+----------------------------------------------------------------------+ | LinuxSecurity.com Linux Advisory Watch | | January 15th, 2011 Volume 12, Number 3 | | | | Editorial Team: Dave Wreski <dwreski@xxxxxxxxxxxxxxxxx> | | Benjamin D. Thomas <bthomas@xxxxxxxxxxxxxxxxx> | +----------------------------------------------------------------------+ Thank you for reading the Linux Advisory Watch Security Newsletter. The purpose of this document is to provide our readers with a quick summary of each week's vendor security bulletins and pointers on methods to improve the security posture of your open source system. Vulnerabilities affect nearly every vendor virtually every week, so be sure to read through to find the updates your distributor have made available. Review: The Official Ubuntu Book -------------------------------- If you haven't used Linux before, are new to Ubuntu, or would like a quick update on the latest in open source advancements for the desktop, then The Official Ubuntu Book is a great place to start. http://www.linuxsecurity.com/content/view/153159 --> Take advantage of the LinuxSecurity.com Quick Reference Card! <-- --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf <-- ------------------------------------------------------------------------ * EnGarde Secure Community 3.0.22 Now Available! ---------------------------------------------- Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.22 (Version 3.0, Release 22). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy. http://www.linuxsecurity.com/content/view/145668 ------------------------------------------------------------------------ * Debian: 2144-1: wireshark: buffer overflow (Jan 14) --------------------------------------------------- It was discovered that a buffer overflow in the ENTTEC dissector may lead to the execution of arbitrary code. [More...] http://www.linuxsecurity.com/content/view/154144 * Debian: 2143-1: mysql-dfsg-5.0: several vulnerabilities (Jan 14) ---------------------------------------------------------------- Several vulnerabilities have been discovered in the MySQL database server. The Common Vulnerabilities and Exposures project identifies the [More...] http://www.linuxsecurity.com/content/view/154135 * Debian: 2141-4: lighttpd: compatibility problem with (Jan 12) ------------------------------------------------------------- The openssl update in DSA-2141-1 caused a regression in lighttpd. Due to a bug in lighttpd, the server fails to start in some configurations if using the updated openssl libraries. This update fixes this problem. [More...] http://www.linuxsecurity.com/content/view/154122 * Debian: 2122-2: glibc: missing input sanitization (Jan 11) ---------------------------------------------------------- Colin Watson discovered that the update for stable relased in DSA-2122-1 did not complete address the underlying security issue in all possible scenarios. [More...] http://www.linuxsecurity.com/content/view/154110 ------------------------------------------------------------------------ * Gentoo: 201101-03: libvpx: User-assisted execution of arbitrary code (Jan 14) ----------------------------------------------------------------------------- Timothy B. Terriberry discovered that libvpx contains an integeroverflow vulnerability in the processing of video streams that mayallow user-assisted execution of arbitrary code. http://www.linuxsecurity.com/content/view/154146 * Gentoo: 201101-02: Tor: Remote heap-based buffer overflow (Jan 14) ------------------------------------------------------------------ Tor is vulnerable to a heap-based buffer overflow that may allowarbitrary code execution. http://www.linuxsecurity.com/content/view/154145 ------------------------------------------------------------------------ * Mandriva: 2011:009: gif2png (Jan 14) ------------------------------------ A vulnerability has been found and corrected in gif2png: Stack-based buffer overflow in gif2png.c in gif2png 2.5.3 and earlier might allow context-dependent attackers to execute arbitrary code via a long command-line argument, as demonstrated by a CGI program [More...] http://www.linuxsecurity.com/content/view/154143 * Mandriva: 2011:008: perl-CGI (Jan 14) ------------------------------------- A vulnerability has been found and corrected in perl-CGI: Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unknown vectors. NOTE: this issue exists [More...] http://www.linuxsecurity.com/content/view/154142 * Mandriva: 2011:007: wireshark (Jan 14) -------------------------------------- A vulnerability has been found and corrected in wireshark: Buffer overflow in the MAC-LTE dissector (epan/dissectors/packet-mac-lte.c) in Wireshark 1.2.0 through 1.2.13 and 1.4.0 through 1.4.2 allows remote attackers to cause a denial [More...] http://www.linuxsecurity.com/content/view/154141 * Mandriva: 2011:006: subversion (Jan 14) --------------------------------------- Multiple vulnerabilities has been found and corrected in subversion: The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.15, allows remote authenticated users to cause a denial of service (NULL [More...] http://www.linuxsecurity.com/content/view/154136 * Mandriva: 2011:005: evince (Jan 13) ----------------------------------- Multiple vulnerabilities has been found and corrected in evince: Array index error in the PK and VF font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute [More...] http://www.linuxsecurity.com/content/view/154128 * Mandriva: 2011:004: php-phar (Jan 10) ------------------------------------- A vulnerability has been found and corrected in php-phar: Multiple format string vulnerabilities in the phar extension in PHP 5.3 before 5.3.2 allow context-dependent attackers to obtain sensitive information (memory contents) and possibly execute arbitrary code [More...] http://www.linuxsecurity.com/content/view/154104 * Mandriva: 2011:003: MHonArc (Jan 10) ------------------------------------ Multiple vulnerabilities has been found and corrected in MHonArc: MHonArc 2.6.16 allows remote attackers to cause a denial of service (CPU consumption) via start tags that are placed within other start tags, as demonstrated by a <bo<bo<bo<bo<body>dy>dy>dy>dy> sequence, [More...] http://www.linuxsecurity.com/content/view/154099 * Mandriva: 2011:002: wireshark (Jan 9) ------------------------------------- A vulnerability has been found and corrected in wireshark: Buffer overflow in epan/dissectors/packet-enttec.c in Wireshark 1.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ENTTEC DMX [More...] http://www.linuxsecurity.com/content/view/154094 * Mandriva: 2011:001: dhcp (Jan 7) -------------------------------- A vulnerability has been found and corrected in dhcp: ISC DHCP server 4.2 before 4.2.0-P2, when configured to use failover partnerships, allows remote attackers to cause a denial of service (communications-interrupted state and DHCP client service loss) [More...] http://www.linuxsecurity.com/content/view/154090 ------------------------------------------------------------------------ * Red Hat: 2011:0028-01: kvm: Low Advisory (Jan 13) ------------------------------------------------- Updated kvm packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low [More...] http://www.linuxsecurity.com/content/view/154126 * Red Hat: 2011:0027-01: python: Low Advisory (Jan 13) ---------------------------------------------------- Updated python packages that fix multiple security issues, several bugs, and add two enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low [More...] http://www.linuxsecurity.com/content/view/154125 * Red Hat: 2011:0025-01: gcc: Low Advisory (Jan 13) ------------------------------------------------- Updated gcc packages that fix two security issues and several compiler bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low [More...] http://www.linuxsecurity.com/content/view/154123 * Red Hat: 2011:0007-01: kernel: Important Advisory (Jan 11) ---------------------------------------------------------- Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having [More...] http://www.linuxsecurity.com/content/view/154111 * Red Hat: 2011:0013-01: wireshark: Moderate Advisory (Jan 10) ------------------------------------------------------------ Updated wireshark packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/154102 ------------------------------------------------------------------------ * Slackware: 2011-010-01: php: Security Update (Jan 10) ----------------------------------------------------- New php packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix a security issue. [More Info...] http://www.linuxsecurity.com/content/view/154105 ------------------------------------------------------------------------ * SuSE: 2011-004: Linux kernel (Jan 14) ------------------------------------- The SUSE Linux Enterprise 11 Service Pack 1 kernel was updated to 2.6.32.27 and fixes various bugs and security issues. Following security issues were fixed: CVE-2010-4258: A local attacker could use a Oops (kernel crash) caused by other flaws to write a 0 byte to a attacker controlled address [More...] http://www.linuxsecurity.com/content/view/154140 * SuSE: Weekly Summary 2011:001 (Jan 11) -------------------------------------- To avoid flooding mailing lists with SUSE Security Announcements for minor issues, SUSE Security releases weekly summary reports for the low profile vulnerability fixes. The SUSE Security Summary Reports do not list or download URLs like the SUSE Security Announcements that are released for more severe vulnerabilities. List of vulnerabilities in this summary include: finch/pidgin, libmoon-devel/moonlight-plugin, libsmi, openssl, perl-CGI-Simple, supportutils, wireshark. http://www.linuxsecurity.com/content/view/154106 ------------------------------------------------------------------------ * Ubuntu: 1042-2: PHP5 regression (Jan 13) ---------------------------------------- USN-1042-1 fixed vulnerabilities in PHP5. The fix for CVE-2010-3436introduced a regression in the open_basedir restriction handling code.This update fixes the problem. [More...] http://www.linuxsecurity.com/content/view/154124 * Ubuntu: 1043-1: Little CMS vulnerability (Jan 12) ------------------------------------------------- It was discovered that a NULL pointer dereference in the code forhandling transformations of monochrome profiles could allow an attackerto cause a denial of service through a specially crafted image.(CVE-2009-0793) [More...] http://www.linuxsecurity.com/content/view/154114 * Ubuntu: 1009-2: GNU C Library vulnerability (Jan 12) ---------------------------------------------------- USN-1009-1 fixed vulnerabilities in the GNU C library. Colin Watsondiscovered that the fixes were incomplete and introduced flaws withsetuid programs loading libraries that used dynamic string tokens in theirRPATH. If the "man" program was installed setuid, a local attacker couldexploit this to gain "man" user privileges, potentially leading to further [More...] http://www.linuxsecurity.com/content/view/154113 * Ubuntu: 1042-1: PHP vulnerabilities (Jan 11) -------------------------------------------- It was discovered that an integer overflow in the XML UTF-8 decodingcode could allow an attacker to bypass cross-site scripting (XSS)protections. This issue only affected Ubuntu 6.06 LTS, Ubuntu 8.04 LTS,and Ubuntu 9.10. (CVE-2009-5016) [More...] http://www.linuxsecurity.com/content/view/154112 * Ubuntu: 1041-1: Linux kernel vulnerabilities (Jan 10) ----------------------------------------------------- Dan Rosenberg discovered that the btrfs filesystem did not correctlyvalidate permissions when using the clone function. A local attacker couldoverwrite the contents of file handles that were opened for append-only,or potentially read arbitrary contents, leading to a loss of privacy. OnlyUbuntu 9.10 was affected. (CVE-2010-2537, CVE-2010-2538) [More...] http://www.linuxsecurity.com/content/view/154103 ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------
