---------- Forwarded message ---------- Date: Fri, 25 Apr 2008 10:57:43 -0400 (EDT) From: vuln-newsletter-owner@xxxxxxxxxxxxxxxxx To: ryan@xxxxxxxxxxxxxxxxxxx, ben@xxxxxxxxxxxxxxxxx Subject: Linux Advisory Watch: April 25th, 2008 +------------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | April 25th, 2008 Volume 9, Number 17 | | | | Editorial Team: Dave Wreski <dwreski@xxxxxxxxxxxxxxxxx> | | Benjamin D. Thomas <bthomas@xxxxxxxxxxxxxxxxx> | +------------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week security advisories were issued for Adobe Flash Player, Firefox,Gnumeric, JRockit, KOffice, OpenOffice.org, Openfire, PHP Toolkit, Poppler, PowerDNS, SILC, Speex, Sun JDK/JRE, VLC, clamav, iceape, iceweasel, kdegraphics, perl, phpmyadmin, roundup, rsync, suphp, wireshark, xine-lib, xpdf, and xulrunner. The distributors included Debian, Gentoo, Mandriva, Red Hat, Slackware, SuSE, and Ubuntu. --- >> Linux+DVD Magazine << Our magazine is read by professional network and database administrators, system programmers, webmasters and all those who believe in the power of Open Source software. The majority of our readers is between 15 and 40 years old. They are interested in current news from the Linux world, upcoming projects etc. In each issue you can find information concerning typical use of Linux: safety, databases, multimedia, scientific tools, entertainment, programming, e-mail, news and desktop environments. http://www.linuxsecurity.com/ads/adclick.php?bannerid=3D26 --- Review: The Book of Wireless ---------------------------- =93The Book of Wireless=94 by John Ross is an answer to the problem of learning about wireless networking. With the wide spread use of Wireless networks today anyone with a computer should at least know the basics of wireless. Also, with the wireless networking, users need to know how to protect themselves from wireless networking attacks. http://www.linuxsecurity.com/content/view/136167 --- April 2008 Open Source Tool of the Month: sudo ---------------------------------------------- This month the editors at LinuxSecurity.com have chosen sudo as the Open Source Tool of the Month! http://www.linuxsecurity.com/content/view/135868 --> Take advantage of the LinuxSecurity.com Quick Reference Card! <-- --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf <-- -------------------------------------------------------------------------- * EnGarde Secure Community 3.0.19 Now Available! (Apr 15) ------------------------------------------------------- Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.19 (Version 3.0, Release 19). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy. http://www.linuxsecurity.com/content/view/136174 -------------------------------------------------------------------------- * Debian: New xulrunner packages fix arbitrary code execution (Apr 24) -------------------------------------------------------------------- It was discovered that crashes in the Javascript engine of xulrunner, the Gecko engine library, could potentially lead to the execution of arbitrary code. http://www.linuxsecurity.com/content/view/136520 * Debian: New iceape packages fix regression (Apr 24) --------------------------------------------------- Several remote vulnerabilities have been discovered in the Iceape internet suite, an unbranded version of the Seamonkey Internet Suite. The Common Vulnerabilities and Exposures project identifies the following problems: http://www.linuxsecurity.com/content/view/136519 * Debian: New phpmyadmin packages fix several vulnerabilities (Apr 24) -------------------------------------------------------------------- Several remote vulnerabilities have been discovered in phpMyAdmin, an application to administrate MySQL over the WWW. The Common Vulnerabilities and Exposures project identifies the following problems: http://www.linuxsecurity.com/content/view/136518 * Debian: New perl packages fix denial of service (Apr 24) -------------------------------------------------------- It has been discovered that the Perl interpreter may encounter a buffer overflow condition when compiling certain regular expressions containing Unicode characters. This also happens if the offending characters are contained in a variable reference protected by the \Q...\E quoting construct. When encountering this condition, the Perl interpreter typically crashes, but arbitrary code execution cannot be ruled out. http://www.linuxsecurity.com/content/view/136517 * Debian: New iceweasel packages fix arbitrary code execution (Apr 23) -------------------------------------------------------------------- It was discovered that crashes in the Javascript engine of Iceweasel, an unbranded version of the Firefox browser could potentially lead to the execution of arbitrary code. http://www.linuxsecurity.com/content/view/136511 * Debian: New roundup packages fix cross-site scripting vulnerability (Apr = 22) -------------------------------------------------------------------------= --- Roundup, an issue tracking system, fails to properly escape HTML input, allowing an attacker to inject client-side code (typically JavaScript) into a document that may be viewed in the victim's browser http://www.linuxsecurity.com/content/view/136395 * Debian: New suphp packages fix local privilege escalation (Apr 17) ------------------------------------------------------------------ It was discovered that suphp, an Apache module to run PHP scripts with owner permissions handles symlinks insecurely, which may lead to privilege escalation by local users. http://www.linuxsecurity.com/content/view/136355 * Debian: New clamav packages fix several vulnerabilities (Apr 17) ---------------------------------------------------------------- Damian Put discovered that a buffer overflow in the handler for PeSpin binaries may lead to the execution of arbitrary code. http://www.linuxsecurity.com/content/view/136354 * Debian: New xpdf packages fix arbitrary code exitution (Apr 17) --------------------------------------------------------------- Xpdf's handling of embedded fonts lacks sufficient validation and type checking. If a maliciously-crafted PDF file is opened,=09 the vulnerability may allow the execution of arbitrary code with=09 the privileges of the user running xpdf. http://www.linuxsecurity.com/content/view/136346 * Debian: New OpenOffice.org packages fix arbitrary code execution (Apr 17) ------------------------------------------------------------------------- Several bugs have been discovered in the way OpenOffice.org parses Quattro Pro files that may lead to a overflow in the heap potentially leading to the execution of arbitrary code. http://www.linuxsecurity.com/content/view/136339 -------------------------------------------------------------------------- * Gentoo: JRockit Multiple vulnerabilities (Apr 24) ------------------------------------------------- Multiple vulnerabilities have been identified in BEA JRockit. http://www.linuxsecurity.com/content/view/136516 * Gentoo: SILC Multiple vulnerabilities (Apr 24) ---------------------------------------------- Multiple vulnerabilities were found in SILC Client, Server, and Toolkit, allowing for Denial of Service and execution of arbitrary code. http://www.linuxsecurity.com/content/view/136515 * Gentoo: Openfire Denial of Service (Apr 23) ------------------------------------------- A design error in Openfire might lead to a Denial of Service. http://www.linuxsecurity.com/content/view/136513 * Gentoo: VLC User-assisted execution of arbitrary code (Apr 23) -------------------------------------------------------------- Multiple vulnerabilities were found in VLC, allowing for the execution of arbitrary code. http://www.linuxsecurity.com/content/view/136512 * Gentoo: Openfire Denial of Service (Apr 23) ------------------------------------------- A design error in Openfire might lead to a Denial of Service. http://www.linuxsecurity.com/content/view/136510 * Gentoo: VLC User-assisted execution of arbitrary code (Apr 23) -------------------------------------------------------------- Multiple vulnerabilities were found in VLC, allowing for the execution of arbitrary code. http://www.linuxsecurity.com/content/view/136509 * Gentoo: PowerDNS Recursor DNS Cache Poisoning (Apr 18) ------------------------------------------------------ Use of insufficient randomness in PowerDNS Recursor might lead to DNS cache poisoning. http://www.linuxsecurity.com/content/view/136364 * Gentoo: Adobe Flash Player Multiple vulnerabilities (Apr 18) ------------------------------------------------------------ Multiple vulnerabilities have been identified, the worst of which allow arbitrary code execution on a user's system via a malicious Flash file. http://www.linuxsecurity.com/content/view/136363 * Gentoo: Sun JDK/JRE Multiple vulnerabilities (Apr 17) ----------------------------------------------------- Multiple vulnerabilities have been identified in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE). http://www.linuxsecurity.com/content/view/136357 * Gentoo: PHP Toolkit Data disclosure and Denial of Service (Apr 17) ------------------------------------------------------------------ PHP Toolkit does not quote parameters, allowing for PHP source code disclosure on Apache, and a Denial of Service. http://www.linuxsecurity.com/content/view/136356 * Gentoo: Poppler User-assisted execution of arbitrary code (Apr 17) ------------------------------------------------------------------ Poppler does not handle fonts inside PDF files safely, allowing for execution of arbitrary code. http://www.linuxsecurity.com/content/view/136345 * Gentoo: Poppler User-assisted execution of arbitrary code (Apr 17) ------------------------------------------------------------------ Poppler does not handle fonts inside PDF files safely, allowing for execution of arbitrary code. http://www.linuxsecurity.com/content/view/136343 * Gentoo: Speex User-assisted execution of arbitrary code (Apr 17) ---------------------------------------------------------------- Improper input validation in Speex might lead to array indexing vulnerabilities in multiple player applications. http://www.linuxsecurity.com/content/view/136342 * Gentoo: rsync Execution of arbitrary code (Apr 17) -------------------------------------------------- A buffer overflow in rsync might lead to the remote execution of arbitrary code when extended attributes are being used. http://www.linuxsecurity.com/content/view/136340 -------------------------------------------------------------------------- * Mandriva: Updated wireshark packages fix denial of service (Apr 24) ------------------------------------------------------------------- A few vulnerabilities were found in Wireshark, that could cause it to crash or hang under certain conditions. This update provides Wireshark 1.0.0, which is not vulnerable to the issues. http://www.linuxsecurity.com/content/view/136521 * Mandriva: Updated poppler packages fix vulnerability (Apr 17) ------------------------------------------------------------- Kees Cook of Ubuntu security found a flaw in how poppler prior to version 0.6 displayed malformed fonts embedded in PDF files. An attacker could create a malicious PDF file that would cause applications using poppler to crash, or possibly execute arbitrary code when opened (CVE-2008-1693). The updated packages have been patched to correct this issue. http://www.linuxsecurity.com/content/view/136360 * Mandriva: Updated clamav packages fix multiple (Apr 17) ------------------------------------------------------- Multiple vulnerabilities were discovered in ClamAV and corrected with the 0.93 release, including: ClamAV 0.92 allowed local users to overwrite arbitrary files via a symlink attack on temporary files or on .ascii files in sigtool, when utf16-decode is enabled (CVE-2007-6595). A heap-based buffer overflow in ClamAV 0.92.1 allowed remote attackers to execute arbitrary code via a crafted PeSpin packed PE binary (CVE-2008-0314). http://www.linuxsecurity.com/content/view/136359 -------------------------------------------------------------------------- * RedHat: Important: xpdf security update (Apr 17) ------------------------------------------------ Updated xpdf packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. Kees Cook discovered a flaw in the way xpdf displayed malformed fonts embedded in PDF files. An attacker could create a malicious PDF file that would cause xpdf to crash, or, potentially, execute arbitrary code when opened. (CVE-2008-1693) http://www.linuxsecurity.com/content/view/136353 * RedHat: Important: openoffice.org security update (Apr 17) ---------------------------------------------------------- Updated openoffice.org 1.x packages to correct multiple security issues are now available for Red Hat Enterprise Linux 3 and Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/136348 * RedHat: Important: openoffice.org security update (Apr 17) ---------------------------------------------------------- Updated openoffice.org 2.x packages to correct multiple security issues are now available for Red Hat Enterprise Linux 4 and Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/136349 * RedHat: Important: kdegraphics security update (Apr 17) ------------------------------------------------------- Updated kdegraphics packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/136351 * RedHat: Important: poppler security update (Apr 17) --------------------------------------------------- Updated poppler packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/136352 -------------------------------------------------------------------------- * Slackware: xine-lib (Apr 21) ------------------------------ New xine-lib packages are available for Slackware 10.0, 10.1, 10.2, 11.0, 12.0, and -current to fix security issues. An overflow was found in the Speex decoder that could lead to a crash or possible execution of arbitrary code. http://www.linuxsecurity.com/content/view/136391 * Slackware: mozilla-firefox (Apr 17) ------------------------------------- New mozilla-firefox packages are available for Slackware 10.2, 11.0, 12.0, and -current to fix a possible security bug. More details about this issue may be found here: http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2008-1380 http://www.mozilla.org/projects/security/known-vulnerabilities.html#fir efox=09 https://bugzilla.mozilla.org/show_bug.cgi?id=3D425576 http://www.linuxsecurity.com/content/view/136358 -------------------------------------------------------------------------- * SuSE: OpenOffice_org (SUSE-SA:2008:023) (Apr 18) ------------------------------------------------ These vulnerabilities can only by exploited remotely with user-assistance and in conjunction with other software receiving OOo documents over the network (like a kmail attachment). http://www.linuxsecurity.com/content/view/136361 -------------------------------------------------------------------------- * Ubuntu: Firefox vulnerabilities (Apr 22) ----------------------------------------- Flaws were discovered in Firefox which could lead to crashes during JavaScript garbage collection. If a user were tricked into opening a malicious web page, an attacker may be able to crash the browser or possibly execute arbitrary code with the user's privileges. (CVE-2008-1380) http://www.linuxsecurity.com/content/view/136393 * Ubuntu: Gnumeric vulnerability (Apr 21) ---------------------------------------- Thilo Pfennig and Morten Welinder discovered that the XLS spreadsheet handling code in Gnumeric did not correctly calculate needed memory sizes. If a user or automated system were tricked into loading a specially crafted XLS document, a remote attacker could execute arbitrary code with user privileges. http://www.linuxsecurity.com/content/view/136392 * Ubuntu: poppler vulnerability (Apr 17) --------------------------------------- It was discovered that the poppler PDF library did not correctly handle certain malformed embedded fonts. If a user or an automated system were tricked into opening a malicious PDF, a remote attacker could execute arbitrary code with user privileges. http://www.linuxsecurity.com/content/view/136347 * Ubuntu: KOffice vulnerability (Apr 17) --------------------------------------- USN-603-1 fixed vulnerabilities in poppler. This update provides the corresponding updates for KWord, part of KOffice. Original advisory details: It was discovered that the poppler PDF library did not correctly handle certain malformed embedded fonts. If a user or an automated system were tricked into opening a malicious PDF, a remote attacker could execute arbitrary code with user privileges. http://www.linuxsecurity.com/content/view/136350 ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email newsletter-request@xxxxxxxxxxxxxxxxx with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------
