User: Password:
|
|
Subscribe / Log in / New account

LWN Security Resources

LWN.net offers several security-related resources, including the security alert database, the vulnerability database, and the weekly edition security page.

The article index

See the LWN Security Article index for access to all LWN security articles, organized by topic.

Recent security alerts

DistributionIDPackageDate
openSUSE openSUSE-SU-2016:2223-1 karchive2016-09-02
Debian-LTS DLA-608-1 mailman2016-09-02
Arch Linux ASA-201609-2 webkit2gtk 2016-09-01
Debian-LTS DLA-560-2 cacti2016-09-01
Red Hat RHSA-2016:1797-01 ipa2016-09-01

View the full security alert database.

Recent vulnerabilities

The following vulnerabilities have recently seen updates or alerts.

IDUpdatePackage(s) Description
699177 September 2, 2016 libksba libksba: denial of service
699175 September 2, 2016 canl-c canl-c: proxy manipulation
699163 September 2, 2016 mailman mailman: password disclosure
699161 September 2, 2016 chromium chromium: multiple vulnerabilities
698986 September 1, 2016 mozilla-thunderbird mozilla-thunderbird: unspecified vulnerabilities

View the full vulnerability database.

Recent LWN.net security pages

Here are the most recent LWN.net security pages, with a comprehensive roundup of a week's worth security-related information.

DateContents
Aug 31, 2016 State of the Kernel Self Protection Project; New vulnerabilities in freeipa, mediawiki, phpmyadmin, webkitgtk4, ...
Aug 24, 2016 A different sort of "Fake Linus Torvalds"; New vulnerabilities in firewalld, glibc, gnupg, kernel, ...
Aug 17, 2016 Resisting the centralization of network infrastructure; New vulnerabilities in imagemagick, kernel, postgresql, squid, ...
Aug 10, 2016 The TCP "challenge ACK" side channel; New vulnerabilities in chromium, firefox, libreoffice, openssh, ...
Aug 03, 2016 Felony PGP; New vulnerabilities in dropbear, mozilla, tiff, wireshark, ...
Jul 27, 2016 One-time passwords and GnuPG with Nitrokey; New vulnerabilities in chromium, java (unspecified), mysql (unspecified), php, ...
Jul 20, 2016 Typosquatting in package repositories; New vulnerabilities in ecryptfs_utils, httpd, java, libarchive, ...
Jul 13, 2016 Python's os.urandom() in the absence of entropy; New vulnerabilities in gnutls, httpd, mysql, samba, ...
Jul 07, 2016 Two approaches to reference count hardening; New vulnerabilities in imagemagick, kernel, libarchive, wordpress, ...
Jun 29, 2016 HTML Subresource Integrity; New vulnerabilities in kernel, libdwarf, libpurple, qemu, ...
Jun 22, 2016 Encrypted file transfer with Magic Wormhole; New vulnerabilities in chromium, expat, imagemagick, kernel, ...
Jun 15, 2016 OMEMO; New vulnerabilities in kernel, libav, php5, wireshark, ...
Jun 08, 2016 CII best-practices badge; New vulnerabilities in chromium, mozilla, ntp, sudo, ...
Jun 02, 2016 Tor Browser 6; New vulnerabilities in chromium, imagemagick, libxml2, mozilla, ...
May 25, 2016 New browser-fingerprinting techniques; New vulnerabilities in dhcpcd, kernel, moodle, php, ...
May 18, 2016 The perils of federated protocols; New vulnerabilities in chromium, docker, kernel, wpa, ...
May 11, 2016 Safename: restricting "dangerous" file names; New vulnerabilities in glibc, imagemagick, kernel, qemu, ...
May 04, 2016 Replacing /dev/urandom; New vulnerabilities in kernel, mercurial, ntp, openssl, ...
Apr 27, 2016 Fuzzing filesystems with AFL; New vulnerabilities in ansible, golang, java, mozilla, ...
Apr 20, 2016 SMTP Strict Transport Security; New vulnerabilities in chromium, kernel, openssh, poppler, ...

Copyright © 2016, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds