Debian: Important Updates for Critical Packages Including PDF Handling
Linux+DVD Magazine Our magazine is read by professional network and database administrators, system programmers, webmasters and all those who believe in the power of Open Source software. The majority of our readers is between 15 and 40 years old. They are interested in current news from the Linux world, upcoming projects etc.
In each issue you can find information concerning typical use of Linux: safety, databases, multimedia, scientific tools, entertainment, programming, e-mail, news and desktop environments.
LinuxSecurity.com Feature Extras:
Review: Practical Packet Analysis - In the introduction, McIlwraith points out that security awareness training properly consists of communication, raising of issues, and encouragement to modify behaviour. (This will come as no surprise to those who recall the definition of training as the modification of attitudes and behaviour.) He also notes that security professionals frequently concentrate solely on presentation of problems. The remainder of the introduction looks at other major security activities, and the part that awareness plays in ensuring that they actually work.
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to
Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.
| Debian: New bind9 packages fix DNS cache poisoning | ||
26th, July, 2007
Amit Klein discovered that the BIND name server generates predictable DNS query IDs, which may lead to cache poisoning attacks. For the oldstable distribution (sarge) this problem has been fixed in version 9.2.4-1sarge3. An update for mips, powerpc and hppa is not yet available, they will be released soon. advisories/debian/debian-new-bind9-packages-fix-dns-cache-poisoning-192 |
||
| Debian: New xfs packages fix privilege escalation | ||
30th, July, 2007
It was discovered that a race condition in the init.d script of the X Font Server allows the modification of file permissions of arbitrary files if the local administrator can be tricked into restarting the X font server. advisories/debian/debian-new-xfs-packages-fix-privilege-escalation |
||
| Debian: New file packages fix arbitrary code execution | ||
31st, July, 2007
Colin Percival discovered an integer overflow in file, a file type classification tool, which may lead to the execution of arbitrary code. advisories/debian/debian-new-file-packages-fix-arbitrary-code-execution-21321 |
||
| Fedora Core 6 Update: bind-9.3.4-7.P1.fc6 | ||
27th, July, 2007
BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. This update fixes the following flaw. Allows cache-poisoning type of attack, no workaround, affect only outgoing queries. advisories/fedora/fedora-core-6-update-bind-934-7p1fc6-00-26-00-128868 |
||
| Fedora Core 6 Update: gdm-2.16.5-2.fc6 | ||
2nd, August, 2007
Gdm (the GNOME Display Manager) is a highly configurable reimplementation of xdm, the X Display Manager. JLANTHEA reported a denial of service flaw in the way that gdm listens on its unix domain socket. Any local user can crash the locally running X session. advisories/fedora/fedora-core-6-update-gdm-2165-2fc6-10-18-00-128903 |
||
| Fedora Core 6 Update: tcpdump-3.9.4-11.fc6 | ||
2nd, August, 2007
Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value. advisories/fedora/fedora-core-6-update-tcpdump-394-11fc6-10-18-00-128904 |
||
| Gentoo: VLC media player Format string vulnerabilities | ||
28th, July, 2007
A vulnerability has been discovered in VLC media player, allowing for the remote execution of arbitrary code.David Thiel from iSEC Partners Inc. discovered format string errors in various plugins when parsing data. The affected plugins include Vorbis, Theora, CDDA and SAP. |
||
| Gentoo: Fail2ban Denial of Service | ||
28th, July, 2007
Fail2ban is vulnerable to a Denial of Service attack.A remote attacker could send specially crafted SSH login banners to the vulnerable host, which would prevent any ssh connection to the host and result in a Denial of Service. |
||
| Gentoo: tcpdump Integer overflow | ||
28th, July, 2007
A vulnerability has been discovered in tcpdump, allowing for the execution of arbitrary code, possibly with root privileges.A remote attacker could send specially crafted BGP packets on a network being monitored with tcpdump, possibly resulting in the execution of arbitrary code with the privileges of the user running tcpdump, which is usually root. |
||
| Mandriva: Updated qt3 packages fix multiple vulnerabilities | ||
1st, August, 2007
A number of format string flaws have been discovered in how Qt handled error messages by Dirk Mueller and Tracey Parry of Portcullis Computer Security. If an application linked against Qt created an error message from user-supplied data in a certain way, it could possibly lead to the execution of arbitrary code or a denial of service. This update provides packages which are patched to prevent these issues. |
||
| Mandriva: Updated Firefox packages fix multiple | ||
1st, August, 2007
A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.6. This update provides the latest Firefox to correct these issues. As well, it provides Firefox 2.0.0.6 for older products. |
||
| RedHat: Important: cups security update | ||
30th, July, 2007
Updated CUPS packages that fix a security issue in PDF handling are now available for Red Hat Enterprise Linux 3, 4, and 5. Maurycy Prodeus discovered an integer overflow flaw in the way CUPS processes PDF files. An attacker could create a malicious PDF file that could potentially execute arbitrary code when printed. This update has been rated as having important security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-important-cups-security-update-82866 |
||
| RedHat: Important: kdegraphics security update | ||
30th, July, 2007
Updated kdegraphics packages that fix a security issue in PDF handling are now available for Red Hat Enterprise Linux 4, and 5.Maurycy Prodeus discovered an integer overflow flaw in the processing of PDF files. An attacker could create a malicious PDF file that would cause kpdf to crash or potentially execute arbitrary code when opened. This update has been rated as having important security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-important-kdegraphics-security-update-59910 |
||
| RedHat: Important: gpdf security update | ||
30th, July, 2007
Updated kdegraphics packages that fix a security issue in PDF handling are now available for Red Hat Enterprise Linux 4. Maurycy Prodeus discovered an integer overflow flaw in the processing of PDF files. An attacker could create a malicious PDF file that would cause gpdf to crash or potentially execute arbitrary code when opened. This update has been rated as having important security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-important-gpdf-security-update-41061 |
||
| RedHat: Important: poppler security update | ||
30th, July, 2007
Updated poppler packages that fix a security issue in PDF handling are now available for Red Hat Enterprise Linux 5. This update has been rated as having important secur Maurycy Prodeus discovered an integer overflow flaw in the processing of PDF files. An attacker could create a malicious PDF file that would cause an application linked with poppler to crash or potentially execute arbitrary code when opened. ity impact by the Red Hat Security Response Team. advisories/red-hat/redhat-important-poppler-security-update-22502 |
||
| RedHat: Important: xpdf security update | ||
30th, July, 2007
Updated xpdf packages that fix a security issue in PDF handling are now available for Red Hat Enterprise Linux 2.1, 3, and 4. Maurycy Prodeus discovered an integer overflow flaw in the processing of PDF files. An attacker could create a malicious PDF file that would cause Xpdf to crash or potentially execute arbitrary code when opened. This update has been rated as having important security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-important-xpdf-security-update-71640 |
||
| RedHat: Moderate: qt security update | ||
31st, July, 2007
Updated qt packages that correct an integer overflow flaw are now available.Several format string flaws were found in Qt error message handling. If an application linked against Qt created an error message from user supplied data in a certain way, it could lead to a denial of service or possibly allow the execution of arbitrary code. This update has been rated as having moderate security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-moderate-qt-security-update-RHSA-2007-0721-01 |
||
| RedHat: Important: tetex security update | ||
1st, August, 2007
Updated tetex packages that fix a security issue in PDF handling are now available for Red Hat Enterprise Linux 2.1, 3, 4, and 5. Maurycy Prodeus discovered an integer overflow flaw in the processing of PDF files. An attacker could create a malicious PDF file that would cause TeTeX to crash or potentially execute arbitrary code when opened. This update has been rated as having important security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-important-tetex-security-update-3670 |
||
| Slackware: bind | ||
26th, July, 2007
New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, and 12.0 to fix security issues. The first issue which allows remote attackers to make recursive queries only affects Slackware 12.0. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database: https://www.cve.org/CVERecord?id=CVE-2007-2925 |
||
| Slackware: firefox | ||
1st, August, 2007
New mozilla-firefox packages are available for Slackware 11.0 and 12.0 to fix security issues. Note that Firefox 1.5.x has reached its EOL (end of life) and is no longer being updated by mozilla.com. Users of Firefox 1.5.x are encouraged to upgrade to Firefox 2.x. Since we use the official Firefox binaries, these packages should work equally well on earlier Slackware systems. More details about the security issues may be found at this link: https://www.mozilla.org/en-US/security/known-vulnerabilities/ |
||
| Ubuntu: tcpdump vulnerability | ||
30th, July, 2007
A flaw was discovered in the BGP dissector of tcpdump. Remote attackers could send specially crafted packets and execute arbitrary code with user privileges. advisories/ubuntu/ubuntu-tcpdump-vulnerability |
||
| Ubuntu: Firefox vulnerabilities | ||
31st, July, 2007
A flaw was discovered in handling of "about:blank" windows used by addons. A malicious web site could exploit this to modify the contents, or steal confidential data (such as passwords), of other web pages. Jesper Johansson discovered that spaces and double-quotes were not correctly handled when launching external programs. In rare configurations, after tricking a user into opening a malicious web page, an attacker could execute helpers with arbitrary arguments with the user's privileges. advisories/ubuntu/ubuntu-firefox-vulnerabilities-99643 |
||
| Ubuntu: Gimp vulnerability | ||
2nd, August, 2007
Sean Larsson discovered multiple integer overflows in Gimp. By tricking a user into opening a specially crafted DICOM, PNM, PSD, PSP, RAS, XBM, or XWD image, a remote attacker could exploit this to execute arbitrary code with the user's privileges. advisories/ubuntu/ubuntu-gimp-vulnerability-58725 |
||
