From noreply at frugalware.org Wed Jan 2 15:50:53 2008 From: noreply at frugalware.org (voroskoi) Date: Wed Jan 2 15:50:55 2008 Subject: [Frugalware-security] [ FSA-331 ] pidgin Message-ID: <20080102145053.40D53176C04A@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-331 Date: 2008-01-02 Package: pidgin Vulnerable versions: <= 2.2.1-1 Unaffected versions: >= 2.2.1-2sayshell1 Related bugreport: http://bugs.frugalware.org/task/2539 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4999 Description =========== A weakness has been reported in Pidgin, which can be exploited by malicious people to cause a DoS (Denial of Service). The weakness is caused due to a NULL-pointer dereference error when processing messages with invalid HTML code and can be exploited to cause libpurple to crash. Successful exploitation may require that HTML logging is used. Updated Packages ================ Check if you have pidgin installed: # pacman-g2 -Q pidgin If found, then you should upgrade to the latest version: # pacman-g2 -Sy pidgin -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFHe6TNZ7NElSD1VhkRAhZmAKCc8qUQ+EvyTcF/fGT+Vc66PLgcQACfR6Y1 GETW5Ir9D3zFgCTwdE/X5yg= =ZxEx -----END PGP SIGNATURE----- From noreply at frugalware.org Wed Jan 2 16:02:03 2008 From: noreply at frugalware.org (voroskoi) Date: Wed Jan 2 16:02:08 2008 Subject: [Frugalware-security] [ FSA-332 ] firefox Message-ID: <20080102150203.8C4D9176C043@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-332 Date: 2008-01-02 Package: firefox Vulnerable versions: <= 2.0.0.8-1sayshell1 Unaffected versions: >= 2.0.0.11-1sayshell1 Related bugreport: http://bugs.frugalware.org/task/2572 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5947 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5959 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5960 Description =========== A security issue has been reported in Mozilla Firefox, which can be exploited by malicious people to conduct cross-site scripting attacks. The problem is that the "jar:" protocol handler does not validate the MIME type of the contents of an archive, which are then executed in the context of the site hosting the archive. This can be exploited to conduct cross-site scripting attacks on sites that allow a user to upload certain files (e.g. .zip, .png, .doc, .odt, .txt). Some vulnerabilities have been reported in Mozilla Firefox, which can be exploited by malicious people to conduct cross-site request forgery attacks and potentially compromise a user's system. 1) A race condition when setting the "window.location" property can be exploited to generate a fake HTTP Referer header, which can be used to conduct cross-site request forgery attacks. 2) Some errors within the XBL component, the "drawImage()" function, and the "nsCSSFrameConstructor" can be exploited to cause memory corruption and potentially allow execution of arbitrary code. Updated Packages ================ Check if you have firefox installed: # pacman-g2 -Q firefox If found, then you should upgrade to the latest version: # pacman-g2 -Sy firefox -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFHe6drZ7NElSD1VhkRAvGhAJ4lZKB3mK2aEkwrE3sIEHNRMtG6CgCeN8jE J+sz4OAhYfFV+VNR+PObpF4= =fziW -----END PGP SIGNATURE----- From noreply at frugalware.org Fri Jan 11 17:26:57 2008 From: noreply at frugalware.org (vmiklos) Date: Fri Jan 11 17:27:00 2008 Subject: [Frugalware-security] [ FSA-333 ] openoffice.org Message-ID: <20080111162657.7819A11901C3@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-333 Date: 2008-01-11 Package: openoffice.org Vulnerable versions: <= 2.3.0-1 Unaffected versions: >= 2.3.0-2sayshell1 Related bugreport: http://bugs.frugalware.org/task/2663 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4575 Description =========== A vulnerability has been reported in OpenOffice, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the improper enforcing of security restrictions when passing SQL queries to the HSQLDB database engine. This can be exploited to call arbitrary static Java methods by tricking the user into executing a specially crafted SQL query contained within a database document. Successful exploitation allows execution of arbitrary code. Updated Packages ================ Check if you have openoffice.org installed: # pacman-g2 -Q openoffice.org If found, then you should upgrade to the latest version: # pacman-g2 -Sy openoffice.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFHh5jRZ7NElSD1VhkRAhP2AJ4qJa6q5vOHldXOhXtTqTN/r2pvnwCfRLKx HaU7pykd2PmSUV7kXwrCWgk= =NEl0 -----END PGP SIGNATURE----- From noreply at frugalware.org Sat Jan 12 23:51:44 2008 From: noreply at frugalware.org (vmiklos) Date: Sat Jan 12 23:51:46 2008 Subject: [Frugalware-security] [ FSA-334 ] mysql Message-ID: <20080112225144.56FFC1190005@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-334 Date: 2008-01-12 Package: mysql Vulnerable versions: <= 5.0.45-2sayshell1 Unaffected versions: >= 5.0.45-2sayshell2 Related bugreport: http://bugs.frugalware.org/task/2669 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5969 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6303 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6304 Description =========== A security issue and two vulnerabilities have been reported in MySQL, which can be exploited by malicious users to gain escalated privileges, manipulate certain data, or to cause a DoS (Denial of Service). 1) A security issue exists due to the command "ALTER VIEW" retaining the original "DEFINER" value, which may allow another user to gain the access rights of the view. 2) An error in the FEDERATED engine when handling responses of remote servers can be exploited to crash the local server when the response contains fewer columns than expected. 3) An error when renaming a table can be exploited by malicious users to manipulate certain data. Updated Packages ================ Check if you have mysql installed: # pacman-g2 -Q mysql If found, then you should upgrade to the latest version: # pacman-g2 -Sy mysql -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFHiUSAZ7NElSD1VhkRAmydAJ0cF0fUxUrtqEleLqnK4lK0KNJdngCghodM 1V8BZ7R7RmgdNGIwMcg/bGo= =t+xj -----END PGP SIGNATURE----- From noreply at frugalware.org Sun Jan 13 14:21:22 2008 From: noreply at frugalware.org (vmiklos) Date: Sun Jan 13 14:21:25 2008 Subject: [Frugalware-security] [ FSA-335 ] samba Message-ID: <20080113132122.3AA0411901A8@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-335 Date: 2008-01-13 Package: samba Vulnerable versions: <= 3.0.26-2sayshell1 Unaffected versions: >= 3.0.26-2sayshell2 Related bugreport: http://bugs.frugalware.org/task/2666 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6015 Description =========== Secunia Research has discovered a vulnerability in Samba, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the "send_mailslot()" function. This can be exploited to cause a stack-based buffer overflow with zero bytes via a specially crafted "SAMLOGON" domain logon packet containing a username string placed at an odd offset followed by an overly long GETDC string. Successful exploitation allows execution of arbitrary code, but requires that the "domain logons" option is enabled. Updated Packages ================ Check if you have samba installed: # pacman-g2 -Q samba If found, then you should upgrade to the latest version: # pacman-g2 -Sy samba -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFHihBSZ7NElSD1VhkRAm4cAJ9a8TiZZXd1QJcdJpYa6sV2/ZjXXwCghXkI 8lTaOiIrn1VqXS9VNo41BjE= =dmoh -----END PGP SIGNATURE----- From noreply at frugalware.org Tue Jan 15 00:16:36 2008 From: noreply at frugalware.org (vmiklos) Date: Tue Jan 15 00:16:47 2008 Subject: [Frugalware-security] [ FSA-336 ] seamonkey Message-ID: <20080114231636.9AE5711901DB@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-336 Date: 2008-01-15 Package: seamonkey Vulnerable versions: <= 1.1.5-1sayshell1 Unaffected versions: >= 1.1.7-1sayshell1 Related bugreport: http://bugs.frugalware.org/task/2608 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5947 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5959 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5960 Description =========== Some vulnerabilities have been reported in Mozilla SeaMonkey, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks and potentially to compromise a user's system. Updated Packages ================ Check if you have seamonkey installed: # pacman-g2 -Q seamonkey If found, then you should upgrade to the latest version: # pacman-g2 -Sy seamonkey -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFHi+1UZ7NElSD1VhkRAqymAJ0XqAii+IWjVOeRRdMTjiVQfdYolgCdEP4j a2kRhvmnreu1zHsZxsaUxlk= =qDXY -----END PGP SIGNATURE----- From noreply at frugalware.org Tue Jan 15 15:45:51 2008 From: noreply at frugalware.org (vmiklos) Date: Tue Jan 15 15:45:54 2008 Subject: [Frugalware-security] [ FSA-337 ] wireshark Message-ID: <20080115144551.7647011904E0@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-337 Date: 2008-01-15 Package: wireshark Vulnerable versions: <= 0.99.6-4 Unaffected versions: >= 0.99.7-1terminus1 Related bugreport: http://bugs.frugalware.org/task/2605 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6114 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6117 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6118 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6120 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6121 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6111 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6112 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6113 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6115 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6116 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6119 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6438 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6439 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6441 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6450 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6451 Description =========== Some vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerabilities are caused due to various errors (e.g. large loops with extreme memory consumption, endless loops, crashes, and buffer overflows) within the following: * SSL, ANSI MAP, Firebird/Interbase, NCP, HTTP, MEGACO, DCP ETSI, PPP, Bluetooth SDP, SMB, USB, WiMAX, RPL, and CIP dissectors * when processing a malformed MP3 or iSeries (OS/400) Communication trace file * when processing a malformed DNP or RPC Portmap packet These can be exploited to crash Wireshark or consume large amounts of system resources by e.g. parsing a specially crafted packet that is either captured off the wire or loaded via a capture file. Updated Packages ================ Check if you have wireshark installed: # pacman-g2 -Q wireshark If found, then you should upgrade to the latest version: # pacman-g2 -Sy wireshark -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFHjMcfZ7NElSD1VhkRAs0FAJ90FXAoI692xs2MKhzk/RsmD35dXACfRmGr 99IVKmeYPw4TRpNL3H1iQrw= =CWFC -----END PGP SIGNATURE----- From noreply at frugalware.org Tue Jan 15 19:26:20 2008 From: noreply at frugalware.org (voroskoi) Date: Tue Jan 15 19:26:24 2008 Subject: [Frugalware-security] [ FSA-338 ] thunderbird Message-ID: <20080115182620.676BF176C06D@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-338 Date: 2008-01-15 Package: thunderbird Vulnerable versions: <= 2.0.0.6-2 Unaffected versions: >= 2.0.0.9-1terminus1 Related bugreport: http://bugs.frugalware.org/task/2515 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5340 Description =========== Some vulnerabilities have been reported in Mozilla Thunderbird, which potentially can be exploited by malicious people to compromise a user's system. 1) Various errors in the browser engine can be exploited to cause a memory corruption. 2) Various errors in the Javascript engine can be exploited to cause a memory corruption. Updated Packages ================ Check if you have thunderbird installed: # pacman-g2 -Q thunderbird If found, then you should upgrade to the latest version: # pacman-g2 -Sy thunderbird -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD4DBQFHjPrMZ7NElSD1VhkRAqPKAJ4xZ/qLWZibEpm62AYOnvx355N0ZACYjJ0y fLswhtO2loFqLslTCbUavQ== =WBIU -----END PGP SIGNATURE----- From noreply at frugalware.org Tue Jan 15 19:31:06 2008 From: noreply at frugalware.org (voroskoi) Date: Tue Jan 15 19:31:08 2008 Subject: [Frugalware-security] [ FSA-339 ] cacti Message-ID: <20080115183106.14E9E176C06D@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-339 Date: 2008-01-15 Package: cacti Vulnerable versions: <= 0.8.6j-2 Unaffected versions: >= 0.8.6j-3terminus1 Related bugreport: http://bugs.frugalware.org/task/2594 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6035 Description =========== A vulnerability has been reported in Cacti, which potentially can be exploited by malicious people to conduct SQL injection attacks. Certain unspecified input is not properly sanitised before being used in an SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Updated Packages ================ Check if you have cacti installed: # pacman-g2 -Q cacti If found, then you should upgrade to the latest version: # pacman-g2 -Sy cacti -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFHjPvqZ7NElSD1VhkRAq9dAJ4oq3qfi3JIxjDG9Dw5B9jvL12figCfc2Zl Ey0wFI3PN3xscnpT9eN/ahY= =Ccu9 -----END PGP SIGNATURE----- From noreply at frugalware.org Tue Jan 15 19:36:28 2008 From: noreply at frugalware.org (voroskoi) Date: Tue Jan 15 19:36:30 2008 Subject: [Frugalware-security] [ FSA-340 ] liferea Message-ID: <20080115183628.0499D11901D1@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-340 Date: 2008-01-15 Package: liferea Vulnerable versions: <= 1.2.23-2sayshell1 Unaffected versions: >= 1.2.23-2sayshell2 Related bugreport: http://bugs.frugalware.org/task/2606 CVE: There is no CVE for this issue. Description =========== A security issue has been reported in Liferea, which can be exploited by malicious, local users to gain escalated privileges. The security issue is caused due to the Liferea starter script incorrectly setting the environment variable LD_LIBRARY_PATH. This can be exploited to gain escalated privileges e.g. by tricking a user into running Liferea in a directory containing a malicious library. Updated Packages ================ Check if you have liferea installed: # pacman-g2 -Q liferea If found, then you should upgrade to the latest version: # pacman-g2 -Sy liferea -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFHjP0sZ7NElSD1VhkRAnYfAKCVcV9KMEwhQSVp9Tt2+Vi+2qHw3wCfT+W0 9NgjNw1kmulKkmvwZmwLpQY= =SaRa -----END PGP SIGNATURE----- From noreply at frugalware.org Tue Jan 15 19:41:38 2008 From: noreply at frugalware.org (voroskoi) Date: Tue Jan 15 19:41:40 2008 Subject: [Frugalware-security] [ FSA-341 ] drupal Message-ID: <20080115184138.0FCD311901D1@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-341 Date: 2008-01-15 Package: drupal Vulnerable versions: <= 5.2-2sayshell1 Unaffected versions: >= 5.2-2sayshell2 Related bugreport: http://bugs.frugalware.org/task/2620 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6299 Description =========== A vulnerability has been reported in Drupal, which can be exploited by malicious people to conduct SQL injection attacks. Input passed to the "taxonomy_select_nodes()" function is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation requires that a module that passes unsanitised data to "taxonomy_select_nodes()" is installed. Updated Packages ================ Check if you have drupal installed: # pacman-g2 -Q drupal If found, then you should upgrade to the latest version: # pacman-g2 -Sy drupal -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFHjP5iZ7NElSD1VhkRAsm+AJ9Y7ribZ7qaLWprKOUILogQyJFpDwCeP9xu hj9iho7HRa45xKh8iSggqLM= =ndXL -----END PGP SIGNATURE----- From noreply at frugalware.org Tue Jan 15 19:48:57 2008 From: noreply at frugalware.org (voroskoi) Date: Tue Jan 15 19:49:01 2008 Subject: [Frugalware-security] [ FSA-342 ] wordpress Message-ID: <20080115184857.C1D8911904CD@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-342 Date: 2008-01-15 Package: wordpress Vulnerable versions: <= 2.3.1-1sayshell1 Unaffected versions: >= 2.3.2-1terminus1 Related bugreport: http://bugs.frugalware.org/task/2646 CVE: There is no CVE entry for this issue. Description =========== Some vulnerabilities and a security issue have been reported in WordPress, which can be exploited by malicious users to disclose potentially sensitive information and by malicious people to bypass certain security restrictions and to disclose sensitive or system information. 1) The application does not properly restrict access to posted drafts to users with valid administrator credentials. This can be exploited to read drafts by accessing the index.php script with data in the "PATH_INFO" URL part ending with "wp-admin/". 2) The XMLRPC function "metaWeblog.getRecentPosts" does not correctly verify that users have edit rights for a post before disclosing the "post_password". 3) A security issue is caused due to certain database error messages containing system information (e.g. table names). Updated Packages ================ Check if you have wordpress installed: # pacman-g2 -Q wordpress If found, then you should upgrade to the latest version: # pacman-g2 -Sy wordpress -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFHjQAZZ7NElSD1VhkRAm8mAJ0QUZGq8JJRnmK3jt7ZY4TVKtXXzwCfWRQl 5ILgaTxNsBXSpmNdFLbFzeo= =gBwk -----END PGP SIGNATURE----- From noreply at frugalware.org Tue Jan 15 19:53:31 2008 From: noreply at frugalware.org (voroskoi) Date: Tue Jan 15 19:53:32 2008 Subject: [Frugalware-security] [ FSA-343 ] wesnoth Message-ID: <20080115185331.20D6411901D1@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-343 Date: 2008-01-15 Package: wesnoth Vulnerable versions: <= 1.2.6-2terminus1 Unaffected versions: >= 1.2.8-1terminus1 Related bugreport: http://bugs.frugalware.org/task/2648 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5742 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6201 Description =========== Some vulnerabilities have been reported in Wesnoth, which can be exploited by malicious people to cause a DoS (Denial of Service), disclose potentially sensitive information, or potentially compromise a vulnerable system. 1) An error within the WML preprocessor can be exploited via a malicious add-on to disclose the content of arbitrary files on an affected system when processing pathnames that contain directory traversal sequences. 2) An error within the handling of the "turn_cmd" option can be exploited to cause a DoS or potentially execute arbitrary commands via a malicious add-on. Updated Packages ================ Check if you have wesnoth installed: # pacman-g2 -Q wesnoth If found, then you should upgrade to the latest version: # pacman-g2 -Sy wesnoth -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFHjQErZ7NElSD1VhkRAg/oAJ4tbKzJWvjfRzgawmkuHuH3/ytS/QCgiROJ xFtPAPMxYAmx492ZrDX43kY= =LX9z -----END PGP SIGNATURE----- From noreply at frugalware.org Tue Jan 15 19:57:54 2008 From: noreply at frugalware.org (voroskoi) Date: Tue Jan 15 19:57:55 2008 Subject: [Frugalware-security] [ FSA-344 ] cairo Message-ID: <20080115185754.545BA11901DB@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-344 Date: 2008-01-15 Package: cairo Vulnerable versions: <= 1.4.10-1 Unaffected versions: >= 1.4.10-2sayshell1 Related bugreport: http://bugs.frugalware.org/task/2654 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5503 Description =========== A vulnerability has been reported in Cairo, which potentially can be exploited by malicious people to compromise an application using the library. The vulnerability is caused due to an integer overflow error within the "read_png()" function in cairo-png.c. This can be exploited to cause a heap-based buffer overflow via a specially crafted PNG file. Successful exploitation may allow execution of arbitrary code. Updated Packages ================ Check if you have cairo installed: # pacman-g2 -Q cairo If found, then you should upgrade to the latest version: # pacman-g2 -Sy cairo -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFHjQIyZ7NElSD1VhkRAvrCAKCQnsQkdcXwIhutWFXwOJIO8CEFZgCbBzUi IGLdUTlL5kSzZ1BodlOecyI= =kZiw -----END PGP SIGNATURE----- From noreply at frugalware.org Tue Jan 15 20:10:12 2008 From: noreply at frugalware.org (voroskoi) Date: Tue Jan 15 20:10:15 2008 Subject: [Frugalware-security] [ FSA-345 ] claws-mail Message-ID: <20080115191012.7B4D911904D7@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-345 Date: 2008-01-15 Package: claws-mail Vulnerable versions: <= 3.0.1-1 Unaffected versions: >= 3.0.1-2sayshell1 Related bugreport: http://bugs.frugalware.org/task/2655 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6208 Description =========== A security issue has been reported in Claws Mail, which can be exploited by malicious, local users to perform certain actions with escalated privileges. The security issue is caused due to the sylprint.pl script using temporary files in an insecure manner. This can be exploited to overwrite or delete arbitrary files via symlink attacks. Updated Packages ================ Check if you have claws-mail installed: # pacman-g2 -Q claws-mail If found, then you should upgrade to the latest version: # pacman-g2 -Sy claws-mail -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFHjQUUZ7NElSD1VhkRArdmAJ9MILTukvcGgflqxJsfNXjwLa4iLQCdFhKp h9k6V6ZQiSzq0iWmcdfZ+oA= =Irqb -----END PGP SIGNATURE----- From noreply at frugalware.org Thu Jan 17 18:11:09 2008 From: noreply at frugalware.org (vmiklos) Date: Thu Jan 17 18:11:12 2008 Subject: [Frugalware-security] [ FSA-346 ] e2fsprogs Message-ID: <20080117171109.45D3611904CD@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-346 Date: 2008-01-17 Package: e2fsprogs Vulnerable versions: <= 1.40.2-1 Unaffected versions: >= 1.40.2-2sayshell1 Related bugreport: http://bugs.frugalware.org/task/2661 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5497 Description =========== Some vulnerabilities have been reported in the libext2fs library of e2fsprogs, which potentially can be exploited by malicious people to compromise an application using the library. The vulnerabilities are caused due to integer overflows, which potentially can be exploited to execute arbitrary code by e.g. tricking a user into processing a specially crafted file system with an application using libext2fs. Updated Packages ================ Check if you have e2fsprogs installed: # pacman-g2 -Q e2fsprogs If found, then you should upgrade to the latest version: # pacman-g2 -Sy e2fsprogs -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFHj4wtZ7NElSD1VhkRAmgNAJ9tGO+5rbRZd2EDw21sP92mp0LOfACfZFhK DY5GmA7orVqIV7PwkTYf1XI= =rolB -----END PGP SIGNATURE----- From noreply at frugalware.org Mon Jan 21 18:34:43 2008 From: noreply at frugalware.org (voroskoi) Date: Mon Jan 21 18:34:46 2008 Subject: [Frugalware-security] [ FSA-347 ] squid Message-ID: <20080121173443.D552811901A7@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-347 Date: 2008-01-21 Package: squid Vulnerable versions: <= 2.6.STABLE16-1 Unaffected versions: >= 2.6.STABLE16-2sayshell1 Related bugreport: http://bugs.frugalware.org/task/2659 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6239 Description =========== A vulnerability has been reported in Squid, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to a boundary error within the processing of cache update replies and can be exploited to crash an affected server. Updated Packages ================ Check if you have squid installed: # pacman-g2 -Q squid If found, then you should upgrade to the latest version: # pacman-g2 -Sy squid -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFHlNezZ7NElSD1VhkRAimVAJ0c51Vd1vD5LJrSg+Ms9+QeAw8JSgCdEBHj lj1ltRR43ZWWK5GweL7cUts= =s8Zi -----END PGP SIGNATURE----- From noreply at frugalware.org Mon Jan 21 18:42:59 2008 From: noreply at frugalware.org (voroskoi) Date: Mon Jan 21 18:43:02 2008 Subject: [Frugalware-security] [ FSA-348 ] scponly Message-ID: <20080121174259.D21771190054@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-348 Date: 2008-01-21 Package: scponly Vulnerable versions: <= 4.6-1 Unaffected versions: >= 4.6-2sayshell1 Related bugreport: http://bugs.frugalware.org/task/2662 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6350 Description =========== A security issue has been reported in scponly, which can be exploited by malicious, local users to bypass certain security restrictions. The security issue is caused due to the unsafe execution of certain programs (e.g. svn, svnserve, rsync or unison) and can be exploited to execute arbitrary programs via various parameters. Updated Packages ================ Check if you have scponly installed: # pacman-g2 -Q scponly If found, then you should upgrade to the latest version: # pacman-g2 -Sy scponly -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFHlNmjZ7NElSD1VhkRAlsuAJwOAO1xxO1my4Gjj88iWXM16fgMMACfceVK JgOGH9mSp0y7PDOHUsQQPHY= =qRXk -----END PGP SIGNATURE----- From noreply at frugalware.org Mon Jan 21 20:28:52 2008 From: noreply at frugalware.org (voroskoi) Date: Mon Jan 21 20:28:55 2008 Subject: [Frugalware-security] [ FSA-350 ] syslog-ng Message-ID: <20080121192853.ACB7D176C044@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-350 Date: 2008-01-21 Package: syslog-ng Vulnerable versions: <= 2.0.5-1 Unaffected versions: >= 2.0.5-2sayshell1 Related bugreport: http://bugs.frugalware.org/task/2675 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6437 Description =========== A vulnerability has been reported in syslog-ng, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to the improper processing of incoming timestamps. This can be exploited to trigger a NULL pointer dereference via a specially crafted message containing a timestamp without a terminating space character. Updated Packages ================ Check if you have syslog-ng installed: # pacman-g2 -Q syslog-ng If found, then you should upgrade to the latest version: # pacman-g2 -Sy syslog-ng -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFHlPJ0Z7NElSD1VhkRAr0cAJ9CG2n38zh/4/GqehkN6cyaN2QOigCgiGbO 71dAM8poldyYQzUytnA+boc= =IPRz -----END PGP SIGNATURE----- From noreply at frugalware.org Mon Jan 21 20:39:38 2008 From: noreply at frugalware.org (voroskoi) Date: Mon Jan 21 20:39:42 2008 Subject: [Frugalware-security] [ FSA-351 ] cups Message-ID: <20080121193938.9C0451190054@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-351 Date: 2008-01-21 Package: cups Vulnerable versions: <= 1.3.2-2sayshell2 Unaffected versions: >= 1.3.2-2sayshell3 Related bugreport: http://bugs.frugalware.org/task/2676 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5849 Description =========== A vulnerability has been reported in CUPS, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. The vulnerability is caused due to a signedness error within the "asn1_get_string()" function in backend/snmp.c. This can be exploited to cause a stack-based buffer overflow via specially crafted SNMP responses containing ASN1 encoded strings with negative length values. Successful exploitation on 1.3.x versions requires that the snmp backend is configured in snmp.conf. Updated Packages ================ Check if you have cups installed: # pacman-g2 -Q cups If found, then you should upgrade to the latest version: # pacman-g2 -Sy cups -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFHlPT6Z7NElSD1VhkRAruXAKCV38GVC2nEeg0dsJsrY/DfMr9TqQCgmAll HzrQijqW5gz0Oy/U4xYu6dM= =x67J -----END PGP SIGNATURE----- From noreply at frugalware.org Mon Jan 21 20:45:55 2008 From: noreply at frugalware.org (voroskoi) Date: Mon Jan 21 20:46:00 2008 Subject: [Frugalware-security] [ FSA-352 ] opera Message-ID: <20080121194555.10DE11190054@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-352 Date: 2008-01-21 Package: opera Vulnerable versions: <= 9.24-1sayshell1 Unaffected versions: >= 9.25-1sayshell1 Related bugreport: http://bugs.frugalware.org/task/2677 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6520 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6521 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6522 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6524 Description =========== Some vulnerabilities have been reported in Opera, which can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information, and compromise a user's system. 1) An unspecified error can be exploited via certain plugins to conduct cross-domain scripting attacks. 2) An unspecified error within the processing of TLS certificates can be exploited to execute arbitrary code. 3) An unspecified error within Rich text editing when using designMode can be exploited to conduct cross-domain scripting attacks. 4) An unspecified error within the processing of bitmaps can be exploited to disclose the contents of random memory areas. Updated Packages ================ Check if you have opera installed: # pacman-g2 -Q opera If found, then you should upgrade to the latest version: # pacman-g2 -Sy opera -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFHlPZzZ7NElSD1VhkRAnRaAJ97Bu314EM6LhQqE6BdHQSflA7dbgCdG6g1 qc4wqtGJqTNbTAdfbdTqPY8= =/jJp -----END PGP SIGNATURE----- From noreply at frugalware.org Mon Jan 21 20:51:00 2008 From: noreply at frugalware.org (voroskoi) Date: Mon Jan 21 20:51:02 2008 Subject: [Frugalware-security] [ FSA-353 ] clamav Message-ID: <20080121195100.9182A1190054@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-353 Date: 2008-01-21 Package: clamav Vulnerable versions: <= 0.91.2-1 Unaffected versions: >= 0.91.2-2sayshell1 Related bugreport: http://bugs.frugalware.org/task/2679 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6335 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6336 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6337 Description =========== Some vulnerabilities have been reported in ClamAV, where one vulnerability has an unknown impact and others can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. 1) An integer overflow error exists within the "cli_scanpe()" function when handling MEW packed executables. This can be exploited to cause a heap-based buffer overflow via specially crafted "ssize" and "dsize" values. Successful exploitation allows execution of arbitrary code. 2) An off-by-one error exists within libclamav/mspack.c when handling MSZIP compressed files. This can be exploited to e.g. crash the scanner or potentially execute arbitrary code via a specially crafted MSZIP compressed file. 3) An boundary error exists within the bzip2 "BZ_GET_FAST()" and "BZ_GET_FAST_C()" decompression macros in libclamav/nsis/bzlib_private.h. Updated Packages ================ Check if you have clamav installed: # pacman-g2 -Q clamav If found, then you should upgrade to the latest version: # pacman-g2 -Sy clamav -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFHlPekZ7NElSD1VhkRAqrIAJ9NisseJHY0XOyRK7ozEo9PglfJhACgihNW e5FVXPYYy/qYWomHzxFQXtc= =SeYT -----END PGP SIGNATURE----- From noreply at frugalware.org Mon Jan 21 20:55:48 2008 From: noreply at frugalware.org (voroskoi) Date: Mon Jan 21 20:55:50 2008 Subject: [Frugalware-security] [ FSA-354 ] libexif Message-ID: <20080121195548.A869B1190054@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-354 Date: 2008-01-21 Package: libexif Vulnerable versions: <= 0.6.16-1 Unaffected versions: >= 0.6.16-2sayshell1 Related bugreport: http://bugs.frugalware.org/task/2680 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6351 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6352 Description =========== Two vulnerabilities have been reported in libexif, which can be exploited by malicious people to cause a DoS (Denial of Service) or to compromise an application using the library. 1) An integer overflow error in the "exif_data_load_data_thumbnail()" function in exif-data.c when processing exif image tags can be exploited to cause a memory corruption and may allow execution of arbitrary code via a specially crafted exif file. 2) An infinite recursion error in the "exif_loader_write()" function in exif-loader.c when handling exif image tags can be exploited to cause an application to crash via a specially crafted exif file. Updated Packages ================ Check if you have libexif installed: # pacman-g2 -Q libexif If found, then you should upgrade to the latest version: # pacman-g2 -Sy libexif -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFHlPjEZ7NElSD1VhkRAiDhAJ9VUE9UVcqq9/e+yBM6RDp1pwHRLgCfYywZ vbDiunxIlGPeRjrB3tJrM2E= =oDt+ -----END PGP SIGNATURE----- From noreply at frugalware.org Mon Jan 21 21:00:41 2008 From: noreply at frugalware.org (voroskoi) Date: Mon Jan 21 21:00:44 2008 Subject: [Frugalware-security] [ FSA-355 ] vlc Message-ID: <20080121200041.0C5DA1190054@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-355 Date: 2008-01-21 Package: vlc Vulnerable versions: <= 0.8.6-7 Unaffected versions: >= 0.8.6-8sayshell1 Related bugreport: http://bugs.frugalware.org/task/2682 CVE: There is no CVE entry for these issues. Description =========== Some vulnerabilities have been discovered in VLC Media Player, which can be exploited by malicious people to compromise a user's system. 1) Boundary errors in the "ParseMicroDvd()", "ParseSSA()", and "ParseVplayer()" functions when handling subtitles can be exploited to cause stack-based buffer overflows. 2) A format string error in the web interface listening on port 8080/tcp (disabled by default) can be exploited via a specially crafted HTTP request with a "Connection" header value containing format specifiers. Successful exploitation of the vulnerabilities allows execution of arbitrary code. Updated Packages ================ Check if you have vlc installed: # pacman-g2 -Q vlc If found, then you should upgrade to the latest version: # pacman-g2 -Sy vlc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFHlPnpZ7NElSD1VhkRAu9XAJ9BNunIM+YzZCpUtm2MeoXrq0hhawCgp8Gr VNBdFc8cYxD4mxaB242AyUQ= =X2DZ -----END PGP SIGNATURE----- From noreply at frugalware.org Mon Jan 21 21:05:13 2008 From: noreply at frugalware.org (voroskoi) Date: Mon Jan 21 21:05:14 2008 Subject: [Frugalware-security] [ FSA-356 ] mantis Message-ID: <20080121200513.7A5A71190054@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-356 Date: 2008-01-21 Package: mantis Vulnerable versions: <= 1.0.8-1 Unaffected versions: >= 1.0.8-2sayshell1 Related bugreport: http://bugs.frugalware.org/task/2683 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6611 Description =========== seiji has discovered a vulnerability in Mantis, which can be exploited by malicious users to conduct script insertion attacks. Input passed as the filename for the uploaded file in bug_report.php is not properly sanitised before being stored. This can be exploited to insert arbitrary HTML and script code, which is executed in a user's browser session in context of an affected site when the malicious filename is viewed in view.php. Successful exploitation requires valid user credentials. Updated Packages ================ Check if you have mantis installed: # pacman-g2 -Q mantis If found, then you should upgrade to the latest version: # pacman-g2 -Sy mantis -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFHlPr5Z7NElSD1VhkRAm0FAKCMsu9zCuwqlMFRuB16aRTmVxYTjwCeM0mM 5LEqPQkC9UHKU1sHdWahXe4= =1MYE -----END PGP SIGNATURE----- From noreply at frugalware.org Mon Jan 21 21:12:25 2008 From: noreply at frugalware.org (voroskoi) Date: Mon Jan 21 21:12:28 2008 Subject: [Frugalware-security] [ FSA-357 ] drupal Message-ID: <20080121201225.A9A27119019C@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-357 Date: 2008-01-21 Package: drupal Vulnerable versions: <= 5.2-2sayshell2 Unaffected versions: >= 5.2-2sayshell3 Related bugreport: http://bugs.frugalware.org/task/2692 CVE: There is no CVE entry for this issue. Description =========== Some vulnerabilities have been reported in Drupal, which can be exploited by malicious people to conduct cross-site scripting, script insertion, and cross-site request forgery attacks. 1) Input passed via unspecified parameters to theme .tpl.php files is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Successful exploitation requires that "register_globals" is enabled, and the .htaccess file fails to prevent access to .tpl.php files and to disable "register_globals". 2) An error in the text filtering functionality can be exploited to bypass the filter via invalid UTF-8 sequences. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is viewed with e.g. Internet Explorer 6. 3) The aggregator module allows users to perform certain actions via HTTP GET requests without performing any validity checks to verify the request. This can be exploited to e.g. remove items from a particular feed when a user visits a specially crafted page. Updated Packages ================ Check if you have drupal installed: # pacman-g2 -Q drupal If found, then you should upgrade to the latest version: # pacman-g2 -Sy drupal -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFHlPypZ7NElSD1VhkRAm99AJ4l4EkjaukXOL3BQ6RQRLOXLprBxACeP3bN 7Y9rUP1alJfvrKfU/5Z40iw= =3nX+ -----END PGP SIGNATURE----- From noreply at frugalware.org Mon Jan 21 21:18:12 2008 From: noreply at frugalware.org (voroskoi) Date: Mon Jan 21 21:18:14 2008 Subject: [Frugalware-security] [ FSA-358 ] horde-webmail Message-ID: <20080121201812.4384E1190054@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-358 Date: 2008-01-21 Package: horde-webmail Vulnerable versions: <= 1.0.1-3 Unaffected versions: >= 1.0.1-4sayshell1 Related bugreport: http://bugs.frugalware.org/task/2693 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6018 Description =========== Secunia Research has discovered a vulnerability in IMP Webmail Client and Horde Groupware Webmail Edition, which can be exploited by malicious people to bypass certain security restrictions and manipulate data. The HTML filter does not filter out frame and frameset HTML elements. Additionally, the application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the request. This can be exploited to (a) delete an arbitrary number of e-mail messages by referencing their numeric IDs and (b) purge deleted mails, when the victim opens a malicious HTML mail. Successful exploitation requires that the victim opens the HTML part of a malicious message. Updated Packages ================ Check if you have horde-webmail installed: # pacman-g2 -Q horde-webmail If found, then you should upgrade to the latest version: # pacman-g2 -Sy horde-webmail -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFHlP4EZ7NElSD1VhkRAo3ZAJsG4K82nF9b3L4p0I2I+zeZvs5xYwCfZG/z 0fq4ckoThf9UtxmkoKv74h0= =Jt2J -----END PGP SIGNATURE----- From noreply at frugalware.org Mon Jan 21 21:22:45 2008 From: noreply at frugalware.org (voroskoi) Date: Mon Jan 21 21:22:48 2008 Subject: [Frugalware-security] [ FSA-359 ] libxml2 Message-ID: <20080121202245.AC9781190054@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-359 Date: 2008-01-21 Package: libxml2 Vulnerable versions: <= 2.6.30-1 Unaffected versions: >= 2.6.30-2sayshell1 Related bugreport: http://bugs.frugalware.org/task/2700 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6284 Description =========== A vulnerability has been reported in Libxml2, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error within the "xmlCurrentChar()" function. This can be exploited to trigger the execution of an infinite loop via specially crafted UTF-8 sequences. Updated Packages ================ Check if you have libxml2 installed: # pacman-g2 -Q libxml2 If found, then you should upgrade to the latest version: # pacman-g2 -Sy libxml2 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFHlP8VZ7NElSD1VhkRAhfzAJ4iwvMZWg05hCpW3/nJXQIYl3QTUQCfTRwQ UHKA8zwjFPswy9aNFh+u8rA= =Gl+l -----END PGP SIGNATURE----- From noreply at frugalware.org Wed Jan 23 20:59:43 2008 From: noreply at frugalware.org (voroskoi) Date: Wed Jan 23 20:59:44 2008 Subject: [Frugalware-security] [ FSA-360 ] ruby-gnome2 Message-ID: <20080123195943.09C0111901EF@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-360 Date: 2008-01-23 Package: ruby-gnome2 Vulnerable versions: <= 0.16.0-3 Unaffected versions: >= 0.16.0-4sayshell1 Related bugreport: http://bugs.frugalware.org/task/2650 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6183 Description =========== Chris Rohlf has reported a vulnerability in Ruby-GNOME2, which can potentially be exploited by malicious people to compromise an application using the library. The vulnerability is caused due to a format string error within the "Gtk::MessageDialog.new()" method in gtk/src/rbgtkmessagedialog.c and can potentially be exploited to execute arbitrary code when a specially crafted string is passed to the affected function. NOTE: Exploitation and impact of this vulnerability depend on how an application uses the affected function of the vulnerable library. Updated Packages ================ Check if you have ruby-gnome2 installed: # pacman-g2 -Q ruby-gnome2 If found, then you should upgrade to the latest version: # pacman-g2 -Sy ruby-gnome2 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFHl5yuZ7NElSD1VhkRAuR6AKCYR84Pmwu8PbBOCaOjhWV2zu5WCQCfRgth WJJG4mIeQaMnndSbr6RPhV8= =kWhd -----END PGP SIGNATURE----- From noreply at frugalware.org Wed Jan 23 21:10:38 2008 From: noreply at frugalware.org (voroskoi) Date: Wed Jan 23 21:10:42 2008 Subject: [Frugalware-security] [ FSA-361 ] asterisk Message-ID: <20080123201038.66184119019C@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-361 Date: 2008-01-23 Package: asterisk Vulnerable versions: <= 1.4.13-1sayshell1 Unaffected versions: >= 1.4.13-1sayshell2 Related bugreport: http://bugs.frugalware.org/task/2652 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6171 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6170 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6430 Description =========== Multiple vulnerabilities has been reported in Asterisk, which can be exploited by malicious people to conduct SQL injection attacks, bypass certain security restrictions and cause a DoS (Denial of Service). 1) Input passed as lookup data to the Postgres Realtime Engine is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation requires that the module is configured and used. 2) Input passed as ANI and DNIS strings to the Call Detail Record Postgres logging engine is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation requires valid user credentials and that the module is configured and used. 3) The security issue is caused due to missing checks of IP addresses when processing database-based registrations ("realtime"). This can be exploited to authenticate as a legitimate user without a password. Successful exploitation requires that host-based authentication is used and that the attacker has knowledge of a valid username. 4) The vulnerability is caused due to a null-pointer dereference error within the handling of the "BYE/Also" transfer method and can be exploited to crash the application. Successful exploitation requires that a dialog has already been established. Updated Packages ================ Check if you have asterisk installed: # pacman-g2 -Q asterisk If found, then you should upgrade to the latest version: # pacman-g2 -Sy asterisk -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFHl58+Z7NElSD1VhkRAnvwAJ48TRPDyRWa9uHvBKrD+qsQ49BGBACgmjTD +CNOyCDVM+8UHPz62PFDLuk= =evzg -----END PGP SIGNATURE----- From noreply at frugalware.org Wed Jan 23 21:15:34 2008 From: noreply at frugalware.org (voroskoi) Date: Wed Jan 23 21:15:37 2008 Subject: [Frugalware-security] [ FSA-362 ] rsync Message-ID: <20080123201534.D262E119019C@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-362 Date: 2008-01-23 Package: rsync Vulnerable versions: <= 2.6.9-2 Unaffected versions: >= 2.6.9-3sayshell1 Related bugreport: http://bugs.frugalware.org/task/2653 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6199 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6200 Description =========== Two vulnerabilities have been reported in rsync, which can be exploited by malicious users to bypass certain security restrictions. 1) An error in the rsync daemon when the "use chroot" option is disabled can be exploited to gain access to files outside of the module's hierarchy via symlink attacks. 2) An error exists within the enforcing of the "exclude", "exclude from", and "filter" options. This can be exploited to bypass access restrictions and gain access to hidden files via e.g. symlink attacks, if the filename is known. Updated Packages ================ Check if you have rsync installed: # pacman-g2 -Q rsync If found, then you should upgrade to the latest version: # pacman-g2 -Sy rsync -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFHl6BmZ7NElSD1VhkRApTEAJ0Xr06wxNJIG9eqhGDU1h2KGuS4XwCgj/Ha ObmNBIVEHdoXwoZbwZov4hA= =XblW -----END PGP SIGNATURE----- From noreply at frugalware.org Wed Jan 23 21:20:28 2008 From: noreply at frugalware.org (voroskoi) Date: Wed Jan 23 21:20:33 2008 Subject: [Frugalware-security] [ FSA-363 ] libcdio Message-ID: <20080123202028.1C61711901DA@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-363 Date: 2008-01-23 Package: libcdio Vulnerable versions: <= 0.78.2-1 Unaffected versions: >= 0.78.2-2sayshell1 Related bugreport: http://bugs.frugalware.org/task/2713 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6613 Description =========== Some vulnerabilities have been reported in the cd-info and iso-info applications of libcdio, which potentially can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused due to boundary errors within the function "print_iso9660_recurse()" in cd-info.c and iso-info.c. This be exploited to cause a buffer overflow by e.g. tricking a user into using the iso-info application on a specially crafted ISO image. Updated Packages ================ Check if you have libcdio installed: # pacman-g2 -Q libcdio If found, then you should upgrade to the latest version: # pacman-g2 -Sy libcdio -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFHl6GMZ7NElSD1VhkRApPtAJ44v5RYOEesYT/3K5l7VxgDmfzd1QCeJ+hF JoHaLwgkuZ1XCVRsm5G4Mdk= =KXBn -----END PGP SIGNATURE----- From noreply at frugalware.org Wed Jan 23 21:26:28 2008 From: noreply at frugalware.org (voroskoi) Date: Wed Jan 23 21:26:29 2008 Subject: [Frugalware-security] [ FSA-364 ] postgresql Message-ID: <20080123202628.2E38A119019C@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-364 Date: 2008-01-23 Package: postgresql Vulnerable versions: <= 8.2.5-1 Unaffected versions: >= 8.2.6-1sayshell1 Related bugreport: http://bugs.frugalware.org/task/2714 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4769 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4772 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6600 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6601 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6067 Description =========== Some vulnerabilities have been reported in PostgreSQL, which can be exploited by malicious users to gain escalated privileges or to cause a DoS (Denial of Service). 1) Index functions are executed as superuser during "VACUUM" and "ANALYZE", which can be exploited to gain escalated privileges. 2) "SET ROLE" and "SET SESSION AUTHORIZATION" are permitted within index functions, which can be exploited to gain escalated privileges. 3) Various errors in the processing of regular expressions within SQL queries can be exploited to cause infinite loops, consume large amounts of memory, or to crash the backend, resulting in a DoS. 4) Errors in the DBLink module can be exploited to gain superuser privileges when being used in combination with local trust or ident authentication. Updated Packages ================ Check if you have postgresql installed: # pacman-g2 -Q postgresql If found, then you should upgrade to the latest version: # pacman-g2 -Sy postgresql -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFHl6L0Z7NElSD1VhkRAiwwAJ4/8uPkcn3xuonvlu+ZkQJtPyAZJgCfVLvq oW87xYEjlLVCodHMZ2QWbMA= =AJqR -----END PGP SIGNATURE----- From noreply at frugalware.org Wed Jan 23 22:48:48 2008 From: noreply at frugalware.org (voroskoi) Date: Wed Jan 23 22:48:53 2008 Subject: [Frugalware-security] [ FSA-365 ] joomla Message-ID: <20080123214848.827A1176C053@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-365 Date: 2008-01-23 Package: joomla Vulnerable versions: <= 1.0.13-1 Unaffected versions: >= 1.0.13-2sayshell1 Related bugreport: http://bugs.frugalware.org/task/2487 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5427 Description =========== MustLive has discovered a vulnerability in Joomla!, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "searchword" parameter in index.php (when "option" is set to "com_search") is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Successful exploitation requires that the victim changes the number of search results in a drop-down box, after having clicked on the malicious link. Updated Packages ================ Check if you have joomla installed: # pacman-g2 -Q joomla If found, then you should upgrade to the latest version: # pacman-g2 -Sy joomla -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFHl7Y+Z7NElSD1VhkRAuuyAJ4td3Ur8HL5xReU2AbUCsO0NkENqACfbFNQ QboZOxHIpAujgj93eUvIzx0= =qRnC -----END PGP SIGNATURE----- From noreply at frugalware.org Thu Jan 24 16:08:37 2008 From: noreply at frugalware.org (vmiklos) Date: Thu Jan 24 16:08:41 2008 Subject: [Frugalware-security] [ FSA-366 ] kernel Message-ID: <20080124150837.4522E1190217@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-366 Date: 2008-01-24 Package: kernel Vulnerable versions: <= 2.6.22-7sayshell3 Unaffected versions: >= 2.6.22-7sayshell4 Related bugreport: http://bugs.frugalware.org/task/2651 http://bugs.frugalware.org/task/2664 http://bugs.frugalware.org/task/2673 http://bugs.frugalware.org/task/2719 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6063 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6206 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5966 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0001 Description =========== A vulnerability with unknown impact has been reported in the Linux Kernel. The vulnerability is caused due to a boundary error within the "isdn_net_setcfg()" function in drivers/isdn/i4l/isdn_net.c when processing IOCTL configuration requests sent to the ISDN pseudo device (/dev/isdnctrl). This can be exploited to cause a buffer overflow via a specially crafted IIOCNETSCF IOCTL request. Successful exploitation requires write access to /dev/isdnctrl. A security issue has been reported in the Linux Kernel, which can be exploited by malicious, local users to disclose potentially sensitive information. The security issue is caused due to the "do_coredump()" function in fs/exec.c not correctly verifying the user ID of a core dump file when dumping the core into an existing file. This can be exploited to e.g. gain access to sensitive information by tricking an application with another user ID into dumping the core into a preexisting file. A vulnerability with an unknown impact has been reported in the Linux Kernel. The vulnerability is caused due to an integer overflow error within the "hrtimer_start()" function when processing large relative timeout values. A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to bypass certain security restrictions and corrupt a file system. The vulnerability is caused due to an error when checking the open flags and access modes when opening a directory. This can be exploited to truncate directories by calling the "open()" system call with certain flags. Successful exploitation requires write privileges for the directory to be truncated. Updated Packages ================ Check if you have kernel installed: # pacman-g2 -Q kernel If found, then you should upgrade to the latest version: # pacman-g2 -Sy kernel -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFHmKn1Z7NElSD1VhkRArn7AJoDk/2E2K2eeHPrH6OpChn/GbMOowCgqJPx ecJy4U9rqfprR8/X/LZTwYk= =9+gx -----END PGP SIGNATURE-----