Posts Tagged ‘Linux’

« Older Entries

DSA-1617 refpolicy - incompatible policy

Saturday, July 26th, 2008

In DSA-1603-1, Debian released an update to the BIND 9 domain name
server, which introduced UDP source port randomization to mitigate
the threat of DNS cache poisoning attacks (identified by the Common
Vulnerabilities and Exposures project as CVE-2008-1447).
The fix, while correct, was incompatible with the version of SELinux Reference
Policy shipped with Debian Etch, which did not permit a process running in the
named_t domain to bind sockets to UDP ports other than the standard ‘domain’
port (53).
The incompatibility affects both the ‘targeted’ and ’strict’ policy packages
supplied by this version of refpolicy.

Read the full story: DSA-1617 refpolicy - incompatible policy: http://www.debian.org/security/2008/dsa-1617

Tags: , , , , ,
Posted in Debian Security | No Comments »

DSA-1588 linux-2.6 - denial of service

Tuesday, May 27th, 2008

Several vulnerabilities have been discovered in the Linux kernel that may
lead to a denial of service. The Common Vulnerabilities and Exposures
project identifies the following problems:

Read the full story: DSA-1588 linux-2.6 - denial of service: http://www.debian.org/security/2008/dsa-1588

Tags: , , , ,
Posted in Debian Security | No Comments »

DSA-1575 linux-2.6 - denial of service

Tuesday, May 13th, 2008

A vulnerability has been discovered in the Linux kernel that may lead
to a denial of service. The Common Vulnerabilities and Exposures
project identifies the following problem:

Read the full story: DSA-1575 linux-2.6 - denial of service: http://www.debian.org/security/2008/dsa-1575

Tags: , , , ,
Posted in Debian Security | No Comments »

« Older Entries