Linux Security Weekly | 017

Published on September 16, 2012, by Scott Miller + in podcast.

Hello and welcome to Linux Security Weekly for September 16, 2012. Linux Security Weekly is the audio podcast which covers current and important security vulnerabilities in Linux and open source software for the past week.

Linux Security Weekly | 017 - 16 September 2012 Play Now | Play in Popup | Download

Show Notes:

News

bind CVE-2012-4244

https://kb.isc.org/article/AA-00778/74

http://www.h-online.com/security/news/item/Manipulated-data-causes-BIND-DNS-servers-to-crash-1708087.html

rdata field:

http://www.zytrax.com/books/dns/ch15/#rdata

BIND Vulnerability Matrix – list of bind vulns according to version of bind:

http://www.isc.org/software/bind/security/matrix

PHP 5.4.7 and PHP 5.3.17 released

http://www.php.net/index.php#id2012-09-13-1

VirtualBox 4.2.0

https://www.virtualbox.org/wiki/Changelog

PostgreSQL 9.2 released

http://www.postgresql.org/about/news/1415/

Distro Updates

Red Hat

ghostscript red hat 5 and 6 CVE-2012-4405

http://rhn.redhat.com/errata/RHSA-2012-1256.html

libexif red hat 5 and 6 (7 CVEs)

http://rhn.redhat.com/errata/RHSA-2012-1255.html

quagga red hat 5 and 6

http://rhn.redhat.com/errata/RHSA-2012-1259.html

http://rhn.redhat.com/errata/RHSA-2012-1258.html

libxslt red hat 5 and 6

http://rhn.redhat.com/errata/RHSA-2012-1265.html

postgresql red hat 5 and 6

http://rhn.redhat.com/errata/RHSA-2012-1264.html

http://rhn.redhat.com/errata/RHSA-2012-1263.html

rhev-hypervisor5 red hat 5

http://rhn.redhat.com/errata/RHSA-2012-1262.html

dbus red hat 6

http://rhn.redhat.com/errata/RHSA-2012-1261.html

bind red hat 5 and 6

http://rhn.redhat.com/errata/RHSA-2012-1268.html

http://rhn.redhat.com/errata/RHSA-2012-1267.html

http://rhn.redhat.com/errata/RHSA-2012-1266.html

Ubuntu

django

http://www.ubuntu.com/usn/usn-1560-1/

xmlrpc-c

http://www.ubuntu.com/usn/usn-1527-2/

firefox

http://www.ubuntu.com/usn/usn-1548-2/

bind

http://www.ubuntu.com/usn/usn-1566-1/

kernel

http://www.ubuntu.com/usn/usn-1567-1/

http://www.ubuntu.com/usn/usn-1568-1/

Debian

qemu-kvm

http://www.debian.org/security/2012/dsa-2542

xen-qemu-dm-4.0

http://www.debian.org/security/2012/dsa-2543

xen

http://www.debian.org/security/2012/dsa-2544

qemu

http://www.debian.org/security/2012/dsa-2545

freeradius

http://www.debian.org/security/2012/dsa-2546

bind9

http://www.debian.org/security/2012/dsa-2547

tor

http://www.debian.org/security/2012/dsa-2548

Extras

CRIME TLS vulnerability

https://community.qualys.com/blogs/securitylabs/2012/09/14/crime-information-leakage-attack-against-ssltls

Tags: linux security weekly, podcast, security

No Comments.

« Bluetooth Hacking – roninDrupal Security Notes »

scottlinux.com | Linux Blog

Linux Security Weekly | 017

Show Notes:

Leave a Reply Cancel reply

Featured Links

Random Posts

Recent Comments

Support scottlinux.com