Thank you for reading the Linux Advisory Watch Security Newsletter. The purpose of this document is to provide our readers with a quick summary of each week's vendor security bulletins and pointers on methods to improve the security posture of your open source system. Vulnerabilities affect nearly every vendor virtually every week, so be sure to read through to find the updates your distributor have made available.

LinuxSecurity.com Feature Extras:

Peter Smith Releases Linux Network Security Online - Thanks so much to Peter Smith for announcing on linuxsecurity.com the release of his Linux Network Security book available free online. "In 2005 I wrote a book on Linux security. 8 years later and the publisher has gone out of business. Now that I'm free from restrictions on reproducing material from the book, I have decided to make the entire book available online."

Securing a Linux Web Server - With the significant prevalence of Linux web servers globally, security is often touted as a strength of the platform for such a purpose. However, a Linux based web server is only as secure as its configuration and very often many are quite vulnerable to compromise. While specific configurations vary wildly due to environments or specific use, there are various general steps that can be taken to insure basic security considerations are in place.

(Mar 13)

Security Report Summary
(Mar 12)

Security Report Summary
(Mar 12)

Security Report Summary
(Mar 12)

Security Report Summary
(Mar 11)

Security Report Summary
(Mar 10)

Security Report Summary
(Mar 10)

Security Report Summary
(Mar 5)

Security Report Summary
(Mar 7)

A vulnerability has been found in D-Bus, possibly resulting in local Denial of Service.
(Mar 6)

Multiple vulnerabilities have been found in JasPer, the worst of which could could allow an attacker to execute arbitrary code.
Mandriva: 2015:057: kernel (Mar 10)

Multiple vulnerabilities has been found and corrected in the Linux kernel: The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an [More...]
Mandriva: 2015:056: rpm (Mar 9)

Updated rpm packages fix security vulnerabilities: It was found that RPM wrote file contents to the target installation directory under a temporary name, and verified its cryptographic signature only after the temporary file has been [More...]
Red Hat: 2015:0674-01: kernel: Important Advisory (Mar 11)

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security [More...]
Red Hat: 2015:0672-01: bind: Moderate Advisory (Mar 10)

Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security [More...]
Red Hat: 2015:0660-01: qpid-cpp: Moderate Advisory (Mar 9)

Updated qpid-cpp packages that fix multiple security issues and one bug are now available for Red Hat Enterprise MRG Messaging 2.5 for Red Hat Enterprise Linux 7. [More...]
Red Hat: 2015:0661-01: qpid-cpp: Moderate Advisory (Mar 9)

Updated qpid-cpp packages that fix multiple security issues and one bug are now available for Red Hat Enterprise MRG Messaging 2.5 for Red Hat Enterprise Linux 6. [More...]
Red Hat: 2015:0662-01: qpid-cpp: Moderate Advisory (Mar 9)

Updated qpid-cpp packages that fix multiple security issues and one bug are now available for Red Hat Enterprise MRG Messaging 2.5 for Red Hat Enterprise Linux 5. [More...]
Red Hat: 2015:0643-01: qemu-kvm-rhev: Important Advisory (Mar 5)

Updated qemu-kvm-rhev packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 6.0 for Red Hat Enterprise Linux 7. [More...]
Red Hat: 2015:0644-01: openstack-glance: Low Advisory (Mar 5)

Updated openstack-glance packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux OpenStack Platform 6.0. Red Hat Product Security has rated this update as having Low security [More...]
Red Hat: 2015:0642-01: thunderbird: Important Advisory (Mar 5)

An updated thunderbird package that fixes multiple security issues is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security [More...]
Red Hat: 2015:0629-01: firefox: Critical Advisory (Mar 5)

Updated firefox packages that fix multiple security issues are now available for the little-endian 64-bit PowerPC platform architecture (ppc64le) on Red Hat Enterprise Linux 7. [More...]
Red Hat: 2015:0301-02: hivex: Moderate Advisory (Mar 5)

Updated hivex packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security [More...]
Red Hat: 2015:0430-01: virt-who: Moderate Advisory (Mar 5)

An updated virt-who package that fixes one security issue, several bugs, and adds various enhancements is now available for Red Hat Enterprise Linux 7. [More...]
Red Hat: 2015:0327-02: glibc: Moderate Advisory (Mar 5)

Updated glibc packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security [More...]
Red Hat: 2015:0377-01: libreoffice: Moderate Advisory (Mar 5)

Updated libreoffice packages that fix three security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. [More...]
Red Hat: 2015:0325-02: httpd: Low Advisory (Mar 5)

Updated httpd packages that fix two security issues, several bugs, and add various enhancements are for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security [More...]
Red Hat: 2015:0349-01: qemu-kvm: Important Advisory (Mar 5)

Updated qemu-kvm packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. [More...]
Red Hat: 2015:0384-01: powerpc-utils: Low Advisory (Mar 5)

Updated powerpc-utils packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. [More...]
Red Hat: 2015:0330-02: pcre: Low Advisory (Mar 5)

Updated pcre packages that fix one security issue and add one enhancement are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security [More...]
Red Hat: 2015:0439-01: krb5: Moderate Advisory (Mar 5)

Updated krb5 packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security [More...]
Red Hat: 2015:0323-02: libvirt: Low Advisory (Mar 5)

Updated libvirt packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security [More...]
Red Hat: 2015:0535-01: GNOME Shell: Low Advisory (Mar 5)

Updated gnome-shell, mutter, clutter, and cogl packages that fix one security issue, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 7. [More...]
Red Hat: 2015:0425-02: openssh: Moderate Advisory (Mar 5)

Updated openssh packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security [More...]
Red Hat: 2015:0383-01: ppc64-diag: Moderate Advisory (Mar 5)

Updated ppc64-diag packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security [More...]
Red Hat: 2015:0627-01: chromium-browser: Important Advisory (Mar 5)

Updated chromium-browser packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having Important security [More...]
(Mar 5)

New samba packages are available for Slackware 14.1 and -current to fix security issues. [More Info...]
Ubuntu: 2530-1: Linux kernel vulnerability (Mar 12)

The system could be made to crash or run programs as an administrator.
Ubuntu: 2528-1: Linux kernel vulnerability (Mar 12)

The system could be made to crash or run programs as an administrator.
Ubuntu: 2527-1: Linux kernel (Trusty HWE) vulnerability (Mar 12)

The system could be made to crash or run programs as an administrator.
Ubuntu: 2529-1: Linux kernel (Utopic HWE) vulnerability (Mar 12)

The system could be made to crash or run programs as an administrator.
Ubuntu: 2526-1: Linux kernel vulnerability (Mar 12)

The system could be made to crash or run programs as an administrator.
Ubuntu: 2525-1: Linux kernel vulnerability (Mar 12)

The system could be made to crash or run programs as an administrator.
Ubuntu: 2524-1: eCryptfs vulnerability (Mar 10)

Sensitive information in encrypted home and Private directories could beexposed if an attacker gained access to your files.
Ubuntu: 2522-3: ICU vulnerabilities (Mar 10)

ICU could be made to crash or run programs as your login if it processedspecially crafted data.
Ubuntu: 2521-1: Oxide vulnerabilities (Mar 10)

Several security issues were fixed in Oxide.
Ubuntu: 2523-1: Apache HTTP Server vulnerabilities (Mar 10)

Several security issues were fixed in the Apache HTTP Server.
Ubuntu: 2505-2: Firefox regression (Mar 9)

USN-2505-1 introduced a regression in Firefox.
Ubuntu: 2522-2: ICU regression (Mar 6)

USN-2522-1 introduced a regression in ICU.
Ubuntu: 2522-1: ICU vulnerabilities (Mar 5)

ICU could be made to crash or run programs as your login if it processedspecially crafted data.