Linux Advisory Watch: March 27th, 2009 - The Community's Center for Security


The central voice for Linux and Open Source security news

Welcome!

Sign up!

EnGarde Community

Polls

What is the most important Linux security technology?

	SELinux
	grsecurity
	CIS Benchmark
	Bastille Linux
	iptables
	LIDS

Advisories

Community

Linux Events

Linux User Groups

Link to Us

Security Center

Book Reviews

Security Dictionary

Security Tips

SELinux

White Papers

Featured Blogs

All About Linux

DanWalsh LiveJournal

Securitydistro

Latest Newsletters

Linux Advisory Watch: February 10th, 2012

Linux Security Week: February 6th, 2012

LinuxSecurity Newsletters

RSS Feeds

Get the LinuxSecurity news you want faster with RSS

Linux Advisory Watch: March 27th, 2009

User Rating:

How can I rate this item?

Source: LinuxSecurity.com Contributors - Posted by Benjamin D. Thomas

This week, advisories were released for systemtap, lcms, webcit, xulrunner, libpng, libsoup, glib, ghostscript, java, argyllcms, phpmyadmin, compiz-fusion, openjdk, postgresql, drupal, squid, muttprint, ffmpeg, pam, evolution, drakconf, dhcp, and thunderbird. The distributors include Debian, Fedora, Gentoo, Mandriva, Red Hat, Ubuntu, and Pardus.

Linux+DVD Magazine Our magazine is read by professional network and database administrators, system programmers, webmasters and all those who believe in the power of Open Source software. The majority of our readers is between 15 and 40 years old. They are interested in current news from the Linux world, upcoming projects etc.

In each issue you can find information concerning typical use of Linux: safety, databases, multimedia, scientific tools, entertainment, programming, e-mail, news and desktop environments.

LinuxSecurity.com Feature Extras:

Review: Googling Security: How Much Does Google Know About You - If I ask "How much do you know about Google?" You may not take even a second to respond. But if I may ask "How much does Google know about you"? You may instantly reply "Wait... what!? Do they!?" The book "Googling Security: How Much Does Google Know About You" by Greg Conti (Computer Science Professor at West Point) is the first book to reveal how Google's vast information stockpiles could be used against you or your business – and what you can do to protect yourself.

A Secure Nagios Server - Nagios is a monitoring software designed to let you know about problems on your hosts and networks quickly. You can configure it to be used on any network. Setting up a Nagios server on any Linux distribution is a very quick process however to make it a secure setup it takes some work. This article will not show you how to install Nagios since there are tons of them out there but it will show you in detail ways to improve your Nagios security.

Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.

	EnGarde Secure Community 3.0.22 Now Available! (Dec 9)
	Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.22 (Version 3.0, Release 22). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy. http://www.linuxsecurity.com/content/view/145668

	Debian: New systemtap packages fix local privilege escalation (Mar 25)
	Erik Sjoelund discovered that a race condition in the stap tool shipped by Systemtap, an instrumentation system for Linux 2.6, allows local privilege escalation for members of the stapusr group. http://www.linuxsecurity.com/content/view/148378
	Debian: New lcms packages fix regression (Mar 25)
	Several security issues have been discovered in lcms, a color management library. http://www.linuxsecurity.com/content/view/148363
	Debian: New webcit packages fix potential remote code execution (Mar 23)
	Wilfried Goesgens discovered that WebCit, the web-based user interface for the Citadel groupware system, contains a format string vulnerability in the mini_calendar component, possibly allowing arbitrary code execution (CVE-2009-0364). http://www.linuxsecurity.com/content/view/148344
	Debian: New xulrunner packages fix several vulnerabilities (Mar 22)
	Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser. http://www.linuxsecurity.com/content/view/148336
	Debian: New libpng packages fix several vulnerabilities (Mar 22)
	Several vulnerabilities have been discovered in libpng, a library for reading and writing PNG files. http://www.linuxsecurity.com/content/view/148335
	Debian: New Linux 2.6.26 packages fix several vulnerabilities (Mar 20)
	Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. http://www.linuxsecurity.com/content/view/148326
	Debian: New libsoup packages fix arbitrary code execution (Mar 20)
	It was discovered that libsoup, an HTTP library implementation in C, handles large strings insecurely via its Base64 encoding functions. This could possibly lead to the execution of arbitrary code. http://www.linuxsecurity.com/content/view/148320
	Debian: New glib2.0 packages fix arbitrary code execution (Mar 20)
	Diego Petten discovered that glib2.0, the GLib library of C routines, handles large strings insecurely via its Base64 encoding functions. This could possible lead to the execution of arbitrary code. http://www.linuxsecurity.com/content/view/148319
	Debian: New ghostscript packages fix arbitrary code execution (Mar 20)
	Two security issues have been discovered in ghostscript, the GPL Ghostscript PostScript/PDF interpreter. http://www.linuxsecurity.com/content/view/148317
	Debian: New lcms packages fix arbitrary code execution (Mar 20)
	Several security issues have been discovered in lcms, a color management library. http://www.linuxsecurity.com/content/view/148316

	Fedora 9 Update: java-1.6.0-openjdk-1.6.0.0-0.23.b09.fc9 (Mar 25)
	lcms in OpenJDK upgraded to 1.18 fixing many related security issues. http://www.linuxsecurity.com/content/view/148377
	Fedora 9 Update: argyllcms-1.0.3-3.fc9 (Mar 25)
	Multiple integer overflows were found in the International Color Consortium Format Library (icclib). An attacker could use this flaw to potentially execute arbitrary code by requesting to translate a specially- crafted image file created on one device into another's device native color space via a device file. http://www.linuxsecurity.com/content/view/148376
	Fedora 10 Update: argyllcms-1.0.3-3.fc10 (Mar 25)
	Multiple integer overflows were found in the International Color Consortium Format Library (icclib). An attacker could use this flaw to potentially execute arbitrary code by requesting to translate a specially- crafted image file created on one device into another's device native color space via a device file. http://www.linuxsecurity.com/content/view/148375
	Fedora 10 Update: phpMyAdmin-3.1.3.1-1.fc10 (Mar 25)
	Improvements for 3.1.3.1: - [security] HTTP Response Splitting and file inclusion vulnerabilities - [security] XSS vulnerability on export page - [security] Insufficient output sanitizing when generating configuration file http://www.linuxsecurity.com/content/view/148374
	Fedora 9 Update: compiz-fusion-0.7.6-6.fc9 (Mar 25)
	This update fixes a security issue in the expo plugin which allows local users with physical access to drag the screen saver aside and access the locked desktop by using Expo mouse shortcuts. http://www.linuxsecurity.com/content/view/148373
	Fedora 9 Update: phpMyAdmin-3.1.3.1-1.fc9 (Mar 25)
	Improvements for 3.1.3.1: - [security] HTTP Response Splitting and file inclusion vulnerabilities - [security] XSS vulnerability on export page - [security] Insufficient output sanitizing when generating configuration file http://www.linuxsecurity.com/content/view/148371
	Fedora 10 Update: compiz-fusion-0.7.8-4.fc10 (Mar 25)
	This update fixes a security issue in the expo plugin which allows local users with physical access to drag the screen saver aside and access the locked desktop by using Expo mouse shortcuts. http://www.linuxsecurity.com/content/view/148372
	Fedora 10 Update: java-1.6.0-openjdk-1.6.0.0-11.b14.fc10 (Mar 24)
	Fixes important lcms security bug which gives unwarranted access to malicious users. http://www.linuxsecurity.com/content/view/148352
	Fedora 9 Update: java-1.6.0-openjdk-1.6.0.0-0.21.b09.fc9 (Mar 24)
	Fixes important lcms security bug which gives unwarranted access to malicious users. http://www.linuxsecurity.com/content/view/148353
	Fedora 10 Update: lcms-1.18-0.1.beta2.fc10 (Mar 23)
	Some patches that was collected in the fedora package have just been submitted upstream. Changes are hight that this update can be superseeded by a beta3 or a stable release from upstream. http://www.linuxsecurity.com/content/view/148343
	Fedora 10 Update: postgresql-8.3.7-1.fc10 (Mar 23)
	Update to PostgreSQL 8.3.7, for various fixes described at http://www.postgresql.org/docs/8.3/static/release-8-3-7.html http://www.linuxsecurity.com/content/view/148342
	Fedora 9 Update: postgresql-8.3.7-1.fc9 (Mar 23)
	Update to PostgreSQL 8.3.7, for various fixes described at http://www.postgresql.org/docs/8.3/static/release-8-3-7.html http://www.linuxsecurity.com/content/view/148340
	Fedora 9 Update: lcms-1.18-0.1.beta2.fc9 (Mar 23)
	Some patches that was collected in the fedora package have just been submitted upstream. Changes are hight that this update can be superseeded by a beta3 or a stable release from upstream. http://www.linuxsecurity.com/content/view/148339
	Fedora 10 Update: ghostscript-8.63-5.fc10 (Mar 20)
	Security update for integer overflows (CVE-2009-0583) and upper bounds checks (CVE-2009-0584) in the ICC profile handling. http://www.linuxsecurity.com/content/view/148331
	Fedora 9 Update: thunderbird-2.0.0.21-1.fc9 (Mar 20)
	Several flaws were found in the processing of malformed HTML mail content. An HTML mail message containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code as the user running Thunderbird. (CVE-2009-0040, CVE-2009-0352, CVE-2009-0353, CVE-2009-0772, CVE-2009-0774, CVE-2009-0775) Several flaws were found in the way malformed content was processed. An HTML mail message containing specially-crafted content could potentially trick a Thunderbird user into surrendering sensitive information. (CVE-2009-0355, CVE-2009-0776) Note: JavaScript support is disabled by default in Thunderbird. None of the above issues are exploitable unless JavaScript is enabled. http://www.linuxsecurity.com/content/view/148330
	Fedora 10 Update: thunderbird-2.0.0.21-1.fc10 (Mar 20)
	Several flaws were found in the processing of malformed HTML mail content. An HTML mail message containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code as the user running Thunderbird. (CVE-2009-0040, CVE-2009-0352, CVE-2009-0353, CVE-2009-0772, CVE-2009-0774, CVE-2009-0775) Several flaws were found in the way malformed content was processed. An HTML mail message containing specially-crafted content could potentially trick a Thunderbird user into surrendering sensitive information. (CVE-2009-0355, CVE-2009-0776) Note: JavaScript support is disabled by default in Thunderbird. None of the above issues are exploitable unless JavaScript is enabled. http://www.linuxsecurity.com/content/view/148328
	Fedora 9 Update: ghostscript-8.63-2.fc9 (Mar 20)
	Security update for integer overflows (CVE-2009-0583) and upper bounds checks (CVE-2009-0584) in the ICC profile handling. http://www.linuxsecurity.com/content/view/148329
	Fedora 10 Update: drupal-cck-6.x.2.2-1.fc10 (Mar 20)
	Fixes DRUPAL-SA-CONTRIB-2009-013 - XSS issue. http://www.linuxsecurity.com/content/view/148322
	Fedora 9 Update: drupal-cck-6.x.2.2-1.fc9 (Mar 20)
	Fixes DRUPAL-SA-CONTRIB-2009-013 - XSS issue. http://www.linuxsecurity.com/content/view/148323

	Gentoo: Squid Multiple Denial of Service vulnerabilities (Mar 24)
	Multiple vulnerabilities have been found in Squid which allow for remote Denial of Service attacks. http://www.linuxsecurity.com/content/view/148357
	Gentoo: Ghostscript User-assisted execution of arbitrary (Mar 23)
	Multiple integer overflows in the Ghostscript ICC library might allow for user-assisted execution of arbitrary code. http://www.linuxsecurity.com/content/view/148351
	Gentoo: MLDonkey Information disclosure (Mar 23)
	A vulnerability in the MLDonkey web interface allows remote attackers to disclose arbitrary files. http://www.linuxsecurity.com/content/view/148350
	Gentoo: Muttprint Insecure temporary file usage (Mar 23)
	An insecure temporary file usage in Muttprint allows for symlink attacks. http://www.linuxsecurity.com/content/view/148349
	Gentoo: Amarok User-assisted execution of arbitrary code (Mar 20)
	Multiple vulnerabilities in Amarok might allow for user-assisted execution of arbitrary code. http://www.linuxsecurity.com/content/view/148325
	Gentoo: FFmpeg Multiple vulnerabilities (Mar 19)
	Multiple vulnerabilities in FFmpeg may lead to the remote execution of arbitrary code or a Denial of Service. http://www.linuxsecurity.com/content/view/148315

	Mandriva: [ MDVSA-2009:079 ] postgresql (Mar 23)
	PostgreSQL before 8.3.7, 8.2.13, 8.1.17, 8.0.21, and 7.4.25 allows remote authenticated users to cause a denial of service (stack consumption and crash) by triggering a failure in the conversion of a localized error message to a client-specified encoding, as demonstrated using mismatched encoding conversion requests (CVE-2009-0922). This update provides a fix for this vulnerability. http://www.linuxsecurity.com/content/view/148348
	Mandriva: [ MDVSA-2009:078 ] evolution-data-server (Mar 23)
	A wrong handling of signed Secure/Multipurpose Internet Mail Extensions (S/MIME) e-mail messages enables attackers to spoof its signatures by modifying the latter copy (CVE-2009-0547). Crafted authentication challange packets (NT Lan Manager type 2) sent by a malicious remote mail server enables remote attackers either to cause denial of service and to read information from the process memory of the client (CVE-2009-0582). Multiple integer overflows in Base64 encoding functions enables attackers either to cause denial of service and to execute arbitrary code (CVE-2009-0587). This update provides fixes for those vulnerabilities. http://www.linuxsecurity.com/content/view/148347
	Mandriva: [ MDVSA-2009:077 ] pam (Mar 21)
	A security vulnerability has been identified and fixed in pam: Integer signedness error in the _pam_StrTok function in libpam/pam_misc.c in Linux-PAM (aka pam) 1.0.3 and earlier, when a configuration file contains non-ASCII usernames, might allow remote attackers to cause a denial of service, and might allow remote authenticated users to obtain login access with a different user's non-ASCII username, via a login attempt (CVE-2009-0887). The updated packages have been patched to prevent this. Additionally some development packages were missing that are required to build pam for CS4, these are also provided with this update. http://www.linuxsecurity.com/content/view/148334
	Mandriva: [ MDVA-2009:047 ] drakconf (Mar 21)
	This update prevents drakconf from crashing if the tool currently embedded within drakconf segfaulted in some rare case (bug #48080). http://www.linuxsecurity.com/content/view/148333
	Mandriva: [ MDVA-2009:046 ] pidgin (Mar 21)
	Protocol changes on the ICQ servers made pidgin incompatible. This update upgrades pidgin to version 2.5.5 which will take care of this problem. http://www.linuxsecurity.com/content/view/148332
	Mandriva: [ MDVA-2009:045 ] dhcp (Mar 20)
	dhclient-script, in dhcp-client package as released with Mandriva Linux 2009, would put the network interface down on some circumstances, as part of it's workings. Coupled with a bug in the kernel wireless stack, when done on wireless interfaces this could cause the wireless association to be lost and never automatically remade. This update fixes dhcp-client to use a better way instead of putting the interface down, working around the wireless stack bug, fixing many cases of the lost association problem. http://www.linuxsecurity.com/content/view/148327
	Mandriva: [ MDVSA-2009:060-1 ] nfs-utils (Mar 19)
	A security vulnerability has been identified and fixed in nfs-utils, which caused TCP Wrappers to ignore netgroups and allows remote attackers to bypass intended access restrictions (CVE-2008-4552). The updated packages have been patched to prevent this. http://www.linuxsecurity.com/content/view/148314

	RedHat: Critical: java-1.6.0-ibm security update (Mar 25)
	Updated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/148370
	RedHat: Moderate: NetworkManager security update (Mar 25)
	Updated NetworkManager packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/148366
	RedHat: Moderate: NetworkManager security update (Mar 25)
	Updated NetworkManager packages that fix two security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/148367
	RedHat: Critical: acroread security update (Mar 25)
	Updated acroread packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3 Extras, Red Hat Enterprise Linux 4 Extras, and Red Hat Enterprise Linux 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/148368
	RedHat: Moderate: thunderbird security update (Mar 24)
	An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/148354
	RedHat: Moderate: glib2 security update (Mar 24)
	Updated glib2 packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/148355
	RedHat: Moderate: libvirt security update (Mar 19)
	Updated libvirt packages that fix two security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/148312
	RedHat: Moderate: curl security update (Mar 19)
	Updated curl packages that fix a security issue are now available for Red Hat Enterprise Linux 2.1, 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/148310
	RedHat: Moderate: ghostscript security update (Mar 19)
	Updated ghostscript packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/148311
	RedHat: Moderate: lcms security update (Mar 19)
	Updated lcms packages that resolve several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/148309

	Slackware: seamonkey (Mar 24)
	New seamonkey packages are available for Slackware 11.0, 12.0, 12.1, 12.2, and -current to fix security issues. http://www.linuxsecurity.com/content/view/148358
	Slackware: mozilla-thunderbird (Mar 24)
	New mozilla-thunderbird packages are available for Slackware 10.2, 11.0, 12.0, 12.1, 12.2, and -current to fix security issues. http://www.linuxsecurity.com/content/view/148359
	Slackware: lcms (Mar 24)
	New lcms packages are available for Slackware 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, and -current to fix security issues. http://www.linuxsecurity.com/content/view/148360

	Ubuntu: Ghostscript vulnerabilities (Mar 23)
	It was discovered that Ghostscript contained multiple integer overflows in its ICC color management library. If a user or automated system were tricked into opening a crafted Postscript file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. (CVE-2009-0583) It was discovered that Ghostscript did not properly perform bounds checking in its ICC color management library. If a user or automated system were tricked into opening a crafted Postscript file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. (CVE-2009-0584) http://www.linuxsecurity.com/content/view/148345
	Ubuntu: LittleCMS vulnerabilities (Mar 23)
	Chris Evans discovered that LittleCMS did not properly handle certain error conditions, resulting in a large memory leak. If a user or automated system were tricked into processing an image with malicious ICC tags, a remote attacker could cause a denial of service. (CVE-2009-0581) Chris Evans discovered that LittleCMS contained multiple integer overflows. If a user or automated system were tricked into processing an image with malicious ICC tags, a remote attacker could crash applications linked against liblcms1, leading to a denial of service, or possibly execute arbitrary code with user privileges. (CVE-2009-0723) Chris Evans discovered that LittleCMS did not properly perform bounds checking, leading to a buffer overflow. If a user or automated system were tricked into processing an image with malicious ICC tags, a remote attacker could execute arbitrary code with user privileges. (CVE-2009-0733) http://www.linuxsecurity.com/content/view/148346
	Ubuntu: JasPer vulnerabilities (Mar 19)
	It was discovered that JasPer did not correctly handle memory allocation when parsing certain malformed JPEG2000 images. If a user were tricked into opening a specially crafted image with an application that uses libjasper, an attacker could cause a denial of service and possibly execute arbitrary code with the user's privileges. (CVE-2008-3520) It was discovered that JasPer created temporary files in an insecure way. Local users could exploit a race condition and cause a denial of service in libjasper applications. (CVE-2008-3521) It was discovered that JasPer did not correctly handle certain formatting operations. If a user were tricked into opening a specially crafted image with an application that uses libjasper, an attacker could cause a denial of service and possibly execute arbitrary code with the user's privileges. (CVE-2008-3522) http://www.linuxsecurity.com/content/view/148313

	Pardus: Thunderbird: Multiple (Mar 25)
	Some vulnerabilities have been reported in Mozilla Thunderbird, which can potentially be exploited by malicious people to compromise a user's system. http://www.linuxsecurity.com/content/view/148365
	Pardus: PostgreSQL: Denial of Service (Mar 25)
	A weakness and a security issue have been reported in PostgreSQL, which can be exploited by malicious users to disclose potentially sensitive information or cause a DoS (Denial of Service). http://www.linuxsecurity.com/content/view/148364
	Pardus: Glib2: Integer Overflow (Mar 25)
	Some vulnerabilities have been reported in GLib, which can potentially be exploited by malicious people to compromise an application using the library. http://www.linuxsecurity.com/content/view/148362
	Pardus: Flashplugin: Multiple (Mar 25)
	Some vulnerabilities have been reported in Adobe Flash Player, which can be exploited by malicious, local users to disclose sensitive information and potentially gain escalated privileges, and by malicious people to bypass certain security restrictions, disclose potentially sensitive information, and compromise a user's system. http://www.linuxsecurity.com/content/view/148361