Subscribe: LinuxSecurity.com - Security Advisories
http://www.linuxsecurity.com/static-content/linuxsecurity_advisories.rss
Added By: Feedage Forager Feedage Grade A rated
Language: English
Tags:
boot  calamares  cve cve  cve fedora  cve  fedora  linuxsecurity security  linuxsecurity  partition  red hat  security  update 
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: LinuxSecurity.com - Security Advisories

LinuxSecurity.com - Security Advisories



The central voice for Linux and Open Source security news.



 



Gentoo: 201612-02 DavFS2: Local privilege escalation

Fri, 02 Dec 2016 08:35:00 +0000

LinuxSecurity.com: A vulnerability in DavFS2 allows local users to gain root privileges.



Gentoo: 201612-01 GnuPG: RNG output is predictable

Fri, 02 Dec 2016 04:42:00 +0000

LinuxSecurity.com: Due to a design flaw, the output of GnuPG's Random Number Generator (RNG) is predictable.



Fedora 23 mujs-0-6.20161031gita0ceaf5.fc23

Thu, 01 Dec 2016 17:24:00 +0000

LinuxSecurity.com: Security fix for CVE-2016-7504, CVE-2016-7505, CVE-2016-7506, CVE-2016-9017,CVE-2016-9108, CVE-2016-9109, CVE-2016-9294



Fedora 23 zathura-pdf-mupdf-0.3.0-3.fc23

Thu, 01 Dec 2016 17:24:00 +0000

LinuxSecurity.com: Security fix for CVE-2016-7504, CVE-2016-7505, CVE-2016-7506, CVE-2016-9017,CVE-2016-9108, CVE-2016-9109, CVE-2016-9294



Fedora 23 moin-1.9.9-1.fc23

Thu, 01 Dec 2016 17:23:00 +0000

LinuxSecurity.com: Update to 1.9.9 (bugfix release for CVE-2016-7146, CVE-2016-7148)



Red Hat: 2016:2843-01: firefox: Critical Advisory

Thu, 01 Dec 2016 14:15:00 +0000

LinuxSecurity.com: An update for firefox is now available for Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6, and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact [More...]



Fedora 24 calamares-2.4.4-5.fc24

Thu, 01 Dec 2016 13:54:00 +0000

LinuxSecurity.com: A security update that fixes Calamares bug CAL-405:https://calamares.io/bugs/browse/CAL-405 When installing with a LUKS-encrypted`/` partition, Calamares was always creating a keyfile to decode `/` and storingit in the initramfs. It did that even with an unencrypted separate `/boot`partition. As a result, the keyfile would be stored in cleartext on the `/boot`partition, and it was possible to unlock the `/` partition without ever enteringa passphrase. This completely defeated the security of LUKS. Please note thatthis only affects manual partitioning. The automatic partitioning never leaves`/boot` unencrypted (and it is, in fact, recommended to also always encrypt`/boot` when doing manual partitioning). This update fixes the `dracutlukscfg`module to not add the keyfile to `install_items` in the `dracut` configuration(so that `dracut` will not include it onto the initramfs) if `/boot` is separateand unencrypted.



Fedora 24 moin-1.9.9-1.fc24

Thu, 01 Dec 2016 13:53:00 +0000

LinuxSecurity.com: Update to 1.9.9 (bugfix release for CVE-2016-7146, CVE-2016-7148)



Fedora 25 calamares-2.4.4-5.fc25

Thu, 01 Dec 2016 11:02:00 +0000

LinuxSecurity.com: A security update that fixes Calamares bug CAL-405:https://calamares.io/bugs/browse/CAL-405 When installing with a LUKS-encrypted`/` partition, Calamares was always creating a keyfile to decode `/` and storingit in the initramfs. It did that even with an unencrypted separate `/boot`partition. As a result, the keyfile would be stored in cleartext on the `/boot`partition, and it was possible to unlock the `/` partition without ever enteringa passphrase. This completely defeated the security of LUKS. Please note thatthis only affects manual partitioning. The automatic partitioning never leaves`/boot` unencrypted (and it is, in fact, recommended to also always encrypt`/boot` when doing manual partitioning). This update fixes the `dracutlukscfg`module to not add the keyfile to `install_items` in the `dracut` configuration(so that `dracut` will not include it onto the initramfs) if `/boot` is separateand unencrypted.



Fedora 25 jenkins-1.651.3-2.fc25

Thu, 01 Dec 2016 11:00:00 +0000

LinuxSecurity.com: Security fix for CVE-2016-9299



Fedora 25 jenkins-remoting-2.62.3-1.fc25

Thu, 01 Dec 2016 11:00:00 +0000

LinuxSecurity.com: Security fix for CVE-2016-9299



Fedora 25 moin-1.9.9-1.fc25

Thu, 01 Dec 2016 10:58:00 +0000

LinuxSecurity.com: Update to 1.9.9 (bugfix release for CVE-2016-7146, CVE-2016-7148)