Showing all newswire headlines

Updated PAM packages are now available for Red Hat Linux 7.1, 7.2, 7.3, and 8.0. These packages correct a bug in pam_xauth's handling of authorization data for the root user.

Updated lynx packages are available that fix an error in the way lynx parses its command line arguments, which can lead to faked headers being sent to a web server.

An insecure use of a temporary file has been found in Python. This erratum provides updated Python packages. [updated Feb 12 2003] Updated packages for Red Hat Linux 7.3 are available that fix a binary incompatibility change in the original erratum packages that affected redhat-config-users, and to add back the missing python-tools package.

Vulnerabilities were discovered in the Postgresql relational database by Mordred Labs. These vulnerabilities are buffer overflows in the rpad(), lpad(), repeat(), and cash_words() functions. The Postgresql developers also fixed a buffer overflow in functions that deal with time/date and timezone.

Hironori Sakamoto, one of w3m developers, found two security vulnerabilities in w3m and associated programs. The w3m browser does not properly escape HTML tags in frame contents and img alt attributes. A malicious HTML frame or img alt attribute may deceive a user to send his local cookies which are used for configuration. The information is not leaked automatically, though.

An updated kernel-utils package is available that removes the setuid bits incorrectly assigned to the uml_net binary.

New w3m packages are available that fix two cross-site scripting issues.

Updated Xpdf packages are now available that fix a vulnerability in which a maliciously-crafted pdf document could run arbitrary code.

Updated packages are available to fix a vulnerability in WindowMaker.

Updated openldap packages are available which fix a number of local and remote buffer overflows in libldap and the slapd and slurpd servers, and potential issues stemming from using user-specified LDAP configuration files.

A buffer overflow vulnerability was discovered in slocate by team USG. The overflow appears when slocate is used with the -c and -r parameters, using a 1024 (or 10240) byte string. This has been corrected in slocate version 2.7.

An updated kernel for 9.0 is available with a number of bug fixes. Supermount has been completely overhauled and should be solid on all systems. Other fixes include XFS with high memory, a netfilter fix, a fix for Sony VAIO DMI, i845 should now work with UDMA, and new support for VIA C3 is included. Prism24 has been updated so it now works properly on HP laptops and a new ACPI is included, although it is disabled by default for broader compatibility.

Updated PHP packages are available that fix a vulnerability in the wordwrap() function and a number of compatibility bugs.

Updated kernel packages for Red Hat Linux 7.1, 7.2, 7.3, and 8.0 are now available that fix an information leak from several ethernet drivers, and a file system issue.

Aleksander Adamowski informed MandrakeSoft that the MySQL developers fixed a DoS vulnerability in the recently released 3.23.55 version of MySQL. A double free() pointer bug in the mysql_change_user() handling would allow a specially hacked mysql client to crash the main mysqld server. This vulnerability can only be exploited by first logging in with a valid user account.

A vulnerability was discovered in vim by Georgi Guninski that allows arbitrary command execution using the libcall feature found in modelines. A patch to fix this problem was introduced in vim 6.1 patchlevel 265. This patch has been applied to the provided update packages.

Ulf Harnhammar discovered two problems in hypermail, a program to create HTML archives of mailing lists.

Updated packages fix a vulnerability found in the Kerberos ftp client distributed with the Red Hat Linux krb5 packages.

The developers of courier, an integrated user side mail server, discovered a problem in the PostgreSQL auth module. Not all potentially malicious characters were sanitized before the username was passed to the PostgreSQL engine. An attacker could inject arbitrary SQL commands and queries exploiting this vulnerability. The MySQL auth module is not affected.

The developers of tomcat discovered several problems in tomcat version 3.x. The Common Vulnerabilities and Exposures project identifies the following problems: