Security Updates | 2009-05-18

I track security updates for the following vendors: Apple, Cisco, FreeBSD, Microsoft, Red Hat, and Sun Microsystems. I chose these vendors based on my own needs for the networks and systems I manage. I’ve also found that updates from these vendors tend to catch the major updates necessary for common software applications. If you have other vendors you would like me to provide updates for, send me a message.

Microsoft Corporation

• Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution (967340)
• Vulnerability in Internet Information Services Could Allow Elevation of Privilege

Red Hat, Inc.

• RHSA-2009:0955 Moderate: nfs-utils security and bug fix update
• RHSA-2009:0981 Low: util-linux security and bug fix update
• RHSA-2009:1024 Important: Red Hat Enterprise Linux 4.8 kernel security and bug fix update
• RHSA-2009:1036 Important: ipsec-tools security update
• RHSA-2009:1038 Critical: java-1.5.0-ibm security update
• RHSA-2009:1039 Important: ntp security update
• RHSA-2009:1040 Critical: ntp security update

Sun Microsystems, Inc.

• Multiple Security Vulnerabilities in Mozilla Thunderbird Versions Prior to 2.0.0.19 May Allow Execution of Arbitrary Code or Unauthorized Access to Data
• Security Vulnerability in PostgreSQL Shipped with Solaris may Allow a Denial of Service (DoS)
• Multiple Security Vulnerabilities in Adobe Reader for Solaris 10 May Allow Execution of Arbitrary Code or Cause Denial of Service (DoS)
• Security Vulnerability in Solaris 9 fstat(2) System Call May Lead to a System Panic, Resulting in a Denial of Service (DoS)
• Security Vulnerability in the Solaris Simple Authentication and Security Layer (SASL) Library (see libsasl(3LIB)) Routine sasl_encode64(3SASL) may Allow Unprivileged Users to Crash Applications Using this Function