[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Linux Advisory Watch: July 16th, 2011

+----------------------------------------------------------------------+
| LinuxSecurity.com                               Linux Advisory Watch |
| July 16th, 2011                                 Volume 12, Number 29 |
|                                                                      |
| Editorial Team:              Dave Wreski <dwreski@xxxxxxxxxxxxxxxxx> |
|                       Benjamin D. Thomas <bthomas@xxxxxxxxxxxxxxxxx> |
+----------------------------------------------------------------------+

Thank you for reading the Linux Advisory Watch Security Newsletter. The 
purpose of this document is to provide our readers with a quick summary of 
each week's vendor security bulletins and pointers on methods to improve 
the security posture of your open source system.

Vulnerabilities affect nearly every vendor virtually every week, so be 
sure to read through to find the updates your distributor have made 
available.

------------------------------------------------------------------------

* Debian: 2276-2: asterisk: multiple denial of service (Jul 11)
   -------------------------------------------------------------
   DSA 2276-1 for Asterisk in the oldstable distribution (lenny)
   introduced a functionality bug which invokes an undefined symbol. For
   the oldstable distribution (lenny), this problem has been fixed in
   [More...]

   http://www.linuxsecurity.com/content/view/155437

* Debian: 2277-1: xml-security-c: stack-based buffer overflow (Jul 10)
   --------------------------------------------------------------------
   It has been discovered that xml-security-c, an implementation of the
   XML Digital Signature and Encryption specifications, is not properly
   handling RSA keys of sizes on the order of 8192 or more bits. This
   allows an attacker to crash applications using this functionality or
   potentially [More...]

   http://www.linuxsecurity.com/content/view/155432

* Debian: 2276-1: asterisk: multiple denial of service (Jul 10)
   -------------------------------------------------------------
   Paul Belanger reported a vulnerability in Asterisk identified as
   AST-2011-008 (CVE-2011-2529) through which an unauthenticated
   attacker may crash an Asterisk server remotely. A package containing
   a null char causes the SIP header parser to alter unrelated memory
   structures. [More...]

   http://www.linuxsecurity.com/content/view/155431

------------------------------------------------------------------------

* Red Hat: 2011:0927-01: kernel: Important Advisory (Jul 15)
   ----------------------------------------------------------
   Updated kernel packages that fix multiple security issues and several
   bugs are now available for Red Hat Enterprise Linux 5. The Red Hat
   Security Response Team has rated this update as having [More...]

   http://www.linuxsecurity.com/content/view/155460

* Red Hat: 2011:0938-01: java-1.6.0-ibm: Critical Advisory (Jul 15)
   -----------------------------------------------------------------
   Updated java-1.6.0-ibm packages that fix several security issues are
   now available for Red Hat Enterprise Linux 4 Extras, and Red Hat
   Enterprise Linux 5 and 6 Supplementary. [More...]

   http://www.linuxsecurity.com/content/view/155461

* Red Hat: 2011:0928-01: kernel: Moderate Advisory (Jul 12)
   ---------------------------------------------------------
   Updated kernel packages that fix multiple security issues and various
   bugs are now available for Red Hat Enterprise Linux 6. The Red Hat
   Security Response Team has rated this update as having moderate
   [More...]

   http://www.linuxsecurity.com/content/view/155443

* Red Hat: 2011:0930-01: NetworkManager: Moderate Advisory (Jul 12)
   -----------------------------------------------------------------
   Updated NetworkManager packages that fix one security issue are now
   available for Red Hat Enterprise Linux 6. The Red Hat Security
   Response Team has rated this update as having moderate [More...]

   http://www.linuxsecurity.com/content/view/155444

------------------------------------------------------------------------

* Slackware: 2011-195-02: mozilla-firefox: Security Update (Jul 14)
   -----------------------------------------------------------------
   New mozilla-firefox packages are available for Slackware 13.0 and
   13.1 to fix security issues.	[More Info...]

   http://www.linuxsecurity.com/content/view/155458

* Slackware: 2011-195-01: seamonkey: Security Update (Jul 14)
   -----------------------------------------------------------
   New seamonkey packages are available for Slackware 13.37, and
   -current to fix security issues.  [More Info...]

   http://www.linuxsecurity.com/content/view/155459

* Slackware: 2011-189-02: mozilla-thunderbird: Security Update (Jul 8)
   --------------------------------------------------------------------
   New mozilla-thunderbird packages are available for Slackware 13.0,
   13.1, 13.37, and -current to fix security issues.  [More Info...]

   http://www.linuxsecurity.com/content/view/155429

* Slackware: 2011-189-01: bind: Security Update (Jul 8)
   -----------------------------------------------------
   New bind packages are available for Slackware 13.37, and -current to
   fix a security issue.  [More Info...]

   http://www.linuxsecurity.com/content/view/155430

------------------------------------------------------------------------

* Ubuntu: 1159-1: Linux kernel vulnerabilities (Marvell Dove) (Jul 13)
   --------------------------------------------------------------------
   Multiple kernel flaws have been fixed.

   http://www.linuxsecurity.com/content/view/155449

* Ubuntu: 1161-1: Linux kernel vulnerabilities (EC2) (Jul 13)
   -----------------------------------------------------------
   Multiple kernel flaws have been fixed.

   http://www.linuxsecurity.com/content/view/155450

* Ubuntu: 1167-1: Linux kernel vulnerabilities (Jul 13)
   -----------------------------------------------------
   Multiple kernel flaws have been fixed.

   http://www.linuxsecurity.com/content/view/155451

------------------------------------------------------------------------

* Pardus: 2011-99: vlc: Integer Overflow (Jul 14)
   -----------------------------------------------
   A vulnerability has been fixed in vlc.

   http://www.linuxsecurity.com/content/view/155453

* Pardus: 2011-98: nfs-utils: Corruption of the (Jul 14)
   ------------------------------------------------------
   A vulnerability has been fixed in ntf-utils.

   http://www.linuxsecurity.com/content/view/155452

* Pardus: 2011-96: libpng: Denial of Service (Jul 12)
   ---------------------------------------------------
   A vulnerability has been fixed in libpng.

   http://www.linuxsecurity.com/content/view/155441

* Pardus: 2011-95: Oracle Java: Multible (Jul 12)
   -----------------------------------------------
   Multible vulnerabilities have been fixed in java.

   http://www.linuxsecurity.com/content/view/155440

* Pardus: : Security Summary: Summary (Jul 12)
   --------------------------------------------
   A vulnerability has been fixed in vte.

   http://www.linuxsecurity.com/content/view/155439

* Pardus: 2011-93: D-bus: Denial of Service (Jul 12)
   --------------------------------------------------
   A vulnerability has been fixed in d-bus.

   http://www.linuxsecurity.com/content/view/155438

------------------------------------------------------------------------
Distributed by: Guardian Digital, Inc.                LinuxSecurity.com

     To unsubscribe email vuln-newsletter-request@xxxxxxxxxxxxxxxxx
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------

[Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Video for Linux]     [Bugtraq]     [USB]     [Fedora Security]

Add to Google Powered by Linux