LXer Weekly Security Roundup - Mar 22, 2004 to Mar 29, 2004

Posted by dave on Mar 29, 2004 3:10 AM EDT
Dave Whitinger
Mail this story
Print this story

There were 5 security alerts issued last week:
  • 2 from Debian
  • 1 from Fedora
  • 2 from Gentoo

Debian: New ecartis packages fix several vulnerabilities
Mar 24, 2004 1:50 AM
Timo Sirainen discovered two vulnerabilities in ecartis, a mailing list manager.

Debian: New emil packages fix multiple vulnerabilities
Mar 25, 2004 12:30 PM
Ulf Harnhammar discovered a number of vulnerabilities in emil, a filter for converting Internet mail messages.

Fedora: openssl-0.9.7a-33.10
Mar 22, 2004 1:44 PM
This update includes OpenSSL packages to fix two security issues affecting OpenSSL 0.9.7a which allow denial of service attacks; CVE CAN-2004-0079 and CVE CAN-2003-0851.

Gentoo: Apache 2
Mar 25, 2004 8:30 PM
A memory leak in mod_ssl allows a remote denial of service attack against an SSL-enabled server via plain HTTP requests. Another flaw was found when arbitrary client-supplied strings can be written to the error log, allowing the exploit of certain terminal emulators. A third flaw exists with the mod_disk_cache module.

Gentoo: UUDeview MIME Buffer Overflow vulnerability
Mar 28, 2004 2:58 PM
A specially-crafted MIME file (.mim, .uue, .uu, .b64, .bhx, .hqx, and .xxe extensions) may cause UUDeview to crash or execute arbitrary code.

» Read more about: Story Type: Roundups

« Return to the newswire homepage

This topic does not have any threads posted yet!

You cannot post until you login.