From noreply at frugalware.org Tue Mar 4 17:51:33 2008 From: noreply at frugalware.org (vmiklos) Date: Tue Mar 4 17:51:36 2008 Subject: [Frugalware-security] [ FSA-372 ] kernel Message-ID: <20080304165133.EF5581190A18@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-372 Date: 2008-03-04 Package: kernel Vulnerable versions: <= 2.6.22-7sayshell5 Unaffected versions: >= 2.6.22-7sayshell6 Related bugreport: http://bugs.frugalware.org/task/2834 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0007 Description =========== A vulnerability have been reported in the Linux Kernel, which can be exploited by malicious, local users to disclose potentially sensitive information or gain escalated privileges. The vulnerability is caused due to certain drivers with registered page fault handlers not correctly preventing size expansions of mapped memory regions beyond the originally allocated size. This can be exploited to gain access to other memory areas via e.g. the "mremap()" system call. Successful exploitation may allow local attackers to disclose and manipulate kernel memory, which potentially can be leveraged to gain escalated privileges. Updated Packages ================ Check if you have kernel installed: # pacman-g2 -Q kernel If found, then you should upgrade to the latest version: # pacman-g2 -Sy kernel -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFHzX4VZ7NElSD1VhkRApzgAJ4gc17kygiI8ToMrO/4B/E8bnemnQCfSo/o URayK4YMMlDaXTYgP5vVCMw= =1Xts -----END PGP SIGNATURE----- From noreply at frugalware.org Fri Mar 7 14:43:33 2008 From: noreply at frugalware.org (vmiklos) Date: Fri Mar 7 14:43:35 2008 Subject: [Frugalware-security] [ FSA-373 ] firefox Message-ID: <20080307134333.F1CB2119019C@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-373 Date: 2008-03-07 Package: firefox Vulnerable versions: <= 2.0.0.11-1sayshell1 Unaffected versions: >= 2.0.0.12-1sayshell1 Related bugreport: http://bugs.frugalware.org/task/2776 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0412 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0413 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0414 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0415 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0419 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0420 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0591 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0593 Description =========== Some vulnerabilities and weaknesses have been reported Mozilla Firefox, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, conduct spoofing attacks, or to compromise a user's system. 1) Various errors in the browser engine can be exploited to cause a memory corruption. 2) Various errors in the Javascript engine can be exploited to cause a memory corruption. Successful exploitation of these vulnerabilities may allow execution of arbitrary code. 3) A security issue is caused due to a design error within the focus handling and can potentially be exploited to trick a user into uploading arbitrary files. 4) An error in the Javascript engine can be exploited to run Javascript code with "chrome" privileges. 5) An error in the Javascript engine can be exploited to bypass the same-origin policy via the "XMLDocument.load()" function. 6) An error exists in the handling of images when a user leaves a page, which uses "designMode" frames. This can be exploited to disclose the user's navigation history, forward navigation information, and to cause a memory corruption. Successful exploitation of this vulnerability may allow execution of arbitrary code. 7) A design error related to timer-enabled dialogs can be exploited to trick a user into unintentionally confirming a security dialog. 8) The problem is that Firefox follows "302" redirects for stylesheets and allows reading the target URL via "element.sheet.href". This can potentially be exploited to disclose sensitive URL parameters. 9) An error within the processing of color palettes within bitmaps can be exploited to disclose the contents of memory areas. Updated Packages ================ Check if you have firefox installed: # pacman-g2 -Q firefox If found, then you should upgrade to the latest version: # pacman-g2 -Sy firefox -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFH0UaFZ7NElSD1VhkRAg4KAJ4oXAMp4kSTr4ho3yI8G2VE/qwEFACfXErR moQdUppFBgKsta6lWVZk6Vs= =7Vo/ -----END PGP SIGNATURE----- From noreply at frugalware.org Fri Mar 7 14:50:31 2008 From: noreply at frugalware.org (vmiklos) Date: Fri Mar 7 14:50:37 2008 Subject: [Frugalware-security] [ FSA-374 ] seamonkey Message-ID: <20080307135031.0B968119019C@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-374 Date: 2008-03-07 Package: seamonkey Vulnerable versions: <= 1.1.7-1sayshell1 Unaffected versions: >= 1.1.8-1sayshell1 Related bugreport: http://bugs.frugalware.org/task/2777 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0412 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0413 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0414 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0415 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0418 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0419 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0593 Description =========== Some vulnerabilities have been reported in Mozilla SeaMonkey, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, conduct spoofing attacks, or potentially to compromise a vulnerable system. For more information, see FSA373. Updated Packages ================ Check if you have seamonkey installed: # pacman-g2 -Q seamonkey If found, then you should upgrade to the latest version: # pacman-g2 -Sy seamonkey -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFH0UgnZ7NElSD1VhkRAlN8AJ9M7iVFOGCN0h3Z3A4y8RtNQVUIeQCdFSxS +8YOacHoaXx4JDDgyZA/ENU= =ctB7 -----END PGP SIGNATURE----- From noreply at frugalware.org Sun Mar 9 00:11:39 2008 From: noreply at frugalware.org (vmiklos) Date: Sun Mar 9 00:11:41 2008 Subject: [Frugalware-security] [ FSA-375 ] vlc Message-ID: <20080308231139.0498411904CB@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-375 Date: 2008-03-09 Package: vlc Vulnerable versions: <= 0.8.6-8sayshell1 Unaffected versions: >= 0.8.6-8sayshell2 Related bugreport: http://bugs.frugalware.org/task/2819 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0984 Description =========== A vulnerability has been reported in VLC Media Player, which can potentially be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error within the MP4 demuxer (modules/demux/mp4/mp4.c). This can be exploited to overwrite an almost arbitrary memory address via a specially crafted MPEG-4 file. Successful exploitation may allow execution of arbitrary code. Updated Packages ================ Check if you have vlc installed: # pacman-g2 -Q vlc If found, then you should upgrade to the latest version: # pacman-g2 -Sy vlc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFH0x0qZ7NElSD1VhkRAt0pAJ4pa853lk7v5RpaRFAfb2H4BvEUEQCbBGnZ m+H3by+zKm3UHjY0EwbJLkE= =iiuO -----END PGP SIGNATURE----- From noreply at frugalware.org Sun Mar 9 00:14:18 2008 From: noreply at frugalware.org (vmiklos) Date: Sun Mar 9 00:14:19 2008 Subject: [Frugalware-security] [ FSA-376 ] clamav Message-ID: <20080308231418.09F3F11904CA@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-376 Date: 2008-03-09 Package: clamav Vulnerable versions: <= 0.91.2-2sayshell1 Unaffected versions: >= 0.92.1-1sayshell1 Related bugreport: http://bugs.frugalware.org/task/2771 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0318 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0728 Description =========== Some vulnerabilities have been reported in ClamAV, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system. 1) An integer overflow error within the "cli_scanpe()" function in libclamav/pe.c can be exploited to cause a heap-based buffer overflow via a specially crafted PE file. 2) An error within the "unmew11()" function in libclamav/mew.c can be exploited to corrupt heap memory. Successful exploitation may allow execution of arbitrary code. Updated Packages ================ Check if you have clamav installed: # pacman-g2 -Q clamav If found, then you should upgrade to the latest version: # pacman-g2 -Sy clamav -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFH0x3KZ7NElSD1VhkRApk+AKCM0UHJRxoPiqdrW6qDRT3HdBDkFgCgh/Eb YGriEm6yGrrJa6MWR0MDVy4= =UwAo -----END PGP SIGNATURE----- From noreply at frugalware.org Sun Mar 9 00:17:53 2008 From: noreply at frugalware.org (vmiklos) Date: Sun Mar 9 00:17:58 2008 Subject: [Frugalware-security] [ FSA-377 ] dbus Message-ID: <20080308231753.8E87011904C9@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-377 Date: 2008-03-09 Package: dbus Vulnerable versions: <= 1.0.2-3sayshell1 Unaffected versions: >= 1.0.3-1sayshell1 Related bugreport: http://bugs.frugalware.org/task/2822 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0595 Description =========== A security issue has been reported in D-Bus, which can be exploited by malicious, local users to bypass certain security restrictions. The security issue is caused due to an error in the processing of messages with a NULL interface, which can be exploited to bypass security policy directives of the form "allow send_interface= [interface]". Updated Packages ================ Check if you have dbus installed: # pacman-g2 -Q dbus If found, then you should upgrade to the latest version: # pacman-g2 -Sy dbus -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFH0x6hZ7NElSD1VhkRAscLAJwKX2EPt79JbRD6Cv1ktyFNCIi2nQCeN5t/ cnyU5xJ4jvLqQmzfRWEJh9Q= =3zPu -----END PGP SIGNATURE----- From noreply at frugalware.org Sun Mar 9 00:22:08 2008 From: noreply at frugalware.org (vmiklos) Date: Sun Mar 9 00:22:15 2008 Subject: [Frugalware-security] [ FSA-378 ] joomla Message-ID: <20080308232208.9331F11904C9@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-378 Date: 2008-03-09 Package: joomla Vulnerable versions: <= 1.0.13-2sayshell1 Unaffected versions: >= 1.0.15-1sayshell1 Related bugreport: http://bugs.frugalware.org/task/2808 CVE: There is no CVE entry for this issue. Description =========== Hendrik-Jan Verheij has discovered a vulnerability in Joomla!, which can be exploited by malicious people to compromise a vulnerable system. Input passed to the "mosConfig_absolute_path" parameter in index.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from external resources. Successful exploitation requires that RG_EMULATION is either switched on or undefined. NOTE: Both situations cause security warnings to be displayed in Joomla!'s administration section. Updated Packages ================ Check if you have joomla installed: # pacman-g2 -Q joomla If found, then you should upgrade to the latest version: # pacman-g2 -Sy joomla -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFH0x+gZ7NElSD1VhkRAvwLAJwPOHIGkfz9xFOwiWt0ic76E8lOLQCcCMjM VvS75dMh1slXPFG4hbw56zs= =Ucm8 -----END PGP SIGNATURE----- From noreply at frugalware.org Sun Mar 9 00:25:14 2008 From: noreply at frugalware.org (vmiklos) Date: Sun Mar 9 00:25:17 2008 Subject: [Frugalware-security] [ FSA-379 ] graphicsmagick Message-ID: <20080308232514.0B8A811904C9@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-379 Date: 2008-03-09 Package: graphicsmagick Vulnerable versions: <= 1.1.8-1 Unaffected versions: >= 1.1.11-1sayshell1 Related bugreport: http://bugs.frugalware.org/task/2807 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4985 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4986 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4987 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4988 Description =========== Some vulnerabilities have been reported in GraphicsMagick, which can be exploited by malicious people to conduct DoS (Denial of Service) attacks or compromise a user's system. The vulnerabilities are caused due to the use of vulnerable ImageMagick code. Updated Packages ================ Check if you have graphicsmagick installed: # pacman-g2 -Q graphicsmagick If found, then you should upgrade to the latest version: # pacman-g2 -Sy graphicsmagick -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFH0yBaZ7NElSD1VhkRApz8AJ9iebv2Ozk7svCjr+x87aIat8naxACeP88O p/s+U7Nv5uuVBGVOVQT4DLk= =Cz3L -----END PGP SIGNATURE----- From noreply at frugalware.org Sun Mar 9 00:28:50 2008 From: noreply at frugalware.org (vmiklos) Date: Sun Mar 9 00:28:52 2008 Subject: [Frugalware-security] [ FSA-380 ] cups Message-ID: <20080308232850.4EFDA11904CA@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-380 Date: 2008-03-09 Package: cups Vulnerable versions: <= 1.3.2-2sayshell3 Unaffected versions: >= 1.3.6-1sayshell1 Related bugreport: http://bugs.frugalware.org/task/2806 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0882 Description =========== A vulnerability has been discovered in CUPS, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system. The vulnerability is caused due to an error within the "process_browse_data()" function when adding printers and classes. This can be exploited to free the same buffer twice by sending specially crafted browser packets to the UDP port on which cupsd is listening (by default port 631/UDP). Successful exploitation may allow execution of arbitrary code. Updated Packages ================ Check if you have cups installed: # pacman-g2 -Q cups If found, then you should upgrade to the latest version: # pacman-g2 -Sy cups -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFH0yEyZ7NElSD1VhkRAiZzAJ95VRgExBYJdCqHPZHPGbK4B9yjqwCdEpam mIelL9RRE4jFgjP/YwFJVhM= =IAwi -----END PGP SIGNATURE----- From noreply at frugalware.org Sun Mar 9 00:31:51 2008 From: noreply at frugalware.org (vmiklos) Date: Sun Mar 9 00:31:52 2008 Subject: [Frugalware-security] [ FSA-381 ] lighttpd Message-ID: <20080308233151.385C811904C9@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-381 Date: 2008-03-09 Package: lighttpd Vulnerable versions: <= 1.4.18-1 Unaffected versions: >= 1.4.18-2sayshell1 Related bugreport: http://bugs.frugalware.org/task/2804 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0983 Description =========== A vulnerability has been reported in lighttpd, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to a calculation error when allocating the global file descriptor array and can be exploited to crash an affected server. Updated Packages ================ Check if you have lighttpd installed: # pacman-g2 -Q lighttpd If found, then you should upgrade to the latest version: # pacman-g2 -Sy lighttpd -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFH0yHnZ7NElSD1VhkRAieLAJ9XejrsN45J6tGwvZbGhVjhEtiGzACgky5c jsXbStnNhIP+1YKDth1XjRY= =6gVg -----END PGP SIGNATURE----- From noreply at frugalware.org Sun Mar 9 00:33:51 2008 From: noreply at frugalware.org (vmiklos) Date: Sun Mar 9 00:33:53 2008 Subject: [Frugalware-security] [ FSA-382 ] pcre Message-ID: <20080308233351.999F111904C9@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-382 Date: 2008-03-09 Package: pcre Vulnerable versions: <= 7.4-1 Unaffected versions: >= 7.6-1sayshell1 Related bugreport: http://bugs.frugalware.org/task/2785 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0674 Description =========== A vulnerability has been reported in PCRE, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or compromise an application using the library. The vulnerability is caused due to a boundary error when processing character classes and can be exploited to cause a buffer overflow via an overly long character class with codepoints greater than 255. Updated Packages ================ Check if you have pcre installed: # pacman-g2 -Q pcre If found, then you should upgrade to the latest version: # pacman-g2 -Sy pcre -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFH0yJfZ7NElSD1VhkRAj5xAJ9KzB2+DC0ewrWLsjSaA0rQOFtCQQCeOgwC T18NAyUOkbTnbm+Gxyet44E= =AIci -----END PGP SIGNATURE----- From noreply at frugalware.org Sun Mar 9 00:39:40 2008 From: noreply at frugalware.org (vmiklos) Date: Sun Mar 9 00:39:45 2008 Subject: [Frugalware-security] [ FSA-383 ] thunderbird Message-ID: <20080308233940.03D7711904C9@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-383 Date: 2008-03-09 Package: thunderbird Vulnerable versions: <= 2.0.0.9-1terminus1 Unaffected versions: >= 2.0.0.12-1sayshell1 Related bugreport: http://bugs.frugalware.org/task/2775 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0304 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0412 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0413 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0415 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0418 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0419 Description =========== Some vulnerabilities have been reported in Mozilla Thunderbird, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, or potentially to compromise a user's system. For more information, see FSA374. Updated Packages ================ Check if you have thunderbird installed: # pacman-g2 -Q thunderbird If found, then you should upgrade to the latest version: # pacman-g2 -Sy thunderbird -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFH0yO7Z7NElSD1VhkRAvyjAKCB8fjEzW/HodLsxxKPPt5chX4ekwCeIsDJ rsf1uV+jAyFIBbr0gAUkl/M= =9Obq -----END PGP SIGNATURE----- From noreply at frugalware.org Sun Mar 9 00:44:04 2008 From: noreply at frugalware.org (vmiklos) Date: Sun Mar 9 00:44:06 2008 Subject: [Frugalware-security] [ FSA-384 ] xine-lib Message-ID: <20080308234404.7E42811904C9@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-384 Date: 2008-03-09 Package: xine-lib Vulnerable versions: <= 1.1.8-1 Unaffected versions: >= 1.1.10.1-1sayshell1 Related bugreport: http://bugs.frugalware.org/task/2773 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0486 Description =========== A vulnerability has been discovered in xine-lib, which can potentially be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error within the "open_flac_file()" function in src/demuxers/demux_flac.c. This can be exploited to corrupt memory via a specially crafted FLAC file. Updated Packages ================ Check if you have xine-lib installed: # pacman-g2 -Q xine-lib If found, then you should upgrade to the latest version: # pacman-g2 -Sy xine-lib -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFH0yTEZ7NElSD1VhkRArAZAKCTiNIBCLx7fCQgIQl1XjvE1kcRsQCgmxVK qWxl73sIv83JSMKPBghY6L4= =IxFx -----END PGP SIGNATURE----- From noreply at frugalware.org Sun Mar 9 00:48:29 2008 From: noreply at frugalware.org (vmiklos) Date: Sun Mar 9 00:48:30 2008 Subject: [Frugalware-security] [ FSA-385 ] cacti Message-ID: <20080308234829.27F6A11904C9@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-385 Date: 2008-03-09 Package: cacti Vulnerable versions: <= 0.8.6j-3terminus1 Unaffected versions: >= 0.8.6j-4sayshell1 Related bugreport: http://bugs.frugalware.org/task/2772 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0783 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0784 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0785 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0786 Description =========== Some vulnerabilities have been reported in Cacti, which can be exploited by malicious people to conduct HTTP response splitting, cross-site scripting, and SQL injection attacks. 1) Input passed to unspecified parameters is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. 2) Input passed to unspecified parameters is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 3) Input passed to unspecified parameters is not properly sanitised before being returned to the user. This can be exploited to insert arbitrary HTTP headers, which will be included in a response sent to the user, allowing for execution of arbitrary HTML and script code in a user's browser session in context of an affected site. Updated Packages ================ Check if you have cacti installed: # pacman-g2 -Q cacti If found, then you should upgrade to the latest version: # pacman-g2 -Sy cacti -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFH0yXNZ7NElSD1VhkRAgDuAJ9Iqe54+8QYUwTg2TEY19LMkzWR5gCeOLfC 9kwoi4q/I4cQVCXfRLCpKgg= =HJYt -----END PGP SIGNATURE----- From noreply at frugalware.org Sun Mar 9 00:52:08 2008 From: noreply at frugalware.org (vmiklos) Date: Sun Mar 9 00:52:10 2008 Subject: [Frugalware-security] [ FSA-386 ] rblibtorrent Message-ID: <20080308235208.82ACC11904C9@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-386 Date: 2008-03-09 Package: rblibtorrent Vulnerable versions: <= 0.12-5 Unaffected versions: >= 0.12-6sayshell1 Related bugreport: http://bugs.frugalware.org/task/2770 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0646 Description =========== A vulnerability has been reported in Rasterbar Software libtorrent, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the "bdecode_recursive()" function in include/libtorrent/bencode.hpp when processing certain bencoded data. This can be exploited to cause a stack overflow and crash an application using the library by sending specially crafted bencoded messages. Updated Packages ================ Check if you have rblibtorrent installed: # pacman-g2 -Q rblibtorrent If found, then you should upgrade to the latest version: # pacman-g2 -Sy rblibtorrent -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFH0yaoZ7NElSD1VhkRAgcdAKCLty9WtzeYKaKQlz6pyMu/eIePtwCcDxcU 6EHEDFYxQJZXgxWUnROYqjI= =h95B -----END PGP SIGNATURE----- From noreply at frugalware.org Sun Mar 9 00:55:19 2008 From: noreply at frugalware.org (vmiklos) Date: Sun Mar 9 00:55:21 2008 Subject: [Frugalware-security] [ FSA-387 ] phpmyadmin Message-ID: <20080308235519.DAC5911904C9@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-387 Date: 2008-03-09 Package: phpmyadmin Vulnerable versions: <= 2.11.2.2-1sayshell1 Unaffected versions: >= 2.11.5-1sayshell1 Related bugreport: http://bugs.frugalware.org/task/2835 CVE: There is no CVE entry for this issue. Description =========== A vulnerability has been reported in phpMyAdmin, which can be exploited by malicious people to conduct SQL injection attacks. The vulnerability is caused due to the application obtaining parameters via the "$_REQUEST" variable, and using them without proper sanitation in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code via a malicious cookie. Successful exploitation requires that a phpMyAdmin user is tricked into visiting a malicious website. Updated Packages ================ Check if you have phpmyadmin installed: # pacman-g2 -Q phpmyadmin If found, then you should upgrade to the latest version: # pacman-g2 -Sy phpmyadmin -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFH0ydnZ7NElSD1VhkRAm7yAJ4zFXGkUXQigBLh5jrHTVDAr+tk0ACgpcX6 uuo7NJ+DIMlVy6U25Dixsiw= =uAI+ -----END PGP SIGNATURE----- From noreply at frugalware.org Sun Mar 9 00:59:44 2008 From: noreply at frugalware.org (vmiklos) Date: Sun Mar 9 00:59:46 2008 Subject: [Frugalware-security] [ FSA-388 ] wireshark Message-ID: <20080308235944.59EDF11904C9@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-388 Date: 2008-03-09 Package: wireshark Vulnerable versions: <= 0.99.7-1terminus1 Unaffected versions: >= 0.99.8-1sayshell1 Related bugreport: http://bugs.frugalware.org/task/2821 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1070 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1071 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1072 Description =========== Some vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerabilities are caused due to errors in the SCTP, SNMP, and TFTP dissectors. These can be exploited to cause the application to crash or consume large amounts of memory when processing specially crafted packets that are either captured off the wire or loaded via a capture file. Updated Packages ================ Check if you have wireshark installed: # pacman-g2 -Q wireshark If found, then you should upgrade to the latest version: # pacman-g2 -Sy wireshark -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFH0yhwZ7NElSD1VhkRArMmAJ4gy7s4fEjObsgPCWoPvYwss3pHIQCggdtx KzgziZtrB8EZ0vzZYMN+zO4= =HYP7 -----END PGP SIGNATURE----- From noreply at frugalware.org Sun Mar 9 01:10:20 2008 From: noreply at frugalware.org (vmiklos) Date: Sun Mar 9 01:10:22 2008 Subject: [Frugalware-security] [ FSA-389 ] kdebase Message-ID: <20080309001020.816B111904CA@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-389 Date: 2008-03-09 Package: kdebase Vulnerable versions: <= 3.5.7-3 Unaffected versions: >= 3.5.7-4sayshell1 Related bugreport: http://bugs.frugalware.org/task/2681 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5963 Description =========== A weakness has been reported in KDE, which can be exploited by malicious, local users to cause a DoS (Denial of Service). The weakness is caused due to an error in KDM when processing certain files, which can be exploited to cause KDM to e.g. consume large amounts of memory or prevent users from logging in. Updated Packages ================ Check if you have kdebase installed: # pacman-g2 -Q kdebase If found, then you should upgrade to the latest version: # pacman-g2 -Sy kdebase -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFH0yrsZ7NElSD1VhkRAhL1AJsGtBI62+BAitOrNnuYpmL4M2pI3wCdHJCT PAUsx+Hpw87KpR/bDJWRbEk= =2oWE -----END PGP SIGNATURE----- From noreply at frugalware.org Sun Mar 9 18:37:49 2008 From: noreply at frugalware.org (vmiklos) Date: Sun Mar 9 18:37:52 2008 Subject: [Frugalware-security] [ FSA-390 ] opera Message-ID: <20080309173749.1119011901D8@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-390 Date: 2008-03-09 Package: opera Vulnerable versions: <= 9.25-1sayshell1 Unaffected versions: >= 9.26-1sayshell1 Related bugreport: http://bugs.frugalware.org/task/2805 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1080 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1081 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1082 Description =========== Some vulnerabilities have been reported in Opera, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose sensitive information, or to bypass certain security restrictions. 1) A security issue is caused due to a design error when handling input to file form fields, which can potentially be exploited to trick a user into uploading arbitrary files. 2) An error within the handling of custom comments in image properties can be exploited to execute arbitrary script code in the wrong security context when comments of a malicious image are displayed. 3) An error in the handling of attribute values when importing XML into a document can be exploited to bypass filters and conduct cross-site scripting attacks if these values are used as document content. Updated Packages ================ Check if you have opera installed: # pacman-g2 -Q opera If found, then you should upgrade to the latest version: # pacman-g2 -Sy opera -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFH1CBtZ7NElSD1VhkRAqV2AKCYlPTSRtUTsa8nZggo1P2EBD8xvACfY3Bb +sDbimeZInNF5ocX4msM/2o= =8A5M -----END PGP SIGNATURE----- From noreply at frugalware.org Sun Mar 9 18:39:50 2008 From: noreply at frugalware.org (vmiklos) Date: Sun Mar 9 18:39:51 2008 Subject: [Frugalware-security] [ FSA-391 ] wordpress Message-ID: <20080309173950.6C96711901D8@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-391 Date: 2008-03-09 Package: wordpress Vulnerable versions: <= 2.3.2-1terminus1 Unaffected versions: >= 2.3.3-1sayshell1 Related bugreport: http://bugs.frugalware.org/task/2739 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0664 Description =========== A vulnerability has been reported in WordPress, which can be exploited by malicious users to bypass certain security restrictions and to manipulate data. The xmlrpc.php script does not properly restrict access to the edit functionality. This can be exploited to edit other users' posts. Successful exploitation requires valid user credentials. Updated Packages ================ Check if you have wordpress installed: # pacman-g2 -Q wordpress If found, then you should upgrade to the latest version: # pacman-g2 -Sy wordpress -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFH1CDmZ7NElSD1VhkRAt60AJ9jjffrc2a+oQdfPCpEvNkgQkaHOgCfatKh 2TH0WXoj3bLDPIeYzZLJbZY= =PEf3 -----END PGP SIGNATURE----- From noreply at frugalware.org Sun Mar 9 18:42:57 2008 From: noreply at frugalware.org (vmiklos) Date: Sun Mar 9 18:42:59 2008 Subject: [Frugalware-security] [ FSA-392 ] bind Message-ID: <20080309174257.D8CD711901D8@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-392 Date: 2008-03-09 Package: bind Vulnerable versions: <= 9.4.1-2 Unaffected versions: >= 9.4.1-3sayshell1 Related bugreport: http://bugs.frugalware.org/task/2721 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0122 Description =========== A vulnerability has been reported in ISC BIND, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system. Updated Packages ================ Check if you have bind installed: # pacman-g2 -Q bind If found, then you should upgrade to the latest version: # pacman-g2 -Sy bind -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFH1CGhZ7NElSD1VhkRAm6EAJ0cQycXoCSrGw0YxZ7vX2Ip4d8Q8QCfStE0 dbACeTMXufDrwEdBv93f23I= =T83g -----END PGP SIGNATURE----- From noreply at frugalware.org Sun Mar 9 18:45:06 2008 From: noreply at frugalware.org (vmiklos) Date: Sun Mar 9 18:45:07 2008 Subject: [Frugalware-security] [ FSA-393 ] boost Message-ID: <20080309174506.0BEB411901D8@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-393 Date: 2008-03-09 Package: boost Vulnerable versions: <= 1.34.0-5 Unaffected versions: >= 1.34.0-6sayshell1 Related bugreport: http://bugs.frugalware.org/task/2720 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0171 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0172 Description =========== Some vulnerabilities have been reported in Boost, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerabilities are caused due to errors within the parsing of regular expressions in boost/regex/v4/basic_regex_parser.hpp. These can be exploited to crash an application linked against the Boost library via specially crafted regular expressions. Updated Packages ================ Check if you have boost installed: # pacman-g2 -Q boost If found, then you should upgrade to the latest version: # pacman-g2 -Sy boost -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFH1CIiZ7NElSD1VhkRAgcEAKCAQmmyusjCvDYtP9gMwKezjiHDhwCghUPR RvXVWIOvrATs1Wuas+IQM9I= =ocio -----END PGP SIGNATURE----- From noreply at frugalware.org Tue Mar 18 15:42:17 2008 From: noreply at frugalware.org (vmiklos) Date: Tue Mar 18 15:42:19 2008 Subject: [Frugalware-security] [ FSA-394 ] lighttpd Message-ID: <20080318144217.6E3301B640C9@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-394 Date: 2008-03-18 Package: lighttpd Vulnerable versions: <= 1.4.18-2 Unaffected versions: >= 1.4.19-1kalgan1 Related bugreport: http://bugs.frugalware.org/task/2844 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1111 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1270 Description =========== Some security issues have been reported in lighttpd, which can be exploited by malicious people to disclose potentially sensitive information. 1) A security issue is caused due to an error in mod_cgi, which can lead to the disclosure of source code when lighttpd is unable to fork. 2) A security issue is caused due to the mod_userdir module using "$HOME" by default if no userdir.path is set. This can be exploited to disclose the content of arbitrary files on certain systems via e.g. the "nobody" user. Updated Packages ================ Check if you have lighttpd installed: # pacman-g2 -Q lighttpd If found, then you should upgrade to the latest version: # pacman-g2 -Sy lighttpd Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/394 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFH39TJZ7NElSD1VhkRAuOPAKCkqbcpmGPAq6/2EGZfpdjBM/0LYQCgi4Vj IPxIsg9Cxvdp+MVtOG24qIg= =us2l -----END PGP SIGNATURE----- From noreply at frugalware.org Mon Mar 24 19:30:14 2008 From: noreply at frugalware.org (vmiklos) Date: Mon Mar 24 19:30:17 2008 Subject: [Frugalware-security] [ FSA-395 ] ghostscript Message-ID: <20080324183014.9047511904D3@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-395 Date: 2008-03-24 Package: ghostscript Vulnerable versions: <= 8.61-1 Unaffected versions: >= 8.62-1kalgan1 Related bugreport: http://bugs.frugalware.org/task/2823 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0411 Description =========== Chris Evans has reported a vulnerability in Ghostscript, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error within the "zseticcspace()" function in zicc.c. This can be exploited to cause a stack-based buffer overflow via an overly large "Range" array. Successful exploitation allows execution of arbitrary code. Updated Packages ================ Check if you have ghostscript installed: # pacman-g2 -Q ghostscript If found, then you should upgrade to the latest version: # pacman-g2 -Sy ghostscript Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/395 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFH5/M2Z7NElSD1VhkRAmyBAJ96nXfu0uWHGo0dsDN1vANT86is5gCfSMUw tXwJp7/fpKaA0W7bOC/YKFk= =gaJL -----END PGP SIGNATURE----- From noreply at frugalware.org Mon Mar 24 19:34:09 2008 From: noreply at frugalware.org (vmiklos) Date: Mon Mar 24 19:34:13 2008 Subject: [Frugalware-security] [ FSA-396 ] rails Message-ID: <20080324183409.6795211904D3@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-396 Date: 2008-03-24 Package: rails Vulnerable versions: <= 1.1.6-1 Unaffected versions: >= 1.2.6-1kalgan1 Related bugreport: http://bugs.frugalware.org/task/2591 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3227 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5379 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5380 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6077 Description =========== Some vulnerabilities have been reported in Ruby on Rails, which can be exploited by malicious people to disclose sensitive information and conduct cross-site scripting attacks. 1) Input passed to the "to_json" function is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) An error in ActiveResource when processing responses using the "Hash.from_xml" function can be exploited to determine the existence of files and to read the contents of arbitrary XML files. 3) A security issue is caused due to lib/action_controller/cgi_process.rb removing the ":cookie_only" attribute from "DEFAULT_SESSION_OPTIONS" and can be exploited to conduct session fixation attacks against applications using the affected component. Updated Packages ================ Check if you have rails installed: # pacman-g2 -Q rails If found, then you should upgrade to the latest version: # pacman-g2 -Sy rails Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/396 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFH5/QhZ7NElSD1VhkRAls4AJ9UE0/mWec5lyxEfSTgTOGnzsDh3QCdHaF5 a8oVnKZmEn388OUT1yI0GOY= =Ylhq -----END PGP SIGNATURE----- From vmiklos at frugalware.org Mon Mar 24 19:51:49 2008 From: vmiklos at frugalware.org (Miklos Vajna) Date: Mon Mar 24 19:51:50 2008 Subject: [Frugalware-security] [ FSA-397 ] unzip Message-ID: <20080324185149.A1E9E11904D3@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-397 Date: 2008-03-24 Package: unzip Vulnerable versions: <= 5.52-4 Unaffected versions: >= 5.52-5kalgan1 Related bugreport: http://bugs.frugalware.org/task/2886 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0888 Description =========== A vulnerability has been reported in UnZip, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the use of uninitialized pointers in the "inflate_dynamic()" function in inflate.c. This can potentially be exploited to free an attacker-controlled memory region and execute arbitrary code via a specially crafted ZIP compressed file. Successful exploitation may allow execution of arbitrary code. Updated Packages ================ Check if you have unzip installed: # pacman-g2 -Q unzip If found, then you should upgrade to the latest version: # pacman-g2 -Sy unzip Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/397 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFH5/hFZ7NElSD1VhkRAl6LAJ9qIK7xwQ0uTUGX3Ikr8fLP3JougACeKZvG 98w9LXutg2T8yhtDqShPqig= =4ltW -----END PGP SIGNATURE----- From vmiklos at frugalware.org Mon Mar 24 20:02:44 2008 From: vmiklos at frugalware.org (Miklos Vajna) Date: Mon Mar 24 20:02:45 2008 Subject: [Frugalware-security] [ FSA-399 ] xine-lib Message-ID: <20080324190244.8922E11904D3@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-399 Date: 2008-03-24 Package: xine-lib Vulnerable versions: <= 1.1.10.1-1 Unaffected versions: >= 1.1.11-1kalgan1 Related bugreport: http://bugs.frugalware.org/task/2887 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0073 Description =========== Secunia Research has discovered a vulnerability in xine-lib, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error within the "sdpplin_parse()" function in input/libreal/sdpplin.c. This can be exploited to overwrite arbitrary memory regions via an overly large "streamid" SDP parameter included in a malicious RTSP stream. Successful exploitation allows execution of arbitrary code. Updated Packages ================ Check if you have xine-lib installed: # pacman-g2 -Q xine-lib If found, then you should upgrade to the latest version: # pacman-g2 -Sy xine-lib Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/399 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFH5/rUZ7NElSD1VhkRAn7HAJ0ZVJKD3lzAmoFG4J6mwhQbMy88AQCeJTrt jm9y8d67Qv2OFLxn4L3Xgio= =867C -----END PGP SIGNATURE----- From vmiklos at frugalware.org Mon Mar 24 20:03:30 2008 From: vmiklos at frugalware.org (Miklos Vajna) Date: Mon Mar 24 20:03:32 2008 Subject: [Frugalware-security] [ FSA-398 ] tetex Message-ID: <20080324190330.BD70511904D3@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-398 Date: 2008-03-24 Package: tetex Vulnerable versions: <= 3.0-12 Unaffected versions: >= 3.0-13kalgan1 Related bugreport: http://bugs.frugalware.org/task/2592 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5935 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5936 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5937 Description =========== Some vulnerabilities have been reported in teTeX, which can be exploited by malicious, local users to disclose and manipulate sensitive information and by malicious people to potentially compromise a vulnerable system. 1) A boundary error in dvips can be exploited to cause a stack-based buffer overflow when a user is tricked into opening a specially crafted DVI file containing an overly long hypertext reference. Successful exploitation requires that dvips is invoked with the "-z" option. 2) Some boundary errors in dviljk can be exploited to cause buffer overflows when a user is enticed to print a specially crafted DVI file. Successful exploitation of vulnerabilities #1 and #2 may allow execution of arbitrary code. 3) An error due to dvips using the insecure "tmpnam()" function when converting DVI files can potentially be exploited to disclose and modify sensitive information. Updated Packages ================ Check if you have tetex installed: # pacman-g2 -Q tetex If found, then you should upgrade to the latest version: # pacman-g2 -Sy tetex Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/398 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iD8DBQFH5/sCZ7NElSD1VhkRAhnbAJ9gQEFeQ0l25GNstpbRbRIVPR2aYgCdF+/f +cs7NFMIVBb1wFJifcBsfXY= =NvYq -----END PGP SIGNATURE-----