Thank you for reading the Linux Advisory Watch Security Newsletter. The purpose of this document is to provide our readers with a quick summary of each week's vendor security bulletins and pointers on methods to improve the security posture of your open source system. Vulnerabilities affect nearly every vendor virtually every week, so be sure to read through to find the updates your distributor have made available.

LinuxSecurity.com Feature Extras:

Demystifying the Chinese Hacking Industry: Earning 6 Million a Night - An Interview with a Member of the Chown Group (COG) about the billion dollar hacking business in China

Free Online security course (LearnSIA) - A Call for Help - The Survivability and Information Assurance (SIA) course was originally developed by a team at Carnegie Mellon, led by Lawrence Rogers (/about/divisions/cert/index.cfm). Back in 2010, I requested a license to continue the development of the course because it provides useful information on Information Assurance. Also, this course will always be freely available for anyone to use in the classroom or self-study. There are three parts to the LearnSIA curriculum.

(Nov 16)

It was discovered that BIND, a DNS server, crashes while processing certain sequences of recursive DNS queries, leading to a denial of service. Authoritative-only server configurations are not affected by this issue. [More...]
(Nov 16)

The ProFTPD security update, DSA-2346-1, introduced a regression, preventing successful TLS connections. This regression does not affected the stable distribution (squeeze), nor the testing and unstable distributions. [More...]
(Nov 15)

Several vulnerabilities were discovered in ProFTPD, an FTP server: ProFTPD incorrectly uses data from an unencrypted input buffer after encryption has been enabled with STARTTLS, an issue [More...]
(Nov 11)

Several vulnerabilities have been discovered in Icedove, a mail client based on Thunderbird. CVE-2011-3647 [More...]
(Nov 11)

It was discovered that the Piston framework can deserializes untrusted YAML and Pickle data, leading to remote code execution. (CVE-2011-4103) The old stable distribution (lenny) does not contain a [More...]
(Nov 11)

Multiple vulnerabilities were found in OpenTTD which could lead toexecution of arbitrary code, a Denial of Service, or privilegeescalation.
(Nov 11)

phpDocumentor bundles Smarty which contains an input sanitation flaw,allowing attackers to call arbitrary PHP functions.
Mandriva: 2011:176-1: bind (Nov 17)

A vulnerability was discovered and corrected in bind: Cache lookup could return RRSIG data associated with nonexistent records, leading to an assertion failure. [ISC RT #26590] (CVE-2011-4313). [More...]
Mandriva: 2011:176: bind (Nov 16)

A vulnerability was discovered and corrected in bind: Cache lookup could return RRSIG data associated with nonexistent records, leading to an assertion failure. [ISC RT #26590] (CVE-2011-4313). [More...]
Mandriva: 2011:175: poppler (Nov 15)

Multiple security vulnerabilities has been discovered and corrected in poppler: An out-of-bounds reading flaw in the JBIG2 decoder allows remote attackers to cause a denial of service (crash) via a crafted PDF file [More...]
Mandriva: 2011:174: graphite2 (Nov 14)

Unspecified vulnerabilities were discovered in graphite2 conserning specially crafted TTF fonts and which has unknown impact. As a preemptive measure the new 1.0.3 version is being provided where this is fixed. [More...] _______________________________________________________________________
Mandriva: 2011:172: libreoffice (Nov 11)

Multiple vulnerabilies has been discovered and corrected in libreoffice: Stack-based buffer overflow in the Lotus Word Pro import filter in LibreOffice before 3.3.3 allows remote attackers to execute arbitrary [More...]
Mandriva: 2011:171: networkmanager (Nov 11)

Security issues were identified and fixed in networkmanager: GNOME NetworkManager before 0.8.6 does not properly enforce the auth_admin element in PolicyKit, which allows local users to bypass intended wireless network sharing restrictions via unspecified vectors [More...]
Mandriva: 2011:170: java-1.6.0-openjdk (Nov 11)

Security issues were identified and fixed in openjdk (icedtea6) and icedtea-web: IcedTea6 prior to 1.10.4 allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality [More...]
Red Hat: 2011:1458-01: bind: Important Advisory (Nov 17)

Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having [More...]
Red Hat: 2011:1459-01: bind97: Important Advisory (Nov 17)

Updated bind97 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having [More...]
Red Hat: 2011:1455-01: freetype: Important Advisory (Nov 16)

Updated freetype packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having [More...]
Red Hat: 2011:1445-01: flash-plugin: Critical Advisory (Nov 11)

An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical [More...]
Ubuntu: 1267-1: FreeType vulnerabilities (Nov 18)

FreeType could be made to crash or run programs as your login if itopened a specially crafted font file.
Ubuntu: 1266-1: OpenLDAP vulnerability (Nov 17)

An OpenLDAP server could potentially be made to crash if it receivedspecially crafted network traffic from an authenticated user.
Ubuntu: 1263-1: IcedTea-Web, OpenJDK 6 vulnerabilities (Nov 16)

Multiple OpenJDK 6 and IcedTea-Web vulnerabilities have been fixed.
Ubuntu: 1262-1: Light Display Manager vulnerabilities (Nov 15)

Several security issues were fixed in Light Display Manager.
Ubuntu: 1261-1: Quagga vulnerabilities (Nov 15)

Quagga could be made to crash or run programs if it received speciallycrafted network traffic.
Ubuntu: 1260-1: Linux kernel (OMAP4) vulnerability (Nov 14)

A security issue was fixed in the kernel.
Ubuntu: 1251-1: Firefox and Xulrunner vulnerabilities (Nov 10)

Multiple vulnerabilities have been fixed in Firefox and Xulrunner.
Ubuntu: 1258-1: ClamAV vulnerability (Nov 10)

ClamAV could be made to crash or run programs as your login if it opened aspecially crafted file.
Ubuntu: 1257-1: radvd vulnerabilities (Nov 10)

radvd could be made to crash or overwrite certain files if it receivedspecially crafted network traffic.