Here is a roundup of last week's security updates for various packages, including PostgreSQL, Python, HTTPD, OpenVPN, Libcommons-Lang-Java, and others. The distributions include AlmaLinux, Debian GNU/Linux, Fedora Linux, Oracle Linux, Red Hat Enterprise Linux, SUSE Linux, and Ubuntu Linux. The updates address various issues, such as memory leaks, out-of-bounds reads, low-severity CVEs, denial-of-service, or arbitrary code execution issues, to ensure the security and stability of the operating system.
The OWASP Community Repository (CRS) has released version 4.18.0, featuring enhanced security features and threat detection capabilities. The update includes new rules to detect malicious attacks on web applications protected by ModSecurity or similar firewalls, such as SSH command detection and support for 'application/reports+json' content-type headers. Additionally, fixes have been implemented to remove unnecessary patterns, prevent false positives, and improve overall system accuracy.
Here is a roundup of last week's security updates for various packages, including kernel, Firefox, Thunderbird, and PostgreSQL. These updates aim to fix issues such as memory leaks, denial-of-service attacks, arbitrary code execution, and use-after-free flaws to ensure system stability and prevent potential security risks. The distributions include AlmaLinux, Debian GNU/Linux, Fedora Linux, Oracle Linux, Red Hat Enterprise Linux, Slackware Linux, SUSE Linux, and Ubuntu Linux.
Here is a roundup of last week's Linux security updates for AlmaLinux, Debian GNU/Linux, Fedora Linux, Oracle Linux, Red Hat Enterprise Linux, Slackware Linux, SUSE Linux, and Ubuntu Linux.
Here is a roundup of last week's Linux security updates for AlmaLinux, Debian GNU/Linux, Fedora Linux, Oracle Linux, Qubes OS, Red Hat Enterprise Linux, SUSE Linux, and Ubuntu Linux.
IPFire 2.29 - Core Update 197 is now available for testing, featuring a comprehensive update of OpenVPN, which has been upgraded to version 2.6. This update brings enhanced security, increased client compatibility, and a refined codebase. The update encompasses package enhancements aimed at bolstering system security and reliability. Significant updates encompass a consolidated client configuration export, cipher negotiation between the server and client, and the assignment of a unique IP address for each client. The web UI has been refined to enhance the configuration experience, and the code has been optimized for improved maintainability.
IPFire now sets its CPUs to default clock speeds to minimize power consumption and heat emission. Additional features encompass the capability to import configuration files utilizing Windows line breaks, the SSL fingerprint list sourced from abuse.ch, backup functionalities, a race condition, and a translation in Chinese. The IPFire kernel has been updated to Linux 6.12.41, incorporating new mitigations for Transient Scheduler Attacks. We invite contributions to support the development team and assist IPFire in its ongoing efforts to enhance security and functionality.
Here is a roundup of last week's Linux security updates for AlmaLinux, Debian GNU/Linux, Fedora Linux, Gentoo Linux, Oracle Linux, Red Hat Enterprise Linux, SUSE Linux, and Ubuntu Linux.
A new version of OWASP CRS has been released, featuring a set of rules designed for detecting attacks through ModSecurity or comparable web application firewalls. This update includes notable changes, such as the removal of detection for LaTeX injection and the elimination of dot star.
Here is a roundup of last week's Linux security updates for AlmaLinux, Debian GNU/Linux, Fedora Linux, Oracle Linux, Red Hat Enterprise Linux, Rocky Linux, SUSE Linux, and Ubuntu Linux.
OWASP CRS 4.17.0, a collection of general rules for spotting attacks that work with ModSecurity or similar web application firewalls, has been released and features important updates, such as the removal of PCI DSS tags and the introduction of new features and detection methods. These include detection for ASP.NET errors, RCE via the Referer header, LaTeX injection, and Ruby errors. Other changes include fixing dot stars, using word boundaries, updating java-classes.data, and updating file uris.
Here is a roundup of last week's Linux security updates for AlmaLinux, Debian GNU/Linux, Fedora Linux, Gentoo Linux, Oracle Linux, Red Hat Enterprise Linux, Slackware Linux, SUSE Linux, and Ubuntu Linux.
IPFire 2.29 - Core Update 196 is now available, following the introduction of WireGuard. The update includes improvements to the IPFire kernel, updated toolchain, a modernised console, and bug and security fixes. The kernel has been rebased to Linux 6.12.34, bringing improved hardware support, performance, and security enhancements. GCC, IPFire's main compiler suite, has been updated to version 15. WireGuard connections are now displayed on the dashboard of the web user interface, making it easier to monitor VPN connections. Performance improvements from Linux 6.13 have been backported to IPFire's kernel, increasing TCP throughput over WireGuard tunnels. Researchers from Italy have also removed bottlenecks in the kernel that have limited throughput over multiple WireGuard tunnels. The text console has been modernized by migrating it to use the Linux Direct Rendering Manager (DRM), providing faster mode-setting, improved performance, and better support for multi-GPU and embedded graphics environments.
Here is a roundup of last week's Linux security updates for AlmaLinux, Debian GNU/Linux, Fedora Linux, Oracle Linux, Red Hat Enterprise Linux, Slackware Linux, SUSE Linux, and Ubuntu Linux.
Here is a roundup of last week's Linux security updates for AlmaLinux, Debian GNU/Linux, Fedora Linux, Gentoo Linux, Oracle Linux, Cubes OS, Red Hat Enterprise Linux, Slackware Linux, SUSE Linux, and Ubuntu Linux.
Here is a roundup of last week's Linux security updates for AlmaLinux, Debian GNU/Linux, Fedora Linux, Gentoo Linux, Oracle Linux, Red Hat Enterprise Linux, Slackware Linux, SUSE Linux, and Ubuntu Linux.
IPFire 2.29 - Core Update 196 is now available for testing, subsequent to the release of WireGuard. The update encompasses additional improvements to WireGuard, high-resolution consoles, and package updates, as well as bug and security fixes. The kernel has been updated to Linux 6.12.34, introducing enhanced hardware support, improved performance, and security upgrades. The main compiler suite of IPFire, GCC, has been upgraded to version 15. The dashboard of the web user interface now features WireGuard connections, enhancing the ability to monitor VPN connections effectively.
The kernel of IPFire has been enhanced with performance improvements from Linux 6.13, resulting in increased TCP throughput over WireGuard tunnels. Italian researchers have successfully addressed bottlenecks in the kernel that have constrained throughput across multiple WireGuard tunnels. The text console has undergone modernization through the implementation of the Linux Direct Rendering Manager (DRM), resulting in enhanced mode-setting speed, improved performance, and superior support for multi-GPU and embedded graphics environments. The update encompasses patches for firewall hosts, groups, and services, as well as IPsec, OpenVPN, and libloc. The safety barrier in the IP Blocklist feature has been eliminated, and a bug related to an edge case in libloc has been resolved. The Pakfire web UI page has been enhanced.
OWASP CRS v4.16.0, a set of generic attack detection rules for use with ModSecurity or compatible web application firewalls, has been released, introducing new features and detections. The update encompasses remediation for Python SSTI, enhancements to rule sets, detection of generic configuration filenames, updates to java-errors.data, rule detection for Bash Brace Expansion, MongoDB operators, zmodload, and sudo-rs. Other changes include removing dot stars, moving printf to 933160 for better PHP syntax checking, creating a stricter sibling, and switching to regex assembly.
Here is a roundup of last week's Linux security updates for AlmaLinux, Debian GNU/Linux, Fedora Linux, Oracle Linux, Red Hat Enterprise Linux, Rocky Linux, Slackware Linux, SUSE Linux, and Ubuntu Linux.
IPFire 2.29 - Core Update 195 has been released and features the integration of native support for WireGuard, a contemporary VPN protocol crafted for efficiency and ease of use. The update features a comprehensive interface designed for the configuration and management of WireGuard tunnels via the web user interface. WireGuard serves as a versatile solution for both net-to-net and host-to-net VPN connections, offering a streamlined alternative to IPsec and OpenVPN. IPFire's implementation features comprehensive integration within the firewall GUI, support for multiple peers, a QR code display for mobile client configuration, a connection importer for interoperability with other vendors and VPN providers, and complete support for the Intrusion Prevention System and Connection Tracking. The system automatically updates its SMART database with information regarding hard drives.
Here is a roundup of last week's Linux security updates for AlmaLinux, Debian GNU/Linux, Fedora Linux, Gentoo Linux, Oracle Linux, Red Hat Enterprise Linux, Slackware Linux, SUSE Linux, and Ubuntu Linux.
