This week, advisories were released for xine, bitlbee, xastir, samba, yelp, policycoreutils, libtiff, amarok, vlc, mysql, dnsmasq, clamav, tomcat, ipa, postfix, and racoon. The distributors include Debian, Fedora, Gentoo, Mandriva, Red Hat, and Ubuntu.

Linux+DVD Magazine Our magazine is read by professional network and database administrators, system programmers, webmasters and all those who believe in the power of Open Source software. The majority of our readers is between 15 and 40 years old. They are interested in current news from the Linux world, upcoming projects etc.

In each issue you can find information concerning typical use of Linux: safety, databases, multimedia, scientific tools, entertainment, programming, e-mail, news and desktop environments. Feature Extras:

Review: Hacking Exposed Linux, Third Edition - "Hacking Exposed Linux" by ISECOM (Institute for Security and Open Methodologies) is a guide to help you secure your Linux environment. This book does not only help improve your security it looks at why you should. It does this by showing examples of real attacks and rates the importance of protecting yourself from being a victim of each type of attack.

Security Features of Firefox 3.0 - Lets take a look at the security features of the newly released Firefox 3.0. Since it's release on Tuesday I have been testing it out to see how the new security enhancements work and help in increase user browsing security. One of the exciting improvements for me was how Firefox handles SSL secured web sites while browsing the Internet. There are also many other security features that this article will look at. For example, improved plugin and addon security.

Read on for more security features of Firefox 3.0.

Thank you for reading the weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.

EnGarde Secure Community 3.0.20 Now Available (Aug 19)

Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.20 (Version 3.0, Release 20). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy.

In distribution since 2001, EnGarde Secure Community was one of the very first security platforms developed entirely from open source, and has been engineered from the ground-up to provide users and organizations with complete, secure Web functionality, DNS, database, e-mail security and even e-commerce.

Debian: New freetype packages fix multiple vulnerabilities (Sep 10)

An integer overflow allows context-dependent attackers to execute arbitrary code via a crafted set of values within the Private dictionary table in a Printer Font Binary (PFB) file.


Fedora 9 Update: xine-lib-1.1.15-1.fc9 (Sep 10)

This release fixes multiple bugs and security issues: - DoS via corrupted Ogg files (CVE-2008-3231) - multiple possible buffer overflows detailed in oCERT-2008-008 For more details, see: ;group_id=9655 NOTE: A coordinated release with 3rd-party repos was not possible, so this update may result in dependency issues with currently-installed xine-lib-extras-* rpms. This temporary problem will be rectified asap.

Fedora 8 Update: bitlbee-1.2.2-1.fc8 (Sep 10)

Upstream released Bitlbee 1.2.2 with the following changes to the former release: - Security bugfix: It was possible to hijack accounts (without gaining access to the old account, it's simply an overwrite) - Some more stability improvements. - Fixed bug where people with non-lowercase nicks couldn't drop their account. - Easier upgrades of non-forking daemon mode servers (using the DEAF command). - Can be cross-compiled for Win32 now! (No support for SSL yet though, which makes it less useful for now.) - Exponential backoff on auto-reconnect. - Changing passwords gives less confusing feedback ("password is empty") now. Finished 26 Aug 2008

Fedora 9 Update: xastir-1.9.2-9.fc9 (Sep 10)

Multiple insecure temporary file usage flaws were identified in the get- and scripts shipped in xastir packages. As those scripts are not needed with Fedora-distributed xastir packages (they automate installation of libraries used by xastir, which are provided in the Fedora archive in the pre-packaged RPM format), they were removed.

Fedora 9 Update: samba-3.2.3-0.20.fc9 (Sep 10)

Security fix for CVE-2008-3789 detailed in the upstream advisory:

Fedora 9 Update: R-2.7.2-1.fc9 (Sep 10)

Update to R 2.7.2, also fixes security issue with unsafe temp directory handling in javareconf script.

Fedora 8 Update: rpy-1.0.3-3.fc8 (Sep 10)

Update to R 2.7.2, also fixes security issue with unsafe temp directory handling in javareconf script.

Fedora 8 Update: R-2.7.2-1.fc8 (Sep 10)

Update to R 2.7.2, also fixes security issue with unsafe temp directory handling in javareconf script.

Fedora 8 Update: yelp-2.20.0-12.fc8 (Sep 10)

This update fixes a format string vulnerability that was discovered in yelp 2.20.

Fedora 9 Update: policycoreutils-2.0.52-8.fc9 (Sep 10)

Security-enhanced Linux is a feature of the Linux® kernel and a number of utilities with enhanced security functionality designed to add mandatory access controls to Linux. The Security-enhanced Linux kernel contains new architectural components originally developed to improve the security of the Flask operating system. These architectural components provide general support for the enforcement of many kinds of mandatory access control policies, including those based on the concepts of Type Enforcement®, Role-based Access Control, and Multi-level Security.

Fedora 8 Update: libtiff-3.8.2-11.fc8 (Sep 10)

Fixes LZW decoding vulnerabilities described in CVE-2008-2327

Fedora 8 Update: amarok-1.4.10-1.fc8 (Sep 10)

Amarok 1.4.10 has been released to fix a security problem. For more information please see Please update.

Fedora 9 Update: samba-3.2.3-0.20.fc9 (Sep 5)

Security fix for CVE-2008-3789 detailed in the upstream advisory:


Gentoo: Amarok Insecure temporary file creation (Sep 8)

Amarok uses temporary files in an insecure manner, allowing for a symlink attack.

Gentoo: libTIFF User-assisted execution of arbitrary (Sep 8)

Multiple buffer underflow vulnerabilities in libTIFF may allow for the remote execution of arbitrary code.

Gentoo: VLC Multiple vulnerabilities (Sep 7)

Two vulnerabilities in VLC may lead to the remote execution of arbitrary code.

Gentoo: Courier Authentication Library SQL injection (Sep 5)

=3D=3D=3D=3D=3D=3D=3D=3D An SQL injection vulnerability has been discovered in the Courier Authentication Library.

Gentoo: MySQL Privilege bypass (Sep 4)

A vulnerability in MySQL might allow users to bypass privileges and gain access to other databases.

Gentoo: dnsmasq Denial of Service and DNS spoofing (Sep 4)

Two vulnerabilities in dnsmasq might allow for a Denial of Service or spoofing of DNS replies.

Gentoo: yelp User-assisted execution of arbitrary code (Sep 4)

A vulnerability in yelp can lead to the execution of arbitrary code when opening a URI, for example through Firefox.

Mandriva: Subject: [Security Announce] [ MDVSA-2008:190 ] postfix (Sep 10)

A vulnerability in Postfix 2.4 and later was discovered, when running on Linux kernel 2.6, where a local user could cause a denial of service due to Postfix leaking the epoll file descriptor when executing non-Postfix commands (CVE-2008-3889). The updated packages have been patched to correct this issue.

Mandriva: Subject: [Security Announce] [ MDVSA-2008:189 ] clamav (Sep 10)

A number of unspecified vulnerabilities in ClamAV were reported that have an unknown impact and attack vectors related to file descriptor leaks (CVE-2008-3914).

Mandriva: Subject: [Security Announce] [ MDVSA-2008:188 ] tomcat5 (Sep 5)

A number of vulnerabilities have been discovered in the Apache Tomcat server: The default catalina.policy in the JULI logging component did not restrict certain permissions for web applications which could allow a remote attacker to modify logging configuration options and overwrite arbitrary files.

Mandriva: Subject: [Security Announce] [ MDVSA-2008:186 ] python (Sep 4)

Multiple integer overflows were reported by the Google Security Team that had been fixed in Python 2.5.2 (CVE-2008-3143). The Python packages on Corporate 3 have been updated to the latest version 2.3.7, which corrects this issue.

RedHat: Important: libxml2 security update (Sep 11)

A denial of service flaw was found in the way libxml2 processed certain content. If an application linked against libxml2 processed malformed XML content, it could cause the application to use an excessive amount of CPU time and memory, and stop responding. (CVE-2003-1564)

RedHat: Important: libxml2 security update (Sep 11)

Updated libxml2 packages that fix a security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. A heap-based buffer overflow flaw was found in the way libxml2 handled long XML entity names. If an application linked against libxml2 processed untrusted malformed XML content, it could cause the application to crash or, possibly, execute arbitrary code. (CVE-2008-3529) This update has been rated as having important security impact by the Red Hat Security Response Team.

RedHat: Important: ipa security update (Sep 10)

Updated ipa packages that fix a security flaw are now available for Red Hat Enterprise IPA. This update has been rated as having important security impact by the Red Hat Security Response Team.

RedHat: Moderate: redhat-ds-base security and bug fix (Sep 10)

Updated redhat-ds-base packages are now available that fix security issues and various bugs for Red Hat Enterprise IPA. This update has been rated as having moderate security impact by the Red Hat Security Response Team.


Ubuntu: Postfix vulnerabilities (Sep 10)

Wietse Venema discovered that Postfix leaked internal file descriptors when executing non-Postfix commands. A local attacker could exploit this to cause Postfix to run out of descriptors, leading to a denial of service.

Ubuntu: Racoon vulnerabilities (Sep 8)

It was discovered that there were multiple ways to leak memory during the IKE negotiation when handling certain packets. If a remote attacker sent repeated malicious requests, the "racoon" key exchange server could allocate large amounts of memory, possibly leading to a denial of service.