[ISN] Linux Advisory Watch - August 21st 2009

From: InfoSec News <alerts_at_private>
Date: Mon, 24 Aug 2009 03:07:30 -0500 (CDT)
+----------------------------------------------------------------------+
| LinuxSecurity.com                                  Weekly Newsletter |
| August 21st, 2009                               Volume 10, Number 34 |
|                                                                      |
| Editorial Team:              Dave Wreski <dwreski_at_private> |
|                       Benjamin D. Thomas <bthomas_at_private> |
+----------------------------------------------------------------------+

Thank you for reading the LinuxSecurity.com weekly security newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's most relevant Linux security headlines.

This week, advisories were released for pidin, curl, kde4libs,
kdegraphics, zope, libxml, kernel, squid, mingw32, thunderbird,
wordpress-mu, dhcp, dillo, CDF, iptables, perl, wget, kernel, wxgtk,
memcached, samba, libvorbis, and apache.  This the distributors include
Debian, Fedora, Gentoo, Mandriva, Red Hat, Slackware, SuSE, and Ubuntu.

---

>> Linux+DVD Magazine <<

In each issue you can find information concerning the best use of Linux:
safety, databases, multimedia, scientific tools, entertainment,
programming, e-mail, news and desktop environments.

Catch up with what professional network and database administrators,
system programmers, webmasters and all those who believe in the power of
Open Source software are doing!

http://www.linuxsecurity.com/ads/adclick.php?bannerid=26

---

Review: Googling Security: How Much Does Google Know About You
--------------------------------------------------------------
If I ask "How much do you know about Google?" You may not take even a
second to respond.  But if I may ask "How much does Google know about
you"? You may instantly reply "Wait... what!? Do they!?"  The book
"Googling Security: How Much Does Google Know About You" by Greg Conti
(Computer Science Professor at West Point) is the first book to reveal
how Google's vast information stockpiles could be used against you or
your business and what you can do to protect yourself.

http://www.linuxsecurity.com/content/view/145939

---

A Secure Nagios Server
----------------------
Nagios is a monitoring software designed to let you know about problems
on your hosts and networks quickly. You can configure it to be used on
any network. Setting up a Nagios server on any Linux distribution is a
very quick process however to make it a secure setup it takes some
work. This article will not show you how to install Nagios since there
are tons of them out there but it will show you in detail ways to
improve your Nagios security.

http://www.linuxsecurity.com/content/view/144088

-->  Take advantage of the LinuxSecurity.com Quick Reference Card!  <--
-->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf             <--

------------------------------------------------------------------------

* EnGarde Secure Community 3.0.22 Now Available! (Dec 9)
  ------------------------------------------------------
  Guardian Digital is happy to announce the release of EnGarde Secure
  Community 3.0.22 (Version 3.0, Release 22).  This release includes
  many updated packages and bug fixes and some feature enhancements to
  the EnGarde Secure Linux Installer and the SELinux policy.

  http://www.linuxsecurity.com/content/view/145668

------------------------------------------------------------------------

* Debian: New pidgin packages fix arbitrary code execution (Aug 19)
  -----------------------------------------------------------------


  http://www.linuxsecurity.com/content/view/149810

* Debian: New curl packages fix SSL certificate verification weakness (Aug 19)
  ----------------------------------------------------------------------------


  http://www.linuxsecurity.com/content/view/149808

* Debian: New kde4libs packages fix several vulnerabilities (Aug 19)
  ------------------------------------------------------------------


  http://www.linuxsecurity.com/content/view/149801

* Debian: New kdegraphics packages fix several vulnerabilities (Aug 19)
  ---------------------------------------------------------------------


  http://www.linuxsecurity.com/content/view/149800

* Debian: New kdelibs packages fix several vulnerabilities (Aug 19)
  -----------------------------------------------------------------


  http://www.linuxsecurity.com/content/view/149799

* Debian: New Linux 2.6.18 packages fix several vulnerabilities (Aug 16)
  ----------------------------------------------------------------------


  http://www.linuxsecurity.com/content/view/149775

* Debian: New Linux 2.6.24 packages fix privilege escalation (Aug 16)
  -------------------------------------------------------------------


  http://www.linuxsecurity.com/content/view/149774

* Debian: New zope2.10/zope2.9 packages fix arbitrary code execution (Aug 15)
  ---------------------------------------------------------------------------


  http://www.linuxsecurity.com/content/view/149770

* Debian: New Linux 2.6.26 packages fix privilege escalation (Aug 14)
  -------------------------------------------------------------------


  http://www.linuxsecurity.com/content/view/149762

* Debian: New libxml packages fix several issues (Aug 13)
  -------------------------------------------------------


  http://www.linuxsecurity.com/content/view/149756

------------------------------------------------------------------------

* Fedora 11 Update: kernel-2.6.29.6-217.2.8.fc11 (Aug 17)
  -------------------------------------------------------
  Fix oops in clock_nanosleep syscall which allows an ordinary user to
  cause a null ptr dereference in the kernel. CVE-2009-2767. Fixes
  BUG_ON() in the intel gem page fault code breaking GNOME Shell.

  http://www.linuxsecurity.com/content/view/149783

* Fedora 10 Update: squid-3.0.STABLE18-1.fc10 (Aug 17)
  ----------------------------------------------------
  Fixes several denial of service issues which could allow an attacker
  to stop the Squid service.  CVE-2009-2621, CVE-2009-2622

  http://www.linuxsecurity.com/content/view/149782

* Fedora 11 Update: squid-3.0.STABLE18-1.fc11 (Aug 17)
  ----------------------------------------------------
  Fixes several denial of service issues which could allow an attacker
  to stop the Squid service.  CVE-2009-2621, CVE-2009-2622

  http://www.linuxsecurity.com/content/view/149781

* Fedora 10 Update: kernel-2.6.27.29-170.2.79.fc10 (Aug 15)
  ---------------------------------------------------------
  Fix sock_sendpage null pointer dereference. CVE-2009-2692.

  http://www.linuxsecurity.com/content/view/149772

* Fedora 11 Update: kernel-2.6.29.6-217.2.7.fc11 (Aug 15)
  -------------------------------------------------------
  Fix sock_sendpage null pointer dereference. CVE-2009-2692.

  http://www.linuxsecurity.com/content/view/149773

* Fedora 10 Update: libxml-1.8.17-24.fc10 (Aug 15)
  ------------------------------------------------
  This update includes patches from RHEL-3 addressing a number of
  security vulnerabilities:    - CVE-2004-0110 (arbitrary code
  execution via a long URL)  - CVE-2004-0989 (arbitrary code execution
  via a long URL)  - CVE-2009-2414 (stack consumption DoS
  vulnerabilities)  - CVE-2009-2416 (use-after-free DoS
  vulnerabilities)

  http://www.linuxsecurity.com/content/view/149769

* Fedora 11 Update: mingw32-libxml2-2.7.3-2.fc11 (Aug 15)
  -------------------------------------------------------
  two patches for parsing problems raised by Ficora

  http://www.linuxsecurity.com/content/view/149767

* Fedora 11 Update: libxml-1.8.17-24.fc11 (Aug 15)
  ------------------------------------------------
  This update includes patches from RHEL-3 addressing a number of
  security vulnerabilities:    - CVE-2004-0110 (arbitrary code
  execution via a long URL)  - CVE-2004-0989 (arbitrary code execution
  via a long URL)  - CVE-2009-2414 (stack consumption DoS
  vulnerabilities)  - CVE-2009-2416 (use-after-free DoS
  vulnerabilities)

  http://www.linuxsecurity.com/content/view/149768

* Fedora 11 Update: thunderbird-3.0-2.6.b3.fc11 (Aug 15)
  ------------------------------------------------------
  Update to upstream version 3.0 Beta3.  It includes security fixes
  recently fixed in stable Thunderbird 2.x and Firefox/Gecko security
  fixes:
  http://www.mozilla.org/security/known-vulnerabilities/thunderbird20.h
  tml
  http://www.mozilla.org/security/known-vulnerabilities/firefox30.html

  http://www.linuxsecurity.com/content/view/149765

* Fedora 10 Update: wordpress-mu-2.8.4a-1.fc10 (Aug 15)
  -----------------------------------------------------
  Update spans MU-versions for the following security releases from
  upstream:
  http://wordpress.org/development/2009/08/2-8-4-security-release/
  http://wordpress.org/development/2009/08/wordpress-2-8-3-security-rel
  ease/ * Backport of XSS fixes from WordPress 2.8.2	* Backport of
  security fixes for admin.php?page= bugs (CVE-2009-2334) Backport of
  security fixes for admin.php?page= bugs (CVE-2009-2334) Backport of
  security fixes for admin.php?page= bugs (CVE-2009-2334)

  http://www.linuxsecurity.com/content/view/149766

* Fedora 11 Update: wordpress-mu-2.8.4a-1.fc11 (Aug 15)
  -----------------------------------------------------
  Update spans MU-versions for the following security releases from
  upstream:
  http://wordpress.org/development/2009/08/2-8-4-security-release/
  http://wordpress.org/development/2009/08/wordpress-2-8-3-security-rel
  ease/ * Backport of XSS fixes from WordPress 2.8.2	* Backport of
  security fixes for admin.php?page= bugs (CVE-2009-2334) Backport of
  security fixes for admin.php?page= bugs (CVE-2009-2334) Backport of
  security fixes for admin.php?page= bugs (CVE-2009-2334)

  http://www.linuxsecurity.com/content/view/149764

------------------------------------------------------------------------

* Gentoo: ISC DHCP dhcpd Denial of Service (Aug 18)
  -------------------------------------------------
  =3D=3D=3D=3D=3D=3D=3D=3D dhcpd as included in the ISC DHCP
  implementation does not properly handle special conditions, leading
  to a Denial of Service.

  http://www.linuxsecurity.com/content/view/149794

* Gentoo: DokuWiki Local file inclusion (Aug 18)
  ----------------------------------------------
  =3D=3D=3D=3D=3D=3D=3D=3D An input sanitation error in DokuWiki might
  lead to the dislosure of local files or even the remote execution of
  arbitrary code.

  http://www.linuxsecurity.com/content/view/149795

* Gentoo: Dillo User-assisted execution of arbitrary code (Aug 18)
  ----------------------------------------------------------------
  =3D=3D=3D=3D=3D=3D=3D=3D An integer overflow in the PNG handling of
  Dillo might result in the remote execution of arbitrary code.

  http://www.linuxsecurity.com/content/view/149796

* Gentoo: Subversion Remote execution of arbitrary code (Aug 18)
  --------------------------------------------------------------
  =3D=3D=3D=3D=3D=3D=3D=3D Multiple integer overflows, leading to
  heap-based buffer overflows in the Subversion client and server might
  allow remote attackers to execute arbitrary code.

  http://www.linuxsecurity.com/content/view/149791

* Gentoo: CDF User-assisted execution of arbitrary code (Aug 18)
  --------------------------------------------------------------
  =3D=3D=3D=3D=3D=3D=3D=3D Multiple heap-based buffer overflows in CDF
  might result in the execution of arbitrary code.

  http://www.linuxsecurity.com/content/view/149792

* Gentoo: Perl Compress:Raw modules: Denial of Service (Aug 18)
  -------------------------------------------------------------
  =3D=3D=3D=3D=3D=3D=3D=3D An off-by-one error in Compress::Raw::Zlib
  and Compress::Raw::Bzip2 might lead to a Denial of Service.

  http://www.linuxsecurity.com/content/view/149793

------------------------------------------------------------------------

* Mandriva: Subject: [Security Announce] [ MDVA-2009:153 ] kde4-style-iaora (Aug 20)
  ----------------------------------------------------------------------------------
  Iaora window decoration style has a bug when using compiz, it is
  noted when a window is maximised, the decoration goes off. You need
  to restore (unmaximize) to have the decorations back. This update
  fixes this problem.

  http://www.linuxsecurity.com/content/view/149816

* Mandriva: Subject: [Security Announce] [ MDVA-2009:152 ] iptables (Aug 20)
  --------------------------------------------------------------------------
  This is a version update of iptables 1.4.1.1 to 1.4.2 and is provided
  to support all new features of the 2.6.27 kernel.

  http://www.linuxsecurity.com/content/view/149813

* Mandriva: Subject: [Security Announce] [ MDVSA-2009:207 ] perl-Compress-Raw-Bzip2 (Aug 19)
  ------------------------------------------------------------------------------------------
  A vulnerability has been found and corrected in
  perl-Compress-Raw-Bzip: Off-by-one error in the bzinflate function in
  Bzip2.xs in the Compress-Raw-Bzip2 module before 2.018 for Perl
  allows context-dependent attackers to cause a denial of service
  (application hang or crash) via a crafted bzip2 compressed stream
  that triggers a buffer overflow, a related issue to CVE-2009-1391
  (CVE-2009-1884). This update provides a solution to this
  vulnerability.

  http://www.linuxsecurity.com/content/view/149809

* Mandriva: Subject: [Security Announce] [ MDVSA-2009:206 ] wget (Aug 18)
  -----------------------------------------------------------------------
  A vulnerability has been found and corrected in wget: SUSE discovered
  a security issue in wget related to
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2408 This
  update provides a solution to this vulnerability.

  http://www.linuxsecurity.com/content/view/149797

* Mandriva: Subject: [Security Announce] [ MDVSA-2009:205 ] kernel (Aug 17)
  -------------------------------------------------------------------------
  A vulnerability was discovered and corrected in the Linux 2.6 kernel:
  The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4,
  does not initialize all function pointers for socket operations in
  proto_ops structures, which allows local users to trigger a NULL
  pointer dereference and gain privileges by using mmap to map page
  zero, placing arbitrary code on this page, and then invoking an
  unavailable operation, as demonstrated by the sendpage operation on a
  PF_PPPOX socket. (CVE-2009-2692) To update your kernel, please follow
  the directions located at:
  http://www.mandriva.com/en/security/kernelupdate

  http://www.linuxsecurity.com/content/view/149784

* Mandriva: Subject: [Security Announce] [ MDVSA-2009:204 ] wxgtk (Aug 16)
  ------------------------------------------------------------------------
  A vulnerability has been found and corrected in wxgtk: Integer
  overflow in the wxImage::Create function in src/common/image.cpp in
  wxWidgets 2.8.10 allows attackers to cause a denial of service
  (crash) and possibly execute arbitrary code via a crafted JPEG file,
  which triggers a heap-based buffer overflow. NOTE: the provenance of
  this information is unknown; the details are obtained solely from
  third party information (CVE-2009-2369). This update provides a
  solution to this vulnerability.

  http://www.linuxsecurity.com/content/view/149776

* Mandriva: Subject: [Security Announce] [ MDVSA-2009:203 ] curl (Aug 15)
  -----------------------------------------------------------------------
  A vulnerability has been found and corrected in curl: lib/ssluse.c in
  cURL and libcurl 7.4 through 7.19.5, when OpenSSL is used, does not
  properly handle a '\0' character in a domain name in the subject's
  Common Name (CN) field of an X.509 certificate, which allows
  man-in-the-middle attackers to spoof arbitrary SSL servers via a
  crafted certificate issued by a legitimate Certification Authority, a
  related issue to CVE-2009-2408 (CVE-2009-2417). This update provides
  a solution to this vulnerability.

  http://www.linuxsecurity.com/content/view/149771

* Mandriva: Subject: [Security Announce] [ MDVSA-2009:202 ] memcached (Aug 14)
  ----------------------------------------------------------------------------
  A vulnerability has been found and corrected in memcached: Multiple
  integer overflows in memcached 1.1.12 and 1.2.2 allow remote
  attackers to execute arbitrary code via vectors involving length
  attributes that trigger heap-based buffer overflows (CVE-2009-2415).
  This update provides a solution to this vulnerability. Additionally
  memcached-1.2.x has been upgraded to 1.2.8 for 2009.0/2009.1 and MES
  5 that contains a number of upstream fixes, the repcached patch has
  been upgraded to 2.2 as well.

  http://www.linuxsecurity.com/content/view/149761

* Mandriva: Subject: [Security Announce] [ MDVA-2009:151 ] samba (Aug 14)
  -----------------------------------------------------------------------
  This is the last upstream maintenance release of the Samba 3.2
  series. Major enhancements in 3.2.14 include:  o Fix SAMR access
  checks (e.g. bugs #6089 and #6112).  o Fix 'force user' (bug #6291).
  o Improve Win7 support (bug #6099).  o Fix posix ACLs when setting an
  ACL without explicit ACE for the  owner (bug #2346).

  http://www.linuxsecurity.com/content/view/149759

------------------------------------------------------------------------

* RedHat: Critical: pidgin security update (Aug 18)
  -------------------------------------------------
  Updated pidgin packages that fix a security issue are now available
  for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated
  as having critical security impact by the Red Hat Security Response
  Team.

  http://www.linuxsecurity.com/content/view/149789

* RedHat: Important: libvorbis security update (Aug 18)
  -----------------------------------------------------
  Updated libvorbis packages that fix one security issue are now
  available for Red Hat Enterprise Linux 3, 4, and 5. This update has
  been rated as having important security impact by the Red Hat
  Security Response Team.

  http://www.linuxsecurity.com/content/view/149790

* RedHat: Moderate: curl security update (Aug 13)
  -----------------------------------------------
  Updated curl packages that fix security issues are now available for
  Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as
  having moderate security impact by the Red Hat Security Response
  Team.

  http://www.linuxsecurity.com/content/view/149749

* RedHat: Important: kernel security and bug fix update (Aug 13)
  --------------------------------------------------------------
  Updated kernel packages that fix several security issues and several
  bugs are now available for Red Hat Enterprise Linux 4. This update
  has been rated as having important security impact by the Red Hat
  Security Response Team.

  http://www.linuxsecurity.com/content/view/149750

------------------------------------------------------------------------

* Slackware:   kernel [updated] (Aug 19)
  --------------------------------------
  This is a followup to the SSA:2009-230-01 advisory noting some
  errata. The generic SMP kernel update for Slackware 12.2 was built
  using the .config for a huge kernel, not a generic one.  The kernel
  previously published as kernel-generic-smp and in the gemsmp.s
  directory works and is secure, but is larger than it needs to be.  It
  has been replaced in the Slackware 12.2 patches with a generic SMP
  kernel. A new svgalib_helper package (compiled for a 2.6.27.31
  kernel) was added to the Slackware 12.2 /patches. An error was
  noticed in the SSA:2009-230-01 advisory concerning the packages for
  Slackware -current 32-bit.  The http links given refer to packages
  with a -1 build version.  The actual packages have a build number of
  -2.

  http://www.linuxsecurity.com/content/view/149811

* Slackware:   pidgin (Aug 19)
  ----------------------------
  New pidgin packages are available for Slackware 12.0, 12.1, 12.2, and
  -current to fix a security issue. More details about this issue may
  be found in the Common Vulnerabilities and Exposures (CVE) database:
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2694

  http://www.linuxsecurity.com/content/view/149812

* Slackware:   kernel (Aug 19)
  ----------------------------
  New Linux kernel packages are available for Slackware 12.2 and
  -current to address a security issue.  A kernel bug discovered by
  Tavis Ormandy and Julien Tinnes of the Google Security Team could
  allow a local user  to fill memory page zero with arbitrary code and
  then use the kernel sendpage operation to trigger a NULL pointer
  dereference, executing the code in the context of the kernel.  If
  successfully exploited, this bug can be used to gain root access. At
  this time we have prepared fixed kernels for the stable version of
  Slackware (12.2), as well as for both 32-bit x86 and x86_64 -current
  versions.  Additionally, we have added a package to the /patches
  directory for Slackware 12.1 and 12.2 that will set the minimum
  memory page that can be mmap()ed from userspace without additional
  privileges to 4096.  The package will work with any kernel supporting
  the vm.mmap_min_addr tunable, and should significantly reduce the
  potential harm from this bug, as well as future similar bugs that
  might be found in the kernel.  More updated kernels may follow. For
  more information, see:
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2692

  http://www.linuxsecurity.com/content/view/149798

* Slackware:   curl (Aug 14)
  --------------------------
  New curl packages are available for Slackware 9.1, 10.0, 10.1, 10.2,
  11.0, 12.0, 12.1, 12.2, and -current to fix a security issue. For
  more information, see:   http://curl.haxx.se/docs/security.html
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2417

  http://www.linuxsecurity.com/content/view/149763

------------------------------------------------------------------------

* SuSE: Linux kernel (SUSE-SA:2009:045) (Aug 20)
  ----------------------------------------------


  http://www.linuxsecurity.com/content/view/149815

* SuSE: subversion (SUSE-SA:2009:044) (Aug 14)
  --------------------------------------------


  http://www.linuxsecurity.com/content/view/149757

------------------------------------------------------------------------

* Ubuntu:  Pidgin vulnerability (Aug 20)
  --------------------------------------
  Federico Muttis discovered that Pidgin did not properly handle
  certain malformed messages in the MSN protocol handler. A remote
  attacker could send a specially crafted message and possibly execute
  arbitrary code with user privileges.

  http://www.linuxsecurity.com/content/view/149814

* Ubuntu:  Apache regression (Aug 19)
  -----------------------------------
  USN-802-1 fixed vulnerabilities in Apache. The upstream fix for
  CVE-2009-1891 introduced a regression that would cause Apache
  children to occasionally segfault when mod_deflate is used. This
  update fixes the problem. We apologize for the inconvenience.
  Original advisory details:  It was discovered that mod_proxy_http did
  not properly handle a large  amount of streamed data when used as a
  reverse proxy. A remote attacker  could exploit this and cause a
  denial of service via memory resource  consumption. This issue
  affected Ubuntu 8.04 LTS, 8.10 and 9.04.  (CVE-2009-1890)    It was
  discovered that mod_deflate did not abort compressing large files
  when the connection was closed. A remote attacker could exploit this
  and  cause a denial of service via CPU resource consumption.
  (CVE-2009-1891)

  http://www.linuxsecurity.com/content/view/149807

------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email vuln-newsletter-request_at_private
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------


________________________________________
Subscribe to InfoSec News
http://www.infosecnews.org
Received on Mon Aug 24 2009 - 01:07:30 PDT

This archive was generated by hypermail 2.2.0 : Mon Aug 24 2009 - 01:16:50 PDT