http://www.unix.com/ UNIX and Linux Security Advisories Via RSS News en Fri, 20 Nov 2009 23:29:47 GMT vBulletin 5 http://solaris.unix.com/images/misc/rss.jpg http://www.unix.com/ http://www.unix.com/security-advisories-rss/124271-mandriva-glpi-new-post.html Fri, 20 Nov 2009 18:00:05 GMT *LinuxSecurity.com*: This is a maintenance and bugfix release that updates glpi to 0.72.3. More... (http://www.linuxsecurity.com/content/view/150789?rdf) LinuxSecurity.com: This is a maintenance and bugfix release that updates glpi to 0.72.3.

More... ]]> Security Advisories (RSS) iBot http://www.unix.com/security-advisories-rss/124271-mandriva-glpi.html http://www.unix.com/security-advisories-rss/124212-pardus-qt-webkit-multiple-vulnerabilities-new-post.html Fri, 20 Nov 2009 02:00:04 GMT LinuxSecurity.com: Description ========== * CVE-2009-3384: Multiple security flaws (integer underflow, invalid pointer dereference, buffer underflow and a denial of service) were found in the way WebKit's FTP parser used to process remote FTP directory listings. If a remote FTP server issued a specially-crafted FTP command, it could lead to disclosure of sensitive information, denial of service (application crash) or, potentially to execution of arbitrary code, once the command was parsed.

More... ]]> Security Advisories (RSS) iBot http://www.unix.com/security-advisories-rss/124212-pardus-qt-webkit-multiple-vulnerabilities.html http://www.unix.com/security-advisories-rss/124176-suse-sun-java-6-suse-sa-2009-058-a-new-post.html Thu, 19 Nov 2009 17:00:02 GMT *LinuxSecurity.com*: More... (http://www.linuxsecurity.com/content/view/150776?rdf) LinuxSecurity.com:

More... ]]> Security Advisories (RSS) iBot http://www.unix.com/security-advisories-rss/124176-suse-sun-java-6-suse-sa-2009-058-a.html http://www.unix.com/security-advisories-rss/124118-usn-860-1-apache-vulnerabilities-new-post.html Thu, 19 Nov 2009 07:00:03 GMT Referenced CVEs: CVE-2009-3094, CVE-2009-3095, CVE-2009-3555 Description: ===========================================================Ubuntu Security Notice USN-860-1 November 19,... Referenced CVEs:
CVE-2009-3094, CVE-2009-3095, CVE-2009-3555


Description:
===========================================================Ubuntu Security Notice USN-860-1 November 19, 2009apache2 vulnerabilitiesCVE-2009-3094, CVE-2009-3095, CVE-2009-3555===========================================================A security issue affects the following Ubuntu releases:Ubuntu 6.06 LTSUbuntu 8.04 LTSUbuntu 8.10Ubuntu 9.04Ubuntu 9.10This advisory also applies to the corresponding versions ofKubuntu, Edubuntu, and Xubuntu.The problem can be corrected by upgrading your system to thefollowing package versions:Ubuntu 6.06 LTS: apache2-common 2.0.55-4ubuntu2.9Ubuntu 8.04 LTS: apache2.2-common 2.2.8-1ubuntu0.14Ubuntu 8.10: apache2.2-common 2.2.9-7ubuntu3.5Ubuntu 9.04: apache2.2-common 2.2.11-2ubuntu2.5Ubuntu 9.10: apache2.2-common 2.2.12-1ubuntu2.1In general, a standard system upgrade is sufficient to effect thenecessary changes.Details follow:Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3protocols. If an attacker could perform a man in the middle attack at thestart of a TLS connection, the attacker could inject arbitrary content atthe beginning of the user's session. The flaw is with TLS renegotiation andpotentially affects any software that supports this feature. Attacksagainst the HTTPS protocol are known, with the severity of the issuedepending on the safeguards used in the web application. Until the TLSprotocol and underlying libraries are adjusted to defend against thisvulnerability, a partial, temporary workaround has been applied to Apachethat disables client initiated TLS renegotiation. This update does notprotect against server initiated TLS renegotiation when usingSSLVerifyClient and SSLCipherSuite on a per Directory or Location basis.Users can defend againt server inititiated TLS renegotiation attacks byadjusting their Apache configuration to use SSLVerifyClient andSSLCipherSuite only on the server or virtual host level. (CVE-2009-3555)It was discovered that mod_proxy_ftp in Apache did not properly sanitizeits input when processing replies to EPASV and PASV commands. An attackercould use this to cause a denial of service in the Apache child process.(CVE-2009-3094)Another flaw was discovered in mod_proxy_ftp. If Apache is configured as areverse proxy, an attacker could send a crafted HTTP header to bypassintended access controls and send arbitrary commands to the FTP server.(CVE-2009-3095)





More... ]]> Security Advisories (RSS) iBot http://www.unix.com/security-advisories-rss/124118-usn-860-1-apache-vulnerabilities.html http://www.unix.com/security-advisories-rss/124064-fedora-12-update-wordpress-2-8-6-2-fc12-new-post.html Wed, 18 Nov 2009 16:30:02 GMT *LinuxSecurity.com*: 2.8.6 fixes two security problems that can be exploited by registered, logged inusers who have posting privileges. If you have untrusted authors on your blog,upgrading to 2.8.6 is recommended. More... (http://www.linuxsecurity.com/content/view/150771?rdf) LinuxSecurity.com: 2.8.6 fixes two security problems that can be exploited by registered, logged inusers who have posting privileges. If you have untrusted authors on your blog,upgrading to 2.8.6 is recommended.

More... ]]> Security Advisories (RSS) iBot http://www.unix.com/security-advisories-rss/124064-fedora-12-update-wordpress-2-8-6-2-fc12.html http://www.unix.com/security-advisories-rss/123976-mandriva-cyrus-imapd-new-post.html Tue, 17 Nov 2009 18:00:02 GMT *LinuxSecurity.com*: cyrus-imapd-2.2.13 lacks support for large file systems (LFS) which caused problems and prevented users to have mail boxes larger than 2GB. The cyrus-imapd package has been updated to v2.3.12 to adress this problem. More...... LinuxSecurity.com: cyrus-imapd-2.2.13 lacks support for large file systems (LFS) which caused problems and prevented users to have mail boxes larger than 2GB. The cyrus-imapd package has been updated to v2.3.12 to adress this problem.

More... ]]> Security Advisories (RSS) iBot http://www.unix.com/security-advisories-rss/123976-mandriva-cyrus-imapd.html http://www.unix.com/security-advisories-rss/123904-slackware-openssl-new-post.html Tue, 17 Nov 2009 02:00:02 GMT *LinuxSecurity.com*: New openssl packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0,and -current to fix a security issue.More details about this issue may be found in the CommonVulnerabilities and Exposures (CVE) database: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 ... LinuxSecurity.com: New openssl packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0,and -current to fix a security issue.More details about this issue may be found in the CommonVulnerabilities and Exposures (CVE) database: http://cve.mitre.org/cgi-bin/cvename...=CVE-2009-3555

More... ]]> Security Advisories (RSS) iBot http://www.unix.com/security-advisories-rss/123904-slackware-openssl.html http://www.unix.com/security-advisories-rss/123879-redhat-important-java-1-6-0-openjdk-security-update-new-post.html Mon, 16 Nov 2009 18:00:01 GMT *LinuxSecurity.com*: Updated java-1.6.0-openjdk packages that fix several security issues arenow available for Red Hat Enterprise Linux 5.This update has been rated as having important security impact by the RedHat Security Response Team. More...... LinuxSecurity.com: Updated java-1.6.0-openjdk packages that fix several security issues arenow available for Red Hat Enterprise Linux 5.This update has been rated as having important security impact by the RedHat Security Response Team.

More... ]]> Security Advisories (RSS) iBot http://www.unix.com/security-advisories-rss/123879-redhat-important-java-1-6-0-openjdk-security-update.html http://www.unix.com/security-advisories-rss/123794-mandriva-php-new-post.html Sun, 15 Nov 2009 17:00:04 GMT *LinuxSecurity.com*: This is a bugfix and maintenance release for php that upgrades phpto 5.3.1RC4.Additionally, some packages which require so, have been rebuilt andare being provided as updates. More... (http://www.linuxsecurity.com/content/view/150727?rdf) LinuxSecurity.com: This is a bugfix and maintenance release for php that upgrades phpto 5.3.1RC4.Additionally, some packages which require so, have been rebuilt andare being provided as updates.

More... ]]> Security Advisories (RSS) iBot http://www.unix.com/security-advisories-rss/123794-mandriva-php.html http://www.unix.com/security-advisories-rss/123724-usn-859-1-openjdk-vulnerabilities-new-post.html Fri, 13 Nov 2009 19:00:01 GMT Referenced CVEs: CVE-2009-2409, CVE-2009-3728, CVE-2009-3869, CVE-2009-3871, CVE-2009-3873, CVE-2009-3874, CVE-2009-3875, CVE-2009-3876, CVE-2009-3877, CVE-2009-3879, CVE-2009-3880, CVE-2009-3881, CVE-2009-3882, CVE-2009-3883, CVE-2009-3884, CVE-2009-3885 ... Referenced CVEs:
CVE-2009-2409, CVE-2009-3728, CVE-2009-3869, CVE-2009-3871, CVE-2009-3873, CVE-2009-3874, CVE-2009-3875, CVE-2009-3876, CVE-2009-3877, CVE-2009-3879, CVE-2009-3880, CVE-2009-3881, CVE-2009-3882, CVE-2009-3883, CVE-2009-3884, CVE-2009-3885


Description:
=========================================================== Ubuntu Security Notice USN-859-1 November 13, 2009 openjdk-6 vulnerabilities CVE-2009-2409, CVE-2009-3728, CVE-2009-3869, CVE-2009-3871, CVE-2009-3873, CVE-2009-3874, CVE-2009-3875, CVE-2009-3876, CVE-2009-3877, CVE-2009-3879, CVE-2009-3880, CVE-2009-3881, CVE-2009-3882, CVE-2009-3883, CVE-2009-3884, CVE-2009-3885 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 8.10 Ubuntu 9.04 Ubuntu 9.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.10: icedtea6-plugin 6b12-0ubuntu6.6 openjdk-6-jre 6b12-0ubuntu6.6 Ubuntu 9.04: icedtea6-plugin 6b14-1.4.1-0ubuntu12 openjdk-6-jre 6b14-1.4.1-0ubuntu12 Ubuntu 9.10: icedtea6-plugin 6b16-1.6.1-3ubuntu1 openjdk-6-jre 6b16-1.6.1-3ubuntu1 After a standard system upgrade you need to restart any Java applications to effect the necessary changes. Details follow: Dan Kaminsky discovered that SSL certificates signed with MD2 could be spoofed given enough time. As a result, an attacker could potentially create a malicious trusted certificate to impersonate another site. This update handles this issue by completely disabling MD2 for certificate validation in OpenJDK. (CVE-2009-2409) It was discovered that ICC profiles could be identified with ".." pathnames. If a user were tricked into running a specially crafted applet, a remote attacker could gain information about a local system. (CVE-2009-3728) Peter Vreugdenhil discovered multiple flaws in the processing of graphics in the AWT library. If a user were tricked into running a specially crafted applet, a remote attacker could crash the application or run arbitrary code with user privileges. (CVE-2009-3869, CVE-2009-3871) Multiple flaws were discovered in JPEG and BMP image handling. If a user were tricked into loading a specially crafted image, a remote attacker could crash the application or run arbitrary code with user privileges. (CVE-2009-3873, CVE-2009-3874, CVE-2009-3885) Coda Hale discovered that HMAC-based signatures were not correctly validated. Remote attackers could bypass certain forms of authentication, granting unexpected access. (CVE-2009-3875) Multiple flaws were discovered in ASN.1 parsing. A remote attacker could send a specially crafted HTTP stream that would exhaust system memory and lead to a denial of service. (CVE-2009-3876, CVE-2009-3877) It was discovered that the graphics configuration subsystem did not correctly handle arrays. If a user were tricked into running a specially crafted applet, a remote attacker could exploit this to crash the application or execute arbitrary code with user privileges. (CVE-2009-3879) It was discovered that loggers and Swing did not correctly handle certain sensitive objects. If a user were tricked into running a specially crafted applet, private information could be leaked to a remote attacker, leading to a loss of privacy. (CVE-2009-3880, CVE-2009-3882, CVE-2009-3883) It was discovered that the ClassLoader did not correctly handle certain options. If a user were tricked into running a specially crafted applet, a remote attacker could execute arbitrary code with user privileges. (CVE-2009-3881) It was discovered that time zone file loading could be used to determine the existence of files on the local system. If a user were tricked into running a specially crafted applet, private information could be leaked to a remote attacker, leading to a loss of privacy. (CVE-2009-3884)





More... ]]> Security Advisories (RSS) iBot http://www.unix.com/security-advisories-rss/123724-usn-859-1-openjdk-vulnerabilities.html http://www.unix.com/security-advisories-rss/123711-mandriva-gimp-new-post.html Fri, 13 Nov 2009 17:00:02 GMT *LinuxSecurity.com*: A vulnerability was discovered and corrected in gimp:Integer overflow in the ReadImage function inplug-ins/file-bmp/bmp-read.c in GIMP 2.6.7 might allow remote attackersto execute arbitrary code via a BMP file with crafted width and heightvalues that trigger a heap-based buffer... LinuxSecurity.com: A vulnerability was discovered and corrected in gimp:Integer overflow in the ReadImage function inplug-ins/file-bmp/bmp-read.c in GIMP 2.6.7 might allow remote attackersto execute arbitrary code via a BMP file with crafted width and heightvalues that trigger a heap-based buffer overflow (CVE-2009-1570).This update provides a solution to this vulnerability.

More... ]]> Security Advisories (RSS) iBot http://www.unix.com/security-advisories-rss/123711-mandriva-gimp.html http://www.unix.com/security-advisories-rss/123654-mandriva-subject-security-announce-mdva-2009-199-squid-new-post.html Fri, 13 Nov 2009 00:00:07 GMT *LinuxSecurity.com*: This is a bugfix and maintenance release for squid that upgrades squid to 3.0.STABLE20 and fixes some bugs: An outstanding issue with code 304 and code 200 replies being mixed up has now been resolved. This means requests which need to refresh cache objects will not cause... LinuxSecurity.com: This is a bugfix and maintenance release for squid that upgrades squid to 3.0.STABLE20 and fixes some bugs: An outstanding issue with code 304 and code 200 replies being mixed up has now been resolved. This means requests which need to refresh cache objects will not cause temporary client software failures.

More... ]]> Security Advisories (RSS) iBot http://www.unix.com/security-advisories-rss/123654-mandriva-subject-security-announce-mdva-2009-199-squid.html http://www.unix.com/security-advisories-rss/123625-ubuntu-openldap-vulnerability-new-post.html Thu, 12 Nov 2009 16:00:02 GMT *LinuxSecurity.com*: It was discovered that OpenLDAP did not correctly handle SSL certificateswith zero bytes in the Common Name. A remote attacker could exploit this toperform a man in the middle attack to view sensitive information or alterencrypted communications. More...... LinuxSecurity.com: It was discovered that OpenLDAP did not correctly handle SSL certificateswith zero bytes in the Common Name. A remote attacker could exploit this toperform a man in the middle attack to view sensitive information or alterencrypted communications.

More... ]]> Security Advisories (RSS) iBot http://www.unix.com/security-advisories-rss/123625-ubuntu-openldap-vulnerability.html http://www.unix.com/security-advisories-rss/123616-usn-858-1-openldap-vulnerability-new-post.html Thu, 12 Nov 2009 14:45:04 GMT Referenced CVEs: CVE-2009-3767 Description: =========================================================== Ubuntu Security Notice USN-858-1 November 12, 2009 openldap2.2... Referenced CVEs:
CVE-2009-3767


Description:
=========================================================== Ubuntu Security Notice USN-858-1 November 12, 2009 openldap2.2 vulnerability CVE-2009-3767 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: libldap-2.2-7 2.2.26-5ubuntu2.9 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: It was discovered that OpenLDAP did not correctly handle SSL certificates with zero bytes in the Common Name. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.





More... ]]> Security Advisories (RSS) iBot http://www.unix.com/security-advisories-rss/123616-usn-858-1-openldap-vulnerability.html http://www.unix.com/security-advisories-rss/123520-usn-853-2-firefox-xulrunner-regression-new-post.html Wed, 11 Nov 2009 17:30:04 GMT Description: =========================================================== Ubuntu Security Notice USN-853-2 November 11, 2009 firefox-3.5, xulrunner-1.9.1 regression https://launchpad.net/bugs/480740... Description:
=========================================================== Ubuntu Security Notice USN-853-2 November 11, 2009 firefox-3.5, xulrunner-1.9.1 regression https://launchpad.net/bugs/480740 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 9.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 9.10: firefox-3.5 3.5.5+nobinonly-0ubuntu0.9.10.1 xulrunner-1.9.1 1.9.1.5+nobinonly-0ubuntu0.9.10.1 After a standard system upgrade you need to restart Firefox and any applications that use xulrunner to effect the necessary changes. Details follow: USN-853-1 fixed vulnerabilities in Firefox and Xulrunner. The upstream changes introduced regressions that could lead to crashes when processing certain malformed GIF images, fonts and web pages. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Alin Rad Pop discovered a heap-based buffer overflow in Firefox when it converted strings to floating point numbers. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-1563) Jeremy Brown discovered that the Firefox Download Manager was vulnerable to symlink attacks. A local attacker could exploit this to create or overwrite files with the privileges of the user invoking the program. (CVE-2009-3274) Paul Stone discovered a flaw in the Firefox form history. If a user were tricked into viewing a malicious website, a remote attacker could access this data to steal confidential information. (CVE-2009-3370) Orlando Berrera discovered that Firefox did not properly free memory when using web-workers. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 9.10. (CVE-2009-3371) A flaw was discovered in the way Firefox processed Proxy Auto-configuration (PAC) files. If a user configured the browser to use PAC files with certain regular expressions, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-3372) A heap-based buffer overflow was discovered in Mozilla's GIF image parser. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-3373) A flaw was discovered in the JavaScript engine of Firefox. An attacker could exploit this to execute scripts from page content with chrome privileges. (CVE-2009-3374) Gregory Fleischer discovered that the same-origin check in Firefox could be bypassed by utilizing the document.getSelection function. An attacker could exploit this to read data from other domains. (CVE-2009-3375) Jesse Ruderman and Sid Stamm discovered that Firefox did not properly display filenames containing right-to-left (RTL) override characters. If a user were tricked into downloading a malicious file with a crafted filename, an attacker could exploit this to trick the user into opening a different file than the user expected. (CVE-2009-3376) Several flaws were discovered in third party media libraries. If a user were tricked into opening a crafted media file, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 9.10. (CVE-2009-3377) Vladimir Vukicevic, Jesse Ruderman, Martijn Wargers, Daniel Banchero, David Keeler, Boris Zbarsky, Thomas Frederiksen, Marcia Knous, Carsten Book, Kevin Brosnan, David Anderson and Jeff Walden discovered various flaws in the browser and JavaScript engines of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-3380, CVE-2009-3381, CVE-2009-3382, CVE-2009-3383)





More... ]]> Security Advisories (RSS) iBot http://www.unix.com/security-advisories-rss/123520-usn-853-2-firefox-xulrunner-regression.html