IPFire Core Update 201 has been released for testing, allowing users to verify its new DNS-firewall feature works correctly without disrupting their network. To ensure this works as expected, you should update your system and reboot it afterwards so all services restart with the latest settings. When testing the DNS firewall, use tools like nslookup in a terminal on a client machine to confirm that malicious domains are being blocked; any other result indicates a problem that needs to be addressed. If issues persist after troubleshooting, it's likely due to a stale cache or rogue proxy setting on the client that needs to be flushed and corrected.
The newest CRS release tightens rule accuracy by stopping user‑agent string matches, which stops the annoying “bad agent” alerts that used to trip up legitimate visitors. It also cuts cookie inspection redundancy, speeding request handling and reducing duplicate logs. The fresh AI coding assistant protection rule blocks suspicious snippets generated by modern code‑generation tools before they reach the app, keeping development pipelines tidy. Finally, the refactoring into regex‑assembly streamlines future rule updates for admins who tweak or expand the core set themselves.
Multiple Linux distributions, including AlmaLinux, Debian GNU/Linux, Fedora Linux, Oracle Linux, Red Hat Enterprise Linux, Rocky Linux, and Ubuntu Linux, have released security updates to address vulnerabilities in various packages. The updates include fixes for issues such as denial-of-service, memory disclosure, and information leakage, which could affect the stability and security of Linux systems. Different versions of each distribution have been updated with patches for CVEs ranging from moderate to important levels of severity. Users are advised to run the appropriate command, such as "sudo apt update" or "sudo dnf upgrade -y," to apply the updates and ensure their systems remain secure.
IPFire Core Update 200 brings the long-term-supported Linux kernel 6.18 LTS, along with dozens of package upgrades, performance tweaks, and hardened security fixes to keep network traffic running smoothly. A major highlight of this update is the preview of the new Domain Blocklist (DBL), a DNS firewall that blocks advertising domains, malware command-and-control sites, and adult content before they hit a browser. The update also includes improvements to Suricata for deep packet inspection, OpenVPN changes such as MTU and OTP token handling, and wireless access point tweaks to support older Wi-Fi hardware. If you're still using ReiserFS, the update will refuse to install, but users can easily migrate to ext4 or XFS and then apply the patch.
Several Linux distributions have released security updates to address vulnerabilities in various packages, including OpenSSL and kernel patches for AlmaLinux, Debian GNU/Linux, Fedora Linux, Oracle Linux, Red Hat Enterprise Linux, Rocky Linux, Slackware Linux, SUSE Linux, and Ubuntu Linux. The updates include fixes for common issues such as denial-of-service attacks, code execution, and SQL injection, and aim to improve the security of the operating system by addressing potential risks and vulnerabilities. Specific updates have been released for packages like FreeRDP, Grafana-PCP, kernel, munge, libpng15, glib2.0, and OpenSSL, among others. The security teams behind each Linux distribution have worked to address multiple vulnerabilities and bugs in various software components to ensure the stability and security of their operating systems.
The latest OWASP Core Rule Set (CRS) version 4.24.0 includes several practical tweaks to help admins reduce noisy alerts and focus on genuine threats. A new detection rule flags php tags embedded in Smarty templates, a common cause of false positives. Additionally, the update fixes a bug affecting SQL special character detection with non-ASCII input and improves performance by re-engineering leakage rules into a newer regex format. The changes also include various tweaks to reduce false positives and improve handling of international characters and JSON payloads.
Several major Linux distributions, including AlmaLinux, Debian, Fedora, Oracle Linux, Red Hat Enterprise Linux, Rocky Linux, Slackware, and Ubuntu, have released security updates to address various vulnerabilities. These updates include fixes for Go, Golang, Node.js, Python-Django, Wireshark, LibPNG, GnuTLS, Roundcube, Ceph, Nova, ca-certificates, Chromium, Pillow, GEGL, and other packages, resolving issues such as denial-of-service attacks, crashes, infinite loops, HTML sanitization problems, buffer overflows, code execution vulnerabilities, and potential exploitation of vulnerabilities. The updates are available for various versions of each distribution, including kernel updates, to ensure users' systems remain secure and up-to-date. Users should install these updates as soon as possible to prevent their systems from being compromised by attackers exploiting the identified vulnerabilities.
Multiple security updates have been released for various Linux distributions, including AlmaLinux, Debian GNU/Linux, Fedora Linux, Oracle Linux, Red Hat Enterprise Linux, Rocky Linux, Slackware Linux, and SUSE Linux. These updates address vulnerabilities in packages such as Node.js, Mozilla Thunderbird, Firefox, FreeRDP, Keylime, kernel, and others, with some updates rated as having Critical or Important security impacts. The distributions have released patches to fix issues including remote code execution, memory corruption, use-after-free bugs, path traversal, denial of service, buffer underflow vulnerabilities, and more.
Antivirus Live CD 51.0‑1.5.1 is a fork of 4MLinux that bundles ClamAV 1.5.1 for on‑the‑fly virus scanning. It boots a tiny Linux environment, auto‑mounts every detected partition and supports Ethernet, Wi‑Fi, PPP and PPPoE so it can pull fresh signature updates immediately. All partitions are scanned with clamscan, and the ISO works smoothly with UNetbootin for creating a bootable USB stick. For rescue jobs on machines that won’t start Windows, this lightweight live CD is a handy, no‑install alternative to a full‑blown recovery distro.
Multiple security updates have been released last week for various Linux distributions, including AlmaLinux, Debian GNU/Linux, Fedora Linux, Oracle Linux, Red Hat Enterprise Linux (RHEL), Rocky Linux, Slackware Linux, and Ubuntu Linux. These updates address vulnerabilities in packages such as kernel, iperf3, PHP, OpenJDK, OpenSSL, Python, NodeJS, PostgreSQL, and others, fixing issues like denial of service, heap buffer overflows, and information disclosure.
The latest OWASP CRS 4.23.0 release includes new detection rules, false-positive clean-ups, and housekeeping efforts that most users won't notice. The new rules include protection against Vite.js path traversal attacks, fake Mozilla user-agent blocks, and "trap" command block exploitation attempts, as well as PHP session file upload prevention. Additionally, the release fixes several common false-positives, such as ad and tracker cookie noise and malformed SSRF URLs. Overall, the update is considered a low-risk upgrade for users already on recent CRS versions and a recommended upgrade for those on older releases.
Several major Linux distributions have released security updates in recent weeks to address various vulnerabilities. These updates include fixes for issues such as resource exhaustion, denial of service, information disclosure, and arbitrary code execution across multiple packages on AlmaLinux, Debian GNU/Linux, Fedora Linux, Gentoo Linux, Oracle Linux, Red Hat Enterprise Linux, Rocky Linux, Slackware Linux, SUSE Linux, and Ubuntu Linux. The updates aim to improve the overall security posture of these systems by addressing vulnerabilities in packages such as Java, Go Toolset, GIMP, Python, PHP, kernel, OpenSSL, curl, and more. Users are advised to apply these patches promptly to ensure their systems remain safe and stable.
IPFire 2.29 - Core Update 200 is now available for testing, featuring a rebase onto Linux kernel 6.18 LTS with improvements in security defenses, performance, and system stability. This update also introduces the new IPFire Domain Blocklist (DBL) system, which aims to block unwanted web traffic by identifying domains that may be malicious. Other changes include updates to the built-in Intrusion Prevention System, reporter utility, OpenVPN configuration system, and various package upgrades for improved security and features. The update includes many minor add-ons and bundles several newer versions of software packages to keep the platform current and reliable.
Several Linux distributions have received security updates over the past week, including AlmaLinux, Debian GNU/Linux, Oracle Linux, Red Hat Enterprise Linux, Rocky Linux, Slackware Linux, SUSE Linux, and Ubuntu Linux, which have released security updates to address various vulnerabilities across their packages. The updates fix critical problems in kernel components, PostgreSQL, libsoup, buildah, podman, and other packages, as well as moderate-level issues in PostgreSQL 15 and 16. The affected distributions include different versions of each distribution, with some requiring immediate attention due to the severity of the vulnerabilities. The security updates aim to protect users from potential denial-of-service attacks, arbitrary code execution, and unauthorized access to sensitive data by patching vulnerabilities in various packages.
Several Linux distributions have received security updates over the past week, addressing vulnerabilities in various packages such as MariaDB, SSSD, GnuPG2, libidn2, and FFmpeg. The affected distributions include AlmaLinux, Debian GNU/Linux, Fedora Linux, Oracle Linux, Red Hat Enterprise Linux, Rocky Linux, Slackware Linux, SUSE Linux, and Ubuntu Linux. These updates aim to improve the security of the operating systems by addressing various vulnerabilities that could result in denial of service or arbitrary code execution. These security updates have impacted multiple versions of these distributions, including AlmaLinux 8, 9, and 10 and Oracle Linux 7, 8, and 9.
Various Linux distributions released security updates last week to address vulnerabilities in their packages. The roundup covers multiple versions of AlmaLinux, Debian GNU/Linux, Fedora Linux, Oracle Linux, Red Hat Enterprise Linux, Rocky Linux, Slackware Linux, SUSE Linux, and Ubuntu Linux. These updates resolve issues such as memory out-of-bounds reads, arbitrary code execution, cross-site scripting (XSS) attacks, remote code execution, denial-of-service, and other security vulnerabilities in packages like GNU tar, Ruby, Kernel, Mozilla Thunderbird, GIMP, Adminer, curl, ImageMagick, Chromium, and more. Users are advised to install these updates to ensure their systems remain secure and stable, with some distributions offering multiple versions of them to cover different release numbers.
IPFire 2.29 has been released with Core Update 199, which brings improvements to network stability and speed. The update supports WiFi standards, including 6E, allowing for faster wireless connections and better performance with modern hardware. Additionally, IPFire now includes native support for LLDP and CDP, making it easier to see connected devices in complex networks, as well as security and stability updates for the kernel and other core components. Other features include improved Intrusion Prevention System (IPS) handling, updated OpenVPN settings, and fixes for proxy vulnerabilities and web UI bugs.
The Open Web Application Security Project (OWASP) has released versions 4.22.0 and 3.3.8 of its Core Rule Set, which includes fixes for a serious security issue that allowed attackers to bypass security measures using different types of content. The update addresses CVE-2023-55182 and reduces false positives, allowing system admins to focus on real threats rather than harmless traffic or mistakes. Additionally, the update ensures compatibility with Rust's regex library and removes outdated code patterns and spelling variants, making maintaining the security rules easier in the long run.
Here is the first Linux security roundup of this year with updates for multiple Linux distributions, including Debian GNU/Linux, Fedora Linux, Rocky Linux, Slackware Linux, and SUSE Linux. These updates address various security vulnerabilities such as denial of service, remote code execution, crashes when processing crafted files, and buffer overflows. Specific packages receiving updates include Kodi, Python-Django, OpenJPEG2, ImageMagick, MediaWiki, golang packages, Ruby 3, gnupg2, libpcap, and others. Users are recommended to update their systems with the latest security patches to ensure protection and stability against potential threats.
Here is a roundup of this week's security updates released for AlmaLinux, Debian GNU/Linux, Fedora Linux, Oracle Linux, Red Hat Enterprise Linux, Rocky Linux, Slackware Linux, and SUSE Linux. The updates include patches for vulnerable packages such as binutils, curl, Chromium, PHP, PostgreSQL, and more, aiming to enhance the overall security of the systems by patching known issues. Red Hat has also issued updates to address vulnerabilities in the kernel, Git-LFS, webkit2gtk3, mod_md, and Grafana, while SUSE Linux received patches for duc, python311-tornado6, Mozilla Firefox, taglib, and MariaDB, among others.
