Linux Today: Linux News On Internet Time.

More on LinuxToday

Security Linux News for Nov 02, 2001

  • SuSE Security Announcement: kernel (2001-11-02 22:29:38)
    "Information about the security problems fixed with the new kernel rpm packages from SuSE Security Announcement: kernel (SuSE-SA:2001:036) has been withheld in coordination with other Linux distributors/vendors. We hereby re-release SuSE-SA:2001:036 with the new announcement ID SuSE-SA:2001:039, now including additional information about the bugs fixed." [ Updates from the other vendors are out and being prepared for publication on LT shortly. -ed. ]

  • Caldera International, Inc. Security Advisory: Linux - libdb buffer overflow problem (2001-11-02 03:02:06)
    "Due to a configuration mistake in the libdb1 package included with OpenLinux 3.1 some programs were using unsafe version of the snprintf and vsnprintf functions. This might allow remote attackers to gain access to your system or local attackers to gain root access."

  • EnGarde Secure Linux Security Advisory: webalizer: cross-site scripting vulnerability (2001-11-02 00:05:51)
    "There is a cross-site scripting vulnerability in webalizer which can allow an attacker to exploit a victim by embedding malicious HTML tags in webalizer-generated reports."

  • Red Hat Security Advisory: Comprehensive Printing Update (2001-11-02 00:03:28)
    "A collection of security fixes, bug fixes, and functionality updates, including the Omni print drivers from IBM."

  • Red Hat Security Advisory: Updated webalizer packages available (2001-11-02 00:01:28)
    "A bug in versions of webalizer prior to 2.01_09 allowed users to embed malicious HTML tags in reports generated by webalizer."

  • SuSE Security Announcement: kernel (2001-05-19 01:56:40)
    "The SuSE Linux kernel is a standard kernel, enhanced with a set of additional drivers and other improvements, to suit the end-user's demand for a great variety of drivers for all kind of hardware. Multiple security vulnerabilities have been found in all Linux kernels of version 2.2 before version 2.2.19. Most of the found errors allow a local attacker to gain root privileges. None of the found errors in the v2.2 linux kernel make it possible for a remote attacker to gain access to the system or to elevate privileges from the outside of the system."