[eddie5659]

Hiya

wmaker/WindowMaker

The window manager Window Maker was found vulnerable to a buffer overflow
due to improper bounds checking when setting the window title.
An attacker can remotely exploit this buffer overflow by using malicious
web page titles or terminal escape sequences to set a excessively long
window title.
This attack can lead to remote command execution with the privileges of
the user running Window Maker

http://www.linuxsecurity.com/advisor...sory-1612.html

Mandrake Linux

Zen Parse discovered that an argument handling problem that exists in
the uucp package can allow a local attacker to gain access to the uucp
user or group

http://www.linuxsecurity.com/advisor...sory-1613.html

Updated man package fixing GID security problems

Updated man packages fixing a local GID man exploit and a
potential GID man to root exploit, as well as a problem with the
man paths of Red Hat Linux 5.x and 6.x

http://www.linuxsecurity.com/advisor...sory-1614.html

OpenSSH Security Advisory

Weakness in OpenSSH's source IP based access control
for SSH protocol v2 public key authentication

http://www.linuxsecurity.com/advisor...sory-1617.html

Squid multiple vulnerabilities

Vladimir Ivaschenko found a bug[1] which allows a remote attacker
to cause a DoS on the squid proxy service by sending mkdir ftp
requests.

Takashi Taniguchi found a bug[2] that allows malicious users to
do portscanning and other suspect activities using the proxy when
it's configured in "http accelerator mode

http://www.linuxsecurity.com/advisor...sory-1615.html

Red Hat

The initscript distributed with the setserial package (which is not
installed or enabled by default) uses predictable temporary file names, and
should not be used. setserial-2.17-4 and earlier versions are affected

http://www.linuxsecurity.com/advisor...sory-1616.html

Regards

eddie