Thank you for reading the Linux Advisory Watch Security Newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's vendor security bulletins and pointers on
methods to improve the security posture of your open source system.
Vulnerabilities affect nearly every vendor virtually every week, so
be sure to read through to find the updates your distributor have
made available.
|
(Dec 9) |
|
Christoph Biedl discovered two denial of service vulnerabilities in munin, a network-wide graphing framework. The Common Vulnerabilities and Exposures project identifies the following problems: [More...]
|
|
(Dec 9) |
|
A denial of service vulnerability was reported in varnish, a state of the art, high-performance web accelerator. With some configurations of varnish a remote attacker could mount a denial of service (child-process crash and temporary caching outage) via a GET request with trailing [More...]
|
|
(Dec 9) |
|
Murray McAllister discovered multiple integer and buffer overflows in the XWD plugin in Gimp, which can result in the execution of arbitrary code. For the oldstable distribution (squeeze), these problems have been fixed [More...]
|
|
(Dec 9) |
|
Two security issues were found in Samba, a SMB/CIFS file, print, and login server: CVE-2013-4408 [More...]
|
|
(Dec 7) |
|
Several vulnerabilities have been discovered in the chromium web browser. CVE-2013-6634 [More...]
|
|
|
|
(Dec 10) |
|
An integer overflow vulnerability in WebP could lead to arbitrary code execution or Denial of Service.
|
|
(Dec 9) |
|
Multiple vulnerabilities have been found in OpenEXR, allowing remote attackers to execute arbitrary code or cause a Denial of Service condition.
|
|
(Dec 9) |
|
A vulnerability in Festival could result in arbitrary code execution, and privilege escalation.
|
|
(Dec 6) |
|
Multiple vulnerabilities have been found in SWI-Prolog which allow attackers to execute arbitrary code or cause a Denial of Service condition.
|
|
|
|
Red Hat: 2013:1826-01: php: Critical Advisory (Dec 11) |
|
Updated php packages that fix one security issue are now available for Red Hat Enterprise Linux 3 and 4 Extended Life Cycle Support. The Red Hat Security Response Team has rated this update as having critical [More...]
|
|
Red Hat: 2013:1825-01: php53: Critical Advisory (Dec 11) |
|
Updated php53 packages that fix one security issue are now available for Red Hat Enterprise Linux 5.6 and 5.9 Extended Update Support. The Red Hat Security Response Team has rated this update as having critical [More...]
|
|
Red Hat: 2013:1824-01: php: Critical Advisory (Dec 11) |
|
Updated php packages that fix one security issue are now available for Red Hat Enterprise Linux 5.3 Long Life, and Red Hat Enterprise Linux 5.6, 5.9, 6.2, 6.3, and 6.4 Extended Update Support. [More...]
|
|
Red Hat: 2013:1823-01: thunderbird: Important Advisory (Dec 11) |
|
An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having [More...]
|
|
Red Hat: 2013:1818-01: flash-plugin: Critical Advisory (Dec 11) |
|
An updated Adobe Flash Player package that fixes two security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical [More...]
|
|
Red Hat: 2013:1814-01: php: Critical Advisory (Dec 11) |
|
Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having critical [More...]
|
|
Red Hat: 2013:1812-01: firefox: Critical Advisory (Dec 11) |
|
Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical [More...]
|
|
Red Hat: 2013:1813-01: php53 and php: Critical Advisory (Dec 11) |
|
Updated php53 and php packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having critical [More...]
|
|
Red Hat: 2013:1806-01: samba and samba3x: Important Advisory (Dec 9) |
|
Updated samba3x and samba packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having [More...]
|
|
Red Hat: 2013:1804-01: libjpeg: Moderate Advisory (Dec 9) |
|
An updated libjpeg package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate [More...]
|
|
Red Hat: 2013:1803-01: libjpeg-turbo: Moderate Advisory (Dec 9) |
|
Updated libjpeg-turbo packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate [More...]
|
|
Red Hat: 2013:1805-01: samba4: Important Advisory (Dec 9) |
|
Updated samba4 packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having [More...]
|
|
Red Hat: 2013:1791-01: nss and nspr: Important Advisory (Dec 5) |
|
Updated nss and nspr packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 5. [More...]
|
|
Red Hat: 2013:1790-01: kernel: Moderate Advisory (Dec 5) |
|
Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate [More...]
|
|
Red Hat: 2013:1783-01: kernel: Important Advisory (Dec 5) |
|
Updated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 6.3 Extended Update Support. The Red Hat Security Response Team has rated this update as having [More...]
|
|
|
|
(Dec 6) |
|
New mozilla-thunderbird packages are available for Slackware 13.37, 14.0, 14.1, and -current to fix security issues. [More Info...]
|
|
(Dec 6) |
|
New mozilla-nss packages are available for Slackware 14.0, 14.1, and -current to fix security issues. [More Info...]
|
|
(Dec 6) |
|
New seamonkey packages are available for Slackware 14.0, 14.1, and -current to fix security issues. [More Info...]
|
|
(Dec 6) |
|
New hplip packages are available for Slackware 14.0 to fix a security issue. [More Info...]
|
|
|
|
Ubuntu: 2053-1: Thunderbird vulnerabilities (Dec 11) |
|
Several security issues were fixed in Thunderbird.
|
|
Ubuntu: 2054-1: Samba vulnerabilities (Dec 11) |
|
Several security issues were fixed in Samba.
|
|
Ubuntu: 2051-1: GIMP vulnerability (Dec 9) |
|
GIMP could be made to crash or run programs as your login if itopened a specially crafted file.
|
|
Ubuntu: 2050-1: Linux kernel (OMAP4) vulnerabilities (Dec 7) |
|
Several security issues were fixed in the kernel.
|
|
Ubuntu: 2049-1: Linux kernel vulnerabilities (Dec 7) |
|
Several security issues were fixed in the kernel.
|
|
Ubuntu: 2048-2: curl regression (Dec 6) |
|
USN-2048-1 introduced a regression in curl.
|
|
Ubuntu: 2048-1: curl vulnerability (Dec 5) |
|
Fraudulent security certificates could allow sensitive information tobe exposed when accessing the Internet.
|
