Sponsored link
Serve your customers, not your servers, with VERIO Linux VPS. Full-access test-drive here.
| Weekly edition | Kernel | Security | Distributions | Search |
| Archives | Calendar | Subscribe | Write for LWN | LWN.net FAQ |
LWN Security Resources
LWN.net offers several security-related resources, including the
security alert database, the
vulnerability database, and the weekly
edition security page.
The article index
See the LWN Security Article index for access to all LWN security articles, organized by topic.Recent security alerts
| Distribution | ID | Package | Date |
|---|---|---|---|
| Debian | DSA-1574-1 | icedove | 2008-05-12 |
| Gentoo | 200805-09 | moinmoin | 2008-05-11 |
| Gentoo | 200805-10 | pngcrush | 2008-05-11 |
| Debian | DSA-1573-1 | rdesktop | 2008-05-11 |
| Debian | DSA-1572-1 | php5 | 2008-05-11 |
View the full security alert database.
Recent vulnerabilities
The following vulnerabilities have recently seen updates or alerts.
| ID | Update | Package(s) | Description |
|---|---|---|---|
| 279755 | May 12, 2008 | perl | perl: heap buffer overflow |
| 278008 | May 12, 2008 | libpng | libpng: denial of service |
| 281836 | May 12, 2008 | moinmoin | moinmoin: privilege escalation |
| 268392 | May 12, 2008 | tk | tk: buffer overflow |
| 281835 | May 12, 2008 | bugzilla | bugzilla: multiple vulnerabilities |
View the full vulnerability database.
Recent LWN.net security pages
Here are the most recent LWN.net security pages, with a comprehensive roundup of a week's worth security-related information.
| Date | Contents |
|---|---|
| May 07, 2008 | Cryptographic splicing makes for a Wordpress vulnerability; New vulnerabilities in b2evolution, emacs, kernel (several), and wordpress |
| Apr 30, 2008 | The Tahoe secure filesystem; New vulnerabilities in asterisk, kdelibs, ldm, wordpress,... |
| Apr 23, 2008 | Image handling vulnerabilities; New vulnerabilities in clamav, cups, firefox, openoffice.org,... |
| Apr 16, 2008 | GCC and pointer overflows; New vulnerabilities in libpng, python, rsync, squid, ... |
| Apr 09, 2008 | Backscatter increase clogs inboxes; New vulnerabilities in alsaplayer, flash-plugin, pdns-recursor, PolicyKit,... |
| Apr 02, 2008 | Biometrics for identification; New vulnerabilities in capp-lspp-config, cups, gnome-screensaver, xine-lib |
| Mar 26, 2008 | Voting machine integrity through transparency; New vulnerabilities in firefox, openssh, xine-lib, xwine,... |
| Mar 19, 2008 | Breaking CAPTCHA; New vulnerabilities in cups, krb5, smarty, unzip,... |
| Mar 12, 2008 | Extended Validation certificates and cross-site scripting; New vulnerabilities in java, joomla, lighttpd, phpMyAdmin,... |
| Mar 05, 2008 | Authentication bypass in routers; New vulnerabilities in dbus, evolution, kernel, thunderbird,... |
| Feb 27, 2008 | Cascading security updates; New vulnerabilities in acroread, clamav, qemu, wordpress,... |
| Feb 20, 2008 | The dangers of weak random numbers; New vulnerabilities in acroread, clamav, libimager-perl, pcre, ... |
| Feb 13, 2008 | Eee PC security or lack thereof; New vulnerabilities in clamav, firefox, java, kernel, ... |
| Feb 06, 2008 | Security hardening for Debian; New vulnerabilities in gnatsweb, kernel, pcre, xdg-utils, ... |
| Jan 30, 2008 | Finding bugs lurking in the DOM; New vulnerabilities in icu, kernel, mysql, pulseaudio, ... |
| Jan 23, 2008 | Web security vulnerabilities and Javascript; New vulnerabilities in flac, mantis, xine-lib, Xorg, ... |
| Jan 16, 2008 | A kernel security hole; New vulnerabilities in apache, fail2ban, kernel, xfce4, ... |
| Jan 09, 2008 | Hiding open ports with shimmer; New vulnerabilities in mantis, opera, PostgreSQL, wordpress, ... |
| Jan 02, 2008 | The future of unencrypted web traffic; New vulnerabilities in clamav, gallery2, kernel, wireshark, ... |
| Dec 19, 2007 | The backdooring of SquirrelMail; New vulnerabilities in clamav, cups, mysql, squid, ... |