+----------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | October 16th, 2009 Volume 10, Number 42 | | | | Editorial Team: Dave Wreski <dwreski@xxxxxxxxxxxxxxxxx> | | Benjamin D. Thomas <bthomas@xxxxxxxxxxxxxxxxx> | +----------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, advisories were released for pygresql, mysql-ocaml, samba, kvm, python-django, opensaml2, wget, dnsmasq, rubygem, drupal, dopewars, deltarpm, aria, strongswan, libmikmod, libnasl, mono, wireshark, xmlsec, awstats, gd, egroupware, sympa, netpbm, imagemagick, mozilla-thunderbird, cups, xpdf, gpdf, squirrelmail, zope, pan, and mimtex. The distributors include Debian, Fedora, Mandriva, Red Hat, and Ubuntu. --- >> Linux+DVD Magazine << In each issue you can find information concerning the best use of Linux: safety, databases, multimedia, scientific tools, entertainment, programming, e-mail, news and desktop environments. Catch up with what professional network and database administrators, system programmers, webmasters and all those who believe in the power of Open Source software are doing! http://www.linuxsecurity.com/ads/adclick.php?bannerid=26 --- Review: Googling Security: How Much Does Google Know About You -------------------------------------------------------------- If I ask "How much do you know about Google?" You may not take even a second to respond. But if I may ask "How much does Google know about you"? You may instantly reply "Wait... what!? Do they!?" The book "Googling Security: How Much Does Google Know About You" by Greg Conti (Computer Science Professor at West Point) is the first book to reveal how Google's vast information stockpiles could be used against you or your business and what you can do to protect yourself. http://www.linuxsecurity.com/content/view/145939 --- A Secure Nagios Server ---------------------- Nagios is a monitoring software designed to let you know about problems on your hosts and networks quickly. You can configure it to be used on any network. Setting up a Nagios server on any Linux distribution is a very quick process however to make it a secure setup it takes some work. This article will not show you how to install Nagios since there are tons of them out there but it will show you in detail ways to improve your Nagios security. http://www.linuxsecurity.com/content/view/144088 --> Take advantage of the LinuxSecurity.com Quick Reference Card! <-- --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf <-- ------------------------------------------------------------------------ * EnGarde Secure Community 3.0.22 Now Available! (Dec 9) ------------------------------------------------------ Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.22 (Version 3.0, Release 22). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy. http://www.linuxsecurity.com/content/view/145668 ------------------------------------------------------------------------ * Debian: New pygresql packages provide secure escaping (Oct 14) -------------------------------------------------------------- http://www.linuxsecurity.com/content/view/150385 * Debian: New mysql-ocaml packages provide secure escaping (Oct 14) ----------------------------------------------------------------- http://www.linuxsecurity.com/content/view/150384 * Debian: New postgresql-ocaml packages provide secure escaping (Oct 14) ---------------------------------------------------------------------- http://www.linuxsecurity.com/content/view/150383 * Debian: New samba packages fix several vulnerabilities (Oct 13) --------------------------------------------------------------- http://www.linuxsecurity.com/content/view/150374 * Debian: New kvm packages fix several vulnerabilities (Oct 13) ------------------------------------------------------------- http://www.linuxsecurity.com/content/view/150355 * Debian: New python-django packages fix denial of service (Oct 10) ----------------------------------------------------------------- http://www.linuxsecurity.com/content/view/150344 * Debian: New opensaml2 and shibboleth-sp2 packages fix regression (Oct 9) ------------------------------------------------------------------------ http://www.linuxsecurity.com/content/view/150341 * Debian: New wget packages fix SSL certificate verification weakness (Oct 9) --------------------------------------------------------------------------- http://www.linuxsecurity.com/content/view/150334 ------------------------------------------------------------------------ * Fedora 10 Update: dnsmasq-2.46-2.fc10 (Oct 13) ---------------------------------------------- This update fixes two security issues with dnsmasq's tftp server: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2957 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2958 http://www.linuxsecurity.com/content/view/150373 * Fedora 11 Update: rubygem-activeresource-2.3.2-2.fc11 (Oct 13) -------------------------------------------------------------- - Fixes CVE-2009-3009 - Downgrade to Rails 2.3.2 to avoid update issues for existing applications http://www.linuxsecurity.com/content/view/150371 * Fedora 11 Update: rubygem-rails-2.3.2-5.fc11 (Oct 13) ----------------------------------------------------- - Fixes CVE-2009-3009 - Downgrade to Rails 2.3.2 to avoid update issues for existing applications http://www.linuxsecurity.com/content/view/150372 * Fedora 11 Update: rubygem-actionpack-2.3.2-2.fc11 (Oct 13) ---------------------------------------------------------- - Fixes CVE-2009-3009 - Downgrade to Rails 2.3.2 to avoid update issues for existing applications http://www.linuxsecurity.com/content/view/150367 * Fedora 11 Update: rubygem-actionmailer-2.3.2-3.fc11 (Oct 13) ------------------------------------------------------------ - Fixes CVE-2009-3009 - Downgrade to Rails 2.3.2 to avoid update issues for existing applications http://www.linuxsecurity.com/content/view/150368 * Fedora 11 Update: rubygem-activerecord-2.3.2-2.fc11 (Oct 13) ------------------------------------------------------------ - Fixes CVE-2009-3009 - Downgrade to Rails 2.3.2 to avoid update issues for existing applications http://www.linuxsecurity.com/content/view/150369 * Fedora 11 Update: rubygem-activesupport-2.3.2-2.fc11 (Oct 13) ------------------------------------------------------------- - Fixes CVE-2009-3009 - Downgrade to Rails 2.3.2 to avoid update issues for existing applications http://www.linuxsecurity.com/content/view/150370 * Fedora 11 Update: drupal-service_links-6.x.1.0-5.fc11 (Oct 13) -------------------------------------------------------------- Common Vulnerabilities and Exposures assigned an identifier CVE-2009-3648 to the following vulnerability: Name: CVE-2009-3648 URL: http://cve.mitre.org /cgi-bin/cvename.cgi?name=CVE-2009-3648 Assigned: 20091009 Reference: MISC: http://www.madirish.net/?article=251 Reference: BID:36584 Reference: URL: http://www.securityfocus.com/bid/36584 Reference: XF:servicelinks-content-type- xss(53633) Reference: URL: http://xforce.iss.net/xforce/xfdb/53633 Cross- site scripting (XSS) vulnerability in Service Links 6.x-1.0, a module for Drupal, allows remote authenticated users, with 'administer content types' permissions, to inject arbitrary web script or HTML via unspecified vectors when displaying content type names. Checked drupal-service_links in CVS and this affects Fedora 10, 11, and rawhide. http://www.linuxsecurity.com/content/view/150366 * Fedora 10 Update: drupal-service_links-6.x.1.0-5.fc10 (Oct 13) -------------------------------------------------------------- Common Vulnerabilities and Exposures assigned an identifier CVE-2009-3648 to the following vulnerability: Name: CVE-2009-3648 URL: http://cve.mitre.org /cgi-bin/cvename.cgi?name=CVE-2009-3648 Assigned: 20091009 Reference: MISC: http://www.madirish.net/?article=251 Reference: BID:36584 Reference: URL: http://www.securityfocus.com/bid/36584 Reference: XF:servicelinks-content-type- xss(53633) Reference: URL: http://xforce.iss.net/xforce/xfdb/53633 Cross- site scripting (XSS) vulnerability in Service Links 6.x-1.0, a module for Drupal, allows remote authenticated users, with 'administer content types' permissions, to inject arbitrary web script or HTML via unspecified vectors when displaying content type names. Checked drupal-service_links in CVS and this affects Fedora 10, 11, and rawhide. http://www.linuxsecurity.com/content/view/150365 * Fedora 11 Update: dopewars-1.5.12-8.1033svn.fc11 (Oct 13) --------------------------------------------------------- Fix DoS. http://www.linuxsecurity.com/content/view/150364 * Fedora 11 Update: deltarpm-3.4-18.fc11 (Oct 13) ----------------------------------------------- deltarpm prior to the current build ships with a bundled copy of zlib. This version of zlib has a known vulnerability with CVE identifier: CAN-2005-1849 This build of deltarpm patches the program to use the system zlib (which was fixed when the vulnerability was first discovered) instead of the bundled copy. http://www.linuxsecurity.com/content/view/150363 * Fedora 11 Update: dnsmasq-2.46-3.fc11 (Oct 13) ---------------------------------------------- This update fixes two security issues with dnsmasq's tftp server: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2957 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2958 http://www.linuxsecurity.com/content/view/150362 * Fedora 10 Update: dopewars-1.5.12-8.1033svn.fc10 (Oct 13) --------------------------------------------------------- Fix DoS. http://www.linuxsecurity.com/content/view/150361 * Fedora 10 Update: deltarpm-3.4-11.fc10.1 (Oct 8) ------------------------------------------------ deltarpm prior to the current build ships with a bundled copy of zlib. This version of zlib has a known vulnerability with CVE identifier: CAN-2005-1849 This build of deltarpm patches the program to use the system zlib (which was fixed when the vulnerability was first discovered) instead of the bundled copy. http://www.linuxsecurity.com/content/view/150333 * Fedora 10 Update: aria2-1.3.1-2.fc10 (Oct 8) -------------------------------------------- Fixes CVE-2009-3575, A buffer overflow vulnerability described in more detail at https://bugzilla.redhat.com/show_bug.cgi?id=527827 http://www.linuxsecurity.com/content/view/150332 * Fedora 11 Update: deltarpm-3.4-17.fc11 (Oct 8) ---------------------------------------------- deltarpm prior to the current build ships with a bundled copy of zlib. This version of zlib has a known vulnerability with CVE identifier: CAN-2005-1849 This build of deltarpm patches the program to use the system zlib (which was fixed when the vulnerability was first discovered) instead of the bundled copy. http://www.linuxsecurity.com/content/view/150331 ------------------------------------------------------------------------ * Mandriva: Subject: [Security Announce] [ MDVSA-2009:278 ] compiz-fusion-plugins-main (Oct 14) --------------------------------------------------------------------------------------------- A vulnerability has been found and corrected in compiz-fusion-plugins-main: The Expo plugin in Compiz Fusion 0.7.8 allows local users with physical access to drag the screen saver aside and access the locked desktop by using Expo mouse shortcuts, a related issue to CVE-2007-3920 (CVE-2008-6514). This update fixes this vulnerability. http://www.linuxsecurity.com/content/view/150379 * Mandriva: Subject: [Security Announce] [ MDVSA-2009:277 ] samba (Oct 14) ------------------------------------------------------------------------ Multiple vulnerabilities has been found and corrected in samba: The SMB (aka Samba) subsystem in Apple Mac OS X 10.5.8, when Windows File Sharing is enabled, does not properly handle errors in resolving pathnames, which allows remote authenticated users to bypass intended sharing restrictions, and read, create, or modify files, in certain circumstances involving user accounts that lack home directories (CVE-2009-2813). smbd in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8, and 3.4 before 3.4.2 allows remote authenticated users to cause a denial of service (infinite loop) via an unanticipated oplock break notification reply packet (CVE-2009-2906). mount.cifs in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8 and 3.4 before 3.4.2, when mount.cifs is installed suid root, does not properly enforce permissions, which allows local users to read part of the credentials file and obtain the password by specifying the path to the credentials file and using the --verbose or -v option (CVE-2009-2948). The versions of samba shipping with Mandriva Linux CS4/MES5/2008.1/2009.0/2009.1 have been updated to the latest version that includes the fixes for these issues. Additionally for 2009.1 the version upgrade provides many upstream bug fixes such as improved Windows(tm) 7 support. The version for CS3 has been patched to address these security issues. http://www.linuxsecurity.com/content/view/150375 * Mandriva: Subject: [Security Announce] [ MDVSA-2009:276 ] python-django (Oct 13) -------------------------------------------------------------------------------- Multiple vulnerabilities has been found and corrected in python-django: The Admin media handler in core/servers/basehttp.py in Django 1.0 and 0.96 does not properly map URL requests to expected static media files, which allows remote attackers to conduct directory traversal attacks and read arbitrary files via a crafted URL (CVE-2009-2659). Algorithmic complexity vulnerability in the forms library in Django 1.0 before 1.0.4 and 1.1 before 1.1.1 allows remote attackers to cause a denial of service (CPU consumption) via a crafted (1) EmailField (email address) or (2) URLField (URL) that triggers a large amount of backtracking in a regular expression (CVE-2009-3695). The versions of Django shipping with Mandriva Linux have been updated to the latest patched version that include the fix for this issue. In addition, they provide other bug fixes. http://www.linuxsecurity.com/content/view/150360 * Mandriva: Subject: [Security Announce] [ MDVSA-2009:275 ] python-django (Oct 13) -------------------------------------------------------------------------------- A vulnerability has been found and corrected in python-django: The Admin media handler in core/servers/basehttp.py in Django 1.0 and 0.96 does not properly map URL requests to expected static media files, which allows remote attackers to conduct directory traversal attacks and read arbitrary files via a crafted URL (CVE-2009-2659). The versions of Django shipping with Mandriva Linux have been updated to the latest patched version that include the fix for this issue. In addition, they provide other bug fixes. http://www.linuxsecurity.com/content/view/150357 * Mandriva: Subject: [Security Announce] [ MDVSA-2009:274 ] phpmyadmin (Oct 13) ----------------------------------------------------------------------------- This is a security release for XSS and SQL injection problems. This upgrade provides phpmyadmin 2.11.9.6 for CS4 and 3.2.2.1 for MES5 which is not vulnerable for these security issues. http://www.linuxsecurity.com/content/view/150356 * Mandriva: Subject: [Security Announce] [ MDVSA-2009:273 ] strongswan (Oct 12) ----------------------------------------------------------------------------- A vulnerability has been found and corrected in strongswan: The ASN.1 parser (pluto/asn1.c, libstrongswan/asn1/asn1.c, libstrongswan/asn1/asn1_parser.c) in (a) strongSwan 2.8 before 2.8.10, 4.2 before 4.2.16, and 4.3 before 4.3.2; and (b) openSwan 2.6 before 2.6.22 and 2.4 before 2.4.15 allows remote attackers to cause a denial of service (pluto IKE daemon crash) via an X.509 certificate with (1) crafted Relative Distinguished Names (RDNs), (2) a crafted UTCTIME string, or (3) a crafted GENERALIZEDTIME string (CVE-2009-2185). This update fixes this vulnerability. http://www.linuxsecurity.com/content/view/150354 * Mandriva: Subject: [Security Announce] [ MDVSA-2009:272 ] libmikmod (Oct 12) ---------------------------------------------------------------------------- Multiple vulnerabilities has been found and corrected in libmikmod: libmikmod 3.1.9 through 3.2.0, as used by MikMod, SDL-mixer, and possibly other products, relies on the channel count of the last loaded song, rather than the currently playing song, for certain playback calculations, which allows user-assisted attackers to cause a denial of service (application crash) by loading multiple songs (aka MOD files) with different numbers of channels (CVE-2007-6720). libmikmod 3.1.11 through 3.2.0, as used by MikMod and possibly other products, allows user-assisted attackers to cause a denial of service (application crash) by loading an XM file (CVE-2009-0179). This update fixes these vulnerabilities. http://www.linuxsecurity.com/content/view/150353 * Mandriva: Subject: [Security Announce] [ MDVSA-2009:271 ] libnasl (Oct 12) -------------------------------------------------------------------------- A vulnerability has been found and corrected in libnasl: nasl/nasl_crypto2.c in the Nessus Attack Scripting Language library (aka libnasl) 2.2.11 does not properly check the return value from the OpenSSL DSA_do_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077 (CVE-2009-0125). This update fixes this vulnerability. http://www.linuxsecurity.com/content/view/150352 * Mandriva: Subject: [Security Announce] [ MDVSA-2009:269 ] mono (Oct 12) ----------------------------------------------------------------------- A vulnerability has been found and corrected in mono: The XML HMAC signature system did not correctly check certain lengths. If an attacker sent a truncated HMAC, it could bypass authentication, leading to potential privilege escalation (CVE-2009-0217). This update fixes this vulnerability. http://www.linuxsecurity.com/content/view/150351 * Mandriva: Subject: [Security Announce] [ MDVSA-2009:270 ] wireshark (Oct 12) ---------------------------------------------------------------------------- A vulnerability has been found and corrected in wireshark: Unspecified vulnerability in the OpcUa (OPC UA) dissector in Wireshark 0.99.6 through 1.0.8 and 1.2.0 through 1.2.1 allows remote attackers to cause a denial of service (memory and CPU consumption) via malformed OPCUA Service CallRequest packets (CVE-2009-3241). This update fixes this vulnerability. http://www.linuxsecurity.com/content/view/150350 * Mandriva: Subject: [Security Announce] [ MDVSA-2009:268 ] mono (Oct 12) ----------------------------------------------------------------------- Multiple vulnerabilities has been found and corrected in mono: Multiple cross-site scripting (XSS) vulnerabilities in the ASP.net class libraries in Mono 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via crafted attributes related to (1) HtmlControl.cs (PreProcessRelativeReference), (2) HtmlForm.cs (RenderAttributes), (3) HtmlInputButton (RenderAttributes), (4) HtmlInputRadioButton (RenderAttributes), and (5) HtmlSelect (RenderChildren) (CVE-2008-3422). The XML HMAC signature system did not correctly check certain lengths. If an attacker sent a truncated HMAC, it could bypass authentication, leading to potential privilege escalation (CVE-2009-0217). This update fixes these vulnerabilities. http://www.linuxsecurity.com/content/view/150346 * Mandriva: Subject: [Security Announce] [ MDVSA-2009:267 ] xmlsec1 (Oct 10) -------------------------------------------------------------------------- A vulnerability has been found and corrected in xmlsec1: A missing check for the recommended minimum length of the truncated form of HMAC-based XML signatures was found in xmlsec1 prior to 1.2.12. An attacker could use this flaw to create a specially-crafted XML file that forges an XML signature, allowing the attacker to bypass authentication that is based on the XML Signature specification (CVE-2009-0217). This update fixes this vulnerability. http://www.linuxsecurity.com/content/view/150343 * Mandriva: Subject: [Security Announce] [ MDVSA-2009:266 ] awstats (Oct 9) ------------------------------------------------------------------------- A vulnerability has been found and corrected in awstats: awstats.pl in AWStats 6.8 and earlier does not properly remove quote characters, which allows remote attackers to conduct cross-site scripting (XSS) attacks via the query_string parameter. NOTE: this issue exists because of an incomplete fix for CVE-2008-3714 (CVE-2008-5080). This update fixes this vulnerability. http://www.linuxsecurity.com/content/view/150342 * Mandriva: Subject: [Security Announce] [ MDVSA-2009:264 ] gd (Oct 9) -------------------------------------------------------------------- Multiple integer overflows in libgd in PHP before 5.2.4 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large (1) srcW or (2) srcH value to the (a) gdImageCopyResized function, or a large (3) sy (height) or (4) sx (width) value to the (b) gdImageCreate or the (c) gdImageCreateTrueColor function. (CVE-2007-3996) The updated packages have been patched to prevent this. http://www.linuxsecurity.com/content/view/150340 * Mandriva: Subject: [Security Announce] [ MDVSA-2009:265 ] egroupware (Oct 9) ---------------------------------------------------------------------------- A vulnerability has been found and corrected in egroupware: The _bad_protocol_once function in phpgwapi/inc/class.kses.inc.php in KSES, as used in eGroupWare before 1.4.003, Moodle before 1.8.5, and other products, allows remote attackers to bypass HTML filtering and conduct cross-site scripting (XSS) attacks via a string containing crafted URL protocols (CVE-2008-1502). This update fixes this vulnerability. http://www.linuxsecurity.com/content/view/150339 * Mandriva: Subject: [Security Announce] [ MDVSA-2009:263 ] sympa (Oct 9) ----------------------------------------------------------------------- A vulnerability has been found and corrected in sympa: sympa.pl in sympa 5.3.4 allows local users to overwrite arbitrary files via a symlink attack on a temporary file. NOTE: wwsympa.fcgi was also reported, but the issue occurred in a dead function, so it is not a vulnerability (CVE-2008-4476). This update fixes this vulnerability. http://www.linuxsecurity.com/content/view/150338 * Mandriva: Subject: [Security Announce] [ MDVSA-2009:262 ] netpbm (Oct 9) ------------------------------------------------------------------------ A vulnerability has been found and corrected in netpbm: pamperspective in Netpbm before 10.35.48 does not properly calculate a window height, which allows context-dependent attackers to cause a denial of service (crash) via a crafted image file that triggers an out-of-bounds read (CVE-2008-4799). This update fixes this vulnerability. http://www.linuxsecurity.com/content/view/150337 * Mandriva: Subject: [Security Announce] [ MDVSA-2009:260 ] imagemagick (Oct 8) ----------------------------------------------------------------------------- A vulnerability has been found and corrected in ImageMagick, which could lead to integer overflow in the XMakeImage function in magick/xwindow.c, allowing remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF file, which triggers a buffer overflow (CVE-2009-1882). This update fixes this vulnerability. http://www.linuxsecurity.com/content/view/150329 * Mandriva: Subject: [Security Announce] [ MDVSA-2009:261 ] graphicsmagick (Oct 8) -------------------------------------------------------------------------------- A vulnerability has been found and corrected in GraphicsMagick, which could lead to integer overflow in the XMakeImage function in magick/xwindow.c, allowing remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF file, which triggers a buffer overflow (CVE-2009-1882). This update fixes this vulnerability. http://www.linuxsecurity.com/content/view/150326 * Mandriva: Subject: [Security Announce] [ MDVSA-2009:217-2 ] mozilla-thunderbird (Oct 8) --------------------------------------------------------------------------------------- A number of security vulnerabilities have been discovered in Mozilla Thunderbird: Security issues in thunderbird could lead to a man-in-the-middle attack via a spoofed X.509 certificate (CVE-2009-2408). A vulnerability was found in xmltok_impl.c (expat) that with specially crafted XML could be exploited and lead to a denial of service attack. Related to CVE-2009-2625. This update provides the latest version of Thunderbird which are not vulnerable to these issues. Update: The previous mozilla-thunderbird-moztraybiff packages had the wrong release which prevented it to be upgraded (#53129). The new packages addresses this problem. http://www.linuxsecurity.com/content/view/150324 * Mandriva: Subject: [Security Announce] [ MDVSA-2009:217-1 ] mozilla-thunderbird (Oct 8) --------------------------------------------------------------------------------------- A number of security vulnerabilities have been discovered in Mozilla Thunderbird: Security issues in thunderbird could lead to a man-in-the-middle attack via a spoofed X.509 certificate (CVE-2009-2408). A vulnerability was found in xmltok_impl.c (expat) that with specially crafted XML could be exploited and lead to a denial of service attack. Related to CVE-2009-2625. This update provides the latest version of Thunderbird which are not vulnerable to these issues. Update: The mozilla-thunderbird-moztraybiff packages had the wrong release which prevented it to be upgraded (#53129). The new packages addresses this problem. http://www.linuxsecurity.com/content/view/150323 ------------------------------------------------------------------------ * RedHat: Moderate: cups security update (Oct 15) ----------------------------------------------- Updated cups packages that fix two security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/150392 * RedHat: Important: xpdf security update (Oct 15) ------------------------------------------------ An updated xpdf package that fixes multiple security issues is now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/150387 * RedHat: Important: kdegraphics security update (Oct 15) ------------------------------------------------------- Updated kdegraphics packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/150388 * RedHat: Important: gpdf security update (Oct 15) ------------------------------------------------ An updated gpdf package that fixes multiple security issues is now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/150389 * RedHat: Important: poppler security and bug fix update (Oct 15) --------------------------------------------------------------- Updated poppler packages that fix multiple security issues and a bug are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/150390 * RedHat: Important: kdegraphics security update (Oct 15) ------------------------------------------------------- Updated kdegraphics packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/150391 * RedHat: Important: xpdf security update (Oct 15) ------------------------------------------------ An updated xpdf package that fixes multiple security issues is now available for Red Hat Enterprise Linux 3. This update has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/150386 * RedHat: Moderate: java-1.4.2-ibm security update (Oct 14) --------------------------------------------------------- Updated java-1.4.2-ibm packages that fix two security issues are now available for Red Hat Enterprise Linux 3 Extras, Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 Supplementary. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/150378 * RedHat: Critical: acroread security update (Oct 14) --------------------------------------------------- Updated acroread packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3 Extras, Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/150377 * RedHat: Moderate: squirrelmail security update (Oct 8) ------------------------------------------------------ An updated squirrelmail package that fixes several security issues is now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/150325 ------------------------------------------------------------------------ * Ubuntu: Zope vulnerabilities (Oct 14) -------------------------------------- It was discovered that the Zope Object Database (ZODB) database server (ZEO) improperly filtered certain commands when a database is shared among multiple applications or application instances. A remote attacker could send malicious commands to the server and execute arbitrary code. (CVE-2009-0668) It was discovered that the Zope Object Database (ZODB) database server (ZEO) did not handle authentication properly when a database is shared among multiple applications or application instances. A remote attacker could use this flaw to bypass security restrictions. (CVE-2009-0669) It was discovered that Zope did not limit the number of new object ids a client could request. A remote attacker could use this flaw to consume a huge amount of resources, leading to a denial of service. (No CVE identifier) http://www.linuxsecurity.com/content/view/150376 * Ubuntu: Pan vulnerability (Oct 8) ---------------------------------- Pavel Polischouk discovered that Pan incorrectly handled certain data structures. If a user were tricked into viewing malicious nntp data, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. http://www.linuxsecurity.com/content/view/150322 * Ubuntu: mimeTeX vulnerabilities (Oct 8) ---------------------------------------- Chris Evans discovered that mimeTeX incorrectly handled certain long tags. An attacker could exploit this with a crafted mimeTeX expression and cause a denial of service or possibly execute arbitrary code. (CVE-2009-1382) Chris Evans discovered that mimeTeX contained certain directives that may be unsuitable for handling untrusted user input. This update fixed the issue by disabling the \input and \counter tags. (CVE-2009-2459) http://www.linuxsecurity.com/content/view/150321 ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------