Alerts This Week
Warning Icon 1 677
Alerts This Week
Warning Icon 1 677

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -3 articles for you...
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorybuffer overflowimportant

SUSE: 2020:0159-1 Important: tigervnc Buffer Overflow Issues Fixed

An update that solves 5 vulnerabilities and has one errata is now available. . SUSE Security Update: Security update for tigervnc ______________________________________________________________________________ Announcement ID: SUSE-SU-2020:0159-1 Rating: important References: #1159856 #1159858 #1159860 #1160250 #1160251 #1160937 Cross-References: CVE-2019-15691 CVE-2019-15692 CVE-2019-15693 CVE-2019-15694 CVE-2019-15695 Affected Products: SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 7 SUSE Linux Enterprise Server for SAP 12-SP3 SUSE Linux Enterprise Server for SAP 12-SP2 SUSE Linux Enterprise Server 12-SP3-LTSS SUSE Linux Enterprise Server 12-SP3-BCL SUSE Linux Enterprise Server 12-SP2-LTSS SUSE Linux Enterprise Server 12-SP2-BCL SUSE Enterprise Storage 5 HPE Helion Openstack 8 ______________________________________________________________________________ An update that solves 5 vulnerabilities and has one errata is now available. Description: This update for tigervnc fixes the following issues: - CVE-2019-15691: Fixed a use-after-return due to incorrect usage of stack memory in ZRLEDecoder (bsc#1159856). - CVE-2019-15692: Fixed a heap-based buffer overflow in CopyRectDecode (bsc#1160250). - CVE-2019-15693: Fixed a heap-based buffer overflow in TightDecoder::FilterGradient (bsc#1159858). - CVE-2019-15694: Fixed a heap-based buffer overflow, caused by improper error handling in processing MemOutStream (bsc#1160251). - CVE-2019-15695: Fixed a stack-based buffer overflow, which could be triggered from CMsgReader::readSetCursor (bsc#1159860). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installationmethods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud Crowbar 8: zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2020-159=1 - SUSE OpenStack Cloud 8: zypper in -t patch SUSE-OpenStack-Cloud-8-2020-159=1 - SUSE OpenStack Cloud 7: zypper in -t patch SUSE-OpenStack-Cloud-7-2020-159=1 - SUSE Linux Enterprise Server for SAP 12-SP3: zypper in -t patch SUSE-SLE-SAP-12-SP3-2020-159=1 - SUSE Linux Enterprise Server for SAP 12-SP2: zypper in -t patch SUSE-SLE-SAP-12-SP2-2020-159=1 - SUSE Linux Enterprise Server 12-SP3-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2020-159=1 - SUSE Linux Enterprise Server 12-SP3-BCL: zypper in -t patch SUSE-SLE-SERVER-12-SP3-BCL-2020-159=1 - SUSE Linux Enterprise Server 12-SP2-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2020-159=1 - SUSE Linux Enterprise Server 12-SP2-BCL: zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2020-159=1 - SUSE Enterprise Storage 5: zypper in -t patch SUSE-Storage-5-2020-159=1 - HPE Helion Openstack 8: zypper in -t patch HPE-Helion-OpenStack-8-2020-159=1 Package List: - SUSE OpenStack Cloud Crowbar 8 (x86_64): libXvnc1-1.6.0-18.28.1 libXvnc1-debuginfo-1.6.0-18.28.1 tigervnc-1.6.0-18.28.1 tigervnc-debuginfo-1.6.0-18.28.1 tigervnc-debugsource-1.6.0-18.28.1 xorg-x11-Xvnc-1.6.0-18.28.1 xorg-x11-Xvnc-debuginfo-1.6.0-18.28.1 - SUSE OpenStack Cloud 8 (x86_64): libXvnc1-1.6.0-18.28.1 libXvnc1-debuginfo-1.6.0-18.28.1 tigervnc-1.6.0-18.28.1 tigervnc-debuginfo-1.6.0-18.28.1 tigervnc-debugsource-1.6.0-18.28.1 xorg-x11-Xvnc-1.6.0-18.28.1 xorg-x11-Xvnc-debuginfo-1.6.0-18.28.1 - SUSE OpenStack Cloud 7 (s390x x86_64): libXvnc1-1.6.0-18.28.1 libXvnc1-debuginfo-1.6.0-18.28.1 tigervnc-1.6.0-18.28.1 tigervnc-debuginfo-1.6.0-18.28.1 tigervnc-debugsource-1.6.0-18.28.1 xorg-x11-Xvnc-1.6.0-18.28.1 xorg-x11-Xvnc-debuginfo-1.6.0-18.28.1 - SUSE Linux Enterprise Server for SAP 12-SP3 (ppc64le x86_64): libXvnc1-1.6.0-18.28.1 libXvnc1-debuginfo-1.6.0-18.28.1 tigervnc-1.6.0-18.28.1 tigervnc-debuginfo-1.6.0-18.28.1 tigervnc-debugsource-1.6.0-18.28.1 xorg-x11-Xvnc-1.6.0-18.28.1 xorg-x11-Xvnc-debuginfo-1.6.0-18.28.1 - SUSE Linux Enterprise Server for SAP 12-SP2 (ppc64le x86_64): libXvnc1-1.6.0-18.28.1 libXvnc1-debuginfo-1.6.0-18.28.1 tigervnc-1.6.0-18.28.1 tigervnc-debuginfo-1.6.0-18.28.1 tigervnc-debugsource-1.6.0-18.28.1 xorg-x11-Xvnc-1.6.0-18.28.1 xorg-x11-Xvnc-debuginfo-1.6.0-18.28.1 - SUSE Linux Enterprise Server 12-SP3-LTSS (aarch64 ppc64le s390x x86_64): libXvnc1-1.6.0-18.28.1 libXvnc1-debuginfo-1.6.0-18.28.1 tigervnc-1.6.0-18.28.1 tigervnc-debuginfo-1.6.0-18.28.1 tigervnc-debugsource-1.6.0-18.28.1 xorg-x11-Xvnc-1.6.0-18.28.1 xorg-x11-Xvnc-debuginfo-1.6.0-18.28.1 - SUSE Linux Enterprise Server 12-SP3-BCL (x86_64): libXvnc1-1.6.0-18.28.1 libXvnc1-debuginfo-1.6.0-18.28.1 tigervnc-1.6.0-18.28.1 tigervnc-debuginfo-1.6.0-18.28.1 tigervnc-debugsource-1.6.0-18.28.1 xorg-x11-Xvnc-1.6.0-18.28.1 xorg-x11-Xvnc-debuginfo-1.6.0-18.28.1 - SUSE Linux Enterprise Server 12-SP2-LTSS (ppc64le s390x x86_64): libXvnc1-1.6.0-18.28.1 libXvnc1-debuginfo-1.6.0-18.28.1 tigervnc-1.6.0-18.28.1 tigervnc-debuginfo-1.6.0-18.28.1 tigervnc-debugsource-1.6.0-18.28.1 xorg-x11-Xvnc-1.6.0-18.28.1 xorg-x11-Xvnc-debuginfo-1.6.0-18.28.1 - SUSE Linux Enterprise Server 12-SP2-BCL (x86_64): libXvnc1-1.6.0-18.28.1 libXvnc1-debuginfo-1.6.0-18.28.1 tigervnc-1.6.0-18.28.1 tigervnc-debuginfo-1.6.0-18.28.1 tigervnc-debugsource-1.6.0-18.28.1 xorg-x11-Xvnc-1.6.0-18.28.1 xorg-x11-Xvnc-debuginfo-1.6.0-18.28.1 - SUSE Enterprise Storage 5 (aarch64 x86_64): libXvnc1-1.6.0-18.28.1 libXvnc1-debuginfo-1.6.0-18.28.1 tigervnc-1.6.0-18.28.1 tigervnc-debuginfo-1.6.0-18.28.1 tigervnc-debugsource-1.6.0-18.28.1 xorg-x11-Xvnc-1.6.0-18.28.1 xorg-x11-Xvnc-debuginfo-1.6.0-18.28.1 - HPE Helion Openstack 8 (x86_64): libXvnc1-1.6.0-18.28.1 libXvnc1-debuginfo-1.6.0-18.28.1 tigervnc-1.6.0-18.28.1 tigervnc-debuginfo-1.6.0-18.28.1 tigervnc-debugsource-1.6.0-18.28.1 xorg-x11-Xvnc-1.6.0-18.28.1 xorg-x11-Xvnc-debuginfo-1.6.0-18.28.1 References: https://www.suse.com/security/cve/CVE-2019-15691.html https://www.suse.com/security/cve/CVE-2019-15692.html https://www.suse.com/security/cve/CVE-2019-15693.html https://www.suse.com/security/cve/CVE-2019-15694.html https://www.suse.com/security/cve/CVE-2019-15695.html https://bugzilla.suse.com/1159856 https://bugzilla.suse.com/1159858 https://bugzilla.suse.com/1159860 https://bugzilla.suse.com/1160250 https://bugzilla.suse.com/1160251 https://bugzilla.suse.com/1160937 _______________________________________________ sle-security-updates mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. http://lists.suse.com/mailman/listinfo/sle-security-updates . SUSE Issues Security Announcement for tigervnc Addressing Severe Buffer Overflow Vulnerabilities with Urgent Update Alert.. Tigervnc Update, SUSE Security Advisory, Buffer Overflow Fixes, SUSE Linux Enterprise, OpenStack Security. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jan 22, 2020 Important SuSE
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydebianmemory leak

Debian 8: DLA-1977-1 Critical: libvncserver Memory Leak Issue

LibVNC contained a memory leak (CWE-655) in VNC server code, which allowed an attacker to read stack memory and could be abused for information disclosure. . Package : libvncserver Version : 0.9.9+dfsg2-6.1+deb8u6 CVE ID : CVE-2019-15681 Debian Bug : 943793 LibVNC contained a memory leak (CWE-655) in VNC server code, which allowed an attacker to read stack memory and could be abused for information disclosure. For Debian 8 "Jessie", this problem has been fixed in version 0.9.9+dfsg2-6.1+deb8u6. We recommend that you upgrade your libvncserver packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -- mike gabriel aka sunweaver (Debian Developer) fon: +49 (1520) 1976 148 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: This email address is being protected from spambots. You need JavaScript enabled to view it., https://sunweavers.net/ . Addressing a memory leak in libvncserver that grants attackers potential access to stack memory, consequently heightening the danger of data breaches.. Debian Update, libvncserver Fix, Memory Leak Security. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Oct 30, 2019 Critical Debian LTS
Banner 3 1028x280 1708121785 1771599793
200
Ls Advisories Scientific Esm H240
Price Tag 1security advisorybug fixmoderate severity

Scientific Linux: SLSA-2014:1391-2 Moderate: glibc Out-Of-Bounds Issue

Moderate: glibc security, bug fix, and enhancement update. Date: Mon, 3 Nov 2014 17:54:45 +0000 Reply-To: scientific-linux-users@ Sender: Security Errata for Scientific Linux From: Pat Riehecky Subject: Security ERRATA Moderate: glibc on SL6.x i386/x86_64 MIME-Version: 1.0 Synopsis: Moderate: glibc security, bug fix, and enhancement update Advisory ID: SLSA-2014:1391-2 Issue Date: 2014-10-14 CVE Numbers: CVE-2013-4237 CVE-2013-4458 -- An out-of-bounds write flaw was found in the way the glibc's readdir_r() function handled file system entries longer than the NAME_MAX character constant. A remote attacker could provide a specially crafted NTFS or CIFS file system that, when processed by an application using readdir_r(), would cause that application to crash or, potentially, allow the attacker to execute arbitrary code with the privileges of the user running the application. (CVE-2013-4237) It was found that getaddrinfo() did not limit the amount of stack memory used during name resolution. An attacker able to make an application resolve an attacker-controlled hostname or IP address could possibly cause the application to exhaust all stack memory and crash. (CVE-2013-4458) -- SL6 x86_64 glibc-2.12-1.149.el6.i686.rpm glibc-2.12-1.149.el6.x86_64.rpm glibc-common-2.12-1.149.el6.x86_64.rpm glibc-debuginfo-2.12-1.149.el6.i686.rpm glibc-debuginfo-2.12-1.149.el6.x86_64.rpm glibc-debuginfo-common-2.12-1.149.el6.i686.rpm glibc-debuginfo-common-2.12-1.149.el6.x86_64.rpm glibc-devel-2.12-1.149.el6.i686.rpm glibc-devel-2.12-1.149.el6.x86_64.rpm glibc-headers-2.12-1.149.el6.x86_64.rpm glibc-utils-2.12-1.149.el6.x86_64.rpm nscd-2.12-1.149.el6.x86_64.rpm glibc-static-2.12-1.149.el6.i686.rpm glibc-static-2.12-1.149.el6.x86_64.rpm i386 glibc-2.12-1.149.el6.i686.rpm glibc-common-2.12-1.149.el6.i686.rpm glibc-debuginfo-2.12-1.149.el6.i686.rpm glibc-debuginfo-common-2.12-1.149.el6.i686.rpm glibc-devel-2.12-1.149.el6.i686.rpm glibc-headers-2.12-1.149.el6.i686.rpm glibc-utils-2.12-1.149.el6.i686.rpm nscd-2.12-1.149.el6.i686.rpm glibc-static-2.12-1.149.el6.i686.rpm - Scientific Linux Development Team . Important glibc security upgrade for Scientific Linux aimed at addressing urgent vulnerabilities. Examine the modifications and additional features introduced.. glibc Update, Scientific Linux Security, Moderate Patch, Bug Fixes. . LinuxSecurity.com Team

Calendar 2 Nov 03, 2014 Scientific Linux
200
Ls Advisories Scientific Esm H240
Price Tag 1security advisorymoderatephp

Scientific Linux: CVE-2010-3710 Moderate: PHP53 Memory Issues

Moderate: php53 security update. Date: Mon, 7 Feb 2011 12:43:44 -0600 Reply-To: Troy Dawson Sender: Security Errata for Scientific Linux From: Troy Dawson Subject: Security ERRATA Moderate: php53 on SL5.x i386/x86_64 Comments: To: "This email address is being protected from spambots. You need JavaScript enabled to view it." Synopsis: Moderate: php53 security update Issue date: 2011-02-03 CVE Names: CVE-2010-3710 CVE-2010-4156 CVE-2010-4645 A flaw was found in the way PHP converted certain floating point values from string representation to a number. If a PHP script evaluated an attacker's input in a numeric context, the PHP interpreter could cause high CPU usage until the script execution time limit is reached. This issue only affected i386 systems. (CVE-2010-4645) A stack memory exhaustion flaw was found in the way the PHP filter_var() function validated email addresses. An attacker could use this flaw to crash the PHP interpreter by providing excessively long input to be validated as an email address. (CVE-2010-3710) A memory disclosure flaw was found in the PHP multi-byte string extension. If the mb_strcut() function was called with a length argument exceeding the input string size, the function could disclose a portion of the PHP interpreter's memory. (CVE-2010-4156) After installing the updated packages, the httpd daemon must be restarted for the update to take effect. SL 5.x SRPMS: php53-5.3.3-1.el5_6.1.src.rpm i386: php53-5.3.3-1.el5_6.1.i386.rpm php53-bcmath-5.3.3-1.el5_6.1.i386.rpm php53-cli-5.3.3-1.el5_6.1.i386.rpm php53-common-5.3.3-1.el5_6.1.i386.rpm php53-dba-5.3.3-1.el5_6.1.i386.rpm php53-devel-5.3.3-1.el5_6.1.i386.rpm php53-gd-5.3.3-1.el5_6.1.i386.rpm php53-imap-5.3.3-1.el5_6.1.i386.rpm php53-intl-5.3.3-1.el5_6.1.i386.rpm php53-ldap-5.3.3-1.el5_6.1.i386.rpm php53-mbstring-5.3.3-1.el5_6.1.i386.rpm php53-mysql-5.3.3-1.el5_6.1.i386.rpm php53-odbc-5.3.3-1.el5_6.1.i386.rpm php53-pdo-5.3.3-1.el5_6.1.i386.rpm php53-pgsql-5.3.3-1.el5_6.1.i386.rpm php53-process-5.3.3-1.el5_6.1.i386.rpm php53-pspell-5.3.3-1.el5_6.1.i386.rpm php53-snmp-5.3.3-1.el5_6.1.i386.rpm php53-soap-5.3.3-1.el5_6.1.i386.rpm php53-xml-5.3.3-1.el5_6.1.i386.rpm php53-xmlrpc-5.3.3-1.el5_6.1.i386.rpm x86_64: php53-5.3.3-1.el5_6.1.x86_64.rpm php53-bcmath-5.3.3-1.el5_6.1.x86_64.rpm php53-cli-5.3.3-1.el5_6.1.x86_64.rpm php53-common-5.3.3-1.el5_6.1.x86_64.rpm php53-dba-5.3.3-1.el5_6.1.x86_64.rpm php53-devel-5.3.3-1.el5_6.1.x86_64.rpm php53-gd-5.3.3-1.el5_6.1.x86_64.rpm php53-imap-5.3.3-1.el5_6.1.x86_64.rpm php53-intl-5.3.3-1.el5_6.1.x86_64.rpm php53-ldap-5.3.3-1.el5_6.1.x86_64.rpm php53-mbstring-5.3.3-1.el5_6.1.x86_64.rpm php53-mysql-5.3.3-1.el5_6.1.x86_64.rpm php53-odbc-5.3.3-1.el5_6.1.x86_64.rpm php53-pdo-5.3.3-1.el5_6.1.x86_64.rpm php53-pgsql-5.3.3-1.el5_6.1.x86_64.rpm php53-process-5.3.3-1.el5_6.1.x86_64.rpm php53-pspell-5.3.3-1.el5_6.1.x86_64.rpm php53-snmp-5.3.3-1.el5_6.1.x86_64.rpm php53-soap-5.3.3-1.el5_6.1.x86_64.rpm php53-xml-5.3.3-1.el5_6.1.x86_64.rpm php53-xmlrpc-5.3.3-1.el5_6.1.x86_64.rpm -Connie Sieh -Troy Dawson . The recent PHP53 patch effectively resolves severe vulnerabilities in Scientific Linux 5.x that could threaten system integrity. Urgent measures advised.. php53 update, scientific linux security, moderate php patch. . LinuxSecurity.com Team

Calendar 2 Feb 07, 2011 Scientific Linux
Banner 3 1028x280 1708121785 1771599793
99
Ls Advisories Slackware Esm H240
Price Tag 1security advisorysecurity fixmoderate severity

Debian: 2011-344-04 High: Kernel Module Denial of Service Vulnerability

New xorg-server packages are available for Slackware 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix a security issue. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] xorg-server (SSA:2010-240-06) New xorg-server packages are available for Slackware 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix a security issue. Here are the details from the Slackware 13.1 ChangeLog: +--------------------------+ patches/packages/xorg-server-1.7.7-i486-2_slack13.1.txz: Rebuilt. Patched to prevent overwriting stack memory and bypassing security mechanisms on systems that use a 2.6 Linux kernel. Reported by Rafal Wojtczuk. For more information, see: https://www.cve.org/CVERecord?id=CVE-2010-2240 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ HINT: Getting slow download speeds from ftp.slackware.com? Give slackware.osuosl.org a try. This is another primary FTP site for Slackware that can be considerably faster than downloading directly from ftp.slackware.com. Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating additional FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you. Updated packages for Slackware 12.0: ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/xorg-server-1.3.0.0-i486-3_slack12.0.tgz ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/xorg-server-xdmx-1.3.0.0-i486-3_slack12.0.tgz ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/xorg-server-xnest-1.3.0.0-i486-3_slack12.0.tgz ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/xorg-server-xvfb-1.3.0.0-i486-3_slack12.0.tgz Updated packages for Slackware 12.1: Updated packages for Slackware 12.2: Updated packages for Slackware 13.0: Updated packages for Slackware x86_64 13.0: Updated packages for Slackware 13.1: Updated packages forSlackware x86_64 13.1: Updated packages for Slackware -current: Updated packages for Slackware x86_64 -current: MD5 signatures: +-------------+ Slackware 12.0 packages: 948e4d6012f7c349be58318622941508 xorg-server-1.3.0.0-i486-3_slack12.0.tgz c9d5f136423384d7a68f971992f6049f xorg-server-xdmx-1.3.0.0-i486-3_slack12.0.tgz bb3da6748a08c142c47633e642c7137d xorg-server-xnest-1.3.0.0-i486-3_slack12.0.tgz dfb6bdba04491ca4acb15fafd89638b2 xorg-server-xvfb-1.3.0.0-i486-3_slack12.0.tgz Slackware 12.1 packages: a8ab8b3976df8633257d65b3913b8883 xorg-server-1.4.2-i486-2_slack12.1.tgz 4fdf655f8fc4ffdd478a6c3981b0a6fd xorg-server-xnest-1.4.2-i486-2_slack12.1.tgz 93e4c5e23fa6efc9a5c222da5edac3ba xorg-server-xvfb-1.4.2-i486-2_slack12.1.tgz Slackware 12.2 packages: bcd28e761bb4adbf24dec715c49d297b xorg-server-1.4.2-i486-2_slack12.2.tgz 25723efc09e09d915ebb36e1205d70b1 xorg-server-xnest-1.4.2-i486-2_slack12.2.tgz d1c5206344d115c19f4349faa92a02a1 xorg-server-xvfb-1.4.2-i486-2_slack12.2.tgz Slackware 13.0 packages: dc4780c806670dd2b1bbf849f1de135a xorg-server-1.6.3-i486-2_slack13.0.txz 3d7ecec9719e890d76f773f284dfe339 xorg-server-xephyr-1.6.3-i486-2_slack13.0.txz 67bd1e1772b5b56a3437b328a25b32d1 xorg-server-xnest-1.6.3-i486-2_slack13.0.txz d6f8fd0392ded6db5d8a8a38a21aa0bd xorg-server-xvfb-1.6.3-i486-2_slack13.0.txz Slackware x86_64 13.0 packages: dcba378af605ce9215b59f1c9b695765 xorg-server-1.6.3-x86_64-2_slack13.0.txz 471d08f7e17f1b00a27801d53ca7ac0e xorg-server-xephyr-1.6.3-x86_64-2_slack13.0.txz 1ab068bc4ae868eb8474a37cae643c3f xorg-server-xnest-1.6.3-x86_64-2_slack13.0.txz ce6fff885eaeb0bacffed8de5bff696f xorg-server-xvfb-1.6.3-x86_64-2_slack13.0.txz Slackware 13.1 packages: ea462ea066e90341443e135a34cc74e7 xorg-server-1.7.7-i486-2_slack13.1.txz dd01a6d98fed4d0135aef3ba4434d713 xorg-server-xephyr-1.7.7-i486-2_slack13.1.txz 4650b8a0248c225172367c3a49c2b8ea xorg-server-xnest-1.7.7-i486-2_slack13.1.txz b28c1a2118f9e68c44e794d85d214c4b xorg-server-xvfb-1.7.7-i486-2_slack13.1.txz Slackware x86_64 13.1packages: 5a94d24124740a99e4961c2511f40ae4 xorg-server-1.7.7-x86_64-2_slack13.1.txz de80c9498875b726f46612f344223b98 xorg-server-xephyr-1.7.7-x86_64-2_slack13.1.txz 47c55a47f8c0d3fef964984cf35d7327 xorg-server-xnest-1.7.7-x86_64-2_slack13.1.txz 838b0c430f248e8f4db8ab7b2a310f90 xorg-server-xvfb-1.7.7-x86_64-2_slack13.1.txz Slackware -current packages: 5d47df75439e8be839648d62dff8a067 x/xorg-server-1.7.7-i486-2.txz 5567692e94ab8d77e78a947aa6761dce x/xorg-server-xephyr-1.7.7-i486-2.txz 0c3112b8b3de5dfa5546c4808b0fd1ab x/xorg-server-xnest-1.7.7-i486-2.txz c227768380dbfcf6e10e252b0ed63559 x/xorg-server-xvfb-1.7.7-i486-2.txz Slackware x86_64 -current packages: fd708c0e164edf215ed3c26f2ee37721 x/xorg-server-1.7.7-x86_64-2.txz eab6cd91332a734466fd1b8f295d5842 x/xorg-server-xephyr-1.7.7-x86_64-2.txz eac24a47e7906236c6cb4971a24f61d9 x/xorg-server-xnest-1.7.7-x86_64-2.txz c9c3d50532fd43cabee7bfbea1cce0e1 x/xorg-server-xvfb-1.7.7-x86_64-2.txz Installation instructions: +------------------------+ Upgrade the packages as root: # upgradepkg xorg-server-*z +-----+ . The recent xorg-server update on Slackware tackles issues related to stack memory vulnerabilities and security weaknesses prevalent among various Linux distributions.. Xorg-Server, Stack Memory Issues, Slackware Update. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Aug 28, 2010 Important Slackware
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorycritical issuesoftware update

Ubuntu 8.10 Critical Update: NSS Stack Memory Issue and Fix

USN-810-1 fixed vulnerabilities in NSS. Jozsef Kadlecsik noticed thatthe new libraries on amd64 did not correctly set stack memory flags,and caused applications using NSS (e.g. Firefox) to have an executablestack. This reduced the effectiveness of some defensive securityprotections. This update fixes the problem. [More...]. ==========================================================Ubuntu Security Notice USN-810-2 September 02, 2009 nss regression https://bugs.launchpad.net/ubuntu/+source/nss/+bug/409864 ========================================================== A security issue affects the following Ubuntu releases: Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.04 LTS: libnss3-1d 3.12.3.1-0ubuntu0.8.04.2 Ubuntu 8.10: libnss3-1d 3.12.3.1-0ubuntu0.8.10.2 Ubuntu 9.04: libnss3-1d 3.12.3.1-0ubuntu0.9.04.2 After a standard system upgrade you need to restart any applications that use NSS, such as Firefox, to effect the necessary changes. Details follow: USN-810-1 fixed vulnerabilities in NSS. Jozsef Kadlecsik noticed that the new libraries on amd64 did not correctly set stack memory flags, and caused applications using NSS (e.g. Firefox) to have an executable stack. This reduced the effectiveness of some defensive security protections. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Moxie Marlinspike discovered that NSS did not properly handle regular expressions in certificate names. A remote attacker could create a specially crafted certificate to cause a denial of service (via application crash) or execute arbitrary code as the user invoking the program. (CVE-2009-2404) Moxie Marlinspike and Dan Kaminsky independently discovered that NSS did not properly handle certificates with NULLcharacters in the certificate name. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. (CVE-2009-2408) Dan Kaminsky discovered NSS would still accept certificates with MD2 hash signatures. As a result, an attacker could potentially create a malicious trusted certificate to impersonate another site. (CVE-2009-2409) Updated packages for Ubuntu 8.04 LTS: Source archives: Size/MD5: 37655 e64b043a01d0e7daf6bb65204f26d8b0 Size/MD5: 1008 8a24bd65b71653c370ee2465fb0e5a72 Size/MD5: 5316068 cc5607243fdfdbc80ebbbf6dbb33f784 amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 18338 5120cc7f89e608b0b6ff8555cbe30053 Size/MD5: 3166314 23ff5a3e893029f31a09f4ab76eb4859 Size/MD5: 1147172 bc387e5fb7f699ba9b5d60f1fde92264 Size/MD5: 257894 dc77d3e6ab408d4637387e4bea4af785 Size/MD5: 312636 e888713d46b0c771ab736b28c77dc131 i386 architecture (x86 compatible Intel/AMD): Size/MD5: 18306 9d586744b66ee55defa95ffa440768ce Size/MD5: 3012638 2461ab65482203195c2dcfc66af2f4ee Size/MD5: 1040140 47882c0d3d2f5b21c9fe82babb8f440e Size/MD5: 254986 203a63ee2717335eceb721facaf1508d Size/MD5: 295214 66e9264a666a83fca9847414d48ac760 lpia architecture (Low Power Intel Architecture): Size/MD5: 18298 feef4b1491cd185b5f3288294823f5f3 Size/MD5: 3042042 377b3815135cfd7282063efb9e51230e Size/MD5: 1016320 44680d617fd1ab1cb2da49f6d9e97aa1 Size/MD5: 253690 aabbf2d4e97c7b2484bd204d164e24d0 Size/MD5: 292588 4c967b30f7a3fb57d8854df8a79bd379 powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 20786 9ce81e2cea44fef0f6faf2fdd5171623 Size/MD5: 3125854 697fffc58a744fe15f7fd9f168ca9733 Size/MD5: 1143970 8f92496cb9f162cc157ebe989e2b3fb0 Size/MD5: 256716 08d9924b808f9ceb5054fa96b83ed1ab Size/MD5: 325026 7c4cee2fb1e099aa8b04b20fbad7566a sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 18408 8db62c70395cff75f2bb89de95e73881 Size/MD5: 2834732 1f0c58ae1fae93bff8544a174ff536bb Size/MD5: 1020050 d162fccf68e82cf9ebced93bb46f2809 Size/MD5: 251696 9cc85bbdf62ea769b2cd60e1052aabd4 Size/MD5: 299608 557d429224fdcc935e71fc64b3ac47ff Updated packages for Ubuntu 8.10: Source archives: Size/MD5: 33119 fe83a32ef210370566ccb411aa48fe54 Size/MD5: 1412 451fa76bfb507e1269fee26218141551 Size/MD5: 5316068 cc5607243fdfdbc80ebbbf6dbb33f784 amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 3310704 efec40c9fdc2b0ce66fda361c1aba543 Size/MD5: 1195180 63cee7f4eda8ffb4c0c3523ac9c6ad91 Size/MD5: 257682 05088498123a0736834f5c3c22c5cf46 Size/MD5: 18406 ba1d9dae921d0b52ce87adf573eded44 Size/MD5: 317148 db5eeeea33c98f32dd12b5e76b745355 i386 architecture (x86 compatible Intel/AMD): Size/MD5: 3137376 b6f8c176fb6d3805f329550e939a7c58 Size/MD5: 1077028 6ce44322395faa4a3fcbdde41ee5e68e Size/MD5: 254812 771285009e0fdbb6ad1272d631906204 Size/MD5: 18370 37815dfc4cfe17039df586a98428c93d Size/MD5: 300312 898cf2f8d5eefe3b3beca32df52b94bf lpia architecture (Low Power Intel Architecture): Size/MD5: 3173916 13a0a5a89a4bf8299357ebd828112ddf Size/MD5: 1050862 a5ed8d7e53cc98fe1ebe24e33994cd53 Size/MD5: 253322 db070f03d5f4e0fa7ca62b4076feb1a5 Size/MD5: 18346 f3cb5c7f8c0cccaeced8d8bbc63ac9b3 Size/MD5: 296258 ee56f8195c14ebe9a3b30e26c9a31dd8 powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 3284490 3e9567373c1d8a407184c3454cdbdee2 Size/MD5: 1165908 aea197dd9fbb3c5cd9e76bd8a7411214 Size/MD5: 256530 7a3e87d818c828f4d4b98aff841f77cf Size/MD5: 2078032b3073b20ab252ccf7892d92b2dd76f Size/MD5: 320830 cd055119a68308f42a29fe551217819b sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 2942786 dc36959a5a02fdc2068e10bbf811a2b3 Size/MD5: 1038452 147a34131c51deb6bb74264eadb1c3ba Size/MD5: 251344 ff7eff0cd42a95f044ed3cc539d61532 Size/MD5: 18506 5fc6b96c8d8555457e39b6b0cdd52713 Size/MD5: 301552 95ef3e3b2679ceea72e97cfe0ea12762 Updated packages for Ubuntu 9.04: Source archives: Size/MD5: 36540 f42b1d62ed98ee110c10954b55902c63 Size/MD5: 1412 b85ff4f8dbe0432df858f415bf48bff0 Size/MD5: 5316068 cc5607243fdfdbc80ebbbf6dbb33f784 amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 3309826 9dcbef4357653044d8b25731a1d130b9 Size/MD5: 1196818 929ca127030a1c1d42f662f5692da089 Size/MD5: 258356 4fadbc6290fc184158a9a724cf82940f Size/MD5: 17536 4369982ce7f6ce3e9e899d6506114911 Size/MD5: 317782 661b518dd87a1b7057c3b36a6a0cb746 i386 architecture (x86 compatible Intel/AMD): Size/MD5: 3137640 bed2f6981fa4c243873b999fc5c7502c Size/MD5: 1078426 512252fb2ac440c37aa899392776d581 Size/MD5: 255444 2cd57c0a08300355ee3e1afd8e161923 Size/MD5: 17534 4dd67a9b274b61230afbfe5b40437184 Size/MD5: 300900 c20821c5fa989f906188e73e557876b3 lpia architecture (Low Power Intel Architecture): Size/MD5: 3171624 9698ffc8645b5ecdb03746d567bf575f Size/MD5: 1052256 7c3f11b222fc420ea53b02ce30aa13e0 Size/MD5: 253972 c734ddc4fa68d6bdbae8bfab4a0b44af Size/MD5: 17530 78eb3d97799199999c96f44c33a91487 Size/MD5: 296900 483e370ded82ed6a038fb719726d5524 powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 3282350 7c9b8a3b8754b3ced78e56e4561e0ef5 Size/MD5: 1167974 0d5b73714c4bc7803889a383d2979fdb Size/MD5: 257192 8369a4b0fa1846dea82673ad50ff77a6 Size/MD5: 17544 ea286e5376301bb7d6066153b23834fa Size/MD5: 321510 4af0bf6942079e5d3fa4119f43a85ab7 sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 2942220 4d7c1d6e6b96d5b40f974a635c6a7f2d Size/MD5: 1039542 5cb75a79da1dd8fbebecd78534ed3736 Size/MD5: 251998 00b0e28d20dd45068e1403d7e3191fab Size/MD5: 17532 402a209aaebb2ab84200d5bcf1145c0d Size/MD5: 301942 f5655e1c3da7303bde30982520882422 . Update fixes NSS Stack security flag issue impacting applications on Ubuntu 8.10, recommended for critical protection enhancements.. usn-810-1, vulnerabilities, jozsef, kadlecsik, noticed, thatthe, libraries, amd64. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 02, 2009 Critical Ubuntu
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here