Thank you for reading the Linux Advisory Watch Security Newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's vendor security bulletins and pointers on
methods to improve the security posture of your open source system.
Vulnerabilities affect nearly every vendor virtually every week, so
be sure to read through to find the updates your distributor have
made available.
sec-wall: Open Source Security Proxy - sec-wall, a recently released security proxy is a one-stop place for everything related to securing HTTP/HTTPS traffic. Designed as a pragmatic solution to the question of securing servers using SSL/TLS certificates, WS-Security, HTTP Basic/Digest Auth, custom HTTP headers, XPath expressions with an option of modifying HTTP headers and URLs on the fly.
Book Review: Linux Kernel Programming - As Linux is implemented on increasingly wider number of devices, the number of people responsible for developing and maintaining Linux on those platforms have increased. As the level of maturity of the kernel increases, so does the complexity, capabilities, and size. This book provides the Linux programmer the tools necessary to understand the core aspects of the kernel and how to interface with it.
|
|
|
Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.22 (Version 3.0, Release 22). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy.
|
|
|
|
(Apr 20) |
|
Several security vulnerabilities were discovered in OpenJDK, an implementation of the Java platform. CVE-2010-4351 [More...]
|
|
(Apr 20) |
|
It was discovered that Doctrine, a PHP library for implementing object persistence, contains SQL injection vulnerabilities. (CVE-2011-1522) The exact impact depends on the application which uses the Doctrine library. [More...]
|
|
(Apr 20) |
|
Christoph Martin discovered that incorrect ACL processing in TinyProxy, a lightweight, non-caching, optionally anonymizing http proxy could lead to unintended network access rights. [More...]
|
|
(Apr 19) |
|
Viacheslav Tykhanovskyi discovered a directory traversal vulnerability in Mojolicious, a Perl Web Application Framework. The oldstable distribution (lenny) doesn't contain libmojolicious-perl. [More...]
|
|
(Apr 19) |
|
Several vulnerabilities were in Request Tracker, an issue tracking system. CVE-2011-1685 [More...]
|
|
(Apr 18) |
|
Nicolas Gregoire discovered that the XML Security Library xmlsec allowed remote attackers to create or overwrite arbitrary files through specially crafted XML files using the libxslt output extension and a ds:Transform element during signature verification. [More...]
|
|
|
|
Mandriva: 2011:077: krb5 (Apr 22) |
|
A vulnerability has been found and corrected in krb5: The process_chpw_request function in schpw.c in the password-changing functionality in kadmind in MIT Kerberos 5 (aka krb5) 1.7 through 1.9 frees an invalid pointer, which allows remote attackers to execute [More...]
|
|
Mandriva: 2011:076: xrdb (Apr 21) |
|
A vulnerability has been found and corrected in xrdb: xrdb.c in xrdb before 1.0.9 in X.Org X11R7.6 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a (1) DHCP or (2) XDMCP message (CVE-2011-0465). [More...]
|
|
Mandriva: 2011:075: kdelibs4 (Apr 20) |
|
A vulnerability has been found and corrected in kdelibs4: Cross-site scripting (XSS) vulnerability in the KHTMLPart::htmlError function in khtml/khtml_part.cpp in Konqueror in KDE SC 4.4.0 through 4.6.1 allows remote attackers to inject arbitrary web script or [More...]
|
|
|
|
Red Hat: 2011:0464-01: kdelibs: Moderate Advisory (Apr 21) |
|
Updated kdelibs packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate [More...]
|
|
Red Hat: 2011:0465-01: kdenetwork: Important Advisory (Apr 21) |
|
Updated kdenetwork packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having [More...]
|
|
Red Hat: 2011:0455-01: polkit: Important Advisory (Apr 19) |
|
Updated polkit packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having [More...]
|
|
Red Hat: 2011:0452-01: libtiff: Important Advisory (Apr 18) |
|
Updated libtiff packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having [More...]
|
|
Red Hat: 2011:0451-01: flash-plugin: Critical Advisory (Apr 18) |
|
An updated Adobe Flash Player package that fixes one security issue is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical [More...]
|
|
Red Hat: 2011:0447-01: krb5: Moderate Advisory (Apr 14) |
|
Updated krb5 packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate [More...]
|
|
|
|
(Apr 22) |
|
New rdesktop packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix a security issue. [More Info...]
|
|
(Apr 20) |
|
New polkit packages are available for Slackware 13.1 and -current to fix a security issue. [More Info...]
|
|
(Apr 18) |
|
New acl packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix a security issue. [More Info...]
|
|
|
|
SuSE: Weekly Summary 2011:007 (Apr 19) |
|
To avoid flooding mailing lists with SUSE Security Announcements for minor issues, SUSE Security releases weekly summary reports for the low profile vulnerability fixes. The SUSE Security Summary Reports do not list or download URLs like the SUSE Security Announcements that are released for more severe vulnerabilities. List of vulnerabilities in this summary include: NetworkManager, OpenOffice_org, apache2-slms, dbus-1-glib, dhcp/dhcpcd/dhcp6, freetype2, kbd, krb5, libcgroup, libmodplug, libvirt, mailman, moonlight-plugin, nbd, openldap2, pure-ftpd, python-feedparser, rsyslog, telepathy-gabble, wireshark.
|
|
SuSE: 2011-018: flash-player (Apr 18) |
|
Specially crafted Flash files as delivered by web sites or as .swf-files could exploit the flash player to execute arbitrary code with the privileges of the user viewing these files. CVE-2011-0611 has been assigned to this issue.
|
|
SuSE: 2011-017: Linux kernel (Apr 18) |
|
The openSUSE 11.2 kernel was updated to fix lots of security issues. This will probably be the last 11.2 kernel update released by the SUSE Security Team, as our suppport for 11.2 ends in 1 month. Following security issues were fixed: CVE-2011-1493: In the rose networking stack, when parsing the [More...]
|
|
|
|
Ubuntu: 1120-1: tiff vulnerability (Apr 21) |
|
|
|
Ubuntu: 1119-1: Linux kernel (OMAP4) vulnerabilities (Apr 20) |
|
|
|
Ubuntu: 1117-1: PolicyKit vulnerability (Apr 19) |
|
|
|
Ubuntu: 1116-1: Kerberos vulnerability (Apr 19) |
|
|
|
Ubuntu: 1108-2: DHCP vulnerability (Apr 19) |
|
|
|
Ubuntu: 1115-1: language-selector vulnerability (Apr 19) |
|
|
|
Ubuntu: 1113-1: Postfix vulnerabilities (Apr 18) |
|
|
