Microsoft preps critical Windows, Exchange patches
Microsoft Tuesday plans to release three patches for several of its software products, including at least two critical updates for known vulnerabilities, according to the company’s monthly security update. IDG News Service, 05/04/06.
MySQL releases security patch
MySQL this week issued a security patch for multiple vulnerabilities in its MySQL open source database. IDG News Service, 05/04/06.
Trustix releases ‘multi’ update
A new update from Trustix fixes flaws in ClamAV, cyrus-sasl, kernel, libtiff, rsync and xorg-x11. The most serious of the vulnerabilities could be exploited to run malicious code on the affected machine.
Mandriva, SuSE, Ubuntu patch xorg-x11
According to the SuSE advisory, “Miscalculation of a buffer size in the X Render extension of the X.Org X11 server could potentially be exploited by users to cause a buffer overflow and run code with elevated privileges.” For more, go to:
Ubuntu releases updates kernel
A number of vulnerabilities have been found in the Ubuntu Linux kernel. Many of the flaws could be exploited to crash the kernel.
Gentoo releases Firefox update
A buffer overflow in the JavaScript extension for Firefox could be exploited to run arbitrary code on the affected machine. A fix is available.
Gentoo issues patch for rsync
According to an alert from Gentoo, “An attacker having write access to an rsync module might be able to execute arbitrary code on an rsync server.”