+----------------------------------------------------------------------+ | LinuxSecurity.com Linux Advisory Watch | | July 29th, 2011 Volume 12, Number 31 | | | | Editorial Team: Dave Wreski <dwreski@xxxxxxxxxxxxxxxxx> | | Benjamin D. Thomas <bthomas@xxxxxxxxxxxxxxxxx> | +----------------------------------------------------------------------+ Thank you for reading the Linux Advisory Watch Security Newsletter. The purpose of this document is to provide our readers with a quick summary of each week's vendor security bulletins and pointers on methods to improve the security posture of your open source system. Vulnerabilities affect nearly every vendor virtually every week, so be sure to read through to find the updates your distributor have made available. Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition -------------------------------------------------------------------------------- Mark Sobell again delivers the answers to common Linux administration challenges, and provides thorough and step-by-step instructions to configuring many of the common Linux Internet services in A Practical Guide to Fedora and Red Hat Enterprise Linux, Fifth Edition. http://www.linuxsecurity.com/content/view/152325 ------------------------------------------------------------------------ * Debian: 2288-1: libsndfile: integer overflow (Jul 28) ----------------------------------------------------- Hossein Lotfi discovered an integer overflow in libsndfile's code to parse Paris Audio files, which could potentially lead to the execution of arbitrary code. [More...] http://www.linuxsecurity.com/content/view/155557 * Debian: 2287-1: libpng: Multiple vulnerabilities (Jul 28) --------------------------------------------------------- The PNG library libpng has been affected by several vulnerabilities. The most critical one is the identified as CVE-2011-2690. Using this vulnerability, an attacker is able to overwrite memory with an arbitrary amount of data controlled by her via a crafted PNG image. [More...] http://www.linuxsecurity.com/content/view/155551 * Debian: 2286-1: phpymadmin: Multiple vulnerabilities (Jul 26) ------------------------------------------------------------- Several vulnerabilities were discovered in phpMyAdmin, a tool to administrate MySQL over the web. The Common Vulnerabilities and Exposures project identifies the following problems: [More...] http://www.linuxsecurity.com/content/view/155539 * Debian: 2285-1: mapserver: Multiple vulnerabilities (Jul 25) ------------------------------------------------------------ Several vulnerabilities have been discovered in mapserver, a CGI-based web framework to publish spatial data and interactive mapping applications. The Common Vulnerabilities and Exposures project identifies the following problems: [More...] http://www.linuxsecurity.com/content/view/155530 * Debian: 2284-1: opensaml2: implementation error (Jul 25) -------------------------------------------------------- Juraj Somorovsky, Andreas Mayer, Meiko Jensen, Florian Kohlar, Marco Kampmann and Joerg Schwenk discovered that Shibboleth, a federated web single sign-on system is vulnerable to XML signature wrapping attacks. More details can be found in the Shibboleth [More...] http://www.linuxsecurity.com/content/view/155527 * Debian: 2283-1: krb5-appl: programming error (Jul 25) ----------------------------------------------------- Tim Zingelmann discovered that due an incorrect configure script the kerborised FTP server failed to set the effective GID correctly, resulting in privilege escalation. [More...] http://www.linuxsecurity.com/content/view/155522 * Debian: 2282-1: qemu-kvm: Multiple vulnerabilities (Jul 25) ----------------------------------------------------------- Two vulnerabilities have been discovered in KVM, a solution for full virtualization on x86 hardware: CVE-2011-2212 [More...] http://www.linuxsecurity.com/content/view/155521 * Debian: 2281-1: opie: Multiple vulnerabilities (Jul 21) ------------------------------------------------------- Sebastian Krahmer discovered that opie, a system that makes it simple to use One-Time passwords in applications, is prone to a privilege escalation (CVE-2011-2490) and an off-by-one error, which can lead to the execution of arbitrary code (CVE-2011-2489). Adam Zabrocki and [More...] http://www.linuxsecurity.com/content/view/155497 ------------------------------------------------------------------------ * Mandriva: 2011:121: samba (Jul 27) ---------------------------------- Multiple vulnerabilities has been discovered and corrected in samba: All current released versions of Samba are vulnerable to a cross-site request forgery in the Samba Web Administration Tool (SWAT). By tricking a user who is authenticated with SWAT into clicking a [More...] http://www.linuxsecurity.com/content/view/155543 * Mandriva: 2011:120: freetype2 (Jul 27) -------------------------------------- A vulnerability was discovered and corrected in freetype2: Integer signedness error in psaux/t1decode.c in FreeType before 2.4.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted [More...] http://www.linuxsecurity.com/content/view/155542 * Mandriva: 2011:119: libsndfile (Jul 25) --------------------------------------- A vulnerability was discovered and corrected in libsndfile: An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the libsndfile library processed certain Ensoniq PARIS Audio Format (PAF) audio files. An attacker could [More...] http://www.linuxsecurity.com/content/view/155528 * Mandriva: 2011:118: wireshark (Jul 24) -------------------------------------- This advisory updates wireshark to the latest version (1.2.18), fixing one security issue: The Lucent/Ascend file parser in Wireshark 1.2.x before 1.2.18, 1.4.x through 1.4.7, and 1.6.0 allows remote attackers to cause a denial [More...] http://www.linuxsecurity.com/content/view/155520 * Mandriva: 2011:117: krb5-appl (Jul 22) -------------------------------------- A vulnerability was discovered and corrected in krb5-appl: ftpd.c in the GSS-API FTP daemon in MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.1 and earlier does not check the krb5_setegid return value, which allows remote authenticated users to bypass [More...] http://www.linuxsecurity.com/content/view/155512 * Mandriva: 2011:116: curl (Jul 22) --------------------------------- A vulnerability was discovered and corrected in curl: The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote [More...] http://www.linuxsecurity.com/content/view/155511 ------------------------------------------------------------------------ * Red Hat: 2011:1105-01: libpng: Moderate Advisory (Jul 28) --------------------------------------------------------- Updated libpng packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/155556 * Red Hat: 2011:1104-01: libpng: Moderate Advisory (Jul 28) --------------------------------------------------------- Updated libpng packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/155555 * Red Hat: 2011:1103-01: libpng: Moderate Advisory (Jul 28) --------------------------------------------------------- Updated libpng and libpng10 packages that fix one security issue are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/155553 * Red Hat: 2011:1102-01: libsoup: Moderate Advisory (Jul 28) ---------------------------------------------------------- Updated libsoup packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/155554 * Red Hat: 2011:1100-01: icedtea-web: Moderate Advisory (Jul 27) -------------------------------------------------------------- Updated icedtea-web packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/155544 * Red Hat: 2011:1089-01: systemtap: Moderate Advisory (Jul 25) ------------------------------------------------------------ Updated systemtap packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/155532 * Red Hat: 2011:1088-01: systemtap: Moderate Advisory (Jul 25) ------------------------------------------------------------ Updated systemtap packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/155531 * Red Hat: 2011:1087-01: java-1.5.0-ibm: Critical Advisory (Jul 22) ----------------------------------------------------------------- Updated java-1.5.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 and 6 Supplementary. [More...] http://www.linuxsecurity.com/content/view/155519 * Red Hat: 2011:1085-01: freetype: Important Advisory (Jul 21) ------------------------------------------------------------ Updated freetype packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having [More...] http://www.linuxsecurity.com/content/view/155509 * Red Hat: 2011:1073-01: bash: Low Advisory (Jul 21) -------------------------------------------------- An updated bash package that fixes one security issue, several bugs, and adds one enhancement is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low [More...] http://www.linuxsecurity.com/content/view/155506 * Red Hat: 2011:1005-01: sysstat: Low Advisory (Jul 21) ----------------------------------------------------- An updated sysstat package that fixes one security issue, various bugs, and adds one enhancement is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low [More...] http://www.linuxsecurity.com/content/view/155503 * Red Hat: 2011:1000-01: rgmanager: Low Advisory (Jul 21) ------------------------------------------------------- An updated rgmanager package that fixes one security issue, several bugs, and adds multiple enhancements is now available for Red Hat Enterprise Linux 5. [More...] http://www.linuxsecurity.com/content/view/155500 * Red Hat: 2011:0975-01: sssd: Low Advisory (Jul 21) -------------------------------------------------- Updated sssd packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low [More...] http://www.linuxsecurity.com/content/view/155498 * Red Hat: 2011:0999-01: rsync: Moderate Advisory (Jul 21) -------------------------------------------------------- An updated rsync package that fixes one security issue, several bugs, and adds enhancements is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate [More...] http://www.linuxsecurity.com/content/view/155499 ------------------------------------------------------------------------ * SuSE: 2011-031: Linux kernel (Jul 25) ------------------------------------- The SUSE Linux Enterprise 11 Service Pack 1 kernel was updated to 2.6.32.43 and fixes various bugs and security issues. Following security issues were fixed: CVE-2011-2496: The normal mmap paths all avoid creating a mapping where the pgoff inside the mapping could wrap around due to [More...] http://www.linuxsecurity.com/content/view/155523 ------------------------------------------------------------------------ * Ubuntu: 1181-1: libsoup2.4 vulnerability (Jul 28) ------------------------------------------------- An attacker could send crafted URLs to a SoupServer application and obtainunintended access to files. http://www.linuxsecurity.com/content/view/155558 * Ubuntu: 1180-1: libvirt vulnerability (Jul 28) ---------------------------------------------- An authenticated attacker could send crafted input to libvirt and cause itto crash. http://www.linuxsecurity.com/content/view/155552 * Ubuntu: 1179-1: ClamAV vulnerability (Jul 28) --------------------------------------------- An attacker could send crafted input to ClamAV and cause it tocrash. http://www.linuxsecurity.com/content/view/155546 * Ubuntu: 1177-1: QEMU vulnerability (Jul 27) ------------------------------------------- QEMU could be made to run with adminstrator group privileges under certaincircumstances. http://www.linuxsecurity.com/content/view/155545 * Ubuntu: 1176-1: DBus vulnerability (Jul 26) ------------------------------------------- DBus could be made to crash if it processed a specially crafted message. http://www.linuxsecurity.com/content/view/155540 * Ubuntu: 1175-1: libpng vulnerabilities (Jul 26) ----------------------------------------------- Libpng could be made to run programs as your login if it opened aspecially crafted file. http://www.linuxsecurity.com/content/view/155538 * Ubuntu: 1174-1: libsndfile vulnerability (Jul 25) ------------------------------------------------- An application using libsndfile could be made to crash or possibly runprograms as your login if it opened a specially crafted file. http://www.linuxsecurity.com/content/view/155533 * Ubuntu: 1173-1: FreeType vulnerability (Jul 25) ----------------------------------------------- FreeType could be made to run programs as your login if it opened aspecially crafted font file. http://www.linuxsecurity.com/content/view/155529 * Ubuntu: 1172-1: logrotate vulnerabilities (Jul 21) -------------------------------------------------- An attacker could cause logrotate to run programs, stop working, or readand write arbitrary files. http://www.linuxsecurity.com/content/view/155510 ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------
