[ISN] Linux Advisory Watch - October 16th 2009

From: InfoSec News <alerts_at_private>
Date: Mon, 19 Oct 2009 01:45:23 -0500 (CDT)
+----------------------------------------------------------------------+
| LinuxSecurity.com                                  Weekly Newsletter |
| October 16th, 2009                              Volume 10, Number 42 |
|                                                                      |
| Editorial Team:              Dave Wreski <dwreski_at_private> |
|                       Benjamin D. Thomas <bthomas_at_private> |
+----------------------------------------------------------------------+

Thank you for reading the LinuxSecurity.com weekly security newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's most relevant Linux security headlines.

This week, advisories were released for pygresql, mysql-ocaml, samba,
kvm, python-django, opensaml2, wget, dnsmasq, rubygem, drupal,
dopewars, deltarpm, aria, strongswan, libmikmod, libnasl, mono,
wireshark, xmlsec, awstats, gd, egroupware, sympa, netpbm, imagemagick,
mozilla-thunderbird, cups, xpdf, gpdf, squirrelmail, zope, pan, and
mimtex.  The distributors include Debian, Fedora, Mandriva, Red Hat,
and Ubuntu.

---

>> Linux+DVD Magazine <<

In each issue you can find information concerning the best use of Linux:
safety, databases, multimedia, scientific tools, entertainment,
programming, e-mail, news and desktop environments.

Catch up with what professional network and database administrators,
system programmers, webmasters and all those who believe in the power of
Open Source software are doing!

http://www.linuxsecurity.com/ads/adclick.php?bannerid=26

---

Review: Googling Security: How Much Does Google Know About You
--------------------------------------------------------------
If I ask "How much do you know about Google?" You may not take even a
second to respond.  But if I may ask "How much does Google know about
you"? You may instantly reply "Wait... what!? Do they!?"  The book
"Googling Security: How Much Does Google Know About You" by Greg Conti
(Computer Science Professor at West Point) is the first book to reveal
how Google's vast information stockpiles could be used against you or
your business and what you can do to protect yourself.

http://www.linuxsecurity.com/content/view/145939

---

A Secure Nagios Server
----------------------
Nagios is a monitoring software designed to let you know about problems
on your hosts and networks quickly. You can configure it to be used on
any network. Setting up a Nagios server on any Linux distribution is a
very quick process however to make it a secure setup it takes some
work. This article will not show you how to install Nagios since there
are tons of them out there but it will show you in detail ways to
improve your Nagios security.

http://www.linuxsecurity.com/content/view/144088

-->  Take advantage of the LinuxSecurity.com Quick Reference Card!  <--
-->  http://www.linuxsecurity.com/docs/QuickRefCard.pdf             <--

------------------------------------------------------------------------

* EnGarde Secure Community 3.0.22 Now Available! (Dec 9)
  ------------------------------------------------------
  Guardian Digital is happy to announce the release of EnGarde Secure
  Community 3.0.22 (Version 3.0, Release 22).  This release includes
  many updated packages and bug fixes and some feature enhancements to
  the EnGarde Secure Linux Installer and the SELinux policy.

  http://www.linuxsecurity.com/content/view/145668

------------------------------------------------------------------------

* Debian: New pygresql packages provide secure escaping (Oct 14)
  --------------------------------------------------------------


  http://www.linuxsecurity.com/content/view/150385

* Debian: New mysql-ocaml packages provide secure escaping (Oct 14)
  -----------------------------------------------------------------


  http://www.linuxsecurity.com/content/view/150384

* Debian: New postgresql-ocaml packages provide secure escaping (Oct 14)
  ----------------------------------------------------------------------


  http://www.linuxsecurity.com/content/view/150383

* Debian: New samba packages fix several vulnerabilities (Oct 13)
  ---------------------------------------------------------------


  http://www.linuxsecurity.com/content/view/150374

* Debian: New kvm packages fix several vulnerabilities (Oct 13)
  -------------------------------------------------------------


  http://www.linuxsecurity.com/content/view/150355

* Debian: New python-django packages fix denial of service (Oct 10)
  -----------------------------------------------------------------


  http://www.linuxsecurity.com/content/view/150344

* Debian: New opensaml2 and shibboleth-sp2 packages fix regression (Oct 9)
  ------------------------------------------------------------------------


  http://www.linuxsecurity.com/content/view/150341

* Debian: New wget packages fix SSL certificate verification weakness (Oct 9)
  ---------------------------------------------------------------------------


  http://www.linuxsecurity.com/content/view/150334

------------------------------------------------------------------------

* Fedora 10 Update: dnsmasq-2.46-2.fc10 (Oct 13)
  ----------------------------------------------
  This update fixes two security issues with dnsmasq's tftp server:
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2957
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2958

  http://www.linuxsecurity.com/content/view/150373

* Fedora 11 Update: rubygem-activeresource-2.3.2-2.fc11 (Oct 13)
  --------------------------------------------------------------
  - Fixes CVE-2009-3009  - Downgrade to Rails 2.3.2 to avoid update
  issues for existing applications

  http://www.linuxsecurity.com/content/view/150371

* Fedora 11 Update: rubygem-rails-2.3.2-5.fc11 (Oct 13)
  -----------------------------------------------------
  - Fixes CVE-2009-3009  - Downgrade to Rails 2.3.2 to avoid update
  issues for existing applications

  http://www.linuxsecurity.com/content/view/150372

* Fedora 11 Update: rubygem-actionpack-2.3.2-2.fc11 (Oct 13)
  ----------------------------------------------------------
  - Fixes CVE-2009-3009  - Downgrade to Rails 2.3.2 to avoid update
  issues for existing applications

  http://www.linuxsecurity.com/content/view/150367

* Fedora 11 Update: rubygem-actionmailer-2.3.2-3.fc11 (Oct 13)
  ------------------------------------------------------------
  - Fixes CVE-2009-3009  - Downgrade to Rails 2.3.2 to avoid update
  issues for existing applications

  http://www.linuxsecurity.com/content/view/150368

* Fedora 11 Update: rubygem-activerecord-2.3.2-2.fc11 (Oct 13)
  ------------------------------------------------------------
  - Fixes CVE-2009-3009  - Downgrade to Rails 2.3.2 to avoid update
  issues for existing applications

  http://www.linuxsecurity.com/content/view/150369

* Fedora 11 Update: rubygem-activesupport-2.3.2-2.fc11 (Oct 13)
  -------------------------------------------------------------
  - Fixes CVE-2009-3009  - Downgrade to Rails 2.3.2 to avoid update
  issues for existing applications

  http://www.linuxsecurity.com/content/view/150370

* Fedora 11 Update: drupal-service_links-6.x.1.0-5.fc11 (Oct 13)
  --------------------------------------------------------------
  Common Vulnerabilities and Exposures assigned an identifier
  CVE-2009-3648 to the following vulnerability:    Name: CVE-2009-3648
  URL: http://cve.mitre.org /cgi-bin/cvename.cgi?name=CVE-2009-3648
  Assigned: 20091009  Reference: MISC:
  http://www.madirish.net/?article=251	Reference: BID:36584
  Reference: URL: http://www.securityfocus.com/bid/36584  Reference:
  XF:servicelinks-content-type- xss(53633)  Reference: URL:
  http://xforce.iss.net/xforce/xfdb/53633    Cross- site scripting
  (XSS) vulnerability in Service Links 6.x-1.0, a  module for Drupal,
  allows remote authenticated users, with 'administer  content types'
  permissions, to inject arbitrary web script or HTML via  unspecified
  vectors when displaying content type names.	   Checked
  drupal-service_links in CVS and this affects Fedora 10, 11, and
  rawhide.

  http://www.linuxsecurity.com/content/view/150366

* Fedora 10 Update: drupal-service_links-6.x.1.0-5.fc10 (Oct 13)
  --------------------------------------------------------------
  Common Vulnerabilities and Exposures assigned an identifier
  CVE-2009-3648 to the following vulnerability:    Name: CVE-2009-3648
  URL: http://cve.mitre.org /cgi-bin/cvename.cgi?name=CVE-2009-3648
  Assigned: 20091009  Reference: MISC:
  http://www.madirish.net/?article=251	Reference: BID:36584
  Reference: URL: http://www.securityfocus.com/bid/36584  Reference:
  XF:servicelinks-content-type- xss(53633)  Reference: URL:
  http://xforce.iss.net/xforce/xfdb/53633    Cross- site scripting
  (XSS) vulnerability in Service Links 6.x-1.0, a  module for Drupal,
  allows remote authenticated users, with 'administer  content types'
  permissions, to inject arbitrary web script or HTML via  unspecified
  vectors when displaying content type names.	   Checked
  drupal-service_links in CVS and this affects Fedora 10, 11, and
  rawhide.

  http://www.linuxsecurity.com/content/view/150365

* Fedora 11 Update: dopewars-1.5.12-8.1033svn.fc11 (Oct 13)
  ---------------------------------------------------------
  Fix DoS.

  http://www.linuxsecurity.com/content/view/150364

* Fedora 11 Update: deltarpm-3.4-18.fc11 (Oct 13)
  -----------------------------------------------
  deltarpm prior to the current build ships with a bundled copy of
  zlib. This version of zlib has a known vulnerability with CVE
  identifier: CAN-2005-1849 This build of deltarpm patches the program
  to use the system zlib (which was fixed when the vulnerability was
  first discovered) instead of the bundled copy.

  http://www.linuxsecurity.com/content/view/150363

* Fedora 11 Update: dnsmasq-2.46-3.fc11 (Oct 13)
  ----------------------------------------------
  This update fixes two security issues with dnsmasq's tftp server:
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2957
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2958

  http://www.linuxsecurity.com/content/view/150362

* Fedora 10 Update: dopewars-1.5.12-8.1033svn.fc10 (Oct 13)
  ---------------------------------------------------------
  Fix DoS.

  http://www.linuxsecurity.com/content/view/150361

* Fedora 10 Update: deltarpm-3.4-11.fc10.1 (Oct 8)
  ------------------------------------------------
  deltarpm prior to the current build ships with a bundled copy of
  zlib.  This version of zlib has a known vulnerability with CVE
  identifier: CAN-2005-1849 This build of deltarpm patches the program
  to use the system zlib (which was fixed when the vulnerability was
  first discovered) instead of the bundled copy.

  http://www.linuxsecurity.com/content/view/150333

* Fedora 10 Update: aria2-1.3.1-2.fc10 (Oct 8)
  --------------------------------------------
  Fixes CVE-2009-3575, A buffer overflow vulnerability described in
  more detail at https://bugzilla.redhat.com/show_bug.cgi?id=527827

  http://www.linuxsecurity.com/content/view/150332

* Fedora 11 Update: deltarpm-3.4-17.fc11 (Oct 8)
  ----------------------------------------------
  deltarpm prior to the current build ships with a bundled copy of
  zlib.  This version of zlib has a known vulnerability with CVE
  identifier: CAN-2005-1849 This build of deltarpm patches the program
  to use the system zlib (which was fixed when the vulnerability was
  first discovered) instead of the bundled copy.

  http://www.linuxsecurity.com/content/view/150331

------------------------------------------------------------------------

* Mandriva: Subject: [Security Announce] [ MDVSA-2009:278 ] compiz-fusion-plugins-main (Oct 14)
  ---------------------------------------------------------------------------------------------
  A vulnerability has been found and corrected in
  compiz-fusion-plugins-main: The Expo plugin in Compiz Fusion 0.7.8
  allows local users with physical access to drag the screen saver
  aside and access the locked desktop by using Expo mouse shortcuts, a
  related issue to CVE-2007-3920 (CVE-2008-6514). This update fixes
  this vulnerability.

  http://www.linuxsecurity.com/content/view/150379

* Mandriva: Subject: [Security Announce] [ MDVSA-2009:277 ] samba (Oct 14)
  ------------------------------------------------------------------------
  Multiple vulnerabilities has been found and corrected in samba: The
  SMB (aka Samba) subsystem in Apple Mac OS X 10.5.8, when Windows File
  Sharing is enabled, does not properly handle errors in resolving
  pathnames, which allows remote authenticated users to bypass intended
  sharing restrictions, and read, create, or modify files, in certain
  circumstances involving user accounts that lack home directories
  (CVE-2009-2813). smbd in Samba 3.0 before 3.0.37, 3.2 before 3.2.15,
  3.3 before 3.3.8, and 3.4 before 3.4.2 allows remote authenticated
  users to cause a denial of service (infinite loop) via an
  unanticipated oplock break notification reply packet (CVE-2009-2906).
  mount.cifs in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before
  3.3.8 and 3.4 before 3.4.2, when mount.cifs is installed suid root,
  does not properly enforce permissions, which allows local users to
  read part of the credentials file and obtain the password by
  specifying the path to the credentials file and using the --verbose
  or -v option (CVE-2009-2948). The versions of samba shipping with
  Mandriva Linux CS4/MES5/2008.1/2009.0/2009.1 have been updated to the
  latest version that includes the fixes for these issues. Additionally
  for 2009.1 the version upgrade provides many upstream bug fixes such
  as improved Windows(tm) 7 support. The version for CS3 has been
  patched to address these security issues.

  http://www.linuxsecurity.com/content/view/150375

* Mandriva: Subject: [Security Announce] [ MDVSA-2009:276 ] python-django (Oct 13)
  --------------------------------------------------------------------------------
  Multiple vulnerabilities has been found and corrected in
  python-django: The Admin media handler in core/servers/basehttp.py in
  Django 1.0 and 0.96 does not properly map URL requests to expected
  static media files, which allows remote attackers to conduct
  directory traversal attacks and read arbitrary files via a crafted
  URL (CVE-2009-2659). Algorithmic complexity vulnerability in the
  forms library in Django 1.0 before 1.0.4 and 1.1 before 1.1.1 allows
  remote attackers to cause a denial of service (CPU consumption) via a
  crafted (1) EmailField (email address) or (2) URLField (URL) that
  triggers a large amount of backtracking in a regular expression
  (CVE-2009-3695). The versions of Django shipping with Mandriva Linux
  have been updated to the latest patched version that include the fix
  for this issue. In addition, they provide other bug fixes.

  http://www.linuxsecurity.com/content/view/150360

* Mandriva: Subject: [Security Announce] [ MDVSA-2009:275 ] python-django (Oct 13)
  --------------------------------------------------------------------------------
  A vulnerability has been found and corrected in python-django: The
  Admin media handler in core/servers/basehttp.py in Django 1.0 and
  0.96 does not properly map URL requests to expected static media
  files, which allows remote attackers to conduct directory traversal
  attacks and read arbitrary files via a crafted URL (CVE-2009-2659).
  The versions of Django shipping with Mandriva Linux have been updated
  to the latest patched version that include the fix for this issue. In
  addition, they provide other bug fixes.

  http://www.linuxsecurity.com/content/view/150357

* Mandriva: Subject: [Security Announce] [ MDVSA-2009:274 ] phpmyadmin (Oct 13)
  -----------------------------------------------------------------------------
  This is a security release for XSS and SQL injection problems. This
  upgrade provides phpmyadmin 2.11.9.6 for CS4 and 3.2.2.1 for MES5
  which is not vulnerable for these security issues.

  http://www.linuxsecurity.com/content/view/150356

* Mandriva: Subject: [Security Announce] [ MDVSA-2009:273 ] strongswan (Oct 12)
  -----------------------------------------------------------------------------
  A vulnerability has been found and corrected in strongswan: The ASN.1
  parser (pluto/asn1.c, libstrongswan/asn1/asn1.c,
  libstrongswan/asn1/asn1_parser.c) in (a) strongSwan 2.8 before
  2.8.10, 4.2 before 4.2.16, and 4.3 before 4.3.2; and (b) openSwan 2.6
  before 2.6.22 and 2.4 before 2.4.15 allows remote attackers to cause
  a denial of service (pluto IKE daemon crash) via an X.509 certificate
  with (1) crafted Relative Distinguished Names (RDNs), (2) a crafted
  UTCTIME string, or (3) a crafted GENERALIZEDTIME string
  (CVE-2009-2185). This update fixes this vulnerability.

  http://www.linuxsecurity.com/content/view/150354

* Mandriva: Subject: [Security Announce] [ MDVSA-2009:272 ] libmikmod (Oct 12)
  ----------------------------------------------------------------------------
  Multiple vulnerabilities has been found and corrected in libmikmod:
  libmikmod 3.1.9 through 3.2.0, as used by MikMod, SDL-mixer, and
  possibly other products, relies on the channel count of the last
  loaded song, rather than the currently playing song, for certain
  playback calculations, which allows user-assisted attackers to cause
  a denial of service (application crash) by loading multiple songs
  (aka MOD files) with different numbers of channels (CVE-2007-6720).
  libmikmod 3.1.11 through 3.2.0, as used by MikMod and possibly other
  products, allows user-assisted attackers to cause a denial of service
  (application crash) by loading an XM file (CVE-2009-0179). This
  update fixes these vulnerabilities.

  http://www.linuxsecurity.com/content/view/150353

* Mandriva: Subject: [Security Announce] [ MDVSA-2009:271 ] libnasl (Oct 12)
  --------------------------------------------------------------------------
  A vulnerability has been found and corrected in libnasl:
  nasl/nasl_crypto2.c in the Nessus Attack Scripting Language library
  (aka libnasl) 2.2.11 does not properly check the return value from
  the OpenSSL DSA_do_verify function, which allows remote attackers to
  bypass validation of the certificate chain via a malformed SSL/TLS
  signature, a similar vulnerability to CVE-2008-5077 (CVE-2009-0125).
  This update fixes this vulnerability.

  http://www.linuxsecurity.com/content/view/150352

* Mandriva: Subject: [Security Announce] [ MDVSA-2009:269 ] mono (Oct 12)
  -----------------------------------------------------------------------
  A vulnerability has been found and corrected in mono: The XML HMAC
  signature system did not correctly check certain lengths. If an
  attacker sent a truncated HMAC, it could bypass authentication,
  leading to potential privilege escalation (CVE-2009-0217). This
  update fixes this vulnerability.

  http://www.linuxsecurity.com/content/view/150351

* Mandriva: Subject: [Security Announce] [ MDVSA-2009:270 ] wireshark (Oct 12)
  ----------------------------------------------------------------------------
  A vulnerability has been found and corrected in wireshark:
  Unspecified vulnerability in the OpcUa (OPC UA) dissector in
  Wireshark 0.99.6 through 1.0.8 and 1.2.0 through 1.2.1 allows remote
  attackers to cause a denial of service (memory and CPU consumption)
  via malformed OPCUA Service CallRequest packets (CVE-2009-3241). This
  update fixes this vulnerability.

  http://www.linuxsecurity.com/content/view/150350

* Mandriva: Subject: [Security Announce] [ MDVSA-2009:268 ] mono (Oct 12)
  -----------------------------------------------------------------------
  Multiple vulnerabilities has been found and corrected in mono:
  Multiple cross-site scripting (XSS) vulnerabilities in the ASP.net
  class libraries in Mono 2.0 and earlier allow remote attackers to
  inject arbitrary web script or HTML via crafted attributes related to
  (1) HtmlControl.cs (PreProcessRelativeReference), (2) HtmlForm.cs
  (RenderAttributes), (3) HtmlInputButton (RenderAttributes), (4)
  HtmlInputRadioButton (RenderAttributes), and (5) HtmlSelect
  (RenderChildren) (CVE-2008-3422). The XML HMAC signature system did
  not correctly check certain lengths. If an attacker sent a truncated
  HMAC, it could bypass authentication, leading to potential privilege
  escalation (CVE-2009-0217). This update fixes these vulnerabilities.

  http://www.linuxsecurity.com/content/view/150346

* Mandriva: Subject: [Security Announce] [ MDVSA-2009:267 ] xmlsec1 (Oct 10)
  --------------------------------------------------------------------------
  A vulnerability has been found and corrected in xmlsec1: A missing
  check for the recommended minimum length of the truncated form of
  HMAC-based XML signatures was found in xmlsec1 prior to 1.2.12. An
  attacker could use this flaw to create a specially-crafted XML file
  that forges an XML signature, allowing the attacker to bypass
  authentication that is based on the XML Signature specification
  (CVE-2009-0217). This update fixes this vulnerability.

  http://www.linuxsecurity.com/content/view/150343

* Mandriva: Subject: [Security Announce] [ MDVSA-2009:266 ] awstats (Oct 9)
  -------------------------------------------------------------------------
  A vulnerability has been found and corrected in awstats: awstats.pl
  in AWStats 6.8 and earlier does not properly remove quote characters,
  which allows remote attackers to conduct cross-site scripting (XSS)
  attacks via the query_string parameter. NOTE: this issue exists
  because of an incomplete fix for CVE-2008-3714 (CVE-2008-5080). This
  update fixes this vulnerability.

  http://www.linuxsecurity.com/content/view/150342

* Mandriva: Subject: [Security Announce] [ MDVSA-2009:264 ] gd (Oct 9)
  --------------------------------------------------------------------
  Multiple integer overflows in libgd in PHP before 5.2.4 allow remote
  attackers to cause a denial of service (application crash) and
  possibly execute arbitrary code via a large (1) srcW or (2) srcH
  value to the (a) gdImageCopyResized function, or a large (3) sy
  (height) or (4) sx (width) value to the (b) gdImageCreate or the (c)
  gdImageCreateTrueColor function. (CVE-2007-3996) The updated packages
  have been patched to prevent this.

  http://www.linuxsecurity.com/content/view/150340

* Mandriva: Subject: [Security Announce] [ MDVSA-2009:265 ] egroupware (Oct 9)
  ----------------------------------------------------------------------------
  A vulnerability has been found and corrected in egroupware: The
  _bad_protocol_once function in phpgwapi/inc/class.kses.inc.php in
  KSES, as used in eGroupWare before 1.4.003, Moodle before 1.8.5, and
  other products, allows remote attackers to bypass HTML filtering and
  conduct cross-site scripting (XSS) attacks via a string containing
  crafted URL protocols (CVE-2008-1502). This update fixes this
  vulnerability.

  http://www.linuxsecurity.com/content/view/150339

* Mandriva: Subject: [Security Announce] [ MDVSA-2009:263 ] sympa (Oct 9)
  -----------------------------------------------------------------------
  A vulnerability has been found and corrected in sympa: sympa.pl in
  sympa 5.3.4 allows local users to overwrite arbitrary files via a
  symlink attack on a temporary file.  NOTE: wwsympa.fcgi was also
  reported, but the issue occurred in a dead function, so it is not a
  vulnerability (CVE-2008-4476). This update fixes this vulnerability.

  http://www.linuxsecurity.com/content/view/150338

* Mandriva: Subject: [Security Announce] [ MDVSA-2009:262 ] netpbm (Oct 9)
  ------------------------------------------------------------------------
  A vulnerability has been found and corrected in netpbm:
  pamperspective in Netpbm before 10.35.48 does not properly calculate
  a window height, which allows context-dependent attackers to cause a
  denial of service (crash) via a crafted image file that triggers an
  out-of-bounds read (CVE-2008-4799). This update fixes this
  vulnerability.

  http://www.linuxsecurity.com/content/view/150337

* Mandriva: Subject: [Security Announce] [ MDVSA-2009:260 ] imagemagick (Oct 8)
  -----------------------------------------------------------------------------
  A vulnerability has been found and corrected in ImageMagick, which
  could lead to integer overflow in the XMakeImage function in
  magick/xwindow.c, allowing remote attackers to cause a denial of
  service (crash) and possibly execute arbitrary code via a crafted
  TIFF file, which triggers a buffer overflow (CVE-2009-1882). This
  update fixes this vulnerability.

  http://www.linuxsecurity.com/content/view/150329

* Mandriva: Subject: [Security Announce] [ MDVSA-2009:261 ] graphicsmagick (Oct 8)
  --------------------------------------------------------------------------------
  A vulnerability has been found and corrected in GraphicsMagick, which
  could lead to integer overflow in the XMakeImage function in
  magick/xwindow.c, allowing remote attackers to cause a denial of
  service (crash) and possibly execute arbitrary code via a crafted
  TIFF file, which triggers a buffer overflow (CVE-2009-1882). This
  update fixes this vulnerability.

  http://www.linuxsecurity.com/content/view/150326

* Mandriva: Subject: [Security Announce] [ MDVSA-2009:217-2 ] mozilla-thunderbird (Oct 8)
  ---------------------------------------------------------------------------------------
  A number of security vulnerabilities have been discovered in Mozilla
  Thunderbird: Security issues in thunderbird could lead to a
  man-in-the-middle attack via a spoofed X.509 certificate
  (CVE-2009-2408). A vulnerability was found in xmltok_impl.c (expat)
  that with specially crafted XML could be exploited and lead to a
  denial of service attack. Related to CVE-2009-2625. This update
  provides the latest version of Thunderbird which are not vulnerable
  to these issues.

  Update:

  The previous mozilla-thunderbird-moztraybiff packages had the wrong
  release which prevented it to be upgraded (#53129). The new packages
  addresses this problem.

  http://www.linuxsecurity.com/content/view/150324

* Mandriva: Subject: [Security Announce] [ MDVSA-2009:217-1 ] mozilla-thunderbird (Oct 8)
  ---------------------------------------------------------------------------------------
  A number of security vulnerabilities have been discovered in Mozilla
  Thunderbird: Security issues in thunderbird could lead to a
  man-in-the-middle attack via a spoofed X.509 certificate
  (CVE-2009-2408). A vulnerability was found in xmltok_impl.c (expat)
  that with specially crafted XML could be exploited and lead to a
  denial of service attack. Related to CVE-2009-2625. This update
  provides the latest version of Thunderbird which are not vulnerable
  to these issues.

  Update:

  The mozilla-thunderbird-moztraybiff packages had the wrong release
  which prevented it to be upgraded (#53129). The new packages
  addresses this problem.

  http://www.linuxsecurity.com/content/view/150323

------------------------------------------------------------------------

* RedHat: Moderate: cups security update (Oct 15)
  -----------------------------------------------
  Updated cups packages that fix two security issues are now available
  for Red Hat Enterprise Linux 5. This update has been rated as having
  moderate security impact by the Red Hat Security Response Team.

  http://www.linuxsecurity.com/content/view/150392

* RedHat: Important: xpdf security update (Oct 15)
  ------------------------------------------------
  An updated xpdf package that fixes multiple security issues is now
  available for Red Hat Enterprise Linux 4. This update has been rated
  as having important security impact by the Red Hat Security Response
  Team.

  http://www.linuxsecurity.com/content/view/150387

* RedHat: Important: kdegraphics security update (Oct 15)
  -------------------------------------------------------
  Updated kdegraphics packages that fix multiple security issues are
  now available for Red Hat Enterprise Linux 5. This update has been
  rated as having important security impact by the Red Hat Security
  Response Team.

  http://www.linuxsecurity.com/content/view/150388

* RedHat: Important: gpdf security update (Oct 15)
  ------------------------------------------------
  An updated gpdf package that fixes multiple security issues is now
  available for Red Hat Enterprise Linux 4. This update has been rated
  as having important security impact by the Red Hat Security Response
  Team.

  http://www.linuxsecurity.com/content/view/150389

* RedHat: Important: poppler security and bug fix update (Oct 15)
  ---------------------------------------------------------------
  Updated poppler packages that fix multiple security issues and a bug
  are now available for Red Hat Enterprise Linux 5. This update has
  been rated as having important security impact by the Red Hat
  Security Response Team.

  http://www.linuxsecurity.com/content/view/150390

* RedHat: Important: kdegraphics security update (Oct 15)
  -------------------------------------------------------
  Updated kdegraphics packages that fix multiple security issues are
  now available for Red Hat Enterprise Linux 4. This update has been
  rated as having important security impact by the Red Hat Security
  Response Team.

  http://www.linuxsecurity.com/content/view/150391

* RedHat: Important: xpdf security update (Oct 15)
  ------------------------------------------------
  An updated xpdf package that fixes multiple security issues is now
  available for Red Hat Enterprise Linux 3. This update has been rated
  as having important security impact by the Red Hat Security Response
  Team.

  http://www.linuxsecurity.com/content/view/150386

* RedHat: Moderate: java-1.4.2-ibm security update (Oct 14)
  ---------------------------------------------------------
  Updated java-1.4.2-ibm packages that fix two security issues are now
  available for Red Hat Enterprise Linux 3 Extras, Red Hat Enterprise
  Linux 4 Extras, and Red Hat Enterprise Linux 5 Supplementary. This
  update has been rated as having moderate security impact by the Red
  Hat Security Response Team.

  http://www.linuxsecurity.com/content/view/150378

* RedHat: Critical: acroread security update (Oct 14)
  ---------------------------------------------------
  Updated acroread packages that fix multiple security issues are now
  available for Red Hat Enterprise Linux 3 Extras, Red Hat Enterprise
  Linux 4 Extras, and Red Hat Enterprise Linux 5 Supplementary. This
  update has been rated as having critical security impact by the Red
  Hat Security Response Team.

  http://www.linuxsecurity.com/content/view/150377

* RedHat: Moderate: squirrelmail security update (Oct 8)
  ------------------------------------------------------
  An updated squirrelmail package that fixes several security issues is
  now available for Red Hat Enterprise Linux 3, 4, and 5. This update
  has been rated as having moderate security impact by the Red Hat
  Security Response Team.

  http://www.linuxsecurity.com/content/view/150325

------------------------------------------------------------------------

* Ubuntu:  Zope vulnerabilities (Oct 14)
  --------------------------------------
  It was discovered that the Zope Object Database (ZODB) database
  server (ZEO) improperly filtered certain commands when a database is
  shared among multiple applications or application instances. A remote
  attacker could send malicious commands to the server and execute
  arbitrary code. (CVE-2009-0668) It was discovered that the Zope
  Object Database (ZODB) database server (ZEO) did not handle
  authentication properly when a database is shared among multiple
  applications or application instances. A remote attacker could use
  this flaw to bypass security restrictions. (CVE-2009-0669) It was
  discovered that Zope did not limit the number of new object ids a
  client could request. A remote attacker could use this flaw to
  consume a huge amount of resources, leading to a denial of service.
  (No CVE identifier)

  http://www.linuxsecurity.com/content/view/150376

* Ubuntu:  Pan vulnerability (Oct 8)
  ----------------------------------
  Pavel Polischouk discovered that Pan incorrectly handled certain data
  structures. If a user were tricked into viewing malicious nntp data,
  a remote attacker could cause a denial of service or possibly execute
  arbitrary code with the privileges of the user invoking the program.

  http://www.linuxsecurity.com/content/view/150322

* Ubuntu:  mimeTeX vulnerabilities (Oct 8)
  ----------------------------------------
  Chris Evans discovered that mimeTeX incorrectly handled certain long
  tags. An attacker could exploit this with a crafted mimeTeX
  expression and cause a denial of service or possibly execute
  arbitrary code. (CVE-2009-1382) Chris Evans discovered that mimeTeX
  contained certain directives that may be unsuitable for handling
  untrusted user input. This update fixed the issue by disabling the
  \input and \counter tags. (CVE-2009-2459)

  http://www.linuxsecurity.com/content/view/150321

------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email vuln-newsletter-request_at_private
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------


________________________________________ 
Did a friend send you this? From now on, be the 
first to find out! Subscribe to InfoSec News 
http://www.infosecnews.org
Received on Sun Oct 18 2009 - 23:45:23 PDT

This archive was generated by hypermail 2.2.0 : Sun Oct 18 2009 - 23:53:39 PDT