Red Hat has released updated unzip packages for Red Hat Linux
New security updates for Debian GNU/Linux has been released:
DSA-338 proftpd
SQL injection
Read more
DSA-337 gtksee
buffer overflow
Read more
DSA-336 linux-kernel-2.2.20
several
Read more
DSA-335 mantis
incorrect permissions
Read more
DSA-334 xgalaga
buffer overflows
Read more
DSA-333 acm
integer overflow
Read more
DSA-338 proftpd
SQL injection
Read more
DSA-337 gtksee
buffer overflow
Read more
DSA-336 linux-kernel-2.2.20
several
Read more
DSA-335 mantis
incorrect permissions
Read more
DSA-334 xgalaga
buffer overflows
Read more
DSA-333 acm
integer overflow
Read more
The following security updates for Gentoo Linux has been released:
- GLSA: gnocatan (200306-17)
- GLSA: noweb (200306-16)
- GLSA: phpbb (200306-15)
- GLSA: tcptraceroute (200306-14)
- GLSA: gnocatan (200306-17)
- GLSA: noweb (200306-16)
- GLSA: phpbb (200306-15)
- GLSA: tcptraceroute (200306-14)
MandrakeSoft has released 3 new security patches for Mandrake Linux:
MDKSA-2003:070 - ethereal
MDKA-2003:016 - reiserfsprogs
MDKA-2003:015 - initscripts
Read more
MDKSA-2003:070 - ethereal
MDKA-2003:016 - reiserfsprogs
MDKA-2003:015 - initscripts
Read more
Red Hat has released updated Xpdf packages for Red Hat Linux
A security update for ethereal under Debian GNU/Linux has been released:
DSA-324 ethereal
several
Read more
DSA-324 ethereal
several
Read more
Debian.org has released a ton of security updates for Debian GNU/Linux:
DSA-319 webmin
session ID spoofing
Read more
DSA-318 lyskom-server
denial of service
Read more
DSA-317 cupsys
denial of service
Read more
DSA-316 nethack
buffer overflow, incorrect permissions
Read more
DSA-315 gnocatan
buffer overflows, denial of service
Read more
DSA-314 atftp
buffer overflow
Read more
DSA-313 ethereal
buffer overflows, integer overflows
Read more
DSA-319 webmin
session ID spoofing
Read more
DSA-318 lyskom-server
denial of service
Read more
DSA-317 cupsys
denial of service
Read more
DSA-316 nethack
buffer overflow, incorrect permissions
Read more
DSA-315 gnocatan
buffer overflows, denial of service
Read more
DSA-314 atftp
buffer overflow
Read more
DSA-313 ethereal
buffer overflows, integer overflows
Read more
Red Hat has released the following security updates for Red Hat Linux:
Updated hanterm packages provide security fixes
Updated hanterm pack ages provide security fixes Hangul Terminal is a terminal emulator for the X Window System, based on Xterm.
Hangul Terminal provides an escape sequence for reporting the current window title, which essentially takes the current title and places it directly on the command line.
Read more
Updated KDE packages fix security issue
Updated KDE packages fix security issue
KDE is a graphical desktop environment for the X Window System.
KDE versions 2.2.2 and earlier have a vulnerability in their SSL implementation that makes it possible for users of Konqueror and other SSL enabled KDE software to fall victim to a man-in-the-middle attack.
Read more
Updated kon2 packages fix buffer overflow
Updated kon2 packages fix buffer overflow KON is a Kanji emulator for the console. There is a buffer overflow vulnerability in the command line parsing code portion of the kon program up to and including version 0.3.9b.
Read more
Updated hanterm packages provide security fixes
Updated hanterm pack ages provide security fixes Hangul Terminal is a terminal emulator for the X Window System, based on Xterm.
Hangul Terminal provides an escape sequence for reporting the current window title, which essentially takes the current title and places it directly on the command line.
Read more
Updated KDE packages fix security issue
Updated KDE packages fix security issue
KDE is a graphical desktop environment for the X Window System.
KDE versions 2.2.2 and earlier have a vulnerability in their SSL implementation that makes it possible for users of Konqueror and other SSL enabled KDE software to fall victim to a man-in-the-middle attack.
Read more
Updated kon2 packages fix buffer overflow
Updated kon2 packages fix buffer overflow KON is a Kanji emulator for the console. There is a buffer overflow vulnerability in the command line parsing code portion of the kon program up to and including version 0.3.9b.
Read more
MandrakeSoft has released updated versions of Apache 2 and cups for Mandrake Linux
Apache 2
cups
Apache 2
Two vulnerabilities were discovered in the Apache web server that affect all 2.x versions prior to 2.0.46. The first, discovered by John Hughes, is a build system problem that allows remote attackers to prevent access to authenticated content when a threaded server is used. This only affects versions of Apache compiled with threaded server "httpd.worker", which is not the default for Mandrake Linux.Read more
cups
A Denial of Service (DoS) vulnerability was discovered in the CUPS printing system by Phil D'Amore of Red Hat. The IPP (Internet Printing Protocol) that CUPS uses is single-threaded and can only service one request at a time. A malicious user could create a partial request that does not time out and cause a Denial of Service condition where CUPS will not respond to other printing requests. This can only be done if the malicious user can create a TCP connection to the IPP port (631 by default)Read more
Red Hat has released updated ghostscript packages
MandrakeSoft has released a security update for cups
