Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -4 articles for you...
100
security advisoryvulnerabilitySUSESUSE: 2010:017 Low Severity Issues and Security Updates Overview
To avoid flooding mailing lists with SUSE Security Announcements for minor To avoid flooding mailing lists with SUSE Security Announcements for minor issues, SUSE Security releases weekly summary reports for the low profile issues, SUSE Security releases weekly summary reports for the low profile vulnerability fixes. The SUSE Security Summary Reports do not list or download URLs like the SUSE Secu [More...]. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Summary Report Announcement ID: SUSE-SR:2010:017 Date: Tue, 21 Sep 2010 11:00:00 +0000 Cross-References: CVE-2010-0084, CVE-2010-0085, CVE-2010-0087 CVE-2010-0088, CVE-2010-0089, CVE-2010-0091 CVE-2010-0095, CVE-2010-0397, CVE-2010-0407 CVE-2010-0743, CVE-2010-0839, CVE-2010-0840 CVE-2010-0841, CVE-2010-0842, CVE-2010-0843 CVE-2010-0844, CVE-2010-0846, CVE-2010-0847 CVE-2010-0848, CVE-2010-0849, CVE-2010-1157 CVE-2010-1205, CVE-2010-1512, CVE-2010-1860 CVE-2010-1862, CVE-2010-1864, CVE-2010-1866 CVE-2010-1914, CVE-2010-1915, CVE-2010-1917 CVE-2010-2059, CVE-2010-2093, CVE-2010-2094 CVE-2010-2097, CVE-2010-2100, CVE-2010-2101 CVE-2010-2190, CVE-2010-2191, CVE-2010-2221 CVE-2010-2225, CVE-2010-2227, CVE-2010-2237 CVE-2010-2238, CVE-2010-2239, CVE-2010-2242 CVE-2010-2249, CVE-2010-2526, CVE-2010-2531 CVE-2010-2950, CVE-2010-2956, CVE-2010-3062 CVE-2010-3063,CVE-2010-3064, CVE-2010-3065 CVE-2010-3081, CVE-2010-3087, CVE-2010-3301 CVE-2010-3304 Content of this advisory: 1) Solved Security Vulnerabilities: - java-1_4_2-ibm - sudo - libpng - php5 - tgt, iscsitarget - aria2 - pcsc-lite - tomcat5, tomcat6 - lvm2 - libvirt - rpm - libtiff - dovecot12 2) Pending Vulnerabilities, Solutions, and Work-Arounds: - kernel 3) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Solved Security Vulnerabilities To avoid flooding mailing lists with SUSE Security Announcements for minor issues, SUSE Security releases weekly summary reports for the low profile vulnerability fixes. The SUSE Security Summary Reports do not list or download URLs like the SUSE Security Announcements that are released for more severe vulnerabilities. Fixed packages for the following incidents are already available on our FTP server and via the YaST Online Update. - java-1_4_2-ibm IBM Java was updated to 1.4.2 FP5, fixing various bugs and security issues: CVE-2010-0084: Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality via unknown vectors. CVE-2010-0085: Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. CVE-2010-0087: Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java forBusiness 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. CVE-2010-0088: Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. CVE-2010-0089: Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect availability via unknown vectors. CVE-2010-0091: Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality via unknown vectors. CVE-2010-0095: Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. CVE-2010-0839: Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. CVE-2010-0840: Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to improper checks whenexecuting privileged methods in the Java Runtime Environment (JRE), which allows attackers to execute arbitrary code via (1) an untrusted object that extends the trusted class but has not modified a certain method, or (2) "a similar trust issue with interfaces," aka "Trusted Methods Chaining Remote Code Execution Vulnerability." CVE-2010-0841: Unspecified vulnerability in the ImageIO component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow in the Java Runtime Environment that allows remote attackers to execute arbitrary code via a JPEG image that contains subsample dimensions with large values, related to JPEGImageReader and "stepX". CVE-2010-0842: Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an uncontrolled array index that allows remote attackers to execute arbitrary code via a MIDI file with a crafted MixerSequencer object, related to the GM_Song structure. CVE-2010-0843: Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliableresearcher that this is related to XNewPtr and improper handling of an integer parameter when allocating heap memory in the com.sun.media.sound libraries, which allows remote attackers to execute arbitrary code. CVE-2010-0844: Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is for improper parsing of a crafted MIDI stream when creating a MixerSequencer object, which causes a pointer to be corrupted and allows a NULL byte to be written to arbitrary memory. CVE-2010-0846: Unspecified vulnerability in the ImageIO component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a heap-based buffer overflow that allows remote attackers to execute arbitrary code, related to an "invalid assignment" and inconsistent length values in a JPEG image encoder (JPEGImageEncoderImpl). CVE-2010-0847: Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a heap-based buffer overflow that allows arbitrary code execution via a crafted image. CVE-2010-0848: Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. CVE-2010-0849: Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.2_25, and 1.3.1_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a heap-based buffer overflow in a decoding routine used by the JPEGImageDecoderImpl interface, which allows code execution via a crafted JPEG image. Affected Products: SLES9, SLE10-SP3, SLE11, SLE11-SP1 - sudo sudo's handling of the -g command line option allowed to also specify -u in some cases, therefore allowing users to actually run commands as root (CVE-2010-2956). Affected Products: openSUSE 11.2, 11.3 - libpng Specially crafted png files could cause crashes or even execution of arbitrary code in applications using libpng to process such files (CVE-2010-1205, CVE-2010-2249). Affected Products: SLES9, SLE10-SP3, SLE11, SLE11-SP1, openSUSE 11.1, 11.2 - php5 PHP was updated to version 5.3.3/5.2.14 to fix serveral security issues. (CVE-2010-0397, CVE-2010-1860, CVE-2010-1862, CVE-2010-1864, CVE-2010-1866, CVE-2010-1914, CVE-2010-1915, CVE-2010-1917, CVE-2010-2093, CVE-2010-2094, CVE-2010-2097, CVE-2010-2100, CVE-2010-2101, CVE-2010-2190, CVE-2010-2191, CVE-2010-2225, CVE-2010-2531, CVE-2010-2950, CVE-2010-3062, CVE-2010-3063, CVE-2010-3064, CVE-2010-3065) Affected Products: SLE10-SP3, SLE11, SLE11-SP1, openSUSE 11.1, 11.2, 11.3 - tgt, iscsitarget tgt andiscsitarget were updated to fix multiple overflows and a format string vulnerability (CVE-2010-2221, CVE-2010-0743). - aria2 Specially crafted metalink files could trick aria2 into store downloaded files outside of the intended directory (CVE-2010-1512). Affected Products: openSUSE 11.1 - pcsc-lite A stack overflow in the pcsc-lite daemon allowed local users with write-access to "/var/run/pcscd/pcscd.comm" to gain root privileges (CVE-2010-0407). Affected Products: SLE10-SP3, SLE11, SLE11-SP1, openSUSE 11.0, 11.1 - tomcat5, tomcat6 tomcat was prone to denial of service and information disclosure vulnerabilities. Remote attackers could exploit that to crash tomcat or to obtain sensitive information (CVE-2010-2227, CVE-2010-1157). Affected Products: SLES9, SLE10-SP3, SLE11, SLE11-SP1, openSUSE 11.1, 11.2, 11.3 - lvm2 clvmd, when running, allowed unprivileged local users to issue arbitrary lvm commands (CVE-2010-2526). Affected Products: SLE11, SLE11-SP1, openSUSE 11.1 - libvirt libvirt did not properly handle configured disk formats which potentially allowed users to read arbitrary files (CVE-2010-2237, CVE-2010-2238, CVE-2010-2239) Improperly mapped source privileged ports in guests may allow obtaining privileged resources on the host (CVE-2010-2242). Affected Products: SLE10-SP3, SLE11, SLE11-SP1, openSUSE 11.1, 11.2, 11.3 - rpm rpm did not clear the suid/sgid bit of old files during package updates (CVE-2010-2059). Affected Products: SLE10-SP3, SLE11, SLE11-SP1, openSUSE 11.0, 11.1, 11.2 - libtiff specially crafted tiff files could cause a memory corruption in libtiff. Attackers could potentially exploit that to execute arbitrary code in applications that use libtiff for processing tiff files (CVE-2010-3087). Affected Products: openSUSE 11.3 - dovecot12 When using Maildir all ACLs on INBOX were copied to newly created mailboxes although only default ACLs should have been copied (CVE-2010-3304). Affected Products: openSUSE 11.2, 11.3 ______________________________________________________________________________ 2) Pending Vulnerabilities, Solutions, and Work-Arounds - kernel Vulnerabilities in the kernel were found that allow local users to gain root privileges on 64bit systems. Updates for all supported distributions are in the works (CVE-2010-3301, CVE-2010-3081). ______________________________________________________________________________ 3) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify replacing with the name of the file containing the announcement. The output for a valid signature looks like: gpg: Signature made using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team " where is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and integrity of a package needs to be verified to ensure that it has not been tampered with. The internal RPM package signatures provide aneasy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig to verify the signature of the package, replacing with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from
Sep 21, 2010
•Low
SuSE
100
security advisorydenial of serviceinformation leakSUSE 2009:013 Moderate Threats: Low Profile Security Summary
To avoid flooding mailing lists with SUSE Security Announcements for minor To avoid flooding mailing lists with SUSE Security Announcements for minor issues, SUSE Security releases weekly summary reports for the low profile issues, SUSE Security releases weekly summary reports for the low profile vulnerability fixes. The SUSE Security Summary Reports do not list or download URLs like the SUSE Secu [More...]. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Summary Report Announcement ID: SUSE-SR:2009:013 Date: Tue, 11 Aug 2009 14:00:00 +0000 Cross-References: CVE-2008-5518, CVE-2009-0023, CVE-2009-0038 CVE-2009-0039, CVE-2009-0781, CVE-2009-1255 CVE-2009-1373, CVE-2009-1375, CVE-2009-1376 CVE-2009-1494, CVE-2009-1788, CVE-2009-1791 CVE-2009-1889, CVE-2009-1955, CVE-2009-1956 CVE-2009-2185, CVE-2009-2285, CVE-2009-2288 CVE-2009-2415, CVE-2009-2416 Content of this advisory: 1) Solved Security Vulnerabilities: - memcached - libtiff/libtiff3 - nagios - libsndfile - gaim/finch - open-, strong, freeswan - libapr-util1 - websphere-as_ce - libxml2 2) Pending Vulnerabilities, Solutions, and Work-Arounds: none 3) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Solved Security Vulnerabilities To avoid flooding mailing lists with SUSE Security Announcements for minor issues, SUSE Security releases weekly summary reports for the low profile vulnerability fixes. The SUSE Security Summary Reports do not list or downloadURLs like the SUSE Security Announcements that are released for more severe vulnerabilities. Fixed packages for the following incidents are already available on our FTP server and via the YaST Online Update. - memcached This update of memcached fixes a signedness problem which may lead to a buffer too small to hold all data received from the network, this may allow arbitrary remote code execution. (CVE-2009-2415) Additionally an information leak was fixed (CVE-2009-1494,CVE-2009-1255) Affected products: openSUSE 10.3-11.1, SLE11 - libtiff/libtiff3 This update of libtiff fixes a buffer underflow in LZWDecodeCompat (CVE-2009-2285). Affected products: openSUSE 10.3-11.1, SLES9, SLE10, SLE11, NLD9, OES - nagios A shell injection bug in nagios' statuswml.cgi CGI script has been fixed. CVE-2009-2288 has been assigned to this issue. Affected products: openSUSE 10.3-11.1, SLE10, SLE11 - libsndfile This update of libsndfile fixes a heap-based buffer overflow in function voc_read_header() (CVE-2009-1788) and another heap-based buffer overflow in aiff_read_header() (CVE-2009-1791). Affected products: openSUSE 10.3-11.1, SLE11 - gaim/fitch Several bugfixes were done for the Instant Messenger Pidgin: - Malformed responses to file transfers could cause a buffer overflow in pidgin (CVE-2009-1373) and specially crafted packets could crash it (CVE-2009-1375). - The fix against integer overflows in the msn protocol handling was incomplete (CVE-2009-1376). - Fixed misparsing ICQ message as SMS DoS (CVE-2009-1889, Pidgin#9483). Affected products: openSUSE 10.3-11.1, SLES9, SLE10, SLE11, NLD9 - open-, strong-, freeswan Two vulnerabilities in the openswan ASN.1 parser (when handling RDNs, UTCTIME and GENERALIZEDTIME strings) could lead to remote crashes of the pluto daemon (CVE-2009-2185). Affected products: openSUSE 10.3-11.1, SLES9, SLE10, SLE11, NLD9 -libapr-util1 This update of libapr-util1 fixes a memory consumption bug in the XML parser that can cause a remote denial-of-service vulnerability in app- lications using APR (WebDAV for example) (CVE-2009-1955). Additionally a one byte buffer overflow in function apr_brigade_vprintf() (CVE-2009-1956) and buffer underflow in function apr_strmatch_precompile() (CVE-2009-0023) was fixed too. Depending on the application using this function it can lead to remote denial of service or information leakage. Affected products: openSUSE 10.3-11.1, SLE10, SLE11 - websphere-as_ce This update of WebSphere fixes the following vulnerabilities: - GERONIMO-3838: close potential denial of service attack - CVE-2008-5518: fix Apache Geronimo web administration console directory traversal vulnerabilities. - CVE-2009-0038: fix Apache Geronimo web administration console XSS vulnerabilities. - CVE-2009-0039: fix Apache Geronimo web administration console XSRF vulnerabilities. - CVE-2009-0781: Samples: Fix Apache Tomcat cross-site scripting vulnerability. Affected products: SLE10, SLE11 - libxml2 This update of libxml2 does not use pointers after they were freed anymore. (CVE-2009-2416) Affected products: openSUSE 10.3-11.1, SLES9, SLE10, SLE11, NLD9 ______________________________________________________________________________ 2) Pending Vulnerabilities, Solutions, and Work-Arounds none ______________________________________________________________________________ 3) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, saveit as text into a file and run the command gpg --verify replacing with the name of the file containing the announcement. The output for a valid signature looks like: gpg: Signature made using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team " where is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and integrity of a package needs to be verified to ensure that it has not been tampered with. The internal RPM package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig to verify the signature of the package, replacing with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from
Aug 11, 2009
SuSE
100
security advisorydenial of servicevulnerabilitySUSE 2009:012 Low Profile Advisory: Resolved Denial Of Service Issues
To avoid flooding mailing lists with SUSE Security Announcements for minor To avoid flooding mailing lists with SUSE Security Announcements for minor issues, SUSE Security releases weekly summary reports for the low profile issues, SUSE Security releases weekly summary reports for the low profile vulnerability fixes. The SUSE Security Summary Reports do not list or download URLs like the SUSE Secu [More...]. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Summary Report Announcement ID: SUSE-SR:2009:012 Date: Fri, 03 Jul 2009 16:00:00 +0000 Cross-References: CVE-2008-5515, CVE-2008-6123, CVE-2009-0033 CVE-2009-0146, CVE-2009-0147, CVE-2009-0165 CVE-2009-0166, CVE-2009-0198, CVE-2009-0509 CVE-2009-0510, CVE-2009-0511, CVE-2009-0512 CVE-2009-0580, CVE-2009-0663, CVE-2009-0749 CVE-2009-0755, CVE-2009-0756, CVE-2009-0781 CVE-2009-0783, CVE-2009-0791, CVE-2009-0799 CVE-2009-0800, CVE-2009-0949, CVE-2009-1179 CVE-2009-1180, CVE-2009-1181, CVE-2009-1182 CVE-2009-1183, CVE-2009-1194, CVE-2009-1271 CVE-2009-1272, CVE-2009-1341, CVE-2009-1386 CVE-2009-1387, CVE-2009-1391, CVE-2009-1438 CVE-2009-1572, CVE-2009-1574, CVE-2009-1632 CVE-2009-1648, CVE-2009-1855, CVE-2009-1856 CVE-2009-1857, CVE-2009-1858, CVE-2009-1859 CVE-2009-1861, CVE-2009-1882, CVE-2009-1957 CVE-2009-1958, CVE-2009-1959 Content of this advisory: 1) Solved SecurityVulnerabilities: - optipng - cups - quagga - pango - strongswan - perl-DBD-Pg - irssi - openssl/libopenssl-devel - net-snmp - ImageMagick/GraphicsMagick - perl - ipsec-tools/novell-ipsec-tools - poppler/libpoppler3/libpoppler4 - yast2-ldap-server - tomcat6 - gstreamer-plugins/gstreamer010-plugins-bad - apache2-mod_php5 2) Pending Vulnerabilities, Solutions, and Work-Arounds: none 3) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Solved Security Vulnerabilities To avoid flooding mailing lists with SUSE Security Announcements for minor issues, SUSE Security releases weekly summary reports for the low profile vulnerability fixes. The SUSE Security Summary Reports do not list or download URLs like the SUSE Security Announcements that are released for more severe vulnerabilities. Fixed packages for the following incidents are already available on our FTP server and via the YaST Online Update. - optipng OptiPNG contained a bug in the GIF handling code that allowed to use already freed ressources. CVE-2009-0749 has been assigned to this issue. Affected products: openSUSE 10.3-11.1, SLE9-11 - cups The "pdftops" was prone to several integer overflows (CVE-2009-0791). The cups daemon could crash when receiving IPP requests with multiple unsupported tags (CVE-2009-0949). Affected products: openSUSE 10.3, SLE9,10 - quagga This update fixes a remote denial of service bug in quagga that can be triggered via an AS path containing ASN elements whose string repre- sentation is longer than expected. (CVE-2009-1572) Affected products: openSUSE 10.3-11.1, SLE9-11 - pango This update of pango fixes a segfault inlibpango that can be triggered by visiting web-sites. (CVE-2009-1194) Affected products: openSUSE 11.1, SLE11 - strongswan This update fixes two denial of service bugs that can lead to a remote pre-auth crash while processing a IKE_SA_INIT or a IKE_AUTH request. (CVE-2009-1957 and CVE-2009-1958) Affected products: openSUSE 10.3-11.1, SLE9-11 - perl-DBD-Pg This update of perl-DBD-Pg fixes a heap-based buffer overflow in function pg_db_getline() (CVE-2009-0663) and a denial of service bug that could be triggered remotely (CVE-2009-1341). Affected products: openSUSE 10.3, SLE10 - irssi Fixed a irssi off by one overflow in the event_wallops() function. CVE-2009-1959 has been assigned to this issue. Affected products: openSUSE 10.3-11.1 - openssl/libopenssl-devel OpenSSL DTLS remote DoS in ChangeCipherSpec (CVE-2009-1386) and in out-of-sequence message handling (CVE-2009-1387) have been fixed. Affected products: openSUSE 10.3-11.1, SLE9-11 - net-snmp With this update of net-snmp the handling of TCP wrappers rules for client authorization was improved, prior to this update it was possible for remote attackers to bypass intended access restrictions and execute SNMP queries. (CVE-2008-6123) Additionally binding to multiple interfaces was improved. Affected products: openSUSE 10.3-11.1, SLE9-11 - ImageMagick/GraphicsMagick This update of ImageMagick fixes an integer overflow in the XMakeImage() function that allowed remote attackers to cause a denial-of-service and possibly the execution of arbitrary code via a crafted TIFF file. (CVE-2009-1882) Affected products: openSUSE 10.3-11.1, SLE9-11 - perl/perl-Compress-Raw-Zlib A Buffer overflow in perl, in the base Compress::Raw::Zlib perl module has been fixed. (CVE-2009-1391) Affected products: openSUSE 10.3-11.1, SLE9-11 - ipsec-tools/novell-ipsec-tools This update of ipsec-tools fixesa crash of racoon in ISAKMP's de- fragmentation code due to a NULL-pointer dereference. (CVE-2009-1574) Additionally multiple memory leaks were fixed that allowed to execute a remote denial of service attack. (CVE-2009-1632) Affected products: openSUSE 10.3-11.1, SLE9-11 - poppler/libpoppler3/libpoppler4 This update of poppler: fix various security bugs that occur while decoding JBIG2 (CVE-2009-0146, CVE-2009-0147, CVE-2009-0165, CVE-2009-0166, CVE-2009-0799, CVE-2009-0800, CVE-2009-1179, CVE-2009-1180, CVE-2009-1181, CVE-2009-1182, CVE-2009-1183). Further a denial of service bug in function FormWidgetChoice::loadDefaults() (CVE-2009-0755) and JBIG2Stream::readSymbolDictSeg() (CVE-2009-0756) was closed that could be triggered via malformed PDF files. Affected products: openSUSE 10.3-11.1, SLE9-11 - yast2-ldap-server The YaST2 LDAP module in SUSE Linux Enterprise Server 11 did not initialize the firewall configuration during second stage installation. Therefore, if an online update required reboot during second stage firewall settings were not applied and the firewall turned off (CVE-2009-1648). Affected products: SLE11 - tomcat6 This update of tomcat fixes several vulnerabilities: - CVE-2008-5515: RequestDispatcher usage can lead to information leakage - CVE-2009-0033: denial of service via AJP connection - CVE-2009-0580: some authentication classes allow user enumeration - CVE-2009-0781: XSS bug in example application cal2.jsp - CVE-2009-0783: replacing XML parser leads to information leakage Additionally, non-security bugs were fixed. Affected products: openSUSE 11.0-11.1, SLE11 - gstreamer-plugins/gstreamer010-plugins-bad This update fixes a buffer overflow in libmodplug MED file handler that can be exploited remotely to execute arbitrary code with the privileges of the process using the library. (CVE-2009-1438) Affected products: openSUSE11.0-11.1, NLD9 - apache2-mod_php5 This update fixes the JSON parser (CVE-2009-1271) and the zip packer code (CVE-2009-1272) in php5. Both bugs can lead to a remote denial of service attack. Affected products: SLE11 ______________________________________________________________________________ 2) Pending Vulnerabilities, Solutions, and Work-Arounds none ______________________________________________________________________________ 3) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify replacing with the name of the file containing the announcement. The output for a valid signature looks like: gpg: Signature made using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team " where is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and integrity of a package needs to be verified to ensure that it has not been tampered with. The internal RPM package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig to verify the signature of the package,replacing with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from
Jul 03, 2009
•Low
SuSE
100
security advisorysecurity fixSUSESUSE: Lessons from 2009:004 Low Profile Challenges Addressed Efficiently
To avoid flooding mailing lists with SUSE Security Announcements To avoid flooding mailing lists with SUSE Security Announcements for minor for minor issues, SUSE Security releases weekly summary reports for the low profile vulnerability fixes. The SUSE Security Summary Reports do not list or download URLs like the SUSE Security Announcements that are released for more severe vulnerabilities.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Summary Report Announcement ID: SUSE-SR:2009:004 Date: Tue, 17 Feb 2009 10:00:00 +0000 Cross-References: CVE-2006-3835, CVE-2007-0184, CVE-2007-0185 CVE-2007-2377, CVE-2007-2449, CVE-2007-2450 CVE-2007-3382, CVE-2007-3385, CVE-2007-3386 CVE-2007-5333, CVE-2007-5342, CVE-2007-5461 CVE-2007-5613, CVE-2007-5615, CVE-2007-6286 CVE-2008-0002, CVE-2008-1232, CVE-2008-1586 CVE-2008-1947, CVE-2008-2235, CVE-2008-2370 CVE-2008-2938, CVE-2008-3231, CVE-2008-3651 CVE-2008-3652, CVE-2008-3663, CVE-2008-3796 CVE-2008-4577, CVE-2008-5086, CVE-2008-5233 CVE-2008-5234, CVE-2008-5235, CVE-2008-5236 CVE-2008-5237, CVE-2008-5238, CVE-2008-5239 CVE-2008-5240, CVE-2008-5241, CVE-2008-5242 CVE-2008-5243, CVE-2008-5244, CVE-2008-5245 CVE-2008-5246, CVE-2008-5247, CVE-2008-5248 CVE-2008-5250, CVE-2008-5252, CVE-2008-5256 CVE-2008-5302, CVE-2008-5557, CVE-2008-5587 CVE-2008-5658, CVE-2008-5718,CVE-2009-0030 CVE-2009-0310, CVE-2009-0313, CVE-2009-0416 CVE-2009-0490 Content of this advisory: 1) Solved Security Vulnerabilities: - apache-jakarta-tomcat-connectors - apache2-mod_php5 - audacity - dovecot - libtiff-devel - libvirt - mediawiki - netatalk - novell-ipsec-tools - opensc - perl - phpPgAdmin - sbl - sblim-sfcb - squirrelmail - swfdec - tomcat5 - virtualbox - websphere-as_ce - wine - xine-devel 2) Pending Vulnerabilities, Solutions, and Work-Arounds: none 3) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Solved Security Vulnerabilities To avoid flooding mailing lists with SUSE Security Announcements for minor issues, SUSE Security releases weekly summary reports for the low profile vulnerability fixes. The SUSE Security Summary Reports do not list or download URLs like the SUSE Security Announcements that are released for more severe vulnerabilities. Fixed packages for the following incidents are already available on our FTP server and via the YaST Online Update. - apache-jakarta-tomcat-connectors Two old but not yet fixed security issues in tomcat5 were spotted and are fixed by this update: CVE-2006-3835: Apache Tomcat 5 before 5.5.17 allows remote attackers to list directories via a semicolon (;) preceding a filename with a mapped extension, as demonstrated by URLs ending with /;index.jsp and /;help.do. Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat allowed remote attackers to inject arbitrary web script or HTML via crafted "Accept-Languageheaders that do not conform to RFC 2616". These issues were rated "low" by the Apache Tomcat team. Affected products: SLES9 - apache2-mod_php5 This update of php5 fixes a directory traversal bug in ZipArchive (CVE-2008-5658) and a buffer overflow in the mstring extension (CVE-2008-5557). Affected products: openSUSE 10.3-11.1, SLE10-SP2 - audacity Specially crafted GRO files could cause a stack based buffer in audacity (CVE-2009-0490). Affected products: openSUSE 10.3-11.1 - dovecot Dovecot didn't properly treat negative access rights therefore allowing attackers to bypass intended access restrictions (CVE-2008-4577) Affected products: openSUSE 10.3-11.0 - libtiff-devel specially crafted tiff images could lead to allocating large amounts of memory therefore crashing applications that process such files (CVE-2008-1586). Affected products: openSUSE 10.3-11.1 - libvirt libvirt misses some read-only connection checks for certain methods. This flaw enables local unprivileged users for example to migrate virtual machines without authentication (CVE-2008-5086). Affected products: openSUSE 10.3-11.1, SLE10-SP2 - mediawiki Missing checks allowed remote attackers to conduct cross-site scripting (XSS) or cross-site request forgery (CSRF) attacks against MediaWiki (CVE-2008-5250, CVE-2008-5252). Affected products: openSUSE 10.3-11.0 - netatalk This update of netatalk adds a filter for characters of user-supplied data to papd. Prior to this update it was possible to execute arbitrary shell commands remotely. (CVE-2008-5718) Affected products: openSUSE 10.3-11.1, SLE10-SP2 - novell-ipsec-tools Remote attackers could exploit memory leaks in the 'racoon' daemon to crash it (CVE-2008-3651, CVE-2008-3652) Affected products: openSUSE 10.3-11.0 - opensc This update fixes a security issues with opensc that occured when initializing blank smart cards with Siemens CardOS M4. After the initialization anyone could set the PIN of the smart card without authorization (CVE-2008-2235). NOTE: Already initialized cards are still vulnerable after this update. Please use the command-line tool pkcs15-tool with option --test-update and --update when necessary. Don't forget to reinitialize your smart cards if you are using cards with Siemens CardOS M4 operating system that were initialized using opensc! Please find more information at This is the second attempt to fix this problem. The previous update was unforunately incomplete. Affected products: openSUSE SLE10-SP2 - perl This perl update fixes a race condition in rmtree. (CVE-2008-5302) Affected products: openSUSE 11.0-11.1 - phpPgAdmin Attackers could read arbitrary files due to a directory traversal vulnerability in phpPgAdmin (CVE-2008-5587). Affected products: openSUSE 10.3-11.1 - sbl A buffer overflow in the sbl package has been fixed. Incoming data and authentication-strings have not been checked properly. CVE-2009-0310 has been assigned to this issue. Affected products: openSUSE 10.3-11.0 - sblim-sfcb A tmp file race condition in the genSslCerts.sh helper script could be used by local attackers to gain root privileges. (CVE-2009-0416) Affected products: openSUSE 11.0-11.1 - squirrelmail This update of squirrelmail corrects a problem introduced by a patch for CVE-2008-3663 that caused cookies to be static. (CVE-2009-0030) Affected products: openSUSE 10.3 - swfdec The free Flash decoder engine "swfdec" was updated to version 0.6.8 to fix lots of crashers which are likely security relevant and could be exploited to remotely execute code. (CVE-2008-3796) Affected products: openSUSE 11.0 - tomcat5 Two old but not yet fixed security issues in tomcat5 were spotted and are fixed bythis update: CVE-2006-3835: Apache Tomcat 5 before 5.5.17 allows remote attackers to list directories via a semicolon (;) preceding a filename with a mapped extension, as demonstrated by URLs ending with /;index.jsp and /;help.do. Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat allowed remote attackers to inject arbitrary web script or HTML via crafted "Accept-Language headers that do not conform to RFC 2616". These issues were rated "low" by the Apache Tomcat team. Affected products: SLE10-SP2 - virtualbox Insufficient checks on temporary files could allow users to trick others into overwriting arbitrary files (CVE-2008-5256). Affected products: openSUSE 10.3-11.0 - websphere-as_ce Websphere has been updated to version 2.1.0.1 to fix several security vulnerability in the included subprojects, such as Apache Geronimo and Tomcat (CVE-2007-0184, CVE-2007-0185, CVE-2007-2377, CVE-2007-2449, CVE-2007-2450, CVE-2007-3382, CVE-2007-3385, CVE-2007-3386, CVE-2007-5333, CVE-2007-5342, CVE-2007-5461, CVE-2007-5613, CVE-2007-5615, CVE-2007-6286, CVE-2008-0002, CVE-2008-1232, CVE-2008-1947, CVE-2008-2370, CVE-2008-2938). Affected products: SLE10-SP2 - wine A symlink vulnerability in handling tmp files in the winetricks helper scripts was fixed. (CVE-2009-0313) Affected products: openSUSE 11.0-11.1 - xine-devel This update of xine fixes multiple buffer overflows while parsing files: - CVE-2008-3231 - CVE-2008-5233 - CVE-2008-5234 - CVE-2008-5235 - CVE-2008-5236 - CVE-2008-5237 - CVE-2008-5238 - CVE-2008-5239 - CVE-2008-5240 - CVE-2008-5241 - CVE-2008-5242 - CVE-2008-5243 - CVE-2008-5244 - CVE-2008-5245 - CVE-2008-5246 - CVE-2008-5247 - CVE-2008-5248 These bugs can lead to remote code execution. Affected products: openSUSE 10.3-11.0, SLES9,SLE10-SP2 ______________________________________________________________________________ 2) Pending Vulnerabilities, Solutions, and Work-Arounds none ______________________________________________________________________________ 3) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify replacing with the name of the file containing the announcement. The output for a valid signature looks like: gpg: Signature made using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team " where is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and integrity of a package needs to be verified to ensure that it has not been tampered with. The internal RPM package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig to verify the signature of the package, replacing with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from
Feb 17, 2009
•Low
SuSE
100
security advisoryapacheenscriptSUSE 2008:024 Minor Fixes: Apache, Yelp, Enscript Issues Overview
To avoid flooding mailing lists with SUSE Security Announcements for minor To avoid flooding mailing lists with SUSE Security Announcements for minor issues, SUSE Security releases weekly summary reports for the low profile issues, SUSE Security releases weekly summary reports for the low profile vulnerability fixes. The SUSE Security Summary Reports do not list or download URLs like the SUSE Secu [More...]. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Summary Report Announcement ID: SUSE-SR:2008:024 Date: Fri, 07 Nov 2008 14:00:00 +0000 Cross-References: CVE-2007-6420, CVE-2008-1678, CVE-2008-2939, CVE-2008-3533, CVE-2008-3863 Content of this advisory: 1) Solved Security Vulnerabilities: - yelp - apache2 - enscript - libcdaudio 2) Pending Vulnerabilities, Solutions, and Work-Arounds: none 3) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Solved Security Vulnerabilities To avoid flooding mailing lists with SUSE Security Announcements for minor issues, SUSE Security releases weekly summary reports for the low profile vulnerability fixes. The SUSE Security Summary Reports do not list or download URLs like the SUSE Security Announcements that are released for more severe vulnerabilities. Fixed packages for the following incidents are already available on our FTP server and via the YaST Online Update. - yelp Package yelp was updated to fix a format string bug. (CVE-2008-3533) Affected products: openSUSE 11.0 - apache2 Missing sanity checks of FTP URLs allowed cross site scripting (XSS) attacks via the mod_proxy_ftp module (CVE-2008-2939). Missing precautions allowed cross site request forgery (CSRF) via the mod_proxy_balancer interface (CVE-2007-6420). A memory leak in the SSL module could crash apache (CVE-2008-1678) Affected products: openSUSE 10.2-11.0, SLES10, SLES9, NLD9, OES, NLPOS9, SLED - enscript This update of enscript fixes buffer overflows in the setfilename (CVE-2008-3863), process_file and read_special_escape function (CVE-2008-4306) that can be exploited during file processing. Affected products: openSUSE 10.2-11.0, SLES10, SLES9, NLD9, OES, NLPOS9, SLED - libcdaudio A remote attacker can modify a CDDB entry on a CDDB server or just intercept a connection from the CDDB client to the server to execute arbitrary code on the client machine. Affected products: openSUSE 10.2-11.0 ______________________________________________________________________________ 2) Pending Vulnerabilities, Solutions, and Work-Arounds none ______________________________________________________________________________ 3) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify replacing with the name of the file containing the announcement. The output for a valid signature looks like: gpg: Signature made using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team " where is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the firstinstallation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and integrity of a package needs to be verified to ensure that it has not been tampered with. The internal RPM package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig to verify the signature of the package, replacing with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from
Nov 07, 2008
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!