Linux Today: Linux News On Internet Time.

SecurityPortal.com: Weekly Linux Security Digest: 2001/04/16 to 2001/04/22

Apr 23, 2001, 21:00 (3 Talkback[s])
(Other stories by Kurt Seifried)

"A new Linux 2.2 kernel is out that fixes several problems, among them a driver that might let a user to write to kernel memory (eeek!). IPTables in 2.4.x has been found to have a problem in the code for FTP connection tracking, which might allow an attacker to get around your firewall, a patch has been posted. Time for a kernel upgrade (isn't that always fun). For pity's sake please be careful when upgrading your kernel and follow the vendor instructions!"

"Samba's printing has a tmp vulnerability that has been fixed. A new version of Samba, 2.2.0, has also been released, with many improvements. VMWare also uses /tmp unsafely, do not run VMWare as root if possible, and make sure you set your TCP and TMPDIR variables to something safe. There is a bug in Netscape with regards to JavaScript, attackers can potentially get code to run on your machine and access some (limited) data. Hylafax also has a problem, SuSE has issued an update, other vendors should follow. As well two major new releases, Red Hat 7.1 and Mandrake 8.0, both of which have made major efforts in the security arena to improve themselves, hopefully we will see more of this. Mandrake has also dropped support for 6.0, 6.1 and 7.0 with the release of 8.0, however they still support 7.1, 7.2, 8.0 (of course) and corporate server."

Complete Story

Related Stories: