+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | August 4th 2006 Volume 7, Number 32a | +---------------------------------------------------------------------+ Editors: Dave Wreski Benjamin D. Thomas dave@xxxxxxxxxxxxxxxxx ben@xxxxxxxxxxxxxxxxx Linux Advisory Watch is a comprehensive newsletter that outlines the security vulnerabilities that have been announced throughout the week. It includes pointers to updated packages and descriptions of each vulnerability. This week, advisories were released for asterisk, drupal, ethereal, heartbeat, osiris, apache, apache2, sitebar, mantis, thunderbird, libtunepimp, gpdf, tiff, cfs, wireshark, httpd, java, dump, gnupg, gnome-icon-theme, php, pdnsd, ruby, Quake3, MySQL, Nagios, libextractor, quagga, cherrypy, opera, dia, tor, pound, awstats, vixie cron, wordpress, zgv, spamassassin, cscope, dokuwiki, openldap, sendmail, typespeed, aRts, KDM, wv2, EntergyMech, Mutt, Tikiwiki, Kiax, mpg123, libTiff, postgresql, libpng, xine-lib, gimp, wireshark, samba, php, libwmf, mod_rewrite, safe-level, freeciv, kdegraphics, seamonkey, firefox, gnupg, freetype. The distributors include Debian, Fedora, Gentoo, Mandriva, Red Hat, and SuSE. --- CRYPTOCard Two-Factor Authentication Are you a Linux consultant with expertise in network security? Join CRYPTOCard's Linux Consultants program and learn about how you can help your clients implement secure authentication solutions. Click here for more information: http://ads.linuxsecurity.com/cgi-bin/newad_redirect.pl?id=cc_nl --- EnGarde Secure Community 3.0.8 Released Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.8 (Version 3.0, Release 8). This release includes several bug fixes and feature enhancements to the Guardian Digital WebTool, several updated packages, and several new packages available for installation. The following reported bugs from bugs.engardelinux.org are fixed in this release: #0000024 Kernel 2.6.14.3 is out #0000026 PHP5 packages are not compiled with MySQL support #0000049 Perl 5.8.8 is out. #0000058 Can't install package perl-MIME-Base64 ... #0000069 Kernel Upgrade to Suupport NATH323 #0000070 Alias Resolution Problem #0000071 Issues creating new mail addresses... #0000072 WebTool Log Refresh #0000074 WebTool Package List Several other bugs are fixed in this release as well. New features include: * A new Italian translation of the Guardian Digital WebTool, courtesy of Vincenzo Ciaglia. To use this translation go into to the WebTool Configuration module, click on your username (normally 'admin'), and select Italian from the drop-down. * A new "Guardian Digital WebTool API Guide" document on engardelinux.org.This document is intended for people who are interested in extending the Guardian Digital WebTool by writing new interfaces/modules and for people who are interested in using the API for other applications. This document was written by Ankit Patel with contributions from Ryan W. Maple. * Updated PCI tables and better detection of more recent hardware. * Updated glibc (2.3.6), kernel (2.6.17.7), and perl (5.8.8) packages. * The latest stable versions of asterisk (1.2.10), bacula (1.38.11), clamav (0.88.3), gdb (6.5), gnupg (1.4.4), john (1.7.2), mrtg (2.14.5), postfix (2.2.11), procps (3.2.7), samba (3.0.23a), snort (2.4.5) and zaptel (1.2.7). * A couple of new packages: - freepops (0.0.99) FreePOPs is a daemon that acts as a local pop3 server, translating local pop3 requests to remote http requests to supported webmails. - hwdata (0.177) and pciutils (2.2.1) hwdata contains various hardware identification and configuration data, such as the pci.ids database and MonitorsDb databases. The pciutils package contains various utilities for inspecting and setting devices connected to the PCI bus. - perl-Authen-Smb (0.91) This package supplies a perl module for authenticating against an SMB password server. - squid (2.6.STABLE1) Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. All new users downloading EnGarde Secure Linux for the first time or users who use the LiveCD environment should download this release. Users who are currently using EnGarde Secure Linux do not need to download this release -- they can update their machines via the Guardian Digital Secure Network WebTool module. Downloading ----------- Below are the MD5 sums for the i686 and x86_64 ISO images: 36bcfe87468515355a1e41fc6bd7230fengarde-community-3.0.8.i686.iso f86fac5b78a1fd5a69d6e38684d35bdcengarde-community-3.0.8.x86_64.iso You may download this ISO image via FTP or BitTorrent by following the "Download Now!" link from engardelinux.org: http://www.engardelinux.org/ http://www.linuxsecurity.com/content/view/123902/65/ ---------------------- Packet Sniffing Overview The best way to secure you against sniffing is to use encryption. While this won.t prevent a sniffer from functioning, it will ensure that what a sniffer reads is pure junk. http://www.linuxsecurity.com/content/view/123570/49/ --- Review: How To Break Web Software With a tool so widely used by so many different types of people like the World Wide Web, it is necessary for everyone to understand as many aspects as possible about its functionality. From web designers to web developers to web users, this is a must read. Security is a job for everyone and How To Break Web Software by Mike Andrews and James A. Whittaker is written for everyone to understand. http://www.linuxsecurity.com/content/view/122713/49/ --- EnGarde Secure Linux v3.0.7 Now Available Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.7 (Version 3.0, Release 7). This release includes several bug fixes and feature enhancements to the Guardian Digital WebTool and the SELinux policy, several updated packages, and several new packages available for installation. http://www.linuxsecurity.com/content/view/123016/65/ -------- --> Take advantage of the LinuxSecurity.com Quick Reference Card! --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf +---------------------------------+ | Distribution: Debian | ----------------------------// +---------------------------------+ * Debian: New Asterisk packages fix denial of service 27th, July, 2006 Updated package. http://www.linuxsecurity.com/content/view/123749 * Debian: New drupal packages fix execution of arbitrary web script code (revised packages) 27th, July, 2006 Updated package. http://www.linuxsecurity.com/content/view/123758 * Debian: New ethereal packages fix several vulnerabilities 28th, July, 2006 Updated package. http://www.linuxsecurity.com/content/view/123767 * Debian: New heartbeat packages fix local denial of service 28th, July, 2006 Updated package. http://www.linuxsecurity.com/content/view/123768 * Debian: New osiris packages fix arbitrary code execution 28th, July, 2006 Updated package. http://www.linuxsecurity.com/content/view/123774 * Debian: New apache package fix buffer overflow 1st, August, 2006 Updated package. http://www.linuxsecurity.com/content/view/123897 * Debian: New apache2 packages fix buffer overflow 1st, August, 2006 Updated package. http://www.linuxsecurity.com/content/view/123901 * Debian: New sitebar packages fix cross-site scripting 1st, August, 2006 Updated package. http://www.linuxsecurity.com/content/view/123903 * Debian: New mantis packages fix execution of arbitrary web script code 1st, August, 2006 Updated package. http://www.linuxsecurity.com/content/view/123912 * Debian: New Mozilla Thunderbird packages fix several vulnerabilities 2nd, August, 2006 Updated package. http://www.linuxsecurity.com/content/view/123916 * Debian: New libtunepimp packages fix arbitrary code execution 2nd, August, 2006 Updated package. http://www.linuxsecurity.com/content/view/123917 * Debian: New gpdf packages fix denial of service 2nd, August, 2006 "infamous41md" and Chris Evans discovered several heap based buffer overflows in xpdf, the Portable Document Format (PDF) suite, which are also present in gpdf, the viewer with Gtk bindings, and which can lead to a denial of service by crashing the application or possibly to the execution of arbitrary code. http://www.linuxsecurity.com/content/view/123933 * Debian: New tiff packages fix several vulnerabilities 2nd, August, 2006 Updated package. http://www.linuxsecurity.com/content/view/123935 * Debian: New cfs packages fix denial of service 2nd, August, 2006 Updated package. http://www.linuxsecurity.com/content/view/123939 +---------------------------------+ | Distribution: Fedora | ----------------------------// +---------------------------------+ * Fedora Core 5 Update: wireshark-0.99.2-fc5.2 28th, July, 2006 Updated package. http://www.linuxsecurity.com/content/view/123775 * Fedora Core 4 Update: httpd-2.0.54-10.4 28th, July, 2006 This update fixes a security issue in the mod_rewrite module. Mark Dowd of McAfee Avert Labs reported an off-by-one security problem in the LDAP scheme handling of the mod_rewrite module. http://www.linuxsecurity.com/content/view/123776 * Fedora Core 5 Update: httpd-2.2.2-1.2 28th, July, 2006 This update fixes a security issue in the mod_rewrite module. Mark Dowd of McAfee Avert Labs reported an off-by-one security problem in the LDAP scheme handling of the mod_rewrite module. http://www.linuxsecurity.com/content/view/123777 * Fedora Core 5 Update: java-1.4.2-gcj-compat-1.4.2.0-40jpp_83rh.1 28th, July, 2006 Updated package. http://www.linuxsecurity.com/content/view/123877 * Fedora Extras dump-package security update (CVE-2006-3668) 31st, July, 2006 Luigi Auriemma discovered that DUMB, a tracker music library, performs insufficient sanitising of values parsed from IT music files. This could result in a heap-based buffer overflow in the it_read_envelope function in Dynamic Universal Music Bibliotheque (DUMB) 0.9.3 and earlier and current CVS as of 20060716, including libdumb, allows user-complicit attackers to execute arbitrary code via a ".it" (Impulse Tracker) file with an envelope with a large number of nodes. http://www.linuxsecurity.com/content/view/123889 * Fedora Core 5 Update: libtiff-3.7.4-8 2nd, August, 2006 The libtiff package contains a library of functions for manipulating TIFF (Tagged Image File Format) files. Tavis Ormandy of Google discovered a number of flaws in libtiff during a security audit. An attacker could create a carefully crafted TIFF file in such a way that it was possible to cause an application linked with libtiff to crash or possibly execute arbitrary code. (CVE-2006-3459, CVE-2006-3460, CVE-2006-3461, CVE-2006-3462, CVE-2006-3463, CVE-2006-3464, CVE-2006-3465) All users are advised to upgrade to these updated packages, which contain backported fixes for these issues. http://www.linuxsecurity.com/content/view/123921 * Fedora Core 4 Update: libtiff-3.7.1-6.fc4.3 2nd, August, 2006 The libtiff package contains a library of functions for manipulating TIFF (Tagged Image File Format) files. Tavis Ormandy of Google discovered a number of flaws in libtiff during a security audit. An attacker could create a carefully crafted TIFF file in such a way that it was possible to cause an application linked with libtiff to crash or possibly execute arbitrary code. (CVE-2006-3459, CVE-2006-3460, CVE-2006-3461, CVE-2006-3462, CVE-2006-3463, CVE-2006-3464, CVE-2006-3465) All users are advised to upgrade to these updated packages, which contain backported fixes for these issues. http://www.linuxsecurity.com/content/view/123922 * Fedora Core 4 Update: gnupg-1.4.5-1 2nd, August, 2006 This update upgrades GnuPG to version 1.4.5 to correct errors in the parsing of certain types of packets. http://www.linuxsecurity.com/content/view/123940 * Fedora Core 5 Update: gnupg-1.4.5-2 2nd, August, 2006 This update upgrades GnuPG to version 1.4.5 to correct errors in the parsing of certain types of packets. http://www.linuxsecurity.com/content/view/123941 * Fedora Core 5 Update: gnome-icon-theme-2.14.2-1.fc5.2 2nd, August, 2006 The %post script in the gnome-icon-theme package had problems with icon theme names containing spaces. This update fixes this problem. http://www.linuxsecurity.com/content/view/123942 +---------------------------------+ | Distribution: Gentoo | ----------------------------// +---------------------------------+ * Gentoo: PHP Multiple vulnerabilities 28th, July, 2006 PHP is affected by multiple issues, including a buffer overflow in wordwrap() which may lead to execution of arbitrary code. http://www.linuxsecurity.com/content/view/123810 * Gentoo: Mozilla Thunderbird Multiple vulnerabilities 28th, July, 2006 Several vulnerabilities in Mozilla Thunderbird allow attacks ranging from script execution with elevated privileges to information leaks. http://www.linuxsecurity.com/content/view/123811 * Gentoo: pdnsd Denial of Service and potential arbitrary code execution 28th, July, 2006 pdnsd is vulnerable to a buffer overflow that may result in arbitrary code execution. http://www.linuxsecurity.com/content/view/123812 * Gentoo: Ruby Denial of Service 28th, July, 2006 Ruby WEBrick and XMLRPC servers are vulnerable to Denial of Service. http://www.linuxsecurity.com/content/view/123813 * Gentoo: Quake 3 engine based games Buffer Overflow 28th, July, 2006 The Quake 3 engine has a vulnerability that could be exploited to execute arbitrary code. http://www.linuxsecurity.com/content/view/123814 * Gentoo: MySQL Information leakage 28th, July, 2006 A MySQL server may leak information to unauthorized users. http://www.linuxsecurity.com/content/view/123815 * Gentoo: MySQL Information leakage 28th, July, 2006 For a short time version 4.0.27 was incorrectly listed as vulnerable and the resolution incorrectly forced an upgrade to 4.1.x for 4.0.x users. The updated sections appear below. http://www.linuxsecurity.com/content/view/123816 * Gentoo: Nagios Buffer overflow 28th, July, 2006 Updated package. http://www.linuxsecurity.com/content/view/123817 * Gentoo: libextractor Two heap-based buffer overflows 28th, July, 2006 libextractor is vulnerable to two heap overflow vulnerabilities which could lead to the execution of arbitrary code. http://www.linuxsecurity.com/content/view/123818 * Gentoo: Quagga Routing Suite Multiple vulnerabilities 28th, July, 2006 Quagga's RIP daemon allows the injection of routes and the disclosure of routing information. The BGP daemon is vulnerable to a Denial of Service. http://www.linuxsecurity.com/content/view/123819 * Gentoo: CherryPy Directory traversal vulnerability 28th, July, 2006 CherryPy is vulnerable to a directory traversal that could allow attackers to read arbitrary files. http://www.linuxsecurity.com/content/view/123820 * Gentoo: libTIFF Multiple vulnerabilities 28th, July, 2006 Multiple vulnerabilities in libTIFF could lead to the execution of arbitrary code or a Denial of Service. http://www.linuxsecurity.com/content/view/123821 * Gentoo: Opera Buffer overflow 28th, July, 2006 Opera contains an integer signedness error resulting in a buffer overflow which may allow a remote attacker to execute arbitrary code. http://www.linuxsecurity.com/content/view/123822 * Gentoo: shadow Privilege escalation 28th, July, 2006 A security issue in shadow allows a local user to perform certain actions with escalated privileges. http://www.linuxsecurity.com/content/view/123823 * Gentoo: Dia Format string vulnerabilities 28th, July, 2006 Format string vulnerabilities in Dia may lead to the execution of arbitrary code. http://www.linuxsecurity.com/content/view/123824 * Gentoo: Tor Several vulnerabilities 28th, July, 2006 Tor is vulnerable to a possible buffer overflow, a Denial of Service, information disclosure and information leak. http://www.linuxsecurity.com/content/view/123825 * Gentoo: Pound HTTP request smuggling 28th, July, 2006 Pound is vulnerable to HTTP request smuggling, which could be exploited to bypass security restrictions or poison web caches. http://www.linuxsecurity.com/content/view/123826 * Gentoo: AWStats Remote execution of arbitrary code 28th, July, 2006 AWStats contains a bug in the sanitization of the input parameters which can lead to the remote execution of arbitrary code. http://www.linuxsecurity.com/content/view/123827 * Gentoo: Vixie Cron Privilege Escalation 28th, July, 2006 Vixie Cron allows local users to execute programs as root. http://www.linuxsecurity.com/content/view/123828 * Gentoo: WordPress Arbitrary command execution 28th, July, 2006 WordPress fails to sufficiently check the format of cached username data. http://www.linuxsecurity.com/content/view/123829 * Gentoo: zgv Heap overflow 28th, July, 2006 Updated package. http://www.linuxsecurity.com/content/view/123830 * Gentoo: SpamAssassin Execution of arbitrary code 28th, July, 2006 SpamAssassin, when running with certain options, could allow local or even remote attackers to execute arbitrary commands, possibly as the root user. http://www.linuxsecurity.com/content/view/123831 * Gentoo: Cscope Many buffer overflows 28th, July, 2006 Cscope is vulnerable to multiple buffer overflows that could lead to the execution of arbitrary code. http://www.linuxsecurity.com/content/view/123832 * Gentoo: JPEG library Denial of Service 28th, July, 2006 The JPEG library is vulnerable to a Denial of Service. http://www.linuxsecurity.com/content/view/123833 * Gentoo: Mozilla Firefox Multiple vulnerabilities 28th, July, 2006 Vulnerabilities in Mozilla Firefox allow privilege escalations for JavaScript code, cross site scripting attacks, HTTP response smuggling and possibly the execution of arbitrary code. http://www.linuxsecurity.com/content/view/123834 * Gentoo: MySQL SQL Injection 28th, July, 2006 MySQL is vulnerable to an SQL Injection flaw in the multi-byte encoding process. http://www.linuxsecurity.com/content/view/123835 * Gentoo: Tor Several vulnerabilities 28th, July, 2006 Tor is vulnerable to a possible buffer overflow, a Denial of Service, information disclosure and information leak. http://www.linuxsecurity.com/content/view/123836 * Gentoo: GDM Privilege escalation 28th, July, 2006 An authentication error in GDM could allow users to gain elevated privileges. http://www.linuxsecurity.com/content/view/123837 * Gentoo: Asterisk IAX2 video frame buffer overflow 28th, July, 2006 Asterisk contains a bug in the IAX2 channel driver making it vulnerable to the remote execution of arbitrary code. http://www.linuxsecurity.com/content/view/123838 * Gentoo: DokuWiki PHP code injection 28th, July, 2006 A flaw in DokuWiki's spell checker allows for the execution of arbitrary PHP commands, even without proper authentication. http://www.linuxsecurity.com/content/view/123839 * Gentoo: OpenLDAP Buffer overflow 28th, July, 2006 The OpenLDAP replication server slurpd contains a buffer overflow that could result in arbitrary code execution. http://www.linuxsecurity.com/content/view/123840 * Gentoo: PAM-MySQL Multiple vulnerabilities 28th, July, 2006 Vulnerabilities in PAM-MySQL can lead to a Denial of Service, making it impossible to log into a machine. http://www.linuxsecurity.com/content/view/123841 * Gentoo: Sendmail Denial of Service 28th, July, 2006 Faulty multipart MIME messages can cause forked Sendmail processes to crash. http://www.linuxsecurity.com/content/view/123842 * Gentoo: Typespeed Remote execution of arbitrary code 28th, July, 2006 A buffer overflow in the network code of Typespeed can lead to the execution of arbitrary code. http://www.linuxsecurity.com/content/view/123843 * Gentoo: Mozilla Thunderbird Multiple vulnerabilities 28th, July, 2006 Several vulnerabilities in Mozilla Thunderbird allow cross site scripting, JavaScript privilege escalation and possibly execution of arbitrary code. http://www.linuxsecurity.com/content/view/123844 * Gentoo: aRts Privilege escalation 28th, July, 2006 The artswrapper part of aRts allows local users to execute arbitrary code with elevated privileges. http://www.linuxsecurity.com/content/view/123845 * Gentoo: KDM Symlink vulnerability 28th, July, 2006 KDM is vulnerable to a symlink vulnerability that can lead to disclosure of information. http://www.linuxsecurity.com/content/view/123846 * Gentoo: wv2 Integer overflow 28th, July, 2006 An integer overflow could allow an attacker to execute arbitrary code. http://www.linuxsecurity.com/content/view/123847 * Gentoo: Hashcash Possible heap overflow 28th, July, 2006 A heap overflow vulnerability in the Hashcash utility could allow an attacker to execute arbitrary code. http://www.linuxsecurity.com/content/view/123848 * Gentoo: EnergyMech Denial of Service 28th, July, 2006 A Denial of Service vulnerability was discovered in EnergyMech that is easily exploitable via IRC. http://www.linuxsecurity.com/content/view/123849 * Gentoo: Mutt Buffer overflow 28th, July, 2006 Mutt contains a buffer overflow that could result in arbitrary code execution. http://www.linuxsecurity.com/content/view/123850 * Gentoo: Horde Web Application Framework XSS vulnerability 28th, July, 2006 The Horde Web Application Framework is vulnerable to a cross-site scripting vulnerability. http://www.linuxsecurity.com/content/view/123851 * Gentoo: Tikiwiki SQL injection and multiple XSS vulnerabilities 28th, July, 2006 An SQL injection vulnerability and multiple XSS vulnerabilities have been discovered. http://www.linuxsecurity.com/content/view/123852 * Gentoo: Kiax Arbitrary code execution 28th, July, 2006 A security vulnerability in the iaxclient library could lead to the execution of arbitrary code by a remote attacker. http://www.linuxsecurity.com/content/view/123853 * Gentoo: mpg123 Heap overflow 28th, July, 2006 A heap overflow in mpg123 was discovered, which could result in the execution of arbitrary code. http://www.linuxsecurity.com/content/view/123854 * Gentoo: FreeType Multiple integer overflows 28th, July, 2006 Multiple remotely exploitable buffer overflows have been discovered in FreeType, resulting in the execution of arbitrary code. http://www.linuxsecurity.com/content/view/123855 * Gentoo: libTIFF Multiple buffer overflows 28th, July, 2006 libTIFF contains buffer overflows that could result in arbitrary code execution. http://www.linuxsecurity.com/content/view/123856 * Gentoo: PostgreSQL SQL injection 28th, July, 2006 A flaw in the multibyte character handling allows execution of arbitrary SQL statements. http://www.linuxsecurity.com/content/view/123857 * Gentoo: PostgreSQL SQL injection 28th, July, 2006 A flaw in the multibyte character handling allows execution of arbitrary SQL statements. http://www.linuxsecurity.com/content/view/123858 * Gentoo: PostgreSQL SQL injection 28th, July, 2006 A flaw in the multibyte character handling allows execution of arbitrary SQL statements. http://www.linuxsecurity.com/content/view/123859 * Gentoo: libpng Buffer overflow 28th, July, 2006 A buffer overflow has been found in the libpng library that could lead to the execution of arbitrary code. http://www.linuxsecurity.com/content/view/123860 * Gentoo: xine-lib Buffer overflow 28th, July, 2006 A buffer overflow has been found in the libmms library shipped with xine-lib, potentially resulting in the execution of arbitrary code. http://www.linuxsecurity.com/content/view/123861 * Gentoo: GIMP Buffer overflow 28th, July, 2006 GIMP is prone to a buffer overflow which may lead to the execution of arbitrary code when loading specially crafted XCF files. http://www.linuxsecurity.com/content/view/123862 * Gentoo: GIMP Buffer overflow 28th, July, 2006 Updated package. http://www.linuxsecurity.com/content/view/123863 * Gentoo: Wireshark Multiple vulnerabilities 28th, July, 2006 Wireshark (formerly known as Ethereal) is vulnerable to several security issues, potentially allowing the execution of arbitrary code by a remote attacker. http://www.linuxsecurity.com/content/view/123864 * Gentoo: Samba Denial of Service vulnerability 28th, July, 2006 A large number of share connection requests could cause a Denial of Service within Samba. http://www.linuxsecurity.com/content/view/123865 * Gentoo: TunePimp Buffer overflow 28th, July, 2006 A vulnerability in TunePimp has been reported which could lead to the execution of arbitrary code. http://www.linuxsecurity.com/content/view/123866 * Gentoo: OpenOffice.org Multiple vulnerabilities 28th, July, 2006 OpenOffice.org is affected by three security vulnerabilities which can be exploited to allow the execution of arbitrary code by a remote attacker. http://www.linuxsecurity.com/content/view/123868 * Gentoo: Audacious Multiple heap and buffer overflows 29th, July, 2006 The adplug library included in Audacious is vulnerable to various overflows that could result in the execution of arbitrary code. http://www.linuxsecurity.com/content/view/123878 * Gentoo: Samba Denial of Service vulnerability 30th, July, 2006 A large number of share connection requests could cause a Denial of Service within Samba. http://www.linuxsecurity.com/content/view/123879 * Gentoo: PHP Multiple vulnerabilities 30th, July, 2006 The initial fix did not properly fix the CVE-2006-1990 issue on 64 bit systems. The updated sections appear below. http://www.linuxsecurity.com/content/view/123880 * Gentoo: Apache Off-by-one flaw in mod_rewrite 1st, August, 2006 A flaw in mod_rewrite could result in a Denial of Service or the execution of arbitrary code. http://www.linuxsecurity.com/content/view/123900 +---------------------------------+ | Distribution: Mandriva | ----------------------------// +---------------------------------+ * Mandriva: Updated libwmf packages fixes integer overflow vulnerability 28th, July, 2006 Integer overflow in player.c in libwmf 0.2.8.4, as used in multiple products including (1) wv, (2) abiword, (3) freetype, (4) gimp, (5) libgsf, and (6) imagemagick allows remote attackers to execute arbitrary code via the MaxRecordSize header field in a WMF file. Updated packages have been patched to correct this issue. http://www.linuxsecurity.com/content/view/123778 * Mandriva: Updated apache packages fix mod_rewrite vulnerability 28th, July, 2006 Mark Dowd, of McAffee Avert Labs, discovered a potential remotely exploitable off-by-one flaw in Apache's mod_rewrite ldap scheme handling. http://www.linuxsecurity.com/content/view/123779 * Mandriva: Updated ruby packages fix safe-level vulnerabilities 28th, July, 2006 A number of flaws were discovered in the safe-level restrictions in the Ruby language. Because of these flaws, it would be possible for an attacker to create a carefully crafted malicious script that could allow them to bypass certain safe-level restrictions. Updated packages have been patched to correct this issue. http://www.linuxsecurity.com/content/view/123874 * Mandriva: Updated freeciv packages fix DoS vulnerabilities 31st, July, 2006 Buffer overflow in Freeciv 2.1.0-beta1 and earlier, and SVN 15 Jul 2006 and earlier, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a (1) negative chunk_length or a (2) large chunk->offset value in a PACKET_PLAYER_ATTRIBUTE_CHUNK packet in the generic_handle_ player_attribute_chunk function in common/packets.c, and (3) a large packet->length value in the handle_unit_orders function in server/unithand.c. http://www.linuxsecurity.com/content/view/123895 * Mandriva: Updated ImageMagick packages fix infinite loop issue 31st, July, 2006 ImageMagick-5.5.7, in the ReadTIFFImage function, was found to be susceptible to a condition that consumes 100% of the system cpu if attempting to view a carefully crafted tif image using the "display" or "identify" programs. This has already been addressed in newer versions of ImageMagick and only effects the Corp3 products. http://www.linuxsecurity.com/content/view/123896 * Mandriva: Updated kdegraphics packages fix multiple libtiff vulnerabilities 1st, August, 2006 Tavis Ormandy, Google Security Team, discovered several vulnerabilites the libtiff image processing library. http://www.linuxsecurity.com/content/view/123913 * Mandriva: Updated libtiff packages fix multiple vulnerabilities 1st, August, 2006 Tavis Ormandy, Google Security Team, discovered several vulnerabilites the libtiff image processing library. http://www.linuxsecurity.com/content/view/123914 +---------------------------------+ | Distribution: Red Hat | ----------------------------// +---------------------------------+ * RedHat: Critical: seamonkey security update 27th, July, 2006 Updated seamonkey packages that fix several security bugs are now available for Red Hat Enterprise Linux 3. This update has been rated as having critical security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/123760 * RedHat: Moderate: ruby security update 27th, July, 2006 Updated ruby packages that fix security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/123763 * RedHat: Critical: firefox security update 28th, July, 2006 Updated firefox packages that fix several security bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/123875 * RedHat: Critical: thunderbird security update 28th, July, 2006 Updated thunderbird packages that fix several security bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/123876 * RedHat: Important: libtiff security update 2nd, August, 2006 Updated libtiff packages that fix several security flaws are now available for Red Hat Enterprise Linux. This update has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/123936 * RedHat: Moderate: gnupg security update 2nd, August, 2006 Updated GnuPG packages that fix a security issue is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/123937 * RedHat: Critical: seamonkey security update 2nd, August, 2006 Updated seamonkey packages that fix several security bugs in the mozillapackage are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/123938 +---------------------------------+ | Distribution: SuSE | ----------------------------// +---------------------------------+ * SuSE: apache,apache2 mod_rewrite problem 28th, July, 2006 Updated package. http://www.linuxsecurity.com/content/view/123773 * SuSE: libtiff (SUSE-SA:2006:044) 1st, August, 2006 Updated package. http://www.linuxsecurity.com/content/view/123905 * SuSE: freetype2 (SUSE-SA:2006:045) 1st, August, 2006 Updated package. http://www.linuxsecurity.com/content/view/123907 ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------