+----------------------------------------------------------------------+ | LinuxSecurity.com Linux Advisory Watch | | June 3rd, 2011 Volume 12, Number 23 | | | | Editorial Team: Dave Wreski <dwreski@xxxxxxxxxxxxxxxxx> | | Benjamin D. Thomas <bthomas@xxxxxxxxxxxxxxxxx> | +----------------------------------------------------------------------+ Thank you for reading the Linux Advisory Watch Security Newsletter. The purpose of this document is to provide our readers with a quick summary of each week's vendor security bulletins and pointers on methods to improve the security posture of your open source system. Vulnerabilities affect nearly every vendor virtually every week, so be sure to read through to find the updates your distributor have made available. Book Review: Linux Kernel Programming ------------------------------------- As Linux is implemented on increasingly wider number of devices, the number of people responsible for developing and maintaining Linux on those platforms have increased. As the level of maturity of the kernel increases, so does the complexity, capabilities, and size. This book provides the Linux programmer the tools necessary to understand the core aspects of the kernel and how to interface with it. http://www.linuxsecurity.com/content/view/154775 -------------------------------------------------------------------- * Debian: 2252-1: dovecot: programming error (Jun 2) -------------------------------------------------- It was discovered that the message header parser in the Dovecot mail server parsed NUL characters incorrectly, which could lead to denial of service through malformed mail headers. [More...] http://www.linuxsecurity.com/content/view/155212 * Debian: 2251-1: subversion: Multiple vulnerabilities (Jun 2) ------------------------------------------------------------ Several vulnerabilities were discovered in Subversion, the version control system. The Common Vulnerabilities and Exposures project identifies the following problems: [More...] http://www.linuxsecurity.com/content/view/155205 * Debian: 2250-1: citadel: denial of service (May 31) --------------------------------------------------- Wouter Coekaerts discovered that the jabber server component of citadel, a complete and feature-rich groupware server, is vulnerable to the so-called "billion laughs" attack because it does not prevent entity expansion on received data. This allows an attacker to perform denial of service [More...] http://www.linuxsecurity.com/content/view/155193 * Debian: 2249-1: jabberd14: denial of service (May 31) ----------------------------------------------------- Wouter Coekaerts discovered that jabberd14, an instant messaging server using the Jabber/XMPP protocol, is vulnerable to the so-called "billion laughs" attack because it does not prevent entity expansion on received data. This allows an attacker to perform denial of service [More...] http://www.linuxsecurity.com/content/view/155192 * Debian: 2248-1: ejabberd: denial of service (May 31) ---------------------------------------------------- Wouter Coekaerts discovered that ejabberd, a distributed XMPP/Jabber server written in Erlang, is vulnerable to the so-called "billion laughs" attack because it does not prevent entity expansion on received data. This allows an attacker to perform denial of service attacks against the [More...] http://www.linuxsecurity.com/content/view/155191 * Debian: 2247-1: rails: several vulnerabilities (May 31) ------------------------------------------------------- Several vulnerabilities have been discovered in Rails, the Ruby web application framework. The Common Vulnerabilities and Exposures project identifies the following problems: [More...] http://www.linuxsecurity.com/content/view/155190 * Debian: 2246-1: mahara: several vulnerabilities (May 29) -------------------------------------------------------- Several vulnerabilities were discovered in mahara, an electronic portfolio, weblog, and resume builder. The following Common Vulnerabilities and Exposures project ids identify them: [More...] http://www.linuxsecurity.com/content/view/155173 * Debian: 2245-1: chromium-browser: several vulnerabilities (May 29) ------------------------------------------------------------------ Several vulnerabilities were discovered in the Chromium browser. The Common Vulnerabilities and Exposures project identifies the following problems: [More...] http://www.linuxsecurity.com/content/view/155172 * Debian: 2244-1: bind9: incorrect boundary conditio (May 27) ----------------------------------------------------------- It was discovered that BIND, an implementation of the DNS protocol, does not correctly process certain large RRSIG record sets in DNSSEC responses. The resulting assertion failure causes the name server process to crash, making name resolution unavailable. (CVE-2011-1910) [More...] http://www.linuxsecurity.com/content/view/155168 * Debian: 2243-1: unbound: design flaw (May 27) --------------------------------------------- It was discovered that Unbound, a caching DNS resolver, ceases to provide answers for zones signed using DNSSEC after it has processed a crafted query. (CVE-2009-4008) [More...] http://www.linuxsecurity.com/content/view/155167 ------------------------------------------------------------------------ * Mandriva: 2011:105: wireshark (Jun 1) ------------------------------------- This advisory updates wireshark to the latest version (1.2.17), fixing several security issues: * Large/infinite loop in the DICOM dissector. (Bug 5876) Versions affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6. [More...] http://www.linuxsecurity.com/content/view/155201 * Mandriva: 2011:104: bind (Jun 1) -------------------------------- A vulnerability has been identified and fixed in ISC BIND: Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service [More...] http://www.linuxsecurity.com/content/view/155197 * Mandriva: 2011:103: gimp (May 29) --------------------------------- Multiple vulnerabilities was discovered and fixed in gimp: Stack-based buffer overflow in the "LIGHTING EFFECTS > LIGHT" plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code [More...] http://www.linuxsecurity.com/content/view/155174 * Mandriva: 2011:102: rdesktop (May 28) ------------------------------------- A vulnerability has been identified and fixed in rdesktop: Directory traversal vulnerability in the disk_create function in disk.c in rdesktop before 1.7.0, when disk redirection is enabled, allows remote RDP servers to read or overwrite arbitrary files via [More...] http://www.linuxsecurity.com/content/view/155171 * Mandriva: 2011:101: dovecot (May 26) ------------------------------------ A vulnerability has been identified and fixed in dovecot: lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not properly handle '\0' (NUL) characters in header names, which allows remote attackers to cause a denial of [More...] http://www.linuxsecurity.com/content/view/155151 ------------------------------------------------------------------------ * Red Hat: 2011:0836-01: kernel: Important Advisory (Jun 1) --------------------------------------------------------- Updated kernel packages that fix multiple security issues and various bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having [More...] http://www.linuxsecurity.com/content/view/155203 * Red Hat: 2011:0841-01: systemtap: Moderate Advisory (May 31) ------------------------------------------------------------ Updated systemtap packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/155189 * Red Hat: 2011:0843-01: postfix: Moderate Advisory (May 31) ---------------------------------------------------------- Updated postfix packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/155188 * Red Hat: 2011:0844-01: apr: Low Advisory (May 31) ------------------------------------------------- Updated apr packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having low [More...] http://www.linuxsecurity.com/content/view/155187 * Red Hat: 2011:0845-01: bind: Important Advisory (May 31) -------------------------------------------------------- Updated bind and bind97 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having [More...] http://www.linuxsecurity.com/content/view/155186 * Red Hat: 2011:0838-01: gimp: Moderate Advisory (May 31) ------------------------------------------------------- Updated gimp packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/155185 * Red Hat: 2011:0842-01: systemtap: Moderate Advisory (May 31) ------------------------------------------------------------ Updated systemtap packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/155184 * Red Hat: 2011:0840-01: dhcp: Important Advisory (May 31) -------------------------------------------------------- Updated dhcp packages that fix one security issue are now available for Red Hat Enterprise Linux 3 Extended Life Cycle Support. The Red Hat Security Response Team has rated this update as having [More...] http://www.linuxsecurity.com/content/view/155183 * Red Hat: 2011:0837-01: gimp: Moderate Advisory (May 31) ------------------------------------------------------- Updated gimp packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/155181 * Red Hat: 2011:0833-01: kernel: Important Advisory (May 31) ---------------------------------------------------------- Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having [More...] http://www.linuxsecurity.com/content/view/155182 * Red Hat: 2011:0839-01: gimp: Moderate Advisory (May 31) ------------------------------------------------------- Updated gimp packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/155180 ------------------------------------------------------------------------ * Slackware: 2011-147-01: bind: Security Update (May 27) ------------------------------------------------------ New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues. [More Info...] http://www.linuxsecurity.com/content/view/155170 ------------------------------------------------------------------------ * SuSE: Weekly Summary 2011:010 (May 31) -------------------------------------- To avoid flooding mailing lists with SUSE Security Announcements for minor issues, SUSE Security releases weekly summary reports for the low profile vulnerability fixes. The SUSE Security Summary Reports do not list or download URLs like the SUSE Security Announcements that are released for more severe vulnerabilities. List of vulnerabilities in this summary include: postfix, libthunarx-2-0, rdesktop, python, viewvc, kvm, exim, logrotate, dovecot12/dovecot20, pure-ftpd, kdelibs4. http://www.linuxsecurity.com/content/view/155176 ------------------------------------------------------------------------ * Ubuntu: 1143-1: Dovecot vulnerability (Jun 1) --------------------------------------------- An attacker could send a crafted email message that could disrupt emailservice. http://www.linuxsecurity.com/content/view/155204 * Ubuntu: 1142-1: GDM vulnerability (Jun 1) ----------------------------------------- GDM could be made to launch a browser and leak information about the system. http://www.linuxsecurity.com/content/view/155202 * Ubuntu: 1141-1: Linux kernel vulnerabilities (May 31) ----------------------------------------------------- Multiple kernel vulnerabilities have been fixed. http://www.linuxsecurity.com/content/view/155195 * Ubuntu: 1139-1: Bind vulnerabilities (May 30) --------------------------------------------- An attacker could send crafted input to Bind and cause it to crash. http://www.linuxsecurity.com/content/view/155175 * Ubuntu: 1138-2: NetworkManager and ModemManager update (May 26) --------------------------------------------------------------- An attacker could send crafted input to NetworkManager and ModemManagerand cause them to crash. http://www.linuxsecurity.com/content/view/155161 * Ubuntu: 1138-1: DBus-GLib vulnerability (May 26) ------------------------------------------------ An attacker could send crafted input to applications using DBus-GLib andcause them to crash. http://www.linuxsecurity.com/content/view/155160 * Ubuntu: 1137-1: Eucalyptus vulnerability (May 26) ------------------------------------------------- An attacker could send crafted input to Eucalyptus to run commands asa valid user. http://www.linuxsecurity.com/content/view/155158 ------------------------------------------------------------------------ * Pardus: 2011-80: kdenetwork: Directory traversal (May 26) --------------------------------------------------------- A vuolnerability has been fixed in kdenetwork, which can be exploited by attackers to create arbitrary files. http://www.linuxsecurity.com/content/view/155156 * Pardus: 2011-79: kdelibs: MITM Attack (May 26) ---------------------------------------------- A vulnerability has been fixed in kdelibs,which can be exploited by malicious people to man-in-the-middle attack. http://www.linuxsecurity.com/content/view/155155 * Pardus: 2011-78: dhcpcd: Execute Arbitrary Commands (May 26) ------------------------------------------------------------ A vulnerability has been fixed in dhcpcd, which allows attackers to execute arbitrary commands. http://www.linuxsecurity.com/content/view/155154 * Pardus: 2011-76: openldap: Multiple Vulnerabilities (May 26) ------------------------------------------------------------ Multiple vulnerabilities have been fixed in openldap. http://www.linuxsecurity.com/content/view/155152 * Pardus: 2011-77: Wireshark: Multiple Vulnerabilities (May 26) ------------------------------------------------------------- Multible vulnerabilities have been fixed in wireshark, which allow attackers to cause a denial of service or to execute arbitrary code. http://www.linuxsecurity.com/content/view/155153 ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------