Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -3 articles for you...
89
security advisorysoftware updateFedoraFedora 32: FEDORA-2020-cd5ad916e4 critical: xawtv User Privilege Escalation
Update to 3.107. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-cd5ad916e4 2020-09-28 00:54:22.602624 --------------------------------------------------------------------------------Name : xawtv Product : Fedora 32 Version : 3.107 Release : 1.fc32 URL : https://linuxtv.org/wiki/index.php/Xawtv Summary : TV applications for video4linux compliant devices Description : Xawtv is a simple xaw-based TV program which uses the bttv driver or video4linux. Xawtv contains various command-line utilities for grabbing images and .avi movies, for tuning in to TV stations, etc. Xawtv also includes a grabber driver for vic. --------------------------------------------------------------------------------Update Information: Update to 3.107 --------------------------------------------------------------------------------ChangeLog: * Sat May 16 2020 Mauro Carvalho Chehab - 3.107-1 - upgrade to version 3.107 --------------------------------------------------------------------------------References: [ 1 ] Bug #1882286 - CVE-2020-13696 xawtv: specially crafted input leads to information disclosure and user privilege escalation [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1882286 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-cd5ad916e4' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list
Sep 27, 2020
•Critical
Fedora
172
security advisoryprivilege escalationinformation exposureUbuntu 16.04 LTS USN-4518-1 Moderate: xawtv Information Exposure
xawtv could be made to expose sensitive information and escalate user privileges if it received specially crafted input.. =========================================================================Ubuntu Security Notice USN-4518-1 September 17, 2020 xawtv vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS Summary: xawtv could be made to expose sensitive information and escalate user privileges if it received specially crafted input. Software Description: - xawtv: X11 program for watching TV Details: Matthias Gerstner discovered that xawtv incorrectly handled opening files. A local attacker could possibly use this issue to open and write to arbitrary files and escalate privileges. (CVE-2020-13696) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: alevtd 3.103-3+deb8u1build0.16.04.1 fbtv 3.103-3+deb8u1build0.16.04.1 pia 3.103-3+deb8u1build0.16.04.1 radio 3.103-3+deb8u1build0.16.04.1 scantv 3.103-3+deb8u1build0.16.04.1 streamer 3.103-3+deb8u1build0.16.04.1 ttv 3.103-3+deb8u1build0.16.04.1 v4l-conf 3.103-3+deb8u1build0.16.04.1 webcam 3.103-3+deb8u1build0.16.04.1 xawtv 3.103-3+deb8u1build0.16.04.1 xawtv-plugin-qt 3.103-3+deb8u1build0.16.04.1 xawtv-plugins 3.103-3+deb8u1build0.16.04.1 xawtv-tools 3.103-3+deb8u1build0.16.04.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-4518-1 CVE-2020-13696 Package Information: https://launchpad.net/ubuntu/+source/xawtv/3.103-3+deb8u1build0.16.04.1 . Important Ubuntu Security Bulletin USN-4518-1 highlights a vulnerability in xawtv and provides essential remediation steps.. Ubuntu Security, xawtv vulnerability, privilege escalation, sensitive information. . Severity: Important. LinuxSecurity.com Team
Sep 17, 2020
•Important
Ubuntu
100
security advisorymoderateSUSE LinuxSUSE: 2020:1712-1 Moderate: xawtv Security Update Overview
An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for xawtv ______________________________________________________________________________ Announcement ID: SUSE-SU-2020:1712-1 Rating: moderate References: #1171655 Cross-References: CVE-2020-13696 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP5 SUSE Linux Enterprise Workstation Extension 12-SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for xawtv fixes the following issues: - CVE-2020-13696: Fixed an issue in setuid-root program that which could have allowed arbitrary file existence tests and open() with O_RDWR (bsc#1171655). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP5: zypper in -t patch SUSE-SLE-WE-12-SP5-2020-1712=1 - SUSE Linux Enterprise Workstation Extension 12-SP4: zypper in -t patch SUSE-SLE-WE-12-SP4-2020-1712=1 Package List: - SUSE Linux Enterprise Workstation Extension 12-SP5 (x86_64): tv-common-3.103-6.3.1 tv-common-debuginfo-3.103-6.3.1 v4l-conf-3.103-6.3.1 v4l-conf-debuginfo-3.103-6.3.1 v4l-tools-3.103-6.3.1 v4l-tools-debuginfo-3.103-6.3.1 xawtv-debuginfo-3.103-6.3.1 xawtv-debugsource-3.103-6.3.1 - SUSE Linux Enterprise Workstation Extension 12-SP4 (x86_64): tv-common-3.103-6.3.1 tv-common-debuginfo-3.103-6.3.1 v4l-conf-3.103-6.3.1 v4l-conf-debuginfo-3.103-6.3.1 v4l-tools-3.103-6.3.1 v4l-tools-debuginfo-3.103-6.3.1 xawtv-debuginfo-3.103-6.3.1 xawtv-debugsource-3.103-6.3.1 References: https://www.suse.com/security/cve/CVE-2020-13696.html https://bugzilla.suse.com/1171655 _______________________________________________ sle-security-updates mailing list
Jun 23, 2020
SuSE
203
security advisorymedium severityfile access issueMageia 7 MGASA-2020-0257 Medium: xawtv File Access Issue
Updated xawtv packages fix security vulnerability: The v4l-conf program in xawtv allows users to determine the existence of file names in directories they do not have access to, and allows a user to have the system open files they do not have access to, though it does . MGASA-2020-0257 - Updated xawtv packages fix security vulnerability Publication date: 10 Jun 2020 URL: https://advisories.mageia.org/MGASA-2020-0257.html Type: security Affected Mageia releases: 7 CVE: CVE-2020-13696 Updated xawtv packages fix security vulnerability: The v4l-conf program in xawtv allows users to determine the existence of file names in directories they do not have access to, and allows a user to have the system open files they do not have access to, though it does not provide the user access to the file contents (CVE-2020-13696). References: - https://bugs.mageia.org/show_bug.cgi?id=26736 - https://www.openwall.com/lists/oss-security/2020/06/04/6 - https://www.cve.org/CVERecord?id=CVE-2020-13696 SRPMS: - 7/core/xawtv-3.107-1.1.mga7 . Mageia 2020-0257 upgrades xawtv to address file access risks, enhancing overall system protection.. xawtv update,Mageia security,xawtv vulnerability,file access issue. . Severity: Medium. LinuxSecurity.com Team
Jun 10, 2020
•Medium
Mageia
202
security advisorymoderatesecurity updateopenSUSE: 2020:0787-1 Moderate: xawtv Arbitrary File Access Fix
An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for xawtv ______________________________________________________________________________ Announcement ID: openSUSE-SU-2020:0787-1 Rating: moderate References: #1171655 Cross-References: CVE-2020-13696 Affected Products: openSUSE Backports SLE-15-SP1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for xawtv fixes the following issues: - CVE-2020-13696: Fixed an issue in setuid-root program that which could have allowed arbitrary file existence tests and open() with O_RDWR (boo#1171655). This update was imported from the openSUSE:Leap:15.1:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP1: zypper in -t patch openSUSE-2020-787=1 Package List: - openSUSE Backports SLE-15-SP1 (x86_64): alevtd-3.103-bp151.4.3.1 motv-3.103-bp151.4.3.1 pia-3.103-bp151.4.3.1 tv-common-3.103-bp151.4.3.1 v4l-conf-3.103-bp151.4.3.1 v4l-tools-3.103-bp151.4.3.1 xawtv-3.103-bp151.4.3.1 References: https://www.suse.com/security/cve/CVE-2020-13696.html https://bugzilla.suse.com/1171655 -- . openSUSE Security Update for xawtv addresses a moderate vulnerability concerning unauthorized file access. Further information available.. openSUSE Security Update,xawtv fix,moderate threat,arbitrary file access. . LinuxSecurity.com Team
Jun 10, 2020
OpenSUSE
202
security advisorymoderatesoftware updateopenSUSE: 2020:0784-1 Moderate Fix for Xawtv Buffer Overflow Issue
An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for xawtv ______________________________________________________________________________ Announcement ID: openSUSE-SU-2020:0784-1 Rating: moderate References: #1171655 Cross-References: CVE-2020-13696 Affected Products: openSUSE Leap 15.1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for xawtv fixes the following issues: - CVE-2020-13696: Fixed an issue in setuid-root program that which could have allowed arbitrary file existence tests and open() with O_RDWR (boo#1171655). Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.1: zypper in -t patch openSUSE-2020-784=1 Package List: - openSUSE Leap 15.1 (x86_64): alevtd-3.103-lp151.3.3.1 alevtd-debuginfo-3.103-lp151.3.3.1 motv-3.103-lp151.3.3.1 motv-debuginfo-3.103-lp151.3.3.1 pia-3.103-lp151.3.3.1 pia-debuginfo-3.103-lp151.3.3.1 tv-common-3.103-lp151.3.3.1 tv-common-debuginfo-3.103-lp151.3.3.1 v4l-conf-3.103-lp151.3.3.1 v4l-conf-debuginfo-3.103-lp151.3.3.1 v4l-tools-3.103-lp151.3.3.1 v4l-tools-debuginfo-3.103-lp151.3.3.1 xawtv-3.103-lp151.3.3.1 xawtv-debuginfo-3.103-lp151.3.3.1 xawtv-debugsource-3.103-lp151.3.3.1 References: https://www.suse.com/security/cve/CVE-2020-13696.html https://bugzilla.suse.com/1171655 -- . openSUSE Security Patch resolves xawtv vulnerabilities. Moderate severity related to CVE-2020-13696 impacting openSUSE Leap 15.1.. OpenSUSE Update, Xawtv Fix, Security Patch. . LinuxSecurity.com Team
Jun 08, 2020
OpenSUSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!