Hello and welcome to Linux Security Weekly for June 24, 2012. Linux Security Weekly is the audio podcast which covers current and important security vulnerabilities in Linux and open source software for the past week.
Show Notes:
Red Hat 6.3 released
http://www.redhat.com/about/news/archive/2012/6/red-hat-enterprise-linux-63-globally-available
http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html-single/6.3_Release_Notes/index.html
Multi-factor ssh
https://bugzilla.redhat.com/show_bug.cgi?id=657378
https://bugzilla.mindrot.org/show_bug.cgi?id=983
Cisco AnyConnect VPN client security update: Mac, Windows, and Linux
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-ac
Joomla 2.5.6
http://www.joomla.org/announcements/release-news/5428-joomla-256-released.html
http://developer.joomla.org/security/news/470-20120601-core-privilege-escalation
http://developer.joomla.org/security/news/471-20120602-core-information-disclosure
Apache Traffic Server 3.2.0
http://trafficserver.apache.org/downloads
Ubuntu
php
http://www.ubuntu.com/usn/usn-1481-1/
Firefox
http://www.ubuntu.com/usn/usn-1463-3/
Debian
mysql
http://www.debian.org/security/2012/dsa-2496
Red Hat
python, red hat 5 and 6
http://rhn.redhat.com/errata/RHSA-2012-0745.html
http://rhn.redhat.com/errata/RHSA-2012-0744.html
FreeBSD
BIND update – CVE-2012-1667
http://security.freebsd.org/advisories/FreeBSD-SA-12:03.bind.asc
sysret update – CVE-2012-0217 priv escalation, intel cpus only
http://security.freebsd.org/advisories/FreeBSD-SA-12:04.sysret.asc
VirtualBox 4.1.18 – maintenance release only, 10 bugs fixed
https://www.virtualbox.org/wiki/Changelog
