+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | March 31st, 2006 Volume 7, Number 14n | | | | Editorial Team: Dave Wreski dave@xxxxxxxxxxxxxxxxx | | Benjamin D. Thomas ben@xxxxxxxxxxxxxxxxx | +---------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week advisories were released for firebird2, sendmail, evolution, kpdf, flex, netpbm-free, file, man, db4, gok, gedit, epiphany, gnome-power-manager, pyoribit, totem, libglade, gnome-icon-theme, shared-mime-info, libxklavier, gstreamer, cpio, squirrelmail, glibc, mtr, tix, xterm, perl, rpm, scim, mrtg, wpa, samba, bsd-games, mailman, and freeradius. The distributors include Debian, Fedora, Gentoo, Mandriva, Red Hat, and SuSE. --- EnGarde Secure Linux: Why not give it a try? EnGarde Secure Linux is a Linux server distribution that is geared toward providing a open source platform that is highly secure by default as well as easy to administer. EnGarde Secure Linux includes a select group of open source packages configured to provide maximum security for tasks such as serving dynamic websites, high availability mail transport, network intrusion detection, and more. The Community edition of EnGarde Secure Linux is completely free and open source, and online security and application updates are also freely available with GDSN registration. http://www.engardelinux.org/modules/index/register.cgi --- Linux Command Reference Manual: Linux File Formats By: Suhas Desai Linux File Formats /etc/crontab The syntax of each line in this file is: minute, hour, day of month, Month, day of week, (user name), command /etc/fstab Columns are: device file to mount, directory to mount on, filesystem type, options, backup frequency, and fsck pass number (To specify the order in which filesystems should be checked on boot; 0 means no check.) The noauto option stops this mount from being done automatically on boot. /etc/hosts Sets up host address information for local use. The format is: IPaddress name1 name2. /etc/inittab Sets the init configuration. An entry in the inittab file has the following format: id: runlevels: action: process /etc/passwd The file has one line per username, and is divided into seven colonde limited fields: 1. Username. 2. Password, in an encrypted form. 3. Numeric user id. 4. Numeric group id. 5. Full name or other description of account. This is called gecos. 6. The user's home directory. 7. The user's login shell (program to run at login). /usr/X11R6/lib/X11/XF86Config The main XFree86 configuration file. Read Full Paper http://www.linuxsecurity.com/images/stories/commandref.pdf ---------------------- EnGarde Secure Community 3.0.4 Released Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.4 (Version 3.0, Release 4). This release includes several bug fixes and feature enhancements to the Guardian Digital WebTool and the SELinux policy, and several new packages available for installation. http://www.linuxsecurity.com/content/view/121560/65/ --- Linux File & Directory Permissions Mistakes One common mistake Linux administrators make is having file and directory permissions that are far too liberal and allow access beyond that which is needed for proper system operations. A full explanation of unix file permissions is beyond the scope of this article, so I'll assume you are familiar with the usage of such tools as chmod, chown, and chgrp. If you'd like a refresher, one is available right here on linuxsecurity.com. http://www.linuxsecurity.com/content/view/119415/49/ --- Buffer Overflow Basics A buffer overflow occurs when a program or process tries to store more data in a temporary data storage area than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information can overflow into adjacent buffers, corrupting or overwriting the valid data held in them. http://www.linuxsecurity.com/content/view/119087/49/ -------- --> Take advantage of the LinuxSecurity.com Quick Reference Card! --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf +---------------------------------+ | Distribution: Debian | ----------------------------// +---------------------------------+ * Debian: New firebird2 packages fix denial of service 23rd, March, 2006 Updated package. http://www.linuxsecurity.com/content/view/122058 * Debian: New sendmail packages fix arbitrary code execution 23rd, March, 2006 Updated package. http://www.linuxsecurity.com/content/view/122059 * Debian: New evolution packages fix arbitrary code execution 23rd, March, 2006 Ulf Hrnhammar discovered several format string vulnerabilities in Evolution, a free groupware suite, that could lead to crashes of the application or the execution of arbitrary code. http://www.linuxsecurity.com/content/view/122065 * Debian: New Linux kernel 2.6.8 packages fix several vulnerabilities 23rd, March, 2006 Updated package. http://www.linuxsecurity.com/content/view/122073 * Debian: New kpdf packages fix several vulnerabilities 24th, March, 2006 Derek Noonburg has fixed several potential vulnerabilities in xpdf, the Portable Document Format (PDF) suite, which is also present in koffice, the KDE Office Suite. http://www.linuxsecurity.com/content/view/122078 * Debian: New Linux kernel 2.4.27 packages fix several vulnerabilities 24th, March, 2006 Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. http://www.linuxsecurity.com/content/view/122079 * Debian: New flex packages fix insecure code generation 27th, March, 2006 Updated package. http://www.linuxsecurity.com/content/view/122126 * Debian: New netpbm-free packages fix arbitrary command execution 28th, March, 2006 Max Vozeler from the Debian Audit Project discovered that pstopnm, a converter from Postscript to the PBM, PGM and PNM formats, launches Ghostscript in an insecure manner, which might lead to the execution of arbitrary shell commands, when converting specially crafted Postscript files. http://www.linuxsecurity.com/content/view/122131 +---------------------------------+ | Distribution: Fedora | ----------------------------// +---------------------------------+ * Fedora Core 5 Update: file-4.17-2.fc5 23rd, March, 2006 Updated package. http://www.linuxsecurity.com/content/view/122071 * Fedora Core 5 Update: man-1.6c-2.fc5 24th, March, 2006 Updated package. http://www.linuxsecurity.com/content/view/122089 * Fedora Core 5 Update: db4-4.3.29-3.fc5 24th, March, 2006 Updated package. http://www.linuxsecurity.com/content/view/122090 * Fedora Core 5 Update: gok-1.0.7-1 24th, March, 2006 A new gok package has been built that fixes several bugs, and adds support for the zh_HK language. http://www.linuxsecurity.com/content/view/122091 * Fedora Core 5 Update: gedit-2.14.1-1 24th, March, 2006 A new version of the gedit package has been built that fixes a problem with tab drag-and-drop when multiple gedit windows are open. http://www.linuxsecurity.com/content/view/122092 * Fedora Core 5 Update: epiphany-2.14.0-1 24th, March, 2006 A new epiphany package has been built that brings the epipany version in Fedora Core 5 in sync with the version thats shipped with Gnome 2.14. http://www.linuxsecurity.com/content/view/122093 * Fedora Core 5 Update: evolution-connector-2.6.0-1 24th, March, 2006 A new evolution-connector package has been built that brings the version in Fedora Core 5 in sync with the version thats shipped with Gnome 2.14. http://www.linuxsecurity.com/content/view/122094 * Fedora Core 5 Update: evolution-data-server-1.6.0-1 24th, March, 2006 A new evolution-data-server package has been built that brings the version in Fedora Core 5 in sync with the version thats shipped with Gnome 2.14. http://www.linuxsecurity.com/content/view/122095 * Fedora Core 5 Update: gnome-power-manager-2.14.0-1 24th, March, 2006 A new gnome-power-manager package has been built that brings the version in Fedora Core 5 in sync with the version that was released for Gnome 2.14. http://www.linuxsecurity.com/content/view/122096 * Fedora Core 5 Update: pyorbit-2.14.0-1 24th, March, 2006 A new pyorbit package has been built that brings the version in Fedora Core 5 in sync with the version thats shipped with Gnome 2.14. http://www.linuxsecurity.com/content/view/122097 * Fedora Core 5 Update: totem-1.4.0-2 24th, March, 2006 A new totem package has been built that brings the version in Fedora Core 5 in sync with the version thats shipped with Gnome 2.14. http://www.linuxsecurity.com/content/view/122098 * Fedora Core 5 Update: libglade2-2.5.1-4.fc5.1 24th, March, 2006 A new libglade package has been released that fixes a problem when setting the "invisible" character (in password entries) to a non-ASCII character. http://www.linuxsecurity.com/content/view/122099 * Fedora Core 5 Update: gnome-icon-theme-2.14.2-1.fc5.1 24th, March, 2006 An updated gnome-icon-theme package fixes a problem where files with mimetype application/xml would not get the right icon. http://www.linuxsecurity.com/content/view/122100 * Fedora Core 5 Update: shared-mime-info-0.17-1.fc5.1 24th, March, 2006 A new version of the shared-mime-info package has been released that fixes several bugs. http://www.linuxsecurity.com/content/view/122101 * Fedora Core 5 Update: libxklavier-2.2-1 24th, March, 2006 A new libxklavier package has been built that brings the version in Fedora Core 5 in sync with the version that shipped with Gnome 2.14. http://www.linuxsecurity.com/content/view/122102 * Fedora Core 5 Update: gnome-vfs2-2.14.0-2 24th, March, 2006 A new version of the gnome-vfs2 package fixes a packaging error. http://www.linuxsecurity.com/content/view/122103 * Fedora Core 5 Update: gstreamer-plugins-base-0.10.5-1 24th, March, 2006 Updated package. http://www.linuxsecurity.com/content/view/122104 * Fedora Core 5 Update: gstreamer-0.10.4-1 24th, March, 2006 Updated package. http://www.linuxsecurity.com/content/view/122105 * Fedora Core 5 Update: cpio-2.6-15.FC5 27th, March, 2006 Updated package. http://www.linuxsecurity.com/content/view/122113 * Fedora Core 4 Update: squirrelmail-1.4.6-4.fc4 27th, March, 2006 This update fixes Bug #185767 where we broke Japanese mail sending in our previous update. (I would really appreciate it if Chinese and Korean users would test this and report if it works properly for incoming and outgoing mail.) http://www.linuxsecurity.com/content/view/122114 * Fedora Core 5 Update: squirrelmail-1.4.6-4.fc5 27th, March, 2006 This update fixes Bug #185767 where we broke Japanese mail sending in our previous update. (I would really appreciate it if Chinese and Korean users would test this and report if it works properly for incoming and outgoing mail.) http://www.linuxsecurity.com/content/view/122115 * Fedora Core 4 Update: glibc-2.3.6-3 27th, March, 2006 Updated package. http://www.linuxsecurity.com/content/view/122116 * Fedora Core 5 Update: mtr-0.71-0.FC5.1 27th, March, 2006 Updated package. http://www.linuxsecurity.com/content/view/122117 * Fedora Core 4 Update: mtr-0.71-0.FC4.1 27th, March, 2006 Updated package. http://www.linuxsecurity.com/content/view/122118 * Fedora Core 5 Update: tix-8.4.0-4 27th, March, 2006 The tix-8.4.0-3.1 package that shipped with Fedora Core 5 had libTix8.4.so in the wrong directory. The tix-8.4.0-4 package corrects this problem. The 'package require Tix' command now works as it should. http://www.linuxsecurity.com/content/view/122119 * Fedora Core 5 Update: xterm-211-1.FC5 27th, March, 2006 Updated package. http://www.linuxsecurity.com/content/view/122121 * Fedora Core 4 Update: perl-5.8.6-24 27th, March, 2006 Updated package. http://www.linuxsecurity.com/content/view/122122 * Fedora Core 4 Update: kernel-2.6.16-1.2069_FC4 30th, March, 2006 Updated package. http://www.linuxsecurity.com/content/view/122170 * Fedora Core 4 Update: rpm-4.4.1-23 30th, March, 2006 This update fixes an issue with a double free experienced in verification with matchpathcon. http://www.linuxsecurity.com/content/view/122171 * Fedora Core 5 Update: scim-hangul-0.2.2-1.fc5 30th, March, 2006 Updated package. http://www.linuxsecurity.com/content/view/122172 * Fedora Core 5 Update: scim-anthy-1.0.0-1.fc5 30th, March, 2006 Updated package. http://www.linuxsecurity.com/content/view/122173 * Fedora Core 5 Update: mrtg-2.13.2-0.fc5.1 30th, March, 2006 Fixes the RouterUptime option. http://www.linuxsecurity.com/content/view/122174 * Fedora Core 5 Update: wpa_supplicant-0.4.8-6.fc5 30th, March, 2006 Updated package. http://www.linuxsecurity.com/content/view/122175 * Fedora Core 5 Update: samba-3.0.22-1.fc5 30th, March, 2006 Updated package. http://www.linuxsecurity.com/content/view/122176 +---------------------------------+ | Distribution: Gentoo | ----------------------------// +---------------------------------+ * Gentoo: NetHack, Slash'EM, Falcon's Eye Local privilege escalation 23rd, March, 2006 NetHack, Slash'EM and Falcon's Eye are vulnerable to local privilege escalation vulnerabilities that could potentially allow the execution of arbitrary code as other users. http://www.linuxsecurity.com/content/view/122072 * Gentoo: RealPlayer Buffer overflow vulnerability 26th, March, 2006 RealPlayer is vulnerable to a buffer overflow that could lead to remote execution of arbitrary code. http://www.linuxsecurity.com/content/view/122106 * Gentoo: OpenOffice.org Heap overflow in included libcurl 27th, March, 2006 OpenOffice.org contains a vulnerable version of libcurl that may cause a heap overflow when parsing URLs. http://www.linuxsecurity.com/content/view/122124 * Gentoo: bsd-games Local privilege escalation in tetris-bsd 29th, March, 2006 tetris-bsd is prone to local privilege escalation vulnerabilities. http://www.linuxsecurity.com/content/view/122159 +---------------------------------+ | Distribution: Mandriva | ----------------------------// +---------------------------------+ * Mandriva: Updated FreeRADIUS packages fix EAP-MSCHAPv2 module vulnerability 24th, March, 2006 An unspecified vulnerability in FreeRADIUS 1.0.0 up to 1.1.0 allows remote attackers to bypass authentication or cause a denial of service (server crash) via "Insufficient input validation" in the EAP-MSCHAPv2 state machine module. Updated packages have been patched to correct this issue. http://www.linuxsecurity.com/content/view/122077 * Mandriva: Updated mailman packages fix DoS from badly formed mime multipart messages. 29th, March, 2006 Scrubber.py, in Mailman 2.1.5 and earlier, when using email 2.5 (part of Python), is susceptible to a DoS (mailman service stops delivering for the list in question) if it encounters a badly formed mime multipart message with only one part and that part has two blank lines between the first boundary and the end boundary. http://www.linuxsecurity.com/content/view/122161 +---------------------------------+ | Distribution: Red Hat | ----------------------------// +---------------------------------+ * RedHat: Critical: RealPlayer security update 23rd, March, 2006 An updated RealPlayer package that fixes a buffer overflow bug is now available for Red Hat Enterprise Linux Extras 3 and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/122057 +---------------------------------+ | Distribution: SuSE | ----------------------------// +---------------------------------+ * SuSE: RealPlayer security problems 23rd, March, 2006 This update fixes the following security problems in Realplayer: CVE-2006-0323, CVE-2005-2922. http://www.linuxsecurity.com/content/view/122060 * SuSE: freeradius authentication bypass 28th, March, 2006 Updated package. http://www.linuxsecurity.com/content/view/122127 ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------