Hello and welcome to Linux Security Weekly for September 2, 2012. Linux Security Weekly is the audio podcast which covers current and important security vulnerabilities in Linux and open source software for the past week.
Show Notes:
News
OpenSSH
http://www.openssh.com/txt/release-6.1
Google Chrome
http://googlechromereleases.blogspot.com/2012/08/stable-channel-update_30.html
Java
http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html
http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-August/020083.html
Firefox and Thunderbird
http://www.mozilla.org/security/known-vulnerabilities/firefox.html
http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox10.0.7
OpenSuSE 12.2. this week?
http://news.opensuse.org/2012/08/02/opensuse-12-2-rc2-ready-for-a-final-test/
Distro Updates
Red Hat
Firefox and Thunderbird ESR – Red Hat 5 and 6
http://rhn.redhat.com/errata/RHSA-2012-1211.html
http://rhn.redhat.com/errata/RHSA-2012-1210.html
glibc – Red Hat 5 and 6
http://rhn.redhat.com/errata/RHSA-2012-1208.html
http://rhn.redhat.com/errata/RHSA-2012-1207.html
Ubuntu
Firefox and Thunderbird
http://www.ubuntu.com/usn/usn-1548-1/
http://www.ubuntu.com/usn/usn-1551-1/
iced-tea plugin
http://www.ubuntu.com/usn/usn-1505-2/
Debian
request tracker component rtfm, XSS
http://www.debian.org/security/2012/dsa-2535
otrs2, XSS
http://www.debian.org/security/2012/dsa-2536
typo3
http://www.debian.org/security/2012/dsa-2537
Extras
Web Application Scanners
nikto
http://cirt.net/nikto2
skipfish
http://code.google.com/p/skipfish/
sqlmap
http://sqlmap.org/
w3af
http://w3af.sourceforge.net/
