Thank you for reading the Linux Advisory Watch Security Newsletter. The purpose of this document is to provide our readers with a quick summary of each week's vendor security bulletins and pointers on methods to improve the security posture of your open source system. Vulnerabilities affect nearly every vendor virtually every week, so be sure to read through to find the updates your distributor have made available.

LinuxSecurity.com Feature Extras:

Password guessing as an attack vector - Using password guessing as an attack vector. Over the years we've been taught a strong password must be long and complex to be considered secure. Some of us have taken that notion to heart and always ensure our passwords are strong. But some don't give a second thought to the complexity or length of our password.

Squid and Digest Authentication - Digest AuthenticationDigest Authentication hashes the password before transmitting over the wire. Essentially it sends a message digest generated from multiple items including username, realm and nonce value. If you want to know more see (RFC 2617).

(Jan 6)

It was discovered that the IPv6 support code in Squid does not properly handle certain DNS responses, resulting in deallocation of an invalid pointer and a daemon crash. [More...]
(Jan 4)

It was discovered that the foomatic-filters, a support package for setting up printers, allowed authenticated users to submit crafted print jobs which would execute shell commands on the print servers. [More...]
(Jan 4)

It was discovered that the Key Distribution Center (KDC) in Kerberos 5 crashes when processing certain crafted requests: CVE-2011-1528 [More...]
(Jan 3)

Several vulnerabilities have been discovered in ffmpeg, a multimedia player, server and encoder. Multiple input validations in the decoders for QDM2, VP5, VP6, VMD and SVQ1 files could lead to the execution of arbitrary code. [More...]
(Jan 1)

It was discovered that cyrus-imapd, a highly scalable mail system designed for use in enterprise environments, is not properly parsing mail headers when a client makes use of the IMAP threading feature. As a result, a NULL pointer is dereferenced which crashes the daemon. An attacker can trigger [More...]
(Dec 31)

It was discovered that OpenIPMI, the Intelligent Platform Management Interface library and tools, used too wide permissions PID file, which allows local users to kill arbitrary processes by writing to this file. [More...]
(Dec 30)

Advisory DSA 2363-1 did not include a package for the Debian 5.0 'Lenny' suite at that time. This update adds that package. The original advisory text follows. [More...]
(Dec 30)

It was discovered that OpenIPMI, the Intelligent Platform Management Interface library and tools, used too wide permissions PID file, which allows local users to kill arbitrary processes by writing to this file. [More...]
(Jan 5)

Multiple vulnerabilities were found in MySQL, some of which may allowexecution of arbitrary code.
(Jan 4)

Multiple vulnerabilities were found in phpMyAdmin, the most severe ofwhich allows the execution of arbitrary PHP code.
Mandriva: 2012:002: t1lib (Jan 2)

A vulnerability has been found and corrected in t1lib: t1lib 5.1.2 and earlier uses an invalid pointer in conjunction with a dereference operation, which allows remote attackers to execute arbitrary code via a specially crafted Type 1 font in a PDF document [More...]
Mandriva: 2012:001: fcgi (Jan 2)

A vulnerability has been found and corrected in fcgi: The FCGI (aka Fast CGI) module 0.70 through 0.73 for Perl, as used by CGI::Fast, uses environment variable values from one request during processing of a later request, which allows remote attackers to bypass [More...]
Mandriva: 2011:198: phpmyadmin (Dec 31)

Multiple vulnerabilities has been found and corrected in phpmyadmin: Importing a specially-crafted XML file which contains an XML entity injection permits to retrieve a local file (limited by the privileges of the user running the web server) (CVE-2011-4107). [More...]
Mandriva: 2011:197: php (Dec 30)

Multiple vulnerabilities has been discovered and corrected in php: Integer overflow in the exif_process_IFD_TAG function in exif.c in the exif extension in PHP 5.4.0beta2 on 32-bit platforms allows remote attackers to read the contents of arbitrary memory locations or [More...]
Ubuntu: 1320-1: FFmpeg vulnerabilities (Jan 5)

FFmpeg could be made to crash or run programs as your login if itopened a specially crafted file.
Ubuntu: 1319-1: Linux kernel (OMAP4) vulnerabilities (Jan 5)

Several security issues were fixed in the kernel.
Ubuntu: 1318-1: Linux kernel (FSL-IMX51) vulnerabilities (Jan 5)

Several security issues were fixed in the kernel.
Ubuntu: 1317-1: Ghostscript vulnerabilities (Jan 4)

Ghostscript could be made to crash or run programs as your login if itopened a specially crafted file.