From vmiklos at frugalware.org Wed Aug 17 00:50:20 2011 From: vmiklos at frugalware.org (Miklos Vajna) Date: Wed, 17 Aug 2011 00:50:20 +0200 (CEST) Subject: [Frugalware-security] [ FSA-734 ] flashplugin Message-ID: <20110816225020.B710B1358448@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-734 Date: 2011-08-17 Package: flashplugin Vulnerable versions: <= 10.3.181.34-1 Unaffected versions: >= 10.3.183.5-1mores1 Related bugreport: http://bugs.frugalware.org/task/4545 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2130 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2134 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2135 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2136 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2137 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2138 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2139 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2140 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2414 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2415 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2416 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2417 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2424 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2425 Description =========== Multiple vulnerabilities have been reported in Adobe Flash Player, which can be exploited by malicious people to disclose sensitive information and compromise a user's system. 1) An unspecified error can be exploited to cause a buffer overflow and potentially execute arbitrary code. 2) An unspecified error can be exploited to cause a buffer overflow and potentially execute arbitrary code. 3) An error exists within a certain ActionScript function in the "flash.display" class when parsing certain parameters and can be exploited to corrupt memory and potentially execute arbitrary code. 4) An integer overflow error within a certain ActionScript function can be exploited to corrupt memory and potentially execute arbitrary code. 5) An unspecified error can be exploited to cause a buffer overflow and potentially execute arbitrary code. 6) An integer overflow error when handling the "scroll" method of the ActionScript Bitmap class can be exploited to corrupt memory. 7) An unspecified error can be exploited to disclose certain information from another domain. 8) An unspecified error can be exploited to corrupt memory and potentially execute arbitrary code. 9) An unspecified error can be exploited to cause a buffer overflow and potentially execute arbitrary code. 10) An error within the "Setslot()" method when parsing a certain field from an SWF file can be exploited to cause a buffer overflow and potentially execute arbitrary code. 11) An integer overflow error within a certain ActionScript function can be exploited to corrupt memory and potentially execute arbitrary code. 12) An unspecified error can be exploited to corrupt memory and potentially execute arbitrary code. 13) An error within the "Bitmapdata" class when parsing a certain field from an SWF file can be exploited to corrupt memory and potentially execute arbitrary code. 14) 80 unspecified errors of various types when parsing SWF file content may be exploited to corrupt memory. Updated Packages ================ Check if you have flashplugin installed: # pacman-g2 -Q flashplugin If found, then you should upgrade to the latest version: # pacman-g2 -Sy flashplugin Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/734 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAk5K9CwACgkQZ7NElSD1VhndVQCcCpXflVLUIWyzN7yl1T6xO1PQ NGwAn3UMuACr72i7xchLtfvYihExYIZa =7v5T -----END PGP SIGNATURE----- From vmiklos at frugalware.org Mon Aug 22 00:47:24 2011 From: vmiklos at frugalware.org (Miklos Vajna) Date: Mon, 22 Aug 2011 00:47:24 +0200 (CEST) Subject: [Frugalware-security] [ FSA-735 ] xpdf Message-ID: <20110821224724.1341E1358448@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-735 Date: 2011-08-22 Package: xpdf Vulnerable versions: <= 3.02-6 Unaffected versions: >= 3.02-7mores1 Related bugreport: http://bugs.frugalware.org/task/4236 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1188 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609 Description =========== Some vulnerabilities have been reported in Xpdf, which can be exploited by malicious people to potentially compromise a user's system. 1) Multiple integer overflows in "SplashBitmap::SplashBitmap()" can be exploited to cause heap-based buffer overflows. 2) An integer overflow error in "ObjectStream::ObjectStream()" can be exploited to cause a heap-based buffer overflow. 3) Multiple integer overflows in "Splash::drawImage()" can be exploited to cause heap-based buffer overflows. 4) An integer overflow error in "PSOutputDev::doImageL1Sep()" can be exploited to cause a heap-based buffer overflow when converting a PDF document to a PS file. Successful exploitation of the vulnerabilities may allow execution of arbitrary code by tricking a user into opening a specially crafted PDF file. Updated Packages ================ Check if you have xpdf installed: # pacman-g2 -Q xpdf If found, then you should upgrade to the latest version: # pacman-g2 -Sy xpdf Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/735 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAk5RivsACgkQZ7NElSD1VhlOowCfcJIcK0OUPTl1jwbZElHkq8Yi VrcAoJSvzeSg0h6npqMLTpkYA8e6mKZD =epOF -----END PGP SIGNATURE----- From vmiklos at frugalware.org Tue Aug 23 09:30:48 2011 From: vmiklos at frugalware.org (Miklos Vajna) Date: Tue, 23 Aug 2011 09:30:48 +0200 (CEST) Subject: [Frugalware-security] [ FSA-736 ] roundcube Message-ID: <20110823073048.C79171358448@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-736 Date: 2011-08-23 Package: roundcube Vulnerable versions: <= 0.3-2 Unaffected versions: >= 0.5.4-1mores1 Related bugreport: http://bugs.frugalware.org/task/4554 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2937 Description =========== A vulnerability has been reported in RoundCube Webmail, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "_mbox" parameter to various scripts is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Updated Packages ================ Check if you have roundcube installed: # pacman-g2 -Q roundcube If found, then you should upgrade to the latest version: # pacman-g2 -Sy roundcube Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/736 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAk5TVygACgkQZ7NElSD1VhktKACbB9i0UAKv0xs+M7YFzkGjCcE9 VNQAnRmS8pQp5vBVQCvvfzuLy1wuAhBd =1SWv -----END PGP SIGNATURE----- From vmiklos at frugalware.org Wed Aug 24 14:05:26 2011 From: vmiklos at frugalware.org (Miklos Vajna) Date: Wed, 24 Aug 2011 14:05:26 +0200 (CEST) Subject: [Frugalware-security] [ FSA-737 ] mantis Message-ID: <20110824120526.3348A135844A@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-737 Date: 2011-08-24 Package: mantis Vulnerable versions: <= 1.2.5-1 Unaffected versions: >= 1.2.7-1mores1 Related bugreport: http://bugs.frugalware.org/task/4553 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2938 Description =========== A vulnerability has been discovered in MantisBT, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "project_id" parameter to search.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Updated Packages ================ Check if you have mantis installed: # pacman-g2 -Q mantis If found, then you should upgrade to the latest version: # pacman-g2 -Sy mantis Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/737 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEUEARECAAYFAk5U6QUACgkQZ7NElSD1VhnVFACfSKhSu5aYuyxgxYzBFtxtrMwS B6wAlRjqtWT7Z5o6ZIksdqG8Dxk+vxY= =e16z -----END PGP SIGNATURE----- From vmiklos at frugalware.org Sat Aug 27 09:26:22 2011 From: vmiklos at frugalware.org (Miklos Vajna) Date: Sat, 27 Aug 2011 09:26:22 +0200 (CEST) Subject: [Frugalware-security] [ FSA-738 ] krb5 Message-ID: <20110827072622.DB1991420A75@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-738 Date: 2011-08-27 Package: krb5 Vulnerable versions: <= 1.7-6 Unaffected versions: >= 1.7.2-1mores1 Related bugreport: http://bugs.frugalware.org/task/4256 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0628 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1320 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1321 Description =========== 1) A vulnerability has been reported in Kerberos, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an assertion error within the "spnego_gss_accept_sec_context()" function in src/lib/gssapi/spnego/spnego_mech.c when receiving an invalid packet, which can be exploited to e.g. crash an application using the library by sending a specially crafted packet. 2) Joel Johnson has reported a vulnerability in Kerberos, which can be exploited by malicious users to potentially compromise a vulnerable system. The vulnerability is caused due to an error in KDC within the "process_tgs_req()" function in kdc/do_tgs_req.c when validating or renewing tickets and can be exploited to trigger a double-free condition. Successful exploitation may allow execution of arbitrary code. 3) A vulnerability has been reported in Kerberos, which can be exploited by malicious users to cause a DoS (Denial of Service). The vulnerability is caused due to a NULL pointer dereference error when processing certain Kerberos AP-REQ authenticators, which can be exploited to cause a crash in e.g. kadmind or other applications linked against the GSS-API library by sending an AP-REQ authenticator with a missing checksum field. Updated Packages ================ Check if you have krb5 installed: # pacman-g2 -Q krb5 If found, then you should upgrade to the latest version: # pacman-g2 -Sy krb5 Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/738 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAk5YnBwACgkQZ7NElSD1VhkjwACeMDZWilfmhzqueSDcUmi8HpVv /tkAoJ8ZxbT7ne9LC2v3uvjz7kYcEvk9 =p5EJ -----END PGP SIGNATURE----- From vmiklos at frugalware.org Sun Aug 28 20:46:17 2011 From: vmiklos at frugalware.org (Miklos Vajna) Date: Sun, 28 Aug 2011 20:46:17 +0200 (CEST) Subject: [Frugalware-security] [ FSA-739 ] stunnel Message-ID: <20110828184617.4A5FE1420A77@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-739 Date: 2011-08-28 Package: stunnel Vulnerable versions: <= 4.39-1 Unaffected versions: >= 4.42-1mores1 Related bugreport: http://bugs.frugalware.org/task/4552 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2940 Description =========== A vulnerability has been reported in Stunnel, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. The vulnerability is caused due to an unspecified error and can be exploited to corrupt heap memory. Updated Packages ================ Check if you have stunnel installed: # pacman-g2 -Q stunnel If found, then you should upgrade to the latest version: # pacman-g2 -Sy stunnel Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/739 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAk5ajPgACgkQZ7NElSD1VhkPSQCfZ6QCyAjyXcUEEUW5vrT14fM5 +1wAn34KGxhipISFTpi9CNh1EtyzRUEc =Sy8x -----END PGP SIGNATURE----- From vmiklos at frugalware.org Mon Aug 29 19:05:11 2011 From: vmiklos at frugalware.org (Miklos Vajna) Date: Mon, 29 Aug 2011 19:05:11 +0200 (CEST) Subject: [Frugalware-security] [ FSA-740 ] phpmyadmin Message-ID: <20110829170511.AE36F1420A75@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-740 Date: 2011-08-29 Package: phpmyadmin Vulnerable versions: <= 3.4.3.2-1 Unaffected versions: >= 3.4.4-1mores1 Related bugreport: http://bugs.frugalware.org/task/4567 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3181 Description =========== Some vulnerabilities have been reported in phpMyAdmin, which can be exploited by malicious users to conduct script insertion attacks. Certain input passed to table, column, and index names is not properly sanitised before being used in the Tracking feature. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. Updated Packages ================ Check if you have phpmyadmin installed: # pacman-g2 -Q phpmyadmin If found, then you should upgrade to the latest version: # pacman-g2 -Sy phpmyadmin Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/740 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAk5bxscACgkQZ7NElSD1VhkoJwCgnJ2muQhLM4HmW/VxNyCp/HkZ rn4Anixb7X/0fLyBJX3PpX5ldr6q1orQ =g074 -----END PGP SIGNATURE-----