+----------------------------------------------------------------------+ | LinuxSecurity.com Linux Advisory Watch | | February 18th, 2011 Volume 12, Number 8 | | | | Editorial Team: Dave Wreski <dwreski@xxxxxxxxxxxxxxxxx> | | Benjamin D. Thomas <bthomas@xxxxxxxxxxxxxxxxx> | +----------------------------------------------------------------------+ Thank you for reading the Linux Advisory Watch Security Newsletter. The purpose of this document is to provide our readers with a quick summary of each week's vendor security bulletins and pointers on methods to improve the security posture of your open source system. Vulnerabilities affect nearly every vendor virtually every week, so be sure to read through to find the updates your distributor have made available. Review: The Official Ubuntu Book -------------------------------- If you haven't used Linux before, are new to Ubuntu, or would like a quick update on the latest in open source advancements for the desktop, then The Official Ubuntu Book is a great place to start. http://www.linuxsecurity.com/content/view/153159 --> Take advantage of the LinuxSecurity.com Quick Reference Card! <-- --> http://www.linuxsecurity.com/docs/QuickRefCard.pdf <-- ------------------------------------------------------------------------ * EnGarde Secure Community 3.0.22 Now Available! ---------------------------------------------- Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.22 (Version 3.0, Release 22). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy. http://www.linuxsecurity.com/content/view/145668 ------------------------------------------------------------------------ * Debian: 2169-1: telepathy-gabble: insufficient input validati (Feb 16) ---------------------------------------------------------------------- It was discovered that telepathy-gabble, the Jabber/XMMP connection manager for the Telepathy framework, is processing google:jingleinfo updates without validating their origin. This may allow an attacker to trick telepathy-gabble into relaying streamed media data through a server of his choice and thus [More...] http://www.linuxsecurity.com/content/view/154417 * Debian: 2168-1: openafs: Multiple vulnerabilities (Feb 16) ---------------------------------------------------------- Two vulnerabilities were discovered the distributed filesystem AFS: CVE-2011-0430 [More...] http://www.linuxsecurity.com/content/view/154416 * Debian: 2167-1: phpmyadmin: sql injection (Feb 16) -------------------------------------------------- It was discovered that phpMyAdmin, a a tool to administer MySQL over the web, when the bookmarks feature is enabled, allowed to create a bookmarked query which would be executed unintentionally by other users. [More...] http://www.linuxsecurity.com/content/view/154415 * Debian: 2166-1: chromium-browser: Multiple vulnerabilities (Feb 16) ------------------------------------------------------------------- Several vulnerabilities were discovered in the Chromium browser. The Common Vulnerabilities and Exposures project identifies the following problems: [More...] http://www.linuxsecurity.com/content/view/154408 * Debian: 2165-1: ffmpeg-debian: buffer overflow (Feb 16) ------------------------------------------------------- Several vulnerabilities have been discovered in FFmpeg coders, which are used by by MPlayer and other applications. [More...] http://www.linuxsecurity.com/content/view/154404 * Debian: 2164-1: shadow: insufficient input sanitiza (Feb 15) ------------------------------------------------------------ Kees Cook discovered that the chfn and chsh utilities do not properly sanitize user input that includes newlines. An attacker could use this to to corrupt passwd entries and may create users or groups in NIS environments. [More...] http://www.linuxsecurity.com/content/view/154402 * Debian: 2161-2: openjdk-6: Multiple vulnerabilities (Feb 14) ------------------------------------------------------------ It was discovered that the floating point parser in OpenJDK, an implementation of the Java platform, can enter an infinite loop when processing certain input strings. Such input strings represent valid numbers and can be contained in data supplied by an attacker over the [More...] http://www.linuxsecurity.com/content/view/154386 * Debian: 2163-1: python-django: Multiple vulnerabilities (Feb 14) ---------------------------------------------------------------- Several vulnerabilities were discovered in the django web development framework: CVE-2011-0696 [More...] http://www.linuxsecurity.com/content/view/154384 * Debian: 2162-1: openssl: invalid memory access (Feb 14) ------------------------------------------------------- Neel Mehta discovered that an incorrectly formatted ClientHello handshake message could cause OpenSSL to parse past the end of the message. This allows an attacker to crash an application using OpenSSL by triggering an invalid memory access. Additionally, some applications may be vulnerable [More...] http://www.linuxsecurity.com/content/view/154382 * Debian: 2161-1: openjdk-6: denial of service (Feb 13) ----------------------------------------------------- It was discovered that the floating point parser in OpenJDK, an implementation of the Java platform, can enter an infinite loop when processing certain input strings. Such input strings represent valid numbers and can be contained in data supplied by an attacker over the [More...] http://www.linuxsecurity.com/content/view/154368 * Debian: 2160-1: tomcat6: Multiple vulnerabilities (Feb 13) ---------------------------------------------------------- Several vulnerabilities were discovered in the Tomcat Servlet and JSP engine: CVE-2010-3718 [More...] http://www.linuxsecurity.com/content/view/154367 * Debian: 2159-1: vlc: missing input sanitising (Feb 10) ------------------------------------------------------ Dan Rosenberg discovered that insufficient input validation in VLC's processing of Matroska/WebM containers could lead to the execution of arbitrary code. [More...] http://www.linuxsecurity.com/content/view/154346 ------------------------------------------------------------------------ * Mandriva: 2011:031: python-django (Feb 18) ------------------------------------------ Multiple vulnerabilities has been found and corrected in python-django: Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 does not properly validate HTTP requests that contain an X-Requested-With header, which makes it easier for remote attackers to conduct cross-site [More...] http://www.linuxsecurity.com/content/view/154434 * Mandriva: 2011:030: tomcat5 (Feb 18) ------------------------------------ Multiple vulnerabilities has been found and corrected in tomcat5: When running under a SecurityManager, access to the file system is limited but web applications are granted read/write permissions to the work directory. This directory is used for a variety of temporary [More...] http://www.linuxsecurity.com/content/view/154433 * Mandriva: 2011:029: kernel (Feb 17) ----------------------------------- A vulnerability was discovered and corrected in the Linux 2.6 kernel: The X.25 implementation does not properly parse facilities, which allows remote attackers to cause a denial of service (heap memory corruption and panic) or possibly have unspecified other impact via malformed data, a different vulnerability [More...] http://www.linuxsecurity.com/content/view/154425 * Mandriva: 2011:028: openssl (Feb 15) ------------------------------------ A vulnerability has been found and corrected in openssl: Incorrectly formatted ClientHello handshake message could cause OpenSSL to parse past the end of the message. This allows an attacker to crash an application using OpenSSL by triggering an invalid memory [More...] http://www.linuxsecurity.com/content/view/154391 * Mandriva: 2011:027: openoffice.org (Feb 14) ------------------------------------------- Multiple vulnerabilities were discovered and corrected in OpenOffice.org: Multiple directory traversal vulnerabilities allow remote attackers to overwrite arbitrary files via a .. (dot dot) in an entry in an [More...] http://www.linuxsecurity.com/content/view/154385 * Mandriva: 2011:026: phpmyadmin (Feb 14) --------------------------------------- Multiple vulnerabilities were discovered and corrected in phpmyadmin: When the files README, ChangeLog or LICENSE have been removed from their original place (possibly by the distributor), the scripts used to display these files can show their full path, leading to possible [More...] http://www.linuxsecurity.com/content/view/154377 ------------------------------------------------------------------------ * Red Hat: 2011:0281-01: java-1.6.0-openjdk: Important Advisory (Feb 17) ---------------------------------------------------------------------- Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having [More...] http://www.linuxsecurity.com/content/view/154423 * Red Hat: 2011:0282-01: java-1.6.0-sun: Critical Advisory (Feb 17) ----------------------------------------------------------------- Updated java-1.6.0-sun packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 and 6 Supplementary. [More...] http://www.linuxsecurity.com/content/view/154424 * Red Hat: 2011:0266-01: fence: Low Advisory (Feb 16) --------------------------------------------------- An updated fence package that fixes multiple security issues, several bugs, and adds two enhancements is now available for Red Hat Cluster Suite 4. The Red Hat Security Response Team has rated this update as having low [More...] http://www.linuxsecurity.com/content/view/154414 * Red Hat: 2011:0264-01: rgmanager: Low Advisory (Feb 16) ------------------------------------------------------- An updated rgmanager package that fixes multiple security issues and several bugs is now available for Red Hat Cluster Suite 4. The Red Hat Security Response Team has rated this update as having low [More...] http://www.linuxsecurity.com/content/view/154413 * Red Hat: 2011:0262-01: sendmail: Low Advisory (Feb 16) ------------------------------------------------------ Updated sendmail packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having low [More...] http://www.linuxsecurity.com/content/view/154412 * Red Hat: 2011:0265-01: ccs: Low Advisory (Feb 16) ------------------------------------------------- Updated ccs packages that fix one security issue are now available for Red Hat Cluster Suite 4. The Red Hat Security Response Team has rated this update as having low [More...] http://www.linuxsecurity.com/content/view/154411 * Red Hat: 2011:0261-01: bash: Low Advisory (Feb 16) -------------------------------------------------- Updated bash packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having low [More...] http://www.linuxsecurity.com/content/view/154409 * Red Hat: 2011:0260-01: python: Low Advisory (Feb 16) ---------------------------------------------------- Updated python packages that fix multiple security issues and three bugs are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having low [More...] http://www.linuxsecurity.com/content/view/154410 * Red Hat: 2011:0257-01: subversion: Moderate Advisory (Feb 15) ------------------------------------------------------------- Updated subversion packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/154399 * Red Hat: 2011:0258-01: subversion: Moderate Advisory (Feb 15) ------------------------------------------------------------- Updated subversion packages that fix three security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/154398 * Red Hat: 2011:0256-01: dhcp: Moderate Advisory (Feb 15) ------------------------------------------------------- Updated dhcp packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/154397 * Red Hat: 2011:0214-01: java-1.6.0-openjdk: Moderate Advisory (Feb 10) --------------------------------------------------------------------- Updated java-1.6.0-openjdk packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/154347 ------------------------------------------------------------------------ * Slackware: 2011-041-02: expat: Security Update (Feb 10) ------------------------------------------------------- New expat packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix security issues. [More Info...] http://www.linuxsecurity.com/content/view/154351 * Slackware: 2011-041-04: openssl: Security Update (Feb 10) --------------------------------------------------------- New openssl packages are available for 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix a security issue. [More Info...] http://www.linuxsecurity.com/content/view/154352 * Slackware: 2011-041-01: apr-util: Security Update (Feb 10) ---------------------------------------------------------- New apr and apr-util packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix a security issue. [More Info...] http://www.linuxsecurity.com/content/view/154348 * Slackware: 2011-041-03: httpd: Security Update (Feb 10) ------------------------------------------------------- New httpd packages are available for Slackware 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix security issues. [More Info...] http://www.linuxsecurity.com/content/view/154349 * Slackware: 2011-041-05: sudo: Security Update (Feb 10) ------------------------------------------------------ New sudo packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix a security issue. [More Info...] http://www.linuxsecurity.com/content/view/154350 ------------------------------------------------------------------------ * SuSE: 2011-009: Flash Player (Feb 14) ------------------------------------- The Adobe Flash Player was updated to the 10.2.152.26 release, fixing lots of bugs and security issues. Please also see: http://www.adobe.com/support/security/bulletins/apsb11-02.html http://www.linuxsecurity.com/content/view/154383 * SuSE: 2011-008: Linux kernel (Feb 11) ------------------------------------- This patch updates the SUSE Linux Enterprise Server 9 kernel to fix various security issues and some bugs. Following security issues were fixed: CVE-2010-4242: The hci_uart_tty_open function in the HCI UART driver (drivers/bluetooth/hci_ldisc.c) in the Linux kernel did not verify [More...] http://www.linuxsecurity.com/content/view/154353 ------------------------------------------------------------------------ * Ubuntu: 1067-1: Telepathy Gabble vulnerability (Feb 17) ------------------------------------------------------- It was discovered that Gabble did not verify the from field of googlejingleinfo updates. This could allow a remote attacker to perform manin the middle attacks (MITM) on streamed media. [More...] http://www.linuxsecurity.com/content/view/154422 * Ubuntu: 1065-1: shadow vulnerability (Feb 15) --------------------------------------------- Kees Cook discovered that some shadow utilities did not correctly validateuser input. A local attacker could exploit this flaw to inject newlines intothe /etc/passwd file. If the system was configured to use NIS, this couldlead to existing NIS groups or users gaining or losing access to the system,resulting in a denial of service or unauthorized access. [More...] http://www.linuxsecurity.com/content/view/154401 * Ubuntu: 1063-1: QEMU vulnerability (Feb 14) ------------------------------------------- Neil Wilson discovered that if VNC passwords were blank in QEMUconfigurations, access to VNC sessions was allowed without a passwordinstead of being disabled. A remote attacker could connect to runningVNC sessions of QEMU and directly control the system. By default, QEMUdoes not start VNC sessions. [More...] http://www.linuxsecurity.com/content/view/154389 * Ubuntu: 1060-1: Exim vulnerabilities (Feb 10) --------------------------------------------- It was discovered that Exim contained a design flaw in the way it processedalternate configuration files. An attacker that obtained privileges of the"Debian-exim" user could use an alternate configuration file to obtainroot privileges. (CVE-2010-4345) [More...] http://www.linuxsecurity.com/content/view/154345 ------------------------------------------------------------------------ * Pardus: 2011-45: Django: Multiple Vulnerabilities (Feb 14) ---------------------------------------------------------- Multiple vulnerabilities have been fixed in Django. http://www.linuxsecurity.com/content/view/154388 * Pardus: 2011-44: Poppler: Integer Overflow (Feb 14) --------------------------------------------------- A vulnerability has been fixed in poppler, which allows attackers to execute arbitrary commands with a specially crafted PDF file. http://www.linuxsecurity.com/content/view/154378 * Pardus: 2011-43: Wireshark: Uninitialized Pointer (Feb 14) ---------------------------------------------------------- A vulnerability has been fixed in wireshark, which allows remote attackers to cause a denial of service or have unspecified other impact http://www.linuxsecurity.com/content/view/154376 * Pardus: 2011-42: Pango: Buffer Overflow (Feb 14) ------------------------------------------------ A vulnerability has been fixed in Pango, which can potentially be exploited by malicious people to cause a denial of service (application crash) or possibly execute arbitrary code. http://www.linuxsecurity.com/content/view/154375 * Pardus: : Security Summary: Summary (Feb 14) -------------------------------------------- Multiple vulnerabilities have been fixed in Linux-PAM. http://www.linuxsecurity.com/content/view/154374 * Pardus: 2011-40: OpenSSH: Legacy Certificate (Feb 14) ----------------------------------------------------- A vulnerability has been fixed in PostgreSQL, which can potentially be exploited by malicious people to obtain sensitive contents or to conduct hash collision attacks http://www.linuxsecurity.com/content/view/154373 * Pardus: 2011-38: Tomcat: Multiple Vulnerabilities (Feb 14) ---------------------------------------------------------- Multiple vulnerabilities have been fixed in php. http://www.linuxsecurity.com/content/view/154371 * Pardus: 2011-39: VLC: Multiple Vulnerabilities (Feb 14) ------------------------------------------------------- Multiple vulnerabilities have been fixed in vlc, which can potentially be exploited by malicious people to cause a denial of service or possibly execute arbitrary code or commands. http://www.linuxsecurity.com/content/view/154372 * Pardus: 2011-37: PostgreSQL: Buffer Overflow (Feb 14) ----------------------------------------------------- A vulnerability has been fixed in PostgreSQL, which can potentially be exploited by malicious people to cause a denial of service (crash) and possibly execute arbitrary code. http://www.linuxsecurity.com/content/view/154370 * Pardus: 2011-36: DHCP: Denial of Service (Feb 14) ------------------------------------------------- A vulnerability has been fixed indhcp, which can be exploited by malicious users to cause a DoS (Denial of Service). http://www.linuxsecurity.com/content/view/154369 * Pardus: 2011-28: Patch: Arbitrary File (Feb 12) ----------------------------------------------- A vulnerability have been fixed in patch, which allows an attacker to create arbitrary files. http://www.linuxsecurity.com/content/view/154358 * Pardus: 2011-30: D-BUS: Stack overflow (Feb 12) ----------------------------------------------- A vulnerability have been fixed in d-bus, which allows local users to cause a denial of service. http://www.linuxsecurity.com/content/view/154359 * Pardus: 2011-27: Chromium: Multiple vulnerabilities (Feb 12) ------------------------------------------------------------ Multiple vulnerabilities have been fixed in chromium-browser. http://www.linuxsecurity.com/content/view/154360 * Pardus: 2011-33: HPlib: Stack Overflow (Feb 12) ----------------------------------------------- A vulnerability was found in hplib, which can be exploited by malicious people to cause denial of service http://www.linuxsecurity.com/content/view/154361 * Pardus: 2011-32: Subversion: Multiple (Feb 12) ---------------------------------------------- A vulnerability was found in subversion, which can be exploited by malicious people to cause denial of service http://www.linuxsecurity.com/content/view/154362 * Pardus: 2011-34: OpenOffice: Multiple (Feb 12) ---------------------------------------------- Multiple vulnerabilities have been fixed in openoffice. http://www.linuxsecurity.com/content/view/154363 * Pardus: 2011-35: PHP: Multiple vulnerabilities (Feb 12) ------------------------------------------------------- Multiple vulnerabilities have been fixed in php. http://www.linuxsecurity.com/content/view/154364 * Pardus: 2011-29: Wget: Arbitrary Files (Feb 12) ----------------------------------------------- A vulnerability have been fixed in wget, which allows an remote servers to create or ovewrite arbitrary files. http://www.linuxsecurity.com/content/view/154365 * Pardus: 2011-31: Sudo: Escalated Escalation (Feb 12) ---------------------------------------------------- A vulnerability was found in sudo, which can be exploited by malicious, local users to perform certain actions with escalated privileges. http://www.linuxsecurity.com/content/view/154366 ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------