Articles / Red Hat

All articles tagged with Red Hat

March 24, 2010 08:52 Red Hat: Updated java-1.4.2-ibm packages fix one security...

0

The IBM 1.4.2 SR13-FP4 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure Sockets Layer) protocols handle session renegotiation, allowing for a man-in-the-middle attack. Updated packages are available from updates.redhat.com.

March 24, 2010 08:45 Red Hat: An updated thunderbird package fixes several sec...

0

Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed HTML mail content, leading to a crash or, potentially, execution of arbitrary code. A use-after-free flaw was found, leading to a crash or, potentially, execute arbitrary code. A heap-based buffer overflow flaw was found in the Thunderbird string to floating point conversion routines leading to a crash or, potentially, execute arbitrary code. A flaw was found in the creation of temporary file names for downloaded files, leading to potential replacement of the contents of downloaded files. A flaw was found in the display of a right-to-left override character when downloading a file, potentially tricking a user into downloading a file that has a file name or extension that is different from what the user expected. A flaw was found in the processing of SOCKS5 proxy replies, potentially leading to a crash. Descriptions in the dialogs when adding and removing PKCS #11 modules were not informative, potentially tricking a user into installing a malicious PKCS #11 module. Updated packages are available from updates.redhat.com.

March 24, 2010 08:40 Red Hat: An updated thunderbird package fixes several sec...

0

Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed HTML mail content, leading to a crash or, potentially, execution of arbitrary code. A use-after-free flaw was found, leading to a crash or, potentially, execute arbitrary code. A heap-based buffer overflow flaw was found in the Thunderbird string to floating point conversion routines leading to a crash or, potentially, execute arbitrary code. A flaw was found in the creation of temporary file names for downloaded files, leading to potential replacement of the contents of downloaded files. A flaw was found in the display of a right-to-left override character when downloading a file, potentially tricking a user into downloading a file that has a file name or extension that is different from what the user expected. A flaw was found in the processing of SOCKS5 proxy replies, potentially leading to a crash. Descriptions in the dialogs when adding and removing PKCS #11 modules were not informative, potentially tricking a user into installing a malicious PKCS #11 module. Updated packages are available from updates.redhat.com.

March 24, 2010 08:21 Red Hat: Updated kernel packages fix multiple security is...

0

The kernel packages contain the Linux kernel, the core of any Linux operating system. A NULL pointer dereference flaw was found in the Stream Control Transmission Protocol (SCTP) implementation, resulting in a denial of service. A missing boundary check was found in the memory migration functionality, causing a local denial of service or an information leak. A NULL pointer dereference flaw was found in the ip6_dst_lookup_tail() function, leading to a system crash. A NULL pointer dereference flaw was found in the ext4 file system code, causing a local denial of service. An information leak was found in the print_fatal_signal() implementation, which could leak memory to user-space and also result in a system crash. Missing capability checks were found in the ebtables implementation, used for creating an Ethernet bridge firewall. This could allow a local, unprivileged user to bypass intended capability restrictions and modify ebtables rules. Updated packages are available from updates.redhat.com.

March 24, 2010 08:18 Red Hat: Updated kernel packages fix multiple security is...

0

The kernel packages contain the Linux kernel, the core of any Linux operating system. A NULL pointer dereference flaw was found in the Stream Control Transmission Protocol (SCTP) implementation, resulting in a denial of service. A NULL pointer dereference flaw was found in the Linux kernel. During a core dump, the kernel did not check if the Virtual Dynamically-linked Shared Object page was accessible, which could cause a kernel panic. An information leak was found in the print_fatal_signal() implementation in the Linux kernel, which could leak memory to user-space and also result in a system crash. On AMD64 systems, it was discovered that the kernel did not ensure the ELF interpreter was available before making a call to the SET_PERSONALITY macro, leading to a denial of service. Missing capability checks were found in the ebtables implementation, used for creating an Ethernet bridge firewall. This could allow a local, unprivileged user to bypass intended capability restrictions and modify ebtables rules. Updated packages are available from updates.redhat.com.

March 24, 2010 07:37 Red Hat: An updated cpio package fixes two security issues

0

GNU cpio copies files into or out of a cpio or tar archive. A heap-based buffer overflow flaw was found in the way cpio expanded archive files. If a user were tricked into expanding a specially-crafted archive, it could cause the cpio executable to crash or execute arbitrary code with the privileges of the user running cpio. A stack-based buffer overflow flaw was found in the way cpio expanded large archive files. If a user expanded a specially-crafted archive, it could cause the cpio executable to crash. This issue only affected 64-bit platforms. Updated packages are available from updates.redhat.com.

March 24, 2010 07:32 Red Hat: An updated cpio package fixes two security issues

0

GNU cpio copies files into or out of a cpio or tar archive. A heap-based buffer overflow flaw was found in the way cpio expanded archive files. If a user were tricked into expanding a specially-crafted archive, it could cause the cpio executable to crash or execute arbitrary code with the privileges of the user running cpio. A denial of service flaw was found in the way cpio expanded archive files. If a user expanded a specially-crafted archive, it could cause the cpio executable to crash. Updated packages are available from updates.redhat.com.

March 24, 2010 07:29 Red Hat: An updated tar package fixes two security issues

0

The GNU tar program saves many files together in one archive and can restore individual files (or all of the files) from that archive. A heap-based buffer overflow flaw was found in the way tar expanded archive files. If a user were tricked into expanding a specially-crafted archive, it could cause the tar executable to crash or execute arbitrary code with the privileges of the user running tar. A denial of service flaw was found in the way tar expanded archive files. If a user expanded a specially-crafted archive, it could cause the tar executable to crash. Updated packages are available from updates.redhat.com.

March 24, 2010 07:27 Red Hat: An updated tar package that fixes one security i...

0

The GNU tar program saves many files together in one archive and can restore individual files (or all of the files) from that archive. A heap-based buffer overflow flaw was found in the way tar expanded archive files. If a user were tricked into expanding a specially-crafted archive, it could cause the tar executable to crash or execute arbitrary code with the privileges of the user running tar. Updated packages are available from updates.redhat.com.

March 24, 2010 07:26 Red Hat: An updated cpio package fixes one security issue

0

GNU cpio copies files into or out of a cpio or tar archive. A heap-based buffer overflow flaw was found in the way cpio expanded archive files. If a user were tricked into expanding a specially-crafted archive, it could cause the cpio executable to crash or execute arbitrary code with the privileges of the user running cpio. Updated packages are available from updates.redhat.com.

March 24, 2010 07:24 Red Hat: Updated pango packages fix one security issue

0

Pango is a library used for the layout and rendering of internationalized text. An input sanitization flaw, leading to an array index error, was found in the way the Pango font rendering library synthesized the Glyph Definition (GDEF) table from a font’s character map and the Unicode property database. If an attacker created a specially-crafted font file and tricked a local, unsuspecting user into loading the font file in an application that uses the Pango font rendering library, it could cause that application to crash. Updated packages are available from updates.redhat.com.

March 15, 2010 09:54 Red Hat: Updated java-1.5.0-ibm packages fix a security i...

0

The IBM 1.5.0 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure Sockets Layer) protocols handle session renegotiation. A man-in-the-middle attacker could use this flaw to prefix arbitrary plain text to a client’s session (for example, an HTTPS connection to a website). This could force the server to process an attacker’s request as if authenticated using the victim’s credentials. Updated packages are available from updates.redhat.com.

March 15, 2010 09:46 Red Hat: Updated kvm packages fix two security issues

0

KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. A flaw was found in the way the x86 emulator loaded segment selectors (used for memory segmentation and protection) into segment registers. In some guest system configurations, an unprivileged guest user could leverage this flaw to crash the guest or possibly escalate their privileges within the guest. The x86 emulator implementation was missing a check for the Current Privilege Level (CPL) while accessing debug registers. An unprivileged user in a guest could leverage this flaw to crash the guest. Updated packages are available from updates.redhat.com.

March 15, 2010 09:37 Red Hat: Updated systemtap packages fix a security issue

0

SystemTap is an instrumentation system for systems running the Linux kernel, version 2.6. Developers can write scripts to collect data on the operation of the system. A buffer overflow flaw was found in SystemTap’s tapset __get_argv() function. If a privileged user ran a SystemTap script that called this function, a local, unprivileged user could, while that script is still running, trigger this flaw and cause memory corruption by running a command with a large argument list, which may lead to a system crash or, potentially, arbitrary code execution with root privileges. Updated packages are available from updates.redhat.com.

March 15, 2010 09:36 Red Hat: Updated systemtap packages fix two security issues

0

SystemTap is an instrumentation system for systems running the Linux kernel, version 2.6. A flaw was found in the SystemTap compile server, stap-server, an optional component of SystemTap. This server did not adequately sanitize input provided by the stap-client program, which may allow a remote user to execute arbitrary shell code with the privileges of the compile server process, which could possibly be running as the root user. A buffer overflow flaw was found in SystemTap’s tapset __get_argv() function. If a privileged user ran a SystemTap script that called this function, a local, unprivileged user could, while that script is still running, trigger this flaw and cause memory corruption by running a command with a large argument list, which may lead to a system crash or, potentially, arbitrary code execution with root privileges. Updated packages are available from updates.redhat.com.

February 27, 2010 19:54 Red Hat: An updated sudo package fixes two security issues

0

The sudo (superuser do) utility allows system administrators to give certain users the ability to run commands as root. A privilege escalation flaw was found in the way sudo handled the sudoedit pseudo-command. If a local user were authorized by the sudoers file to use this pseudo-command, they could possibly leverage this flaw to execute arbitrary code with the privileges of the root user. The sudo utility did not properly initialize supplementary groups when the runas_default option (in the sudoers file) was used. If a local user were authorized by the sudoers file to perform their sudo commands under the account specified with runas_default, they would receive the root user’s supplementary groups instead of those of the intended target user, giving them unintended privileges. Updated packages are available from updates.redhat.com.

February 20, 2010 18:30 Red Hat: Updated acroread packages fix two security issues

0

Adobe Reader allows users to view and print documents in Portable Document Format (PDF). This update fixes two vulnerabilities in Adobe Reader. A specially-crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. Updated packages are available from updates.redhat.com.

February 20, 2010 18:29 Red Hat: Updated pidgin packages fix three security issues

0

Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. An input sanitization flaw was found in the way Pidgin’s MSN protocol implementation handled MSNSLP invitations. A remote attacker could send a specially-crafted INVITE request that would cause a denial of service (memory corruption and Pidgin crash). A denial of service flaw was found in Finch’s XMPP chat implementation, when using multi-user chat. If a Finch user in a multi-user chat session were to change their nickname to contain the HTML “br” element, it would cause Finch to crash. A denial of service flaw was found in the way Pidgin processed emoticon images. A remote attacker could flood the victim with emoticon images during mutual communication, leading to excessive CPU use. Updated packages are available from updates.redhat.com.

February 20, 2010 18:28 Red Hat: Updated seamonkey packages fix several security ...

0

SeaMonkey is an open source Web browser, email and newsgroup client, IRC chat client, and HTML editor. A use-after-free flaw was found in SeaMonkey. Under low memory conditions, visiting a web page containing malicious content could result in SeaMonkey executing arbitrary code with the privileges of the user running SeaMonkey. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. Updated packages are available from updates.redhat.com.

February 20, 2010 18:27 Red Hat: Updated firefox packages fix several security is...

0

Mozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A use-after-free flaw was found in Firefox. Under low memory conditions, visiting a web page containing malicious content could result in Firefox executing arbitrary code with the privileges of the user running Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. Two flaws were found in the way certain content was processed. An attacker could use these flaws to create a malicious web page that could bypass the same-origin policy, or possibly run untrusted JavaScript. Updated packages are available from updates.redhat.com.

February 20, 2010 18:19 Red Hat: Updated mysql packages fix several security issues

0

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. Multiple flaws were discovered in the way MySQL handled symbolic links to tables created using the DATA DIRECTORY and INDEX DIRECTORY directives in CREATE TABLE statements. An attacker could use these flaws to escalate their database privileges, or gain access to tables created by other database users. An insufficient HTML entities quoting flaw was found in the mysql command line client’s HTML output mode. If an attacker was able to inject arbitrary HTML tags into data stored in a MySQL database, which was later retrieved using the mysql command line client and its HTML output mode, they could perform a cross-site scripting (XSS) attack against victims viewing the HTML output in a web browser. Multiple format string flaws were found in the way the MySQL server logged user commands when creating and deleting databases. A remote, authenticated attacker with permissions to CREATE and DROP databases could use these flaws to formulate a specially-crafted SQL command that would cause a temporary denial of service. Updated packages are available from updates.redhat.com.

February 20, 2010 18:18 Red Hat: Updated mysql packages fix multiple security issues

0

MySQL is a multi-user, multi-threaded SQL database server. It was discovered that the MySQL client ignored certain SSL certificate verification errors when connecting to servers. A man-in-the-middle attacker could use this flaw to trick MySQL clients into connecting to a spoofed MySQL server. A flaw was found in the way MySQL handled SELECT statements with subqueries in the WHERE clause, that assigned results to a user variable. A remote, authenticated attacker could use this flaw to crash the MySQL server daemon (mysqld). When the “datadir” option was configured with a relative path, MySQL did not properly check paths used as arguments for the DATA DIRECTORY and INDEX DIRECTORY directives. An authenticated attacker could use this flaw to bypass the restriction preventing the use of subdirectories of the MySQL data directory being used as DATA DIRECTORY and INDEX DIRECTORY paths. Updated packages are available from updates.redhat.com.

February 20, 2010 18:16 Red Hat: Updated kernel packages fix multiple security is...

0

The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the Intel PRO/1000 Linux drivers. A remote attacker using packets larger than the MTU could bypass the existing fragment check, resulting in partial, invalid frames being passed to the network stack. A flaw was found in the Realtek r8169 Ethernet driver. Receiving overly-long frames with a certain revision of the network cards supported by this driver could possibly result in a remote denial of service. Updated packages are available from updates.redhat.com.

February 20, 2010 08:04 Red Hat: Updated Adobe Flash Player package fixes a secur...

0

The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes a vulnerability in Adobe Flash Player. If a victim loaded a web page containing specially-crafted SWF content, it could cause Flash Player to perform unauthorized cross-domain requests, leading to the disclosure of sensitive data. Updated packages are available from updates.redhat.com.

February 20, 2010 08:02 Red Hat: Updated openoffice.org packages correct multiple...

0

OpenOffice.org is an office productivity suite. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way OpenOffice.org parsed XPM files, which could lead to arbitrary code execution with the permissions of the user running OpenOffice.org. An integer underflow flaw and a boundary error flaw, both possibly leading to a heap-based buffer overflow, were found in the way OpenOffice.org parsed certain records in Microsoft Word documents. A heap-based buffer overflow flaw, leading to memory corruption, was found in the way OpenOffice.org parsed GIF files. Updated packages are available from updates.redhat.com.

February 20, 2010 08:00 Red Hat: An updated Adobe Flash Player package fixes two ...

0

The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes two vulnerabilities in Adobe Flash Player. If a victim loaded a web page containing specially-crafted SWF content, it could cause Flash Player to perform unauthorized cross-domain requests, leading to the disclosure of sensitive data. Updated packages are available from updates.redhat.com.

February 12, 2010 10:22 Red Hat: An updated HelixPlayer package fixes several sec...

0

HelixPlayer is a media player. Multiple buffer and integer overflow flaws were found in the way HelixPlayer processed Graphics Interchange Format (GIF) files. An attacker could create a specially-crafted GIF file which would cause HelixPlayer to crash or, potentially, execute arbitrary code when opened. A buffer overflow flaw was found in the way HelixPlayer processed Synchronized Multimedia Integration Language (SMIL) files. An attacker could create a specially-crafted SMIL file which would cause HelixPlayer to crash or, potentially, execute arbitrary code when opened. A buffer overflow flaw was found in the way HelixPlayer handled the Real Time Streaming Protocol (RTSP) SET_PARAMETER directive. A malicious RTSP server could use this flaw to crash HelixPlayer or, potentially, execute arbitrary code. Multiple buffer overflow flaws were discovered in the way HelixPlayer handled RuleBook structures in media files and RTSP streams. Specially-crafted input could cause HelixPlayer to crash or, potentially, execute arbitrary code. A buffer overflow flaw was found in the way HelixPlayer performed URL un-escaping. A specially-crafted URL string could cause HelixPlayer to crash or, potentially, execute arbitrary code. Updated packages are available from updates.redhat.com.

February 12, 2010 10:16 Red Hat: Updated kvm packages fix multiple security issues

0

KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The x86 emulator implementation was missing a check for the Current Privilege Level (CPL) and I/O Privilege Level (IOPL). A user in a guest could leverage these flaws to cause a denial of service (guest crash) or possibly escalate their privileges within that guest. A flaw was found in the Programmable Interval Timer (PIT) emulation. Access to the internal data structure pit_state, which represents the data state of the emulated PIT, was not properly validated. A privileged guest user could use this flaw to crash the host. A flaw was found in the USB passthrough handling code. A specially-crafted USB packet sent from inside a guest could be used to trigger a buffer overflow in the usb_host_handle_control() function, which runs under the QEMU-KVM context on the host. A user in a guest could leverage this flaw to cause a denial of service (guest hang or crash) or possibly escalate their privileges within the host. Updated packages are available from updates.redhat.com.

February 05, 2010 14:59 Red Hat: Updated kernel packages fix multiple security is...

0

The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the IPv6 Extension Header (EH) handling implementation, which could possibly lead to a remote denial of service. The possibility of a timeout value overflow was found in hrtimers, which could allow a local, unprivileged user to execute arbitrary code, or cause a denial of service. Memory leaks were found on some error paths that could, potentially, cause the network connectivity to cease. A deficiency was found in thesystem call auditing implementation on 64-bit systems, which could allow a local, unprivileged user to circumvent a system call audit configuration. A flaw was found in the Intel PRO/1000 Linux driver that could be used to send a specially-crafted packet that would cause a denial of service or code execution. The ADDRCOMPATLAYOUT and MMAPPAGEZERO flags were not cleared when a setuid or setgid program was executed, which could be used to bypass the mmapminaddr protection mechanism and perform a NULL pointer dereference attack, or bypass the Address Space Layout Randomization (ASLR) security feature. A flaw was found in the Intel PRO/1000 Linux drivers, which could possibly be used to trigger a remote denial of service. A flaw was found in the Realtek r8169 Ethernet driver that could possibly result in a remote denial of service. Updated packages are available from updates.redhat.com.

February 05, 2010 14:54 Red Hat: Updated kernel packages fix multiple security is...

0

The kernel packages contain the Linux kernel, the core of any Linux operating system. An array index error was found in the gdth driver that could cause a denial of service or, possibly, privilege escalation. A flaw was found in the HiSax ISDN driver, possibly resulting in a denial of service. Permission issues were found in the megaraid_sas driver, which could allow local, unprivileged users to change the behavior of the driver. A buffer overflow flaw was found in the HFS file system implementation that could lead to a denial of service if a user browsed a specially-crafted HFS file system. Updated packages are available from updates.redhat.com.

Screenshot

Project Spotlight

JFreeSVG

A fast, lightweight SVG generator for Java.

Screenshot

Project Spotlight

PHP MIME Mail decoder class

A PHP class to decode email messages.