Thank you for reading the Linux Advisory Watch Security Newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's vendor security bulletins and pointers on
methods to improve the security posture of your open source system.
Vulnerabilities affect nearly every vendor virtually every week, so
be sure to read through to find the updates your distributor have
made available.
|
|
|
Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.22 (Version 3.0, Release 22). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy.
|
|
|
|
(Jan 20) |
|
Rémi Denis-Courmont discovered that dbus, a message bus application, is not properly limiting the nesting level when examining messages with extensive nested variants. This allows an attacker to crash the dbus system daemon due to a call stack overflow via crafted messages. [More...]
|
|
(Jan 17) |
|
The developers of Tor, an anonymizing overlay network for TCP, found three security issues during a security audit. A heap overflow allowed the execution of arbitrary code (CVE-2011-0427), a denial of service vulnerability was found in the zlib compression handling and some key [More...]
|
|
(Jan 16) |
|
Vincent Bernat discovered that pimd, a multicast routing daemon, creates files with predictable names upon the receipt of particular signals. For the stable distribution (lenny), this problem has been fixed in [More...]
|
|
(Jan 16) |
|
D. Fabian and L. Weichselbaum discovered a directory traversal vulnerability in MyDMS, a open-source document management system based on PHP and MySQL. [More...]
|
|
(Jan 15) |
|
Andres Lopez Luksenberg discovered a buffer overflow in the OID parser of libsmi, a library to access SMI MIB data. For the stable distribution (lenny), this problem has been fixed in [More...]
|
|
(Jan 14) |
|
It was discovered that a buffer overflow in the ENTTEC dissector may lead to the execution of arbitrary code. [More...]
|
|
(Jan 14) |
|
Several vulnerabilities have been discovered in the MySQL database server. The Common Vulnerabilities and Exposures project identifies the [More...]
|
|
|
|
(Jan 16) |
|
Due to a world-readable file, a local attacker can obtain the SQLdatabase password used by Prewikka.
|
|
(Jan 16) |
|
An error in the hostname matching of IO::Socket::SSL might enableremote attackers to conduct man-in-the-middle attacks.
|
|
(Jan 16) |
|
The cache manager of OpenAFS contains several bugs resulting in remoteexecution of arbitrary code.
|
|
(Jan 15) |
|
A directory traversal vulnerability has been found in aria2.
|
|
(Jan 14) |
|
Timothy B. Terriberry discovered that libvpx contains an integeroverflow vulnerability in the processing of video streams that mayallow user-assisted execution of arbitrary code.
|
|
(Jan 14) |
|
Tor is vulnerable to a heap-based buffer overflow that may allowarbitrary code execution.
|
|
|
|
Mandriva: 2011:017: tetex (Jan 21) |
|
It was discovered that tetex suffered from the same vulnerability as previousely addressed in Evince with MDVSA-2011:005 (CVE-2010-2642). As a precaution tetex has been patched to address this flaw. Packages for 2009.0 are provided as of the Extended Maintenance [More...]
|
|
Mandriva: 2011:016: t1lib (Jan 21) |
|
It was discovered that t1lib suffered from the same vulnerability as previousely addressed in Evince with MDVSA-2011:005 (CVE-2010-2642). As a precaution t1lib has been patched to address this flaw. Packages for 2009.0 are provided as of the Extended Maintenance [More...]
|
|
Mandriva: 2011:015: pcsc-lite (Jan 20) |
|
A vulnerability has been found and corrected in pcsc-lite: Stack-based buffer overflow in the ATRDecodeAtr function in the Answer-to-Reset (ATR) Handler (atrhandler.c) for pcscd in PCSC-Lite 1.5.3, and possibly other 1.5.x and 1.6.x versions, allows physically [More...]
|
|
Mandriva: 2011:014: ccid (Jan 20) |
|
A vulnerability has been found and corrected in ccid: Signedness error in ccid_serial.c in libccid in the USB Chip/Smart Card Interface Devices (CCID) driver, as used in pcscd in PCSC-Lite 1.5.3 and possibly other products, allows physically proximate attackers to [More...]
|
|
Mandriva: 2011:013: hplip (Jan 19) |
|
A vulnerability has been found and corrected in hplip: A flaw was found in the way certain HPLIP tools discovered devices using the SNMP protocol. If a user ran certain HPLIP tools that search for supported devices using SNMP, and a malicious user is able to send [More...]
|
|
Mandriva: 2011:012: mysql (Jan 17) |
|
Multiple vulnerabilities has been found and corrected in mysql: storage/innobase/dict/dict0crea.c in mysqld in MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (assertion failure) by modifying the (1) innodb_file_format or (2) [More...]
|
|
Mandriva: 2011:011: opensc (Jan 15) |
|
A vulnerability has been found and corrected in opensc: Multiple stack-based buffer overflows in libopensc in OpenSC 0.11.13 and earlier allow physically proximate attackers to execute arbitrary code via a long serial-number field on a smart card, related to [More...]
|
|
Mandriva: 2011:010: xfig (Jan 15) |
|
Multiple vulnerabilities has been found and corrected in xfig: Stack-based buffer overflow in the read_1_3_textobject function in f_readold.c in Xfig 3.2.5b and earlier, and in the read_textobject function in read1_3.c in fig2dev in Transfig 3.2.5a and earlier, [More...]
|
|
Mandriva: 2011:009: gif2png (Jan 14) |
|
A vulnerability has been found and corrected in gif2png: Stack-based buffer overflow in gif2png.c in gif2png 2.5.3 and earlier might allow context-dependent attackers to execute arbitrary code via a long command-line argument, as demonstrated by a CGI program [More...]
|
|
Mandriva: 2011:008: perl-CGI (Jan 14) |
|
A vulnerability has been found and corrected in perl-CGI: Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unknown vectors. NOTE: this issue exists [More...]
|
|
Mandriva: 2011:007: wireshark (Jan 14) |
|
A vulnerability has been found and corrected in wireshark: Buffer overflow in the MAC-LTE dissector (epan/dissectors/packet-mac-lte.c) in Wireshark 1.2.0 through 1.2.13 and 1.4.0 through 1.4.2 allows remote attackers to cause a denial [More...]
|
|
Mandriva: 2011:006: subversion (Jan 14) |
|
Multiple vulnerabilities has been found and corrected in subversion: The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.15, allows remote authenticated users to cause a denial of service (NULL [More...]
|
|
Mandriva: 2011:005: evince (Jan 13) |
|
Multiple vulnerabilities has been found and corrected in evince: Array index error in the PK and VF font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute [More...]
|
|
|
|
Red Hat: 2011:0170-01: libuser: Moderate Advisory (Jan 20) |
|
Updated libuser packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having moderate [More...]
|
|
Red Hat: 2011:0169-01: java-1.5.0-ibm: Critical Advisory (Jan 20) |
|
Updated java-1.5.0-ibm packages that fix multiple security issues and one bug are now available for Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 and 6 Supplementary. [More...]
|
|
Red Hat: 2011:0162-01: kernel: Important Advisory (Jan 18) |
|
Updated kernel packages that fix multiple security issues and two bugs are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having [More...]
|
|
Red Hat: 2011:0163-01: kernel: Important Advisory (Jan 18) |
|
Updated kernel packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having [More...]
|
|
Red Hat: 2011:0164-01: mysql: Moderate Advisory (Jan 18) |
|
Updated mysql packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate [More...]
|
|
Red Hat: 2011:0154-01: hplip: Moderate Advisory (Jan 17) |
|
Updated hplip packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate [More...]
|
|
Red Hat: 2011:0153-01: exim: Moderate Advisory (Jan 17) |
|
Updated exim packages that fix one security issue are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate [More...]
|
|
Red Hat: 2011:0152-01: java-1.4.2-ibm: Moderate Advisory (Jan 17) |
|
Updated java-1.4.2-ibm packages that fix two security issues are now available for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 Supplementary. [More...]
|
|
Red Hat: 2011:0028-01: kvm: Low Advisory (Jan 13) |
|
Updated kvm packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low [More...]
|
|
Red Hat: 2011:0027-01: python: Low Advisory (Jan 13) |
|
Updated python packages that fix multiple security issues, several bugs, and add two enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low [More...]
|
|
Red Hat: 2011:0025-01: gcc: Low Advisory (Jan 13) |
|
Updated gcc packages that fix two security issues and several compiler bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low [More...]
|
|
|
|
SuSE: 2011-004: Linux kernel (Jan 14) |
|
The SUSE Linux Enterprise 11 Service Pack 1 kernel was updated to 2.6.32.27 and fixes various bugs and security issues. Following security issues were fixed: CVE-2010-4258: A local attacker could use a Oops (kernel crash) caused by other flaws to write a 0 byte to a attacker controlled address [More...]
|
|
|
|
Ubuntu: 1046-1: Sudo vulnerability (Jan 20) |
|
Alexander Kurtz discovered that sudo would not prompt for a password whena group was specified in the Runas_Spec. A local attacker could exploitthis to execute arbitrary code as the specified group if sudo wasconfigured to allow the attacker to use a program as this group. The groupRunas_Spec is not used in the default installation of Ubuntu. [More...]
|
|
Ubuntu: 1045-1: FUSE vulnerability (Jan 19) |
|
It was discovered that FUSE could be tricked into incorrectly updating themtab file when mounting filesystems. A local attacker, with access to useFUSE, could unmount arbitrary locations, leading to a denial of service. [More...]
|
|
Ubuntu: 1045-2: util-linux update (Jan 19) |
|
USN-1045-1 fixed vulnerabilities in FUSE. This update to util-linux addssupport for new options required by the FUSE update. [More...]
|
|
Ubuntu: 1044-1: D-Bus vulnerability (Jan 18) |
|
Remi Denis-Courmont discovered that D-Bus did not properly validate thenumber of nested variants when validating D-Bus messages. A local attackercould exploit this to cause a denial of service. [More...]
|
|
Ubuntu: 1042-2: PHP5 regression (Jan 13) |
|
USN-1042-1 fixed vulnerabilities in PHP5. The fix for CVE-2010-3436introduced a regression in the open_basedir restriction handling code.This update fixes the problem. [More...]
|
Jan 21, 2011
•
Anthony Pell
PREVIOUS
NEXT
