Thank you for reading the Linux Advisory Watch Security Newsletter. The purpose of this document is to provide our readers with a quick summary of each week's vendor security bulletins and pointers on methods to improve the security posture of your open source system. Vulnerabilities affect nearly every vendor virtually every week, so be sure to read through to find the updates your distributor have made available.

LinuxSecurity.com Feature Extras:

Essential tools for hardening and securing Unix based Environments - System administrators are aware as how important their systems security is, not just the runtime of their servers. Intruders, spammers, DDOS attack, crackers, are all out there trying to get into people's computers, servers and everywhere they can lay hands on and interrupt the normal runtime of services.

Securing a Linux Web Server - With the significant prevalence of Linux web servers globally, security is often touted as a strength of the platform for such a purpose. However, a Linux based web server is only as secure as its configuration and very often many are quite vulnerable to compromise. While specific configurations vary wildly due to environments or specific use, there are various general steps that can be taken to insure basic security considerations are in place.


  Debian: 3274-1: virtualbox: Summary (May 28)
 

Security Report Summary

  Debian: 3268-2: ntfs-3g: Summary (May 26)
 

Security Report Summary

  Debian: 3273-1: tiff: Summary (May 25)
 

Security Report Summary

  Debian: 3265-2: zendframework: Summary (May 24)
 

Security Report Summary

  Debian: 3272-1: ipsec-tools: Summary (May 23)
 

Security Report Summary

  Debian: 3271-1: nbd: Summary (May 23)
 

Security Report Summary

  Debian: 3270-1: postgresql-9.4: Summary (May 22)
 

Security Report Summary

  Debian: 3269-1: postgresql-9.1: Summary (May 22)
 

Security Report Summary

  Debian: 3268-1: ntfs-3g: Summary (May 22)
 

Security Report Summary

  Debian: 3267-1: chromium-browser: Summary (May 22)
 

Security Report Summary

  Debian: 3266-1: fuse: Summary (May 21)
 

Security Report Summary


  Fedora 21 mingw-LibRaw-0.16.2-1.fc21 (May 28)
 

Update to version 0.16.2, see https://www.libraw.org/download#changelog for details.Update to version 0.16.1, see https://www.libraw.org/download#changelog for details.Security fix for CVE-2015-3885.

  Fedora 21 LibRaw-0.16.2-1.fc21 (May 28)
 

Latest upstream bugfix.Fixed dcraw vulnerability in ljpeg_start()

  Fedora 20 ca-certificates-2015.2.4-1.0.fc20 (May 27)
 

This is an update to the set of CA certificates released with NSS version 3.18.1However, the package modifies the CA list to keep several legacy CAs still trusted for compatibility reasons. Please refer to the project URL for details.If you prefer to use the unchanged list provided by Mozilla, and if you accept any compatibility issues it may cause, an administrator may configure the system by executing the "ca-legacy disable" command.This update adds a manual page for the ca-legacy command.This update changes the names of the possible values in the ca-legacy configuration file. It still uses the term legacy=disable to override the compatibility option and follow the upstream Mozilla.org decision. However it now uses the term legacy=default for the default configuration, to make it more obvious that the legacy certificates won't be kept enabled forever.

  Fedora 20 openslp-1.2.1-22.fc20 (May 27)
 

openslp: denial of service vulnerability (CVE-2010-3609)

  Fedora 20 hostapd-2.4-2.fc20 (May 27)
 

Security update for integer underflow in AP mode WMM Action frame processing.

  Fedora 22 postgresql-9.4.2-1.fc22 (May 27)
 

update to 9.4.2 per release notes

  Fedora 20 php-5.5.25-1.fc20 (May 27)
 

14 May 2015, **PHP 5.5.25****Core:*** Fixed bug #69364 (PHP Multipart/form-data remote dos Vulnerability). (Stas)* Fixed bug #69403 (str_repeat() sign mismatch based memory corruption). (Stas)* Fixed bug #69418 (CVE-2006-7243 fix regressions in 5.4+). (Stas)* Fixed bug #69522 (heap buffer overflow in unpack()). (Stas)* Fixed bug #69467 (Wrong checked for the interface by using Trait). (Laruence)* Fixed bug #69420 (Invalid read in zend_std_get_method). (Laruence)* Fixed bug #60022 ("use statement [...] has no effect" depends on leading backslash). (Nikita)* Fixed bug #67314 (Segmentation fault in gc_remove_zval_from_buffer). (Dmitry)* Fixed bug #68652 (segmentation fault in destructor). (Dmitry)* Fixed bug #69419 (Returning compatible sub generator produces a warning). (Nikita)* Fixed bug #69472 (php_sys_readlink ignores misc errors from GetFinalPathNameByHandleA). (Jan Starke)**FTP:*** Fixed bug #69545 (Integer overflow in ftp_genlist() resulting in heap overflow). (Stas)**ODBC:*** Fixed bug #69474 (ODBC: Query with same field name from two tables returns incorrect result). (Anatol)* Fixed bug #69381 (out of memory with sage odbc driver). (Frederic Marchall, Anatol Belski)**OpenSSL:*** Fixed bug #69402 (Reading empty SSL stream hangs until timeout). (Daniel Lowrey)**PCNTL:*** Fixed bug #68598 (pcntl_exec() should not allow null char). (Stas)**Phar:*** Fixed bug #69453 (Memory Corruption in phar_parse_tarfile when entry filename starts with null). (Stas)

  Fedora 21 php-5.6.9-1.fc21 (May 27)
 

14 May 2015, **PHP 5.6.9**Core:* Fixed bug #69467 (Wrong checked for the interface by using Trait). (Laruence)* Fixed bug #69420 (Invalid read in zend_std_get_method). (Laruence)* Fixed bug #60022 ("use statement [...] has no effect" depends on leading backslash). (Nikita)* Fixed bug #67314 (Segmentation fault in gc_remove_zval_from_buffer). (Dmitry)* Fixed bug #68652 (segmentation fault in destructor). (Dmitry)* Fixed bug #69419 (Returning compatible sub generator produces a warning). (Nikita)* Fixed bug #69472 (php_sys_readlink ignores misc errors from GetFinalPathNameByHandleA). (Jan Starke)* Fixed bug #69364 (PHP Multipart/form-data remote dos Vulnerability). (Stas)* Fixed bug #69403 (str_repeat() sign mismatch based memory corruption). (Stas)* Fixed bug #69418 (CVE-2006-7243 fix regressions in 5.4+). (Stas)* Fixed bug #69522 (heap buffer overflow in unpack()). (Stas)FTP:* Fixed bug #69545 (Integer overflow in ftp_genlist() resulting in heap overflow). (Stas)ODBC:* Fixed bug #69354 (Incorrect use of SQLColAttributes with ODBC 3.0). (Anatol)* Fixed bug #69474 (ODBC: Query with same field name from two tables returns incorrect result). (Anatol)* Fixed bug #69381 (out of memory with sage odbc driver). (Frederic Marchall, Anatol Belski)OpenSSL:* Fixed bug #69402 (Reading empty SSL stream hangs until timeout). (Daniel Lowrey)PCNTL:* Fixed bug #68598 (pcntl_exec() should not allow null char). (Stas)PCRE:* Upgraded pcrelib to 8.37.Phar:* Fixed bug #69453 (Memory Corruption in phar_parse_tarfile when entry filename starts with null). (Stas)

  Fedora 22 rawtherapee-4.2-9.fc22 (May 27)
 

Security fix for CVE-2015-3885 (dcraw input sanitization), bz #1221257

  Fedora 20 java-1.8.0-openjdk-1.8.0.45-38.b14.fc20 (May 27)
 

updated to 8u45-b14 with hope to fix rhbz#1123870This update adds debugging information to all the Java code included in the JDK, make it easier to debug the code.

  Fedora 21 hostapd-2.4-2.fc21 (May 27)
 

Security update for integer underflow in AP mode WMM Action frame processing.

  Fedora 20 kernel-3.19.8-100.fc20 (May 25)
 

The 3.19.8 update contains a number of important fixes across the treeThe 3.19.7 update contains a number of important updates across the treeThe 3.19.6 stable updates contains a number of important fixes across the tree

  Fedora 22 wordpress-4.2.2-1.fc22 (May 25)
 

**WordPress 4.2.2 Security and Maintenance Release*** Upstream announcement https://wordpress.org/news/2015/05/wordpress-4-2-2/

  Fedora 22 java-1.8.0-openjdk-1.8.0.45-38.b14.fc22 (May 25)
 

updated to 8u45-b14. fixes rhbz#1123870

  Fedora 22 php-ZendFramework2-2.3.8-1.fc22 (May 25)
 

* **ZF2015-04**: Zend\Mail and Zend\Http were both susceptible to CRLF Injection Attack vectors (for HTTP, this is often referred to as HTTP Response Splitting). Both components were updated to perform header value validations to ensure no values contain characters not detailed in their corresponding specifications, and will raise exceptions on detection. Each also provides new facilities for both validating and filtering header values prior to injecting them into header classes. If you use either Zend\Mail or Zend\Http (which includes users of Zend\Mvc), we recommend upgrading immediately.

  Fedora 22 quassel-0.11.0-2.fc22 (May 25)
 

Security fix BZ1205130 - patch for CTCP Denial of Service

  Fedora 22 xen-4.5.0-9.fc22 (May 25)
 

Privilege escalation via emulated floppy disk drive [XSA-133, CVE-2015-3456] (#1221153)

  Fedora 22 phpMyAdmin-4.4.6.1-1.fc22 (May 25)
 

phpMyAdmin 4.4.6.1 (2015-05-13)=============================== - [security] CSRF vulnerability in setup - [security] Vulnerability allowing man-in-the-middle attack

  Fedora 22 firefox-38.0-4.fc22 (May 25)
 

Update to new upstream.

  Fedora 22 thunderbird-31.7.0-1.fc22 (May 25)
 

Update to new upstream.

  Fedora 20 mingw-LibRaw-0.15.4-5.fc20 (May 25)
 

Security fix for CVE-2015-3885

  Fedora 22 qemu-2.3.0-4.fc22 (May 25)
 

* CVE-2015-3456: (VENOM) fdc: out-of-bounds fifo buffer memory access (bz #1221152)

  Fedora 22 php-5.6.9-1.fc22 (May 25)
 

14 May 2015, **PHP 5.6.9**Core:* Fixed bug #69467 (Wrong checked for the interface by using Trait). (Laruence)* Fixed bug #69420 (Invalid read in zend_std_get_method). (Laruence)* Fixed bug #60022 ("use statement [...] has no effect" depends on leading backslash). (Nikita)* Fixed bug #67314 (Segmentation fault in gc_remove_zval_from_buffer). (Dmitry)* Fixed bug #68652 (segmentation fault in destructor). (Dmitry)* Fixed bug #69419 (Returning compatible sub generator produces a warning). (Nikita)* Fixed bug #69472 (php_sys_readlink ignores misc errors from GetFinalPathNameByHandleA). (Jan Starke)* Fixed bug #69364 (PHP Multipart/form-data remote dos Vulnerability). (Stas)* Fixed bug #69403 (str_repeat() sign mismatch based memory corruption). (Stas)* Fixed bug #69418 (CVE-2006-7243 fix regressions in 5.4+). (Stas)* Fixed bug #69522 (heap buffer overflow in unpack()). (Stas)FTP:* Fixed bug #69545 (Integer overflow in ftp_genlist() resulting in heap overflow). (Stas)ODBC:* Fixed bug #69354 (Incorrect use of SQLColAttributes with ODBC 3.0). (Anatol)* Fixed bug #69474 (ODBC: Query with same field name from two tables returns incorrect result). (Anatol)* Fixed bug #69381 (out of memory with sage odbc driver). (Frederic Marchall, Anatol Belski)OpenSSL:* Fixed bug #69402 (Reading empty SSL stream hangs until timeout). (Daniel Lowrey)PCNTL:* Fixed bug #68598 (pcntl_exec() should not allow null char). (Stas)PCRE:* Upgraded pcrelib to 8.37.Phar:* Fixed bug #69453 (Memory Corruption in phar_parse_tarfile when entry filename starts with null). (Stas)

  Fedora 20 LibRaw-0.15.4-2.fc20 (May 25)
 

Patch for ljpeg_start() vulnerability.

  Fedora 20 xen-4.3.4-4.fc20 (May 25)
 

Privilege escalation via emulated floppy disk drive [XSA-133, CVE-2015-3456] (#1221153)

  Fedora 22 LibRaw-0.16.2-1.fc22 (May 25)
 

Latest upstream bugfix.Fixed dcraw vulnerability in ljpeg_start()

  Fedora 22 suricata-2.0.8-1.fc22 (May 25)
 

This update fixes a bug in the DER parser which is used todecode SSL/TLS certificates could crash Suricata. Also, those processing large numbers of (untrusted) pcap files need to updateas a malformed pcap could crash Suricata.

  Fedora 21 xen-4.4.2-4.fc21 (May 25)
 

Privilege escalation via emulated floppy disk drive [XSA-133, CVE-2015-3456] (#1221153)

  Fedora 22 mingw-LibRaw-0.16.1-1.fc22 (May 25)
 

Update to version 0.16.1, see https://www.libraw.org/download#changelog for details.Security fix for CVE-2015-3885.

  Fedora 22 openstack-glance-2014.2.3-1.fc22 (May 25)
 

Update to upstream 2014.2.3

  Fedora 22 hostapd-2.4-2.fc22 (May 25)
 

Security update for integer underflow in AP mode WMM Action frame processing.

  Fedora 22 mingw-LibRaw-0.16.2-1.fc22 (May 25)
 

Update to version 0.16.2, see https://www.libraw.org/download#changelog for details.Update to version 0.16.1, see https://www.libraw.org/download#changelog for details.Security fix for CVE-2015-3885.

  Fedora 21 libarchive-3.1.2-11.fc21 (May 22)
 

Security fix for bug 1216891

  Fedora 20 qemu-1.6.2-14.fc20 (May 22)
 

* CVE-2015-3456: (VENOM) fdc: out-of-bounds fifo buffer memory access (bz #1221152)


  Red Hat: 2015:1031-01: qemu-kvm: Important Advisory (May 27)
 

Updated qemu-kvm packages that fix one security issue are now available for Red Hat Enterprise Linux 6.5 Extended Update Support. Red Hat Product Security has rated this update as having Important security [More...]

  Red Hat: 2015:1030-01: kernel: Important Advisory (May 27)
 

Updated kernel packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 6.4 Advanced Update Support. Red Hat Product Security has rated this update as having Important security [More...]

  Red Hat: 2015:1023-01: chromium-browser: Important Advisory (May 25)
 

Updated chromium-browser packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having Important security [More...]


  Ubuntu: 2617-3: NTFS-3G vulnerability (May 27)
 

NTFS-3G could be made to overwrite files as the administrator.

  Ubuntu: 2622-1: OpenLDAP vulnerabilities (May 26)
 

OpenLDAP could be made to crash if it received specially crafted networktraffic.

  Ubuntu: 2621-1: PostgreSQL vulnerabilities (May 25)
 

Several security issues were fixed in PostgreSQL.

  Ubuntu: 2620-1: Linux kernel vulnerability (May 23)
 

The system could be made to crash under certain conditions.

  Ubuntu: 2619-1: Linux kernel (Trusty HWE) vulnerability (May 23)
 

The system could be made to crash under certain conditions.

  Ubuntu: 2617-2: NTFS-3G vulnerability (May 22)
 

NTFS-3G could be made to overwrite files as the administrator.

  Ubuntu: 2618-1: python-dbusmock vulnerability (May 21)
 

python-dbusmock could be tricked into running arbitrary programs.

  Ubuntu: 2609-1: Apport vulnerabilities (May 21)
 

Apport could be tricked into creating arbitrary files as an administrator,resulting in privilege escalation.

  Ubuntu: 2617-1: FUSE vulnerability (May 21)
 

FUSE could be made to overwrite files as the administrator.

  Ubuntu: 2610-1: Oxide vulnerabilities (May 21)
 

Several security issues were fixed in Oxide.