3
Slackware: 2010-116-01: irssi: Security Updateview story

http://www.linuxsecurity.com – LinuxSecurity.com: New irssi packages are available for Slackware 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues. [More Info...] (Security)

5
Debian: 2039-1: cacti: missing input sanitisingview story

http://www.linuxsecurity.com – LinuxSecurity.com: It was discovered that Cacti, a frontend to rrdtool for monitoring systems and services missed input sanitising, making an SQL injection attack possible. [More...] (Security)

6
Mandriva: 2010:083: emacsview story

http://www.linuxsecurity.com – LinuxSecurity.com: A vulnerability has been found and corrected in emacs: lib-src/movemail.c in movemail in emacs 22 and 23 allows local users to read, modify, or delete arbitrary mailbox files via a symlink attack, related to improper file-permission checks (CVE-2010-0825). [More...] (Security)

6
Debian: 2037-1: kdm (kdebase): race conditionview story

http://www.linuxsecurity.com – LinuxSecurity.com: Sebastian Krahmer discovered that a race condition in the KDE Desktop Environment's KDM display manager, allow a local user to elevate privileges to root. [More...] (Security)

5
Debian: 2036-1: jasper: programming errorview story

http://www.linuxsecurity.com – LinuxSecurity.com: It was discovered that the JasPer JPEG-2000 runtime library allowed an attacker to create a crafted input file that could lead to denial of service and heap corruption. [More...] (Security)

5
Mandriva: 2010:075: openoffice.orgview story

http://www.linuxsecurity.com – LinuxSecurity.com: This updates provides a security update to the OpenOffice.org described as follow: OpenOffice's xmlsec uses a bundled Libtool which might load .la file in the current working directory allowing local users to gain [More...] (Security)

6
Mandriva: 2010:070: firefoxview story

http://www.linuxsecurity.com – LinuxSecurity.com: Security issues were identified and fixed in firefox: Security researcher regenrecht reported (via TippingPoint's Zero Day Initiative) a potential reuse of a deleted image frame in Firefox 3.6's handling of multipart/x-mixed-replace images. Although no exploit was [More...] (Security)

3
Ubuntu: 927-3: Thunderbird regressionview story

http://www.linuxsecurity.com – LinuxSecurity.com: USN-927-1 fixed vulnerabilities in NSS. Due to upstream changes in NSS3.12.6, Thunderbird would be unable to initialize the security componentand connect with SSL/TLS if the old libnss3-0d transition package wasinstalled. This update fixes the problem. [More...] (Security)

3
What is new in Firewall Builder 4.0view story

http://www.fwbuilder.org – v4.0 comes with support for high availability configurations for firewalls on Linux, BSD and Cisco PIX. It can generate configuration scripts to manage ip addresses of interfaces,vlans, bridges and bonding interfaces. This is a major upgrade that also adds many improvements in the GUI. (Security)

5
Ubuntu: 926-1: ClamAV vulnerabilitiesview story

http://www.linuxsecurity.com – LinuxSecurity.com: It was discovered that ClamAV did not properly verify its input whenprocessing CAB files. A remote attacker could send a specially craftedCAB file to evade malware detection. (CVE-2010-0098) [More...] (Security)

4
SuSE: Weekly Summary 2010:008view story

http://www.linuxsecurity.com – LinuxSecurity.com: To avoid flooding mailing lists with SUSE Security Announcements for minor issues, SUSE Security releases weekly summary reports for the low profile vulnerability fixes. The SUSE Security Summary Reports do not list or download URLs like the SUSE Security Announcements that are released for more severe vulnerabilities. (Security)

4
Debian: 2030-1: mahara: sql injectionview story

http://www.linuxsecurity.com – LinuxSecurity.com: It was discovered that mahara, an electronic portfolio, weblog, and resume builder is not properly escaping input when generating a unique username based on a remote user name from a single sign-on application. An attacker can use this to compromise the mahara database via crafted user names. [More...] (Security)