Thank you for reading the Linux Advisory Watch Security Newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's vendor security bulletins and pointers on
methods to improve the security posture of your open source system.
Vulnerabilities affect nearly every vendor virtually every week, so
be sure to read through to find the updates your distributor have
made available.
|
(Apr 4) |
|
Several vulnerabilities were discovered in PostgreSQL database server. CVE-2013-1899 [More...]
|
|
(Apr 4) |
|
A vulnerability was discovered in PostgreSQL database server. Random numbers generated by contrib/pgcrypto functions may be easy for another database user to guess. [More...]
|
|
(Apr 3) |
|
Nicolas Gregoire discovered that libxslt, an XSLT processing runtime library, is prone to denial of service vulnerabilities via crafted xsl stylesheets. [More...]
|
|
(Mar 30) |
|
Matthew Horsfall of Dyn, Inc. discovered that BIND, a DNS server, is prone to a denial of service vulnerability. A remote attacker could use this flaw to send a specially-crafted DNS query to named that, when processed, would cause named to use an excessive amount of memory, or [More...]
|
|
(Mar 28) |
|
Several cross-site-scripting and denial of service vulnerabilities were discovered in Ruby on Rails, a Ruby framework for web application development. [More...]
|
|
|
|
Mandriva: 2013:055: wireshark (Apr 5) |
|
Multiple vulnerabilities has been found and corrected in wireshark: Infinite and large loops in ANSI MAP, BACapp, Bluetooth HCI, IEEE 802.3, LTP, and R3 dissectors have been fixed. Discovered by Laurent Butti (https://www.wireshark.org/security/wnpa-sec-2012-08.html [More...]
|
|
Mandriva: 2013:054: sudo (Apr 5) |
|
Multiple vulnerabilities has been found and corrected in sudo: A flaw exists in the IP network matching code in sudo versions 1.6.9p3 through 1.8.4p4 that may result in the local host being matched even though it is not actually part of the network described by the [More...]
|
|
Mandriva: 2013:053: proftpd (Apr 5) |
|
A vulnerability has been found and corrected in proftpd: ProFTPD before 1.3.5rc1, when using the UserOwner directive, allows local users to modify the ownership of arbitrary files via a race condition and a symlink attack on the (1) MKD or (2) XMKD commands [More...]
|
|
Mandriva: 2013:052: openssl (Apr 5) |
|
Multiple vulnerabilities has been found and corrected in openssl: OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote attackers to cause a denial of service (NULL [More...]
|
|
Mandriva: 2013:051: openssh (Apr 5) |
|
A vulnerability has been found and corrected in openssh: The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial [More...]
|
|
Mandriva: 2013:050: nss (Apr 5) |
|
Google reported to Mozilla that TURKTRUST, a certificate authority in Mozillas root program, had mis-issued two intermediate certificates to customers. The issue was not specific to Firefox but there was evidence that one of the certificates was used for man-in-the-middle (MITM) traffic management of domain names that the customer did not [More...]
|
|
Mandriva: 2013:049: net-snmp (Apr 5) |
|
A vulnerability has been discovered and corrected in net-snmp: An array index error, leading to out-of heap-based buffer read flaw was found in the way net-snmp agent performed entries lookup in the extension table. When certain MIB subtree was handled by the extend [More...]
|
|
Mandriva: 2013:048: ncpfs (Apr 5) |
|
Multiple vulnerabilities has been discovered and corrected in ncpfs: ncpfs 2.2.6 and earlier attempts to use (1) ncpmount to append to the /etc/mtab file and (2) ncpumount to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, [More...]
|
|
Mandriva: 2013:047: libxslt (Apr 5) |
|
A vulnerability has been discovered and corrected in libxslt: The XSL implementation in libxslt allows remote attackers to cause a denial of service (incorrect read operation) via unspecified vectors (CVE-2012-2825). [More...]
|
|
Mandriva: 2013:046: libtiff (Apr 5) |
|
Updated libtiff packages fix security vulnerabilities: libtiff did not properly convert between signed and unsigned integer values, leading to a buffer overflow. An attacker could use this flaw to create a specially-crafted TIFF file that, when opened, would [More...]
|
|
Mandriva: 2013:045: libssh (Apr 5) |
|
Updated libssh packages fix security vulnerabilities: Multiple double free flaws, buffer overflow flaws, invalid free flaws, and improper overflow checks in libssh before 0.5.3 could enable a denial of service attack against libssh clients, or possibly [More...]
|
|
Mandriva: 2013:044: libjpeg (Apr 5) |
|
A vulnerability has been discovered and corrected in libjpeg: A Heap-based buffer overflow was found in the way libjpeg-turbo decompressed certain corrupt JPEG images in which the component count was erroneously set to a large value. An attacker could create [More...]
|
|
Mandriva: 2013:043: libgssglue (Apr 5) |
|
This update fixes insecure getenv() usage in libgssglue, which could be used under some circumstances by local attackers do gain root privileges (CVE-2011-2709). [More...] _______________________________________________________________________
|
|
Mandriva: 2013:042: krb5 (Apr 5) |
|
Multiple vulnerabilities has been discovered and corrected in krb5: Fix a kadmind denial of service issue (null pointer dereference), which could only be triggered by an administrator with the create privilege (CVE-2012-1013). [More...]
|
|
Mandriva: 2013:041: html2ps (Apr 5) |
|
A vulnerability has been found and corrected in html2ps: Directory traversal vulnerability in html2ps before 1.0b7 allows remote attackers to read arbitrary files via directory traversal sequences in SSI directives (CVE-2009-5067). [More...]
|
|
Mandriva: 2013:040: gnutls (Apr 5) |
|
Nadhem Alfardan and Kenny Paterson devised an attack that recovers some bits of the plaintext of a GnuTLS session that utilizes that CBC ciphersuites, by using timing information (CVE-2013-1619). The gnutls package has been updated to latest 3.0.28 version to fix [More...]
|
|
Mandriva: 2013:001-1: gnupg (Apr 5) |
|
A vulnerability has been found and corrected in gnupg: Versions of GnuPG <= 1.4.12 are vulnerable to memory access violations and public keyring database corruption when importing public keys that have been manipulated. An OpenPGP key can be fuzzed in such a [More...]
|
|
Mandriva: 2013:039: freetype2 (Apr 5) |
|
Updated freetype2 packages fixes security vulnerabilities: A null pointer de-reference flaw was found in the way Freetype font rendering engine handled Glyph bitmap distribution format (BDF) fonts. A remote attacker could provide a specially-crafted BDF font [More...]
|
|
Mandriva: 2013:038: freeradius (Apr 5) |
|
Updated freeradius packages fixes security vulnerabilities: It was found that the unix module ignored the password expiration setting in /etc/shadow. If FreeRADIUS was configured to use this module for user authentication, this flaw could allow users with [More...]
|
|
Mandriva: 2013:036: exif (Apr 5) |
|
A vulnerability has been discovered and corrected in exif: An integer overflow in the function jpeg_data_load_data in the exif program could cause a data read beyond the end of a buffer, causing an application crash or leakage of potentially sensitive information [More...]
|
|
Mandriva: 2013:037: fetchmail (Apr 5) |
|
Multiple vulnerabilities has been found and corrected in fetchmail: Fetchmail version 6.3.9 enabled all SSL workarounds (SSL_OP_ALL) which contains a switch to disable a countermeasure against certain attacks against block ciphers that permit guessing the initialization vectors, [More...]
|
|
Mandriva: 2013:035: libexif (Apr 5) |
|
Multiple vulnerabilities has been discovered and corrected in libexif: A heap-based out-of-bounds array read in the exif_entry_get_value function in libexif/exif-entry.c in libexif 0.6.20 and earlier allows remote attackers to cause a denial of service or possibly obtain [More...]
|
|
Mandriva: 2013:034: cups (Apr 5) |
|
Updated cups packages fixes bugs and security vulnerabilities: During the process of CUPS socket activation code refactoring in favour of systemd capability a security flaw was found in the way CUPS service honoured Listen localhost:631 cupsd.conf configuration option. The [More...]
|
|
Mandriva: 2013:033: cronie (Apr 5) |
|
Updated cronie package fixes the following issue: It was reported that cronie 1.4.8 would leak certain file descriptors. On systems where /etc/crontab is not world-readable this could be an information disclosure concern (CVE-2012-6097). [More...]
|
|
Mandriva: 2013:023-1: coreutils (Apr 5) |
|
Multiple vulnerabilities has been found and corrected in coreutils: Long line inputs could trigger a segfault in the sort, uniq and join utilities (CVE-2013-0221, CVE-2013-0222, CVE-2013-0223). [More...]
|
|
Mandriva: 2013:032: bash (Apr 5) |
|
A vulnerability was found and corrected in bash: A stack-based buffer overflow flaw was found in the way bash, the GNU Bourne Again shell, expanded certain /dev/fd file names when checking file names ('test' command) and evaluating /dev/fd file [More...]
|
|
Mandriva: 2013:030: arpwatch (Apr 5) |
|
A vulnerability has been discovered and corrected in arpwatch: arpwatch 2.1a15, as used by Red Hat, Debian, Fedora, and possibly others, does not properly drop supplementary groups, which might allow attackers to gain root privileges by leveraging other vulnerabilities [More...]
|
|
Mandriva: 2013:031: automake (Apr 5) |
|
A vulnerability has been discovered and corrected in automake: A race condition in automake (lib/am/distdir.am) could allow a local attacker to run arbitrary code with the privileges of the user running make distcheck (CVE-2012-3386). [More...]
|
|
Mandriva: 2013:029: apache-mod_security (Apr 5) |
|
A vulnerability has been discovered and corrected in apache-mod_security: ModSecurity <= 2.6.8 is vulnerable to multipart/invalid part ruleset bypass, this was fixed in 2.7.0 (released on2012-10-16) [More...]
|
|
Mandriva: 2013:019: bash (Apr 4) |
|
A vulnerability was found and corrected in bash: A stack-based buffer overflow flaw was found in the way bash, the GNU Bourne Again shell, expanded certain /dev/fd file names when checking file names ('test' command) and evaluating /dev/fd file [More...]
|
|
Mandriva: 2013:018: automake (Apr 4) |
|
A vulnerability has been discovered and corrected in automake: A race condition in automake (lib/am/distdir.am) could allow a local attacker to run arbitrary code with the privileges of the user running make distcheck (CVE-2012-3386). [More...]
|
|
Mandriva: 2013:017: arpwatch (Apr 4) |
|
A vulnerability has been discovered and corrected in arpwatch: arpwatch 2.1a15, as used by Red Hat, Debian, Fedora, and possibly others, does not properly drop supplementary groups, which might allow attackers to gain root privileges by leveraging other vulnerabilities [More...]
|
|
Mandriva: 2013:016: apache-mod_security (Apr 4) |
|
A vulnerability has been discovered and corrected in apache-mod_security: ModSecurity <= 2.6.8 is vulnerable to multipart/invalid part ruleset bypass, this was fixed in 2.7.0 (released on2012-10-16) [More...]
|
|
Mandriva: 2013:015-1: apache (Apr 4) |
|
Multiple vulnerabilities has been found and corrected in apache (ASF HTTPD): Various XSS (cross-site scripting vulnerability) flaws due to unescaped hostnames and URIs HTML output in mod_info, mod_status, mod_imagemap, [More...]
|
|
|
|
Red Hat: 2013:0710-01: puppet: Important Advisory (Apr 4) |
|
Updated puppet packages that fix several security issues are now available for Red Hat OpenStack Folsom. The Red Hat Security Response Team has rated this update as having [More...]
|
|
Red Hat: 2013:0709-01: openstack-nova: Moderate Advisory (Apr 4) |
|
Updated openstack-nova packages that fix two security issues and various bugs are now available for Red Hat OpenStack Folsom. The Red Hat Security Response Team has rated this update as having moderate [More...]
|
|
Red Hat: 2013:0707-01: openstack-glance: Moderate Advisory (Apr 4) |
|
Updated openstack-glance packages that fix one security issue and various bugs are now available for Red Hat OpenStack Folsom. The Red Hat Security Response Team has rated this update as having moderate [More...]
|
|
Red Hat: 2013:0708-01: openstack-keystone: Moderate Advisory (Apr 4) |
|
Updated openstack-keystone packages that fix two security issues and various bugs are now available for Red Hat OpenStack Folsom. The Red Hat Security Response Team has rated this update as having moderate [More...]
|
|
Red Hat: 2013:0700-01: jenkins: Moderate Advisory (Apr 2) |
|
An updated jenkins package that fixes one security issue is now available for Red Hat OpenShift Enterprise 1.1.3. The Red Hat Security Response Team has rated this update as having moderate [More...]
|
|
Red Hat: 2013:0697-01: thunderbird: Important Advisory (Apr 2) |
|
An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having [More...]
|
|
Red Hat: 2013:0695-01: kernel: Important Advisory (Apr 2) |
|
Updated kernel packages that fix one security issue are now available for Red Hat Enterprise Linux 5.6 Extended Update Support. The Red Hat Security Response Team has rated this update as having [More...]
|
|
Red Hat: 2013:0696-01: firefox: Critical Advisory (Apr 2) |
|
Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical [More...]
|
|
Red Hat: 2013:0689-01: bind: Important Advisory (Mar 28) |
|
Updated bind packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having [More...]
|
|
Red Hat: 2013:0690-01: bind97: Important Advisory (Mar 28) |
|
Updated bind97 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having [More...]
|
|
|
|
(Apr 5) |
|
New subversion packages are available for Slackware 13.0, 13.1, 13.37, 14.0, and -current to fix security issues. [More Info...]
|
|
(Apr 3) |
|
New mozilla-firefox packages are available for Slackware 13.37, 14.0, and -current to fix security issues. [More Info...]
|
|
(Apr 3) |
|
New mozilla-thunderbird packages are available for Slackware 13.37, 14.0, and -current to fix security issues. [More Info...]
|
|
(Mar 28) |
|
New libssh packages are available for Slackware 14.0, and -current to fix a security issue. [More Info...]
|
|
|
|
Ubuntu: 1786-2: Unity Firefox Extension update (Apr 4) |
|
This update provides a compatible version of Unity Firefox Extension forFirefox 20.
|
|
Ubuntu: 1786-1: Firefox vulnerabilities (Apr 4) |
|
Firefox could be made to crash or run programs as your login if itopened a malicious website.
|
|
Ubuntu: 1790-1: Libav vulnerabilities (Apr 4) |
|
Libav could be made to crash or run programs as your login if it opened aspecially crafted file.
|
|
Ubuntu: 1789-1: PostgreSQL vulnerabilities (Apr 4) |
|
Several security issues were fixed in PostgreSQL.
|
|
Ubuntu: 1788-1: Linux kernel (Oneiric backport) vulnerabilities (Apr 3) |
|
Several security issues were fixed in the kernel.
|
|
Ubuntu: 1787-1: Linux kernel vulnerabilities (Apr 2) |
|
Several security issues were fixed in the kernel.
|
|
Ubuntu: 1785-1: poppler vulnerabilities (Apr 2) |
|
Applications using poppler could be made to crash or possibly run programsas your login if they opened a specially crafted file.
|
|
Ubuntu: 1784-1: libxslt vulnerability (Apr 2) |
|
Applications using libxslt could be made to crash if they processed aspecially crafted file.
|
|
Ubuntu: 1783-1: Bind vulnerability (Mar 29) |
|
Bind could be made to consume memory or crash if it received speciallycrafted network traffic.
|
|
Ubuntu: 1782-1: libxml2 vulnerability (Mar 28) |
|
libxml2 could be made to hang if it received specially crafted input.
|
