[ISN] Linux Advisory Watch: November 3rd, 2008

From: InfoSec News <alerts_at_private>
Date: Tue, 4 Nov 2008 00:17:14 -0600 (CST)
| LinuxSecurity.com                                  Weekly Newsletter |
| November 3rd, 2008                               Volume 9, Number 45 |
|                                                                      |
| Editorial Team:              Dave Wreski <dwreski_at_private> |
|                       Benjamin D. Thomas <bthomas_at_private> |

Thank you for reading the LinuxSecurity.com weekly security newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's most relevant Linux security headlines.

This week, advisories were released for openoffice, libspf2, mdkonline,
eterm, aterm, mplayer, kernel, lynx, emacs, and wireshark.  This
distributors include Debian, Fedora, Gentoo, Mandriva, and Red Hat.


Earn your MS in Info Assurance online

Norwich University's Master of Science in Information Assurance (MSIA)
program, designated by the National Security Agency as providing
academically excellent education in Information Assurance, provides
you with the skills to manage and lead an organization-wide
information security program and the tools to fluently communicate
the intricacies of information security at an executive level.



Never Installed a Firewall on Ubuntu? Try Firestarter
When I typed on Google "Do I really need a firewall?" 695,000 results
came across.  And I'm pretty sure they must be saying  "Hell yeah!".
In my opinion, no one would ever recommend anyone to sit naked on the
internet keeping in mind the insecurity internet carries these days,
unless you really know what you are doing.

Read on for more information on Firestarter.



Review: Hacking Exposed Linux, Third Edition
"Hacking Exposed Linux" by  ISECOM (Institute for Security and Open
Methodologies) is a guide to help you secure your Linux environment.
This book does not only help improve your security it looks at why you
should. It does this by showing examples of real attacks and rates the
importance of protecting yourself from being a victim of each type of


-->  Take advantage of the LinuxSecurity.com Quick Reference Card!  <--
-->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf             <--


* EnGarde Secure Community 3.0.21 Now Available (Oct 7)
  Guardian Digital is happy to announce the release of EnGarde Secure
  Community 3.0.21 (Version 3.0, Release 21). This release includes
  many updated packages and bug fixes and some feature enhancements to
  the EnGarde Secure Linux Installer and the SELinux policy.

  In distribution since 2001, EnGarde Secure Community was one of the
  very first security platforms developed entirely from open source,
  and has been engineered from the ground-up to provide users and
  organizations with complete, secure Web functionality, DNS, database,
  e-mail security and even e-commerce.



* Debian: New OpenOffice.org packages fix several vulnerabilities (Oct 29)
  The SureRun Security team discovered a bug in the WMF file parser
  that can be triggered by manipulated WMF files and can lead to
  heap overflows and arbitrary code execution.


* Debian: New clamav packages fix denial of service (Oct 26)
  Several denial-of-service vulnerabilities have been discovered in the
  ClamAV anti-virus toolkit: Insufficient checking for out-of-memory
  conditions results in null pointer derefences (CVE-2008-3912).



* Fedora 8 Update: openoffice.org-2.3.0-6.17.fc8 (Oct 31)
  A security release to address:  - CVE-2008-2237: Manipulated WMF
  files  - CVE-2008-2238: Manipulated EMF files  as described at


* Fedora 9 Update: openoffice.org-2.4.2-18.1.fc9 (Oct 31)
  Security update to address  - CVE-2008-2237: Manipulated WMF files  -
  CVE-2008-2238: Manipulated EMF files	as described at



* Gentoo: libspf2 DNS response buffer overflow (Oct 30)
  A memory management error in libspf2 might allow for remote execution
  of arbitrary code.



* Mandriva: Subject: [Security Announce] [ MDVA-2008:163 ] mdkonline (Oct 30)
  This update ensures that the distribution upgrade notification is not
  detected in incorrect cases, and ensures that a distribution upgrade
  is only suggested after all security updates have been applied. It
  also improves the distribution upgrade confirmation dialog and
  reliability of network package installation.


* Mandriva: Subject: [Security Announce] [ MDVA-2008:162 ] openoffice.org (Oct 30)
  This update provides a new upstream version of OpenOffice.org -  It also corrects the following bugs: Under 2.4 versions of
  OpenOffice.org, the Orientation option was removed from printer
  properties which prevented users from printing on a booklet format in
  a way they were used to do. This OpenOffice.org update enables the
  Orientation printer option again.


* Mandriva: Subject: [Security Announce] [ MDVSA-2008:222 ] Eterm (Oct 29)
  A vulnerability in Eterm allowed it to open a terminal on :0 if the
  environment variable was not set or the -display option was not
  specified, which could be used by a local user to hijack X11
  connections (CVE-2008-1692). The updated packages have been patched
  to correct this issue.


* Mandriva: Subject: [Security Announce] [ MDVSA-2008:221 ] aterm (Oct 29)
  A vulnerability in rxvt allowed it to open a terminal on :0 if the
  environment variable was not set, which could be used by a local user
  to hijack X11 connections (CVE-2008-1142).  This issue also affects
  aterm. The updated packages have been patched to correct this issue.


* Mandriva: Subject: [Security Announce] [ MDVSA-2008:219 ] mplayer (Oct 29)
  A vulnerability that was discovered in xine-lib that allowed remote
  RTSP servers to execute arbitrary code via a large streamid SDP
  parameter also affects MPlayer (CVE-2008-0073).


* Mandriva: Subject: [Security Announce] [ MDVSA-2008:220 ] kernel (Oct 29)
  Some vulnerabilities were discovered and corrected in the Linux 2.6
  kernel: The snd_seq_oss_synth_make_info function in
  sound/core/seq/oss/seq_oss_synth.c in the sound subsystem in the
  Linux kernel before 2.6.27-rc2 does not verify that the device number
  is within the range defined by max_synthdev before returning certain
  data to the caller, which allows local users to obtain sensitive


* Mandriva: Subject: [Security Announce] [ MDVSA-2008:218 ] lynx (Oct 28)
  A vulnerability was found in the Lynxcgi: URI handler that could
  allow an attacker to create a web page redirecting to a malicious URL
  that would execute arbitrary code as the user running Lynx, if they
  were using the non-default Advanced user mode (CVE-2008-4690). This
  update corrects these issues and, in addition, makes Lynx always
  prompt the user before loading a lynxcgi: URI.  As well, the default
  lynx.cfg configuration file marks all lynxcgi: URIs as untrusted.


* Mandriva: Subject: [Security Announce] [ MDVSA-2008:217 ] lynx (Oct 28)
  A flaw was found in the way Lynx handled .mailcap and .mime.types
  configuration files.	If these files were present in the current
  working directory, they would be loaded prior to similar files in the
  user's home directory.  This could allow a local attacker to possibly
  execute arbitrary code as the user running Lynx, if they could
  convince the user to run Lynx in a directory under their control


* Mandriva: Subject: [Security Announce] [ MDVSA-2008:216 ] emacs (Oct 27)
  A vulnerability was found in how Emacs would import python scripts
  from the current working directory during the editing of a python
  file. This could allow a local user to execute arbitrary code via a
  trojan python file (CVE-2008-3949).


* Mandriva: Subject: [Security Announce] [ MDVSA-2008:215 ] wireshark (Oct 27)
  A number of vulnerabilities were discovered in Wireshark that could
  cause it to crash or abort while processing malicious packets



* RedHat: Important: flash-plugin security update (Oct 28)
  An updated Adobe Flash Player package that fixes several security
  issues is now available for Red Hat Enterprise Linux 5 Supplementary.
  A flaw was found in the way Adobe Flash Player wrote content to the
  clipboard. A malicious SWF file could populate the clipboard with a
  URL that could cause the user to mistakenly load an
  attacker-controlled URL.


* RedHat: Important: lynx security update (Oct 27)
  An updated lynx package that corrects two security issues is now
  available for Red Hat Enterprise Linux 2.1, 3, 4, and 5. This update
  has been rated as having important security impact by the Red Hat
  Security Response Team.


Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email vuln-newsletter-request_at_private
         with "unsubscribe" in the subject of the message.

Visit the InfoSec News Security Bookstore
Best Selling Security Books and More!
Received on Mon Nov 03 2008 - 22:17:14 PST

This archive was generated by hypermail 2.2.0 : Mon Nov 03 2008 - 22:25:48 PST