Security Advisories for Linux Systems
Several security advisories have been released today that are going to fix vulnerabilities in Linux based systems, the advisories list looks as follows:
The vulnerability is rated as moderate and it affects Apache Tomcat for Java Servlet and JavaServer Pages (JSP) technologies. Here a remote attacker can send an HTTP request with large number of parameters to consume the CPU time. Update will solve this issue by limiting the amount number of requests to mitigate the risk of the attack.
- Mandriva Linux Security Advisory 2012-057
The second advisory is for Mandriva Linux system freetype2 and aims to fix multiple vulnerabilities that may cause an application to crash or execute an arbitrary command, the Freetype 2 is a software that will help to display servers, font conversation tools or more.
The third advisory is for Debian sqlalchemy toolkit where an attacker may conduct an SQL Injection as the toolkit do not sanitizing input passed to the limit/offset keywords to select(), so sqlalchemy toolkit needs to filter certain SQL value.
If you are using any of these systems or applications be sure to read carefully the advisory to apply any required update and mitigate the risk of such vulnerabilities.