From vmiklos at frugalware.org Sat Dec 20 21:56:41 2008 From: vmiklos at frugalware.org (Miklos Vajna) Date: Sat Dec 20 21:56:43 2008 Subject: [Frugalware-security] [ FSA-558 ] kernel Message-ID: <20081220205641.89A7911B862E@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-558 Date: 2008-12-20 Package: kernel Vulnerable versions: <= 2.6.26-1 Unaffected versions: >= 2.6.26-2solaria1 Related bugreport: http://bugs.frugalware.org/task/3520 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3528 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3831 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5300 Description =========== Some vulnerabilities have been reported in the Linux kernel, which potentially can be exploited by malicious people to compromise a vulnerable system. 1) The error-reporting functionality in (1) fs/ext2/dir.c, (2) fs/ext3/dir.c, and possibly (3) fs/ext4/dir.c in the Linux kernel 2.6.26.5 does not limit the number of printk console messages that report directory corruption, which allows physically proximate attackers to cause a denial of service (temporary system hang) by mounting a filesystem that has corrupted dir->i_size and dir->i_blocks values and performing (a) read or (b) write operations. NOTE: there are limited scenarios in which this crosses privilege boundaries. 2) The i915 driver in (1) drivers/char/drm/i915_dma.c in the Linux kernel 2.6.24 on Debian GNU/Linux and (2) sys/dev/pci/drm/i915_drv.c in OpenBSD does not restrict the DRM_I915_HWS_ADDR ioctl to the Direct Rendering Manager (DRM) master, which allows local users to cause a denial of service (memory corruption) via a crafted ioctl call, related to absence of the DRM_MASTER and DRM_ROOT_ONLY flags in the ioctl's configuration. 3) Linux kernel 2.6.28 allows local users to cause a denial of service ("soft lockup" and process loss) via a large number of sendmsg function calls, which does not block during AF_UNIX garbage collection and triggers an OOM condition, a different vulnerability than CVE-2008-5029. Successful exploitation of the vulnerabilities may allow execution of arbitrary code. Updated Packages ================ Check if you have kernel installed: # pacman-g2 -Q kernel If found, then you should upgrade to the latest version: # pacman-g2 -Sy kernel Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/558 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAklNXAkACgkQZ7NElSD1VhlX+wCfT1p/7zqIGSnYtIKXT3HtBWKV ITgAnRKGe7gkAkk+MMUwM31sOTQ/+qQZ =KCIk -----END PGP SIGNATURE----- From vmiklos at frugalware.org Sat Dec 20 21:59:35 2008 From: vmiklos at frugalware.org (Miklos Vajna) Date: Sat Dec 20 21:59:37 2008 Subject: [Frugalware-security] [ FSA-559 ] wordpress Message-ID: <20081220205935.F220211B862E@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-559 Date: 2008-12-20 Package: wordpress Vulnerable versions: <= 2.6.3-1solaria1 Unaffected versions: >= 2.6.5-1solaria1 Related bugreport: http://bugs.frugalware.org/task/3493 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5278 Description =========== Jeremias Reith has reported a vulnerability in WordPress, which can be exploited by malicious people to conduct script insertion attacks. Input passed via the HTTP "Host" header is not properly sanitised before being used. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site if malicious data is viewed. Note: Reportedly, this only affects IP-based virtual servers running on Apache 2.x. Updated Packages ================ Check if you have wordpress installed: # pacman-g2 -Q wordpress If found, then you should upgrade to the latest version: # pacman-g2 -Sy wordpress Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/559 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAklNXLcACgkQZ7NElSD1Vhn4wgCgmaAyPDj1V+a74A0eDJnR0Zmt hYgAmQHlLVSM32b7zFjsePD/qI7C6CRs =85TU -----END PGP SIGNATURE----- From vmiklos at frugalware.org Sat Dec 20 22:02:09 2008 From: vmiklos at frugalware.org (Miklos Vajna) Date: Sat Dec 20 22:02:12 2008 Subject: [Frugalware-security] [ FSA-560 ] drupal Message-ID: <20081220210209.F13BF11B862E@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-560 Date: 2008-12-20 Package: drupal Vulnerable versions: <= 5.12-1solaria1 Unaffected versions: >= 5.13-1solaria1 Related bugreport: http://bugs.frugalware.org/task/3512 CVE: No CVE, see http://drupal.org/node/345441. Description =========== Some vulnerabilities have been reported in Drupal, which can be exploited by malicious people to conduct cross-site request forgery and cross-site scripting attacks. 1) The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain operations (e.g. execute old updates) when a logged-in superuser visits a malicious web site. 2) The application does not completely remove deleted input formats. This can be exploited to execute arbitrary HTML and script code in a user's browser session in the context of an affected site. Updated Packages ================ Check if you have drupal installed: # pacman-g2 -Q drupal If found, then you should upgrade to the latest version: # pacman-g2 -Sy drupal Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/560 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAklNXVEACgkQZ7NElSD1VhkeegCbBiiM7yrsqEARKzCYHDuRpjEK UowAn1mpuMFDcoSDjs9MXJ2nExFq/Ioc =5cBy -----END PGP SIGNATURE----- From vmiklos at frugalware.org Sat Dec 20 22:04:30 2008 From: vmiklos at frugalware.org (Miklos Vajna) Date: Sat Dec 20 22:04:32 2008 Subject: [Frugalware-security] [ FSA-561 ] drupal6 Message-ID: <20081220210430.2DF0811B862E@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-561 Date: 2008-12-20 Package: drupal6 Vulnerable versions: <= 6.6-1solaria1 Unaffected versions: >= 6.7-1solaria1 Related bugreport: http://bugs.frugalware.org/task/3513 CVE: No CVE, see http://drupal.org/node/345441. Description =========== Some vulnerabilities have been reported in Drupal 6, which can be exploited by malicious people to conduct cross-site request forgery and cross-site scripting attacks. For more info, see FSA560. Updated Packages ================ Check if you have drupal6 installed: # pacman-g2 -Q drupal6 If found, then you should upgrade to the latest version: # pacman-g2 -Sy drupal6 Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/561 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAklNXd4ACgkQZ7NElSD1VhnB+gCfdqwTd4sHWEQd42LXLU0Xtbol ukQAoIM6j1qffJH2QL7IYNQ1An1WNj/5 =QWqm -----END PGP SIGNATURE----- From vmiklos at frugalware.org Sat Dec 20 22:10:39 2008 From: vmiklos at frugalware.org (Miklos Vajna) Date: Sat Dec 20 22:10:42 2008 Subject: [Frugalware-security] [ FSA-562 ] wireshark Message-ID: <20081220211039.E2E2111B862E@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-562 Date: 2008-12-20 Package: wireshark Vulnerable versions: <= 1.0.4-1solaria1 Unaffected versions: >= 1.0.5-1solaria1 Related bugreport: http://bugs.frugalware.org/task/3514 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5285 Description =========== Two vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service). 1) An error in the SMTP dissector can be exploited to trigger the execution of an infinite loop via a large SMTP packet. 2) An error in the WLCCP dissector can be exploited to trigger the execution of an infinite loop via a specially crafted packet. Updated Packages ================ Check if you have wireshark installed: # pacman-g2 -Q wireshark If found, then you should upgrade to the latest version: # pacman-g2 -Sy wireshark Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/562 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAklNX08ACgkQZ7NElSD1Vhk9vwCfQhvpOd+M72YIRKoWeObSCorC /IMAnRGVzSw++EoBqqyXiHAp4AySyLHR =vVTt -----END PGP SIGNATURE----- From vmiklos at frugalware.org Sat Dec 20 22:14:43 2008 From: vmiklos at frugalware.org (Miklos Vajna) Date: Sat Dec 20 22:14:44 2008 Subject: [Frugalware-security] [ FSA-563 ] horde-webmail Message-ID: <20081220211443.9946711B862E@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-563 Date: 2008-12-20 Package: horde-webmail Vulnerable versions: <= 1.1.2-1 Unaffected versions: >= 1.2.1-1solaria1 Related bugreport: http://bugs.frugalware.org/task/3518 CVE: No CVE, see http://lists.horde.org/archives/announce/2008/000472.html. Description =========== This is a minor security release that adds another check to the XSS filter for an Internet Explorer exploit and fixes unescaped output in the test.php scripts. All users are encouraged to upgrade to this version. In addition all users are encouraged to disable test.php in production, per the install documentation. Updated Packages ================ Check if you have horde-webmail installed: # pacman-g2 -Q horde-webmail If found, then you should upgrade to the latest version: # pacman-g2 -Sy horde-webmail Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/563 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAklNYEMACgkQZ7NElSD1VhnESgCgpERaL+7zEHeE8ToOvAblCGn5 0NAAn2n40z/kjKmfonWs7mnxRPIQJ8XV =VmuV -----END PGP SIGNATURE-----