Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 0 articles for you...
197
security advisorysoftware updatedebianDebian 11: DLA-3963-1 moderate: Ansible sensitive data threat
Ansible is a command-line IT automation software application. It can configure systems, deploy software, and orchestrate advanced workflows to support application deployment, system updates, ... . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3963-1
Nov 24, 2024
•Important
Debian LTS
98
security advisorycritical issuered hatRed Hat RHSA-2001:110-05 Critical: Setserial Insecure Temp File Advisory
The initscript distributed with the setserial package (which is not installed or enabled by default) uses predictable temporary file names, and should not be used. setserial-2.17-4 and earlier versions are affected. . ` --------------------------------------------------------------------- Red Hat, Inc. Red Hat Security Advisory Synopsis: Insecure setserial initscript Advisory ID: RHSA-2001:110-05 Issue date: 2001-09-12 Updated on: 2001-09-19 Product: Red Hat Linux Keywords: setserial initscript temporary file Cross references: Obsoletes: --------------------------------------------------------------------- 1. Topic: The initscript distributed with the setserial package (which is not installed or enabled by default) uses predictable temporary file names, and should not be used. setserial-2.17-4 and earlier versions are affected. If you have not recompiled your kernel, this issue does not affect you. To check if you are affected by this issue, use the following command: /bin/ls /etc/rc.d/init.d/serial If this gives the output '/etc/rc.d/init.d/serial' then the initscript has been manually installed. In this case use the following command: /sbin/modprobe -l | grep '/serial.o' If this command gives output, you are affected by this issue. 2. Relevant releases/architectures: 3. Problem description: The setserial package comes with an initscript in the documentation directory. If this initscript is manually copied into the init.d directory structure and enabled, and the kernel is recompiled to have modular serial port support, then the initscript will use a predictable temporary file name. There are a number of other bugs that also prevent the initscript from working correctly in this situation (detailed in bugzilla bug #52862). 4. Solution: Do not use the initscript supplied with setserial. To disable it, use the following command: /sbin/chkconfig serialoff Alternatively, if your system needs manual adjustment of its serial port settings and you wish to have those adjustments re-applied automatically on boot, be sure to use a kernel that has non-modular serial port support, such as those supplied by Red Hat, Inc. 5. Bug IDs fixed ( for more info): 6. RPMs required: 7. Verification: MD5 sum Package Name -------------------------------------------------------------------------- These packages are GPG signed by Red Hat, Inc. for security. Our key is available at: You can verify each package with the following command: rpm --checksig If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg 8. References: Bugzilla bug #52862, at: https://bugzilla.redhat.com/show_bug.cgi Copyright(c) 2000, 2001 Red Hat, Inc. ` . Investigating a critical flaw within the Red Hat setserial initialization script, which raises security issues due to the generation of predictable temporary files.. Red Hat Security, Insecure Script Advisory, Setserial Vulnerability. . Severity: Critical. LinuxSecurity.com Team
Oct 16, 2023
•Critical
Red Hat
98
security advisorysecurity updatebug fixRed Hat Enterprise Linux 7 RHSA-2018:3249-01 Low Severity Setup Issue
An update for setup is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Low: setup security and bug fix update Advisory ID: RHSA-2018:3249-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2018:3249 Issue date: 2018-10-30 CVE Names: CVE-2018-1113 ==================================================================== 1. Summary: An update for setup is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch Red Hat Enterprise Linux ComputeNode (v. 7) - noarch Red Hat Enterprise Linux Server (v. 7) - noarch Red Hat Enterprise Linux Workstation (v. 7) - noarch Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - noarch 3. Description: The setup package contains a set of important default system configuration and setup files. Examples include /etc/passwd, /etc/group, and /etc/profile. Other examples are the default lists of reserved user IDs, reserved ports, reserved protocols, allowed shells, allowed secure terminals. Security Fix(es): * setup: nologin listed in /etc/shells violates security expectations (CVE-2018-1113) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the Referencessection. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1566469 - Typing Mistake in /etc/protocols 1571094 - CVE-2018-1113 setup: nologin listed in /etc/shells violates security expectations 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: setup-2.8.71-10.el7.src.rpm noarch: setup-2.8.71-10.el7.noarch.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: setup-2.8.71-10.el7.src.rpm noarch: setup-2.8.71-10.el7.noarch.rpm Red Hat Enterprise Linux Server (v. 7): Source: setup-2.8.71-10.el7.src.rpm noarch: setup-2.8.71-10.el7.noarch.rpm Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7): Source: setup-2.8.71-10.el7.src.rpm noarch: setup-2.8.71-10.el7.noarch.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: setup-2.8.71-10.el7.src.rpm noarch: setup-2.8.71-10.el7.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2018-1113 https://access.redhat.com/security/updates/classification/#low https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.6_release_notes/index 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBW9gQR9zjgjWX9erEAQiuoRAAiZpJfOGqTAfRNqZhCk6bHEovRaD7UiQv fkv1CLGed2MXsrEWabe3Ybh/aNrsHdpKTyEm/hPtC/XMifV4WLz7qfwoRPhpLj00 57+5h2DCFgWn2ATKJNVLfHJilgpXwlKrVJTrU86lP0rfT3NCWa0h+epst6IIOgm8 lyrQDmhD+NM4wWM9j6hySVabLiEiJgVOUoJWss6CeIHL2lfu9Dz5tkZqVQxG72BE rR8G0YYrT7ssncYZ3QaHJqDP+eFx+DZsla4LCYaSwlHpuE0pItDB+nUrFff9n/8X VYidORe35L8ZzE869np3M+daY2gnOWXzyw41MmeVKGtGiD/xBtAns1kyFUA1/lug D2gtq33eHnAYHD5/W33JsfLkDEhjcNyrphFubZ21alg7RV4GriZ6oVhtoJMX3Gbj M6j6br/H5gPQTvpV2fDIIgR4+p1r4W+UrwRbH96U4vgvvM+6Pw39Fa4Y1UrwZyBJ P7SEA3WYjKmQGophTuOa4qa0hwAkt+KyIwkE/kucuR8Y69idUr/4zGDnvezJa7h+ Sy18JPjTvzBLDq6FIBdzBPla8hi5MzgReX4J0gUb4CckEzrZvfeIDNTgexSP+4tG 6kQ/cnKNIzhmXlWlPmMED7fpvMSt4xgq1o1EqruXhTRAv0x0SN56vyMbG8tH3V7b RMWmpvYCGso=lwzl -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Oct 30, 2018
•Low
Red Hat
89
security advisoryFedoramoderate severityFedora 28 FEDORA-2018-f47268acd5 Moderate: Nologin Resolution
- don't list nologin in /etc/shells (#1378893). --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-f47268acd5 2018-04-27 03:58:32.277115 --------------------------------------------------------------------------------Name : setup Product : Fedora 28 Version : 2.11.4 Release : 1.fc28 URL : https://pagure.io/setup/ Summary : A set of system configuration and setup files Description : The setup package contains a set of important system configuration and setup files, such as passwd, group, and profile. --------------------------------------------------------------------------------Update Information: - don't list nologin in /etc/shells (#1378893) --------------------------------------------------------------------------------ChangeLog: * Mon Apr 16 2018 Ondrej Vasik - 2.11.4-1 - don't list nologin in /etc/shells (#1378893) --------------------------------------------------------------------------------References: [ 1 ] Bug #1378893 - CVE-2018-1113 setup: nologin listed in /etc/shells violates security expectations [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1378893 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-f47268acd5' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Apr 27, 2018
Fedora
89
security advisoryFedoracertificate managementFedora 22 Gwenhywfar Security Advisory for System Certificates
This adjusts gwenhywfar to use the system copy of ca-certificates, instead of a bundled copy.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-20df66892b 2015-12-28 19:19:48.670955 -------------------------------------------------------------------------------- Name : gwenhywfar Product : Fedora 22 Version : 4.13.1 Release : 5.fc22 URL : Summary : A multi-platform helper library for other libraries Description : This is Gwenhywfar, a multi-platform helper library for networking and security applications and libraries. It is heavily used by libchipcard and AqBanking/AqHBCI, the German online banking libraries. -------------------------------------------------------------------------------- Update Information: This adjusts gwenhywfar to use the system copy of ca-certificates, instead of a bundled copy. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1272503 - CVE-2015-7542 gwenhywfar: use system ca-certificates https://bugzilla.redhat.com/show_bug.cgi?id=1272503 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update gwenhywfar' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list
Dec 28, 2015
•Important
Fedora
89
security advisoryFedoraSELinuxFedora 9 SELinux Policy Update: 2008-5808 Moderate Security Advisory
SELinux Reference Policy - modular. Based off of reference policy: Checked out revision 2624.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2008-5808 2008-07-01 02:41:37 --------------------------------------------------------------------------------Name : selinux-policy Product : Fedora 9 Version : 3.3.1 Release : 72.fc9 URL : https://sourceforge.net/projects/serefpolicy/ Summary : SELinux policy configuration Description : SELinux Reference Policy - modular. Based off of reference policy: Checked out revision 2624. --------------------------------------------------------------------------------ChangeLog: * Mon Jun 23 2008 Dan Walsh 3.3.1-72 - Fix file context of real player * Mon Jun 23 2008 Dan Walsh 3.3.1-71 - Allow system_mail_t to exec other mail clients - Label mogrel_rails as an apache server * Mon Jun 23 2008 Dan Walsh 3.3.1-70 - Apply unconfined_execmem_exec_t to haskell programs * Sun Jun 22 2008 Dan Walsh 3.3.1-69 - Fix prelude file context * Sun Jun 22 2008 Dan Walsh 3.3.1-68 - Allow virt to getsched and setsched on qemu - Allow networkmanager to getattr on fixed disk * Wed Jun 4 2008 Dan Walsh 3.3.1-66 - Add slattach policy for eparis testing * Mon Jun 2 2008 Dan Walsh 3.3.1-65 - Allow bootloader to run mount in the users role * Mon Jun 2 2008 Dan Walsh 3.3.1-64 - Allow policykit_resolve to ptrace all levels * Fri May 30 2008 Dan Walsh 3.3.1-63 - Allow policykit_resolve to ptrace user processes * Fri May 30 2008 Dan Walsh 3.3.1-61 - Allow policykit_resolve to read users process table * Thu May 29 2008 Dan Walsh 3.3.1-60 - Allow policykit_resolve to read polkit_var_lib - Other policykit fixes * Thu May 29 2008 Dan Walsh 3.3.1-59 - Allow oddjob to change roles * Thu May 29 2008 Dan Walsh 3.3.1-58 - Allow policykit_resolve to getattr hal - Allow pyzor_t manage files user_pyzor_home_t * Wed May 28 2008 Dan Walsh 3.3.1-57 -Allow dhcpc sys_nice - Allow handling of /var/run/video.rom - Allow policykit_resolve to use dbus * Wed May 21 2008 Dan Walsh 3.3.1-56 - Fix vncserver transition to work properly in unconfined environment. - Allow virsh to run * Tue May 20 2008 Dan Walsh 3.3.1-55 - More fixes for spamassassin * Tue May 20 2008 Dan Walsh 3.3.1-54 - Allow spamassassin_t to be run by system_r * Mon May 19 2008 Dan Walsh 3.3.1-53 - Add mono_exec to podsleuth * Fri May 16 2008 Dan Walsh 3.3.1-52 - Allow httpd_suexec_t to use cgi scripts in home dir - Allow httpd_syexec_t to connect to mysql - Allow sasl to communicate with kerberos rhost cache - Fix vncserver to work again - Allow procmail to ioctl spamasssin_exec_t * Tue May 13 2008 Dan Walsh 3.3.1-51 - Dontaudit dhcpc_t reading of domains state * Mon May 12 2008 Dan Walsh 3.3.1-50 - Add sys_nice for audispd * Thu May 8 2008 Dan Walsh 3.3.1-49 - Allow libvirtd sys_nice - Fixes for policykit - Allow dovecot getattr all filesystem directories * Wed May 7 2008 Dan Walsh 3.3.1-48 - Allow amanada to create data files * Wed May 7 2008 Dan Walsh 3.3.1-47 - Fix initial install, semanage setup * Tue May 6 2008 Dan Walsh 3.3.1-46 - Allow system_r for httpd_unconfined_script_t * Wed Apr 30 2008 Dan Walsh 3.3.1-45 - Remove dmesg boolean - Allow user domains to read/write game data * Mon Apr 28 2008 Dan Walsh 3.3.1-44 - Change unconfined_t to transition to unconfined_mono_t when running mono - Change XXX_mono_t to transition to XXX_t when executing bin_t files, so gnome-do will work * Mon Apr 28 2008 Dan Walsh 3.3.1-43 - Remove old booleans from targeted-booleans.conf file --------------------------------------------------------------------------------This update can be installed with the "yum" update program. Use su -c 'yum update selinux-policy' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details onthe GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ Fedora-package-announce mailing list
Jul 01, 2008
Fedora
89
security advisoryFedora Coreupdate informationFedora Core 5: FEDORA-2006-318 Moderate Control Center Update
Updated package.. ---------------------------------------------------------------------Fedora Update Notification FEDORA-2006-318 2006-04-17 ---------------------------------------------------------------------Product : Fedora Core 5 Name : control-center Version : 2.14.1 Release : 1.fc5.2 Summary : GNOME Control Center. Description : GNOME (the GNU Network Object Model Environment) is an attractive and easy-to-use GUI desktop environment. The control-center package provides the GNOME Control Center utilities that allow you to setup and configure your system's GNOME environment (things like the desktop background and theme, the screensaver, system sounds, and mouse behavior). If you install GNOME, you need to install control-center. ---------------------------------------------------------------------Update Information: gnome-control-center 2.14.1 background: - Fixed crash on startup (Rodney Dawes) (331486) common: - Use gtk_dialog_run for running modal error dialogs (Rodrigo Moya) - Fixed leaks in CORBA activation code (Arjan Timmerman) (334153) default applications: - Fixed thunderbird command line parameters (Luca Cavalli) (326808) fontilus: - Move .directory files to $datadir/desktop-directories (Glynn Foster) (334405) settings daemon: - Fixed setting of $DISPLAY environment variable (Rodrigo Moya, Arjan Timmerman) (334153) - Set Ctrl-Atl-l as default keybinding for screen locking (Jaap A. Haitsma) (171833) - Fixed evdev/left handed button mapping (Marien Zwart) (323724) themus: - Move .directory files to $datadir/desktop-directories (Glynn Foster) (334405) - Don't allow tab characters in custom theme descriptions (Wouter Bolsterlee) (336151) - Theme chooser main window too wide for 800x600 (Thomas Wood) (314658) updated translations: - be (Ales Nyakhaychyk) - br (Jérémy Ar Floc'h) - cs (Miloslav Trmac) - dz (Tommi Vainikainen) - es (Francisco Javier F.Serrador) - et (Priit Laes) - hu (Gabor Kelemen) - ka (Vladimer SIchinava) - lt (Zygimantas Berucka) - nl (Vincent van Adrighem, Wouter Bolsterlee) - ro (Dan Damian) - th (Theppitak Karoonboonyanan) - vi (Clytie Siddall) ---------------------------------------------------------------------* Mon Apr 17 2006 Matthias Clasen - 2.14.1-1.fc5.2 - Fix thunderbird commandline * Mon Apr 10 2006 Matthias Clasen - 2.14.1-1.fc5.1 - Update to 2.14.1 * Thu Apr 6 2006 Ray Strode - 2.14.0-2 - add missing build reqs (bug 188167) ---------------------------------------------------------------------This update can be downloaded from: d3f8e464f2a7463f7b036484e095c790a654a6ac SRPMS/control-center-2.14.1-1.fc5.2.src.rpm 6c2a786035809908c07f00b2cb20918ac45c3c62 ppc/control-center-2.14.1-1.fc5.2.ppc.rpm 1a3521aa145fcfa35dcbb8e4f23a1c9a07f10eb3 ppc/debug/control-center-debuginfo-2.14.1-1.fc5.2.ppc.rpm cd59bc6c6e22010e5893b43e300d8d3c0a902720 x86_64/control-center-2.14.1-1.fc5.2.x86_64.rpm fd6029c35575e6480fa73209776869f093e3d9ef x86_64/debug/control-center-debuginfo-2.14.1-1.fc5.2.x86_64.rpm d3a88fe0db3bff0e9473e8266fd0bbc5af95de0e i386/control-center-2.14.1-1.fc5.2.i386.rpm ef909f68ca25e8019d6f504da3f73a0cb6f901a1 i386/debug/control-center-debuginfo-2.14.1-1.fc5.2.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at . ----------------------------------------------------------------------- fedora-announce-list mailing list
Apr 17, 2006
Fedora
89
security advisoryupdatecriticalFedora Core 4: Important Security Update for setup-2.5.44-1.1
Updated package.. ---------------------------------------------------------------------Fedora Update Notification FEDORA-2005-000 2005-09-06 ---------------------------------------------------------------------Product : Fedora Core 4 Name : util-linux Version : 2.12p Release : 9.9 Summary : A collection of basic system utilities. Description : The util-linux package contains a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, Util-linux contains the fdisk configuration tool and the login program. ---------------------------------------------------------------------* Mon Sep 5 2005 Karel Zak 2.12p-9.9 - fix #167200 - finger reports "never logged in" if run as non-root (change perms of /var/log/lastlog to 0644) * Mon Aug 29 2005 Karel Zak 2.12p-9.8 - fix #166923 - hwclock will not run on a non audit-enabled kernel - fix #159410 - mkswap(8) claims max swap area size is 2 GB ---------------------------------------------------------------------This update can be downloaded from: d5f58df469eeab3be19e7edec03ba674 SRPMS/util-linux-2.12p-9.9.src.rpm ff6e2dee430f6c57b222ce98bbbc08a4 ppc/util-linux-2.12p-9.9.ppc.rpm 77824d02d7d9f75bf78950e08d34d830 ppc/debug/util-linux-debuginfo-2.12p-9.9.ppc.rpm 56dfea31f804e263054c16348c0108b2 x86_64/util-linux-2.12p-9.9.x86_64.rpm e97833047141c1ca15ce9294c7ae84e7 x86_64/debug/util-linux-debuginfo-2.12p-9.9.x86_64.rpm 7805c2cb8783b275319e4427f545601a i386/util-linux-2.12p-9.9.i386.rpm 57aa2eebcf6cab55a088e022dd74900d i386/debug/util-linux-debuginfo-2.12p-9.9.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. ---------------------------------------------------------------------=============================================================================== From: "Bill Nottingham" " To:
Sep 06, 2005
•Important
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!