Debian: 202307:0011-1 moderate: Multiple Package Security Issues
Hakin9 Magazine - Hacking, IT Security and More Subscribe today and get 10% off! Covers all things hackers need including techniques about breaking into computer systems, defense and protection methods. A great new magazine that'll be sure to keep you on the cutting edge. Want to learn more about the magazine?
Get 10% the regular subscription price if you sign up by the end of June!
LinuxSecurity.com Feature Extras:
Review: Practical Packet Analysis - In the introduction, McIlwraith points out that security awareness training properly consists of communication, raising of issues, and encouragement to modify behaviour. (This will come as no surprise to those who recall the definition of training as the modification of attitudes and behaviour.) He also notes that security professionals frequently concentrate solely on presentation of problems. The remainder of the introduction looks at other major security activities, and the part that awareness plays in ensuring that they actually work.
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to
Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.
| Debian: New Linux kernel 2.6.8 packages fix several | ||
16th, June, 2007
Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.Doug Chapman discovered a potential local DoS (deadlock) in the mincore function caused by improper lock handling. advisories/debian/debian-new-linux-kernel-268-packages-fix-several |
||
| Debian: New PostgreSQL 8.1 packages fix privilege escalation | ||
16th, June, 2007
It was discovered that the PostgreSQL database performs insufficient validation of variables passed to privileged SQL statements, so called "security definers", which could lead to SQL privilege escalation. advisories/debian/debian-new-postgresql-81-packages-fix-privilege-escalation |
||
| Debian: New libexif packages fix integer overflow | ||
16th, June, 2007
A vulnerability has been discovered in libexif, a library to parse EXIF files, which allows denial of service and possible execution of arbitary code via malformed EXIF data. advisories/debian/debian-new-libexif-packages-fix-integer-overflow-58532 |
||
| Debian: New libexif packages fix integer overflow | ||
16th, June, 2007
A vulnerability has been discovered in libexif, a library to parse EXIF files, which allows denial of service and possible execution of arbitary code via malformed EXIF data. advisories/debian/debian-new-libexif-packages-fix-integer-overflow-58532 |
||
| Debian: New PostgreSQL 7.4 packages fix privilege escalation | ||
17th, June, 2007
It was discovered that the PostgreSQL database performs insufficient validation of variables passed to privileged SQL statement called "security definers", which could lead to SQL privilege escalation. advisories/debian/debian-new-postgresql-74-packages-fix-privilege-escalation |
||
| Debian: New libapache-mod-jk packages fix information disclosure | ||
17th, June, 2007
It was discovered that the Apache 1.3 connector for the Tomcat Java servlet engine decoded request URLs multiple times, which can lead to information disclosure. advisories/debian/debian-new-libapache-mod-jk-packages-fix-information-disclosure |
||
| Gentoo: ClamAV Multiple Denials of Service | ||
15th, June, 2007
ClamAV contains several vulnerabilities leading to a Denial of Service. A remote attacker could send a specially crafted file to the scanner, possibly triggering one of the vulnerabilities. The two buffer overflows are reported to only cause Denial of Service. This would lead to a Denial of Service by CPU consumption or a crash of the scanner. The insecure temporary file creation vulnerability could be used by a local user to access sensitive data. |
||
| Mandriva: Updated Firefox packages fix multiple | ||
15th, June, 2007
A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.4. This update provides the latest Firefox to correct these issues. |
||
| Mandriva: Updated Firefox packages fix multiple | ||
16th, June, 2007
A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.4. This update provides the latest Firefox to correct these issues. |
||
| RedHat: Moderate: mod_perl security update | ||
18th, June, 2007
Updated mod_perl packages that fix a security issue are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having moderate security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-moderate-modperl-security-update-2466 |
||
