Articles / Red Hat

All articles tagged with Red Hat

April 22, 2010 08:07 Red Hat: Updated kdebase packages fix one security issue

0

The K Desktop Environment (KDE) is a graphical desktop environment for the X Window System. The kdebase packages include core applications for KDE. A privilege escalation flaw was found in the KDE Display Manager (KDM). A local user with console access could trigger a race condition, possibly resulting in the permissions of an arbitrary file being set to world writable, allowing privilege escalation. Updated packages are available from updates.redhat.com.

April 22, 2010 08:06 Red Hat: Updated acroread packages fix several security i...

0

Adobe Reader allows users to view and print documents in Portable Document Format (PDF). This update fixes several vulnerabilities in Adobe Reader. A specially-crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. Updated packages are available from updates.redhat.com.

April 22, 2010 08:03 Red Hat: Updated nss_db packages fix one security issue

0

The nss_db packages provide a set of C library extensions which allow Berkeley Database (Berkeley DB) databases to be used as a primary source of aliases, ethers, groups, hosts, networks, protocols, users, RPCs, services, and shadow passwords. It was discovered that nss_db did not specify a path to the directory to be used as the database environment for the Berkeley Database library, causing it to use the current working directory as the default. This could possibly allow a local attacker to obtain sensitive information. Updated packages are available from updates.redhat.com.

April 08, 2010 13:28 Red Hat: Updated krb5 packages fix one security issue

0

Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and a trusted third party, the Key Distribution Center (KDC). A use-after-free flaw was discovered in the MIT Kerberos administration daemon, kadmind. A remote, authenticated attacker could use this flaw to crash the kadmind daemon. Administrative privileges are not required to trigger this flaw, as any realm user can request information about their own principal from kadmind. Updated packages are available from updates.redhat.com.

April 08, 2010 13:27 Red Hat: Updated kernel packages fix one security issue

0

The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the Stream Control Transmission Protocol (SCTP) implementation. A remote attacker could send a specially-crafted SCTP packet to a target system, resulting in a denial of service. Updated packages are available from updates.redhat.com.

April 01, 2010 15:50 Red Hat: Updated java-1.6.0-openjdk packages fix several ...

0

These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. Among other issues, a flaw was found in the way the TLS/SSL protocols handle session renegotiation. A man-in-the-middle attack could result in the server to process an attacker’s request as if authenticated using the victim’s credentials. A number of flaws have been fixed in the Java Virtual Machine (JVM) and in various Java class implementations, which could allow an unsigned applet or application to bypass intended access restrictions. An untrusted applet could access clipboard information if a drag operation was performed over that applet’s canvas leading to an information leak. The rawIndex operation incorrectly handled large values, causing the corruption of internal memory structures, resulting in an untrusted applet or application crashing. The System.arraycopy operation incorrectly handled large index values, potentially causing array corruption in an untrusted applet or application. Subclasses of InetAddress may incorrectly interpret network addresses, allowing an untrusted applet or application to bypass network access restrictions. In certain cases, type assignments could result in “non-exact” interface types, which could used to bypass type-safety restrictions. Updated packages are available from updates.redhat.com.

April 01, 2010 15:47 Red Hat: Updated java-1.6.0-sun packages correct several ...

0

The Sun 1.6.0 Java release includes the Sun Java 6 Runtime Environment and the Sun Java 6 Software Development Kit. This update fixes several vulnerabilities in the Sun Java 6 Runtime Environment and the Sun Java 6 Software Development Kit. Further information about these flaws can be found on the “Oracle Java SE and Java for Business Critical Patch Update Advisory” page, listed in the References section. Updated packages are available from updates.redhat.com.

April 01, 2010 15:40 Red Hat: Updated seamonkey packages fix several security ...

0

SeaMonkey is an open source Web browser, email and newsgroup client, IRC chat client, and HTML editor. Several use-after-free flaws were found in SeaMonkey. Visiting a web page containing malicious content could result in SeaMonkey executing arbitrary code. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code. Updated packages are available from updates.redhat.com.

April 01, 2010 15:38 Red Hat: Updated firefox packages fix several security is...

0

Mozilla Firefox is an open source Web browser. Several use-after-free flaws were found in Firefox. Visiting a web page containing malicious content could result in Firefox executing arbitrary code. A flaw was found in Firefox that could allow an applet to generate a drag and drop action from a mouse click. Such an action could be used to execute arbitrary JavaScript. A privilege escalation flaw was found in Firefox when the Firebug add-on is in use. The XMLHttpRequestSpy module in the Firebug add-on exposes a Chrome privilege escalation flaw that could be used to execute arbitrary JavaScript. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code. Updated packages are available from updates.redhat.com.

April 01, 2010 15:37 Red Hat: Updated GFS-kernel packages fix one security issue

0

The GFS-kernel packages contain modules that provide the ability to mount and use GFS file systems. A flaw was found in the gfs_lock() implementation. The GFS locking code could skip the lock operation for files that have the S_ISGID bit (set-group-ID on execution) in their mode set. A local, unprivileged user on a system that has a GFS file system mounted could use this flaw to cause a kernel panic. Updated packages are available from updates.redhat.com.

April 01, 2010 15:36 Red Hat: Updated GFS packages fix one security issue

0

The Red Hat Global File System (GFS) allows a cluster of Linux servers to share data in a common pool of storage. A flaw was found in the gfs_lock() implementation. The GFS locking code could skip the lock operation for files that have the S_ISGID bit (set-group-ID on execution) in their mode set. A local, unprivileged user on a system that has a GFS file system mounted could use this flaw to cause a kernel panic. Updated packages are available from updates.redhat.com.

April 01, 2010 15:34 Red Hat: Updated curl packages fix one security issue

0

cURL is a tool for getting files from FTP, HTTP, Gopher, Telnet, and DICT servers. Wesley Miaw discovered that when deflate compression was used, libcurl could call the registered write callback function with data exceeding the documented limit. A malicious server could use this flaw to crash an application using libcurl or, potentially, execute arbitrary code. Updated packages are available from updates.redhat.com.

April 01, 2010 15:33 Red Hat: Updated automake packages fix one security issue

0

Automake is a tool for automatically generating Makefile.in files compliant with the GNU Coding Standards. Automake-generated Makefiles made certain directories world-writable when preparing source archives, as was recommended by the GNU Coding Standards. If a malicious, local user could access the directory where a victim was creating distribution archives, they could use this flaw to modify the files being added to those archives. Updated packages are available from updates.redhat.com.

April 01, 2010 15:31 Red Hat: Updated curl packages fix one security issue

0

cURL is a tool for getting files from FTP, HTTP, Gopher, Telnet, and DICT servers. Wesley Miaw discovered that when deflate compression was used, libcurl could call the registered write callback function with data exceeding the documented limit. A malicious server could use this flaw to crash an application using libcurl or, potentially, execute arbitrary code. Updated packages are available from updates.redhat.com.

April 01, 2010 15:30 Red Hat: Updated brltty packages fix one security issue

0

brltty (Braille TTY) is a background process which provides access to the Linux console for a blind person using a refreshable braille display. It was discovered that a brltty library had an insecure relative RPATH set in the ELF header. A local user able to convince another user to run an application using brltty in an attacker-controlled directory, could run arbitrary code with the privileges of the victim. Updated packages are available from updates.redhat.com.

April 01, 2010 15:28 Red Hat: Updated kvm packages fix one security issue

0

KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. A flaw was found in the way QEMU-KVM handled erroneous data provided by the Linux virtio-net driver, used by guest operating systems. Due to a deficiency in the TSO (TCP segment offloading) implementation, a guest’s virtio-net driver would transmit improper data to a certain QEMU-KVM process on the host, causing the guest to crash. A remote attacker could use this flaw to send specially-crafted data to a target guest system, causing that guest to crash. Updated packages are available from updates.redhat.com.

April 01, 2010 15:26 Red Hat: Updated pam_krb5 packages fix one security issue

0

The pam_krb5 module allows Pluggable Authentication Modules (PAM) aware applications to use Kerberos to verify user identities by obtaining user credentials at log in time. In some non-default configurations the text of the password prompt varied based on whether or not the username provided was a username known to the system. A remote attacker could use this flaw to recognize valid usernames, which would aid a dictionary-based password guess attack. Updated packages are available from updates.redhat.com.

April 01, 2010 15:16 Red Hat: Updated sendmail packages fix two security issues

0

Sendmail is a very widely used Mail Transport Agent (MTA). The configuration of sendmail in Red Hat Enterprise Linux was found to not reject the “localhost.localdomain” domain name for email messages that come from external hosts. This could allow remote attackers to disguise spoofed messages. A flaw was found in the way sendmail handled NUL characters in the CommonName field of X.509 certificates. An attacker able to get a carefully-crafted certificate signed by a trusted Certificate Authority could trick sendmail into accepting it by mistake, allowing the attacker to perform a man-in-the-middle attack or bypass intended client certificate authentication. Updated packages are available from updates.redhat.com.

April 01, 2010 14:59 Red Hat: Updated kernel packages fix three security issues

0

The kernel packages contain the Linux kernel, the core of any Linux operating system. A race condition was found in the mac80211 implementation, a framework used for writing drivers for wireless devices, resulting in a remote denial of service. A flaw was found in the gfs2_lock() implementation. The GFS2 locking code could skip the lock operation for files that have the S_ISGID bit (set-group-ID on execution) in their mode set, resulting in a kernel panic. A divide-by-zero flaw was found in the ext4 file system code. A local attacker could use this flaw to cause a denial of service by mounting a specially-crafted ext4 file system. Updated packages are available from updates.redhat.com.

April 01, 2010 14:57 Red Hat: An updated squid package fixes two security issues

0

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. A flaw was found in the way Squid processed certain external ACL helper HTTP header fields that contained a delimiter that was not a comma. A remote attacker could issue a crafted request to the Squid server, causing excessive CPU use (up to 100%). A flaw was found in the way Squid handled truncated DNS replies. A remote attacker able to send specially-crafted UDP packets to Squid’s DNS client port could trigger an assertion failure in Squid’s child process, causing that child process to exit. Updated packages are available from updates.redhat.com.

April 01, 2010 14:56 Red Hat: Updated openldap packages fix one security issue

0

OpenLDAP is an open source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools. A flaw was found in the way OpenLDAP handled NUL characters in the CommonName field of X.509 certificates. An attacker able to get a carefully-crafted certificate signed by a trusted Certificate Authority could trick applications using OpenLDAP libraries into accepting it by mistake, allowing the attacker to perform a man-in-the-middle attack. Updated packages are available from updates.redhat.com.

April 01, 2010 14:48 Red Hat: Updated httpd packages fix one security issue

0

The Apache HTTP Server is a popular web server. A use-after-free flaw was discovered in the way the Apache HTTP Server handled request headers in subrequests. In configurations where subrequests are used, a multithreaded MPM (Multi-Processing Module) could possibly leak information from other requests in request replies. Updated packages are available from updates.redhat.com.

April 01, 2010 14:47 Red Hat: Updated httpd packages fix two security issues

0

The Apache HTTP Server is a popular web server. It was discovered that mod_proxy_ajp incorrectly returned an “Internal Server Error” response when processing certain malformed requests, which caused the back-end server to be marked as failed in configurations where mod_proxy is used in load balancer mode. A use-after-free flaw was discovered in the way the Apache HTTP Server handled request headers in subrequests. In configurations where subrequests are used, a multithreaded MPM (Multi-Processing Module) could possibly leak information from other requests in request replies. Updated packages are available from updates.redhat.com.

April 01, 2010 14:46 Red Hat: Updated gnutls packages fix two security issues

0

The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security. A flaw was found in the way the TLS/SSL protocols handled session renegotiation. A man-in-the-middle attacker could use this flaw to prefix arbitrary plain text to a client’s session. This could force the server to process an attacker’s request as if authenticated using the victim’s credentials. Updated packages are available from updates.redhat.com.

April 01, 2010 14:45 Red Hat: Updated openssl096b packages fix one security issue

0

OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols. It was discovered that OpenSSL did not always check the return value of the bn_wexpand() function. An attacker able to trigger a memory allocation failure in that function could cause an application using the OpenSSL library to crash or, possibly, execute arbitrary code. Updated packages are available from updates.redhat.com.

April 01, 2010 14:44 Red Hat: Updated openssl097a packages fix a security issue

0

OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols. A flaw was found in the way the TLS/SSL protocols handled session renegotiation. A man-in-the-middle attacker could use this flaw to prefix arbitrary plain text to a client’s session. This could force the server to process an attacker’s request as if authenticated using the victim’s credentials. Updated packages are available from updates.redhat.com.

April 01, 2010 14:35 Red Hat: Updated nss packages fix a security issue

0

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. A flaw was found in the way the TLS/SSL protocols handled session renegotiation. A man-in-the-middle attacker could use this flaw to prefix arbitrary plain text to a client’s session. This could force the server to process an attacker’s request as if authenticated using the victim’s credentials. Updated packages are available from updates.redhat.com.

April 01, 2010 14:34 Red Hat: Updated openssl packages fix several security is...

0

OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols. It was discovered that OpenSSL did not always check the return value of the bn_wexpand() function. An attacker able to trigger a memory allocation failure in that function could cause an application using the OpenSSL library to crash or, possibly, execute arbitrary code. A flaw was found in the way the TLS/SSL protocols handled session renegotiation. A man-in-the-middle attacker could use this flaw to prefix arbitrary plain text to a client’s session. This could force the server to process an attacker’s request as if authenticated using the victim’s credentials. A missing return value check flaw was discovered in OpenSSL, that could possibly cause OpenSSL to call a Kerberos library function with invalid arguments, resulting in a NULL pointer dereference crash in the MIT Kerberos library. Updated packages are available from updates.redhat.com.

April 01, 2010 14:32 Red Hat: Updated gnutls packages fix two security issues

0

The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security (TLS). A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure Sockets Layer) protocols handled session renegotiation. A man-in-the-middle attacker could use this flaw to prefix arbitrary plain text to a client’s session. This could force the server to process an attacker’s request as if authenticated using the victim’s credentials. Dan Kaminsky found that browsers could accept certificates with MD2 hash signatures, even though MD2 is no longer considered a cryptographically strong algorithm. Updated packages are available from updates.redhat.com.

April 01, 2010 14:31 Red Hat: Updated openssl packages fix several security is...

0

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols. A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure Sockets Layer) protocols handled session renegotiation. A man-in-the-middle attacker could use this flaw to prefix arbitrary plain text to a client’s session (for example, an HTTPS connection to a website). This could force the server to process an attacker’s request as if authenticated using the victim’s credentials. Updated packages are available from updates.redhat.com.

Screenshot

Project Spotlight

JFreeSVG

A fast, lightweight SVG generator for Java.

Screenshot

Project Spotlight

PHP MIME Mail decoder class

A PHP class to decode email messages.