LinuxSecurity.com: A vulnerability was found in gnome-screensaver prior to 2.22.1 when a remote authentication server was enabled. During a network outage, gnome-screensaver would crash upon an unlock attempt, allowing physically local users to gain access to locked sessions (CVE-2008-0887). The
LinuxSecurity.com: A denial of service condition was discovered in Sympa versions prior to 5.4 that allowed remote attackers to crash the Sympa daemon via a malformed email message (CVE-2008-1648). The updated packages have been patched to correct this issue.
LinuxSecurity.com: Only 59.1% of people use up-to-date, fully patched Web browsers, putting the remainder at risk from growing threats from diligent hackers, according to a new study published by researchers in Switzerland. The study, published Tuesday, is one of the
LinuxSecurity.com: You and I may have taken the 4th of July off, but the folks over at TrueCrypt didn't. Instead, they pushed out version 6.0 of their on-the-fly encryption utility, with more options than ever for protecting - and hiding
LinuxSecurity.com: Many users are undoubtedly not updating their browsers as quickly as they should, but you can't conclude any specifics about that from the recent study of Google logs. The researchers who published a large study of Web browser security
LinuxSecurity.com: Tavis Ormandy discovered that PCRE, the Perl-Compatible Regular Expression library, may encounter a heap overflow condition when compiling certain regular expressions involving in-pattern options and branches, potentially leading to arbitrary code execution.
LinuxSecurity.com: A vulnerability was found in gnome-screensaver 2.20.0 that could possibly allow a local user to read the clipboard contents and X selection data for a locked session by using CTRL-V (CVE-2007-6389). The updated packages have been patched to correct
LinuxSecurity.com: An incorrect fix for CVE-2007-6239 resulted in Squid not performing proper bounds checking when processing cache update replies. Because of this, a remote authenticated user might have been able to trigger an assertion error and cause a denial of
LinuxSecurity.com: Google has released the source code for its internal RatProxy security tool. The software analyses web pages for potential security risks and reports back to the site administrator. RatProxy can pick up cross-site scripting flaws and incomplete cross-site defence
LinuxSecurity.com: Out of the box, a Linux desktop is far more secure than most others. However, this level of security is not necessarily attained through typical security-focused software or techniques. Sometimes, the easiest means to security are those that are
