Linux in the news
All in one big page
See also: last week's Security page.
News and Editorials
Microsoft's security bugs. Perhaps some of you run networks where you have to deal with these things... Certainly the current bug in Windows XP is getting a lot of attention, since it exposes most network-connected systems to a remote exploit. The thing that stands out to some of us is that it took Microsoft five weeks to get a fix out. Not all Linux security problems get fixed immediately, but a vulnerability that exposed almost every network-connected Linux system would see a very quick response.
Fewer people have been concerned about this Internet Explorer bug, but it's really just as bad. Write a web page that feeds IE a .exe file with an image/jpeg MIME header, and IE will happily execute it. You don't even have to be a script kiddie to exploit this one. Be careful out there...
Remotely exploitable security problem in mutt. A couple of new mutt releases (126.96.36.199 and 1.3.25) were announced this week. These releases include a fix for a security problem which, apparently, can be exploited remotely. The nature of the vulnerability is still being kept under wraps.
The Debian Project came out with the first mutt update for this vulnerability that we have seen. Expect to see updates to a number of other distributons shortly.
Problems with libgtop_daemon. The libgtop_daemon package is a GNOME program which makes system information available remotely. LWN reported the remotely exploitable format string and buffer overflow vulnerabilities in that package on December 6th. On November 28th SuSE recommended disabling the libgtop_daemon on systems where it is running until an update is available.
MandrakeSoft has issued what appears to be the first security update to libgtop that fixes the problems. Mandrake Linux systems do not run libgtop by default, but applying the update is a good idea anyway.
Debian security update to gpm.
The Debian Project has issued a
security update to gpm fixing a format string vulnerability in that
Red Hat security update to namazu.
Red Hat has released a security
update to namazu fixing a cross-site scripting problem in that
HP security updates to sendmail, ghostscript, and glibc.
HP has sent out a bulk security update
notice for users of its "HP Secure OS Software for Linux." Updated
packages include sendmail (local root exploit), ghostscript (read access
to protected files) and glibc (file globbing buffer overflow).
Debian security update to gpm. The Debian Project has issued a security update to gpm fixing a format string vulnerability in that package.
Red Hat security update to namazu. Red Hat has released a security update to namazu fixing a cross-site scripting problem in that package.
HP security updates to sendmail, ghostscript, and glibc. HP has sent out a bulk security update notice for users of its "HP Secure OS Software for Linux." Updated packages include sendmail (local root exploit), ghostscript (read access to protected files) and glibc (file globbing buffer overflow).
Proprietary products.The following proprietary products were reported to contain vulnerabilities:
UpdatesBuffer overflow problem in glibc. The glibc filename globbing code has a buffer overflow problem. For those who are interested, Global InterSec LLC has provided a detailed description of this vulnerability. This problem was first reported by LWN on December 20th.
This week's updates:
Mailman cross-site scripting vulnerability. This vulnerability was first reported by LWN on December 13th.
This week's updates:
OpenSSH UseLogin vulnerability. This obscure vulnerability is not of concern to most sites. This problem first appeared in the December 6th LWN security page.
This week's updates:
ResourcesKDE frontend to iptables. Version 2.2.3 of knetfilter was released. Knetfilter may be used with Linux 2.4 to manage the functionality of netfilter. Knetfilter "lets you set up most common firewall configurations, as well as perform more sophisticated management of a complex firewall."
The Linux Intrusion Detection System 1.1.0 for the 2.4.16 (2.4.x) kernel is available. The Linux Intrusion Detection System (LIDS) is a" a patch which enhances the kernel's security by implementing a reference monitor and Mandatory Access Control (MAC). When it is in effect, chosen file access, all system/network administration operations, any capability use, raw device, memory, and I/O access can be made impossible even for root."
Upcoming Security Events.
For additional security-related events, included training courses (which we don't list above) and events further in the future, check out Security Focus' calendar, one of the primary resources we use for building the above list. To submit an event directly to us, please send a plain-text message to email@example.com.
Section Editor: Dennis Tenney
January 3, 2002
Security alerts archive
Engarde Secure Linux
NSA Security Enhanced
Linux Security Audit Project
Linux Security Module
Security List Archives
Firewall Wizards Archive
LinuxPPC Security Updates
Red Hat Errata
Yellow Dog Errata
Security mailing lists Caldera
Linux From Scratch
Security Software Archives
ZedZ.net (formerly replay.com)
Comp Sec News Daily