+----------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | June 27th, 2008 Volume 9, Number 26 | | | | Editorial Team: Dave Wreski <dwreski@xxxxxxxxxxxxxxxxx> | | Benjamin D. Thomas <bthomas@xxxxxxxxxxxxxxxxx> | +----------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, advisories were released for libetpan, perl, kernel, jdk/jre, freetype, libvorbis, openssl, clamav, freetype2, fetchmail, sblim, and IBMJava2. The distributors include Debian, Fedora, Gentoo, Mandriva, Red Hat, and Ubuntu. --- >> Linux+DVD Magazine << In each issue you can find information concerning the best use of Linux: safety, databases, multimedia, scientific tools, entertainment, programming, e-mail, news and desktop environments. Catch up with what professional network and database administrators, system programmers, webmasters and all those who believe in the power of Open Source software are doing! http://www.linuxsecurity.com/ads/adclick.php?bannerid=26 --- Security Features of Firefox 3.0 -------------------------------- Lets take a look at the security features of the newly released Firefox 3.0. Since it's release on Tuesday I have been testing it out to see how the new security enhancements work and help in increase user browsing security. One of the exciting improvements for me was how Firefox handles SSL secured web sites while browsing the Internet. There are also many other security features that this article will look at. For example, improved plugin and addon security. Read on for more security features of Firefox 3.0. http://www.linuxsecurity.com/content/view/138972 --- Review: The Book of Wireless ---------------------------- "The Book of Wireless" by John Ross is an answer to the problem of learning about wireless networking. With the wide spread use of Wireless networks today anyone with a computer should at least know the basics of wireless. Also, with the wireless networking, users need to know how to protect themselves from wireless networking attacks. http://www.linuxsecurity.com/content/view/136167 --> Take advantage of the LinuxSecurity.com Quick Reference Card! <-- --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf <-- ------------------------------------------------------------------------ * EnGarde Secure Community 3.0.19 Now Available! (Apr 15) ------------------------------------------------------- Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.19 (Version 3.0, Release 19). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy. http://www.linuxsecurity.com/content/view/136174 ------------------------------------------------------------------------ * Debian: New libtk-img packages fix arbitrary code execution (Jun 19) -------------------------------------------------------------------- It was discovered that a buffer overflow in the GIF image parsing code of Tk, a cross-platform graphical toolkit, could lead to denial of service and potentially the execution of arbitrary code. http://www.linuxsecurity.com/content/view/138786 ------------------------------------------------------------------------ * Fedora 8 Update: libetpan-0.54-1.fc8 (Jun 26) --------------------------------------------- Update to new upstream version 0.54 fixing a crash (NULL pointer dereference) in the mail message header parser. Note: There is no application in Fedora using libetpan library for which such crash could be considered a security issue. This can only be a security sensitive issue for some 3rd party, not packages applications. http://www.linuxsecurity.com/content/view/139125 * Fedora 9 Update: perl-5.10.0-27.fc9 (Jun 26) -------------------------------------------- CVE-2008-2827 perl: insecure use of chmod in rmtree http://www.linuxsecurity.com/content/view/139106 * Fedora 8 Update: kernel-2.6.25.6-27.fc8 (Jun 20) ------------------------------------------------ The asn1 implementation in (a) the Linux kernel 2.4 before 2.4.36.6 and 2.6 before 2.6.25.5, as used in the cifs and ip_nat_snmp_basic modules; and (b) the gxsnmp package; does not properly validate length values during decoding of ASN.1 BER data, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) a length greater than the working buffer, which can lead to an unspecified overflow; (2) an oid length of zero, which can lead to an off-by-one error; or (3) an indefinite length for a primitive encoding. http://www.linuxsecurity.com/content/view/138800 ------------------------------------------------------------------------ * Gentoo: IBM JDK/JRE Multiple vulnerabilities (Jun 25) ----------------------------------------------------- Multiple vulnerabilities have been found in IBM Java Development Kit (JDK) and Java Runtime Environment (JRE), resulting in the execution of arbitrary code. http://www.linuxsecurity.com/content/view/139050 * Gentoo: FreeType User-assisted execution of arbitrary code (Jun 23) ------------------------------------------------------------------- Font parsing vulnerabilities in FreeType might lead to user-assisted execution of arbitrary code. http://www.linuxsecurity.com/content/view/138977 * Gentoo: libvorbis Multiple vulnerabilities (Jun 23) --------------------------------------------------- Multiple vulnerabilities in libvorbis might lead to the execution of arbitrary code. http://www.linuxsecurity.com/content/view/138976 * Gentoo: OpenSSL Denial of Service (Jun 23) ------------------------------------------ Two vulnerabilities might allow for a Denial of Service of daemons using OpenSSL. http://www.linuxsecurity.com/content/view/138975 * Gentoo: X.Org X server Multiple vulnerabilities (Jun 19) -------------------------------------------------------- Multiple vulnerabilities have been discovered in the X.Org X server, possibly allowing for the remote execution of arbitrary code with root privileges. http://www.linuxsecurity.com/content/view/138785 ------------------------------------------------------------------------ * Mandriva: Updated clamav packages fix vulnerability (Jun 24) ------------------------------------------------------------ A vulnerability was discovered in ClamAV and corrected with the 0.93.1 release: libclamav/petite.c in ClamAV before 0.93.1 allows remote attackers to cause a denial of service via a crafted Petite file that triggers an out-of-bounds read. (CVE-2008-2713) Other bugs have also been corrected in 0.93.1 which is being provided with this update. http://www.linuxsecurity.com/content/view/138983 * Mandriva: Updated freetype2 packages fix vulnerabilities (Jun 23) ----------------------------------------------------------------- Multiple vulnerabilities were discovered in FreeType's Printer Font Binary (PFB) font-file format parser. If a user were to load a carefully crafted font file with a program linked against FreeType, it could cause the application to crash or potentially execute arbitrary code (CVE-2008-1806, CVE-2008-1807, CVE-2008-1808). The updated packages have been patched to prevent this issue. http://www.linuxsecurity.com/content/view/138973 * Mandriva: Updated fetchmail packages fix DoS vulnerability (Jun 20) ------------------------------------------------------------------- A flaw in fetchmail was discovered that allowed remote attackers to cause a denial of service (crash and persistent mail failure) via a malformed message with long headers. The crash only occured when fetchmail was called in '-v -v' mode (CVE-2008-2711). The updated packages have been patched to prevent this issue. http://www.linuxsecurity.com/content/view/138788 ------------------------------------------------------------------------ * RedHat: Important: kernel security and bug fix update (Jun 25) -------------------------------------------------------------- Updated kernel packages that fix several security issues and a bug are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/139053 * RedHat: Important: sblim security update (Jun 24) ------------------------------------------------- Updated sblim packages that resolve a security issue are now available for Red Hat Enterprise Linux 4 and Red Hat Enterprise Linux 5. It was discovered that certain sblim libraries had an RPATH (runtime library search path) set in the ELF (Executable and Linking Format) header. This RPATH pointed to a sub-directory of a world-writable, temporary directory. A local user could create a file with the same name as a library required by sblim (such as libc.so) and place it in the directory defined in the RPATH. This file could then execute arbitrary code with the privileges of the user running an application that used sblim (eg http://www.linuxsecurity.com/content/view/138979 * RedHat: Moderate: IBMJava2 security update (Jun 24) --------------------------------------------------- IBMJava2-JRE and IBMJava2-SDK packages that correct several security issues are available for Red Hat Enterprise Linux 2.1.A flaw was found in the applet class loader. An untrusted applet could use this flaw to circumvent network access restrictions, possibly connecting to services hosted on the machine that executed the applet. http://www.linuxsecurity.com/content/view/138978 * RedHat: Important: freetype security update (Jun 20) ---------------------------------------------------- Multiple flaws were discovered in FreeType's Printer Font Binary (PFB) font-file format parser. If a user loaded a carefully crafted font-file with a program linked against FreeType, it could cause the application to crash, or possibly execute arbitrary code. http://www.linuxsecurity.com/content/view/138791 * RedHat: Important: freetype security update (Jun 20) ---------------------------------------------------- Multiple flaws were discovered in FreeType's Printer Font Binary (PFB) and TrueType Font (TTF) font-file format parsers. If a user loaded a carefully crafted font-file with a program linked against FreeType, it could cause the application to crash, or possibly execute arbitrary code. http://www.linuxsecurity.com/content/view/138792 ------------------------------------------------------------------------ * Ubuntu: OpenSSL vulnerabilities (Jun 26) ----------------------------------------- It was discovered that OpenSSL was vulnerable to a double-free when using TLS server extensions. A remote attacker could send a crafted packet and cause a denial of service via application crash in applications linked against OpenSSL. Ubuntu 8.04 LTS does not compile TLS server extensions by default. (CVE-2008-0891) It was discovered that OpenSSL could dereference a NULL pointer. If a user or automated system were tricked into connecting to a malicious server with particular cipher suites, a remote attacker could cause a denial of service via application crash. (CVE-2008-1672) http://www.linuxsecurity.com/content/view/139127 * Ubuntu: Linux kernel vulnerabilities (Jun 19) ---------------------------------------------- It was discovered that the ALSA /proc interface did not write the correct number of bytes when reporting memory allocations. A local attacker might be able to access sensitive kernel memory, leading to a loss of privacy. (CVE-2007-4571) http://www.linuxsecurity.com/content/view/138787 ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------