Thank you for reading the Linux Advisory Watch Security Newsletter. The purpose of this document is to provide our readers with a quick summary of each week's vendor security bulletins and pointers on methods to improve the security posture of your open source system. Vulnerabilities affect nearly every vendor virtually every week, so be sure to read through to find the updates your distributor have made available.

LinuxSecurity.com Feature Extras:

Peter Smith Releases Linux Network Security Online - Thanks so much to Peter Smith for announcing on linuxsecurity.com the release of his Linux Network Security book available free online. "In 2005 I wrote a book on Linux security. 8 years later and the publisher has gone out of business. Now that I'm free from restrictions on reproducing material from the book, I have decided to make the entire book available online."

Securing a Linux Web Server - With the significant prevalence of Linux web servers globally, security is often touted as a strength of the platform for such a purpose. However, a Linux based web server is only as secure as its configuration and very often many are quite vulnerable to compromise. While specific configurations vary wildly due to environments or specific use, there are various general steps that can be taken to insure basic security considerations are in place.

  (Dec 11)
 

Security Report Summary
  (Dec 11)
 

Security Report Summary
  (Dec 11)
 

Security Report Summary
  (Dec 10)
 

Security Report Summary
  (Dec 10)
 

Security Report Summary
  (Dec 8)
 

Security Report Summary
  (Dec 8)
 

Security Report Summary
  (Dec 7)
 

Security Report Summary
  (Dec 7)
 

Security Report Summary
  (Dec 4)
 

Security Report Summary
  (Dec 4)
 

Security Report Summary
  (Dec 4)
 

Security Report Summary
  (Dec 4)
 

Security Report Summary
  (Dec 11)
 

Multiple vulnerabilities have been found in AMD64 x86 emulation base libraries, the worst of which may allow remote execution of arbitrary code.
  (Dec 11)
 

This GLSA contains notification of vulnerabilities found in several Gentoo packages which have been fixed prior to January 1, 2013. The worst of these vulnerabilities could lead to local privilege escalation and remote code execution. Please see the package list and CVE [More...]
  (Dec 11)
 

This GLSA contains notification of vulnerabilities found in several Gentoo packages which have been fixed prior to January 1, 2012. The worst of these vulnerabilities could lead to local privilege escalation and remote code execution. Please see the package list and CVE [More...]
  (Dec 11)
 

This GLSA contains notification of vulnerabilities found in several Gentoo packages which have been fixed prior to January 1, 2011. The worst of these vulnerabilities could lead to local privilege escalation and remote code execution. Please see the package list and CVE [More...]
  (Dec 11)
 

Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code.
  (Dec 11)
 

A vulnerability in libxml2 could result in Denial of Service.
  (Dec 11)
 

A vulnerability in Clam AntiVirus can lead to a Denial of Service condition.
  (Dec 8)
 

Multiple vulnerabilities have been found in libvirt, worst of which allows context-dependent attackers to escalate privileges.
  (Dec 8)
 

A vulnerability in Dovecot could allow a remote attacker to create a Denial of Service condition.
  (Dec 8)
 

A vulnerability in nfs-utils might allow remote attackers to gain access to restricted information.
  (Dec 8)
 

Multiple vulnerabilities have been found in QEMU, the worst of which allows context dependent attackers to cause Denial of Service.
  Red Hat: 2014:1985-01: bind97: Important Advisory (Dec 11)
 

Updated bind97 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security [More...]
  Red Hat: 2014:1984-01: bind: Important Advisory (Dec 11)
 

Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security [More...]
  Red Hat: 2014:1983-01: xorg-x11-server: Important Advisory (Dec 11)
 

Updated xorg-x11-server packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security [More...]
  Red Hat: 2014:1982-01: xorg-x11-server: Important Advisory (Dec 11)
 

Updated xorg-x11-server packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security [More...]
  Red Hat: 2014:1981-01: flash-plugin: Critical Advisory (Dec 10)
 

An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security [More...]
  Red Hat: 2014:1975-01: rpm: Important Advisory (Dec 9)
 

Updated rpm packages that fix one security issue are now available Red Hat Enterprise Linux 5.6 Long Life, Red Hat Enterprise Linux 5.9 Extended Update Support, Red Hat Enterprise Linux 6.2 Advanced Update Support, and Red Hat Enterprise Linux 6.4 Extended Update Support, Red Hat Enterprise [More...]
  Red Hat: 2014:1976-01: rpm: Important Advisory (Dec 9)
 

Updated rpm packages that fix two security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security [More...]
  Red Hat: 2014:1972-01: httpd24-httpd: Low Advisory (Dec 9)
 

Updated httpd24-httpd packages that fix two security issues and one bug are now available for Red Hat Software Collections 1. Red Hat Product Security has rated this update as having Low security [More...]
  Red Hat: 2014:1974-01: rpm: Important Advisory (Dec 9)
 

Updated rpm packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. Red Hat Product Security has rated this update as having Important security [More...]
  Red Hat: 2014:1971-01: kernel: Important Advisory (Dec 9)
 

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security [More...]
  Red Hat: 2014:1959-01: kernel: Moderate Advisory (Dec 4)
 

Updated kernel packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security [More...]
  (Dec 11)
 

New openvpn packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue. [More Info...]
  (Dec 11)
 

New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. [More Info...]
  (Dec 11)
 

New openssh packages are available for Slackware 14.0, 14.1, and -current. [More Info...]
  (Dec 11)
 

New wpa_supplicant packages are available for Slackware 13.37, 14.0, 14.1, and -current to fix security issues. [More Info...]
  (Dec 11)
 

New pidgin packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current. [More Info...]
  (Dec 11)
 

New seamonkey packages are available for Slackware 14.0, 14.1, and -current to fix security issues. [More Info...]
  (Dec 11)
 

New mozilla-firefox packages are available for Slackware 14.1 to fix security issues. [More Info...]
  Ubuntu: 2448-1: Linux kernel vulnerabilities (Dec 12)
 

Several security issues were fixed in the kernel.
  Ubuntu: 2442-1: Linux kernel (EC2) vulnerabilities (Dec 12)
 

Several security issues were fixed in the kernel.
  Ubuntu: 2444-1: Linux kernel (OMAP4) vulnerabilities (Dec 12)
 

Several security issues were fixed in the kernel.
  Ubuntu: 2446-1: Linux kernel vulnerabilities (Dec 12)
 

Several security issues were fixed in the kernel.
  Ubuntu: 2447-1: Linux kernel (Utopic HWE) vulnerabilities (Dec 12)
 

Several security issues were fixed in the kernel.
  Ubuntu: 2441-1: Linux kernel vulnerabilities (Dec 12)
 

Several security issues were fixed in the kernel.
  Ubuntu: 2443-1: Linux kernel vulnerabilities (Dec 12)
 

Several security issues were fixed in the kernel.
  Ubuntu: 2445-1: Linux kernel (Trusty HWE) vulnerabilities (Dec 12)
 

Several security issues were fixed in the kernel.
  Ubuntu: 2439-1: QEMU vulnerabilities (Dec 11)
 

Several security issues were fixed in QEMU.
  Ubuntu: 2438-1: NVIDIA graphics drivers vulnerabilities (Dec 10)
 

Several security issues were fixed in the NVIDIA graphics drivers.
  Ubuntu: 2436-2: X.Org X server vulnerabilities (Dec 9)
 

USN-2436-1 contained incomplete fixes for the X.Org X server.
  Ubuntu: 2437-1: Bind vulnerability (Dec 9)
 

Bind could be made to crash if it received specially crafted networktraffic.
  Ubuntu: 2436-1: X.Org X server vulnerabilities (Dec 9)
 

Several security issues were fixed in the X.Org X server.
  Ubuntu: 2434-2: Ghostscript vulnerability (Dec 8)
 

Ghostscript could be made to crash or run programs as your login if itopened a specially crafted file.
  Ubuntu: 2434-1: JasPer vulnerability (Dec 8)
 

JasPer could be made to crash or run programs as your login if it opened aspecially crafted file.
  Ubuntu: 2431-2: MAAS regression (Dec 4)
 

USN-2431-1 caused a regression in the MAAS package.
  Ubuntu: 2433-1: tcpdump vulnerabilities (Dec 4)
 

Several security issues were fixed in tcpdump.