LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: November 21st, 2014
Linux Security Week: November 17th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Linux Advisory Watch: May 6th 2005 Print E-mail
User Rating:      How can I rate this item?
Source: LinuxSecurity.com Contributors - Posted by Benjamin D. Thomas   
Linux Advisory Watch This week, perhaps the most interesting articles include ethereal, prozilla, smartlist, kdewebdev, wireless-tools, gimp, bootparamd, tcpdump, kdelibs, vte, php, words, util-linux, lapack, gnuutils, and glibc. The distributors include Conectiva, Debian, Fedora, Gentoo, and Red Hat.


Internet Productivity Suite: Open Source Security - Trust Internet Productivity Suite's open source architecture to give you the best security and productivity applications available. Collaborating with thousands of developers, Guardian Digital security engineers implement the most technologically advanced ideas and methods into their design.

Review: The Book of Postfix: State-of-the-Art Message Transport
By: Pete O'Hara

I was very impressed with "The Book of Postfix" by authors Ralf Hildebrandt and Patrick Koetter and feel that it is an incredible Postfix reference. It gives a great overall view of the operation and management of Postfix in an extremely systematic and practical format. It flows in a logical manner, is easy to follow and the authors did a great job of explaining topics with attention paid to real world applications and how to avoid many of the associated pitfalls. I am happy to have this reference in my collection.

The authors have taken the time to clearly answer the key questions that are of real practical value. There is no excessive or superflous material here that, although may good to know, won't divert attention from the topic of configuring a solid MTA. The book is very well focused and the authors' hard work is obvious. There are sections where someone else may have left good enough alone but they went the extra mile to make sure that this book answered the important questions fully.

"The Book of Postfix" starts with "A Postmaster's Primer To Email" and continues through all of the key topics in a sensible progression so that even if you are fairly new to administering email you are taught in a sequential manner that promotes understanding. The comprehensive list of topics encompasses single and multiple domain servers, dial-ups, SMTP restrictions, internal and external content filters, mail gateways, SMTP proxy, SMTP authentication, SASL, LDAP, SQL integration, Transport Layer Security, chroots, rate limiting, performance tuning, and trouble shooting. It covers a good amount of ground.

The numerous "NOTE" and "CAUTION" sections provide great additional detail to real world scenarious that I found extremely relevant and useful. For each topic there is also an invaluable "TESTING" section so that you can verify for yourself that you are in fact getting the expected behavior. The imperative topic of security is always kept in mind in the confugrations and the accompanying diagrams and flow charts do an excellent job of enhancing the text and providing extra clarity.

Read complete review:
http://www.linuxsecurity.com/content/view/119027/49/

 

LinuxSecurity.com Feature Extras:

Getting to Know Linux Security: File Permissions - Welcome to the first tutorial in the 'Getting to Know Linux Security' series. The topic explored is Linux file permissions. It offers an easy to follow explanation of how to read permissions, and how to set them using chmod. This guide is intended for users new to Linux security, therefore very simple. If the feedback is good, I'll consider creating more complex guides for advanced users. Please let us know what you think and how these can be improved.

The Tao of Network Security Monitoring: Beyond Intrusion Detection - To be honest, this was one of the best books that I've read on network security. Others books often dive so deeply into technical discussions, they fail to provide any relevance to network engineers/administrators working in a corporate environment. Budgets, deadlines, and flexibility are issues that we must all address. The Tao of Network Security Monitoring is presented in such a way that all of these are still relevant.

Encrypting Shell Scripts - Do you have scripts that contain sensitive information like passwords and you pretty much depend on file permissions to keep it secure? If so, then that type of security is good provided you keep your system secure and some user doesn't have a "ps -ef" loop running in an attempt to capture that sensitive info (though some applications mask passwords in "ps" output).

 

Take advantage of our Linux Security discussion list! This mailing list is for general security-related questions and comments. To subscribe send an e-mail to security-discuss-request@linuxsecurity.com with "subscribe" as the subject.

Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.


   Conectiva
  Conectiva: kernel Kernel update
  2nd, May, 2005

The Linux kernel is responsible for handling the basic functions of the GNU/Linux operating system.

http://www.linuxsecurity.com/content/view/119036
 
   Debian
  Debian: New ethereal packages fix buffer overflow
  28th, April, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119006
 
  Debian: New prozilla packages fix arbitrary code execution
  28th, April, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119007
 
  Debian: New ethereal packages fix buffer overflow
  28th, April, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119009
 
  Debian: New smartlist packages fix unauthorised un/subscription
  3rd, May, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119045
 
   Fedora
  Fedora Core 3 Update: kdewebdev-3.3.1-2.1
  28th, April, 2005

Updated package

http://www.linuxsecurity.com/content/view/119013
 
  Fedora Core 3 Update: wireless-tools-27-2.2.0.fc3
  28th, April, 2005

Fix iwlist command for devices that need more time to scan all their channels (ie Atheros 5212abg cards)

http://www.linuxsecurity.com/content/view/119016
 
  Fedora Core 3 Update: spamassassin-3.0.3-3.fc3
  29th, April, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119020
 
  Fedora Core 3 Update: gimp-2.2.6-0.fc3.2
  30th, April, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119025
 
  Fedora Core 3 Update: bootparamd-0.17-19.FC3
  2nd, May, 2005

Updated package

http://www.linuxsecurity.com/content/view/119032
 
  Fedora Core 3 Update: tcpdump-3.8.2-8.FC3
  2nd, May, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119033
 
  Fedora Core 3 Update: kdelibs-3.3.1-2.12.FC3
  2nd, May, 2005

A buffer overflow was found in the kimgio library for KDE 3.3.1. An attacker could create a carefully crafted PCX image in such a way that it would cause kimgio to execute arbitrary code when processing the image.

http://www.linuxsecurity.com/content/view/119034
 
  Fedora Core 3 Update: vte-0.11.13-1.fc3
  2nd, May, 2005

A whole bunch of upstream fixes for speed, rendering glitches and memory use reduction.

http://www.linuxsecurity.com/content/view/119037
 
  Fedora Core 3 Update: perl-5.8.5-12.FC3
  2nd, May, 2005

Security and packaging fixes.

http://www.linuxsecurity.com/content/view/119038
 
  Fedora Core 3 Update: php-4.3.11-2.5
  3rd, May, 2005

This update fixes a compatibility issue between the PHP "snmp" extension (in the php-snmp package) and the recent upgrade of the net-snmp library=20 to version 5.2.1

http://www.linuxsecurity.com/content/view/119044
 
  Fedora Core 3 Update: policycoreutils-1.18.1-2.12
  3rd, May, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119046
 
  Fedora Core 3 Update: words-3.0-2.3
  4th, May, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119052
 
  Fedora Core 3 Update: util-linux-2.12a-24.1
  4th, May, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119053
 
  Fedora Core 3 Update: system-config-bind-4.0.0-11
  4th, May, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119054
 
  Fedora Core 3 Update: dhcp-3.0.1-42_FC3
  4th, May, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119055
 
  Fedora Core 3 Update: lapack-3.0-26.fc3
  5th, May, 2005

This update fixes problems in some lapack libraries (problems with compiler optimalization). This version contains all patches present in fc4 lapack version.

http://www.linuxsecurity.com/content/view/119060
 
  Fedora Core 3 Update: system-config-bind-4.0.0-12
  5th, May, 2005

Updated package.

http://www.linuxsecurity.com/content/view/119061
 
  Fedora Core 3 Update: gnutls-1.0.20-3.1.1
  5th, May, 2005

New gnutls version fixes CAN-2005-1431 problem (possible DOS attack)

http://www.linuxsecurity.com/content/view/119062
 
   Gentoo
  Gentoo: Heimdal Buffer overflow vulnerabilities
  28th, April, 2005

Buffer overflow vulnerabilities have been found in the telnet client in Heimdal which could lead to execution of arbitrary code.

http://www.linuxsecurity.com/content/view/119008
 
  Gentoo: Pound Buffer overflow vulnerability
  30th, April, 2005

Pound is vulnerable to a buffer overflow that could lead to the remote execution of arbitrary code.

http://www.linuxsecurity.com/content/view/119022
 
  Gentoo: eGroupWare XSS and SQL injection vulnerabilities
  30th, April, 2005

eGroupWare is affected by several SQL injection and cross-site scripting (XSS) vulnerabilities.

http://www.linuxsecurity.com/content/view/119023
 
  Gentoo: phpMyAdmin Insecure SQL script installation
  30th, April, 2005

phpMyAdmin leaves the SQL install script with insecure permissions, potentially leading to a database compromise.

http://www.linuxsecurity.com/content/view/119024
 
  Gentoo: Horde Framework Multiple XSS vulnerabilities
  1st, May, 2005

Various modules of the Horde Framework are vulnerable to multiple cross-site scripting (XSS) vulnerabilities.

http://www.linuxsecurity.com/content/view/119026
 
  Gentoo: Oops! Remote code execution
  5th, May, 2005

The Oops! proxy server contains a remotely exploitable format string vulnerability, which could potentially lead to the execution of arbitrary code.

http://www.linuxsecurity.com/content/view/119063
 
   Red Hat
  RedHat: Low: glibc security update
  28th, April, 2005

Updated glibc packages that address several bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/119010
 
  RedHat: Important: kernel security update
  28th, April, 2005

Updated kernel packages are now available as part of ongoing support and maintenance of Red Hat Enterprise Linux version 2.1. This is the seventh regular update. This security advisory has been rated as having important security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/119011
 
  RedHat: Important: kernel security update
  28th, April, 2005

Updated kernel packages are now available as part of ongoing support and maintenance of Red Hat Enterprise Linux version 2.1 for 64-bit architectures. This is the seventh regular update. This security advisory has been rated as having important security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/119012
 
  RedHat: Important: Mozilla security update
  28th, April, 2005

Updated Mozilla packages that fix various security bugs are now available. This update has been rated as having Important security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/119014
 
  RedHat: Moderate: PHP security update
  28th, April, 2005

Updated PHP packages that fix various security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/119015
 
  RedHat: Low: nasm security update
  4th, May, 2005

An updated nasm package that fixes multiple security issues is now available. This update has been rated as having low security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/119049
 
  RedHat: Moderate: evolution security update
  4th, May, 2005

Updated evolution packages that fix various security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/119050
 
  RedHat: Moderate: PHP security update
  4th, May, 2005

Updated PHP packages that fix various security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

http://www.linuxsecurity.com/content/view/119051
 
   
   
 

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Google Removes SSLv3 Fallback Support From Chrome
Hacker Lexicon: What Is End-to-End Encryption?
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.