LWN Security Resources

LWN.net offers several security-related resources, including the security alert database and the weekly edition security page.

The article index

See the LWN Security Article index for access to all LWN security articles, organized by topic.

Recent LWN.net security articles

LWN runs security-oriented content regularly. Some of our more recent articles in this area include:

October 19, 2023 Toward safer GNU C Library tunable handling
October 11, 2023 Remote execution in the GNOME tracker
October 4, 2023 BPF and security
September 19, 2023 The European Cyber Resilience Act
September 13, 2023 The bogus CVE problem
August 16, 2023 Kernel security reporting for distributions
July 20, 2023 Much ado about SBAT
April 14, 2023 TOTP authentication with free software
February 21, 2023 Passwordless authentication with FIDO2—beyond just the web
February 13, 2023 A proposed threat model for confidential computing
January 25, 2023 X clients and byte swapping
January 11, 2023 PyTorch and the PyPI supply chain
December 9, 2022 mimmutable() for OpenBSD
November 8, 2022 Using certificates for SSH authentication
October 6, 2022 Fingerprinting systems with TCP source-port selection
September 22, 2022 Safer flexible arrays for the kernel
September 14, 2022 A Python security fix breaks (some) bignums
August 17, 2022 Tornado Cash and collateral damage
August 12, 2022 A fuzzy issue of responsible disclosure
August 9, 2022 Adding auditing to pip

Recent security alerts

Distribution ID Package Date

Fedora FEDORA-2023-f8d216faed matrix-synapse 2023-11-10

Fedora FEDORA-2023-e7aa13efc5 community-mysql 2023-11-10

Fedora FEDORA-2023-9ff7fd16a0 community-mysql 2023-11-10

Fedora FEDORA-2023-18cb340b28 xorg-x11-server-Xwayland 2023-11-10

Fedora FEDORA-2023-957972e77c matrix-synapse 2023-11-10

Mageia MGASA-2023-0314 vim 2023-11-10

Oracle ELSA-2023-6823 python3 2023-11-10

Oracle ELSA-2023-6823 python3 2023-11-10

Fedora FEDORA-2023-6efef709eb community-mysql 2023-11-10

Mageia MGASA-2023-0315 squid 2023-11-10

Ubuntu USN-6462-2 linux-iot 2023-11-10

Ubuntu USN-6465-3 linux-gke 2023-11-10

Scientific Linux SLSA-2023:5736 java-11-openjdk 2023-11-09

Scientific Linux SLSA-2023:6802 xorg-x11-server 2023-11-09

Fedora FEDORA-2023-f3c4404efd CuraEngine 2023-11-09

Scientific Linux SLSA-2023:5761 java-1.8.0-openjdk 2023-11-09

Scientific Linux SLSA-2023:6805 squid 2023-11-09

Scientific Linux SLSA-2023:5615 libssh2 2023-11-09

SUSE openSUSE-SU-2023:0360-1 go1.21 2023-11-09

Scientific Linux SLSA-2023:6193 thunderbird 2023-11-09

Distribution	ID	Package	Date
Fedora	FEDORA-2023-f8d216faed	matrix-synapse	2023-11-10
Fedora	FEDORA-2023-e7aa13efc5	community-mysql	2023-11-10
Fedora	FEDORA-2023-9ff7fd16a0	community-mysql	2023-11-10
Fedora	FEDORA-2023-18cb340b28	xorg-x11-server-Xwayland	2023-11-10
Fedora	FEDORA-2023-957972e77c	matrix-synapse	2023-11-10
Mageia	MGASA-2023-0314	vim	2023-11-10
Oracle	ELSA-2023-6823	python3	2023-11-10
Oracle	ELSA-2023-6823	python3	2023-11-10
Fedora	FEDORA-2023-6efef709eb	community-mysql	2023-11-10
Mageia	MGASA-2023-0315	squid	2023-11-10
Ubuntu	USN-6462-2	linux-iot	2023-11-10
Ubuntu	USN-6465-3	linux-gke	2023-11-10
Scientific Linux	SLSA-2023:5736	java-11-openjdk	2023-11-09
Scientific Linux	SLSA-2023:6802	xorg-x11-server	2023-11-09
Fedora	FEDORA-2023-f3c4404efd	CuraEngine	2023-11-09
Scientific Linux	SLSA-2023:5761	java-1.8.0-openjdk	2023-11-09
Scientific Linux	SLSA-2023:6805	squid	2023-11-09
Scientific Linux	SLSA-2023:5615	libssh2	2023-11-09
SUSE	openSUSE-SU-2023:0360-1	go1.21	2023-11-09
Scientific Linux	SLSA-2023:6193	thunderbird	2023-11-09

View the full security alert database.

October 19, 2023	Toward safer GNU C Library tunable handling
October 11, 2023	Remote execution in the GNOME tracker
October 4, 2023	BPF and security
September 19, 2023	The European Cyber Resilience Act
September 13, 2023	The bogus CVE problem
August 16, 2023	Kernel security reporting for distributions
July 20, 2023	Much ado about SBAT
April 14, 2023	TOTP authentication with free software
February 21, 2023	Passwordless authentication with FIDO2—beyond just the web
February 13, 2023	A proposed threat model for confidential computing
January 25, 2023	X clients and byte swapping
January 11, 2023	PyTorch and the PyPI supply chain
December 9, 2022	mimmutable() for OpenBSD
November 8, 2022	Using certificates for SSH authentication
October 6, 2022	Fingerprinting systems with TCP source-port selection
September 22, 2022	Safer flexible arrays for the kernel
September 14, 2022	A Python security fix breaks (some) bignums
August 17, 2022	Tornado Cash and collateral damage
August 12, 2022	A fuzzy issue of responsible disclosure
August 9, 2022	Adding auditing to pip