From noreply at frugalware.org Thu Aug 2 16:48:47 2007 From: noreply at frugalware.org (vmiklos) Date: Thu Aug 2 16:48:49 2007 Subject: [Frugalware-security] [ FSA-235 ] firefox Message-ID: <20070802144847.91AC713A402D@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-235 Date: 2007-08-02 Package: firefox Vulnerable versions: <= 2.0.0.4-1terminus1 Unaffected versions: >= 2.0.0.6-1terminus1 Related bugreport: http://bugs.frugalware.org/task/2252 http://bugs.frugalware.org/task/2253 http://bugs.frugalware.org/task/2303 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3656 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3670 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3734 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3735 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3736 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3737 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3089 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3844 Description =========== 1) Michal Zalewski has discovered a vulnerability in Mozilla Firefox, which can be exploited by malicious people to disclose sensitive information and conduct spoofing attacks. The vulnerability is caused due to an error in the handling of the "wyciwyg://" URI handler. This can be exploited to access or spoof contents from a previously cached web site e.g. via HTTP 302 redirects when a user visits a malicious web page. 2) The problem is that Firefox registers the "firefoxurl://" URI handler and allows invoking firefox with arbitrary command line arguments. Using e.g. the "-chrome" parameter it is possible to execute arbitrary Javascript in chrome context. This can be exploited to execute arbitrary commands e.g. when a user visits a malicious web site using other browsers. 3) Various errors in the browser engine can be exploited to cause memory corruption and potentially to execute arbitrary code. 4) Various errors in the Javascript engine can be exploited to cause memory corruption and potentially to execute arbitrary code. 5) An error in the "addEventListener" and "setTimeout" methods can be exploited to inject script into another site's context, circumventing the browser's same-origin policy. 6) An error in the cross-domain handling can be exploited to inject arbitrary HTML and script code in a sub-frame of another web site. 7) An unspecified error in the handling of elements outside of documents allows an attacker to call an event handler and execute arbitrary code with chrome privileges. 8) An unspecified error in the handling of "XPCNativeWrapper" can lead to execution of user-supplied code. 9) The vulnerability is caused due to an error within the handling of "about:blank" pages loaded by chrome in an addon. This can be exploited to execute script code under chrome privileges by e.g. clicking on a link opened in an "about:blank" window created and populated in a certain ways by an addon. Successful exploitation requires that certain addons are installed. Updated Packages ================ Check if you have firefox installed: # pacman-g2 -Q firefox If found, then you should upgrade to the latest version: # pacman-g2 -Sy firefox -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFGse7PZ7NElSD1VhkRAtE7AJ94ZCZbtJ62gaMef1/SfBlPKDDXlQCfSEaG 2hJGDBuII+tV467Ni4j04tI= =KpN2 -----END PGP SIGNATURE----- From noreply at frugalware.org Fri Aug 3 09:54:39 2007 From: noreply at frugalware.org (vmiklos) Date: Fri Aug 3 09:54:41 2007 Subject: [Frugalware-security] [ FSA-236 ] vim Message-ID: <20070803075439.E7ACB16A8010@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-236 Date: 2007-08-03 Package: vim Vulnerable versions: <= 7.0-4terminus1 Unaffected versions: >= 7.0-4terminus2 Related bugreport: http://bugs.frugalware.org/task/2292 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2953 Description =========== Secunia Research has discovered a vulnerability in Vim, which can be exploited by malicious people to compromise a vulnerable system. A format string error in the "helptags_one()" function in src/ex_cmds.c when running the "helptags" command can be exploited to execute arbitrary code via specially crafted help files. Successful exploitation requires that the user is tricked into running "helptags" on malicious data. Updated Packages ================ Check if you have vim installed: # pacman-g2 -Q vim If found, then you should upgrade to the latest version: # pacman-g2 -Sy vim -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFGst8/Z7NElSD1VhkRAvqxAKCi9ORpl7memb6C+idVEqj+MtGhGQCfccu1 AY+B+cnCFqkM+wbguTpE7Wo= =iT0T -----END PGP SIGNATURE----- From noreply at frugalware.org Tue Aug 7 00:52:51 2007 From: noreply at frugalware.org (vmiklos) Date: Tue Aug 7 00:52:54 2007 Subject: [Frugalware-security] [ FSA-237 ] apache Message-ID: <20070806225251.877FF13A4050@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-237 Date: 2007-08-07 Package: apache Vulnerable versions: <= 2.2.4-1 Unaffected versions: >= 2.2.4-2terminus1 Related bugreport: http://bugs.frugalware.org/task/2298 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304 Description =========== Some vulnerabilities have been acknowledged in Apache, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and by malicious people to conduct cross-site scripting attacks. 1) An error in the mod_status module can be exploited by malicious people to conduct cross-site scripting attacks. 2) An error in the Multi-Processing Module (MPM) can be exploited by malicious, local users to cause a DoS. 3) An error in the mod_cache module in the handling of Cache-Control headers can be exploited to crash the child process via specially crafted requests. This could lead to a DoS if using a threaded Multi-Processing Module. Updated Packages ================ Check if you have apache installed: # pacman-g2 -Q apache If found, then you should upgrade to the latest version: # pacman-g2 -Sy apache -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFGt6ZDZ7NElSD1VhkRAsmCAJ99duiYaH7wR1h+8oQYj5SN0h78XwCfbVBw DSEiNOxclj38IMV6kchGfAw= =TSTQ -----END PGP SIGNATURE----- From noreply at frugalware.org Tue Aug 7 10:07:15 2007 From: noreply at frugalware.org (vmiklos) Date: Tue Aug 7 10:07:17 2007 Subject: [Frugalware-security] [ FSA-238 ] clamav Message-ID: <20070807080715.69A1913A4051@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-238 Date: 2007-08-07 Package: clamav Vulnerable versions: <= 0.90.2-1terminus2 Unaffected versions: >= 0.90.2-1terminus3 Related bugreport: http://bugs.frugalware.org/task/2257 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3725 Description =========== Metaeye SG has reported a vulnerability in ClamAV, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to a NULL-pointer dereference error within libclamav/unrar/unrarvm.c when handling RAR archives and can be exploited to cause a crash via a specially crafted RAR archive. Updated Packages ================ Check if you have clamav installed: # pacman-g2 -Q clamav If found, then you should upgrade to the latest version: # pacman-g2 -Sy clamav -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFGuCgzZ7NElSD1VhkRAkkTAJ4qqTPP1xAYTMckT/RcJDft60wyGACfedO2 sT7T9s+bxUBcXpfJJhmO3es= =R5Tf -----END PGP SIGNATURE----- From noreply at frugalware.org Tue Aug 7 10:11:17 2007 From: noreply at frugalware.org (vmiklos) Date: Tue Aug 7 10:11:19 2007 Subject: [Frugalware-security] [ FSA-239 ] libvorbis Message-ID: <20070807081117.D4CE813A402C@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-239 Date: 2007-08-07 Package: libvorbis Vulnerable versions: <= 1.1.2-1 Unaffected versions: >= 1.2.0-1terminus1 Related bugreport: http://bugs.frugalware.org/task/2293 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4029 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3106 Description =========== David Thiel has reported some vulnerabilities in libvorbis, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library. 1) A boundary error exists in the way the "_01inverse()" function in res.c processes "blocksize_0" and "blocksize_1" values, which can be exploited to cause a heap overwrite. 2) A boundary error exists in the way the "vorbis_info_clear()" function in info.c processes invalid mapping types, which can be exploited to trigger a call to a value outside the dispatch table. 3) Invalid "blocksize" values passed to the "vorbis_dsp_clear()" function in block.c result in an invalid memory access, which can be exploited to cause a DoS. Updated Packages ================ Check if you have libvorbis installed: # pacman-g2 -Q libvorbis If found, then you should upgrade to the latest version: # pacman-g2 -Sy libvorbis -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFGuCklZ7NElSD1VhkRArZJAKCENf0JsBsEoBJdotLadYogl+zyHgCgpCT/ wQT7RFSCwfmQaaZn+kUNMoA= =RhuU -----END PGP SIGNATURE----- From noreply at frugalware.org Tue Aug 7 10:45:23 2007 From: noreply at frugalware.org (vmiklos) Date: Tue Aug 7 10:45:25 2007 Subject: [Frugalware-security] [ FSA-240 ] joomla Message-ID: <20070807084523.1124413A4050@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-240 Date: 2007-08-07 Package: joomla Vulnerable versions: <= 1.0.12-2terminus1 Unaffected versions: >= 1.0.13-1terminus1 Related bugreport: http://bugs.frugalware.org/task/2290 CVE: No CVE for this issue, see: http://www.joomla.org/content/view/3677/1/ Description =========== Some vulnerabilities have been reported in Joomla!, which can be exploited by malicious people to conduct session fixation attacks, cross-site scripting attacks or HTTP response splitting attacks. 1) Certain unspecified input passed in com_search, com_content and mod_login is not properly sanitised before being returned to a user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed to the "url" parameter is not properly sanitised before being returned to the user. This can be exploited to insert arbitrary HTTP headers, which will be included in a response sent to the user, allowing for execution of arbitrary HTML and script code in a user's browser session in context of an affected site. 3) An error exists in the handling of sessions and can be exploited to hijack another user's session by tricking the user into logging in after following a specially crafted link. Updated Packages ================ Check if you have joomla installed: # pacman-g2 -Q joomla If found, then you should upgrade to the latest version: # pacman-g2 -Sy joomla -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFGuDEiZ7NElSD1VhkRAt+dAJ9hAYl3DM5vQGEyBCf+dUlmXKTjcACeKesR fTOcC3eV0J05kkIFIP/GZgo= =DJn7 -----END PGP SIGNATURE----- From noreply at frugalware.org Tue Aug 7 11:42:12 2007 From: noreply at frugalware.org (vmiklos) Date: Tue Aug 7 11:42:15 2007 Subject: [Frugalware-security] [ FSA-241 ] xpdf Message-ID: <20070807094212.9830813A4052@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-241 Date: 2007-08-07 Package: xpdf Vulnerable versions: <= 3.01-4 Unaffected versions: >= 3.02-1terminus1 Related bugreport: http://bugs.frugalware.org/task/2299 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387 Description =========== A vulnerability has been reported in Xpdf, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an integer overflow within "StreamPredictor::StreamPredictor()" in xpdf/Stream.cc and can be exploited to cause a buffer overflow by e.g. tricking a user into opening a specially crafted PDF file in Xpdf. Successful exploitation may allow the execution of arbitrary code. Updated Packages ================ Check if you have xpdf installed: # pacman-g2 -Q xpdf If found, then you should upgrade to the latest version: # pacman-g2 -Sy xpdf -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFGuD50Z7NElSD1VhkRAn4yAJ4l+0QLq2MNStIoO44nwlpnNRqHYgCgigrx GwXB9Bn/0Q1tqH7Cm6d5ODk= =G3gt -----END PGP SIGNATURE----- From noreply at frugalware.org Wed Aug 8 13:31:50 2007 From: noreply at frugalware.org (vmiklos) Date: Wed Aug 8 13:31:52 2007 Subject: [Frugalware-security] [ FSA-242 ] drupal Message-ID: <20070808113150.D3D6213A4052@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-242 Date: 2007-08-08 Package: drupal Vulnerable versions: <= 4.7.5-1 Unaffected versions: >= 4.7.7-1terminus1 Related bugreport: http://bugs.frugalware.org/task/2295 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4064 Description =========== Multiple cross-site scripting (XSS) vulnerabilities in Drupal 5.x before 5.2, and 4.7.x before 4.7.7, (1) allow remote attackers to inject arbitrary web script or HTML via "some server variables," including PHP_SELF; and (2) allow remote authenticated administrators to inject arbitrary web script or HTML via custom content type names. Updated Packages ================ Check if you have drupal installed: # pacman-g2 -Q drupal If found, then you should upgrade to the latest version: # pacman-g2 -Sy drupal -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFGuammZ7NElSD1VhkRAuHgAJ9LiHz0usG6tLTYkNXvD6BGbS1dBwCdEMfx bgG/j3Tds9A3VK8ueRZDN3Q= =RWw4 -----END PGP SIGNATURE----- From noreply at frugalware.org Thu Aug 9 14:16:37 2007 From: noreply at frugalware.org (vmiklos) Date: Thu Aug 9 14:16:40 2007 Subject: [Frugalware-security] [ FSA-243 ] kdegraphics Message-ID: <20070809121637.51D4816A8034@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-243 Date: 2007-08-09 Package: kdegraphics Vulnerable versions: <= 3.5.6-1 Unaffected versions: >= 3.5.6-2terminus1 Related bugreport: http://bugs.frugalware.org/task/2302 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387 Description =========== A vulnerability has been reported in KDE, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the use of vulnerable Xpdf code, which may allow the execution of arbitrary code. Updated Packages ================ Check if you have kdegraphics installed: # pacman-g2 -Q kdegraphics If found, then you should upgrade to the latest version: # pacman-g2 -Sy kdegraphics -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD4DBQFGuwWlZ7NElSD1VhkRAps0AJYr0UDbXqeH5fq0RcNKVVuLiewMAKCfE1S6 1Zq2z6AIf/XM9yU4UBegnQ== =hGsx -----END PGP SIGNATURE----- From noreply at frugalware.org Fri Aug 10 13:02:42 2007 From: noreply at frugalware.org (vmiklos) Date: Fri Aug 10 13:02:44 2007 Subject: [Frugalware-security] [ FSA-244 ] asterisk Message-ID: <20070810110242.7293A16E8025@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-244 Date: 2007-08-10 Package: asterisk Vulnerable versions: <= 1.4.2-2terminus2 Unaffected versions: >= 1.4.8-1terminus1 Related bugreport: http://bugs.frugalware.org/task/2269 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3762 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3763 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3764 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3765 Description =========== Some vulnerabilities have been reported in Asterisk, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. 1) A boundary error exists in the Asterisk STUN implementation, which can be exploited to cause the application to crash via specially crafted RTP packets. Successful exploitation requires that the chan_sip, chan_gtalk, chan_jingle, chan_h323, chan_mgcp, or chan_skinny is enabled. The vulnerability is reported in the following products: Asterisk Open Source 1.4.x prior to version 1.4.8 AsteriskNOW pre-release prior to version beta7 Asterisk Appliance Developer Kit prior to version 0.5.0 s800i 1.0.x prior to version 1.0.2. 2) A boundary error exists in the Asterisk Skinny channel driver (chan_skinny), which can be exploited to cause the application to crash via packets that contain a size field smaller than the actual size of the packet. Successful exploitation requires that chan_skinny is enabled. 3) A NULL-pointer dereference error exists in the Asterisk IAX2 channel driver (chan_iax2), which can be exploited to cause a DoS via specially crafted LGRQ and LAGRP frames. Successful exploitation requires that chan_iax is enabled. 4) A boundary error exists in the Asterisk IAX2 channel driver (chan_iax2) within the handling of RTP frames. This can be exploited to cause a stack-based buffer overflow by sending large data payloads (more than 4096 bytes) in a voice or video frame. Successful exploitation of this vulnerability allows execution of arbitrary code, but requires that the system is configured to connect channels that use RTP and IAX channels. Updated Packages ================ Check if you have asterisk installed: # pacman-g2 -Q asterisk If found, then you should upgrade to the latest version: # pacman-g2 -Sy asterisk -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFGvEXSZ7NElSD1VhkRAsxbAJ9SGdMdOHshO61xJBGxceZaG4YayQCgh0/h taRMD5ZvcpquAZZx2aWd4JY= =H+GS -----END PGP SIGNATURE----- From noreply at frugalware.org Mon Aug 13 19:28:56 2007 From: noreply at frugalware.org (vmiklos) Date: Mon Aug 13 19:28:58 2007 Subject: [Frugalware-security] [ FSA-245 ] koffice Message-ID: <20070813172856.356E713A4014@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-245 Date: 2007-08-13 Package: koffice Vulnerable versions: <= 1.6.2-1 Unaffected versions: >= 1.6.2-2terminus1 Related bugreport: http://bugs.frugalware.org/task/2301 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387 Description =========== A vulnerability has been reported in KDE and KOffice, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the use of vulnerable Xpdf code, which may allow the execution of arbitrary code. Updated Packages ================ Check if you have koffice installed: # pacman-g2 -Q koffice If found, then you should upgrade to the latest version: # pacman-g2 -Sy koffice -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFGwJTYZ7NElSD1VhkRAk8tAJ9E/d51HLfYmAyBJGsSCsinv4EJugCfWu5H RL1u74XCupw0cgr2NV8ZhU8= =HxlA -----END PGP SIGNATURE----- From noreply at frugalware.org Tue Aug 14 15:38:02 2007 From: noreply at frugalware.org (vmiklos) Date: Tue Aug 14 15:38:05 2007 Subject: [Frugalware-security] [ FSA-246 ] qt Message-ID: <20070814133802.E358813A4014@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-246 Date: 2007-08-14 Package: qt Vulnerable versions: <= 3.3.7-4 Unaffected versions: >= 3.3.7-5terminus1 Related bugreport: http://bugs.frugalware.org/task/2311 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3388 Description =========== A vulnerability has been reported in Qt, which potentially can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a format string error in QTextEdit when handling error messages. This can can be exploited to execute arbitrary code by e.g. causing an application linked against Qt to parse specially crafted text. Updated Packages ================ Check if you have qt installed: # pacman-g2 -Q qt If found, then you should upgrade to the latest version: # pacman-g2 -Sy qt -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFGwbA6Z7NElSD1VhkRAmc9AJ0YIKCn0EWwe7RBevpwHRs2bZdk0ACfRdrX xOQVCKyFE8bGKKmBNi3mths= =8iyg -----END PGP SIGNATURE----- From noreply at frugalware.org Wed Aug 15 04:23:19 2007 From: noreply at frugalware.org (vmiklos) Date: Wed Aug 15 04:23:22 2007 Subject: [Frugalware-security] [ FSA-247 ] streamripper Message-ID: <20070815022319.7A07813A400D@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-247 Date: 2007-08-15 Package: streamripper Vulnerable versions: <= 1.61.27-1 Unaffected versions: >= 1.62.2-1terminus1 Related bugreport: http://bugs.frugalware.org/task/2334 CVE: No CVE for this issue, see: http://sourceforge.net/project/shownotes.php?group_id=6172&release_id=531738 Description =========== A vulnerability has been reported in Streamripper, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error within the "httplib_parse_sc_header()" function. This can be exploited to cause a buffer overflow by e.g. tricking the user into connecting to a malicious server. Updated Packages ================ Check if you have streamripper installed: # pacman-g2 -Q streamripper If found, then you should upgrade to the latest version: # pacman-g2 -Sy streamripper -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFGwmOXZ7NElSD1VhkRAq21AJwLsS5mTn0nq1DX6eU6hebKHvHdAQCaAn8e fEFT1f8ILotc5X5FPNAEBaQ= =7OlU -----END PGP SIGNATURE----- From noreply at frugalware.org Thu Aug 16 03:02:41 2007 From: noreply at frugalware.org (vmiklos) Date: Thu Aug 16 03:02:44 2007 Subject: [Frugalware-security] [ FSA-248 ] opera Message-ID: <20070816010241.2F29013A400D@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-248 Date: 2007-08-16 Package: opera Vulnerable versions: <= 9.20-1terminus1 Unaffected versions: >= 9.22-1terminus1 Related bugreport: http://bugs.frugalware.org/task/2266 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3819 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3929 Description =========== 1) Robert Swiecki has discovered a vulnerability in Opera, which can be exploited by malicious people to conduct spoofing attacks. The vulnerability is caused due to an error in the handling of the "data:" URI scheme. This can be exploited to display arbitrary content while showing the URL of a trusted web site in the address bar when a user follows a specially crafted link. 2) A vulnerability has been reported in Opera, which can be exploited by malicious people to compromise a user's system The vulnerability is caused due to Opera using already freed memory when parsing BitTorrent headers and can lead to an invalid object pointer being dereferenced. This can be exploited to execute arbitrary code, when the user is tricked into clicking on a specially crafted BitTorrent file and then removes it via a right-click from the download pane. Updated Packages ================ Check if you have opera installed: # pacman-g2 -Q opera If found, then you should upgrade to the latest version: # pacman-g2 -Sy opera -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFGw6IxZ7NElSD1VhkRAjFsAKCIQS1fNlXaomzJY15+SAr6hNkleACfQLTE kE2UR1XEuN9LknVpvWvPY9o= =mO3L -----END PGP SIGNATURE----- From noreply at frugalware.org Thu Aug 16 13:50:00 2007 From: noreply at frugalware.org (vmiklos) Date: Thu Aug 16 13:50:02 2007 Subject: [Frugalware-security] [ FSA-249 ] seamonkey Message-ID: <20070816115000.5FACA13A4013@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-249 Date: 2007-08-16 Package: seamonkey Vulnerable versions: <= 1.1.2-1terminus1 Unaffected versions: >= 1.1.4-1terminus1 Related bugreport: http://bugs.frugalware.org/task/2296 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3734 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3735 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3954 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3844 Description =========== Some vulnerabilities have been reported in SeaMonkey, which can potentially be exploited by malicious people to compromise a vulnerable system. 1) Various errors in the browser engine can be exploited to cause memory corruption and potentially to execute arbitrary code. 2) Various errors in the Javascript engine can be exploited to cause memory corruption and potentially to execute arbitrary code. 3) The vulnerability is caused due to an error within the handling of "about:blank" pages loaded by chrome in an addon. This can be exploited to execute script code under chrome privileges by e.g. clicking on a link opened in an "about:blank" window created and populated in a certain ways by an addon. Successful exploitation requires that certain addons are installed. Updated Packages ================ Check if you have seamonkey installed: # pacman-g2 -Q seamonkey If found, then you should upgrade to the latest version: # pacman-g2 -Sy seamonkey -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFGxDnoZ7NElSD1VhkRAi5qAJwLkcqCoTpNAnfIcsztVGW+eyNOygCfbJmj GbYNf6khvEsbHUcPPhvQcRg= =X3lM -----END PGP SIGNATURE----- From noreply at frugalware.org Fri Aug 17 22:49:35 2007 From: noreply at frugalware.org (voroskoi) Date: Fri Aug 17 22:49:41 2007 Subject: [Frugalware-security] [ FSA-250 ] activesupport Message-ID: <20070817204935.9FFC313A4013@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-250 Date: 2007-08-17 Package: activesupport Vulnerable versions: <= 1.4.1-1 Unaffected versions: >= 1.4.1-2terminus1 Related bugreport: http://bugs.frugalware.org/task/2200 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3227 Description =========== BCC has reported a vulnerability in Ruby on Rails, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "to_json" function is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Updated Packages ================ Check if you have activesupport installed: # pacman-g2 -Q activesupport If found, then you should upgrade to the latest version: # pacman-g2 -Sy activesupport -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFGxgnfZ7NElSD1VhkRAr5nAJ96U33EaI8Oxz1PZvRxBnor4P3JKQCfeAwI vBxQIcmFlVbcKgEzuw/G924= =5+VT -----END PGP SIGNATURE----- From noreply at frugalware.org Fri Aug 17 22:55:00 2007 From: noreply at frugalware.org (voroskoi) Date: Fri Aug 17 22:55:02 2007 Subject: [Frugalware-security] [ FSA-251 ] actionpack Message-ID: <20070817205500.25B6C13A400D@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-251 Date: 2007-08-17 Package: actionpack Vulnerable versions: <= 1.13.2-1 Unaffected versions: >= 1.13.2-2terminus1 Related bugreport: http://bugs.frugalware.org/task/2200 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3227 Description =========== BCC has reported a vulnerability in Ruby on Rails, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "to_json" function is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Updated Packages ================ Check if you have actionpack installed: # pacman-g2 -Q actionpack If found, then you should upgrade to the latest version: # pacman-g2 -Sy actionpack -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFGxgskZ7NElSD1VhkRAqDGAJ48dENRVN67JpBRT3BgDMYO34ji4gCfRzi0 cyse6iRAE3cbQXqpzDTOQl8= =lMpr -----END PGP SIGNATURE-----