LWN Security Resources

LWN.net offers several security-related resources, including the security alert database, the vulnerability database, and the weekly edition security page.

The article index

See the LWN Security Article index for access to all LWN security articles, organized by topic.

Recent security alerts

Distribution	ID	Package	Date
Debian	DSA-1601-1	wordpress	2008-07-04
SuSE	SUSE-SR:2008:014	sudo, courier-authlib, gnome-screensaver, clamav, php5, ImageMagick, GraphicsMagick, mtr, bind, pcre, tomcat, squid, freetype2	2008-07-04
Fedora	FEDORA-2008-6094	ruby	2008-07-04
Mandriva	MDVSA-2008:128	php	2008-07-03
Mandriva	MDVSA-2008:129	php4	2008-07-03

View the full security alert database.

Recent vulnerabilities

The following vulnerabilities have recently seen updates or alerts.

ID	Update	Package(s)	Description
288721	July 4, 2008	php	php: multiple vulnerabilities
269213	July 4, 2008	wordpress	wordpress: remote editing via unknown vectors
274890	July 4, 2008	ruby	ruby: directory traversal
287480	July 4, 2008	ruby	ruby: multiple vulnerabilities
253650	July 4, 2008	ruby	ruby: insufficient SSL certificate validation

View the full vulnerability database.

Recent LWN.net security pages

Here are the most recent LWN.net security pages, with a comprehensive roundup of a week's worth security-related information.

Date	Contents
Jul 02, 2008	Ruby security flaws expose release process problems; New vulnerabilities in firefox, kernel, mysql, perl,...
Jun 25, 2008	Leaking browser history; New vulnerabilities in fetchmail, gallery, kernel, ruby,...
Jun 18, 2008	The Application Security Desk Reference; New vulnerabilities in freetype, openoffice.org, typo3, xorg-server,...
Jun 11, 2008	SCADA system vulnerabilities; New vulnerabilities in kernel, openoffice.org, snort, tomcat,...
Jun 04, 2008	oCERT and oss-security; New vulnerabilities in evolution, imlib2, openssl, stunnel,...
May 28, 2008	Attacking network cards; New vulnerabilities in emacs, kernel, php libcurl, samba,...
May 21, 2008	Session cookies for web applications; New vulnerabilities in Django, gnutls, kernel, setroubleshoot,...
May 14, 2008	Debian vulnerability has widespread effects; New vulnerabilities in bugzilla, openssl, php5, xen,...
May 07, 2008	Cryptographic splicing makes for a Wordpress vulnerability; New vulnerabilities in b2evolution, emacs, kernel (several), and wordpress
Apr 30, 2008	The Tahoe secure filesystem; New vulnerabilities in asterisk, kdelibs, ldm, wordpress,...
Apr 23, 2008	Image handling vulnerabilities; New vulnerabilities in clamav, cups, firefox, openoffice.org,...
Apr 16, 2008	GCC and pointer overflows; New vulnerabilities in libpng, python, rsync, squid, ...
Apr 09, 2008	Backscatter increase clogs inboxes; New vulnerabilities in alsaplayer, flash-plugin, pdns-recursor, PolicyKit,...
Apr 02, 2008	Biometrics for identification; New vulnerabilities in capp-lspp-config, cups, gnome-screensaver, xine-lib
Mar 26, 2008	Voting machine integrity through transparency; New vulnerabilities in firefox, openssh, xine-lib, xwine,...
Mar 19, 2008	Breaking CAPTCHA; New vulnerabilities in cups, krb5, smarty, unzip,...
Mar 12, 2008	Extended Validation certificates and cross-site scripting; New vulnerabilities in java, joomla, lighttpd, phpMyAdmin,...
Mar 05, 2008	Authentication bypass in routers; New vulnerabilities in dbus, evolution, kernel, thunderbird,...
Feb 27, 2008	Cascading security updates; New vulnerabilities in acroread, clamav, qemu, wordpress,...
Feb 20, 2008	The dangers of weak random numbers; New vulnerabilities in acroread, clamav, libimager-perl, pcre, ...