LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: November 21st, 2014
Linux Security Week: November 17th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Linux Advisory Watch: August 19th, 2011 Print E-mail
User Rating:      How can I rate this item?
Source: LinuxSecurity Contributors - Posted by Benjamin D. Thomas   
Linux Advisory Watch Thank you for reading the Linux Advisory Watch Security Newsletter. The purpose of this document is to provide our readers with a quick summary of each week's vendor security bulletins and pointers on methods to improve the security posture of your open source system. Vulnerabilities affect nearly every vendor virtually every week, so be sure to read through to find the updates your distributor have made available.

LinuxSecurity.com Feature Extras:

What You Need to Know About Linux Rootkits - Rootkits are a way attackers hide their tracks and keep access to the machines they control. The good rootkits are very hard to detect and remove. They can be running on ones computer and no one can even know they have been running. Read more to learn how to detect them on your system.

Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition - Mark Sobell again delivers the answers to common Linux administration challenges, and provides thorough and step-by-step instructions to configuring many of the common Linux Internet services in A Practical Guide to Fedora and Red Hat Enterprise Linux, Fifth Edition.



  Debian: 2296-1: iceweasel: Multiple vulnerabilities (Aug 17)
 

Several vulnerabilities have been discovered in Iceweasel, a web browser based on Firefox. The included XULRunner library provides rendering services for several other applications included in Debian. [More...]

  Debian: 2295-1: iceape: Multiple vulnerabilities (Aug 17)
 

Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of Seamonkey: CVE-2011-0084 [More...]

  Debian: 2294-1: freetype: missing input sanisiting (Aug 14)
 

It was discovered that insufficient input saniting in Freetype's code to parse Type1 could lead to the execution of arbitrary code. For the oldstable distribution (lenny), this problem has been fixed in [More...]

  Debian: 2293-1: libxfont: buffer overflow (Aug 12)
 

Tomas Hoger found a buffer overflow in the X.Org libXfont library, which may allow for a local privilege escalation through crafted font files. [More...]

  Debian: 2292-1: isc-dhcp: denial of service (Aug 11)
 

David Zych discovered that the ISC DHCP crashes when processing certain packets, leading to a denial of service. For the oldstable distribution (lenny), this problem has been fixed in [More...]


  Mandriva: 2011:128: dhcp (Aug 18)
 

Multiple vulnerabilities has been discovered and corrected in dhcp: The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted DHCP packet [More...]

  Mandriva: 2011:127: mozilla (Aug 17)
 

Security issues were identified and fixed in mozilla firefox and thunderbird: Mozilla developers and community members identified and fixed several memory safety bugs in the browser engine used in Firefox 3.6 and [More...]

  Mandriva: 2011:126: java-1.6.0-openjdk (Aug 15)
 

Multiple vulnerabilities were discovered and corrected in java-1.6.0-openjdk: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 [More...]

  Mandriva: 2011:125: foomatic-filters (Aug 14)
 

A vulnerability has been discovered and corrected in foomatic-filters: foomatic-rip allows remote attackers to execute arbitrary code via a crafted *FoomaticRIPCommandLine field in a .ppd file (CVE-2011-2697, CVE-2011-2964). [More...]

  Mandriva: 2011:124: phpmyadmin (Aug 14)
 

Multiple vulnerabilities has been discovered and corrected in phpmyadmin: libraries/auth/swekey/swekey.auth.lib.php in the Swekey authentication feature in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 [More...]

  Mandriva: 2011:123: squirrelmail (Aug 13)
 

Multiple vulnerabilities has been discovered and corrected in squirrelmail: functions/page_header.php in SquirrelMail 1.4.21 and earlier does not prevent page rendering inside a frame in a third-party HTML document, [More...]

  Mandriva: 2011:122: clamav (Aug 13)
 

A vulnerability has been discovered and corrected in clamav: Off-by-one error in the cli_hm_scan function in matcher-hash.c in libclamav in ClamAV before 0.97.2 allows remote attackers to cause a denial of service (daemon crash) via an e-mail message that is not [More...]


  Red Hat: 2011:1187-01: dovecot: Moderate Advisory (Aug 18)
 

Updated dovecot packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having moderate [More...]

  Red Hat: 2011:1167-01: seamonkey: Critical Advisory (Aug 16)
 

Updated seamonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having critical [More...]

  Red Hat: 2011:1165-01: thunderbird: Critical Advisory (Aug 16)
 

An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having critical [More...]

  Red Hat: 2011:1164-01: firefox: Critical Advisory (Aug 16)
 

Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having critical [More...]

  Red Hat: 2011:1166-01: thunderbird: Critical Advisory (Aug 16)
 

An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical [More...]

  Red Hat: 2011:1163-01: kernel: Important Advisory (Aug 16)
 

Updated kernel packages that fix two security issues and three bugs are now available for Red Hat Enterprise Linux 5.6 Extended Update Support. The Red Hat Security Response Team has rated this update as having [More...]

  Red Hat: 2011:1161-01: freetype: Moderate Advisory (Aug 15)
 

Updated freetype packages that fix one security issue are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate [More...]

  Red Hat: 2011:1159-01: java-1.4.2-ibm: Critical Advisory (Aug 15)
 

Updated java-1.4.2-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 Supplementary. [More...]

  Red Hat: 2011:1160-01: dhcp: Moderate Advisory (Aug 15)
 

Updated dhcp packages that fix two security issues are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having moderate [More...]

  Red Hat: 2011:1155-01: xorg-x11: Important Advisory (Aug 11)
 

Updated xorg-x11 packages that fix one security issue are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having [More...]

  Red Hat: 2011:1154-01: libXfont: Important Advisory (Aug 11)
 

Updated libXfont packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having [More...]


  Slackware: 2011-224-01: bind: Security Update (Aug 12)
 

New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues. [More Info...]


  SuSE: 2011-034: Linux kernel (Aug 12)
 

This kernel update for the SUSE Linux Enterprise 10 SP4 kernel fixes several security issues and bugs. Following security issues were fixed: CVE-2011-1093: The dccp_rcv_state_process function in net/dccp/input.c in the Datagram Congestion Control Protocol (DCCP) implementation [More...]


  Ubuntu: 1193-1: Linux kernel vulnerabilities (Aug 19)
 

Multiple kernel flaws have been fixed.

  Ubuntu: 1184-1: Firefox and Xulrunner vulnerabilities (Aug 19)
 

Multiple vulnerabilities have been fixed in Firefox and Xulrunner.

  Ubuntu: 1192-2: Mozvoikko update (Aug 17)
 

This update provides a compatible Mozvoikko for Firefox 6.

  Ubuntu: 1192-1: Firefox vulnerabilities (Aug 17)
 

Multiple Firefox vulnerabilities have been fixed

  Ubuntu: 1190-1: DHCP vulnerabilities (Aug 15)
 

An attacker could send crafted input to DHCP and cause it to crash.

  Ubuntu: 1191-1: libXfont vulnerability (Aug 15)
 

libXfont could be made to run programs as an administrator if it opened aspecially crafted file.

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.