#linux

Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) that has racked up thousands of downloads for over three years while stealthily exfiltrating developers' Amazon Web Services (AWS) credentials. The package in question is "fabrice," which typosquats a popular Python library known as "fabric," which is designed to execute shell commands remotely over

As Red Hat's product portfolio of various products expands, we are offering more delivery options and methods to give customers more flexibility in how they use and consume Red Hat products.Red Hat Enterprise Linux CoreOS (RHCOS) underpins Red Hat OpenShift, the industry’s leading hybrid cloud application platform powered by Kubernetes. RHCOS demonstrates the flexibility that Red Hat delivers to customers by providing a comprehensive, dedicated and container-optimized base operating system.As part of our Secure Software Development Lifecycle (Secure SDLC) practices, Red Hat provides granula

Gentoo Linux Security Advisory 202411-5 - Multiple vulnerabilities have been discovered in libgit2, the worst of which could lead to arbitrary code execution. Versions greater than or equal to 1.7.2 are affected.

Gentoo Linux Security Advisory 202411-4 - A vulnerability has been discovered in EditorConfig Core C library, which may lead to arbitrary code execution. Versions greater than or equal to 0.12.6 are affected.

Gentoo Linux Security Advisory 202411-3 - A vulnerability has been discovered in Ubiquiti UniFi, which can lead to local privilege escalation. Versions greater than or equal to 8.5.6 are affected.

Gentoo Linux Security Advisory 202411-2 - A vulnerability has been discovered in Flatpak, which can lead to a sandbox escape. Versions greater than or equal to 1.4.10 are affected.

Ubuntu Security Notice 7088-3 - Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

Gentoo Linux Security Advisory 202411-1 - A vulnerability has been discovered in Neat VNC, which can lead to authentication bypass. Versions greater than or equal to 0.8.1 are affected.

Debian Linux Security Advisory 5803-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code.

Red Hat Security Advisory 2024-8935-03 - An update for edk2 is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.