Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Can sandbox isolation stop malware?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/154-can-sandbox-isolation-stop-malware?task=poll.vote&format=json
154
radio
0
[{"id":497,"title":"Breaches happen despite container barriers.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":498,"title":"Supply chain flaws exploit trust.","votes":2,"type":"x","order":2,"pct":100,"resources":[]},{"id":499,"title":"Flawed configurations expose vital files.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
172

Ubuntu 16.04 LTS: USN-4506-1 Critical: MCabber Message Interception

MCabber could be made to modify the roster and intercept messages if it received specially crafted XMPP packets.. =========================================================================Ubuntu Security Notice USN-4506-1 September 16, 2020 mcabber vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS Summary: MCabber could be made to modify the roster and intercept messages if it received specially crafted XMPP packets. Software Description: - mcabber: small Jabber (XMPP) console client Details: It was discovered that MCabber does not properly manage roster pushes. An attacker could possibly use this issue to remotely perform man-in-the-middle attacks. (CVE-2016-9928). Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: mcabber 0.10.2-1+deb8u1build0.16.04.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-4506-1 CVE-2016-9928 Package Information: https://launchpad.net/ubuntu/+source/mcabber/0.10.2-1+deb8u1build0.16.04.1 . A security flaw in MCabber permits unauthorized alterations and interception of messages on Ubuntu 16.04. Guidance for updates is included.. mcabber vulnerability, Ubuntu security notice, XMPP packet issue. . LinuxSecurity.com Team

Calendar%202 Sep 16, 2020 Ubuntu
89

Fedora 23: FEDORA-2016-c82e5c322c moderate: Gajim Message Interception

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-c82e5c322c 2016-01-14 05:19:12.843438 -------------------------------------------------------------------------------- Name : gajim Product : Fedora 23 Version : 0.16.5 Release : 1.fc23 URL : https://gajim.org/ Summary : Jabber client written in PyGTK Description : Gajim is a Jabber client written in PyGTK. The goal of Gajim's developers is to provide a full featured and easy to use xmpp client for the GTK+ users. Gajim does not require GNOME to run, even though it exists with it nicely. -------------------------------------------------------------------------------- Update Information: Version 0.16.5 of Gajim has been released. What's new since 0.16.4: * Improve Message Archive Management implementation * Improve security on connexion and for roster management (CVE-2015-8688) Full changelog: List of fixed bugs: ;milestone=0.16.5 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1295476 - CVE-2015-8688 gajim: Message interception due to unverified origin of roster push [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1295476 [ 2 ] Bug #1294552 - gajim-0.16.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=1294552 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update gajim' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailinglist This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/admin/lists/package-announce.lists.fedoraproject.org/ . Version 0.16.5 of Gajim has been released. What's new since 0.16.4: * Improve Message Archive Management implementation * Improve security on connexion and for roster management (CVE-2015-8688) Full changelog: List of fixed bugs: ;milestone=0.16.5. Gajim 0.16.5 improves protection for contact handling and message storage capabilities in this Fedora release.. Gajim Security, Fedora Update, Jabber Client. . LinuxSecurity.com Team

Calendar%202 Jan 14, 2016 Fedora
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Can sandbox isolation stop malware?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/154-can-sandbox-isolation-stop-malware?task=poll.vote&format=json
154
radio
0
[{"id":497,"title":"Breaches happen despite container barriers.","votes":0,"type":"x","order":1,"pct":0,"resources":[]},{"id":498,"title":"Supply chain flaws exploit trust.","votes":2,"type":"x","order":2,"pct":100,"resources":[]},{"id":499,"title":"Flawed configurations expose vital files.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Your message here