Thank you for reading the Linux Advisory Watch Security Newsletter. The purpose of this document is to provide our readers with a quick summary of each week's vendor security bulletins and pointers on methods to improve the security posture of your open source system. Vulnerabilities affect nearly every vendor virtually every week, so be sure to read through to find the updates your distributor have made available.

LinuxSecurity.com Feature Extras:

Essential tools for hardening and securing Unix based Environments - System administrators are aware as how important their systems security is, not just the runtime of their servers. Intruders, spammers, DDOS attack, crackers, are all out there trying to get into people's computers, servers and everywhere they can lay hands on and interrupt the normal runtime of services.

Securing a Linux Web Server - With the significant prevalence of Linux web servers globally, security is often touted as a strength of the platform for such a purpose. However, a Linux based web server is only as secure as its configuration and very often many are quite vulnerable to compromise. While specific configurations vary wildly due to environments or specific use, there are various general steps that can be taken to insure basic security considerations are in place.

  (Aug 7)
 

Security Report Summary
  (Aug 4)
 

Security Report Summary
  (Aug 4)
 

Security Report Summary
  (Aug 3)
 

Security Report Summary
  (Aug 2)
 

Security Report Summary
  (Aug 1)
 

Security Report Summary
  (Aug 1)
 

Security Report Summary
  (Aug 1)
 

Security Report Summary
  (Jul 31)
 

Security Report Summary
  (Jul 30)
 

Security Report Summary
  (Jul 30)
 

Security Report Summary
  (Aug 7)
 

https://www.drupal.org/project/cck
  (Aug 7)
 

Latest upstream security release:https://www.lighttpd.net/2015/7/26/1.4.36/
  (Aug 7)
 

https://www.drupal.org/project/cck
  (Aug 7)
 

Security fix for CVE-2015-5059
  (Aug 7)
 

Latest upstream security release:https://www.lighttpd.net/2015/7/26/1.4.36/
  (Aug 7)
 

Security fix for CVE-2015-5059
  (Aug 7)
 

* OpenSAML Java: HTTPS Connections Via HTTP Resources Do Not Perform Hostname Verification
  (Aug 7)
 

* OpenSAML Java: HTTPS Connections Via HTTP Resources Do Not Perform Hostname Verification
  (Aug 7)
 

* OpenSAML Java: HTTPS Connections Via HTTP Resources Do Not Perform Hostname Verification
  (Aug 7)
 

* OpenSAML Java: HTTPS Connections Via HTTP Resources Do Not Perform Hostname Verification
  (Aug 7)
 

This update fixes CVE-2015-1856, unauthorized deletion of versioned Swift object.
  (Aug 5)
 

Fixes for CVE-2015-3290 CVE-2015-3291 CVE-2015-1333 in the kernel.Also fixes for a minor warning in pcmcia.
  (Aug 4)
 

Security fix BZ1205130 - patch for CTCP Denial of ServiceNew upstream release of Quassel IRC Client
  (Aug 3)
 

Security fix for CVE-2015-3245, CVE-2015-3246
  (Aug 3)
 

Handle terminal control characters in scp progressmeter (#1247204) -- Security fix
  (Jul 31)
 

Update to 9.9.7-P2 to fix CVE-2015-5477
  (Jul 31)
 

Include fix for CVE-2015-5477
  (Jul 31)
 

Update to 9.10.2-P3 to fix CVE-2015-5477
  (Jul 31)
 

Handle terminal control characters in scp progressmeter (#1247204) -- Security fix
  (Jul 30)
 

Security fix for CVE-2015-5600
  (Jul 30)
 

Add epoch again. New version. Close bug #1105202 again. Own /etc/xrdp/pulse directory. Reapply service file changes again. Fix sesman default configuration again.
  (Jul 30)
 

Security fix for CVE-2015-3245, CVE-2015-3246
  Red Hat: 2015:1565-01: kernel-rt: Moderate Advisory (Aug 6)
 

Updated kernel-rt packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. [More...]
  Red Hat: 2015:1564-01: kernel-rt: Moderate Advisory (Aug 6)
 

Updated kernel-rt packages that fix three security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise MRG 2.5. [More...]
  Red Hat: 2015:1534-01: kernel: Moderate Advisory (Aug 6)
 

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security [More...]
  Red Hat: 2015:1544-01: java-1.5.0-ibm: Important Advisory (Aug 4)
 

Updated java-1.5.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Important security [More...]
  Red Hat: 2015:1545-01: node.js: Important Advisory (Aug 4)
 

Updated node.js packages that fix one security issue are now available for Red Hat OpenShift Enterprise 2.1. Red Hat Product Security has rated this update as having Important security [More...]
  Red Hat: 2015:1546-01: node.js: Important Advisory (Aug 4)
 

Updated node.js packages that fix one security issue are now available for Red Hat OpenShift Enterprise 2.0. Red Hat Product Security has rated this update as having Important security [More...]
  Red Hat: 2015:1526-01: java-1.6.0-openjdk: Important Advisory (Jul 30)
 

Updated java-1.6.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security [More...]
  Ubuntu: 2707-1: Firefox vulnerability (Aug 7)
 

Firefox could be made to expose sensitive information from local files.
  Ubuntu: 2705-1: Keystone vulnerabilities (Aug 6)
 

Keystone could be made to expose sensitive information over thenetwork.
  Ubuntu: 2703-1: Cinder vulnerability (Aug 6)
 

Cinder could be made to access unintended files over the network by anauthenticated user.
  Ubuntu: 2704-1: Swift vulnerabilities (Aug 6)
 

Several security issues were fixed in Swift.
  Ubuntu: 2677-1: Oxide vulnerabilities (Aug 4)
 

Several security issues were fixed in Oxide.
  Ubuntu: 2701-1: Linux kernel (Trusty HWE) vulnerabilities (Jul 30)
 

Several security issues were fixed in the kernel.
  Ubuntu: 2700-1: Linux kernel vulnerabilities (Jul 30)
 

Several security issues were fixed in the kernel.
  Ubuntu: 2699-1: HPLIP vulnerability (Jul 30)
 

HPLIP could be tricked into downloading a different GPG key whenperforming printer plugin installations.
  Ubuntu: 2698-1: SQLite vulnerabilities (Jul 30)
 

SQLite could be made to crash or run programs if it processed speciallycrafted queries.
  Ubuntu: 2697-1: Ghostscript vulnerability (Jul 30)
 

Ghostscript could be made to crash or run programs if it processed aspecially crafted file.
  Ubuntu: 2696-1: OpenJDK 7 vulnerabilities (Jul 30)
 

Several security issues were fixed in OpenJDK 7.