Thank you for reading the Linux Advisory Watch Security Newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's vendor security bulletins and pointers on
methods to improve the security posture of your open source system.
Vulnerabilities affect nearly every vendor virtually every week, so
be sure to read through to find the updates your distributor have
made available.
|
(Nov 29) |
|
It was discovered that nbd-server, the server for the Network Block Device protocol, did incorrect parsing of the access control lists, allowing access to any hosts with an IP address sharing a prefix with an allowed address. [More...]
|
|
(Nov 27) |
|
joernchen of Phenoelit discovered two command injection flaws in Sup, a console-based email client. An attacker might execute arbitrary command if the user opens a maliciously crafted email. [More...]
|
|
(Nov 26) |
|
Multiple vulnerabilities have been discovered in Drupal, a fully-featured content management framework: Cross-site request forgery, insecure pseudo random number generation, code execution, incorrect security token validation and cross-site scripting. [More...]
|
|
(Nov 26) |
|
Multiple vulnerabilities were discovered in Quagga, a BGP/OSPF/RIP routing daemon: CVE-2013-2236 [More...]
|
|
(Nov 25) |
|
Andrew Tinits reported a potentially exploitable buffer overflow in the Mozilla Network Security Service library (nss). With a specially crafted request a remote attacker could cause a denial of service or possibly execute arbitrary code. [More...]
|
|
(Nov 21) |
|
Ivan Fratric of the Google Security Team discovered a bug in nginx, a web server, which might allow an attacker to bypass security restrictions by using a specially crafted request. [More...]
|
|
(Nov 21) |
|
Jonathan Dolle reported a design error in HTTP::Body, a Perl module for processing data from HTTP POST requests. The HTTP body multipart parser creates temporary files which preserve the suffix of the uploaded file. An attacker able to upload files to a service that uses [More...]
|
|
|
|
(Nov 28) |
|
Multiple vulnerabilities have been found in Namazu, worst of which allows remote attackers to cause a Denial of Service condition.
|
|
(Nov 28) |
|
A heap-based buffer overflow in cpio might allow a remote rmt server to execute arbitrary code or cause a Denial of Service condition.
|
|
(Nov 28) |
|
A heap-based buffer overflow in Okular might allow a remote attacker to execute arbitrary code or cause a Denial of Service condition.
|
|
(Nov 28) |
|
Multiple vulnerabilities have been found in rssh, allowing local attackers to bypass access restrictions.
|
|
(Nov 28) |
|
Multiple Denial of Service vulnerabilities have been found in Unbound.
|
|
(Nov 28) |
|
Multiple vulnerabilities were found in Perl, the worst of which could allow a local attacker to cause a Denial of Service condition.
|
|
(Nov 25) |
|
Multiple vulnerabilities have been found in Zabbix, possibly leading to SQL injection attacks, Denial of Service, or information disclosure.
|
|
(Nov 25) |
|
A vulnerability has been found in fcron, allowing local attackers to conduct symlink attacks.
|
|
(Nov 22) |
|
Multiple vulnerabilities have been discovered in QtCore and QtGui, possibly resulting in execution of arbitrary code, Denial of Service, or man-in-the-middle attacks.
|
|
|
|
Mandriva: 2013:287: drupal (Nov 26) |
|
Multiple security issues was identified and fixed in drupal: Drupal core's Image module allows for the on-demand generation of image derivatives. This capability can be abused by requesting a large number of new derivatives which can fill up the server disk space, [More...]
|
|
Mandriva: 2013:286: ruby (Nov 26) |
|
A vulnerability was found and corrected in ruby: Heap-based buffer overflow in Ruby 1.8, 1.9 before 1.9.3-p484, 2.0 before 2.0.0-p353, 2.1 before 2.1.0 preview2, and trunk before revision 43780 allows context-dependent attackers to cause a denial of service [More...]
|
|
Mandriva: 2013:285: bugzilla (Nov 26) |
|
Multiple vulnerabilities was found and corrected in bugzilla: Cross-site request forgery (CSRF) vulnerability in process_bug.cgi in Bugzilla 4.4.x before 4.4.1 allows remote attackers to hijack the authentication of arbitrary users for requests that modify bugs via [More...]
|
|
Mandriva: 2013:284: glibc (Nov 25) |
|
Multiple vulnerabilities was found and corrected in glibc: Integer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and earlier allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary [More...]
|
|
Mandriva: 2013:283: glibc (Nov 25) |
|
Updated glibc packages fixes the following security issues: Integer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and earlier allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary [More...]
|
|
Mandriva: 2013:282: perl-HTTP-Body (Nov 25) |
|
Updated perl-HTTP-Body package fixes security vulnerability: Jonathan Dolle reported a design error in HTTP::Body, a Perl module for processing data from HTTP POST requests. The HTTP body multipart parser creates temporary files which preserve the suffix of the [More...]
|
|
Mandriva: 2013:281: nginx (Nov 24) |
|
Updated nginx package fixes security vulnerability: Ivan Fratric of the Google Security Team discovered a bug in nginx, which might allow an attacker to bypass security restrictions in certain configurations by using a specially crafted request, or might [More...]
|
|
Mandriva: 2013:280: memcached (Nov 22) |
|
A vulnerability was found and corrected in memcached: Memcached is vulnerable to a denial of service as it can be made to crash when it receives a specially crafted packet over the network (CVE-2011-4971). [More...]
|
|
Mandriva: 2013:279: wireshark (Nov 22) |
|
Multiple vulnerabilities was found and corrected in Wireshark: The ieee802154_map_rec function in epan/dissectors/packet-ieee802154.c in the IEEE 802.15.4 dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 uses an incorrect pointer chain, which allows [More...]
|
|
Mandriva: 2013:278: samba (Nov 21) |
|
A vulnerability has been found and corrected in samba: Samba 3.x before 3.6.20, 4.0.x before 4.0.11, and 4.1.x before 4.1.1, when vfs_streams_depot or vfs_streams_xattr is enabled, allows remote attackers to bypass intended file restrictions by leveraging ACL [More...]
|
|
Mandriva: 2013:277: lighttpd (Nov 21) |
|
Updated lighttpd packages fix security vulnerabilities: lighttpd before 1.4.34, when SNI is enabled, configures weak SSL ciphers, which makes it easier for remote attackers to hijack sessions by inserting packets into the client-server data stream or obtain [More...]
|
|
Mandriva: 2013:276: curl (Nov 21) |
|
Updated curl packages fix security vulnerability: Scott Cantor discovered that curl, a file retrieval tool, would disable the CURLOPT_SSLVERIFYHOST check when the CURLOPT_SSL_VERIFYPEER setting was disabled. This would also disable ssl certificate host [More...]
|
|
Mandriva: 2013:271: pmake (Nov 21) |
|
Updated pmake package fixes security vulnerability: The make include files in NetBSD before 1.6.2, as used in pmake 1.111 and earlier, allow local users to overwrite arbitrary files via a symlink attack on a /tmp/_depend##### temporary file, related [More...]
|
|
Mandriva: 2013:273: libjpeg (Nov 21) |
|
Updated libjpeg packages fix security vulnerabilities: libjpeg 6b and libjpeg-turbo will use uninitialized memory when decoding images with missing SOS data for the luminance component (Y) in presence of valid chroma data (Cr, Cb) (CVE-2013-6629). [More...]
|
|
Mandriva: 2013:275: krb5 (Nov 21) |
|
Updated krb5 package fixes security vulnerabily: If a KDC serves multiple realms, certain requests can cause setup_server_realm() to dereference a null pointer, crashing the KDC. This can be triggered by an unauthenticated user [More...]
|
|
Mandriva: 2013:272: poppler (Nov 21) |
|
Updated poppler packages fix security vulnerabilities: Poppler is found to be affected by a stack based buffer overflow vulnerability in the pdfseparate utility. Successfully exploiting this issue could allow remote attackers to execute arbitrary code in [More...]
|
|
Mandriva: 2013:274: libjpeg (Nov 21) |
|
Updated libjpeg packages fix security vulnerabilities: A Heap-based buffer overflow was found in the way libjpeg-turbo decompressed certain corrupt JPEG images in which the component count was erroneously set to a large value. An attacker could create [More...]
|
|
Mandriva: 2013:270: nss (Nov 21) |
|
Multiple security issues was identified and fixed in mozilla NSPR and NSS: Mozilla Network Security Services (NSS) before 3.15.2 does not ensure that data structures are initialized before read operations, which [More...]
|
|
Mandriva: 2013:268: torque (Nov 21) |
|
Updated torque packages fix security vulnerability: A user could submit executable shell commands on the tail of what is passed with the -M switch for qsub. This was later passed to a pipe, making it possible for these commands to be executed as root on the [More...]
|
|
Mandriva: 2013:269: firefox (Nov 21) |
|
Multiple security issues was identified and fixed in mozilla NSPR, NSS and firefox: Mozilla Network Security Services (NSS) before 3.15.2 does not ensure that data structures are initialized before read operations, which [More...]
|
|
Mandriva: 2013:267: java-1.7.0-openjdk (Nov 21) |
|
Updated java-1.7.0-openjdk packages fix security vulnerabilities: Multiple input checking flaws were found in the 2D component native image parsing code. A specially crafted image file could trigger a Java Virtual Machine memory corruption and, possibly, lead to [More...]
|
|
Mandriva: 2013:266: java-1.6.0-openjdk (Nov 21) |
|
Updated java-1.6.0-openjdk packages fix security vulnerabilities: Multiple input checking flaws were found in the 2D component native image parsing code. A specially crafted image file could trigger a Java Virtual Machine memory corruption and, possibly, lead to [More...]
|
|
|
|
Red Hat: 2013:1767-01: ruby: Critical Advisory (Nov 26) |
|
Updated ruby packages that fix one security issue are now available for Red Hat Enterprise Linux 6.2, 6.3, and 6.4 Extended Update Support. The Red Hat Security Response Team has rated this update as having critical [More...]
|
|
Red Hat: 2013:1764-01: ruby: Critical Advisory (Nov 25) |
|
Updated ruby packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical [More...]
|
|
Red Hat: 2013:1752-01: 389-ds-base: Important Advisory (Nov 21) |
|
Updated 389-ds-base packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having [More...]
|
|
Red Hat: 2013:1661-02: RDMA stack: Moderate Advisory (Nov 21) |
|
Updated rdma, libibverbs, libmlx4, librdmacm, qperf, perftest, openmpi, compat-openmpi, infinipath-psm, mpitests, and rds-tools packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. [More...]
|
|
Red Hat: 2013:1701-02: sudo: Low Advisory (Nov 21) |
|
An updated sudo package that fixes two security issues, several bugs, and adds two enhancements is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low [More...]
|
|
Red Hat: 2013:1732-02: busybox: Low Advisory (Nov 21) |
|
Updated busybox packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low [More...]
|
|
Red Hat: 2013:1674-02: dracut: Moderate Advisory (Nov 21) |
|
Updated dracut packages that fix one security issue, several bugs, and add two enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate [More...]
|
|
|
|
Ubuntu: 2035-1: Ruby vulnerabilities (Nov 27) |
|
Several security issues were fixed in Ruby.
|
|
Ubuntu: 2034-1: OpenStack Keystone vulnerability (Nov 25) |
|
Keystone would improperly remove roles when it was configured to use theLDAP backend.
|
|
Ubuntu: 2033-1: OpenJDK 6 vulnerabilities (Nov 21) |
|
Several security issues were fixed in OpenJDK 6.
|
|
Ubuntu: 2032-1: Thunderbird vulnerabilities (Nov 21) |
|
Several security issues were fixed in Thunderbird.
|
