Corel moves to close Linux security hole

Corel moves to close Linux security hole


Software maker Corel today confirmed it is battling a security hole in Corel Linux.

"There is, yes, a security hole," said Judith O'Brien, a spokeswoman for Corel Linux.

The security hole applies only to Corel Update, a graphical user interface (GUI) that Corel has put on top of the Debian distribution of Corel Linux, according to O'Brien. The Debian distribution -- or version -- of Corel Linux is supported by a core of about 500 volunteer developers and is distinct from others for its emphasis on online updates. If a customer is using a version of Corel Linux that is strictly a Debian distribution -- without the Corel Update GUI -- the problem will not affect them, she said.

The hole allows users, who have privileges to remotely log on to a server, to replace the scripts running in Corel Update with scripts they created themselves, O'Brien said. But users must have log-in privileges in order to take advantage of the bug, she said.

"It's not something that anybody can do," O'Brien said. "If you don't have an account, you can't do anything."

Corel was informed of the problem last week and will post a patch later today at, O'Brien said. Future versions of Corel Update will permit authorised users to substitute scripts, but the product will ship with that ability turned off as the default, she said.

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.


ARN Innovation Awards 2022

Innovation Awards is the market-leading awards program for celebrating ecosystem innovation and excellence across the technology sector in Australia.

EDGE 2022

EDGE is the leading technology conference for business leaders in Australia and New Zealand, built on the foundations of collaboration, education and advancement.

Brand Post

Show Comments