Weekly Linux Security Roundup 08/19/07

Published by

Here a roundup of the latest security updates for Red Hat Enterprise Linux, Debian GNU/Linux, Mandriva, Ubuntu Linux, CentOS, Slackware, and Gentoo Linux

Red Hat Enterprise Linux

- RHSA-2007:0671-01 Moderate: kernel security and bugfix update
- RHSA-2007:0841-01 Critical: RealPlayer security update

Debian GNU/Linux

- DSA 1354-1: New gpdf packages fix arbitrary code execution
- DSA 1355-1: New kdegraphics packages fix arbitrary code execution
- DSA 1356-1: New Linux 2.6.18 packages fix several vulnerabilities

Mandriva

- Security Announce MDKSA-2007:164 - Updated tetex packages fix multiple vulnerabilities
- Security Announce MDKSA-2007:163 - Updated koffice packages fix vulnerability
- Security Announce MDKSA-2007:162 - Updated kdegraphics packages fix vulnerability
- Security Announce MDKSA-2007:165 - Updated cups packages fix vulnerability
- Security Announce MDKSA-2007:167 - Updated libvorbis packages fix vulnerabilities
- Security Announce MDKSA-2007:166 - Updated rsync packages fix off-by-one buffer overflow

Ubuntu Linux

- USN-497-1: xfce4-terminal vulnerability
- USN-498-1: libvorbis vulnerabilities

CentOS

- CESA-2007:0671 Moderate CentOS 3 ia64 kernel - security update
- CESA-2007:0671 Moderate CentOS 3 s390(x) kernel - security update

Slackware Linux

- tcpdump (SSA:2007-230-01)

Gentoo Linux

- GLSA 200708-07 Xfce Terminal: Remote arbitrary code execution
- GLSA 200708-08 SquirrelMail G/PGP plugin: Arbitrary code execution
- GLSA 200708-09 Mozilla products: Multiple vulnerabilities
- GLSA 200708-10 MySQL: Denial of Service and information leakage
- GLSA 200708-12 Wireshark: Multiple vulnerabilities
- GLSA 200708-13 BIND: Weak random number generation