[ISN] Linux Advisory Watch: June 27th, 2008

From: InfoSec News <alerts_at_private>
Date: Tue, 1 Jul 2008 01:41:01 -0500 (CDT)
| LinuxSecurity.com                                  Weekly Newsletter |
| June 27th, 2008                                  Volume 9, Number 26 |
|                                                                      |
| Editorial Team:              Dave Wreski <dwreski_at_private> |
|                       Benjamin D. Thomas <bthomas_at_private> |

Thank you for reading the LinuxSecurity.com weekly security newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's most relevant Linux security headlines.

This week, advisories were released for libetpan, perl, kernel,
jdk/jre, freetype, libvorbis, openssl, clamav, freetype2, fetchmail,
sblim, and IBMJava2.  The distributors include Debian, Fedora, Gentoo,
Mandriva, Red Hat, and Ubuntu.


>> Linux+DVD Magazine <<

In each issue you can find information concerning the best use of Linux:
safety, databases, multimedia, scientific tools, entertainment,
programming, e-mail, news and desktop environments.

Catch up with what professional network and database administrators,
system programmers, webmasters and all those who believe in the power of
Open Source software are doing!



Security Features of Firefox 3.0
Lets take a look at the security features of the newly released Firefox
3.0. Since it's release on Tuesday I have been testing it out to see
how the new security enhancements work and help in increase user
browsing security.  One of the exciting improvements for me was how
Firefox handles SSL secured web sites while browsing the Internet.
There are also many other security features that this article will look
at. For example, improved plugin and addon security.

Read on for more security features of Firefox 3.0.



Review: The Book of Wireless
"The Book of Wireless" by John Ross is an answer to the problem of
learning about wireless networking. With the wide spread use of
Wireless networks today anyone with a computer should at least know the
basics of wireless. Also, with the wireless networking, users need to
know how to protect themselves from wireless networking attacks.


-->  Take advantage of the LinuxSecurity.com Quick Reference Card!  <--
-->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf             <--


* EnGarde Secure Community 3.0.19 Now Available! (Apr 15)
  Guardian Digital is happy to announce the release of EnGarde Secure
  Community 3.0.19 (Version 3.0, Release 19).  This release includes
  many updated packages and bug fixes and some feature enhancements to
  the EnGarde Secure Linux Installer and the SELinux policy.



* Debian: New libtk-img packages fix arbitrary code execution (Jun 19)
  It was discovered that a buffer overflow in the GIF image parsing
  code of Tk, a cross-platform graphical toolkit, could lead to denial
  of service and potentially the execution of arbitrary code.



* Fedora 8 Update: libetpan-0.54-1.fc8 (Jun 26)
  Update to new upstream version 0.54 fixing a crash (NULL pointer
  dereference) in the mail message header parser.    Note: There is no
  application in Fedora using libetpan library for which such crash
  could be considered a security issue. This can only be a security
  sensitive issue for some 3rd party, not packages applications.


* Fedora 9 Update: perl-5.10.0-27.fc9 (Jun 26)
  CVE-2008-2827 perl: insecure use of chmod in rmtree


* Fedora 8 Update: kernel- (Jun 20)
  The asn1 implementation in (a) the Linux kernel 2.4 before
  and 2.6 before, as used in the cifs and ip_nat_snmp_basic
  modules; and (b) the gxsnmp package; does not properly validate
  length values during decoding of ASN.1 BER data, which allows remote
  attackers to cause a denial of service (crash) or execute arbitrary
  code via (1) a length greater than the working buffer, which can lead
  to an unspecified overflow; (2) an oid length of zero, which can lead
  to an off-by-one error; or (3) an indefinite length for a primitive



* Gentoo: IBM JDK/JRE Multiple vulnerabilities (Jun 25)
  Multiple vulnerabilities have been found in IBM Java Development Kit
  (JDK) and Java Runtime Environment (JRE), resulting in the execution
  of arbitrary code.


* Gentoo: FreeType User-assisted execution of arbitrary code (Jun 23)
  Font parsing vulnerabilities in FreeType might lead to user-assisted
  execution of arbitrary code.


* Gentoo: libvorbis Multiple vulnerabilities (Jun 23)
  Multiple vulnerabilities in libvorbis might lead to the execution of
  arbitrary code.


* Gentoo: OpenSSL Denial of Service (Jun 23)
  Two vulnerabilities might allow for a Denial of Service of daemons
  using OpenSSL.


* Gentoo: X.Org X server Multiple vulnerabilities (Jun 19)
  Multiple vulnerabilities have been discovered in the X.Org X server,
  possibly allowing for the remote execution of arbitrary code with
  root privileges.



* Mandriva: Updated clamav packages fix vulnerability (Jun 24)
  A vulnerability was discovered in ClamAV and corrected with the
  0.93.1 release: libclamav/petite.c in ClamAV before 0.93.1 allows
  remote attackers to cause a denial of service via a crafted Petite
  file that triggers an out-of-bounds read. (CVE-2008-2713) Other bugs
  have also been corrected in 0.93.1 which is being provided with this


* Mandriva: Updated freetype2 packages fix vulnerabilities (Jun 23)
  Multiple vulnerabilities were discovered in FreeType's Printer Font
  Binary (PFB) font-file format parser.  If a user were to load a
  carefully crafted font file with a program linked against FreeType,
  it could cause the application to crash or potentially execute
  arbitrary code (CVE-2008-1806, CVE-2008-1807, CVE-2008-1808). The
  updated packages have been patched to prevent this issue.


* Mandriva: Updated fetchmail packages fix DoS vulnerability (Jun 20)
  A flaw in fetchmail was discovered that allowed remote attackers to
  cause a denial of service (crash and persistent mail failure) via a
  malformed message with long headers.	The crash only occured when
  fetchmail was called in '-v -v' mode (CVE-2008-2711). The updated
  packages have been patched to prevent this issue.



* RedHat: Important: kernel security and bug fix update (Jun 25)
  Updated kernel packages that fix several security issues and a bug
  are now available for Red Hat Enterprise Linux 4. This update has
  been rated as having important security impact by the Red Hat
  Security Response Team.


* RedHat: Important: sblim security update (Jun 24)
  Updated sblim packages that resolve a security issue are now
  available for Red Hat Enterprise Linux 4 and Red Hat Enterprise Linux
  5. It was discovered that certain sblim libraries had an RPATH
  (runtime library search path) set in the ELF (Executable and Linking
  Format) header. This RPATH pointed to a sub-directory of a
  world-writable, temporary directory. A local user could create a file
  with the same name as a library required by sblim (such as libc.so)
  and place it in the directory defined in the RPATH. This file could
  then execute arbitrary code with the privileges of the user running
  an application that used sblim (eg


* RedHat: Moderate: IBMJava2 security update (Jun 24)
  IBMJava2-JRE and IBMJava2-SDK packages that correct several security
  issues are available for Red Hat Enterprise Linux 2.1.A flaw was
  found in the applet class loader. An untrusted applet could use this
  flaw to circumvent network access restrictions, possibly connecting
  to services hosted on the machine that executed the applet.


* RedHat: Important: freetype security update (Jun 20)
  Multiple flaws were discovered in FreeType's Printer Font Binary
  (PFB) font-file format parser. If a user loaded a carefully crafted
  font-file with a program linked against FreeType, it could cause the
  application to crash, or possibly execute arbitrary code.


* RedHat: Important: freetype security update (Jun 20)
  Multiple flaws were discovered in FreeType's Printer Font Binary
  (PFB) and TrueType Font (TTF) font-file format parsers. If a user
  loaded a carefully crafted font-file with a program linked against
  FreeType, it could cause the application to crash, or possibly
  execute arbitrary code.



* Ubuntu:  OpenSSL vulnerabilities (Jun 26)
  It was discovered that OpenSSL was vulnerable to a double-free when
  using TLS server extensions. A remote attacker could send a crafted
  packet and cause a denial of service via application crash in
  applications linked against OpenSSL. Ubuntu 8.04 LTS does not compile
  TLS server extensions by default. (CVE-2008-0891) It was discovered
  that OpenSSL could dereference a NULL pointer. If a user or automated
  system were tricked into connecting to a malicious server with
  particular cipher suites, a remote attacker could cause a denial of
  service via application crash. (CVE-2008-1672)


* Ubuntu:  Linux kernel vulnerabilities (Jun 19)
  It was discovered that the ALSA /proc interface did not write the
  correct number of bytes when reporting memory allocations.  A local
  attacker might be able to access sensitive kernel memory, leading to
  a loss of privacy. (CVE-2007-4571)


Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email vuln-newsletter-request_at_private
         with "unsubscribe" in the subject of the message.

Attend Black Hat USA, August 2-7 in Las Vegas, 
the world's premier technical event for ICT security experts.
Featuring 40 hands-on training courses and 80 Briefings 
presentations with lots of new content and new tools.
Network with 4,000 delegates from 50 nations.  
Visit product displays by 30 top sponsors in 
a relaxed setting. http://www.blackhat.com
Received on Mon Jun 30 2008 - 23:41:01 PDT

This archive was generated by hypermail 2.2.0 : Mon Jun 30 2008 - 23:51:53 PDT