Thank you for reading the Linux Advisory Watch Security Newsletter. The purpose of this document is to provide our readers with a quick summary of each week's vendor security bulletins and pointers on methods to improve the security posture of your open source system. Vulnerabilities affect nearly every vendor virtually every week, so be sure to read through to find the updates your distributor have made available.


LinuxSecurity.com Feature Extras:

- Social engineering is the practice of learning and obtaining valuable information by exploiting human vulnerabilities. It is an art of deception that is considered to be vital for a penetration tester when there is a lack of information about the target that can be exploited.

- When you’re dealing with a security incident it’s essential you – and the rest of your team – not only have the skills they need to comprehensively deal with an issue, but also have a framework to support them as they approach it. This framework means they can focus purely on what they need to do, following a process that removes any vulnerabilities and threats in a proper way – so everyone who depends upon the software you protect can be confident that it’s secure and functioning properly.


  (Mar 29)
 

Security Report Summary

  (Mar 29)
 

Security Report Summary

  (Mar 28)
 

Security Report Summary

  (Mar 27)
 

Security Report Summary

  (Mar 27)
 

Security Report Summary

  (Mar 27)
 

Security Report Summary

  (Mar 27)
 

Security Report Summary

  (Mar 27)
 

Security Report Summary

  (Mar 24)
 

Security Report Summary

  (Mar 23)
 

Security Report Summary

  (Mar 23)
 

Security Report Summary

 
  (Mar 27)
 

A vulnerability in Xen's bundled QEMU version might allow privilege escalation.

  (Mar 27)
 

A vulnerability in Deluge might allow remote attackers to execute arbitrary code.

  (Mar 27)
 

A vulnerability in Libtasn1 allows remote attackers to cause a Denial of Service condition.

  (Mar 27)
 

A coding error has been found in cURL, causing the TLS Certificate Status Request extension check to always return true.

 
  (Mar 31)
 

An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact [More...]

  (Mar 29)
 

An update for curl is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which [More...]

  (Mar 23)
 

An update for openjpeg is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which [More...]

 
  (Mar 29)
 

New mariadb packages are available for Slackware 14.2 and -current to fix security issues. [More Info...]

  (Mar 24)
 

New mcabber packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. [More Info...]

  (Mar 24)
 

New samba packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. [More Info...]