Multiple security updates have been released for various Linux distributions, including AlmaLinux, Debian GNU/Linux, Fedora Linux, Oracle Linux, Red Hat Enterprise Linux, Rocky Linux, Slackware Linux, and SUSE Linux. These updates address vulnerabilities in packages such as Node.js, Mozilla Thunderbird, Firefox, FreeRDP, Keylime, kernel, and others, with some updates rated as having Critical or Important security impacts. The distributions have released patches to fix issues including remote code execution, memory corruption, use-after-free bugs, path traversal, denial of service, buffer underflow vulnerabilities, and more.
Antivirus Live CD 51.0‑1.5.1 is a fork of 4MLinux that bundles ClamAV 1.5.1 for on‑the‑fly virus scanning. It boots a tiny Linux environment, auto‑mounts every detected partition and supports Ethernet, Wi‑Fi, PPP and PPPoE so it can pull fresh signature updates immediately. All partitions are scanned with clamscan, and the ISO works smoothly with UNetbootin for creating a bootable USB stick. For rescue jobs on machines that won’t start Windows, this lightweight live CD is a handy, no‑install alternative to a full‑blown recovery distro.
Multiple security updates have been released last week for various Linux distributions, including AlmaLinux, Debian GNU/Linux, Fedora Linux, Oracle Linux, Red Hat Enterprise Linux (RHEL), Rocky Linux, Slackware Linux, and Ubuntu Linux. These updates address vulnerabilities in packages such as kernel, iperf3, PHP, OpenJDK, OpenSSL, Python, NodeJS, PostgreSQL, and others, fixing issues like denial of service, heap buffer overflows, and information disclosure.
The latest OWASP CRS 4.23.0 release includes new detection rules, false-positive clean-ups, and housekeeping efforts that most users won't notice. The new rules include protection against Vite.js path traversal attacks, fake Mozilla user-agent blocks, and "trap" command block exploitation attempts, as well as PHP session file upload prevention. Additionally, the release fixes several common false-positives, such as ad and tracker cookie noise and malformed SSRF URLs. Overall, the update is considered a low-risk upgrade for users already on recent CRS versions and a recommended upgrade for those on older releases.
Several major Linux distributions have released security updates in recent weeks to address various vulnerabilities. These updates include fixes for issues such as resource exhaustion, denial of service, information disclosure, and arbitrary code execution across multiple packages on AlmaLinux, Debian GNU/Linux, Fedora Linux, Gentoo Linux, Oracle Linux, Red Hat Enterprise Linux, Rocky Linux, Slackware Linux, SUSE Linux, and Ubuntu Linux. The updates aim to improve the overall security posture of these systems by addressing vulnerabilities in packages such as Java, Go Toolset, GIMP, Python, PHP, kernel, OpenSSL, curl, and more. Users are advised to apply these patches promptly to ensure their systems remain safe and stable.
IPFire 2.29 - Core Update 200 is now available for testing, featuring a rebase onto Linux kernel 6.18 LTS with improvements in security defenses, performance, and system stability. This update also introduces the new IPFire Domain Blocklist (DBL) system, which aims to block unwanted web traffic by identifying domains that may be malicious. Other changes include updates to the built-in Intrusion Prevention System, reporter utility, OpenVPN configuration system, and various package upgrades for improved security and features. The update includes many minor add-ons and bundles several newer versions of software packages to keep the platform current and reliable.
Several Linux distributions have received security updates over the past week, including AlmaLinux, Debian GNU/Linux, Oracle Linux, Red Hat Enterprise Linux, Rocky Linux, Slackware Linux, SUSE Linux, and Ubuntu Linux, which have released security updates to address various vulnerabilities across their packages. The updates fix critical problems in kernel components, PostgreSQL, libsoup, buildah, podman, and other packages, as well as moderate-level issues in PostgreSQL 15 and 16. The affected distributions include different versions of each distribution, with some requiring immediate attention due to the severity of the vulnerabilities. The security updates aim to protect users from potential denial-of-service attacks, arbitrary code execution, and unauthorized access to sensitive data by patching vulnerabilities in various packages.
Several Linux distributions have received security updates over the past week, addressing vulnerabilities in various packages such as MariaDB, SSSD, GnuPG2, libidn2, and FFmpeg. The affected distributions include AlmaLinux, Debian GNU/Linux, Fedora Linux, Oracle Linux, Red Hat Enterprise Linux, Rocky Linux, Slackware Linux, SUSE Linux, and Ubuntu Linux. These updates aim to improve the security of the operating systems by addressing various vulnerabilities that could result in denial of service or arbitrary code execution. These security updates have impacted multiple versions of these distributions, including AlmaLinux 8, 9, and 10 and Oracle Linux 7, 8, and 9.
Various Linux distributions released security updates last week to address vulnerabilities in their packages. The roundup covers multiple versions of AlmaLinux, Debian GNU/Linux, Fedora Linux, Oracle Linux, Red Hat Enterprise Linux, Rocky Linux, Slackware Linux, SUSE Linux, and Ubuntu Linux. These updates resolve issues such as memory out-of-bounds reads, arbitrary code execution, cross-site scripting (XSS) attacks, remote code execution, denial-of-service, and other security vulnerabilities in packages like GNU tar, Ruby, Kernel, Mozilla Thunderbird, GIMP, Adminer, curl, ImageMagick, Chromium, and more. Users are advised to install these updates to ensure their systems remain secure and stable, with some distributions offering multiple versions of them to cover different release numbers.
IPFire 2.29 has been released with Core Update 199, which brings improvements to network stability and speed. The update supports WiFi standards, including 6E, allowing for faster wireless connections and better performance with modern hardware. Additionally, IPFire now includes native support for LLDP and CDP, making it easier to see connected devices in complex networks, as well as security and stability updates for the kernel and other core components. Other features include improved Intrusion Prevention System (IPS) handling, updated OpenVPN settings, and fixes for proxy vulnerabilities and web UI bugs.
The Open Web Application Security Project (OWASP) has released versions 4.22.0 and 3.3.8 of its Core Rule Set, which includes fixes for a serious security issue that allowed attackers to bypass security measures using different types of content. The update addresses CVE-2023-55182 and reduces false positives, allowing system admins to focus on real threats rather than harmless traffic or mistakes. Additionally, the update ensures compatibility with Rust's regex library and removes outdated code patterns and spelling variants, making maintaining the security rules easier in the long run.
Here is the first Linux security roundup of this year with updates for multiple Linux distributions, including Debian GNU/Linux, Fedora Linux, Rocky Linux, Slackware Linux, and SUSE Linux. These updates address various security vulnerabilities such as denial of service, remote code execution, crashes when processing crafted files, and buffer overflows. Specific packages receiving updates include Kodi, Python-Django, OpenJPEG2, ImageMagick, MediaWiki, golang packages, Ruby 3, gnupg2, libpcap, and others. Users are recommended to update their systems with the latest security patches to ensure protection and stability against potential threats.
Here is a roundup of this week's security updates released for AlmaLinux, Debian GNU/Linux, Fedora Linux, Oracle Linux, Red Hat Enterprise Linux, Rocky Linux, Slackware Linux, and SUSE Linux. The updates include patches for vulnerable packages such as binutils, curl, Chromium, PHP, PostgreSQL, and more, aiming to enhance the overall security of the systems by patching known issues. Red Hat has also issued updates to address vulnerabilities in the kernel, Git-LFS, webkit2gtk3, mod_md, and Grafana, while SUSE Linux received patches for duc, python311-tornado6, Mozilla Firefox, taglib, and MariaDB, among others.
This week's roundup includes security updates from various Linux distributions to address vulnerabilities and ensure system security and stability. The updates cover multiple packages across different distributions, including AlmaLinux, Debian GNU/Linux, Fedora Linux, Oracle Linux, Red Hat Enterprise Linux, Slackware Linux, SUSE Linux, and Ubuntu Linux. Specific issues addressed in the updates include identity takeover via duplicate UUID registration, denial of service, memory corruption, and arbitrary code execution in affected packages. The security patches aim to protect users from potential threats and ensure the smooth functioning of various applications on their respective operating systems.
OpenSnitch 1.8.0 has been released, bringing significant changes, including a GUI overhaul built on PyQt6 instead of PyQt5. This update reflects the shift away from PyQt5 by many GNU/Linux distributions and aims to keep OpenSnitch modern going forward, although it may no longer be compatible with older distros like Linux Mint 21.2 or Ubuntu 22.04. The new version includes several substantial enhancements, such as streamlined firewall rule management, improved backend upgrades, and task automation features.
Several Linux distributions have received security updates over the past week to address various vulnerabilities in their packages. These updates aim to protect users from potential threats by fixing identified issues such as information disclosure, denial-of-service attacks, and arbitrary code execution. The affected distributions include AlmaLinux, Debian GNU/Linux, Fedora Linux, Oracle Linux, Red Hat Enterprise Linux, Rocky Linux, Slackware Linux, SUSE Linux, and Ubuntu Linux.
Several major Linux distributions have released security updates over the past week to fix various vulnerabilities across their packages. The affected distributions include AlmaLinux, Debian GNU/Linux, Fedora Linux, Oracle Linux, Red Hat Enterprise Linux, Rocky Linux, Slackware Linux, SUSE Linux, and Ubuntu Linux, with multiple packages receiving patches to address issues such as remote code execution, denial of service, and information disclosure. These updates aim to protect users from potential threats by addressing known vulnerabilities in the affected software, with some updates also including bug fixes and enhancements to packages and images.
The Open Web Application Security Project (OWASP) has released version 4.21.0 of its Core Rule Set (CRS), a widely used WAF rule set for ModSecurity that focuses on security enhancements and operational fixes. This update includes improved IPv6 scanning capabilities, such as XML scan and SSH scheme detection, making it more effective internationally. The CRS also gets some internal housekeeping with added unit tests to prevent overzealous triggering, fixed logic errors, and patched evasion tactics. For .NET site users, the updated documentation now includes guidance on disabling the Expect header, a crucial but easily overlooked step.
Several Linux distributions have released security updates in the last week to address various vulnerabilities in their packages. The affected distributions include AlmaLinux, Debian GNU/Linux, Fedora Linux, Gentoo Linux, Oracle Linux, Red Hat Enterprise Linux, Rocky Linux, Slackware Linux, SUSE Linux, and Ubuntu Linux. These updates patch vulnerabilities in key applications such as Podman, Firefox, Bind, Kernel, Erlang, Rails, and other essential components to improve the overall security and stability of each distribution.
IPFire 2.29 - Core Update 199 is now available for testing, bringing significant enhancements to the platform's networking capabilities, including support for WiFi 7 and automatic setup for newer wireless capabilities. The update also includes native LLDP/CDP integration, allowing users to better understand their network layout, as well as security patches and stability fixes based on Linux 6.12.58. Other notable improvements include a refreshed Intrusion Prevention System using Suricata version 8.0.2, updated OpenVPN features, and improved system boot management with draceng.
