Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 523
Alerts This Week
Warning Icon 1 523

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 28 articles for you...
89

Fedora 23: Security Update SALT 2015.5.8 For Insecure File Handling

Update to bugfix release 2015.5.8. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-105b3b8804 2016-01-15 20:06:26.124999 -------------------------------------------------------------------------------- Name : salt Product : Fedora 23 Version : 2015.5.8 Release : 1.fc23 URL : https://saltproject.io Summary : A parallel remote execution system Description : Salt is a distributed remote execution system used to execute commands and query data. It was developed in order to bring the best solutions found in the world of remote execution together and make them better, faster and more malleable. Salt accomplishes this via its ability to handle larger loads of information, and not just dozens, but hundreds or even thousands of individual servers, handle them quickly and through a simple and manageable interface. -------------------------------------------------------------------------------- Update Information: Update to bugfix release 2015.5.8 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1212784 - CVE-2015-1838 salt: insecure /tmp file handling in salt/modules/serverdensity_device.py https://bugzilla.redhat.com/show_bug.cgi?id=1212784 [ 2 ] Bug #1212788 - CVE-2015-1839 salt: insecure /tmp file handling in salt/modules/chef.py https://bugzilla.redhat.com/show_bug.cgi?id=1212788 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update salt' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/admin/lists/package-announce.lists.fedoraproject.org/ . Notification of a recent bugfix update for Salt in Fedora, featuring critical enhancements for security and measures addressing vulnerabilities associated with file management.. Fedora Salt Update Security, Remote Execution System, Bugfix Release. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jan 15, 2016 Important Fedora
89

Fedora 22: FEDORA-2016-20456 Crucial: Trafficserver File Permissions Flaw

https://cwiki.apache.org/confluence/display/TS/What%27s+New+in+v5.3.x. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-10520 2015-06-23 03:02:16 -------------------------------------------------------------------------------- Name : trafficserver Product : Fedora 21 Version : 5.3.0 Release : 1.fc21 URL : https://trafficserver.apache.org/index.html Summary : Fast, scalable and extensible HTTP/1.1 compliant caching proxy server Description : Apache Traffic Server is a fast, scalable and extensible HTTP/1.1 compliant caching proxy server. -------------------------------------------------------------------------------- Update Information: https://cwiki.apache.org/confluence/display/TS/What%27s+New+in+v5.3.x -------------------------------------------------------------------------------- ChangeLog: * Sun Jun 21 2015 Peter Robinson 5.3.0-1 - Update to 5.3.0 LTS release - Build on aarch64 and power64 - Split perl bindings to sub package - Cleanup and modernise spec * Fri Jun 19 2015 Fedora Release Engineering - 5.0.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild * Sat May 2 2015 Kalev Lember - 5.0.1-3 - Rebuilt for GCC 5 C++11 ABI change * Mon Jan 26 2015 Petr Machata - 5.0.1-2 - Rebuild for boost 1.57.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1102559 - Add AArch64 support to trafficserver https://bugzilla.redhat.com/show_bug.cgi?id=1102559 [ 2 ] Bug #1103173 - trafficserver: insecure temporary file usage [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1103173 [ 3 ] Bug #1179204 - trafficserver: incorrect handling of "Max-Forwards" header [fedora-21] https://bugzilla.redhat.com/show_bug.cgi?id=1179204 [ 4 ] Bug #1103174 - trafficserver: insecure temporary file usage [epel-6] https://bugzilla.redhat.com/show_bug.cgi?id=1103174 [ 5 ] Bug #1133387 - CVE-2014-3525trafficserver: unspecified flaw related to health checks fixed in versions 4.2.1.1 and 5.0.1 [epel-6] https://bugzilla.redhat.com/show_bug.cgi?id=1133387 [ 6 ] Bug #1179205 - trafficserver: incorrect handling of "Max-Forwards" header [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1179205 [ 7 ] Bug #994224 - trafficserver must be compiled with -fno-strict-aliasing, but it is not https://bugzilla.redhat.com/show_bug.cgi?id=994224 [ 8 ] Bug #955127 - trafficserver package should be built with PIE flags https://bugzilla.redhat.com/show_bug.cgi?id=955127 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update trafficserver' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/admin/lists/package-announce.lists.fedoraproject.org/ . Details of the trafficserver security update for Fedora reveals file permissions flaw essential for patching.. trafficserver update,Fedora security,apache trafficserver,HTTP caching,software update. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jul 03, 2015 Critical Fedora
98

Red Hat OpenStack 3 RHSA-2013:1526-01 Moderate Threat: Nagios Security

Updated nagios packages that fix two security issues are now available for Red Hat OpenStack 3.0. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: nagios security update Advisory ID: RHSA-2013:1526-01 Product: Red Hat OpenStack Advisory URL: https://access.redhat.com/errata/RHSA-2013:1526.html Issue date: 2013-11-18 CVE Names: CVE-2013-2029 CVE-2013-4214 ==================================================================== 1. Summary: Updated nagios packages that fix two security issues are now available for Red Hat OpenStack 3.0. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: OpenStack 3 - x86_64 3. Description: Nagios is a program that can monitor hosts and services on your network. It can send email or page alerts when problems arise and when problems are resolved. Multiple insecure temporary file creation flaws were found in Nagios. A local attacker could use these flaws to cause arbitrary files to be overwritten as the root user via a symbolic link attack. (CVE-2013-2029, CVE-2013-4214) These issues were discovered by Grant Murphy of the Red Hat Product Security Team. All users of Nagios are advised to upgrade to these updated packages, which contain backported patches to correct these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to applythis update are available at https://access.redhat.com/site/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 958002 - CVE-2013-4214 Nagios core: html/rss-newsfeed.php insecure temporary file usage 958015 - CVE-2013-2029 Nagios core: Insecure temporary file usage in nagios.upgrade_to_v3.sh 6. Package List: OpenStack 3: Source: x86_64: nagios-3.5.1-2.el6ost.x86_64.rpm nagios-common-3.5.1-2.el6ost.x86_64.rpm nagios-debuginfo-3.5.1-2.el6ost.x86_64.rpm nagios-devel-3.5.1-2.el6ost.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://access.redhat.com/security/cve/CVE-2013-2029 https://access.redhat.com/security/cve/CVE-2013-4214 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFSimqoXlSAg2UNWIIRAhCNAJ0QdH76LO0n6AYxlgcviwSfjpHNlACbBnMi mpULJVQPP3dZZcXvhYu2DnE=SViK -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Recent updates for Nagios on Red Hat OpenStack address two noteworthy security vulnerabilities, according to advisory RHSA-2013-1526-01.. Red Hat OpenStack,Nagios Security,Security Update,Insecure Files. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Nov 18, 2013 Important Red Hat
89

Fedora 9 xastir Security Advisory: Critical Insecure File Issue

Multiple insecure temporary file usage flaws were identified in the get-maptools.sh and get_shapelib.sh scripts shipped in xastir packages. As those scripts are not needed with Fedora-distributed xastir packages (they automate installation of libraries used by xastir, which are provided in the Fedora archive in the pre-packaged RPM format), they were removed.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2008-7541 2008-09-05 10:50:44 --------------------------------------------------------------------------------Name : xastir Product : Fedora 9 Version : 1.9.2 Release : 9.fc9 URL : Summary : Amateur Station Tracking and Reporting system for amateur radio Description : Xastir is a graphical application that interfaces HAM radio and internet access to realtime mapping software. Install XASTIR if you are interested in APRS(tm) and HAM radio software. --------------------------------------------------------------------------------Update Information: Multiple insecure temporary file usage flaws were identified in the get-maptools.sh and get_shapelib.sh scripts shipped in xastir packages. As those scripts are not needed with Fedora-distributed xastir packages (they automate installation of libraries used by xastir, which are provided in the Fedora archive in the pre-packaged RPM format), they were removed. --------------------------------------------------------------------------------ChangeLog: * Thu Aug 28 2008 Lucian Langa - 1.9.2-9 - drop uneeded and potential risky files (bug #460429) * Thu Aug 28 2008 Lucian Langa - 1.9.2-8 - fix insecure auxiliary /tmp file usage bug #460429 * Tue Jul 8 2008 Lucian Langa - 1.9.2-7 - Rebuild against newer db4 headers/libs * Fri Jun 6 2008 Lucian Langa - 1.9.2-6 - Rebuild against gpsman, festival, Berkley DB, gdal * Sun May 18 2008 Lucian Langa - 1.9.2-5 - Patch for newer wgetsupport --------------------------------------------------------------------------------References: [ 1 ] Bug #460429 - xastir: Insecure auxiliary /tmp file usage (symlink attack possible) https://bugzilla.redhat.com/show_bug.cgi?id=460429 --------------------------------------------------------------------------------This update can be installed with the "yum" update program. Use su -c ''yum update xastir'' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ Fedora-package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Several vulnerabilities involving insecure file handling discovered in xastir scripts for Fedora 9; users are advised to apply updates.. Fedora Update,xastir patch,insecure files,HAM radio,system security. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Sep 10, 2008 Critical Fedora
87

Debian 4.0 DSA-1577-1 Critical: GForge Insecure Temporary Files

Stephen Gran and Mark Hymers discovered that some scripts run by GForge, a collaborative development tool, open files in write mode in a potentially insecure manner. This may be exploited to overwrite arbitary files on the local system. . - ------------------------------------------------------------------------Debian Security Advisory DSA-1577-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Thijs Kinkhorst May 14, 2008 http://www.debian.org/security/faq - ------------------------------------------------------------------------Package : gforge Vulnerability : insecure temporary files Problem type : local Debian-specific: no CVE Id(s) : CVE-2008-0167 Stephen Gran and Mark Hymers discovered that some scripts run by GForge, a collaborative development tool, open files in write mode in a potentially insecure manner. This may be exploited to overwrite arbitary files on the local system. For the stable distribution (etch), this problem has been fixed in version 4.5.14-22etch8. For the unstable distribution (sid), this problem will be fixed soon. We recommend that you upgrade your gforge package. Upgrade instructions - --------------------wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - -------------------------------Source archives: Size/MD5 checksum: 950 b920bc8243418bf618256638369bc4cd Size/MD5 checksum: 2161141 e85f82eff84ee073f80a2a52dd32c8a5 Size/MD5 checksum: 198227 d2fa0c2fcd092cca4b06fa58c852bacc Architecture independent packages: Size/MD5checksum: 88632 653a57ad16301d4c56dd6258c7899bf3 Size/MD5 checksum: 704846 40d23715b91b68be2818f3cd40fcd69f Size/MD5 checksum: 76104 b9536b17b890cb1e9c01774799a2b7a7 Size/MD5 checksum: 80300 14cb35a87fcd66ec653f2f195f1257ba Size/MD5 checksum: 88530 949dba8de49b5294a6c1607c0e0867a9 Size/MD5 checksum: 86364 e5b31d0d6241fc49af69fa18a43ca5cb Size/MD5 checksum: 87170 4c43a30b39c833c6459bebf65efa3ffd Size/MD5 checksum: 1010898 6834ceb2ad8bec97dec9885f5d67a142 Size/MD5 checksum: 212528 aa2271a99ae166fda40c1dac6e866548 Size/MD5 checksum: 86070 5dc7c68b4c4d9a42809836405b85a240 Size/MD5 checksum: 89146 ca4c0ca3f759fac3419e9523ec7772a2 Size/MD5 checksum: 82106 706a78d1a7d86304890844b61988b580 Size/MD5 checksum: 95576 a2bba36bc643f1adf1950574fa38ff1d Size/MD5 checksum: 103780 666082ac03c7edecc48fce7072890654 These files will probably be moved into the stable distribution on its next update. - ---------------------------------------------------------------------------------For apt-get: deb https://www.debian.org/security/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Debian's DSA-1628-1 tackles vulnerabilities in gnome-shell to mitigate potential security breaches.. Debian Security Advisory,gforge exploit,insecure file handling,local attacks. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 May 14, 2008 Critical Debian
87

Debian 4.0 DSA-1531-2 Critical: Policyd-Weight Local Exploit

The previous update for policyd-weight was unfortunately not complete. Updated packages have been released that fully address the vulnerability. For reference the original advisory follows.. - ------------------------------------------------------------------------Debian Security Advisory DSA-1531-2 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Thijs Kinkhorst March 29, 2008 http://www.debian.org/security/faq - ------------------------------------------------------------------------Package : policyd-weight Vulnerability : insecurity temporary files Problem type : local Debian-specific: no The previous update for policyd-weight was unfortunately not complete. Updated packages have been released that fully address the vulnerability. For reference the original advisory follows. Chris Howells discovered that policyd-weight, a policy daemon for the Postfix mail transport agent, created its socket in an insecure way, which may be exploited to overwrite or remove arbitary files from the local system. For the stable distribution (etch), this problem has been fixed in version 0.1.14-beta-6etch2. The old stable distribution (sarge) does not contain a policyd-weight package. For the unstable distribution (sid), this problem will be fixed soon. We recommend that you upgrade your policyd-weight package. Upgrade instructions - --------------------wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - -------------------------------Source archives: Size/MD5 checksum: 45179fb4829a57c8b805fe981ee949a145042 Size/MD5 checksum: 900 9cf74d97e96eb0b118a5ad39fdd2226f Size/MD5 checksum: 5382 1e4c07095291f50fce52aa8318f15a69 Architecture independent packages: Size/MD5 checksum: 43892 89fe76668f99f9771c99a3d6559ee7c6 These files will probably be moved into the stable distribution on its next update. - ---------------------------------------------------------------------------------For apt-get: deb https://www.debian.org/security/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Ubuntu advisory USN-4492-1 addresses vulnerability in libxml2. It is advised to perform an upgrade.. Debian Security, Policyd Weight, Local Exploit, Security Patch. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Mar 29, 2008 Critical Debian
91

Gentoo: GLSA-200803-11 Normal: Vobcopy Insecure Temp File Attack

Vobcopy uses temporary files in an insecure manner, allowing for a symlink attack.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200803-11 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Vobcopy: Insecure temporary file creation Date: March 05, 2008 Bugs: #197578 ID: 200803-11 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Vobcopy uses temporary files in an insecure manner, allowing for a symlink attack. Background ========= Vobcopy is a tool for decrypting and copying DVD .vob files to a hard disk. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 media-video/vobcopy < 1.1.0 > = 1.1.0 Description ========== Joey Hess reported that vobcopy appends data to the file "/tmp/vobcopy.bla" in an insecure manner. Impact ===== A local attacker could exploit this vulnerability to conduct symlink attacks and append data to arbitrary files with the privileges of the user running Vobcopy. Workaround ========= There is no known workaround at this time. Resolution ========= All Vobcopy users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =media-video/vobcopy-1.1.0" References ========= [ 1 ] CVE-2007-5718 https://www.cve.org/CVERecord?id=CVE-2007-5718 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200803-11 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org/. License ====== Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - iD8DBQFHzyOzuhJ+ozIKI5gRAsIRAJ96E0AKomLaheEMTTVpXv/sOxU77QCeORsz STMU3XJAKjrHur+Tihd5ZFU=gtMw -----END PGP SIGNATURE----- . Gentoo GLSA 202304-17 notice regarding Vobcopy's inadequate temporary file management exhibiting possible symlink vulnerabilities.. Vobcopy,Gentoo Linux,Security Advisory,Symlink Attack,Insecure Temp Files. . LinuxSecurity.com Team

Calendar%202 Mar 05, 2008 Gentoo
87

Debian: DSA-1430-1 Critical: glibc Memory Corruption Vulnerability

Steve Kemp from the Debian Security Audit project discovered that gfax, a GHOME frontend for fax programs, uses temporary files in an unsafe manner which may be exploited to execute arbitary commands with the privileges of the root user.. - ------------------------------------------------------------------------Debian Security Advisory DSA-1329-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Steve Kemp July 05, 2007 - ------------------------------------------------------------------------Package : gfax Vulnerability : insecure temporary files Problem type : local Debian-specific: no CVE Id(s) : CVE-2007-2839 Debian Bug : 431893 Steve Kemp from the Debian Security Audit project discovered that gfax, a GHOME frontend for fax programs, uses temporary files in an unsafe manner which may be exploited to execute arbitary commands with the privileges of the root user. For the old stable distribution (sarge) this problem has been fixed in version 0.4.2-11sarge1. The stable distribution (etch) is not affected by this problem. The unstable distribution (sid) is not affected by this problem. We recommend that you upgrade your gfax package. Upgrade instructions - --------------------wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.1 alias sarge - --------------------------------Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390 and sparc. Source archives: Size/MD5 checksum: 396636 815523780287a97133e85585f0319a20 Size/MD5 checksum: 149467393373a40448daf52e4b64ff1d4f6a7 Size/MD5 checksum: 632 ed841ab6349ff80527cb49fb1fc6595f alpha architecture (DEC Alpha) Size/MD5 checksum: 125376 57c5e15d94699b99fabbf4f692df667e amd64 architecture (AMD x86_64 (AMD64)) Size/MD5 checksum: 123102 9926dfcd4d62b4407f58f34e31a069c3 arm architecture (ARM) Size/MD5 checksum: 118812 57168963066d0f0473ea9e34f8d208ef i386 architecture (Intel ia32) Size/MD5 checksum: 122306 1e13b2d599ca2e0a2a63bda455ab13ab ia64 architecture (Intel ia64) Size/MD5 checksum: 133284 c87980b9a8895817fce94c40b20f52f7 m68k architecture (Motorola Mc680x0) Size/MD5 checksum: 117290 8f7352fcec87f588168777690c081f99 s390 architecture (IBM S/390) Size/MD5 checksum: 122588 e23038de978cf94e5d1a710a406797f6 sparc architecture (Sun SPARC/UltraSPARC) Size/MD5 checksum: 118830 2ed8af350418bdfaebea02e318c1e0f3 These files will probably be moved into the stable distribution on its next update. - ---------------------------------------------------------------------------------For apt-get: deb https://www.debian.org/security/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Debian Security Advisory DSA-1329-1 http://www.debian.org/security/ Steve Kemp July 05, 2007 Package. steve, debian, security, audit, project, ghome, frontend. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jul 05, 2007 Critical Debian
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200