From vmiklos at frugalware.org Sun May 3 12:25:13 2009 From: vmiklos at frugalware.org (Miklos Vajna) Date: Sun, 3 May 2009 12:25:13 +0200 (CEST) Subject: [Frugalware-security] [ FSA-593 ] blender Message-ID: <20090503102513.708A311F0828@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-593 Date: 2009-05-03 Package: blender Vulnerable versions: <= 2.48a-1 Unaffected versions: >= 2.48a-2anacreon1 Related bugreport: http://bugs.frugalware.org/task/3726 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4863 Description =========== A vulnerability has been reported in Blender, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to Blender using the current working directory as part of the module search path, which can be exploited to e.g. execute arbitrary Python code with the privileges of another user by tricking the user into executing Blender in a directory containing a Python file named like one of the modules Blender uses. Updated Packages ================ Check if you have blender installed: # pacman-g2 -Q blender If found, then you should upgrade to the latest version: # pacman-g2 -Sy blender Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/593 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAkn9cQkACgkQZ7NElSD1VhmV4ACgiLi+ErVSBewsc7gJjIiIuW1g 7f4An1bPGXOHppvyj5eYbxa7ZX1XLJ9q =3Buz -----END PGP SIGNATURE----- From vmiklos at frugalware.org Sun May 3 13:16:26 2009 From: vmiklos at frugalware.org (Miklos Vajna) Date: Sun, 3 May 2009 13:16:26 +0200 (CEST) Subject: [Frugalware-security] [ FSA-594 ] drupal Message-ID: <20090503111626.33E0411F0828@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-594 Date: 2009-05-03 Package: drupal Vulnerable versions: <= 5.16-1 Unaffected versions: >= 5.17-1anacreon1 Related bugreport: http://bugs.frugalware.org/task/3759 CVE: No CVE, see http://drupal.org/node/449078. Description =========== Some vulnerabilities have been reported in Drupal, which can be exploited by malicious people to conduct script insertion attacks or to disclose potentially sensitive information. 1) User provided input is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is viewed and interpreted as UTF-7. Successful exploitation requires the ability to post content. 2) An unspecified error can be exploited to disclose information about form submissions when a user is tricked into submitting a form after following a specially crafted link to the site. This can further be exploited to conduct e.g. cross-site request forgery attacks. Updated Packages ================ Check if you have drupal installed: # pacman-g2 -Q drupal If found, then you should upgrade to the latest version: # pacman-g2 -Sy drupal Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/594 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAkn9fQoACgkQZ7NElSD1Vhl7AQCgl48HJvU0WmBlcz54hesTGl8f 9lQAn3iumH3YFxeceDs2CsTJ0w0yS6a/ =Y/CF -----END PGP SIGNATURE----- From vmiklos at frugalware.org Sun May 3 13:17:40 2009 From: vmiklos at frugalware.org (Miklos Vajna) Date: Sun, 3 May 2009 13:17:40 +0200 (CEST) Subject: [Frugalware-security] [ FSA-595 ] drupal6 Message-ID: <20090503111740.D37DE11F0828@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-595 Date: 2009-05-03 Package: drupal6 Vulnerable versions: <= 6.10-1 Unaffected versions: >= 6.11-1anacreon1 Related bugreport: http://bugs.frugalware.org/task/3760 CVE: No CVE, see http://drupal.org/node/449078. Description =========== See FSA594. Updated Packages ================ Check if you have drupal6 installed: # pacman-g2 -Q drupal6 If found, then you should upgrade to the latest version: # pacman-g2 -Sy drupal6 Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/595 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAkn9fVQACgkQZ7NElSD1VhnBswCdESqcKc3dgP5FOhU5gNpFk0ZZ zGoAn3PjrLWEnU3ZOMhkZbt0zb83sT59 =1aeb -----END PGP SIGNATURE----- From vmiklos at frugalware.org Sun May 3 13:27:08 2009 From: vmiklos at frugalware.org (Miklos Vajna) Date: Sun, 3 May 2009 13:27:08 +0200 (CEST) Subject: [Frugalware-security] [ FSA-596 ] udev Message-ID: <20090503112708.2361E11F0828@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-596 Date: 2009-05-03 Package: udev Vulnerable versions: <= 139-1 Unaffected versions: >= 141-1anacreon1 Related bugreport: http://bugs.frugalware.org/task/3745 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1185 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1186 Description =========== Some vulnerabilities have been reported in udev, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or gain escalated privileges. 1) A vulnerability is caused due to udev not properly verifying the credentials of received NETLINK messages. This can be exploited to gain escalated privileges by sending multicast NETLINK messages. 2) A vulnerability is caused due to a boundary error within the "util_path_encode()" function in udev/lib/libudev-util.c. This can be exploited to cause a crash by providing specially crafted input. Updated Packages ================ Check if you have udev installed: # pacman-g2 -Q udev If found, then you should upgrade to the latest version: # pacman-g2 -Sy udev Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/596 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAkn9f4wACgkQZ7NElSD1VhkvkACfaI9AY+iZqjxrS1107pfOA+QI LAsAn34MMIyXilmU7T4ZVW22J3y3dXNA =QgrB -----END PGP SIGNATURE----- From vmiklos at frugalware.org Sun May 3 20:27:02 2009 From: vmiklos at frugalware.org (Miklos Vajna) Date: Sun, 3 May 2009 20:27:02 +0200 (CEST) Subject: [Frugalware-security] [ FSA-597 ] firefox Message-ID: <20090503182702.E63C811F0828@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-597 Date: 2009-05-03 Package: firefox Vulnerable versions: <= 3.0.8-1anacreon1 Unaffected versions: >= 3.0.10-1anacreon1 Related bugreport: http://bugs.frugalware.org/task/3755 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1302 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1303 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1304 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1305 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1306 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1307 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1308 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1309 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1310 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1311 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1312 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1313 Description =========== Some vulnerabilities, security issues, and a weakness have been reported in Mozilla Firefox, which can be exploited by malicious people to disclose potentially sensitive information, bypass certain security restrictions, conduct cross-site scripting and cross-site request forgery attacks, and potentially compromise a user's system. 1) Multiple errors in the browser engine can be exploited to corrupt memory and potentially execute arbitrary code. 2) Multiple errors in the JavaScript engine can be exploited to corrupt memory and potentially execute arbitrary code. 3) An error exists when the "jar:" scheme is used to wrap a URI, which serves content with "Content-Disposition: attachment". This can be exploited to e.g. conduct cross-site scripting attacks on sites that allow users to upload arbitrary content, which is served as "application/java-archive" or "application/x-jar", and that rely on the HTTP header "Content-Disposition: attachment" to prevent potentially untrusted content. 4) An error when loading a Adobe Flash file via the "view-source:" scheme can be exploited to conduct cross-site request forgery attacks or read and write Local Shared Objects on a user's system e.g. for tracking purposes. 5) An error in the processing of XBL bindings can be exploited to conduct script insertion attacks on sites that allow user to embed third-party stylesheets. 6) Errors in "XMLHttpRequest" and "XPCNativeWrapper.toString" can be exploited to bypass the same-origin policy and potentially execute code with chrome privileges. 7) A weakness in the handling of "SearchForm" URIs can be exploited to execute arbitrary script code in the context of an arbitrary site when a user performs an empty search in a specially crafted plugin. 8) An error in the handling of POST data may result in unintended information disclosure. When an inner frame of a web page is saved as file POST data of the outer page is sent to the URL of the inner frame. 9) An error in the processing of the "Refresh" header can potentially be exploited to conduct cross-site scripting attacks. 10) A vulnerability is caused due to an error when calling the "nsTextFrame::ClearTextRun()" function and can be exploited to corrupt memory. Updated Packages ================ Check if you have firefox installed: # pacman-g2 -Q firefox If found, then you should upgrade to the latest version: # pacman-g2 -Sy firefox Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/597 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEUEARECAAYFAkn94fYACgkQZ7NElSD1VhnnhwCfQYar/zzmzVm38KNmumbJvWTc FNIAljtIUJ1QfojnvDUKrmI1Md2iw7s= =B0rR -----END PGP SIGNATURE----- From vmiklos at frugalware.org Sun May 3 21:03:51 2009 From: vmiklos at frugalware.org (Miklos Vajna) Date: Sun, 3 May 2009 21:03:51 +0200 (CEST) Subject: [Frugalware-security] [ FSA-598 ] openssl Message-ID: <20090503190351.B06CA11F0828@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-598 Date: 2009-05-03 Package: openssl Vulnerable versions: <= 0.9.8-16 Unaffected versions: >= 0.9.8-17anacreon1 Related bugreport: http://bugs.frugalware.org/task/3746 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0591 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0789 Description =========== Some vulnerabilities have been reported in OpenSSL, which can be exploited by malicious people to bypass certain security restrictions or cause a DoS (Denial of Service). 1) An error exists in the "ASN1_STRING_print_ex()" function when printing "BMPString" or "UniversalString" strings. This can be exploited to trigger an access to invalid memory and cause a crash via an illegal encoded string length when e.g. printing the contents of a certificate. 2) The "CMS_verify()" function incorrectly handles an error condition when processing malformed signed attributes. This can be exploited to trick an application into considering a malformed set of signed attributes valid and skip further checks. Successful exploitation requires access to a previously generated invalid signature. 3) An error when processing malformed ASN1 structures can be exploited to trigger an access to invalid memory and cause a crash via a specially crafted certificate. Updated Packages ================ Check if you have openssl installed: # pacman-g2 -Q openssl If found, then you should upgrade to the latest version: # pacman-g2 -Sy openssl Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/598 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAkn96pcACgkQZ7NElSD1VhnhjACfegZ7pVLfXRLBrspuI6DMMU3R 1Y0AnA8Xuhs/dMjGdXgBf9dEIqO6tDlR =qt9X -----END PGP SIGNATURE----- From vmiklos at frugalware.org Sun May 3 21:07:23 2009 From: vmiklos at frugalware.org (Miklos Vajna) Date: Sun, 3 May 2009 21:07:23 +0200 (CEST) Subject: [Frugalware-security] [ FSA-599 ] j2sdk Message-ID: <20090503190723.0BDC111F0828@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-599 Date: 2009-05-03 Package: j2sdk Vulnerable versions: <= 6-13 Unaffected versions: >= 6-14anacreon1 Related bugreport: http://bugs.frugalware.org/task/3721 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1093 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1094 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1095 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1096 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1097 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1098 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1099 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1100 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1101 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1102 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1103 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1104 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1105 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1106 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1107 Description =========== Some vulnerabilities have been reported in Sun Java, which can be exploited by malicious people to bypass certain security restrictions, cause a DoS (Denial of Service), or potentially compromise a user's system. 1) An error while initialising LDAP connections can be exploited to render the LDAP service unresponsive. 2) An error in the JRE LDAP client implementation can be exploited to load and execute arbitrary code via specially crafted data received from a malicious LDAP server. 3) An integer overflow error in JRE when unpacking applets and in Java Web Start applications using the "unpack200" JAR unpacking utility can be exploited to potentially execute arbitrary code. 4) An error in JRE when unpacking applets and in Java Web Start applications using the "unpack200" JAR unpacking utility can be exploited to cause a buffer overflow and potentially execute arbitrary code. 5) Two errors when storing and processing temporary font files can be exploited by an untrusted applet or a Java Web Start application to consume an overly large amount of disk space. 6) An error in the Java Plug-in when deserializing applets can be exploited to e.g. read, write, or execute local files. 7) The Java Plug-in allows JavaScript code loaded from the local system to connect to arbitrary local ports. This can be exploited in combination with cross-site scripting attacks to access normally restricted local ports. 8) The Java Plug-in allows applets to run in earlier versions of JRE if approved by the user. This can be exploited to trick a user into loading a malicious applet into an old and potentially vulnerable JRE version. 9) An error in the Java Plug-in when processing crossdomain.xml files can be exploited by an untrusted applet to connect to arbitrary domains providing a crossdomain.xml file. 10) An error in the Java Plug-in can be exploited by a signed applet to alter the contents of the security dialog and trick a user into trusting the applet. 11) An error in the JRE virtual machine when generating code can be exploited to e.g. read, write, or execute local files. 12) An integer overflow error in JRE when processing PNG splash screen images can be exploited by an untrusted Java Web Start application to cause a buffer overflow and potentially execute arbitrary code. 13) An error in JRE when processing GIF splash screen images can be exploited by an untrusted Java Web Start application to cause a buffer overflow and potentially execute arbitrary code. 14) An error in JRE when processing GIF images can be exploited by an untrusted applet or an untrusted Java Web Start application to cause a buffer overflow and potentially execute arbitrary code. 15) A signedness error in JRE when processing Type1 fonts can be exploited to cause corrupt heap memory and potentially execute arbitrary code. 16) An unspecified error in the JRE HTTP server implementation can be exploited to render a JAX-WS service endpoint unresponsive. Updated Packages ================ Check if you have j2sdk installed: # pacman-g2 -Q j2sdk If found, then you should upgrade to the latest version: # pacman-g2 -Sy j2sdk Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/599 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEUEARECAAYFAkn962sACgkQZ7NElSD1VhnpNwCYrqpp71mPd+D0grfZFTPnC8ND iQCdEgqIue4baM7yEqwx1pKIq0bY2u8= =kRf9 -----END PGP SIGNATURE----- From vmiklos at frugalware.org Mon May 4 12:02:41 2009 From: vmiklos at frugalware.org (Miklos Vajna) Date: Mon, 4 May 2009 12:02:41 +0200 (CEST) Subject: [Frugalware-security] [ FSA-600 ] horde-webmail Message-ID: <20090504100241.BEF7411F0828@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-600 Date: 2009-05-04 Package: horde-webmail Vulnerable versions: <= 1.2.2-1 Unaffected versions: >= 1.2.3-1anacreon1 Related bugreport: http://bugs.frugalware.org/task/3765 CVE: No CVE for this issue, see http://lists.horde.org/archives/announce/2009/000506.html. Description =========== A vulnerability has been reported in Horde IMP and Horde Groupware Webmail Edition, which can be exploited by malicious users to conduct spoofing attacks. The vulnerability is caused due to the application caching PGP keys from local address books. This can be exploited to insert manipulated public PGP keys to the cache, which can result e.g. in incorrectly signed incoming messages being displayed as valid. Successful exploitation requires a valid user account and that caching and PGP support is enabled. Updated Packages ================ Check if you have horde-webmail installed: # pacman-g2 -Q horde-webmail If found, then you should upgrade to the latest version: # pacman-g2 -Sy horde-webmail Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/600 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAkn+vUEACgkQZ7NElSD1VhklfQCgmpAe5l1TG4W224N+o7dOAAwW fucAoJU3Ld6Fg06TSPXrHBh6TwL3wvNq =O/vD -----END PGP SIGNATURE----- From vmiklos at frugalware.org Thu May 7 12:24:57 2009 From: vmiklos at frugalware.org (Miklos Vajna) Date: Thu, 7 May 2009 12:24:57 +0200 (CEST) Subject: [Frugalware-security] [ FSA-601 ] file Message-ID: <20090507102457.5F6FD11F0828@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-601 Date: 2009-05-07 Package: file Vulnerable versions: <= 5.00-1 Unaffected versions: >= 5.02-1anacreon1 Related bugreport: http://bugs.frugalware.org/task/3763 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0947 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0948 Description =========== A vulnerability has been reported in file, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to a boundary error within the "cdf_read_sat()" function in src/cdf.c. This can be exploited to cause a heap-based buffer overflow via a specially crafted compound document file. Successful exploitation may allow execution of arbitrary code. Updated Packages ================ Check if you have file installed: # pacman-g2 -Q file If found, then you should upgrade to the latest version: # pacman-g2 -Sy file Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/601 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAkoCtvkACgkQZ7NElSD1VhlUfgCfWgMR8b95koyZyQ13UCz6MZgi ztgAn18G4ia0YLwOTAF3f/IdgQq2TnY6 =ZPxB -----END PGP SIGNATURE----- From vmiklos at frugalware.org Thu May 14 12:48:29 2009 From: vmiklos at frugalware.org (Miklos Vajna) Date: Thu, 14 May 2009 12:48:29 +0200 (CEST) Subject: [Frugalware-security] [ FSA-602 ] kernel Message-ID: <20090514104829.7746911F0819@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-602 Date: 2009-05-14 Package: kernel Vulnerable versions: <= 2.6.28-5 Unaffected versions: >= 2.6.28-6anacreon1 Related bugreport: http://bugs.frugalware.org/task/3767 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1337 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1192 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1265 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0787 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0676 Description =========== 1) The exit_notify function in kernel/exit.c does not restrict exit signals when the CAP_KILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application. 2) drivers/char/agp/generic.c in the agp subsystem does not zero out pages that may later be available to a user-space process, which allows local users to obtain sensitive information by reading these pages. 3) Integer overflow in rose_sendmsg (sys/net/af_rose.c) might allow remote attackers to obtain sensitive information via a large length value, which causes "garbage" memory to be sent (DoS from local network). 4) The ecryptfs_write_metadata_to_contents function in the eCryptfs functionality uses an incorrect size when writing kernel memory to an eCryptfs file header, which triggers an out-of-bounds read and allows local users to obtain portions of kernel memory. 5) The sock_getsockopt function in net/core/sock.c does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel memory via an SO_BSDCOMPAT getsockopt request (local privilege escalation). Updated Packages ================ Check if you have kernel installed: # pacman-g2 -Q kernel If found, then you should upgrade to the latest version: # pacman-g2 -Sy kernel Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/602 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAkoL9vwACgkQZ7NElSD1Vhl/jwCghIn/z/1expjoriXvbWqr9ckH aoYAn1Fnvxd27vkyX/tUB4DM4skHvRru =KpJ3 -----END PGP SIGNATURE----- From vmiklos at frugalware.org Thu May 14 12:54:31 2009 From: vmiklos at frugalware.org (Miklos Vajna) Date: Thu, 14 May 2009 12:54:31 +0200 (CEST) Subject: [Frugalware-security] [ FSA-603 ] drupal Message-ID: <20090514105431.A7EAD11F063C@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-603 Date: 2009-05-14 Package: drupal Vulnerable versions: <= 5.17-1anacreon1 Unaffected versions: >= 5.18-1anacreon1 Related bugreport: http://bugs.frugalware.org/task/3776 CVE: No CVE for this issue, see http://drupal.org/node/461902 Description =========== A vulnerability has been reported in Drupal, which can be exploited by malicious users to conduct script insertion attacks. User provided input is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is viewed and interpreted as UTF-7. Successful exploitation requires valid user credentials and privileges to edit pages for HTML exports or "administer taxonomy" permissions. Updated Packages ================ Check if you have drupal installed: # pacman-g2 -Q drupal If found, then you should upgrade to the latest version: # pacman-g2 -Sy drupal Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/603 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAkoL+GcACgkQZ7NElSD1VhkddQCffbU5pcTYGz9FieGUVpsn07u4 vbwAoIilNfwlmeWbdddxZmJ4v+Low9Bu =klYM -----END PGP SIGNATURE----- From vmiklos at frugalware.org Thu May 14 12:56:24 2009 From: vmiklos at frugalware.org (Miklos Vajna) Date: Thu, 14 May 2009 12:56:24 +0200 (CEST) Subject: [Frugalware-security] [ FSA-604 ] drupal6 Message-ID: <20090514105624.3151411F063C@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-604 Date: 2009-05-14 Package: drupal6 Vulnerable versions: <= 6.11-1anacreon1 Unaffected versions: >= 6.12-1anacreon1 Related bugreport: http://bugs.frugalware.org/task/3777 CVE: No CVE for this issue, see http://drupal.org/node/461882 Description =========== See FSA603. Updated Packages ================ Check if you have drupal6 installed: # pacman-g2 -Q drupal6 If found, then you should upgrade to the latest version: # pacman-g2 -Sy drupal6 Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/604 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAkoL+NgACgkQZ7NElSD1VhlivgCcDu20V4ndz45HX59VGWUMDFoU 1PQAoJIc2sy4xFH5plnYjBZqlsOs+GLt =OcfT -----END PGP SIGNATURE----- From vmiklos at frugalware.org Mon May 18 11:59:59 2009 From: vmiklos at frugalware.org (Miklos Vajna) Date: Mon, 18 May 2009 11:59:59 +0200 (CEST) Subject: [Frugalware-security] [ FSA-605 ] xpdf Message-ID: <20090518095959.EF8F511F063C@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-605 Date: 2009-05-18 Package: xpdf Vulnerable versions: <= 3.02-5 Unaffected versions: >= 3.02-6anacreon1 Related bugreport: http://bugs.frugalware.org/task/3770 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183 Description =========== Some vulnerabilities have been reported in Xpdf, which can be exploited by malicious people to potentially compromise a user's system. 1) A boundary error exists when decoding JBIG2 symbol dictionary segments. This can be exploited to cause a heap-based buffer overflow and potentially execute arbitrary code. 2) Multiple integer overflows in the JBIG2 decoder can be exploited to potentially execute arbitrary code. 3) Multiple boundary errors in the JBIG2 decoder can be exploited to cause buffer overflows and potentially execute arbitrary code. 4) Multiple errors in the JBIG2 decoder can be exploited can be exploited to free arbitrary memory and potentially execute arbitrary code. 5) Multiple unspecified input validation errors in the JBIG2 decoder can be exploited to potentially execute arbitrary code. NOTE: Additionally, various other JBIG2 processing errors can be exploited to cause crashes. Updated Packages ================ Check if you have xpdf installed: # pacman-g2 -Q xpdf If found, then you should upgrade to the latest version: # pacman-g2 -Sy xpdf Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/605 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAkoRMZ8ACgkQZ7NElSD1Vhnx+QCcCiXOJICq+7Oua/6kPtbnyNB1 wAoAnjixAl2xHCN2OO23HLeSGdbsi3fq =KfbX -----END PGP SIGNATURE----- From vmiklos at frugalware.org Sat May 30 12:39:06 2009 From: vmiklos at frugalware.org (Miklos Vajna) Date: Sat, 30 May 2009 12:39:06 +0200 (CEST) Subject: [Frugalware-security] [ FSA-606 ] wireshark Message-ID: <20090530103906.C6A9011F063D@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-606 Date: 2009-05-30 Package: wireshark Vulnerable versions: <= 1.0.7-1anacreon1 Unaffected versions: >= 1.0.8-1anacreon1 Related bugreport: http://bugs.frugalware.org/task/3787 CVE: No CVE reference, see http://www.wireshark.org/security/wnpa-sec-2009-03.html. Description =========== A vulnerability has been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error in the PCNFSD dissector and can be exploited to cause a crash via a specially crafted PCNFSD packet. Updated Packages ================ Check if you have wireshark installed: # pacman-g2 -Q wireshark If found, then you should upgrade to the latest version: # pacman-g2 -Sy wireshark Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/606 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAkohDMoACgkQZ7NElSD1VhnqZgCdH7qmkVGgewrzpYhvgHtHV3Wd I/MAnRstRr7Vd2eGK96ZKK5me9sWHHQI =KJ0U -----END PGP SIGNATURE----- From vmiklos at frugalware.org Sat May 30 12:42:02 2009 From: vmiklos at frugalware.org (Miklos Vajna) Date: Sat, 30 May 2009 12:42:02 +0200 (CEST) Subject: [Frugalware-security] [ FSA-607 ] ntp Message-ID: <20090530104202.C6A3911F063C@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-607 Date: 2009-05-30 Package: ntp Vulnerable versions: <= 4.2.4p6-1 Unaffected versions: >= 4.2.4p7-1anacreon1 Related bugreport: http://bugs.frugalware.org/task/3792 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1252 Description =========== A vulnerability has been reported in NTP, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. The vulnerability is caused due to a boundary error within the "crypto_recv()" function in ntpd/ntp_crypto.c. This can be exploited to cause a stack-based buffer overflow via a specially crafted packet sent to the "ntpd". Successful exploitation allows execution of arbitrary code, but requires that Autokey Authentication is configured via "crypto pw [password]" in ntp.conf. Updated Packages ================ Check if you have ntp installed: # pacman-g2 -Q ntp If found, then you should upgrade to the latest version: # pacman-g2 -Sy ntp Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/607 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAkohDXoACgkQZ7NElSD1VhlG2ACeJxqbTTawYySUa3SdkGUqvRex 5bUAnjEAfDOx+bqptc+G64yQdkmKi057 =jhi0 -----END PGP SIGNATURE-----