Today’s online security advisories just out from FrSIRT:
25.08.2008 : Linux Kernel VFS Lookup Local Denial of Service
Redhat script for checking for compromised versions of OpenSSH:
“Last week Red Hat detected an intrusion on certain of its computer systems
and took immediate action”. “In connection with the incident, the intruder
was able to sign a small number of OpenSSH packages relating only to
Red Hat Enterprise Linux 4 (i386 and x86_64 architectures only) and
Red Hat Enterprise Linux 5 (x86_64 architecture only)”.
“processes and efforts to date indicate that packages obtained by
Red Hat Enterprise Linux subscribers via Red Hat Network are not at risk”.
Affected Products: Red Hat Desktop (v. 4)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux AS (v. 4.5.z)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux ES (v. 4.5.z)
Red Hat Enterprise Linux WS (v. 4)
CVEs (cve.mitre.org): CVE-2007-4752
See http://www.redhat.com/security/data/openssh-blacklist.html
Update your software as relevant to your installation.