+----------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | November 7th, 2008 Volume 9, Number 45 | | | | Editorial Team: Dave Wreski <dwreski@xxxxxxxxxxxxxxxxx> | | Benjamin D. Thomas <bthomas@xxxxxxxxxxxxxxxxx> | +----------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, advisories were released for mysql, rgmanager, uw-imap, enscript, openoffice, opera, libspf2, ruby, net-snmp, kernel, freetype2, mdkonline, netbpm, tk, and enscript. The distributors include Debian, Fedora, Gentoo, Mandriva, Red Hat, and Ubuntu. --- Linux+ Magazine! Linux in the Data Centre Check out the hot Linux+ Magazine at Barnes & Noble or online. Included with this issue are: - Installing Fedora 9 - Going Virtual with Ubuntu - Intro to Digital Forensics - Power Over Ethernet Tips - Using OpenLDAP - EnGarde Secure Linux Review - Interview with Pavel Radda from Foundry.net - Microsoft & Linux: What's the Deal? Packed with useful Linux tips & tricks, DVD with hundreds of tools, and the full EnGarde Secure Linux distribution! http://www.linuxsecurity.com/ads/adclick.php?bannerid=63 --- Earn your MS in Info Assurance online Norwich University's Master of Science in Information Assurance (MSIA) program, designated by the National Security Agency as providing academically excellent education in Information Assurance, provides you with the skills to manage and lead an organization-wide information security program and the tools to fluently communicate the intricacies of information security at an executive level. http://www.linuxsecurity.com/ads/adclick.php?bannerid=12 --- Never Installed a Firewall on Ubuntu? Try Firestarter ----------------------------------------------------- When I typed on Google "Do I really need a firewall?" 695,000 results came across. And I'm pretty sure they must be saying "Hell yeah!". In my opinion, no one would ever recommend anyone to sit naked on the internet keeping in mind the insecurity internet carries these days, unless you really know what you are doing. Read on for more information on Firestarter. http://www.linuxsecurity.com/content/view/142641 --- Review: Hacking Exposed Linux, Third Edition -------------------------------------------- "Hacking Exposed Linux" by ISECOM (Institute for Security and Open Methodologies) is a guide to help you secure your Linux environment. This book does not only help improve your security it looks at why you should. It does this by showing examples of real attacks and rates the importance of protecting yourself from being a victim of each type of attack. http://www.linuxsecurity.com/content/view/141165 --> Take advantage of the LinuxSecurity.com Quick Reference Card! <-- --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf <-- ------------------------------------------------------------------------ * EnGarde Secure Community 3.0.21 Now Available (Oct 7) ----------------------------------------------------- Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.21 (Version 3.0, Release 21). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy. In distribution since 2001, EnGarde Secure Community was one of the very first security platforms developed entirely from open source, and has been engineered from the ground-up to provide users and organizations with complete, secure Web functionality, DNS, database, e-mail security and even e-commerce. http://www.linuxsecurity.com/content/view/143039 ------------------------------------------------------------------------ * Debian: New mysql-dfsg-5.0 packages fix authorization bypass (Nov 5) -------------------------------------------------------------------- A symlink traversal vulnerability was discovered in MySQL, a relational database server. The weakness could permit an attacker having both CREATE TABLE access to a database and the ability to execute shell commands on the database server to bypass MySQL access controls, enabling them to write to tables in databases to which they would not ordinarily have access. http://www.linuxsecurity.com/content/view/143945 ------------------------------------------------------------------------ * Fedora 9 Update: rgmanager-2.03.09-1.fc9 (Nov 6) ------------------------------------------------ A major code audit did show several unsecure use of /tmp. This update addresses those issues across the whole code. http://www.linuxsecurity.com/content/view/144022 * Fedora 8 Update: uw-imap-2007d-1.fc8 (Nov 5) -------------------------------------------- Addresses a security vulnerability in tmail and dmail: http://mailman2.u.washington.edu/pipermail/imap-uw/2008-October/00226 7.html http://www.linuxsecurity.com/content/view/143910 * Fedora 9 Update: enscript-1.6.4-10.fc9 (Nov 5) ---------------------------------------------- There were found various buffer overflows in enscript. This update fixes CVE-2008-3863 and CVE-2008-4306 http://www.linuxsecurity.com/content/view/143892 * Fedora 8 Update: enscript-1.6.4-9.fc8 (Nov 5) --------------------------------------------- There were found various buffer overflows in enscript. This update fixes CVE-2008-3863 and CVE-2008-4306 http://www.linuxsecurity.com/content/view/143866 * Fedora 8 Update: openoffice.org-2.3.0-6.17.fc8 (Oct 31) ------------------------------------------------------- A security release to address: - CVE-2008-2237: Manipulated WMF files - CVE-2008-2238: Manipulated EMF files as described at http://www.openoffice.org/security/bulletin.html http://www.linuxsecurity.com/content/view/143832 * Fedora 9 Update: openoffice.org-2.4.2-18.1.fc9 (Oct 31) ------------------------------------------------------- Security update to address - CVE-2008-2237: Manipulated WMF files - CVE-2008-2238: Manipulated EMF files as described at http://www.openoffice.org/security/bulletin.html http://www.linuxsecurity.com/content/view/143813 ------------------------------------------------------------------------ * Gentoo: Opera Multiple vulnerabilities (Nov 3) ---------------------------------------------- Multiple vulnerabilities have been discovered in Opera, allowing for the execution of arbitrary code. http://www.linuxsecurity.com/content/view/143842 * Gentoo: libspf2 DNS response buffer overflow (Oct 30) ----------------------------------------------------- A memory management error in libspf2 might allow for remote execution of arbitrary code. http://www.linuxsecurity.com/content/view/143806 ------------------------------------------------------------------------ * Mandriva: Subject: [Security Announce] [ MDVSA-2008:226 ] ruby (Nov 6) ---------------------------------------------------------------------- A denial of service condition was found in Ruby's regular expression engine. If a Ruby script tried to process a large amount of data via a regular expression, it could cause Ruby to enter an infinite loop and crash (CVE-2008-3443). http://www.linuxsecurity.com/content/view/143951 * Mandriva: Subject: [Security Announce] [ MDVSA-2008:225 ] net-snmp (Nov 5) -------------------------------------------------------------------------- A denial of service vulnerability was discovered in how Net-SNMP processed GETBULK requests. A remote attacker with read access to the SNMP server could issue a specially-crafted request which would cause snmpd to crash (CVE-2008-4309). http://www.linuxsecurity.com/content/view/143851 * Mandriva: Subject: [Security Announce] [ MDVSA-2008:224 ] kernel (Nov 4) ------------------------------------------------------------------------ Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel: The error-reporting functionality in (1) fs/ext2/dir.c, (2) fs/ext3/dir.c, and possibly (3) fs/ext4/dir.c in the Linux kernel 2.6.26.5 does not limit the number of printk console messages that report directory corruption, which allows physically proximate attackers to cause a denial of service (temporary system hang) by mounting a filesystem that has corrupted dir->i_size and dir->i_blocks values and performing (a) read or (b) write operations. NOTE: there are limited scenarios in which this crosses privilege boundaries. (CVE-2008-3528) http://www.linuxsecurity.com/content/view/143849 * Mandriva: Subject: [Security Announce] [ MDVSA-2008:223 ] kernel (Oct 31) ------------------------------------------------------------------------- Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel: Buffer overflow in format descriptor parsing in the uvc_parse_format function in drivers/media/video/uvc/uvc_driver.c in uvcvideo in the video4linux (V4L) implementation in the Linux kernel before 2.6.26.1 has unknown impact and attack vectors. (CVE-2008-3496) http://www.linuxsecurity.com/content/view/143837 * Mandriva: Subject: [Security Announce] [ MDVSA-2008:121-1 ] freetype2 (Oct 31) ------------------------------------------------------------------------------ Multiple vulnerabilities were discovered in FreeType's Printer Font Binary (PFB) font-file format parser. If a user were to load a carefully crafted font file with a program linked against FreeType, it could cause the application to crash or potentially execute arbitrary code (CVE-2008-1806, CVE-2008-1807, CVE-2008-1808). The updated packages have been patched to prevent this issue. http://www.linuxsecurity.com/content/view/143836 * Mandriva: Subject: [Security Announce] [ MDVA-2008:163 ] mdkonline (Oct 30) --------------------------------------------------------------------------- This update ensures that the distribution upgrade notification is not detected in incorrect cases, and ensures that a distribution upgrade is only suggested after all security updates have been applied. It also improves the distribution upgrade confirmation dialog and reliability of network package installation. http://www.linuxsecurity.com/content/view/143805 * Mandriva: Subject: [Security Announce] [ MDVA-2008:162 ] openoffice.org (Oct 30) -------------------------------------------------------------------------------- This update provides a new upstream version of OpenOffice.org - 2.4.1.10. It also corrects the following bugs: Under 2.4 versions of OpenOffice.org, the Orientation option was removed from printer properties which prevented users from printing on a booklet format in a way they were used to do. This OpenOffice.org update enables the Orientation printer option again. http://www.linuxsecurity.com/content/view/143804 ------------------------------------------------------------------------ * RedHat: Important: openoffice.org security update (Nov 5) --------------------------------------------------------- Updated openoffice.org packages that correct security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. SureRun Security Team discovered an integer overflow flaw leading to a heap buffer overflow in the Windows Metafile (WMF) image format parser. An attacker could create a carefully crafted document containing a malicious WMF file that could cause OpenOffice.org to crash, or, possibly, execute arbitrary code if opened by a victim. This update has been rated as having important security impact by the RedHat Security Response Team. http://www.linuxsecurity.com/content/view/143850 * RedHat: Important: kernel security and bug fix update (Nov 4) ------------------------------------------------------------- Updated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/143846 * RedHat: Important: net-snmp security update (Nov 3) --------------------------------------------------- Updated net-snmp packages that fix a security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/143840 ------------------------------------------------------------------------ * Ubuntu: Netpbm vulnerability (Nov 6) ------------------------------------- It was discovered that Netpbm could be made to overrun a buffer when loading certain images. If a user were tricked into opening a specially crafted GIF image, remote attackers could cause a denial of service or execute arbitrary code with user privileges. http://www.linuxsecurity.com/content/view/143949 * Ubuntu: Tk vulnerability (Nov 6) --------------------------------- It was discovered that Tk could be made to overrun a buffer when loading certain images. If a user were tricked into opening a specially crafted GIF image, remote attackers could cause a denial of service or execute arbitrary code with user privileges. http://www.linuxsecurity.com/content/view/143948 * Ubuntu: enscript vulnerability (Nov 3) --------------------------------------- Ulf Hrnhammar discovered multiple stack overflows in enscript's handling of special escape arguments. If a user or automated system were tricked into processing a malicious file with the "-e" option enabled, a remote attacker could execute arbitrary code or cause enscript to crash, possibly leading to a denial of service. http://www.linuxsecurity.com/content/view/143844 ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------
