There were 5 security alerts issued last week:
- 2 from Debian
- 1 from Fedora
- 2 from Gentoo
Debian: New ecartis packages fix several vulnerabilities
Mar 24, 2004 1:50 AM
Timo Sirainen discovered two vulnerabilities in ecartis, a mailing list manager.
Debian: New emil packages fix multiple vulnerabilities
Mar 25, 2004 12:30 PM
Ulf Harnhammar discovered a number of vulnerabilities in emil, a filter for converting Internet mail messages.
Mar 22, 2004 1:44 PM
This update includes OpenSSL packages to fix two security issues affecting OpenSSL 0.9.7a which allow denial of service attacks; CVE CAN-2004-0079 and CVE CAN-2003-0851.
Gentoo: Apache 2
Mar 25, 2004 8:30 PM
A memory leak in mod_ssl allows a remote denial of service attack against an SSL-enabled server via plain HTTP requests. Another flaw was found when arbitrary client-supplied strings can be written to the error log, allowing the exploit of certain terminal emulators. A third flaw exists with the mod_disk_cache module.
Gentoo: UUDeview MIME Buffer Overflow
Mar 28, 2004 2:58 PM
A specially-crafted MIME file (.mim, .uue, .uu, .b64, .bhx, .hqx, and .xxe extensions) may cause UUDeview to crash or execute arbitrary code.