scottlinux.com | Linux Blog

Linux Security Weekly | 017 | Hello and welcome to Linux Security Weekly for September 16, 2012. Linux Security Weekly is the audio podcast which covers current and important security vulnerabilities in Linux and open source software for the past week. Show Notes: News bind CVE-2012-4244 https://kb.isc.org/article/AA-00778/74 http://www.h-online.com/security/news/item/Manipulated-data-causes-BIND-DNS-servers-to-crash-1708087.html rdata field: http://www.zytrax.com/books/dns/ch15/#rdata BIND Vulnerability Matrix – list of bind vulns according

Linux Security Weekly | 016 | Hello and welcome to Linux Security Weekly for September 9, 2012. Linux Security Weekly is the audio podcast which covers current and important security vulnerabilities in Linux and open source software for the past week. Show Notes: News WordPress 3.4.2 http://wordpress.org/news/2012/09/wordpress-3-4-2/ OpenSuSE 12.2 http://news.opensuse.org/2012/09/05/opensuse-12-2-green-means-go/ Virtualbox 4.1.22 https://www.virtualbox.org/wiki/Changelog Firefox bumped to 15.0.1 https://www.mozilla.org/en-US/firefox/15.0.1/releasenotes/ https://bugzilla.mozilla.org/show_bug.cgi?id=787743 Distro

Linux Security Weekly | 015 | Hello and welcome to Linux Security Weekly for September 2, 2012. Linux Security Weekly is the audio podcast which covers current and important security vulnerabilities in Linux and open source software for the past week. Show Notes: News OpenSSH http://www.openssh.com/txt/release-6.1 Google Chrome http://googlechromereleases.blogspot.com/2012/08/stable-channel-update_30.html Java http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-August/020083.html Firefox and Thunderbird http://www.mozilla.org/security/known-vulnerabilities/firefox.html http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html#firefox10.0.7 OpenSuSE 12.2. this

Linux Security Weekly | 014 | Hello and welcome to Linux Security Weekly for August 26, 2012. Linux Security Weekly is the audio podcast which covers current and important security vulnerabilities in Linux and open source software for the past week. Show Notes: News MS-CHAPv2 cracked http://technet.microsoft.com/en-us/security/advisory/2743314 https://www.cloudcracker.com/blog/2012/07/29/cracking-ms-chap-v2/ https://github.com/moxie0/chapcrack http://revolutionwifi.blogspot.de/2012/07/is-wpa2-security-broken-due-to-defcon.html RuggedCom #fail http://www.computerworld.com.au/article/434312/ics-cert_warns_ssl_security_flaw_ruggedcom_industrial_networking_devices/ Distro Updates Red Hat katello http://rhn.redhat.com/errata/RHSA-2012-1187.html http://rhn.redhat.com/errata/RHSA-2012-1186.html

Linux Security Weekly | 013 | Hello and welcome to Linux Security Weekly for August 19, 2012. Linux Security Weekly is the audio podcast which covers current and important security vulnerabilities in Linux and open source software for the past week. Show Notes: News PHP 5.4.6 and PHP 5.3.16 http://www.php.net/index.php#id2012-08-16-1 http://www.php.net/ChangeLog-5.php PostgreSQL Security Update 2012-08-17 http://www.postgresql.org/about/news/1407/ BackTrack 5 R3 released

Linux Security Weekly | 012 | Hello and welcome to Linux Security Weekly for August 12, 2012. Linux Security Weekly is the audio podcast which covers current and important security vulnerabilities in Linux and open source software for the past week. Show Notes: News Nvidia fix http://nvidia.custhelp.com/app/answers/detail/a_id/3140 Patch for older drivers available: ftp://download.nvidia.com/XFree86/patches/security/2012-08-01/ phpmyadmin CVE-2012-4219 http://www.phpmyadmin.net/home_page/security/PMASA-2012-3.php Distro Updates Red Hat

Linux Security Weekly | 011 | Hello and welcome to Linux Security Weekly for August 5, 2012. Linux Security Weekly is the audio podcast which covers current and important security vulnerabilities in Linux and open source software for the past week. Show Notes: Privilege escalation vulnerability in the NVidia proprietary driver http://lwn.net/Articles/509131/ http://seclists.org/fulldisclosure/2012/Aug/4 Edit: Fixed! http://nvidia.custhelp.com/app/answers/detail/a_id/3140 Chrome Stable 21 http://chrome.blogspot.com/2012/07/new-senses-for-web.html

Linux Security Weekly | 010 | Hello and welcome to Linux Security Weekly for July 29 2012. Linux Security Weekly is the audio podcast which covers current and important security vulnerabilities in Linux and open source software for the past week. Show Notes: Mod Security 2.7 (2.7.0-RC2) http://blog.spiderlabs.com/2012/07/announcing-the-availability-of-modsecurity-extension-for-iis.html http://blog.spiderlabs.com/2012/07/beyond-apache-modsecurity-for-iisnginx.html http://modsecurity.org/download/ Wireshark http://www.wireshark.org/news/20120722.html Red Hat bind – RHEL 4 http://rhn.redhat.com/errata/RHSA-2012-1110.html bind

Linux Security Weekly | 009 | Hello and welcome to Linux Security Weekly for July 22, 2012. Linux Security Weekly is the audio podcast which covers current and important security vulnerabilities in Linux and open source software for the past week. Show Notes: PHP 5.4.5 and PHP 5.3.15 released http://www.php.net/archive/2012.php#id2012-07-19-1 Firefox and Thunderbird 14.0.1 and 10.0.6 for ESR http://www.mozilla.org/en-US/firefox/14.0.1/releasenotes/ https://www.mozilla.org/security/known-vulnerabilities/firefox.html

Linux Security Weekly | 008 | Hello and welcome to Linux Security Weekly for July 15, 2012. Linux Security Weekly is the audio podcast which covers current and important security vulnerabilities in Linux and open source software for the past week. Show Notes: CentOS 6.3 released http://lists.centos.org/pipermail/centos-announce/2012-July/018706.html http://wiki.centos.org/Manuals/ReleaseNotes/CentOS6.3 Chrome Browser 20.0.1132.57 http://googlechromereleases.blogspot.com/2012/07/stable-channel-update.html mysql updates coming https://bugzilla.redhat.com/show_bug.cgi?id=832540 Red Hat kernel updates