CVERecord?id=CVE-CAN-2005-0372 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. . Details on the Red Hat Security Advisory addressing the gftp directory traversal issue with a moderate security rating.. gftp Update, Security Advisory, FTP Client Security. . Severity: Medium. LinuxSecurity.com Team

Calendar 2 Jun 13, 2005 Medium Red Hat
Banner 3 1028x280 1708121785 1771599793
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorysoftware upgradeFedora Core

Fedora Core 2: FEDORA-2005-320 Important gftp FTP Client Enhancement

Updated package. ---------------------------------------------------------------------Fedora Update Notification FEDORA-2005-310 2005-04-07 ---------------------------------------------------------------------Product : Fedora Core 2 Name : gftp Version : 2.0.18 Release : 0.FC2 Summary : A multi-threaded FTP client for the X Window System. Description : gFTP is a multi-threaded FTP client for the X Window System. gFTP supports simultaneous downloads, resumption of interrupted file transfers, file transfer queues to allow downloading of multiple files, support for downloading entire directories/subdirectories, a bookmarks menu to allow quick connection to FTP sites, caching of remote directory listings, local and remote chmod, drag and drop, a connection manager and much more. Install gftp if you need a graphical FTP client. ---------------------------------------------------------------------* Fri Feb 18 2005 Warren Togami 2.0.18-0.FC2 - FC2 (including CAN-2005-0372) * Thu Feb 10 2005 Warren Togami 2.0.18-1 - 2.0.18 * Tue Jun 15 2004 Elliot Lee - rebuilt ---------------------------------------------------------------------This update can be downloaded from: 881c3a931eae3bb43d3fbf6c0ebe95bd SRPMS/gftp-2.0.18-0.FC2.src.rpm c4488c9382efaa1556f0f4111998a20a x86_64/gftp-2.0.18-0.FC2.x86_64.rpm 8765bb914df075dbfd4fd7bd7b935274 x86_64/debug/gftp-debuginfo-2.0.18-0.FC2.x86_64.rpm c9f0c27d1fa4b6756aba1941cd9c0137 i386/gftp-2.0.18-0.FC2.i386.rpm 60e604a70fc5b0bb80f730c7edf333d5 i386/debug/gftp-debuginfo-2.0.18-0.FC2.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- --fedora-announce-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Delve into the Fedora Core 2 revision concerning gftp, the parallelized FTP client designed for efficient file transfers and enhancements.. FedoraCore 2,gFTP Client,Software Update. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Apr 07, 2005 Important Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedora Corecritical update

Fedora Core 3 gftp-2.0.18 Critical Update: FTP Client Security Improvement

Updated package. ---------------------------------------------------------------------Fedora Update Notification FEDORA-2005-309 2005-04-07 ---------------------------------------------------------------------Product : Fedora Core 3 Name : gftp Version : 2.0.18 Release : 0.FC3 Summary : A multi-threaded FTP client for the X Window System. Description : gFTP is a multi-threaded FTP client for the X Window System. gFTP supports simultaneous downloads, resumption of interrupted file transfers, file transfer queues to allow downloading of multiple files, support for downloading entire directories/subdirectories, a bookmarks menu to allow quick connection to FTP sites, caching of remote directory listings, local and remote chmod, drag and drop, a connection manager and much more. Install gftp if you need a graphical FTP client. ---------------------------------------------------------------------* Fri Feb 18 2005 Warren Togami 2.0.18-0.FC3 - FC3 (including CAN-2005-0372) * Thu Feb 10 2005 Warren Togami 2.0.18-1 - 2.0.18 ---------------------------------------------------------------------This update can be downloaded from: ed8d34aa5c34d6478cc4bb054d460dbe SRPMS/gftp-2.0.18-0.FC3.src.rpm 83f29722b6d6597f37bab3355c2e0806 x86_64/gftp-2.0.18-0.FC3.x86_64.rpm 68c4b1f72274e854cc45af49f5a26e41 x86_64/debug/gftp-debuginfo-2.0.18-0.FC3.x86_64.rpm 5062b71fdfd999e301aa83c887965c1d i386/gftp-2.0.18-0.FC3.i386.rpm 5f7839e2c42861bce1d222a7adc34b7d i386/debug/gftp-debuginfo-2.0.18-0.FC3.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- --fedora-announce-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . For the latest update of gftp on Fedora Core 3, a robust multi-threaded FTP client, check the official repository or use the package manager for enhancements and fixes. gftp update,Fedora Core3,FTP client security,FTP client update. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Apr 07, 2005 Critical Fedora
Banner 3 1028x280 1708121785 1771599793
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorysecurity issuegentoo

Gentoo: GLSA-200502-27 Normal: gFTP Directory Traversal Attack

gFTP is vulnerable to directory traversal attacks, possibly leading to the creation or overwriting of arbitrary files.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200502-27 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: gFTP: Directory traversal vulnerability Date: February 19, 2005 Bugs: #81994 ID: 200502-27 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= gFTP is vulnerable to directory traversal attacks, possibly leading to the creation or overwriting of arbitrary files. Background ========= gFTP is a GNOME based, multi-threaded file transfer client. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-ftp/gftp < 2.0.18-r1 > = 2.0.18-r1 Description ========== gFTP lacks input validation of filenames received by remote servers. Impact ===== An attacker could entice a user to connect to a malicious FTP server and conduct a directory traversal attack by making use of specially crafted filenames. This could lead to arbitrary files being created or overwritten. Workaround ========= There is no known workaround at this time. Resolution ========= All gFTP users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =net-ftp/gftp-2.0.18-r1" References ========= [ 1 ] gFTP Announcement [ 2 ] CAN-2005-0372 https://www.cve.org/CVERecord?id=CAN-2005-0372 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200502-27 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org/. License ====== Copyright 2005 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.0/ . gFTP in Gentoo has a security flaw related to directory traversal, which permits malicious users to modify files using specially designed filenames.. gftp directory traversal,gentoo security advisory,file overwrite threat. . LinuxSecurity.com Team

Calendar 2 Feb 19, 2005 Gentoo
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydirectory traversalremote access

Debian: DSA 686-1 Moderate: Gftp Directory Traversal Risk

Updated package.. - --------------------------------------------------------------------------Debian Security Advisory DSA 686-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Martin Schulze February 17th, 2005 http://www.debian.org/security/faq - --------------------------------------------------------------------------Package : gftp Vulnerability : missing input sanitising Problem-Type : remote Debian-specific: no CVE ID : CAN-2005-0372 Albert Puigsech Galicia discovered a directory traversal vulnerability in a proprietary FTP client (CAN-2004-1376) which is also present in gftp, a GTK+ FTP client. A malicious server could provide a specially crafted filename that could cause arbitrary files to be overwritten or created by the client. For the stable distribution (woody) this problem has been fixed in version 2.0.11-1woody1. For the unstable distribution (sid) this problem has been fixed in version 2.0.18-1. We recommend that you upgrade your gftp package. Upgrade Instructions - --------------------wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.0 alias woody - -------------------------------- Source archives: Size/MD5 checksum: 631 980555d208281b3ac35069dd0119f98c Size/MD5 checksum: 2760 15eff6342db5e2f2bee5c262618cf642 Size/MD5 checksum: 896320 3c63b5eed2faffe820bace112be2db8a Alpha architecture: Size/MD5 checksum: 27350 39764c5e34ef08fce49bf59f887a0afa Size/MD5 checksum: 234078359126a5f2d1da940f1b6000c7ab9752 Size/MD5 checksum: 252376 56405294ce7a01e84976c8fc6683f544 Size/MD5 checksum: 86296 8ac8f60d39cf4c3db57dd04df0b11a53 ARM architecture: Size/MD5 checksum: 27360 9fea83142508e1b6c2790016c3395ca0 Size/MD5 checksum: 234120 a4760d5de60e0a4a04be1c8dc75ec264 Size/MD5 checksum: 226588 71fb1b6d6603d5967c6714e7ca33f389 Size/MD5 checksum: 73906 60c748df56cbef3944079654553497ea Intel IA-32 architecture: Size/MD5 checksum: 27312 10aec83a3257a3bc22739e6087bc6ef2 Size/MD5 checksum: 234056 57459c25bd9f96bd6f26e566468856ba Size/MD5 checksum: 219792 98beb285ca804a8fbbed4498a54268ff Size/MD5 checksum: 68360 f8fa329a81404c4d5392c285e50a5505 Intel IA-64 architecture: Size/MD5 checksum: 27348 6f32e2cb005ffe56e2803b860e0e4d74 Size/MD5 checksum: 234044 a2c3ff641d7b2e880456f1a8868b33fe Size/MD5 checksum: 299582 b7c2e1ea7228f461235666d932361551 Size/MD5 checksum: 110640 26995f700b8389fd9aad5b368f5faf7c HP Precision architecture: Size/MD5 checksum: 27358 07b2d426543fd686ad3380e8bcd4805f Size/MD5 checksum: 234094 322189d295ba47c91d2061309fa6a9fa Size/MD5 checksum: 242482 44bb85b863ae217f2575835877041d4a Size/MD5 checksum: 82608 e31d810b73f571088cc837958d7a2796 Motorola 680x0 architecture: Size/MD5 checksum: 27358 faf8af474984da98e9d6f98f0918a261 Size/MD5 checksum: 234106 a8b2e05b710887903feed817016f5f97 Size/MD5 checksum: 210554 7a532d25cb6840e69f97647b08d619c0 Size/MD5 checksum: 64032 983b93b4e2aac1922e97a193220e18d4 Big endian MIPS architecture: Size/MD5 checksum: 27362 103f10d9ae47826ee1957d14d556a46f Size/MD5 checksum: 234114 0667ca7e24f987e6002955093df95537 Size/MD5 checksum: 224722 0bdb6399f56a1cc4819c3ab883a53a68 Size/MD5 checksum: 77184 26288b5af19513a0cf09bd82ca7b9336 Little endian MIPS architecture: Size/MD5 checksum: 27372 43c94486400ca12254c554cb4650fe01 Size/MD5 checksum: 234188 94df73bb1fe62d21a665ee80380db772 Size/MD5 checksum: 224648 210416ce87866bab58f2b2c390f52ece Size/MD5 checksum: 77994 e1803d086deb47d61f2f79b62e22913e PowerPC architecture: Size/MD5 checksum: 27356 6426c00ec3364f72f0ec9481e5e89bb5 Size/MD5 checksum: 234082 35a1396d45c42ee5b34045c23ae34b05 Size/MD5 checksum: 227890 8fb52949c02dc3c8a8bf39c86814da9b Size/MD5 checksum: 73356 8eba2f163e75f0716879c0320442c246 IBM S/390 architecture: Size/MD5 checksum: 27352 6e71f2937c2db84ed950583237308504 Size/MD5 checksum: 234104 85637cf1e6794969be0cc35b6478f95b Size/MD5 checksum: 219246 1f4647d19f593d958c5653e1a6515c2d Size/MD5 checksum: 68090 f0a4483365820c67a7d875b21bc81734 Sun Sparc architecture: Size/MD5 checksum: 27356 f734ad981e036daed46044b6bd12f236 Size/MD5 checksum: 234102 4d9c016c8daefd7b20aefa37a193a6ce Size/MD5 checksum: 226774 e04c114438c2788155e43c6c32eb4683 Size/MD5 checksum: 74910 88a25c71729495ccbebaf4c98eee102d These files will probably be moved into the stable distribution on its next update. - ---------------------------------------------------------------------------------For apt-get: deb https://www.debian.org/security/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Enhance your Debian system's security by updating or installing a patched version of gftp through these straightforward steps without any hassle. Debian gftp update,directory traversal fix,gftp security flaw. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Feb 17, 2005 Important Debian
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here