Alerts This Week
Warning Icon 1 525
Alerts This Week
Warning Icon 1 525

Stay Secure with the Latest Linux Advisories

Fedora Large Esm H800
Fedora

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Calendar White Jun 02, 2026
Important
Oracle Large Esm H800
Oracle

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Calendar White Jun 02, 2026
moderate
Oracle Large Esm H900
Oracle

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Calendar White Jun 03, 2026
Critical
Ubuntu Large Esm H800
Ubuntu

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Calendar White Jun 03, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 0 articles for you...
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorymoderatesecurity update

openSUSE: 2022:0074-1 Moderate: perl-App-cpanminus Checksum Issue

An update that fixes one vulnerability is now available. . openSUSE Security Update: Security update for perl-App-cpanminus ______________________________________________________________________________ Announcement ID: openSUSE-SU-2022:0074-1 Rating: moderate References: Cross-References: CVE-2020-16154 CVSS scores: CVE-2020-16154 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: openSUSE Backports SLE-15-SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for perl-App-cpanminus fixes the following issues: updated to 1.7045 see /usr/share/doc/packages/perl-App-cpanminus/Changes Security fixes: - [CVE-2020-16154] remove the functionality to verify CHECKSUMS signature updated to 1.7044 see /usr/share/doc/packages/perl-App-cpanminus/Changes Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP3: zypper in -t patch openSUSE-2022-74=1 Package List: - openSUSE Backports SLE-15-SP3 (noarch): perl-App-cpanminus-1.7045-bp153.2.3.1 References: https://www.suse.com/security/cve/CVE-2020-16154.html . To mitigate the moderate vulnerability in perl-App-cpanminus on openSUSE, follow these patch steps to ensure your system is secure and up to date. openSUSE Security, moderate patch, perl App cpanminus, checksum security issue. . LinuxSecurity.com Team

Calendar 2 Mar 06, 2022 OpenSUSE
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedorachecksum issue

Fedora: 2020-deff052e7a Critical: golang-github-ulikunitz-xz Input Loop Fix

* The `readUvarint` function would run infinitely given specific input. The function is now terminating if more than 10 bytes of input have been read. Fixes [issue #35](https://github.com/ulikunitz/xz/issues/35) (CVE-2020-16845). * Supports the check-ID None and fixes "Checksum None is invalid" [issue #27](https://github.com/ulikunitz/xz/issues/27).. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-deff052e7a 2020-08-28 14:57:45.933599 --------------------------------------------------------------------------------Name : golang-github-ulikunitz-xz Product : Fedora 31 Version : 0.5.8 Release : 1.fc31 URL : https://github.com/ulikunitz/xz Summary : Pure golang package for reading and writing xz-compressed files Description : This Go language package supports the reading and writing of xz compressed streams. It includes also a gxz command for compressing and decompressing data. The package is completely written in Go and doesn't have any dependency on any C code. --------------------------------------------------------------------------------Update Information: * The `readUvarint` function would run infinitely given specific input. The function is now terminating if more than 10 bytes of input have been read. Fixes [issue #35](https://github.com/ulikunitz/xz/issues/35) (CVE-2020-16845). * Supports the check-ID None and fixes "Checksum None is invalid" [issue #27](https://github.com/ulikunitz/xz/issues/27). --------------------------------------------------------------------------------ChangeLog: * Thu Aug 20 2020 Dominik Mierzejewski - 0.5.8-1 - Release 0.5.8 (#1870433) - fixes CVE-2020-16845 --------------------------------------------------------------------------------References: [ 1 ] Bug #1867099 - CVE-2020-16845 golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs https://bugzilla.redhat.com/show_bug.cgi?id=1867099 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-deff052e7a' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Resolved a persistent infinite loop problem found in the `readUvarint` function within the golang-github-ulikunitz-xz package for Fedora users.. golang package, xz compressed, Fedora update. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Aug 28, 2020 Critical Fedora
Banner 1 1028x280 1708121660 1771599717
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryupdateFedora

Fedora 29: FEDORA-2018-2b7e72dc9f Moderate: Zchunk Integrity Enhancements

This update does sanity checking when an application passes in a checksum to verify. Before this release, applications could pass in non-hex values for the checksum, which could cause zchunk to crash. Now non-hex values will be rejected.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-1a6f41fc8f 2018-11-11 03:11:36.464795 --------------------------------------------------------------------------------Name : zchunk Product : Fedora 28 Version : 0.9.14 Release : 1.fc28 URL : https://github.com/zchunk/zchunk Summary : Compressed file format that allows easy deltas Description : zchunk is a compressed file format that splits the file into independent chunks. This allows you to only download the differences when downloading a new version of the file, and also makes zchunk files efficient over rsync. zchunk files are protected with strong checksums to verify that the file you downloaded is in fact the file you wanted. --------------------------------------------------------------------------------Update Information: This update does sanity checking when an application passes in a checksum to verify. Before this release, applications could pass in non-hex values for the checksum, which could cause zchunk to crash. Now non-hex values will be rejected. --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-1a6f41fc8f' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Ubuntu 20.04 snap updates improve security protocols, safeguarding against unauthorized access attempts. Discover additional insights!. Fedora Zchunk Update, Checksum Security, Application Sanity Check. . LinuxSecurity.com Team

Calendar 2 Nov 11, 2018 Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorymoderateFedora

Fedora 25: 2017-7591a8e2c9 Moderate: Checksum Issues in Globus Gass Copy

globus-ftp-client * Adapt to Perl 5.26 - POSIX::tmpnam() no longer available * Remove some redundant tests to reduce test time globus-gass-cache-program * GT6 update globus-gass-copy * Don't attempt sshftp data protection without creds (9.24) * Checksum verification based on contribution from IBM (9.24) * Fix uninitialized field related crash (9.25) * Remove checksum data from public. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2017-7591a8e2c9 2017-07-03 18:56:35.537627 --------------------------------------------------------------------------------Name : globus-gass-copy Product : Fedora 25 Version : 9.27 Release : 1.fc25 URL : http://toolkit.globus.org/ Summary : Globus Toolkit - Globus Gass Copy Description : The Globus Toolkit is an open source software toolkit used for building Grid systems and applications. It is being developed by the Globus Alliance and many others all over the world. A growing number of projects and companies are using the Globus Toolkit to unlock the potential of grids for their cause. The globus-gass-copy package contains: Globus Gass Copy --------------------------------------------------------------------------------Update Information: globus-ftp-client * Adapt to Perl 5.26 - POSIX::tmpnam() no longer available * Remove some redundant tests to reduce test time globus-gass-cache-program * GT6 update globus-gass-copy * Don't attempt sshftp data protection without creds (9.24) * Checksum verification based on contribution from IBM (9.24) * Fix uninitialized field related crash (9.25) * Remove checksum data from public handle (9.26) * Prevent some race conditions (9.27) globus-gram-job-manager * Default to running personal gatekeeper on an ephemeral port globus-gridftp-server * New error message format (12.0) * Configuration database (12.0) * Better delay for end of session ref check (12.1) * Fix tests when getgroups() does not return effectivegid (12.2) globus-gssapi-gsi * Don't unlock unlocked mutex (12.14) * Remove legacy SSLv3 support (12.15) * Test fixes (12.16) * Drop patch globus-gssapi-gsi-mutex-unlock.patch (fixed upstream 12.14) globus-io * Remove legacy SSLv3 support globus-net-manager * Fix .pc typo * Drop patch globus-net-manager-pkgconfig.patch (fixed upstream) globus-xio * Don't rely on globus_error_put(NULL) to be GLOBUS_SUCCESS (5.15) * Fix crash in error handling in http driver (5.16) globus-xio-gsi-driver * Fix crash when checking for anonymous GSS name when name comparison fails globus-xio-pipe-driver * Fix .pc typo globus-xio-udt-driver * Don't force --static flag to pkg-config * Drop some BuildRequires no longer needed with above change * Fix undefined symbols during linking myproxy * Fix error check (6.1.26) * Remove legacy SSLv3 support (6.1.27) --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade globus-gass-copy' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. . The latest Federation Update for globus-gass-copy tackles both security vulnerabilities and performance enhancements, improving overall functionality with this recent release.. Globus Toolkit, Fedora Updates, Gass Copy Security, Performance Improvements. . LinuxSecurity.com Team

Calendar 2 Jul 04, 2017 Fedora
Banner 1 1028x280 1708121660 1771599717
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorycriticaldebian

Debian Security Announcement DSA-2129-1: Serious KRB5 Checksum Issue

A vulnerability has been found in krb5, the MIT implementation of Kerberos. MIT krb5 clients incorrectly accept an unkeyed checksums in the SAM-2 . - ------------------------------------------------------------------------ Debian Security Advisory DSA-2129-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Stefan Fritsch December 1, 2010 http://www.debian.org/security/faq - ------------------------------------------------------------------------ Package : krb5 Vulnerability : checksum verification weakness Problem type : remote Debian-specific: no CVE Id(s) : CVE-2010-1323 A vulnerability has been found in krb5, the MIT implementation of Kerberos. MIT krb5 clients incorrectly accept an unkeyed checksums in the SAM-2 preauthentication challenge: An unauthenticated remote attacker could alter a SAM-2 challenge, affecting the prompt text seen by the user or the kind of response sent to the KDC. Under some circumstances, this can negate the incremental security benefit of using a single-use authentication mechanism token. MIT krb5 incorrectly accepts RFC 3961 key-derivation checksums using RC4 keys when verifying KRB-SAFE messages: An unauthenticated remote attacker has a 1/256 chance of forging KRB-SAFE messages in an application protocol if the targeted pre-existing session uses an RC4 session key. Few application protocols use KRB-SAFE messages. The Common Vulnerabilities and Exposures project has assigned CVE-2010-1323 to these issues. For the stable distribution (lenny), these problems have been fixed in version 1.6.dfsg.4~beta1-5lenny6. The builds for the mips architecture are not included in this advisory. They will be released as soon as they are available. For the testing distribution (squeeze) and the unstable distribution (sid), these problem have been fixed in version 1.8.3+dfsg-3. We recommend that you upgrade your krb5 packages. Upgrade instructions - -------------------- wget url will fetch the filefor you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 5.0 alias lenny (stable) - ----------------------------------------- Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mipsel, powerpc, s390 and sparc. Source archives: Size/MD5 checksum: 1537 6f0899080bda14e0a277120d9395a707 Size/MD5 checksum: 850645 fe444178e83d0010636cf3c50129a437 Size/MD5 checksum: 11647547 08d6ce311204803acbe878ef0bb23c71 Architecture independent packages: Size/MD5 checksum: 2147158 2cfbb257055a479cfd20c28ac036841a alpha architecture (DEC Alpha) Size/MD5 checksum: 83438 ef4ea5d711704df27427ff9f31adf0ea Size/MD5 checksum: 72510 006248eab3a97b16f58672cd071ad364 Size/MD5 checksum: 150098 2d6b0db75b4fb0cbaf9f35ae3222418a Size/MD5 checksum: 93104 063e77172ad83b511cec94744897774a Size/MD5 checksum: 179996 1308d85575bc72553091415ddf495f1d Size/MD5 checksum: 70572 e344d6c4b97d5cb687c545a8c23bd509 Size/MD5 checksum: 538936 53fa646ff8cd2cbfeaedec1f163658a0 Size/MD5 checksum: 98862 54f5ec1148fd23369ad3939668ebf354 Size/MD5 checksum: 1352374 008f7018c0f89e6a4a65efceb6670ffe Size/MD5 checksum: 219658 01d18db8606f3b0df1e573663bfa3304 Size/MD5 checksum: 113144 9d90e615677c2e53902e85465cbd8765 Size/MD5 checksum: 255778 75c8eef8f51aeae3fe00e861a369958b Size/MD5 checksum: 98788 780c1bcf6bccd01c5ab309be264917cc amd64 architecture (AMD x86_64 (AMD64)) Size/MD5 checksum: 199668 205aee381d50d20e538e13c399269b24 Size/MD5 checksum: 238594 093eb931610c5e4dd7a85f64782c1aab Size/MD5 checksum: 1474680 6410656466c3300e86ed0c319c48f3b5 Size/MD5 checksum: 68234 0f4adafd1029f012d8f1048bc76e2c69 Size/MD5 checksum: 108488 f173adaf924918436a1923f83cad2694 Size/MD5 checksum: 519714 2b3e3ba20811e361a01428945c7af509 Size/MD5 checksum: 147192 aa391b6dc07005aefa2185211e57d095 Size/MD5 checksum: 94296 7dd3e04aca1d7c332a466d1e97b0d72d Size/MD5 checksum: 68972 6f60567e22ae41f054329fdf338f89ae Size/MD5 checksum: 93680 099fcc98dd4c1e761ec863572a751e7d Size/MD5 checksum: 169486 acdccf6feb7dedd595bfc12ad892fa66 Size/MD5 checksum: 77118 c9cae89896b869689e3a96257ec6a93e Size/MD5 checksum: 95304 5152166765688f5a6cf194c92f640df3 arm architecture (ARM) Size/MD5 checksum: 60962 78de95ae8bcfc091d1c86fe959436fbe Size/MD5 checksum: 145822 3019f82d0fb83200296d6c56a31a2738 Size/MD5 checksum: 65632 35d0e0fb2f05640a5a09c213929f163d Size/MD5 checksum: 1283282 63ba90efe2200d804e1f1f5ea2dad6bd Size/MD5 checksum: 87398 2f0a3dbed0a63b1c4512adfb98db2067 Size/MD5 checksum: 91650 dffa38de9c76d431f8f4705f4d3f2c48 Size/MD5 checksum: 86736 1707f506ac462a739acf8cc723bfc443 Size/MD5 checksum: 102412 38bfb425ef261cab3dc2c69e329e5b72 Size/MD5 checksum: 69728 2ece460488226c07c43a845c0444de81 Size/MD5 checksum: 449956 c105addd63b71be6d619b4789c850d72 Size/MD5 checksum: 187862 72a7a81936a350777c4f586ace0c8ddb Size/MD5 checksum: 135900 f425d1b6c1f88a54f5476f9a4802db0b Size/MD5 checksum: 206446 cc1815c08f3a809d6a713cb35aecc69f armel architecture (ARM EABI) Size/MD5 checksum: 86204 fbd761e91a724d3f007ed744e0011ddb Size/MD5 checksum: 69856 b31394de93feb7c1992c8f108953f442 Size/MD5 checksum: 185384 1574b680a4c4a179b398274e5af28d06 Size/MD5 checksum: 1290338 8c3cfe5bf5c0d3f3900a4ba33b43a1bb Size/MD5 checksum: 145336 3f32d369a693c310a2b2e61a3d0e8eb2 Size/MD5 checksum: 211892 5de75504f3786dd9c7e060a808f93c4c Size/MD5 checksum: 101424b0e2e4b9edb3bda171828b60fa698c88 Size/MD5 checksum: 135224 c4a0d84848e75f120479f848860a33de Size/MD5 checksum: 61072 9152b04572a1d12de3c992e52b220127 Size/MD5 checksum: 93248 07e26be26cda15a500278d8383b7459d Size/MD5 checksum: 65364 317d7d81253df218c13b7ad0c1bc1531 Size/MD5 checksum: 86768 24aec029e6c3e34e49bd3ef7a672d78f Size/MD5 checksum: 447908 83599c10d010cf92f35f268e44b6bc64 hppa architecture (HP PA RISC) Size/MD5 checksum: 144494 4a0b394104d101ca4640f4f910829f3d Size/MD5 checksum: 94348 4e0c05364b133142c22dc0b447dd61cd Size/MD5 checksum: 70196 a2f724fa7c6cee9824b216d94a4a0158 Size/MD5 checksum: 69960 9cb3f9a0ebf87403a85fd06b605829cc Size/MD5 checksum: 93510 e2323d9162190b5cc9482782572d4c7d Size/MD5 checksum: 512884 76b77e34462f0ac80516cf80064a5c99 Size/MD5 checksum: 171358 b219ced3d5b3093cea8bcfcfeec982ab Size/MD5 checksum: 110468 2cf1197c2252d6cac76273ee3df0b01e Size/MD5 checksum: 76872 6ed4eb3394e97a10a8e6098e273dac7d Size/MD5 checksum: 93560 95069b1916abf512f15826c503ce6612 Size/MD5 checksum: 201238 d6f1eef60cc536f870665c6ea2af7f91 Size/MD5 checksum: 1305576 dc9f1028401bd83781db6e6c31eaa6f6 Size/MD5 checksum: 235290 dc3a451b8c33997004d9878ca5eb878a i386 architecture (Intel ia32) Size/MD5 checksum: 214452 738e8a393925a78cf3fa4b4152373a16 Size/MD5 checksum: 1415368 a4598be6685cd24f21ef44f48b09efbc Size/MD5 checksum: 187626 92e2de91f8464689475f670288567a14 Size/MD5 checksum: 88020 5ecebac43535df0d9df407d54c325a09 Size/MD5 checksum: 71322 31b9dbe9ecfbf411f146de1da7a8f125 Size/MD5 checksum: 103108 3f4e8db534b71365d7e37a452ab789c7 Size/MD5 checksum: 92288 83aa07d025154f5bc95b5f4192d5f71b Size/MD5 checksum: 135480 7fb584d49bbc645596adcc40b45d0504 Size/MD5 checksum: 66584 8b3be11d78b846d9fd4597a29527f682 Size/MD5 checksum: 87358 4a0d3c20363feac1dab30797dc43d805 Size/MD5 checksum: 65434 ac3bfea2c4de893d40708450c3922e48 Size/MD5 checksum: 480376 1b54c6218855debf2cf2b815d9f21af2 Size/MD5 checksum: 154656 d627b36b078d37ce2619d8d3d7560f18 ia64 architecture (Intel ia64) Size/MD5 checksum: 219892 87c96266bcc423c997482e8773f8c65c Size/MD5 checksum: 312642 7ca2b0ebc9881b5acb78af45f3ffbef8 Size/MD5 checksum: 271112 b45060574fe4b85d2642109ffcec4764 Size/MD5 checksum: 701668 cfa44e532d38ea9e98480046bf52cd47 Size/MD5 checksum: 114074 bb0fb3f1e915e31ba293e0f294d226f7 Size/MD5 checksum: 93090 5ed61e60f92c6056369bd8f5806fcf98 Size/MD5 checksum: 118856 a95178fd98e940789cee1b44d3cb2b82 Size/MD5 checksum: 139358 1a61f65f55fec549bb804e706b3fc8a8 Size/MD5 checksum: 1283710 ae2fab7815677f0fe3b9ce0f9605e158 Size/MD5 checksum: 97926 59018641d2240904775bd4e14659af6f Size/MD5 checksum: 177706 47edf9284e84a66f3af6ddf990c5f12b Size/MD5 checksum: 85716 72c79658cf384223ffa9fcd2ef60e36a Size/MD5 checksum: 86090 f565730bdd7ee87f48fc50ca25cae5c3 mipsel architecture (MIPS (Little Endian)) Size/MD5 checksum: 77306 de81fb54a73dbfe0319dbca1ecd57724 Size/MD5 checksum: 69330 9883d37108a16d928c76e13d15e751d6 Size/MD5 checksum: 142702 31544fc46b3986fe3c4aa09b1a672810 Size/MD5 checksum: 93116 449aa3e82720a01fbc54b6161694f069 Size/MD5 checksum: 103190 b57b4d9eab321b471f901f64068bd088 Size/MD5 checksum: 64324 9b85a9d3aa9db68197164da735a2342f Size/MD5 checksum: 1355246 71dc1b288267260e383bd10a24d32c97 Size/MD5 checksum: 236774 ea8cdbb968dd4617196128214e5eb722 Size/MD5 checksum: 195152 24d68eb8d97600ab1ee1c1be32c3fc6e Size/MD5 checksum: 90396 f98800fec398247d95cc53674c584861 Size/MD5 checksum: 92834 ecb8be5b35484ad4227f63d6eddfb157 Size/MD5 checksum: 153052 73ab4d2e9c2b5ab1f54f1ebb651fb63d Size/MD5 checksum: 458840 7d5ab98636d4c9d8c1a3825776060ba8 powerpc architecture(PowerPC) Size/MD5 checksum: 164870 e7eefecd37a09ca4e1649b4e16d9ea0d Size/MD5 checksum: 1349228 781dd1b6ea140c194a413d816dd71df3 Size/MD5 checksum: 248760 501bc73049844f47d045c9fd96a6033c Size/MD5 checksum: 100272 f74bdaf6136f23982c8b4f5ac13ed83a Size/MD5 checksum: 71456 385044cdcd93159f0301c3e0fc914b76 Size/MD5 checksum: 208714 a68d811f0ee307844ed1c9f51e17900b Size/MD5 checksum: 93474 0c393f7d1eca5668424c29ed1dc6ce6a Size/MD5 checksum: 161506 4194db65de8937061153ff8bc7c8fe13 Size/MD5 checksum: 502088 1b8115b0443258832eddacf54232b3c2 Size/MD5 checksum: 102612 27e8db4c6e96124b78cc9ae987d6750f Size/MD5 checksum: 67910 f66715fecca27b0743645dfe1bb16da8 Size/MD5 checksum: 78390 82c95ff77bb998b411435c1549754620 Size/MD5 checksum: 112112 cdf4f547c3c5e459ca06a1015413e402 s390 architecture (IBM S/390) Size/MD5 checksum: 70782 73b1e1f7a6e41f14fb17fcd88eb16424 Size/MD5 checksum: 170652 50c3a61cf7bd1c6a167217b62549b628 Size/MD5 checksum: 516886 844d14b3f6c6259f521200f1cb3af61b Size/MD5 checksum: 69156 4099a96745e7967ee6b0c96a2f85851e Size/MD5 checksum: 93076 f4d0472c071dfabc449d4dddc374465f Size/MD5 checksum: 145296 ae32a498a7d4f72b2b9ace187beca983 Size/MD5 checksum: 108878 9d66c42841eadd067477b43522e22161 Size/MD5 checksum: 77524 04b2c4c8acf494db1805d7ecce77b0db Size/MD5 checksum: 200324 82567c38114447e76582d27bdcc52a73 Size/MD5 checksum: 1366600 523d2ac199c522d5698a552dab95459a Size/MD5 checksum: 97424 00da8767f677fb4cce33da81ef9a0b70 Size/MD5 checksum: 93180 7c6448d64e1a842ac997580bd4aaf688 Size/MD5 checksum: 237898 ba3100dd00c70fcfed1ac53a08086da8 sparc architecture (Sun SPARC/UltraSPARC) Size/MD5 checksum: 87600 ee31e88c944732653ace1ebd1a612c6d Size/MD5 checksum: 1214700 278fc0a0289169673dc6e826bde00690 Size/MD5 checksum: 183538 3338dc4739416094561617122231b593 Size/MD5checksum: 101072 b8aeb91d3240e39b062be867531fc8c9 Size/MD5 checksum: 137240 c525df67d696cfa9ed9fdd65d678ddd1 Size/MD5 checksum: 92996 83bb54ee1df3517aa48590d71f62b1c4 Size/MD5 checksum: 66216 b597c60860b8070441b40af56dd1fab2 Size/MD5 checksum: 88034 99403128da49c49bcaf0bcbd15145f52 Size/MD5 checksum: 436990 990bc80762c2c908888285074673f2bb Size/MD5 checksum: 61780 85b4c6024d686a31469e40de59798508 Size/MD5 checksum: 146822 55bc1e7be9a2dbb6336e904e315341e9 Size/MD5 checksum: 72612 bd30e5706d49ddd17a31d1020c4c2345 Size/MD5 checksum: 220016 11001e455ebcd15e88820eb823dbd97e These files will probably be moved into the stable distribution on its next update. - --------------------------------------------------------------------------------- For apt-get: deb https://www.debian.org/security/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. Package info: `apt-cache show ' and https://www.debian.org/distrib/packages . Important Debian notice reveals vulnerability in krb5 checksums. Immediate upgrade suggested to address security threat.. Debian Security, krb5 Checksum Issue, Remote Attack, Critical Vulnerability. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Dec 01, 2010 Critical Debian
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorynetwork securityRed Hat

Red Hat 2010:0926-01 Moderate: krb5 Authentication Flaw

Updated krb5 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate [More...]. ==================================================================== Red Hat Security Advisory Synopsis: Moderate: krb5 security update Advisory ID: RHSA-2010:0926-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2010:0926.html Issue date: 2010-11-30 CVE Names: CVE-2010-1323 ==================================================================== 1. Summary: Updated krb5 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Description: Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and a trusted third party, the Key Distribution Center (KDC). Multiple checksum validation flaws were discovered in the MIT Kerberos implementation. A remote attacker could use these flaws to tamper with certain Kerberos protocol packets and, possibly, bypass authentication mechanisms in certain configurations using Single-use Authentication Mechanisms. (CVE-2010-1323) Red Hat wouldlike to thank the MIT Kerberos Team for reporting these issues. All krb5 users should upgrade to these updated packages, which contain a backported patch to correct these issues. After installing the updated packages, the krb5kdc daemon will be restarted automatically. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at 5. Bugs fixed (http://bugzilla.redhat.com/): 648734 - CVE-2010-1323 krb5: incorrect acceptance of certain checksums (MITKRB5-SA-2010-007) 6. Package List: Red Hat Enterprise Linux AS version4: Source: i386: krb5-debuginfo-1.3.4-62.el4_8.3.i386.rpm krb5-devel-1.3.4-62.el4_8.3.i386.rpm krb5-libs-1.3.4-62.el4_8.3.i386.rpm krb5-server-1.3.4-62.el4_8.3.i386.rpm krb5-workstation-1.3.4-62.el4_8.3.i386.rpm ia64: krb5-debuginfo-1.3.4-62.el4_8.3.i386.rpm krb5-debuginfo-1.3.4-62.el4_8.3.ia64.rpm krb5-devel-1.3.4-62.el4_8.3.ia64.rpm krb5-libs-1.3.4-62.el4_8.3.i386.rpm krb5-libs-1.3.4-62.el4_8.3.ia64.rpm krb5-server-1.3.4-62.el4_8.3.ia64.rpm krb5-workstation-1.3.4-62.el4_8.3.ia64.rpm ppc: krb5-debuginfo-1.3.4-62.el4_8.3.ppc.rpm krb5-debuginfo-1.3.4-62.el4_8.3.ppc64.rpm krb5-devel-1.3.4-62.el4_8.3.ppc.rpm krb5-libs-1.3.4-62.el4_8.3.ppc.rpm krb5-libs-1.3.4-62.el4_8.3.ppc64.rpm krb5-server-1.3.4-62.el4_8.3.ppc.rpm krb5-workstation-1.3.4-62.el4_8.3.ppc.rpm s390: krb5-debuginfo-1.3.4-62.el4_8.3.s390.rpm krb5-devel-1.3.4-62.el4_8.3.s390.rpm krb5-libs-1.3.4-62.el4_8.3.s390.rpm krb5-server-1.3.4-62.el4_8.3.s390.rpm krb5-workstation-1.3.4-62.el4_8.3.s390.rpm s390x: krb5-debuginfo-1.3.4-62.el4_8.3.s390.rpm krb5-debuginfo-1.3.4-62.el4_8.3.s390x.rpm krb5-devel-1.3.4-62.el4_8.3.s390x.rpm krb5-libs-1.3.4-62.el4_8.3.s390.rpm krb5-libs-1.3.4-62.el4_8.3.s390x.rpm krb5-server-1.3.4-62.el4_8.3.s390x.rpm krb5-workstation-1.3.4-62.el4_8.3.s390x.rpm x86_64: krb5-debuginfo-1.3.4-62.el4_8.3.i386.rpm krb5-debuginfo-1.3.4-62.el4_8.3.x86_64.rpm krb5-devel-1.3.4-62.el4_8.3.x86_64.rpm krb5-libs-1.3.4-62.el4_8.3.i386.rpm krb5-libs-1.3.4-62.el4_8.3.x86_64.rpm krb5-server-1.3.4-62.el4_8.3.x86_64.rpm krb5-workstation-1.3.4-62.el4_8.3.x86_64.rpm Red Hat Enterprise Linux Desktop version4: Source: i386: krb5-debuginfo-1.3.4-62.el4_8.3.i386.rpm krb5-devel-1.3.4-62.el4_8.3.i386.rpm krb5-libs-1.3.4-62.el4_8.3.i386.rpm krb5-server-1.3.4-62.el4_8.3.i386.rpm krb5-workstation-1.3.4-62.el4_8.3.i386.rpm x86_64: krb5-debuginfo-1.3.4-62.el4_8.3.i386.rpm krb5-debuginfo-1.3.4-62.el4_8.3.x86_64.rpm krb5-devel-1.3.4-62.el4_8.3.x86_64.rpm krb5-libs-1.3.4-62.el4_8.3.i386.rpm krb5-libs-1.3.4-62.el4_8.3.x86_64.rpm krb5-server-1.3.4-62.el4_8.3.x86_64.rpm krb5-workstation-1.3.4-62.el4_8.3.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: i386: krb5-debuginfo-1.3.4-62.el4_8.3.i386.rpm krb5-devel-1.3.4-62.el4_8.3.i386.rpm krb5-libs-1.3.4-62.el4_8.3.i386.rpm krb5-server-1.3.4-62.el4_8.3.i386.rpm krb5-workstation-1.3.4-62.el4_8.3.i386.rpm ia64: krb5-debuginfo-1.3.4-62.el4_8.3.i386.rpm krb5-debuginfo-1.3.4-62.el4_8.3.ia64.rpm krb5-devel-1.3.4-62.el4_8.3.ia64.rpm krb5-libs-1.3.4-62.el4_8.3.i386.rpm krb5-libs-1.3.4-62.el4_8.3.ia64.rpm krb5-server-1.3.4-62.el4_8.3.ia64.rpm krb5-workstation-1.3.4-62.el4_8.3.ia64.rpm x86_64: krb5-debuginfo-1.3.4-62.el4_8.3.i386.rpm krb5-debuginfo-1.3.4-62.el4_8.3.x86_64.rpm krb5-devel-1.3.4-62.el4_8.3.x86_64.rpm krb5-libs-1.3.4-62.el4_8.3.i386.rpm krb5-libs-1.3.4-62.el4_8.3.x86_64.rpm krb5-server-1.3.4-62.el4_8.3.x86_64.rpm krb5-workstation-1.3.4-62.el4_8.3.x86_64.rpm Red Hat Enterprise Linux WS version4: Source: i386: krb5-debuginfo-1.3.4-62.el4_8.3.i386.rpm krb5-devel-1.3.4-62.el4_8.3.i386.rpm krb5-libs-1.3.4-62.el4_8.3.i386.rpm krb5-server-1.3.4-62.el4_8.3.i386.rpm krb5-workstation-1.3.4-62.el4_8.3.i386.rpm ia64: krb5-debuginfo-1.3.4-62.el4_8.3.i386.rpm krb5-debuginfo-1.3.4-62.el4_8.3.ia64.rpm krb5-devel-1.3.4-62.el4_8.3.ia64.rpm krb5-libs-1.3.4-62.el4_8.3.i386.rpm krb5-libs-1.3.4-62.el4_8.3.ia64.rpm krb5-server-1.3.4-62.el4_8.3.ia64.rpm krb5-workstation-1.3.4-62.el4_8.3.ia64.rpm x86_64: krb5-debuginfo-1.3.4-62.el4_8.3.i386.rpm krb5-debuginfo-1.3.4-62.el4_8.3.x86_64.rpm krb5-devel-1.3.4-62.el4_8.3.x86_64.rpm krb5-libs-1.3.4-62.el4_8.3.i386.rpm krb5-libs-1.3.4-62.el4_8.3.x86_64.rpm krb5-server-1.3.4-62.el4_8.3.x86_64.rpm krb5-workstation-1.3.4-62.el4_8.3.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): Source: i386: krb5-debuginfo-1.6.1-36.el5_5.6.i386.rpm krb5-libs-1.6.1-36.el5_5.6.i386.rpm krb5-workstation-1.6.1-36.el5_5.6.i386.rpm x86_64: krb5-debuginfo-1.6.1-36.el5_5.6.i386.rpm krb5-debuginfo-1.6.1-36.el5_5.6.x86_64.rpm krb5-libs-1.6.1-36.el5_5.6.i386.rpm krb5-libs-1.6.1-36.el5_5.6.x86_64.rpm krb5-workstation-1.6.1-36.el5_5.6.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: i386: krb5-debuginfo-1.6.1-36.el5_5.6.i386.rpm krb5-devel-1.6.1-36.el5_5.6.i386.rpm krb5-server-1.6.1-36.el5_5.6.i386.rpm x86_64: krb5-debuginfo-1.6.1-36.el5_5.6.i386.rpm krb5-debuginfo-1.6.1-36.el5_5.6.x86_64.rpm krb5-devel-1.6.1-36.el5_5.6.i386.rpm krb5-devel-1.6.1-36.el5_5.6.x86_64.rpm krb5-server-1.6.1-36.el5_5.6.x86_64.rpm Red Hat Enterprise Linux (v. 5server): Source: i386: krb5-debuginfo-1.6.1-36.el5_5.6.i386.rpm krb5-devel-1.6.1-36.el5_5.6.i386.rpm krb5-libs-1.6.1-36.el5_5.6.i386.rpm krb5-server-1.6.1-36.el5_5.6.i386.rpm krb5-workstation-1.6.1-36.el5_5.6.i386.rpm ia64: krb5-debuginfo-1.6.1-36.el5_5.6.i386.rpm krb5-debuginfo-1.6.1-36.el5_5.6.ia64.rpm krb5-devel-1.6.1-36.el5_5.6.ia64.rpm krb5-libs-1.6.1-36.el5_5.6.i386.rpm krb5-libs-1.6.1-36.el5_5.6.ia64.rpm krb5-server-1.6.1-36.el5_5.6.ia64.rpm krb5-workstation-1.6.1-36.el5_5.6.ia64.rpm ppc: krb5-debuginfo-1.6.1-36.el5_5.6.ppc.rpm krb5-debuginfo-1.6.1-36.el5_5.6.ppc64.rpm krb5-devel-1.6.1-36.el5_5.6.ppc.rpm krb5-devel-1.6.1-36.el5_5.6.ppc64.rpm krb5-libs-1.6.1-36.el5_5.6.ppc.rpm krb5-libs-1.6.1-36.el5_5.6.ppc64.rpm krb5-server-1.6.1-36.el5_5.6.ppc.rpm krb5-workstation-1.6.1-36.el5_5.6.ppc.rpm s390x: krb5-debuginfo-1.6.1-36.el5_5.6.s390.rpm krb5-debuginfo-1.6.1-36.el5_5.6.s390x.rpm krb5-devel-1.6.1-36.el5_5.6.s390.rpm krb5-devel-1.6.1-36.el5_5.6.s390x.rpm krb5-libs-1.6.1-36.el5_5.6.s390.rpm krb5-libs-1.6.1-36.el5_5.6.s390x.rpm krb5-server-1.6.1-36.el5_5.6.s390x.rpm krb5-workstation-1.6.1-36.el5_5.6.s390x.rpm x86_64: krb5-debuginfo-1.6.1-36.el5_5.6.i386.rpm krb5-debuginfo-1.6.1-36.el5_5.6.x86_64.rpm krb5-devel-1.6.1-36.el5_5.6.i386.rpm krb5-devel-1.6.1-36.el5_5.6.x86_64.rpm krb5-libs-1.6.1-36.el5_5.6.i386.rpm krb5-libs-1.6.1-36.el5_5.6.x86_64.rpm krb5-server-1.6.1-36.el5_5.6.x86_64.rpm krb5-workstation-1.6.1-36.el5_5.6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://access.redhat.com/security/cve/CVE-2010-1323 https://access.redhat.com/security/updates/classification#moderate http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2010-007.txt 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2010 Red Hat, Inc. . Minor revision of krb5 tackles vulnerabilitiespresent in Red Hat Enterprise Linux versions 4 and 5. Discover additional details.. krb5 Update, Security Risk, Red Hat Security Advisory. . LinuxSecurity.com Team

Calendar 2 Nov 30, 2010 Red Hat
Banner 1 1028x280 1708121660 1771599717
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorymoderate threatpackage upgrade

Ubuntu 9.10 USN-927-2 Moderate: NSS Issue Affects Firefox Security

USN-927-1 fixed vulnerabilities in NSS. Upstream NSS 3.12.6 added anadditional checksum verification on libnssdbm3.so, but the Ubuntu packagingdid not create this checksum. As a result, Firefox could not initialize thesecurity component when the NSS Internal FIPS PKCS #11 Module was enabled.This update fixes the problem. [More...]. ==========================================================Ubuntu Security Notice USN-927-2 April 11, 2010 nss regression https://bugs.launchpad.net/ubuntu/+source/nss/+bug/559881 ========================================================== A security issue affects the following Ubuntu releases: Ubuntu 9.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 9.10: libnss3-1d 3.12.6-0ubuntu0.9.10.2 After a standard system upgrade you need to restart your session to effect the necessary changes. Details follow: USN-927-1 fixed vulnerabilities in NSS. Upstream NSS 3.12.6 added an additional checksum verification on libnssdbm3.so, but the Ubuntu packaging did not create this checksum. As a result, Firefox could not initialize the security component when the NSS Internal FIPS PKCS #11 Module was enabled. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session. This update adds support for the new new renegotiation extension and will use it when the server supports it. Updated packages for Ubuntu 9.10: Source archives: Size/MD5: 36659 1c82d002115ed4a76dc98d33ef5c839c Size/MD5: 1651 41544d2843858123ad5852de1587744c Size/MD5: 5947630 da42596665f226de5eb3ecfc1ec57cd1 amd64architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 3235700 8227d9d710a9784750fc541f82d85101 Size/MD5: 1234558 f8db18eb4fec7df4387e5e546ea99871 Size/MD5: 263208 692167e64c00a9990af72a28299b4fbb Size/MD5: 17854 f9fa214108ab20d8fe4d61567a86d7c0 Size/MD5: 313212 4ae57dcb06572bcdc1e311977a965c55 i386 architecture (x86 compatible Intel/AMD): Size/MD5: 3178422 4a141b3f01631497184c0bb260a212f3 Size/MD5: 1119994 8e4bfbd067aa051603306ce57949ce51 Size/MD5: 260530 c61feb6f65d7419f93f355a5f0755917 Size/MD5: 17856 05ac21be0089e816c076f8707d41d21b Size/MD5: 299834 26d317dc29710b27dd0d0b7a36b6c2a1 lpia architecture (Low Power Intel Architecture): Size/MD5: 3216556 9230b137f92129c304dddfc5c67853fe Size/MD5: 1095892 9566ecb3416bd99ba0e6288505626fe9 Size/MD5: 259484 0236cb25267ac3ca1b3bfd586d14d26d Size/MD5: 17858 ecb362aec61c87f1cfc4e86cd2dec5cb Size/MD5: 298510 2977f41a1b2fcf7ca25b331336f7dc8f powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 3325490 ac9caf32bab4d4b911d1c54112583b65 Size/MD5: 1207122 99b17d40842c1804ee23d19e4a7ffaa0 Size/MD5: 261820 f46b59e90bf4ff07ca79b5d404f372ed Size/MD5: 17858 dca2efb9e1426ff39c55008eaf942926 Size/MD5: 311022 da3a483c19347cd667c11d8a989d15aa sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 2967780 e3456024e64ee1d14b5b754a93840ac7 Size/MD5: 1074620 202e630d20824b2d4e2614d11d86c2c4 Size/MD5: 257422 fa69b29c59fe334d65d433ab11febbed Size/MD5: 17856 287ae523a22a8049d3d1c802d5760b83 Size/MD5: 299970 ed1b8755bc1e9da16a08c82ebfecf0fd . Debian unveiled DSA-4793-1 resolving a libxml2 flaw, tackling XML parsing vulnerabilities affecting numerous applications.. NSS Update, Package Upgrade, Firefox Fix, Ubuntu Security, Security Module. . Severity: Important. LinuxSecurity.comTeam

Calendar 2 Apr 11, 2010 Important Ubuntu
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorymoderateRed Hat

Red Hat: RHSA-2007:0539-01 Moderate: Aide File Checksum Issue

A flaw was discovered in the way file checksums were stored in the AIDE database. A packaging flaw in the Red Hat AIDE rpm resulted in the file database not containing any file checksum information. This could prevent AIDE from detecting certain file modifications. This update has been rated as having moderate security impact by the Red Hat Security Response Team.. - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: aide security update Advisory ID: RHSA-2007:0539-01 Advisory URL: https://access.redhat.com/errata/RHSA-2007:0539.html Issue date: 2007-09-04 Updated on: 2007-09-04 Product: Red Hat Enterprise Linux Keywords: aide CVE Names: CVE-2007-3849 - ---------------------------------------------------------------------1. Summary: An updated aide package that fixes various bugs is now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Problem description: Advanced Intrusion Detection Environment (AIDE) is a file integrity checker and intrusion detection program. A flaw was discovered in the way file checksums were stored in the AIDE database. A packaging flaw in the Red Hat AIDE rpm resulted in the file database not containing any file checksum information. This could prevent AIDE from detecting certain file modifications. (CVE-2007-3849) This update also fixes the following bugs: * certain configurations could result in a segmentation fault upon initialization. * AIDE was unable to open its log file in the LSPP evaluated configuration. * if AIDE found SELinux context differences, the changed files report it generated only included the first 32characters of the context. All users of AIDE are advised to upgrade to this updated package containing AIDE version 0.13.1 which is not vulnerable to these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at 5. Bug IDs fixed (http://bugzilla.redhat.com/): 225089 - aide Segmentation fault on initialization 236855 - LSPP: aide can't write its log file 236923 - CVE-2007-3849 Rebase aide to 0.13.1 240144 - [LSPP] aide report output limits context to 32char -- not evaluation blocking 6. RPMs required: Red Hat Enterprise Linux Desktop (v. 5 client): SRPMS: 5ae051f7cebfbef7ebf4829c41134b07 aide-0.13.1-2.0.4.el5.src.rpm i386: 63b364d7e2d356b0441ada657dd40312 aide-0.13.1-2.0.4.el5.i386.rpm 7eb96b96b84e9482583ae4afe2b614b0 aide-debuginfo-0.13.1-2.0.4.el5.i386.rpm x86_64: b5bb0f3be1d18d4dbd4784e9238b66b9 aide-0.13.1-2.0.4.el5.x86_64.rpm 5844acb1a87c4ffa36d97382b87f49f6 aide-debuginfo-0.13.1-2.0.4.el5.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): SRPMS: 5ae051f7cebfbef7ebf4829c41134b07 aide-0.13.1-2.0.4.el5.src.rpm i386: 63b364d7e2d356b0441ada657dd40312 aide-0.13.1-2.0.4.el5.i386.rpm 7eb96b96b84e9482583ae4afe2b614b0 aide-debuginfo-0.13.1-2.0.4.el5.i386.rpm ia64: b6981b6f0287f3a1d958f7627782f695 aide-0.13.1-2.0.4.el5.ia64.rpm c1244a0baa9901db07e39e4d2e697abf aide-debuginfo-0.13.1-2.0.4.el5.ia64.rpm ppc: 15d4fcbf6efdd60052f3258c0c95d5a1 aide-0.13.1-2.0.4.el5.ppc.rpm 4f106c80aa147f95e92b13dd18b7ed54 aide-debuginfo-0.13.1-2.0.4.el5.ppc.rpm s390x: e9df37b291bf6b7d0367d3d4fc966e52 aide-0.13.1-2.0.4.el5.s390x.rpm d0ea63d7118f3ffcedfdd6996b72d4cc aide-debuginfo-0.13.1-2.0.4.el5.s390x.rpm x86_64: b5bb0f3be1d18d4dbd4784e9238b66b9 aide-0.13.1-2.0.4.el5.x86_64.rpm 5844acb1a87c4ffa36d97382b87f49f6 aide-debuginfo-0.13.1-2.0.4.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://www.cve.org/CVERecord?id=CVE-2007-3849 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2007 Red Hat, Inc. . Red Hat has published a significant security advisory (RHSA-2007:0540-01) tackling vulnerabilities related to package integrity verification.. Red Hat Security,AIDE Package,Checksum Fix,Moderate Advisory. . LinuxSecurity.com Team

Calendar 2 Sep 04, 2007 Red Hat
Banner 1 1028x280 1708121660 1771599717
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here