Articles / Red Hat

RSS All articles tagged with Red Hat

September 07, 2011 12:25 Red Hat: Updated firefox packages fix one security issue

0

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. It was found that a Certificate Authority (CA) issued a fraudulent HTTPS certificate. This update renders any HTTPS certificates signed by that CA as untrusted, except for a select few. Updated packages are available from ftp.redhat.com.

September 07, 2011 12:15 Red Hat: An updated thunderbird package fixes one securit...

0

Mozilla Thunderbird is a standalone mail and newsgroup client. It was found that a Certificate Authority (CA) issued a fraudulent HTTPS certificate. This update renders any HTTPS certificates signed by that CA as untrusted, except for a select few. Updated packages are available from ftp.redhat.com.

September 05, 2011 14:06 Red Hat: Updated samba and cifs-utils packages fix multip...

0

Samba is a suite of programs used by machines to share files, printers, and other information. The cifs-utils package contains utilities for mounting and managing CIFS (Common Internet File System) shares. A cross-site scripting (XSS) flaw was found in the password change page of the Samba Web Administration Tool (SWAT). If a remote attacker could trick a user, who was logged into the SWAT interface, into visiting a specially-crafted URL, it would lead to arbitrary web script execution in the context of the user’s SWAT session. It was found that SWAT web pages did not protect against Cross-Site Request Forgery (CSRF) attacks. If a remote attacker could trick a user, who was logged into the SWAT interface, into visiting a specially-crafted URL, the attacker could perform Samba configuration changes with the privileges of the logged in user. It was found that the mount.cifs tool did not handle certain errors correctly when updating the mtab file. If mount.cifs had the setuid bit set, a local attacker could corrupt the mtab file by setting a small file size limit before running mount.cifs.

Updated packages are available from ftp.redhat.com.

September 05, 2011 14:04 Red Hat: Updated samba3x packages fix multiple security i...

0

Samba is a suite of programs used by machines to share files, printers, and other information. A cross-site scripting (XSS) flaw was found in the password change page of the Samba Web Administration Tool (SWAT). If a remote attacker could trick a user, who was logged into the SWAT interface, into visiting a specially-crafted URL, it would lead to arbitrary web script execution in the context of the user’s SWAT session. It was found that SWAT web pages did not protect against Cross-Site Request Forgery (CSRF) attacks. If a remote attacker could trick a user, who was logged into the SWAT interface, into visiting a specially-crafted URL, the attacker could perform Samba configuration changes with the privileges of the logged in user. It was found that the mount.cifs tool did not handle certain errors correctly when updating the mtab file. If mount.cifs had the setuid bit set, a local attacker could corrupt the mtab file by setting a small file size limit before running mount.cifs.

Updated packages are available from ftp.redhat.com.

August 29, 2011 10:46 Red Hat: Updated kernel packages fix several security issues

0

Updated Linux kernel packages fix various security issues. Using PCI passthrough without interrupt remapping support allowed KVM guests to generate MSI interrupts and thus potentially inject traps. A privileged guest user could use this flaw to crash the host or possibly escalate their privileges on the host. A flaw in the client-side NLM implementation could allow a local, unprivileged user to cause a denial of service. An integer underflow in the Bluetooth implementation could allow a remote attacker to cause a denial of service or escalate their privileges by sending a specially-crafted request to a target system via Bluetooth.

Buffer overflows in the netlink-based wireless configuration interface implementation could allow a local user, who has the CAP_NET_ADMIN capability, to cause a denial of service or escalate their privileges on systems that have an active wireless interface. A flaw in the way the maximum file offset was handled for ext4 file systems could allow a local, unprivileged user to cause a denial of service. A flaw allowed napi_reuse_skb() to be called on VLAN packets. An attacker on the local network could use this flaw to send crafted packets to a target, possibly causing a denial of service.

An integer signedness error in next_pidmap() could allow a local, unprivileged user to cause a denial of service. A race condition in the memory merging support (KSM) could allow a local, unprivileged user to cause a denial of service. A flaw in inet_diag_bc_audit() could allow a local, unprivileged user to cause a denial of service.

A flaw in the way space was allocated in the Global File System 2 (GFS2) implementation. If the file system was almost full, and a local, unprivileged user made an fallocate() request, it could result in a denial of service. Setting quotas to prevent users from using all available disk space would prevent exploitation of this flaw. Local, unprivileged users could send signals via the sigqueueinfo system call, with si_code set to SI_TKILL and with spoofed process and user IDs, to other processes. A heap overflow in the EFI GUID Partition Table (GPT) implementation could allow a local attacker to cause a denial of service by mounting a disk containing crafted partition tables.

Structure padding in two structures in the Bluetooth implementation was not initialized properly before being copied to user-space, possibly allowing local, unprivileged users to leak kernel stack memory to user-space. /proc/[PID]/io is world-readable by default. Previously, these files could be read without any further restrictions. A local, unprivileged user could read these files, belonging to other, possibly privileged processes to gather confidential information, such as the length of a password used in a process.

Updated packages are available from ftp.redhat.com.

August 29, 2011 10:45 Red Hat: Updated libvirt packages fix one security issue

0

The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux. An integer overflow flaw was found in libvirtd’s RPC call handling. An attacker able to establish read-only connections to libvirtd could trigger this flaw by calling virDomainGetVcpus() with specially-crafted parameters, causing libvirtd to crash. Updated packages are available from ftp.redhat.com.

August 26, 2011 11:41 Red Hat: Updated dovecot packages fix one security issue

0

Dovecot is an IMAP server for Linux, UNIX, and similar operating systems, primarily written with security in mind. A denial of service flaw was found in the way Dovecot handled NULL characters in certain header names. A mail message with specially-crafted headers could cause the Dovecot child process handling the target user’s connection to crash, blocking them from downloading the message successfully and possibly leading to the corruption of their mailbox. Updated packages are available from ftp.redhat.com.

August 26, 2011 11:35 Red Hat: Updated seamonkey packages fix several security ...

0

SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. A flaw was found in the way SeaMonkey handled malformed JavaScript. A web page containing malicious JavaScript could cause SeaMonkey to access already freed memory, causing SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. Updated packages are available from ftp.redhat.com.

August 20, 2011 06:16 Red Hat: An updated thunderbird package fixes several sec...

0

Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed HTML content. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. A flaw was found in the way Thunderbird handled malformed JavaScript. Malicious content could cause Thunderbird to access already freed memory, causing Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. Updated packages are available from updates.redhat.com.

August 20, 2011 06:14 Red Hat: Updated firefox packages fix several security is...

0

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. A dangling pointer flaw was found in the Firefox Scalable Vector Graphics (SVG) text manipulation routine. A web page containing a malicious SVG image could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. A dangling pointer flaw was found in the way Firefox handled a certain Document Object Model (DOM) element. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.

A flaw was found in the event management code in Firefox. A website containing malicious JavaScript could cause Firefox to execute that JavaScript with the privileges of the user running Firefox. A flaw was found in the way Firefox handled malformed JavaScript. A web page containing malicious JavaScript could cause Firefox to access already freed memory, causing Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. It was found that a malicious web page could execute arbitrary code with the privileges of the user running Firefox if the user dropped a tab onto the malicious web page.

Updated packages are available from updates.redhat.com.

August 20, 2011 06:12 Red Hat: Updated kernel packages fix two security issues

0

The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Xen hypervisor implementation handled instruction emulation during virtual machine exits. A malicious user-space process running in an SMP guest could trick the emulator into reading a different instruction than the one that caused the virtual machine to exit. An unprivileged guest user could trigger this flaw to crash the host. A flaw allowed the tc_fill_qdisc() function in the packet scheduler API implementation to be called on built-in qdisc structures. A local, unprivileged user could use this flaw to trigger a NULL pointer dereference, resulting in a denial of service. Updated packages are available from updates.redhat.com.

August 20, 2011 06:11 Red Hat: An updated thunderbird package fixes several sec...

0

Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed HTML content. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. A dangling pointer flaw was found in the Thunderbird Scalable Vector Graphics (SVG) text manipulation routine. An HTML mail message containing a malicious SVG image could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. A dangling pointer flaw was found in the way Thunderbird handled a certain Document Object Model (DOM) element. An HTML mail message containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. Updated packages are available from updates.redhat.com.

August 20, 2011 06:09 Red Hat: Updated dhcp packages fix two security issues

0

The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. Two denial of service flaws were found in the way the dhcpd daemon handled certain incomplete request packets. A remote attacker could use these flaws to crash dhcpd via a specially-crafted request. Updated packages are available from updates.redhat.com.

August 19, 2011 09:11 Red Hat: Updated freetype packages fix one security issue

0

FreeType is a free, high-quality, portable font engine that can open and manage font files. A buffer overflow flaw was found in the way the FreeType library handled malformed font files compressed using UNIX compress. If a user loaded a specially-crafted compressed font file with an application linked against FreeType, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. Updated packages are available from ftp.redhat.com.

August 19, 2011 09:10 Red Hat: Updated java-1.4.2-ibm packages fix several secu...

0

The IBM 1.4.2 SR13-FP10 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. This update fixes several vulnerabilities in the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. Updated packages are available from ftp.redhat.com.

August 18, 2011 12:33 Red Hat: Updated xorg-x11 packages fix one security issue

0

X.Org is an open source implementation of the X Window System. A buffer overflow flaw was found in the way the libXfont library, used by the X.Org server, handled malformed font files compressed using UNIX compress. A malicious, local user could exploit this issue to potentially execute arbitrary code with the privileges of the X.Org server. Updated packages are available from ftp.redhat.com.

August 17, 2011 07:41 Red Hat: Updated libXfont packages fix one security issue

0

The libXfont packages provide the X.Org libXfont runtime library. X.Org is an open source implementation of the X Window System. A buffer overflow flaw was found in the way the libXfont library, used by the X.Org server, handled malformed font files compressed using UNIX compress. A malicious, local user could exploit this issue to potentially execute arbitrary code with the privileges of the X.Org server. Updated packages are available from ftp.redhat.com.

August 17, 2011 07:39 Red Hat: An updated Adobe Flash Player package fixes mult...

0

The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. Multiple security flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially-crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the specially-crafted SWF content. Updated packages are available from ftp.redhat.com.

August 16, 2011 08:00 Red Hat: Updated dbus packages fix one security issue

0

D-Bus is a system for sending messages between applications. A denial of service flaw was found in the way the D-Bus library handled endianness conversion when receiving messages. A local user could use this flaw to send a specially-crafted message to dbus-daemon or to a service using the bus, such as Avahi or NetworkManager, possibly causing the daemon to exit or the service to disconnect from the bus. Updated packages are available from ftp.redhat.com.

August 15, 2011 07:59 Red Hat: Updated kernel packages fix one security issue

0

The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw allowed napi_reuse_skb() to be called on VLAN (virtual LAN) packets. An attacker on the local network could trigger this flaw by sending specially-crafted packets to a target system, possibly causing a denial of service. Updated packages are available from ftp.redhat.com.

August 14, 2011 07:39 Red Hat: An updated foomatic package fixes one security i...

0

Foomatic is a comprehensive, spooler-independent database of printers, printer drivers, and driver descriptions. An input sanitization flaw was found in the foomatic-rip print filter. An attacker could submit a print job with the username, title, or job options set to appear as a command line option that caused the filter to use a specified PostScript printer description (PPD) file, rather than the administrator-set one. This could lead to arbitrary code execution with the privileges of the “lp” user. Updated packages are available from updates.redhat.com.

August 14, 2011 07:34 Red Hat: Updated libpng packages fix multiple security is...

0

The libpng packages contain a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. A buffer overflow flaw was found in the way libpng processed certain PNG image files. An attacker could create a specially-crafted PNG image that, when opened, could cause an application using libpng to crash or, potentially, execute arbitrary code with the privileges of the user running the application. An out-of-bounds memory read flaw was found in the way libpng processed certain PNG image files. An attacker could create a specially-crafted PNG image that, when opened, could cause an application using libpng to crash. An uninitialized memory read issue was found in the way libpng processed certain PNG images that use the Physical Scale (sCAL) extension. An attacker could create a specially-crafted PNG image that, when opened, could cause an application using libpng to crash. Updated packages are available from updates.redhat.com.

August 14, 2011 07:32 Red Hat: Updated libsoup packages fix one security issue

0

libsoup is an HTTP client/library implementation for GNOME. A directory traversal flaw was found in libsoup’s SoupServer. If an application used SoupServer to implement an HTTP service, a remote attacker who is able to connect to that service could use this flaw to access any local files accessible to that application via a specially-crafted request. Updated packages are available from updates.redhat.com.

August 12, 2011 08:43 Red Hat: Updated icedtea-web packages fix two security is...

0

The IcedTea-Web project provides a Java web browser plug-in and an implementation of Java Web Start, which is based on the Netx project. A flaw was discovered in the JNLP (Java Network Launching Protocol) implementation in IcedTea-Web. An unsigned Java Web Start application could use this flaw to manipulate the content of a Security Warning dialog box, to trick a user into granting the application unintended access permissions to local files. An information disclosure flaw was discovered in the JNLP implementation in IcedTea-Web. An unsigned Java Web Start application or Java applet could use this flaw to determine the path to the cache directory used to store downloaded Java class and archive files, and therefore determine the user’s login name. Updated packages are available from ftp.redhat.com.

August 11, 2011 10:48 Red Hat: Updated systemtap packages fix two security issues

0

SystemTap is an instrumentation system for systems running the Linux kernel. It was found that SystemTap did not perform proper module path sanity checking if a user specified a custom path to the uprobes module, used when performing user-space probing (“staprun -u”). A local user who is a member of the stapusr group could use this flaw to bypass intended module-loading restrictions, allowing them to escalate their privileges by loading an arbitrary, unsigned module. A race condition flaw was found in the way the staprun utility performed module loading. A local user who is a member of the stapusr group could use this flaw to modify a signed module while it is being loaded, allowing them to escalate their privileges. Updated packages are available from ftp.redhat.com.

August 11, 2011 10:41 Red Hat: Updated java-1.5.0-ibm packages fix several secu...

0

The IBM 1.5.0 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. This update fixes several vulnerabilities in the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. Updated packages are available from ftp.redhat.com.

August 11, 2011 10:39 Red Hat: Updated kernel packages fix multiple security is...

0

The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Xen hypervisor implementation handled instruction emulation during virtual machine exits. A malicious user-space process running in an SMP guest could trick the emulator into reading a different instruction than the one that caused the virtual machine to exit. A flaw allowed the tc_fill_qdisc() function in the packet scheduler API implementation to be called on built-in qdisc structures. A local, unprivileged user could use this flaw to trigger a NULL pointer dereference, resulting in a denial of service. A flaw was found in the way space was allocated in the Global File System 2 (GFS2) implementation. If the file system was almost full, and a local, unprivileged user made an fallocate() request, it could result in a denial of service. Updated packages are available from ftp.redhat.com.

August 10, 2011 05:20 Red Hat: Updated systemtap packages fix one security issue

0

SystemTap is an instrumentation system for systems running the Linux kernel. The system allows developers to write scripts to collect data on the operation of the system. A race condition flaw was found in the way the staprun utility performed module loading. A local user who is a member of the stapusr group could use this flaw to modify a signed module while it is being loaded, allowing them to escalate their privileges. Updated packages are available from updates.redhat.com.

August 09, 2011 20:29 Red Hat: Updated freetype packages fix one security issue

0

FreeType is a free, high-quality, portable font engine that can open and manage font files. A flaw was found in the way the FreeType font rendering engine processed certain PostScript Type 1 fonts. If a user loaded a specially-crafted font file with an application linked against FreeType, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application.

August 08, 2011 09:49 Red Hat: An updated sysstat package fixes one security issue

0

The sysstat package contains a set of utilities which enable system monitoring of disks, network, and other I/O activity. It was found that the sysstat initscript created a temporary file in an insecure way. A local attacker could use this flaw to create arbitrary files via a symbolic link attack. Updated packages are available from updates.redhat.com.

Screenshot

Project Spotlight

Bitcoin Core

A peer-to-peer network-based digital currency.

Screenshot

Project Spotlight

Vendetta Online

A multiplatform, 3D space-combat MMORPG.