From vmiklos at frugalware.org Wed Oct 8 23:54:32 2008 From: vmiklos at frugalware.org (Miklos Vajna) Date: Wed Oct 8 23:54:33 2008 Subject: [Frugalware-security] [ FSA-530 ] wireshark Message-ID: <20081008215432.382851190001@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-530 Date: 2008-10-08 Package: wireshark Vulnerable versions: <= 1.0.2-2 Unaffected versions: >= 1.0.3-1solaria1 Related bugreport: http://bugs.frugalware.org/task/3345 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3146 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3932 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3933 Description =========== Some vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service). 1) Various errors within epan/dissectors/packet-ncp2222.inc can be exploited to cause e.g. a crash or an infinite loop via specially crafted NCP packets. 2) An error while uncompressing zlib-compressed packet data can be exploited to cause a crash via specially crafted packets. Updated Packages ================ Check if you have wireshark installed: # pacman-g2 -Q wireshark If found, then you should upgrade to the latest version: # pacman-g2 -Sy wireshark Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/530 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAkjtLBgACgkQZ7NElSD1VhlmegCeIyZgZ/LQznzN2C7FjKmJ7Pov e+8An2oFo5teVqMHvD4RqXyrB9mrs0ks =Sd2p -----END PGP SIGNATURE----- From vmiklos at frugalware.org Fri Oct 10 17:06:34 2008 From: vmiklos at frugalware.org (Miklos Vajna) Date: Fri Oct 10 17:06:37 2008 Subject: [Frugalware-security] [ FSA-531 ] drupal Message-ID: <20081010150634.5CC611190001@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-531 Date: 2008-10-10 Package: drupal Vulnerable versions: <= 5.10-1 Unaffected versions: >= 5.11-1solaria1 Related bugreport: http://bugs.frugalware.org/task/3392 CVE: No CVE, see http://drupal.org/node/318706 Description =========== Two vulnerabilities have been reported in Drupal, which can be exploited by malicious people and users to bypass certain security restrictions. 1) A vulnerability is caused due to improper access restriction in the core upload module. This can be exploited to retrieve files attached to content, without valid credentials for accessing the content itself. Successful exploitation of this vulnerability requires valid user credentials and that the core upload module is enabled. 2) A vulnerability is caused due to improper access restriction in the node module API. This can be exploited to bypass node validation under some unspecified circumstances. No further information is currently available. Updated Packages ================ Check if you have drupal installed: # pacman-g2 -Q drupal If found, then you should upgrade to the latest version: # pacman-g2 -Sy drupal Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/531 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAkjvb3oACgkQZ7NElSD1VhkYzACgocqQA+8UHKi5m+V/a295xwq7 lQcAoJdFhD1X5eBjlEJ+iRZ7Y5XbOE5W =j7fg -----END PGP SIGNATURE----- From vmiklos at frugalware.org Fri Oct 10 17:09:14 2008 From: vmiklos at frugalware.org (Miklos Vajna) Date: Fri Oct 10 17:09:16 2008 Subject: [Frugalware-security] [ FSA-532 ] drupal6 Message-ID: <20081010150914.9D5F11190001@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-532 Date: 2008-10-10 Package: drupal6 Vulnerable versions: <= 6.4-1 Unaffected versions: >= 6.5-1solaria1 Related bugreport: http://bugs.frugalware.org/task/3393 CVE: No CVE, see http://drupal.org/node/318706 Description =========== A vulnerability has been reported in Drupal, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to improper access restriction in the core upload module. This can be exploited to attach arbitrary files to content, without valid credentials. Successful exploitation requires that the core upload module is enabled. Updated Packages ================ Check if you have drupal6 installed: # pacman-g2 -Q drupal6 If found, then you should upgrade to the latest version: # pacman-g2 -Sy drupal6 Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/532 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAkjvcBoACgkQZ7NElSD1VhlDxQCghzCrVAq12ObVniCdRVt++8pq CdsAoJLIPycTDDMqbI64HgitgvpCZgup =rc9S -----END PGP SIGNATURE----- From vmiklos at frugalware.org Sun Oct 19 23:10:11 2008 From: vmiklos at frugalware.org (Miklos Vajna) Date: Sun Oct 19 23:10:15 2008 Subject: [Frugalware-security] [ FSA-533 ] wordpress Message-ID: <20081019211011.A42901190001@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-533 Date: 2008-10-19 Package: wordpress Vulnerable versions: <= 2.6.1-1 Unaffected versions: >= 2.6.2-1solaria1 Related bugreport: http://bugs.frugalware.org/task/3346 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4106 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4107 Description =========== Stefan Esser has reported a vulnerability in WordPress, which can be exploited by malicious people to guess automatically generated passwords. The vulnerability is caused due to WordPress using a weak pseudo random number generator to generate passwords while leaking it's state information to an attacker. In combination with other attacks this can e.g. be exploited to recover the administrator's automatically generated password. Updated Packages ================ Check if you have wordpress installed: # pacman-g2 -Q wordpress If found, then you should upgrade to the latest version: # pacman-g2 -Sy wordpress Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/533 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAkj7ojMACgkQZ7NElSD1Vhl7zwCdGbBvcAS7qgBFDXXzSJPIT78G +lEAni+69/sRY02AiVGg4OWioHuVOwov =8Bgv -----END PGP SIGNATURE----- From vmiklos at frugalware.org Sun Oct 19 23:14:36 2008 From: vmiklos at frugalware.org (Miklos Vajna) Date: Sun Oct 19 23:14:38 2008 Subject: [Frugalware-security] [ FSA-534 ] drupal-cck Message-ID: <20081019211436.053181190001@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-534 Date: 2008-10-19 Package: drupal-cck Vulnerable versions: <= 5.x_1.7-1 Unaffected versions: >= 5.x_1.9-1solaria1 Related bugreport: http://bugs.frugalware.org/task/3347 CVE: No CVE, see http://drupal.org/node/304093 Description =========== Some vulnerabilities have been reported in the Drupal Content Construction Kit (CCK), which can be exploited by malicious users to conduct script insertion attacks. Input passed to some fields settings forms (e.g. "field label", "help text", "allowed values") is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is viewed. Successful exploitation requires "administer content" privileges. Updated Packages ================ Check if you have drupal-cck installed: # pacman-g2 -Q drupal-cck If found, then you should upgrade to the latest version: # pacman-g2 -Sy drupal-cck Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/534 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAkj7ozsACgkQZ7NElSD1VhmjvACgkbOmqX5URMn16a/2RuxpTVZv aIsAn1RDggXLbJGAnQNomXS72lGRwr2N =gJnF -----END PGP SIGNATURE----- From vmiklos at frugalware.org Sun Oct 19 23:17:33 2008 From: vmiklos at frugalware.org (Miklos Vajna) Date: Sun Oct 19 23:17:36 2008 Subject: [Frugalware-security] [ FSA-535 ] lighttpd Message-ID: <20081019211733.405FB1190001@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-535 Date: 2008-10-19 Package: lighttpd Vulnerable versions: <= 1.4.19-2 Unaffected versions: >= 1.4.20-1solaria1 Related bugreport: http://bugs.frugalware.org/task/3375 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4298 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4359 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4360 Description =========== A weakness and two vulnerabilities have been reported in lighttpd, which can be exploited by malicious people to disclose potentially sensitive information, bypass certain security restrictions, and cause a DoS (Denial of Service). 1) A vulnerability is caused due to a memory leak within the "http_request_parse()" function when processing duplicate request headers and can be exploited to exhaust all available memory. 2) A vulnerability is caused due to the "mod_userdir" module not correctly handling filenames on case insensitive file systems. This can be exploited to e.g. disclose potentially sensitive information by sending requests with mixed upper and lowercase characters. 3) A weakness is caused due to lighttpd not decoding requests before matching them with rewrite and redirect rules. This can be exploited to e.g. bypass the rewrite and redirect rules. Updated Packages ================ Check if you have lighttpd installed: # pacman-g2 -Q lighttpd If found, then you should upgrade to the latest version: # pacman-g2 -Sy lighttpd Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/535 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAkj7o+0ACgkQZ7NElSD1VhnHywCdEn7vTKDgj56aW7F3PGuc+H5F O4AAnj8fa4Ft2MjVecXfCD4tYQwJwUcX =rlSu -----END PGP SIGNATURE----- From vmiklos at frugalware.org Sun Oct 19 23:20:48 2008 From: vmiklos at frugalware.org (Miklos Vajna) Date: Sun Oct 19 23:20:53 2008 Subject: [Frugalware-security] [ FSA-536 ] jasper Message-ID: <20081019212048.AC86F1190001@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-536 Date: 2008-10-19 Package: jasper Vulnerable versions: <= 1.900.1-2 Unaffected versions: >= 1.900.1-3solaria1 Related bugreport: http://bugs.frugalware.org/task/3396 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3520 Description =========== Multiple integer overflows in JasPer might allow context-dependent attackers to have an unknown impact via a crafted image file, related to integer multiplication for memory allocation. Updated Packages ================ Check if you have jasper installed: # pacman-g2 -Q jasper If found, then you should upgrade to the latest version: # pacman-g2 -Sy jasper Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/536 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAkj7pLAACgkQZ7NElSD1Vhn4DQCggTYERz8Z3HtAv2RsxTF/XcaY o+0AoKIv86/zcmXlvlL3tphknhi1E80G =veGu -----END PGP SIGNATURE----- From vmiklos at frugalware.org Sun Oct 19 23:22:57 2008 From: vmiklos at frugalware.org (Miklos Vajna) Date: Sun Oct 19 23:22:59 2008 Subject: [Frugalware-security] [ FSA-537 ] libpng Message-ID: <20081019212257.4A0AE1190001@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-537 Date: 2008-10-19 Package: libpng Vulnerable versions: <= 1.2.29-1 Unaffected versions: >= 1.2.32-1solaria1 Related bugreport: http://bugs.frugalware.org/task/3367 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3964 Description =========== A vulnerability has been reported in libpng, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an off-by-one error within the "png_push_read_zTXt()" function in pngread.c when processing malicious PNG images with specially crafted zTXt chunks, which can be exploited to crash an application using the library. Updated Packages ================ Check if you have libpng installed: # pacman-g2 -Q libpng If found, then you should upgrade to the latest version: # pacman-g2 -Sy libpng Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/537 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAkj7pTEACgkQZ7NElSD1Vhk79gCgoNjaKXn7JinLdUfGmyuCXKNR sBMAoJZy9PiO30M1xvmVqAjhnL8rTbXV =5YO+ -----END PGP SIGNATURE----- From vmiklos at frugalware.org Sun Oct 19 23:24:41 2008 From: vmiklos at frugalware.org (Miklos Vajna) Date: Sun Oct 19 23:24:43 2008 Subject: [Frugalware-security] [ FSA-538 ] django Message-ID: <20081019212441.56C651190001@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-538 Date: 2008-10-19 Package: django Vulnerable versions: <= 0.96.2-1 Unaffected versions: >= 1.0-1solaria1 Related bugreport: http://bugs.frugalware.org/task/3372 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3909 Description =========== A vulnerability has been reported in Django, which can be exploited by malicious people to conduct cross-site request forgery attacks. The vulnerability is caused due to the Django administration application not performing any validity checks to verify requests when re-authenticating the user. This can be exploited to delete and edit data when a not logged-in user e.g. visits a malicious web site and is then enticed to log in to the application. Updated Packages ================ Check if you have django installed: # pacman-g2 -Q django If found, then you should upgrade to the latest version: # pacman-g2 -Sy django Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/538 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAkj7pZkACgkQZ7NElSD1VhkNcACgkDtA7EBWDYVnJTcu2udGylB2 UwYAn0/YVl0dj2Wyj5AkwKmxPTy1vFTL =z50c -----END PGP SIGNATURE----- From vmiklos at frugalware.org Sun Oct 19 23:26:59 2008 From: vmiklos at frugalware.org (Miklos Vajna) Date: Sun Oct 19 23:27:01 2008 Subject: [Frugalware-security] [ FSA-539 ] mediawiki Message-ID: <20081019212659.A57A71190001@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-539 Date: 2008-10-19 Package: mediawiki Vulnerable versions: <= 1.12.0-1 Unaffected versions: >= 1.13.2-1solaria1 Related bugreport: http://bugs.frugalware.org/task/3382 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4408 Description =========== A vulnerability has been reported in MediaWiki, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "useskin" parameter is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Successful exploitation requires that $wgUseSiteCss is enabled, which is the default. Updated Packages ================ Check if you have mediawiki installed: # pacman-g2 -Q mediawiki If found, then you should upgrade to the latest version: # pacman-g2 -Sy mediawiki Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/539 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAkj7piMACgkQZ7NElSD1Vhnv6ACfZrIZ28Qu9C2Q7xI1htqLxVZF RAwAn05Y6RVEMprg1QwX3HuPNpEze88Y =GquU -----END PGP SIGNATURE----- From vmiklos at frugalware.org Sun Oct 19 23:29:10 2008 From: vmiklos at frugalware.org (Miklos Vajna) Date: Sun Oct 19 23:29:13 2008 Subject: [Frugalware-security] [ FSA-540 ] mplayer Message-ID: <20081019212910.D4FA81190001@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-540 Date: 2008-10-19 Package: mplayer Vulnerable versions: <= 1.0rc2-6 Unaffected versions: >= 1.0rc2-7solaria1 Related bugreport: http://bugs.frugalware.org/task/3371 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3827 Description =========== Some vulnerabilities have been reported in MPlayer, which potentially can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused due to multiple boundary errors within the "demux_real_fill_buffer()" function in libmpdemux/demux_real.c. These can be exploited to cause heap-based buffer overflows via specially crafted Real Media files. Successful exploitation may allow execution of arbitrary code. Updated Packages ================ Check if you have mplayer installed: # pacman-g2 -Q mplayer If found, then you should upgrade to the latest version: # pacman-g2 -Sy mplayer Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/540 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAkj7pqYACgkQZ7NElSD1VhlWvgCfYWIgkVrKAUO103TVFNwJLCQS jsAAn1KlfQd8+OciSZMLwGhhgvFnflSO =YWwG -----END PGP SIGNATURE----- From vmiklos at frugalware.org Sun Oct 19 23:31:19 2008 From: vmiklos at frugalware.org (Miklos Vajna) Date: Sun Oct 19 23:31:23 2008 Subject: [Frugalware-security] [ FSA-541 ] dovecot Message-ID: <20081019213119.D8AE91190001@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-541 Date: 2008-10-19 Package: dovecot Vulnerable versions: <= 1.1.2-1 Unaffected versions: >= 1.1.4-1solaria1 Related bugreport: http://bugs.frugalware.org/task/3387 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4577 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4578 Description =========== Two security issues have been reported in Dovecot, which can be exploited by malicious users to bypass certain security restrictions. 1) The problem is that the ACL plugin interprets negative access rights as positive access rights, potentially giving an unprivileged user access to restricted resources. 2) An error in the ACL plugin when imposing mailbox creation restrictions can be exploited to create "parent/child/child" mailboxes. Updated Packages ================ Check if you have dovecot installed: # pacman-g2 -Q dovecot If found, then you should upgrade to the latest version: # pacman-g2 -Sy dovecot Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/541 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAkj7pycACgkQZ7NElSD1Vhn9swCfcjGXuZjFTWD30ZIfez3UJBo5 FL0An1xz6vx2gWrHM67G6ZjSIHx/SWYd =MXdM -----END PGP SIGNATURE----- From vmiklos at frugalware.org Sun Oct 19 23:33:43 2008 From: vmiklos at frugalware.org (Miklos Vajna) Date: Sun Oct 19 23:33:46 2008 Subject: [Frugalware-security] [ FSA-542 ] mantis Message-ID: <20081019213343.E83DD1190001@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-542 Date: 2008-10-19 Package: mantis Vulnerable versions: <= 1.1.2-1 Unaffected versions: >= 1.1.4-1solaria1 Related bugreport: http://bugs.frugalware.org/task/3411 CVE: No CVE, see http://milw0rm.com/exploits/6768 Description =========== EgiX has discovered a vulnerability in Mantis, which can be exploited by malicious users to compromise a vulnerable system. Input passed to the "sort" parameter in manage_proj_page.php is not properly sanitised before being used in a "create_function()" call. This can be exploited to execute arbitrary PHP code. Successful exploitation requires valid user credentials. Updated Packages ================ Check if you have mantis installed: # pacman-g2 -Q mantis If found, then you should upgrade to the latest version: # pacman-g2 -Sy mantis Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/542 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAkj7p7cACgkQZ7NElSD1VhkkWACfa770ab+txoC8Cm0ynZSc7J/K sGoAn0FMdOrgpiWu2VNWo8lV/myiJUWw =hNpw -----END PGP SIGNATURE----- From vmiklos at frugalware.org Wed Oct 22 13:27:43 2008 From: vmiklos at frugalware.org (Miklos Vajna) Date: Wed Oct 22 13:27:47 2008 Subject: [Frugalware-security] [ FSA-543 ] wireshark Message-ID: <20081022112743.11ACF119019C@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-543 Date: 2008-10-22 Package: wireshark Vulnerable versions: <= 1.0.3-1solaria1 Unaffected versions: >= 1.0.4-1solaria1 Related bugreport: http://bugs.frugalware.org/task/3417 CVE: No CVE, see http://www.wireshark.org/security/wnpa-sec-2008-06.html Description =========== Some vulnerabilities and a weakness have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service). 1) An error within the Bluetooth ACL dissector can be exploited to cause a crash via specially crafted packets. 2) An error within the Q.931 dissector can be exploited to cause a crash via specially crafted packets. 3) Uninitialised data structures within the Bluetooth RFCOMM and USB dissector can be exploited to cause a crash via specially crafted packets. Updated Packages ================ Check if you have wireshark installed: # pacman-g2 -Q wireshark If found, then you should upgrade to the latest version: # pacman-g2 -Sy wireshark Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/543 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAkj/Di8ACgkQZ7NElSD1VhlGYACgjBt8+ttasOgdSVY4IdzT1EUL V9gAn2rsz22cav06AAYMDnAslGaygcjp =xnTu -----END PGP SIGNATURE----- From vmiklos at frugalware.org Wed Oct 22 13:33:33 2008 From: vmiklos at frugalware.org (Miklos Vajna) Date: Wed Oct 22 13:33:35 2008 Subject: [Frugalware-security] [ FSA-544 ] libxml2 Message-ID: <20081022113333.1E1ED119019C@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-544 Date: 2008-10-22 Package: libxml2 Vulnerable versions: <= 2.6.32-2 Unaffected versions: >= 2.7.2-1solaria1 Related bugreport: http://bugs.frugalware.org/task/3402 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3281 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3529 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4422 Description =========== Two vulnerabilities have been reported in Libxml2, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library. 1) A recursion error exists when processing certain XML content. This can be exploited to e.g. exhaust all available memory and CPU resources by tricking an application using Libxml2 into processing specially crafted XML documents. 2) A boundary error in the processing of long XML entity names in parser.c can be exploited to cause a heap-based buffer overflow when specially crafted XML content is parsed. 3) A vulnerability is caused due to an error in the processing of XML files and can be exploited to exhaust all available memory via a specially crafted XML file containing a predefined entity inside an entity definition. Successful exploitation may allow execution of arbitrary code. Updated Packages ================ Check if you have libxml2 installed: # pacman-g2 -Q libxml2 If found, then you should upgrade to the latest version: # pacman-g2 -Sy libxml2 Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/544 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAkj/D40ACgkQZ7NElSD1Vhl1GgCfYkqUgaYZHh/mSxkpqNFSQQ0h 8D0AoJeCWYl+7c2y4WZEynqSblJcESZg =zCRZ -----END PGP SIGNATURE----- From vmiklos at frugalware.org Wed Oct 22 16:16:35 2008 From: vmiklos at frugalware.org (Miklos Vajna) Date: Wed Oct 22 16:16:37 2008 Subject: [Frugalware-security] [ FSA-545 ] proftpd Message-ID: <20081022141635.5261011901A1@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-545 Date: 2008-10-22 Package: proftpd Vulnerable versions: <= 1.3.1-4 Unaffected versions: >= 1.3.1-5solaria1 Related bugreport: http://bugs.frugalware.org/task/3370 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4242 Description =========== A vulnerability has been reported in ProFTPD, which can be exploited by malicious people to conduct cross-site request forgery attacks. The vulnerability is caused due to the application truncating an overly long FTP command, and improperly interpreting the remainder string as a new FTP command. This can be exploited to execute arbitrary FTP commands with the privileges of another user by e.g. tricking the user into following a malicious link. Updated Packages ================ Check if you have proftpd installed: # pacman-g2 -Q proftpd If found, then you should upgrade to the latest version: # pacman-g2 -Sy proftpd Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/545 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAkj/NcMACgkQZ7NElSD1Vhn1OQCfU9VW4/6O2gPh+gXJ9nXGhA+q riYAn380oLHktFxWOC63wzsQ+ebJMTCe =YNxI -----END PGP SIGNATURE----- From vmiklos at frugalware.org Wed Oct 22 16:19:10 2008 From: vmiklos at frugalware.org (Miklos Vajna) Date: Wed Oct 22 16:19:13 2008 Subject: [Frugalware-security] [ FSA-546 ] vlc Message-ID: <20081022141910.B5057119019C@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-546 Date: 2008-10-22 Package: vlc Vulnerable versions: <= 0.9.1-1 Unaffected versions: >= 0.9.4-1solaria1 Related bugreport: http://bugs.frugalware.org/task/3408 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4558 Description =========== A vulnerability has been reported by VLC Media Player, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a signedness error within the "parse_track_node()" function in modules/demux/playlist/xspf.c. This can be exploited to corrupt memory via a specially crafted XSPF file containing a negative "identifier" attribute. Successful exploitation may allow execution of arbitrary code. Updated Packages ================ Check if you have vlc installed: # pacman-g2 -Q vlc If found, then you should upgrade to the latest version: # pacman-g2 -Sy vlc Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/546 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAkj/Nl4ACgkQZ7NElSD1VhlNhwCfavndxf+8R/EplnoppANY5LdJ tsEAoJx6aYeoG6VpiZaJ83Qv8W+1Z6BJ =BTKJ -----END PGP SIGNATURE-----