http://www.linuxsecurity.com/ The central voice for Linux and Open Source security news. en-us generate-advisory-rss.pl (1.01) http://www.linuxsecurity.com/content/view/116271?rdf (Sep 9) With few junk e-mail filters supporting a protocol for verifying the source address of digital messages, spammers have adopted it themselves as a way to appear more legitimate, according to a report released on Wednesday. . . . ... http://www.linuxsecurity.com/content/view/116271?rdf Robert Lemos, CNET News.com http://www.linuxsecurity.com/content/view/136167?rdf (Apr 15) "The Book of Wireless" by John Ross is an answer to the problem of learning about wireless networking. With the wide spread use of Wireless networks today anyone with a computer should at least know the basics of wireless. Also, with the wireless ne ... http://www.linuxsecurity.com/content/view/136167?rdf LinuxSecurity.com http://www.linuxsecurity.com/content/view/136590?rdf (Apr 29) Fix possible authentication bypass in authldap authentication module when dbmail is used with LDAP servers allowing anonymous logins - CVE-2007-6714 (#443019). http://www.linuxsecurity.com/content/view/136590?rdf LinuxSecurity.com http://www.linuxsecurity.com/content/view/136565?rdf (Apr 29) This updates contains security fixes: http://wordpress.org/development/2008/04/wordpress-251/ http://www.linuxsecurity.com/content/view/136565?rdf LinuxSecurity.com http://www.linuxsecurity.com/content/view/135013?rdf (Feb 28) Several flaws were found in the way Thunderbird processed certain malformed HTML mail content. http://www.linuxsecurity.com/content/view/135013?rdf LinuxSecurity.com http://www.linuxsecurity.com/content/view/135005?rdf (Feb 28) This is a major upgrade of setroubleshoot. The primary difference is how audit data is captured, analyzed, and stored. Security vulnerabilities, performance, usability, and robustness have been addressed in addition to general bug fixes. http://www.linuxsecurity.com/content/view/135005?rdf LinuxSecurity.com http://www.linuxsecurity.com/content/view/135004?rdf (Feb 28) This is a major upgrade of setroubleshoot. The primary difference is how audit data is captured, analyzed, and stored. Security vulnerabilities, performance, usability, and robustness have been addressed in addition to general bug fixes. http://www.linuxsecurity.com/content/view/135004?rdf LinuxSecurity.com http://www.linuxsecurity.com/content/view/134979?rdf (Feb 28) This update fixes CVE-2008-0595. http://www.linuxsecurity.com/content/view/134979?rdf LinuxSecurity.com http://www.linuxsecurity.com/content/view/134960?rdf (Feb 28) This update fixes CVE-2008-0595. http://www.linuxsecurity.com/content/view/134960?rdf LinuxSecurity.com http://www.linuxsecurity.com/content/view/134235?rdf (Feb 11) Update to Linux kernel 2.6.23.15: Fix vmsplice local root vulnerability: CVE-2008-0009: Fixed by update to 2.6.23.15. CVE-2008-0010: Fixed by update to 2.6.23.15. CVE-2008-0600: Extra fix from upstream applied. Fix memory leak in netlabel code. Work around broken Seagate LBA48 disks. (#429364) Fix futex oops on uniprocessor machine. (#429412) Add support for new Macbook touchpads. (#426574) Fix the initio driver broken in 2.6.23. (#390531) Fix segfaults from using vdso=2. (#427641) FireWire updates, fixing multiple problems. (#429598) ACPI: fix multiple problems with brightness controls (#427518) Fix Megahertz PCMCIA Ethernet adapter (#233255) Fix oops in netfilter. (#430663) ACPI: fix early init of EC (#426480) ALSA: fix audio on some systems with STAC codec (#431360) Atheros L2 fast Ethernet driver (atl2) for ASUS Eeepc. ASUS Eeepc ACPI hotkey driver. Wireless driver updates from upstream. http://www.linuxsecurity.com/content/view/134235?rdf LinuxSecurity.com http://www.linuxsecurity.com/content/view/134234?rdf (Feb 11) Update to Linux kernel 2.6.23.15: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.23.15 Fix vmsplice local root vulnerability: CVE-2008-0009: Fixed by update to 2.6.23.15. CVE-2008-0010: Fixed by update to 2.6.23.15. CVE-2008-0600: Extra fix from upstream applied. Fix memory leak in netlabel code (#352281) Autoload the Dell dcdbas driver like in F8 (#326041) Work around broken Seagate LBA48 disks. (F8#429364) Fix futex oops on uniprocessor machine. (F8#429412) Add support for new Macbook touchpads. (F8#426574) Fix the initio driver broken in 2.6.23. (F8#390531) Fix segfaults from using vdso=2. (F8#427641) FireWire updates, fixing multiple problems. ACPI: fix multiple problems with brightness controls (F8#427518) Wireless driver updates from upstream. http://www.linuxsecurity.com/content/view/134234?rdf LinuxSecurity.com http://www.linuxsecurity.com/content/view/134096?rdf (Feb 7) Fixed security issue - buffer overflow in gif parsing. http://www.linuxsecurity.com/content/view/134096?rdf LinuxSecurity.com