Forum latest

Dark Reading tips it's redhat to a new member of the Patch Tuesday club!
Written by Daniel   
Wednesday, 19 July 2006 14:49
Red Hat Patches Linux Apps

JULY 18, 2006 | Apparently, Microsoft isn't the only vendor who can call a Patch Tuesday.

In a series of announcements that might have made Microsoft envious, Linux vendor Red Hat today issued four patches designed to close security holes in its popular version of the operating system.

Red Hat said the new threats are "moderate" risks and should be eliminated with the installation of the new patches.

For security managers, the most serious discovery was a flaw in GnuPG, a popular utility for encrypting data and creating digital signatures under Linux. By exploiting the vulnerability, "an attacker could create a carefully-crafted message packet with a large length that could cause GnuPG to crash or possibly overwrite memory when opened," Red Hat said. An updated version of the application closes the hole and the encrypted data should be safe, Red Hat affirmed.

The other three vulnerabilities were found in Linux's graphics applications. Red Hat's GNU Image Manipulation Program, for example, contains a buffer overlow bug in its file loader that could allow an attacker to create an image that can execute arbitrary code if opened by a victim, according to researcher Henning Makholm.
There's much more on this on Dark Reading
Discuss this in the forums!


See also

None found.

Hardware | Windows | Linux | Security | Mobile Devices | Gaming
Tech Business | Editorial | General News | folding@home

Forum | Download Files

Copyright ©2001 - 2012, AOA Forums.  All rights reserved.

Alliance of Overclocking Arts

Links monetized by VigLink

Don't Click Here Don't Click Here Either