LinuxSecurity.com: GroundWork Monitor Community Edition is a free edition of GroundWork Monitor Enterprise, a commercial open source network monitoring solution geared toward large enterprise customers. Free editions often have some limited functionality, but GroundWork Monitor Community Edition offers the visibility

LinuxSecurity.com: Port Knocking came about in around 2003, but it has various weaknesses. There are plenty of implentations though (some quite advanced). Most of the problems are fixed however by fwknop! fwknop stands for the "FireWall KNock OPerator", and implements

LinuxSecurity.com: This package update adds support for LZMA compression in rpm. This will allow users of Mandriva Linux 2007.1 to upgrade to the Mandriva Linux 2009.0 release.

LinuxSecurity.com: Updated condor packages that fix multiple security issues, several bugs and introduce feature enhancements are now available for Red Hat Enterprise MRG 1.0 for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact

LinuxSecurity.com: Updated timezone packages are being provided for older Mandriva Linux systems that do not contain new Daylight Savings Time information and Time Zone information for some locations. These updated packages contain the new information.

LinuxSecurity.com: The Tokeneer project was commissioned by the NSA from Praxis High Integrity Systems as a demonstrator of high-assurance software engineering. Developed using Praxis' Correctness by Construction (CbyC) methodology it uses the SPARK Ada language and AdaCore's GNAT Pro environment.

LinuxSecurity.com: Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.21 (Version 3.0, Release 21). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux

LinuxSecurity.com: Companies can actually worsen their risks by failing to take these commonsense approaches to security.Many companies spend a small fortune and deploy a small army to secure themselves from the many security threats lurking these days. But all those

LinuxSecurity.com: mandriva-release for Mandriva 2008 Spring should contain a product_branch set to Official, and not devel, otherwise it could lead to an error with the new mdkonline. The updated package fixes it.

LinuxSecurity.com: Dmitry E. Oboukhov discovered that the "to-upgrade" plugin of Feta, a simpler interface to APT, dpkg, and other Debian package tools creates temporary files insecurely, which may lead to local denial of service through symlink attacks.

LinuxSecurity.com: This update fixes several minor issues in rpmdrake: - it fixes a crash due to bad timing with the X server (#41010) - it fix empty per importance lists of updates in rpmdrake (list of all updates was OK,

LinuxSecurity.com: This update fixes several minor issues in drakxtools: - it fixes management of XEN kernels in bootloader-config, when adding a new kernel, a xen entry should not replace an existing 'linux' (#40865) - it fixes a crash in rpmdrake

LinuxSecurity.com: CRLF injection vulnerability in Sys.Web in Mono 2.0 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the query string. The updated packages have been patched to fix

LinuxSecurity.com: Felipe Andres Manzano discovered that mplayer, a multimedia player, is vulnerable to several integer overflows in the Real video stream demuxing code. These flaws could allow an attacker to cause a denial of service (a crash) or potentially the