Debianhelp.co.uk
Debian Security   [more] [xml]
 2016-05-02 DSA-3565 botan1.10 - security update

Several security vulnerabilities were found in botan1.10, a C++ library which provides support for many common cryptographic operations, including encryption, authentication, X.509v3 certificates and CRLs.

 2016-05-02 DSA-3564 chromium-browser - security update

Several vulnerabilities have been discovered in the chromium web browser.

 2016-05-01 DSA-3563 poppler - security update

It was discovered that a heap overflow in the Poppler PDF library may result in denial of service and potentially the execution of arbitrary code if a malformed PDF file is opened.

 2016-05-01 DSA-3562 tardiff - security update

Several vulnerabilities were discovered in tardiff, a tarball comparison tool. The Common Vulnerabilities and Exposures project identifies the following problems:

 2016-04-29 DSA-3561 subversion - security update

Several vulnerabilities were discovered in Subversion, a version control system. The Common Vulnerabilities and Exposures project identifies the following problems:

 2016-04-27 DSA-3560 php5 - security update

Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development.

 2016-04-27 DSA-3559 iceweasel - security update

Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors and buffer overflows may lead to the execution of arbitrary code or denial of service.

 2016-04-26 DSA-3558 openjdk-7 - security update

Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in breakouts of the Java sandbox, denial of service or information disclosure.

 2016-04-26 DSA-3557 mysql-5.5 - security update

Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.49. Please see the MySQL 5.5 Release Notes and Oracle's Critical Patch Update advisory for further details:

 2016-04-24 DSA-3556 libgd2 - security update

Hans Jerry Illikainen discovered that libgd2, a library for programmatic graphics creation and manipulation, suffers of a signedness vulnerability which may result in a heap overflow when processing specially crafted compressed gd2 data. A remote attacker can take advantage of this flaw to cause an application using the libgd2 library to crash, or potentially, to execute arbitrary code with the privileges of the user running the application.

 2016-04-23 DSA-3555 imlib2 - security update

Several vulnerabilities were discovered in imlib2, an image manipulation library.

 2016-04-22 DSA-3553 varnish - security update

RĂ©gis Leroy from Makina Corpus discovered that varnish, a caching HTTP reverse proxy, is vulnerable to HTTP smuggling issues, potentially resulting in cache poisoning or bypassing of access control policies.

 2016-04-21 DSA-3554 xen - security update

Multiple vulnerabilities have been discovered in the Xen hypervisor. The Common Vulnerabilities and Exposures project identifies the following problems:

 2016-04-17 DSA-3552 tomcat7 - security update

Multiple security vulnerabilities have been discovered in the Tomcat servlet and JSP engine, which may result in information disclosure, the bypass of CSRF protections and bypass of the SecurityManager.

 2016-04-16 DSA-3551 fuseiso - security update

It was discovered that fuseiso, a user-space implementation of the ISO 9660 file system based on FUSE, contains several vulnerabilities.

 2016-04-15 DSA-3550 openssh - security update

Shayan Sadigh discovered a vulnerability in OpenSSH: If PAM support is enabled and the sshd PAM configuration is configured to read userspecified environment variables and the UseLogin option is enabled, a local user may escalate her privileges to root.

 2016-04-15 DSA-3549 chromium-browser - security update

Several vulnerabilities have been discovered in the chromium web browser.

 2016-04-13 DSA-3548 samba - security update

Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix. The Common Vulnerabilities and Exposures project identifies the following issues:

 2016-04-11 DSA-3547 imagemagick - security update

Several vulnerabilities were discovered in Imagemagick, a program suite for image manipulation. This update fixes a large number of potential security problems such as null-pointer access and buffer-overflows that might lead to memory leaks or denial of service. None of these security problems have a CVE number assigned.

 2016-04-07 DSA-3546 optipng - security update

Hans Jerry Illikainen discovered that missing input sanitising in the BMP processing code of the optipng PNG optimiser may result in denial of service or the execution of arbitrary code if a malformed file is processed.

 2016-04-07 DSA-3545 cgit - security update

Several vulnerabilities were discovered in cgit, a fast web frontend for git repositories written in C. A remote attacker can take advantage of these flaws to perform cross-site scripting, header injection or denial of service attacks.

 2016-04-07 DSA-3544 python-django - security update

Several vulnerabilities were discovered in Django, a high-level Python web development framework. The Common Vulnerabilities and Exposures project identifies the following problems:

 2016-04-05 DSA-3543 oar - security update

Emmanuel Thome discovered that missing sanitising in the oarsh command of OAR, a software used to manage jobs and resources of HPC clusters, could result in privilege escalation.

 2016-04-05 DSA-3542 mercurial - security update

Several vulnerabilities have been discovered in Mercurial, a distributed version control system. The Common Vulnerabilities and Exposures project identifies the following issues:

 2016-04-05 DSA-3541 roundcube - security update

High-Tech Bridge Security Research Lab discovered that Roundcube, a webmail client, contained a path traversal vulnerability. This flaw could be exploited by an attacker to access sensitive files on the server, or even execute arbitrary code.

 2016-04-03 DSA-3540 lhasa - security update

Marcin Noga discovered an integer underflow in Lhasa, a lzh archive decompressor, which might result in the execution of arbitrary code if a malformed archive is processed.

 2016-04-02 DSA-3539 srtp - security update

Randell Jesup and the Firefox team discovered that srtp, Cisco's reference implementation of the Secure Real-time Transport Protocol (SRTP), does not properly handle RTP header CSRC count and extension header length. A remote attacker can exploit this vulnerability to crash an application linked against libsrtp, resulting in a denial of service.


Debian Wiki   [more] [xml]
 2016-04-30T21:42:56Z SecureBoot
fix misspelling
 2016-04-30T20:20:44Z InstallingDebianOn/Asus/X205TA
 2016-04-30T19:52:27Z JeremiahFoster

Linuxtoday.com   [more] [xml]
 Mon, 02 May 2016 14:00:00 -0700 How to Encrypt/Decrypt and Password Protect Files in Linux

 tecmint: It's easy with Linux

 Mon, 02 May 2016 12:00:00 -0700 Ubuntu & Other Ubuntu Spins Look At Making Room To Grow

Phoronix: Ubuntu has raised the size limit for images now to 2GB for being able to accomodate the current oversized images plus still having room to grow.

 Mon, 02 May 2016 11:00:00 -0700 BlackArch Linux Now Provides over 1,400 Penetration Testing Tools, New ISO Lands

 softpedia: BlackArch 2016.04.28 adds more than 80 new tools that can be used for penetration testing and security auditing operations. As expected, many of the penetration testing tools included in the BlackArch Linux operating system


OSNews   [more] [xml]
 Mon, 02 May 2016 22:12:40 GMT Intel abandons smartphone processor market
After missing the early days of the smartphone revolution, Intel spent in excess of $10 billion over the last three years in an effort to get a foothold in mobile devices. Now, having gained little ground in phones and with the tablet market shrinking, Intel is essentially throwing in the towel. The company quietly confirmed last week that it has axed several chips from its roadmap, including all of the smartphone processors in its current plans. This isn't the first time Intel tried to go mobile. It actually had quite a successful line of mobile ARM processors: XScale. These were ARM5 processors that powered a ton of devices, and I think most of us know it from Windows PocketPC devices (and later Palm OS devices). Intel eventually sold XScale to Marvell, because the company wanted to focus on its desktop/laptop and server processors, in 2006 - right before the big mobile revolution happened. I can't help but wonder if that turned out to be a really dumb move.
 Mon, 02 May 2016 21:59:35 GMT Microsoft 'committed' to Windows 10 Mobile for 'many years'
A new email from Microsoft's Terry Myerson, Executive Vice President of the Windows and Devices Group, firmly states that the company is devoted to Windows 10 on mobile for 'many years' and that they are currently working on next generation products. Whenever you have to repeatedly come out and say you're committed to something, you're probably not committed to it.
 Mon, 02 May 2016 21:57:53 GMT Prince's special custom-font Symbol floppy disks
In 1993, Prince frustrated contract lawyers and computer users everywhere when he changed his name to glyph known as "The Love Symbol." Though he never said so explicitly, it's generally understood that the name change was attempt to stick it to his record label, Warner Bros., which now had to deal with a top-tier artist with a new, unpronounceable, untypeable name. But it wasn't just Warner Bros. that had a problem: The Love Symbol proved frustrating for people who wanted to both speak and write about Prince. Writers, editors, and layout designers at magazines and newspapers wouldn't be able to type the actual name of the Artist Formerly Known As Prince. So Prince did the only thing you could do in that situation: He had a custom-designed font distributed to news outlets on a floppy disk. Lovely story.

DistroWatch.com: News   [more] [xml]
 2016-05-02T00:06:06+00:00 DistroWatch Weekly, Issue 659
This week in DistroWatch Weekly: Review: Ubuntu 16.04 LTSNews: Linux Mint unveils new version of Cinnamon, Debian Wheezy gets long term support, Devuan releases beta, Sabayon supplies ARM images and NetBSD gains ASLR supportQuestions and answers: Compiling a custom kernel for performance gainsTorrent corner: Sabayon, Slackel, TailsReleased last....
 2016-05-01T17:19:14+00:00 Distribution Release: Voyager Live 16.04
The developers of Voyager Live, a desktop distribution based on Xubuntu, have released a new version. The new release, Voyager Live 16.04, is based on Xubuntu 16.04 and ships with the Xfce 4.12 desktop environment. The new release will receive three years of security updates. The release announcement....
 2016-05-01T14:17:44+00:00 Distribution Release: 4MLinux 17.0
The 4MLinux project has announced the release of a new version of the miniature Linux distribution. The new version, 4MLinux 17.0, provides mostly package updates, including Firefox 46 and LibreOffice 5.1.3. "The status of the 4MLinux 17.0 series has been changed to stable. Create your documents with LibreOffice....

powered by zFeeder

 

 

 

 

Translate to Spanish