Thank you for reading the Linux Advisory Watch Security Newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's vendor security bulletins and pointers on
methods to improve the security posture of your open source system.
Vulnerabilities affect nearly every vendor virtually every week, so
be sure to read through to find the updates your distributor have
made available.
LinuxSecurity.com Feature Extras:
Review: The Official Ubuntu Book - If you haven't used Linux before, are new to Ubuntu, or would like a quick update on the latest in open source advancements for the desktop, then The Official Ubuntu Book is a great place to start. Authored by a group of some of the most experienced open source administrators and developers, this 400-page user guide details everything you need to know about how to make the most of your Ubuntu, Kubuntu (Ubuntu with KDE), and Xubuntu (Ubuntu with Xfce) computer.
Review: Zabbix 1.8 Network Monitoring - If you have anything more than a small home network, you need to be monitoring the status of your systems to ensure they are providing the services they were designed to provide. Rihards Olups has created a comprehensive reference and usability guide for the latest version of Zabbix that anyone being tasked with implementing should have by their side.
|
|
|
Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.22 (Version 3.0, Release 22). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy.
|
|
|
|
(Dec 31) |
|
Several vulnerabilities have been discovered in phpMyAdmin, a tool to administer MySQL over the web. The Common Vulnerabilities and Exposures project identifies the following problems: [More...]
|
|
(Dec 29) |
|
Vladimir Kolesnikov discovered a SQL injection vulnerability in wordpress, a weblog manager. An authenticated users could execute arbitrary SQL commands via the Send Trackbacks field. [More...]
|
|
(Dec 26) |
|
Yang Dingning discovered a double free in libxml's Xpath processing, which might allow the execution of arbitrary code. [More...]
|
|
|
|
Mandriva: 2010:260: libxml2 (Dec 29) |
|
A vulnerability was discovered and corrected in libxml2: A double free vulnerability in libxml2 (xpath.c) allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling (CVE-2010-4494). [More...]
|
|
Mandriva: 2010:251-2: firefox (Dec 24) |
|
Security issues were identified and fixed in firefox: Security researchers Yosuke Hasegawa and Masatoshi Kimura reported that the x-mac-arabic, x-mac-farsi and x-mac-hebrew character encodings are vulnerable to XSS attacks due to some characters being converted to [More...]
|
|
Mandriva: 2010:251-1: firefox (Dec 24) |
|
Security issues were identified and fixed in firefox: Security researchers Yosuke Hasegawa and Masatoshi Kimura reported that the x-mac-arabic, x-mac-farsi and x-mac-hebrew character encodings are vulnerable to XSS attacks due to some characters being converted to [More...]
|
|
|
|
(Dec 27) |
|
New pidgin packages are available for Slackware 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix a denial of service security issue. [More Info...]
|
|
(Dec 24) |
|
New php packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix security issues. [More Info...]
|
|
(Dec 24) |
|
New proftpd packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix security issues. [More Info...]
|
Jan 01, 2011
•
Anthony Pell
PREVIOUS
NEXT
