Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 523
Alerts This Week
Warning Icon 1 523

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 1 articles for you...
197

Debian Jessie: DLA-1777-2 Critical: jquery Regression Issue Resolved

The minified jquery library was broken in version 1.7.2+dfsg-3.2+deb8u6 due to an error during the build. This problem has now been fixed in version 1.7.2+dfsg-3.2+deb8u7 . Package : jquery Version : 1.7.2+dfsg-3.2+deb8u7 Debian Bug : #928827 The minified jquery library was broken in version 1.7.2+dfsg-3.2+deb8u6 due to an error during the build. This problem has now been fixed in version 1.7.2+dfsg-3.2+deb8u7 For Debian 8 "Jessie", this problem has been fixed in version 1.7.2+dfsg-3.2+deb8u7. We recommend that you upgrade your jquery packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Revise jquery module to address the issue introduced in version 1.7.2+dfsg-3.2+deb8u7 stemming from a compilation problem.. jquery Maintenance, Debian Upgrade, Security Fix. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 May 17, 2019 Critical Debian LTS
197

Debian Jessie DLA-1758-1: Major Update for Security Coverage Checker

debian-security-support, the Debian security support coverage checker, has been updated in jessie. The jessie relevant changes are: * Mark spice-xpi as end-of-life for Jessie. . Package : debian-security-support Version : 2019.02.02~deb8u1 debian-security-support, the Debian security support coverage checker, has been updated in jessie. The jessie relevant changes are: * Mark spice-xpi as end-of-life for Jessie. * Add edk2 to security-support-ended.deb8 * Add robocode to security-support-ended.deb8 For Debian 8 "Jessie", this problem has been fixed in version 2019.02.02~deb8u1. We recommend that you upgrade your debian-security-support packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Ubuntu's vulnerability response tool has been refreshed to designate qemu-kvm as obsolete and presents newly approved software options.. Debian Security Support, Debian Updated Packages, Security Coverage Checker. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Apr 20, 2019 Important Debian LTS
87

Debian DSA-3963-1: Mercurial Security Advisory and Fixes

Several issues were discovered in Mercurial, a distributed revision control system. CVE-2017-9462 (fixed in stretch only) . - ------------------------------------------------------------------------- Debian Security Advisory DSA-3963-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Sebastien Delafond September 04, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : mercurial CVE ID : CVE-2017-9462 CVE-2017-1000115 CVE-2017-1000116 Debian Bug : 861243 871709 871710 Several issues were discovered in Mercurial, a distributed revision control system. CVE-2017-9462 (fixed in stretch only) Jonathan Claudius of Mozilla discovered that repositories served over stdio could be tricked into granting authorized users access to the Python debugger. CVE-2017-1000115 Mercurial's symlink auditing was incomplete, and could be abused to write files outside the repository. CVE-2017-1000116 Joern Schneeweisz discovered that Mercurial did not correctly handle maliciously constructed ssh:// URLs. This allowed an attacker to run an arbitrary shell command. For the oldstable distribution (jessie), these problems have been fixed in version 3.1.2-2+deb8u4. For the stable distribution (stretch), these problems have been fixed in version 4.0-1+deb9u1. We recommend that you upgrade your mercurial packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Debian's DSA-3963-1 highlights key Mercurial updates that bolster user safety and shield sensitive data from vulnerabilities. Prompt action is advised for all users.. Debian Security, Mercurial Fixes, Access Control, Symlink Issues, Remote Command Execution. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Sep 04, 2017 Important Debian
87

Debian Jessie DSA-3933-1 Moderate: PJProject Denial Of Service

Two vulnerabilities were found in the PJSIP/PJProject communication library, which may result in denial of service. For the oldstable distribution (jessie), these problems have been fixed . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3933-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff August 10, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : pjproject CVE ID : CVE-2017-9359 CVE-2017-9372 Two vulnerabilities were found in the PJSIP/PJProject communication library, which may result in denial of service. For the oldstable distribution (jessie), these problems have been fixed in version 2.1.0.0.ast20130823-1+deb8u1. For the stable distribution (stretch), these problems had been fixed prior to the initial release. We recommend that you upgrade your pjproject packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Multiple security flaws in the pjproject library were addressed for Debian jessie, targeting denial of service vulnerabilities. It is advisable to upgrade.. pjproject update, Debian advisory, denial of service, security update. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Aug 10, 2017 Important Debian
87

Debian Jessie DSA-3870-1 Critical: Wordpress Remote Attack Risk

Several vulnerabilities were discovered in wordpress, a web blogging tool. They would allow remote attackers to force password resets, and perform various cross-site scripting and cross-site request forgery attacks. . - ------------------------------------------------------------------------- Debian Security Advisory DSA-3870-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Sebastien Delafond June 01, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : wordpress CVE ID : CVE-2017-8295 CVE-2017-9061 CVE-2017-9062 CVE-2017-9063 CVE-2017-9064 CVE-2017-9065 Debian Bug : 862053 862816 Several vulnerabilities were discovered in wordpress, a web blogging tool. They would allow remote attackers to force password resets, and perform various cross-site scripting and cross-site request forgery attacks. For the stable distribution (jessie), these problems have been fixed in version 4.1+dfsg-1+deb8u13. For the upcoming stable (stretch) and unstable (sid) distributions, these problems have been fixed in version 4.7.5+dfsg-1. We recommend that you upgrade your wordpress packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Debian: DSA-3975-2 tackles various vulnerabilities in Joomla, focusing on potential exploits and essential patches.. wordpress security, server vulnerabilities, attack prevention. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jun 01, 2017 Critical Debian
87

Debian Jessie DSA-3817-1 Important: jbig2dec Denial of Service Threat

Multiple security issues have been found in the JBIG2 decoder library, which may lead to lead to denial of service or the execution of arbitrary code if a malformed image file (usually embedded in a PDF document) is opened. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3817-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff March 24, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : jbig2dec CVE ID : CVE-2016-9601 Multiple security issues have been found in the JBIG2 decoder library, which may lead to lead to denial of service or the execution of arbitrary code if a malformed image file (usually embedded in a PDF document) is opened. For the stable distribution (jessie), this problem has been fixed in version 0.13-4~deb8u1. For the upcoming stable distribution (stretch), this problem has been fixed in version 0.13-4. For the unstable distribution (sid), this problem has been fixed in version 0.13-4. We recommend that you upgrade your jbig2dec packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Enhance jbig2dec to address various vulnerabilities that could lead to denial of service and potential code execution threats.. Debian Security,jbig2dec Fix,Security Update,Library Fix. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Mar 24, 2017 Important Debian
87

Debian Jessie DSA-3647-1 Critical: Icedove Memory Safety Threats

Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail client: Multiple memory safety errors may lead to the execution of arbitrary code or denial of service. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3647-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff August 11, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : icedove CVE ID : CVE-2016-2818 Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail client: Multiple memory safety errors may lead to the execution of arbitrary code or denial of service. For the stable distribution (jessie), this problem has been fixed in version 1:45.2.0-1~deb8u1. For the testing distribution (stretch), this problem has been fixed in version 1:45.2.0-2. For the unstable distribution (sid), this problem has been fixed in version 1:45.2.0-2. We recommend that you upgrade your icedove packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Essential patches for Debian's Icedove address memory vulnerabilities that might permit arbitrary code execution and denial-of-service (DOS) incidents.. Debian Icedove Security Update, Memory Safety Threats, Icedove Vulnerability. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Aug 11, 2016 Critical Debian
87

Debian: DSA-3582-1 Urgent: libxyz Vulnerability Exploitation Risk

Julien Bernard discovered that libndp, a library for the IPv6 Neighbor Discovery Protocol, does not properly perform input and origin checks during the reception of a NDP message. An attacker in a non-local network could use this flaw to advertise a node as a router, and cause a . - ------------------------------------------------------------------------- Debian Security Advisory DSA-3581-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Salvatore Bonaccorso May 17, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libndp CVE ID : CVE-2016-3698 Debian Bug : 824545 Julien Bernard discovered that libndp, a library for the IPv6 Neighbor Discovery Protocol, does not properly perform input and origin checks during the reception of a NDP message. An attacker in a non-local network could use this flaw to advertise a node as a router, and cause a denial of service attack, or act as a man-in-the-middle. For the stable distribution (jessie), this problem has been fixed in version 1.4-2+deb8u1. We recommend that you upgrade your libndp packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Debian Security Notice DSA-3581-1 tackles a flaw in libndp that compromises IPv6 Neighbor Discovery, impacting overall network security.. libndp, IPv6, network security, denial of service, Debian. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 May 17, 2016 Critical Debian
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200