AOH :: ISNQ5330.HTM
Linux Advisory Watch - August 21st 2009
|
Linux Advisory Watch - August 21st 2009
Linux Advisory Watch - August 21st 2009
+----------------------------------------------------------------------+
| LinuxSecurity.com Weekly Newsletter |
| August 21st, 2009 Volume 10, Number 34 |
| |
| Editorial Team: Dave Wreski |
| Benjamin D. Thomas |
+----------------------------------------------------------------------+
Thank you for reading the LinuxSecurity.com weekly security newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's most relevant Linux security headlines.
This week, advisories were released for pidin, curl, kde4libs,
kdegraphics, zope, libxml, kernel, squid, mingw32, thunderbird,
wordpress-mu, dhcp, dillo, CDF, iptables, perl, wget, kernel, wxgtk,
memcached, samba, libvorbis, and apache. This the distributors include
Debian, Fedora, Gentoo, Mandriva, Red Hat, Slackware, SuSE, and Ubuntu.
---
>> Linux+DVD Magazine <<
In each issue you can find information concerning the best use of Linux:
safety, databases, multimedia, scientific tools, entertainment,
programming, e-mail, news and desktop environments.
Catch up with what professional network and database administrators,
system programmers, webmasters and all those who believe in the power of
Open Source software are doing!
http://www.linuxsecurity.com/ads/adclick.php?bannerid=26
---
Review: Googling Security: How Much Does Google Know About You
--------------------------------------------------------------
If I ask "How much do you know about Google?" You may not take even a
second to respond. But if I may ask "How much does Google know about
you"? You may instantly reply "Wait... what!? Do they!?" The book
"Googling Security: How Much Does Google Know About You" by Greg Conti
(Computer Science Professor at West Point) is the first book to reveal
how Google's vast information stockpiles could be used against you or
your business and what you can do to protect yourself.
http://www.linuxsecurity.com/content/view/145939
---
A Secure Nagios Server
----------------------
Nagios is a monitoring software designed to let you know about problems
on your hosts and networks quickly. You can configure it to be used on
any network. Setting up a Nagios server on any Linux distribution is a
very quick process however to make it a secure setup it takes some
work. This article will not show you how to install Nagios since there
are tons of them out there but it will show you in detail ways to
improve your Nagios security.
http://www.linuxsecurity.com/content/view/144088
--> Take advantage of the LinuxSecurity.com Quick Reference Card! <--
--> http://www.linuxsecurity.com/docs/QuickRefCard.pdf <--
------------------------------------------------------------------------
* EnGarde Secure Community 3.0.22 Now Available! (Dec 9)
------------------------------------------------------
Guardian Digital is happy to announce the release of EnGarde Secure
Community 3.0.22 (Version 3.0, Release 22). This release includes
many updated packages and bug fixes and some feature enhancements to
the EnGarde Secure Linux Installer and the SELinux policy.
http://www.linuxsecurity.com/content/view/145668
------------------------------------------------------------------------
* Debian: New pidgin packages fix arbitrary code execution (Aug 19)
-----------------------------------------------------------------
http://www.linuxsecurity.com/content/view/149810
* Debian: New curl packages fix SSL certificate verification weakness (Aug 19)
----------------------------------------------------------------------------
http://www.linuxsecurity.com/content/view/149808
* Debian: New kde4libs packages fix several vulnerabilities (Aug 19)
------------------------------------------------------------------
http://www.linuxsecurity.com/content/view/149801
* Debian: New kdegraphics packages fix several vulnerabilities (Aug 19)
---------------------------------------------------------------------
http://www.linuxsecurity.com/content/view/149800
* Debian: New kdelibs packages fix several vulnerabilities (Aug 19)
-----------------------------------------------------------------
http://www.linuxsecurity.com/content/view/149799
* Debian: New Linux 2.6.18 packages fix several vulnerabilities (Aug 16)
----------------------------------------------------------------------
http://www.linuxsecurity.com/content/view/149775
* Debian: New Linux 2.6.24 packages fix privilege escalation (Aug 16)
-------------------------------------------------------------------
http://www.linuxsecurity.com/content/view/149774
* Debian: New zope2.10/zope2.9 packages fix arbitrary code execution (Aug 15)
---------------------------------------------------------------------------
http://www.linuxsecurity.com/content/view/149770
* Debian: New Linux 2.6.26 packages fix privilege escalation (Aug 14)
-------------------------------------------------------------------
http://www.linuxsecurity.com/content/view/149762
* Debian: New libxml packages fix several issues (Aug 13)
-------------------------------------------------------
http://www.linuxsecurity.com/content/view/149756
------------------------------------------------------------------------
* Fedora 11 Update: kernel-2.6.29.6-217.2.8.fc11 (Aug 17)
-------------------------------------------------------
Fix oops in clock_nanosleep syscall which allows an ordinary user to
cause a null ptr dereference in the kernel. CVE-2009-2767. Fixes
BUG_ON() in the intel gem page fault code breaking GNOME Shell.
http://www.linuxsecurity.com/content/view/149783
* Fedora 10 Update: squid-3.0.STABLE18-1.fc10 (Aug 17)
----------------------------------------------------
Fixes several denial of service issues which could allow an attacker
to stop the Squid service. CVE-2009-2621, CVE-2009-2622
http://www.linuxsecurity.com/content/view/149782
* Fedora 11 Update: squid-3.0.STABLE18-1.fc11 (Aug 17)
----------------------------------------------------
Fixes several denial of service issues which could allow an attacker
to stop the Squid service. CVE-2009-2621, CVE-2009-2622
http://www.linuxsecurity.com/content/view/149781
* Fedora 10 Update: kernel-2.6.27.29-170.2.79.fc10 (Aug 15)
---------------------------------------------------------
Fix sock_sendpage null pointer dereference. CVE-2009-2692.
http://www.linuxsecurity.com/content/view/149772
* Fedora 11 Update: kernel-2.6.29.6-217.2.7.fc11 (Aug 15)
-------------------------------------------------------
Fix sock_sendpage null pointer dereference. CVE-2009-2692.
http://www.linuxsecurity.com/content/view/149773
* Fedora 10 Update: libxml-1.8.17-24.fc10 (Aug 15)
------------------------------------------------
This update includes patches from RHEL-3 addressing a number of
security vulnerabilities: - CVE-2004-0110 (arbitrary code
execution via a long URL) - CVE-2004-0989 (arbitrary code execution
via a long URL) - CVE-2009-2414 (stack consumption DoS
vulnerabilities) - CVE-2009-2416 (use-after-free DoS
vulnerabilities)
http://www.linuxsecurity.com/content/view/149769
* Fedora 11 Update: mingw32-libxml2-2.7.3-2.fc11 (Aug 15)
-------------------------------------------------------
two patches for parsing problems raised by Ficora
http://www.linuxsecurity.com/content/view/149767
* Fedora 11 Update: libxml-1.8.17-24.fc11 (Aug 15)
------------------------------------------------
This update includes patches from RHEL-3 addressing a number of
security vulnerabilities: - CVE-2004-0110 (arbitrary code
execution via a long URL) - CVE-2004-0989 (arbitrary code execution
via a long URL) - CVE-2009-2414 (stack consumption DoS
vulnerabilities) - CVE-2009-2416 (use-after-free DoS
vulnerabilities)
http://www.linuxsecurity.com/content/view/149768
* Fedora 11 Update: thunderbird-3.0-2.6.b3.fc11 (Aug 15)
------------------------------------------------------
Update to upstream version 3.0 Beta3. It includes security fixes
recently fixed in stable Thunderbird 2.x and Firefox/Gecko security
fixes:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.h
tml
http://www.mozilla.org/security/known-vulnerabilities/firefox30.html
http://www.linuxsecurity.com/content/view/149765
* Fedora 10 Update: wordpress-mu-2.8.4a-1.fc10 (Aug 15)
-----------------------------------------------------
Update spans MU-versions for the following security releases from
upstream:
http://wordpress.org/development/2009/08/2-8-4-security-release/
http://wordpress.org/development/2009/08/wordpress-2-8-3-security-rel
ease/ * Backport of XSS fixes from WordPress 2.8.2 * Backport of
security fixes for admin.php?page= bugs (CVE-2009-2334) Backport of
security fixes for admin.php?page= bugs (CVE-2009-2334) Backport of
security fixes for admin.php?page= bugs (CVE-2009-2334)
http://www.linuxsecurity.com/content/view/149766
* Fedora 11 Update: wordpress-mu-2.8.4a-1.fc11 (Aug 15)
-----------------------------------------------------
Update spans MU-versions for the following security releases from
upstream:
http://wordpress.org/development/2009/08/2-8-4-security-release/
http://wordpress.org/development/2009/08/wordpress-2-8-3-security-rel
ease/ * Backport of XSS fixes from WordPress 2.8.2 * Backport of
security fixes for admin.php?page= bugs (CVE-2009-2334) Backport of
security fixes for admin.php?page= bugs (CVE-2009-2334) Backport of
security fixes for admin.php?page= bugs (CVE-2009-2334)
http://www.linuxsecurity.com/content/view/149764
------------------------------------------------------------------------
* Gentoo: ISC DHCP dhcpd Denial of Service (Aug 18)
-------------------------------------------------
======== dhcpd as included in the ISC DHCP
implementation does not properly handle special conditions, leading
to a Denial of Service.
http://www.linuxsecurity.com/content/view/149794
* Gentoo: DokuWiki Local file inclusion (Aug 18)
----------------------------------------------
======== An input sanitation error in DokuWiki might
lead to the dislosure of local files or even the remote execution of
arbitrary code.
http://www.linuxsecurity.com/content/view/149795
* Gentoo: Dillo User-assisted execution of arbitrary code (Aug 18)
----------------------------------------------------------------
======== An integer overflow in the PNG handling of
Dillo might result in the remote execution of arbitrary code.
http://www.linuxsecurity.com/content/view/149796
* Gentoo: Subversion Remote execution of arbitrary code (Aug 18)
--------------------------------------------------------------
======== Multiple integer overflows, leading to
heap-based buffer overflows in the Subversion client and server might
allow remote attackers to execute arbitrary code.
http://www.linuxsecurity.com/content/view/149791
* Gentoo: CDF User-assisted execution of arbitrary code (Aug 18)
--------------------------------------------------------------
======== Multiple heap-based buffer overflows in CDF
might result in the execution of arbitrary code.
http://www.linuxsecurity.com/content/view/149792
* Gentoo: Perl Compress:Raw modules: Denial of Service (Aug 18)
-------------------------------------------------------------
======== An off-by-one error in Compress::Raw::Zlib
and Compress::Raw::Bzip2 might lead to a Denial of Service.
http://www.linuxsecurity.com/content/view/149793
------------------------------------------------------------------------
* Mandriva: Subject: [Security Announce] [ MDVA-2009:153 ] kde4-style-iaora (Aug 20)
----------------------------------------------------------------------------------
Iaora window decoration style has a bug when using compiz, it is
noted when a window is maximised, the decoration goes off. You need
to restore (unmaximize) to have the decorations back. This update
fixes this problem.
http://www.linuxsecurity.com/content/view/149816
* Mandriva: Subject: [Security Announce] [ MDVA-2009:152 ] iptables (Aug 20)
--------------------------------------------------------------------------
This is a version update of iptables 1.4.1.1 to 1.4.2 and is provided
to support all new features of the 2.6.27 kernel.
http://www.linuxsecurity.com/content/view/149813
* Mandriva: Subject: [Security Announce] [ MDVSA-2009:207 ] perl-Compress-Raw-Bzip2 (Aug 19)
------------------------------------------------------------------------------------------
A vulnerability has been found and corrected in
perl-Compress-Raw-Bzip: Off-by-one error in the bzinflate function in
Bzip2.xs in the Compress-Raw-Bzip2 module before 2.018 for Perl
allows context-dependent attackers to cause a denial of service
(application hang or crash) via a crafted bzip2 compressed stream
that triggers a buffer overflow, a related issue to CVE-2009-1391
(CVE-2009-1884). This update provides a solution to this
vulnerability.
http://www.linuxsecurity.com/content/view/149809
* Mandriva: Subject: [Security Announce] [ MDVSA-2009:206 ] wget (Aug 18)
-----------------------------------------------------------------------
A vulnerability has been found and corrected in wget: SUSE discovered
a security issue in wget related to
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2408 This
update provides a solution to this vulnerability.
http://www.linuxsecurity.com/content/view/149797
* Mandriva: Subject: [Security Announce] [ MDVSA-2009:205 ] kernel (Aug 17)
-------------------------------------------------------------------------
A vulnerability was discovered and corrected in the Linux 2.6 kernel:
The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4,
does not initialize all function pointers for socket operations in
proto_ops structures, which allows local users to trigger a NULL
pointer dereference and gain privileges by using mmap to map page
zero, placing arbitrary code on this page, and then invoking an
unavailable operation, as demonstrated by the sendpage operation on a
PF_PPPOX socket. (CVE-2009-2692) To update your kernel, please follow
the directions located at:
http://www.mandriva.com/en/security/kernelupdate
http://www.linuxsecurity.com/content/view/149784
* Mandriva: Subject: [Security Announce] [ MDVSA-2009:204 ] wxgtk (Aug 16)
------------------------------------------------------------------------
A vulnerability has been found and corrected in wxgtk: Integer
overflow in the wxImage::Create function in src/common/image.cpp in
wxWidgets 2.8.10 allows attackers to cause a denial of service
(crash) and possibly execute arbitrary code via a crafted JPEG file,
which triggers a heap-based buffer overflow. NOTE: the provenance of
this information is unknown; the details are obtained solely from
third party information (CVE-2009-2369). This update provides a
solution to this vulnerability.
http://www.linuxsecurity.com/content/view/149776
* Mandriva: Subject: [Security Announce] [ MDVSA-2009:203 ] curl (Aug 15)
-----------------------------------------------------------------------
A vulnerability has been found and corrected in curl: lib/ssluse.c in
cURL and libcurl 7.4 through 7.19.5, when OpenSSL is used, does not
properly handle a '\0' character in a domain name in the subject's
Common Name (CN) field of an X.509 certificate, which allows
man-in-the-middle attackers to spoof arbitrary SSL servers via a
crafted certificate issued by a legitimate Certification Authority, a
related issue to CVE-2009-2408 (CVE-2009-2417). This update provides
a solution to this vulnerability.
http://www.linuxsecurity.com/content/view/149771
* Mandriva: Subject: [Security Announce] [ MDVSA-2009:202 ] memcached (Aug 14)
----------------------------------------------------------------------------
A vulnerability has been found and corrected in memcached: Multiple
integer overflows in memcached 1.1.12 and 1.2.2 allow remote
attackers to execute arbitrary code via vectors involving length
attributes that trigger heap-based buffer overflows (CVE-2009-2415).
This update provides a solution to this vulnerability. Additionally
memcached-1.2.x has been upgraded to 1.2.8 for 2009.0/2009.1 and MES
5 that contains a number of upstream fixes, the repcached patch has
been upgraded to 2.2 as well.
http://www.linuxsecurity.com/content/view/149761
* Mandriva: Subject: [Security Announce] [ MDVA-2009:151 ] samba (Aug 14)
-----------------------------------------------------------------------
This is the last upstream maintenance release of the Samba 3.2
series. Major enhancements in 3.2.14 include: o Fix SAMR access
checks (e.g. bugs #6089 and #6112). o Fix 'force user' (bug #6291).
o Improve Win7 support (bug #6099). o Fix posix ACLs when setting an
ACL without explicit ACE for the owner (bug #2346).
http://www.linuxsecurity.com/content/view/149759
------------------------------------------------------------------------
* RedHat: Critical: pidgin security update (Aug 18)
-------------------------------------------------
Updated pidgin packages that fix a security issue are now available
for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated
as having critical security impact by the Red Hat Security Response
Team.
http://www.linuxsecurity.com/content/view/149789
* RedHat: Important: libvorbis security update (Aug 18)
-----------------------------------------------------
Updated libvorbis packages that fix one security issue are now
available for Red Hat Enterprise Linux 3, 4, and 5. This update has
been rated as having important security impact by the Red Hat
Security Response Team.
http://www.linuxsecurity.com/content/view/149790
* RedHat: Moderate: curl security update (Aug 13)
-----------------------------------------------
Updated curl packages that fix security issues are now available for
Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as
having moderate security impact by the Red Hat Security Response
Team.
http://www.linuxsecurity.com/content/view/149749
* RedHat: Important: kernel security and bug fix update (Aug 13)
--------------------------------------------------------------
Updated kernel packages that fix several security issues and several
bugs are now available for Red Hat Enterprise Linux 4. This update
has been rated as having important security impact by the Red Hat
Security Response Team.
http://www.linuxsecurity.com/content/view/149750
------------------------------------------------------------------------
* Slackware: kernel [updated] (Aug 19)
--------------------------------------
This is a followup to the SSA:2009-230-01 advisory noting some
errata. The generic SMP kernel update for Slackware 12.2 was built
using the .config for a huge kernel, not a generic one. The kernel
previously published as kernel-generic-smp and in the gemsmp.s
directory works and is secure, but is larger than it needs to be. It
has been replaced in the Slackware 12.2 patches with a generic SMP
kernel. A new svgalib_helper package (compiled for a 2.6.27.31
kernel) was added to the Slackware 12.2 /patches. An error was
noticed in the SSA:2009-230-01 advisory concerning the packages for
Slackware -current 32-bit. The http links given refer to packages
with a -1 build version. The actual packages have a build number of
-2.
http://www.linuxsecurity.com/content/view/149811
* Slackware: pidgin (Aug 19)
----------------------------
New pidgin packages are available for Slackware 12.0, 12.1, 12.2, and
-current to fix a security issue. More details about this issue may
be found in the Common Vulnerabilities and Exposures (CVE) database:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2694
http://www.linuxsecurity.com/content/view/149812
* Slackware: kernel (Aug 19)
----------------------------
New Linux kernel packages are available for Slackware 12.2 and
-current to address a security issue. A kernel bug discovered by
Tavis Ormandy and Julien Tinnes of the Google Security Team could
allow a local user to fill memory page zero with arbitrary code and
then use the kernel sendpage operation to trigger a NULL pointer
dereference, executing the code in the context of the kernel. If
successfully exploited, this bug can be used to gain root access. At
this time we have prepared fixed kernels for the stable version of
Slackware (12.2), as well as for both 32-bit x86 and x86_64 -current
versions. Additionally, we have added a package to the /patches
directory for Slackware 12.1 and 12.2 that will set the minimum
memory page that can be mmap()ed from userspace without additional
privileges to 4096. The package will work with any kernel supporting
the vm.mmap_min_addr tunable, and should significantly reduce the
potential harm from this bug, as well as future similar bugs that
might be found in the kernel. More updated kernels may follow. For
more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2692
http://www.linuxsecurity.com/content/view/149798
* Slackware: curl (Aug 14)
--------------------------
New curl packages are available for Slackware 9.1, 10.0, 10.1, 10.2,
11.0, 12.0, 12.1, 12.2, and -current to fix a security issue. For
more information, see: http://curl.haxx.se/docs/security.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2417
http://www.linuxsecurity.com/content/view/149763
------------------------------------------------------------------------
* SuSE: Linux kernel (SUSE-SA:2009:045) (Aug 20)
----------------------------------------------
http://www.linuxsecurity.com/content/view/149815
* SuSE: subversion (SUSE-SA:2009:044) (Aug 14)
--------------------------------------------
http://www.linuxsecurity.com/content/view/149757
------------------------------------------------------------------------
* Ubuntu: Pidgin vulnerability (Aug 20)
--------------------------------------
Federico Muttis discovered that Pidgin did not properly handle
certain malformed messages in the MSN protocol handler. A remote
attacker could send a specially crafted message and possibly execute
arbitrary code with user privileges.
http://www.linuxsecurity.com/content/view/149814
* Ubuntu: Apache regression (Aug 19)
-----------------------------------
USN-802-1 fixed vulnerabilities in Apache. The upstream fix for
CVE-2009-1891 introduced a regression that would cause Apache
children to occasionally segfault when mod_deflate is used. This
update fixes the problem. We apologize for the inconvenience.
Original advisory details: It was discovered that mod_proxy_http did
not properly handle a large amount of streamed data when used as a
reverse proxy. A remote attacker could exploit this and cause a
denial of service via memory resource consumption. This issue
affected Ubuntu 8.04 LTS, 8.10 and 9.04. (CVE-2009-1890) It was
discovered that mod_deflate did not abort compressing large files
when the connection was closed. A remote attacker could exploit this
and cause a denial of service via CPU resource consumption.
(CVE-2009-1891)
http://www.linuxsecurity.com/content/view/149807
------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc. LinuxSecurity.com
To unsubscribe email vuln-newsletter-request@linuxsecurity.com
with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
________________________________________
Subscribe to InfoSec News
http://www.infosecnews.org
Site design & layout copyright © 1986- CodeGods