Linux Advisory Watch - November 2nd 2007

Linux Advisory Watch - November 2nd 2007
Linux Advisory Watch - November 2nd 2007

|                                    Weekly Newsletter |
| November 2nd, 2007                                 Volume 8, Number 44 |
|                                                                        |
| Editorial Team: Dave Wreski  | 
| Benjamin D. Thomas  | 

Thank you for reading the weekly security newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's most relevant Linux security headlines.

This week advisories were releaed for dhcp, iceweasel, xen-utils, Opera,
sylpheed, qt, the Linux kernel, firefox, libpng, and cups.  The distributors
include Debian, Gentoo, Mandriva, Red Hat, Slackware, and Ubuntu.


>> Linux+DVD Magazine <<

Our magazine is read by professional network and database administrators,
system programmers, webmasters and all those who believe in the power of
Open Source software. The majority of our readers is between 15 and 40
years old. They are interested in current news from the Linux world,
upcoming projects etc.

In each issue you can find information concerning typical use of Linux:
safety, databases, multimedia, scientific tools, entertainment,
programming, e-mail, news and desktop environments. 


Review: Linux Firewalls
Security is at the forefront of everyone's mind and a firewall can be an
integral part of your Linux defense. But is Michael's Rash's "Linux
Firewalls," the newest release from NoStarchPress, up for the challenge?
Eckie S. here at gives you the low-down on this newest
addition to the Linux security resource library and how it's one of the
best ways to crack down on attacks to your Linux network. 


State of Linux Security Survey
It is customary for communities of every sphere to stand up occasionally,
and take a good, long look at what.s going on in the world around them.
For us here at, we felt it was a great opportunity to
put it all together.

Since 1996, has been bringing open source news,
HOW-TOs, Feature stories and more to the open source community with
comprehensive coverage.  As one of the veterans in this area, we.d like
to see you chime in.  With so much going on in Linux and security, what
does the community really care about? 

-->  Take advantage of the Quick Reference Card!  <--
--> <-- 


* EnGarde Secure Community v3.0.17 Now Available (Oct 9)
  Guardian Digital is happy to announce the release of EnGarde Secure
  Community 3.0.17 (Version 3.0, Release 17).  This release includes many
  updated packages and bug fixes, some feature enhancements to Guardian
  Digital WebTool and the SELinux policy, and a few new features.

  In distribution since 2001, EnGarde Secure Community was one of the
  very first security platforms developed entirely from open source, and
  has been engineered from the ground-up to provide users and
  organizations with complete, secure Web functionality, DNS, database,
  e-mail security and even e-commerce. 


* Debian: New dhcp packages fix arbitrary code execution (Oct 29)
  The patch used to correct the DHCP server buffer overflow in DSA-1388-1
  was incomplete and did not adequately resolve the problem.  This update
  to the previous advisory makes available updated packages based on a
  newer version of the patch. 

* Debian: New iceweasel packages fix several vulnerabilities (Oct 27)
  Several remote vulnerabilities have been discovered in the Iceweasel
  web browser, an unbranded version of the Firefox browser.  Michal
  Zalewski discovered that the unload event handler had access to the
  address of the next page to be loaded, which could allow information
  disclosure or spoofing. 

* Debian: New xen-utils packages fix file truncation (Oct 25)
  Steve Kemp from the Debian Security Audit project discovered that
  xen-utils, a collection of XEN administrative tools, used temporary
  files insecurely within the xenmon tool allowing local users to
  truncate arbitrary files. 


* Gentoo: Opera Multiple vulnerabilities (Oct 30)
  Opera contains multiple vulnerabilities, which may allow the execution
  of arbitrary code. 

* Gentoo: Sylpheed, Claws Mail User-assisted remote (Oct 25)
  A format string error has been discovered in Sylpheed and Claws Mail,
  potentially leading to the remote execution of arbitrary code. 

* Gentoo: Qt Buffer overflow (Oct 25)
  An off-by-one vulnerability has been discovered in Qt, possibly
  resulting in the execution of arbitrary code. 


* Mandriva: Updated xen packages fix multiple vulnerabilities (Nov 1)
  Tavis Ormandy discovered a heap overflow flaw during video-to-video
  copy operations in the Cirrus VGA extension code that is used in Xen. A
  malicious local administrator of a guest domain could potentially
  trigger this flaw and execute arbitrary code outside of the domain


* RedHat: Important: kernel security update (Nov 1)
  Updated kernel packages that fix various security issues in the Red Hat
  Enterprise Linux 4 kernel are now available. A flaw was found in the
  aacraid SCSI driver. This allowed a local user to make ioctl calls to
  the driver that should be restricted to privileged users. This update
  has been rated as having important security impact by the Red Hat
  Security Response Team. 

* RedHat: Important: cups security and bug fix update (Oct 31)
  A flaw was found in the way CUPS handles certain Internet Printing
  Protocol (IPP) tags. A remote attacker who is able to connect to the
  IPP TCP port could send a malicious request causing the CUPS daemon to
  crash, or potentially execute arbitrary code. Please note that the
  default CUPS configuration does not allow remote hosts to connect to
  the IPP TCP port. This update has been rated as having important
  security impact by the Red Hat Security Response Team. 

* RedHat: Moderate: httpd security update (Oct 25)
  Updated httpd packages that fix two security issues are now available
  for Red Hat Application Stack. A flaw was found in the Apache HTTP
  Server mod_proxy module. On sites where a reverse proxy is configured,
  a remote attacker could send a carefully crafted request that would
  cause the Apache child process handling that request to crash. On sites
  where a forward proxy is configured, an attacker could cause a similar
  crash if a user could be persuaded to visit a malicious site using the
  proxy. This could lead to a denial of service if using a threaded
  Multi-Processing Module. This update has been rated as having moderate
  security impact by the Red Hat Security Response Team. 

* RedHat: Moderate: php security update (Oct 25)
  Updated PHP packages that fix several security issues are now available
  for Red Hat Application Stack. Various integer overflow flaws were
  found in the PHP gd extension. A script that could be forced to resize
  images from an untrusted source could possibly allow a remote attacker
  to execute arbitrary code as the apache user. This update has been
  rated as having moderate security impact by the Red Hat Security
  Response Team. 


* Slackware:   firefox, seamonkey (Oct 25)
  New mozilla-firefox packages are available for Slackware 10.2, 11.0,
  12.0, and -current to fix security issues.  New seamonkey updates are
  available for Slackware 11.0, 12.0, and -current to address similar


* Ubuntu:  libpng vulnerabilities (Oct 25)
  It was discovered that libpng did not properly perform bounds checking
  and comparisons in certain operations. An attacker could send a
  specially crafted PNG image and cause a denial of service in
  applications linked against libpng. 
Distributed by: Guardian Digital, Inc.      

To unsubscribe email 
         with "unsubscribe" in the subject of the message.

CSI 2007 is the only conference that delivers a business-focused
overview of enterprise security. It will convene 1,500+ delegates,
80 exhibitors and features 100+ sessions/seminars providing a
roadmap for integrating policies and procedures with new tools
and techniques.  Register now for savings on conference fees   
and/or free exhibits admission. - 

Site design & layout copyright © 1986-2014 CodeGods