Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 1 articles for you...
197
security advisoryupdatecriticalDebian 9: DLA-2566-1 Critical: Libbsd Out-Of-Bounds Read Issue
An issue has been found in libbsd, a library with utility functions from BSD systems. A non-NUL terminated symbol name in the string table might result in an . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2566-1
Feb 18, 2021
•Critical
Debian LTS
202
security advisorymoderateupdateopenSUSE: 2020:0679-1 Moderate: libbsd Out-Of-Bounds Issue
An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for libbsd ______________________________________________________________________________ Announcement ID: openSUSE-SU-2020:0679-1 Rating: moderate References: #1160551 Cross-References: CVE-2019-20367 Affected Products: openSUSE Leap 15.1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for libbsd fixes the following issues: - CVE-2019-20367: Fixed an out-of-bounds read during a comparison for a symbol names from the string table (bsc#1160551). This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.1: zypper in -t patch openSUSE-2020-679=1 Package List: - openSUSE Leap 15.1 (i586 x86_64): libbsd-ctor-static-0.8.7-lp151.3.3.1 libbsd-debugsource-0.8.7-lp151.3.3.1 libbsd-devel-0.8.7-lp151.3.3.1 libbsd0-0.8.7-lp151.3.3.1 libbsd0-debuginfo-0.8.7-lp151.3.3.1 References: https://www.suse.com/security/cve/CVE-2019-20367.html https://bugzilla.suse.com/1160551 -- . A fix for libbsd resolves a critical out-of-bounds read vulnerability. Detailed patching guidelines provided for openSUSE Leap 15.1.. openSUSE, libbsd, security update, out-of-bounds, CVE-2019-20367. . LinuxSecurity.com Team
May 22, 2020
OpenSUSE
100
security advisorymoderateout-of-bounds readSUSE Linux Enterprise 15-SP1: SUSE-SU-2020:1298-1 Moderate Libbsd OOB Read
An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for libbsd ______________________________________________________________________________ Announcement ID: SUSE-SU-2020:1298-1 Rating: moderate References: #1160551 Cross-References: CVE-2019-20367 Affected Products: SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 SUSE Linux Enterprise Module for Basesystem 15-SP1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for libbsd fixes the following issues: - CVE-2019-20367: Fixed an out-of-bounds read during a comparison for a symbol names from the string table (bsc#1160551). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1: zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-SP1-2020-1298=1 - SUSE Linux Enterprise Module for Basesystem 15-SP1: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP1-2020-1298=1 Package List: - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (aarch64 ppc64le s390x x86_64): libbsd-ctor-static-0.8.7-3.3.17 libbsd-debugsource-0.8.7-3.3.17 - SUSE Linux Enterprise Module for Basesystem 15-SP1 (aarch64 ppc64le s390x x86_64): libbsd-debugsource-0.8.7-3.3.17 libbsd-devel-0.8.7-3.3.17 libbsd0-0.8.7-3.3.17 libbsd0-debuginfo-0.8.7-3.3.17 References: https://www.suse.com/security/cve/CVE-2019-20367.html https://bugzilla.suse.com/1160551 _______________________________________________ sle-security-updates mailinglist
May 18, 2020
SuSE
203
security advisorysecurity issueinformation leakMageia: 2020-0061 Moderate: Libbsd Out-Of-Bounds Access Issue
It was discovered that libbsd incorrectly handled certain strings, due to an out-of-bounds read during a comparison for a symbol name from the string table (strtab) in nlist.c. An attacker could possibly use this issue to access sensitive information (CVE-2019-20367). . MGASA-2020-0061 - Updated libbsd packages fix security vulnerability Publication date: 28 Jan 2020 URL: https://advisories.mageia.org/MGASA-2020-0061.html Type: security Affected Mageia releases: 7 CVE: CVE-2019-20367 It was discovered that libbsd incorrectly handled certain strings, due to an out-of-bounds read during a comparison for a symbol name from the string table (strtab) in nlist.c. An attacker could possibly use this issue to access sensitive information (CVE-2019-20367). References: - https://bugs.mageia.org/show_bug.cgi?id=26132 - https://ubuntu.com/security/notices/USN-4243-1 - https://www.cve.org/CVERecord?id=CVE-2019-20367 SRPMS: - 7/core/libbsd-0.9.1-3.1.mga7 . Notice issued regarding Mageia concerning the libbsd 0.9.1 buffer overflow flaw. Update your packages promptly to ensure system safety.. libbsd security, Mageia patch, information exposure, security update, out-of-bounds access. . LinuxSecurity.com Team
Jan 28, 2020
Mageia
172
security advisorycode executionUbuntuUbuntu: 4243-1 Critical: Libbsd Code Execution and Info Disclosure
Several security issues were fixed in libbsd.. =========================================================================Ubuntu Security Notice USN-4243-1 January 20, 2020 libbsd vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 19.04 - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 ESM - Ubuntu 12.04 ESM Summary: Several security issues were fixed in libbsd. Software Description: - libbsd: utility functions from BSD systems - development files Details: It was discovered that libbsd incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 ESM. (CVE-2016-2090) It was discovered that libbsd incorrectly handled certain strings. An attacker could possibly use this issue to access sensitive information. (CVE-2019-20367) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 19.04: libbsd0 0.9.1-2ubuntu0.1 Ubuntu 18.04 LTS: libbsd0 0.8.7-1ubuntu0.1 Ubuntu 16.04 LTS: libbsd0 0.8.2-1ubuntu0.1 Ubuntu 14.04 ESM: libbsd0 0.6.0-2ubuntu1+esm1 Ubuntu 12.04 ESM: libbsd0 0.3.0-2ubuntu0.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-4243-1 CVE-2016-2090, CVE-2019-20367 Package Information: https://launchpad.net/ubuntu/+source/libbsd/0.9.1-2ubuntu0.1 https://launchpad.net/ubuntu/+source/libbsd/0.8.7-1ubuntu0.1 https://launchpad.net/ubuntu/+source/libbsd/0.8.2-1ubuntu0.1 . Combatting libbsd security flaws within the Ubuntu ecosystem; critical patches issued for users.. Ubuntu Libbsd Security, Libbsd Update, Ubuntu Vulnerabilities. . Severity: Critical. LinuxSecurity.com Team
Jan 20, 2020
•Critical
Ubuntu
197
security advisorybuffer overflowsoftware updateDebian 8: DLA-2052-1 Moderate Security Update for libbsd Buffer Overflow
An issues has been found in libbsd, a package containing utility functions from BSD systems. . Package : libbsd Version : 0.7.0-2+deb8u1 CVE ID : CVE-2016-2090 An issues has been found in libbsd, a package containing utility functions from BSD systems. In function fgetwln() an off-by-one error could triggers a heap buffer overflow. For Debian 8 "Jessie", this problem has been fixed in version 0.7.0-2+deb8u1. We recommend that you upgrade your libbsd packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Patch released for libbsd addressing an off-by-one flaw leading to buffer overflow vulnerabilities. Please upgrade to version 0.7.0-2+deb8u1 for resolution.. libbsd buffer overflow, Debian security fix, software update, Linux package vulnerability. . LinuxSecurity.com Team
Dec 30, 2019
Debian LTS
89
security advisorycriticalFedoraFedora 24 Security Advisory 2016-5c3d057783: Critical Libbsd Heap Overflow
Security fix for CVE-2016-2090. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-5c3d057783 2016-12-31 03:55:57.197162 -------------------------------------------------------------------------------- Name : libbsd Product : Fedora 24 Version : 0.8.3 Release : 1.fc24 URL : https://libbsd.freedesktop.org/wiki/ Summary : Library providing BSD-compatible functions for portability Description : libbsd provides useful functions commonly found on BSD systems, and lacking on others like GNU systems, thus making it easier to port projects with strong BSD origins, without needing to embed the same code over and over again on each project. -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2016-2090 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1302622 - CVE-2016-2090 libbsd: heap buffer overflow in fgetwln function https://bugzilla.redhat.com/show_bug.cgi?id=1302622 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade libbsd' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Dec 31, 2016
•Critical
Fedora
89
security advisorybuffer overflowFedoraFedora 26: FEDORA-2017-fd9123cb89 Critical: Libxyz Heap Overflow
Security fix for CVE-2016-2090. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-d3e562bb52 2016-12-31 03:55:58.776437 -------------------------------------------------------------------------------- Name : libbsd Product : Fedora 25 Version : 0.8.3 Release : 1.fc25 URL : https://libbsd.freedesktop.org/wiki/ Summary : Library providing BSD-compatible functions for portability Description : libbsd provides useful functions commonly found on BSD systems, and lacking on others like GNU systems, thus making it easier to port projects with strong BSD origins, without needing to embed the same code over and over again on each project. -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2016-2090 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1302622 - CVE-2016-2090 libbsd: heap buffer overflow in fgetwln function https://bugzilla.redhat.com/show_bug.cgi?id=1302622 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade libbsd' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Dec 31, 2016
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!