From vmiklos at frugalware.org Sun Jul 3 12:00:37 2011 From: vmiklos at frugalware.org (Miklos Vajna) Date: Sun, 3 Jul 2011 12:00:37 +0200 (CEST) Subject: [Frugalware-security] [ FSA-727 ] drupal7 Message-ID: <20110703100037.6E3C2BAC006@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-727 Date: 2011-07-03 Package: drupal7 Vulnerable versions: <= 7.2-1nexon1 Unaffected versions: >= 7.4-1nexon1 Related bugreport: http://bugs.frugalware.org/task/4521 CVE: No CVE, see http://drupal.org/node/1204582 Description =========== A vulnerability has been reported in Drupal, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to the node_access system restrictions not being enforced and can be exploited to view otherwise restricted nodes. NOTE: This affects the taxonomy and forum subsystems. Updated Packages ================ Check if you have drupal7 installed: # pacman-g2 -Q drupal7 If found, then you should upgrade to the latest version: # pacman-g2 -Sy drupal7 Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/727 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAk4QPcUACgkQZ7NElSD1Vhk9ywCfbo5FgpOQesAQbIPReY8+bHzK 2GoAn3kp0/O6rLAUYLKFI4oF5+r/L/+P =T619 -----END PGP SIGNATURE----- From vmiklos at frugalware.org Sun Jul 3 12:11:34 2011 From: vmiklos at frugalware.org (Miklos Vajna) Date: Sun, 3 Jul 2011 12:11:34 +0200 (CEST) Subject: [Frugalware-security] [ FSA-728 ] wordpress Message-ID: <20110703101134.047BABAC007@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-728 Date: 2011-07-03 Package: wordpress Vulnerable versions: <= 3.1.3-1nexon1 Unaffected versions: >= 3.1.4-1nexon1 Related bugreport: http://bugs.frugalware.org/task/4522 CVE: No CVE, see http://wordpress.org/news/2011/06/wordpress-3-1-4/ Description =========== Multiple vulnerabilities have been reported in WordPress, which can be exploited by malicious users to bypass certain security restrictions and conduct SQL injection attacks. 1) An unspecified error can be exploited to gain further access to the site. 2) Input passed via the "order" and "orderby" parameters to wp-admin/link-manager.php and wp-admin/edit-tags.php is not properly sanitised in wp-includes/taxonomy.php before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation requires the "Editor" role. Updated Packages ================ Check if you have wordpress installed: # pacman-g2 -Q wordpress If found, then you should upgrade to the latest version: # pacman-g2 -Sy wordpress Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/728 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAk4QQFUACgkQZ7NElSD1Vhk+BQCeI1Do5VnSvrne9TOc0UhQdcz8 23QAn0oJ8ODi2S23WBMYsy9jC26bkoBx =zLgF -----END PGP SIGNATURE----- From vmiklos at frugalware.org Thu Jul 7 00:50:22 2011 From: vmiklos at frugalware.org (Miklos Vajna) Date: Thu, 7 Jul 2011 00:50:22 +0200 (CEST) Subject: [Frugalware-security] [ FSA-729 ] phpmyadmin Message-ID: <20110706225022.C2986BAC006@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-729 Date: 2011-07-07 Package: phpmyadmin Vulnerable versions: <= 3.3.9.2-1nexon1 Unaffected versions: >= 3.4.3.1-1nexon1 Related bugreport: http://bugs.frugalware.org/task/4525 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2505 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2506 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2507 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2508 Description =========== Some vulnerabilities have been reported in phpMyAdmin, which can be exploited by malicious users to disclose sensitive information and by malicious users and malicious people to compromise a vulnerable system. 1) An error within the "Swekey_login()" function in libraries/auth/swekey/swekey.auth.lib.php can be exploited to overwrite session variables and e.g. inject and execute arbitrary PHP code. 2) Input passed to the "PMA_createTargetTables()" function in libraries/server_synchronize.lib.php is not properly sanitised before calling the "preg_replace()" function with the "e" modifier. This can be exploited to execute arbitrary PHP code via URL-encoded NULL bytes. 3) Input passed to the "PMA_displayTableBody()" function in libraries/display_tbl.lib.php is not properly sanitised before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal sequences. NOTE: A weakness in setup scripts, which could lead to arbitrary PHP code injection if session variables are overwritten has also been reported. Updated Packages ================ Check if you have phpmyadmin installed: # pacman-g2 -Q phpmyadmin If found, then you should upgrade to the latest version: # pacman-g2 -Sy phpmyadmin Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/729 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAk4U5q4ACgkQZ7NElSD1VhnKjACgjeqIQXC+i6NJ9D0UQ+1Y9IkF QugAn0v1kU1uvoVOqqJOZYTbT86hBOx1 =mt3i -----END PGP SIGNATURE----- From vmiklos at frugalware.org Wed Jul 27 01:00:32 2011 From: vmiklos at frugalware.org (Miklos Vajna) Date: Wed, 27 Jul 2011 01:00:32 +0200 (CEST) Subject: [Frugalware-security] [ FSA-730 ] drupal6-devel Message-ID: <20110726230032.60C28BAC006@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-730 Date: 2011-07-27 Package: drupal6-devel Vulnerable versions: <= 6.x_1.23-1 Unaffected versions: >= 6.x_1.25-1nexon1 Related bugreport: http://bugs.frugalware.org/task/4531 CVE: No CVE references, see http://drupal.org/node/1224852 Description =========== A vulnerability has been reported in the Devel module for Drupal, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application allows users to perform certain actions in the Switch User block via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain unspecified actions by tricking a logged in user into visiting a malicious web site. Updated Packages ================ Check if you have drupal6-devel installed: # pacman-g2 -Q drupal6-devel If found, then you should upgrade to the latest version: # pacman-g2 -Sy drupal6-devel Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/730 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAk4vRxAACgkQZ7NElSD1Vhk4cgCfcVvmyV3EW37CmKE0FqI9fCUR DqAAn1RWI4oYrtgxSKMRE2VMywIf9Jev =H1jr -----END PGP SIGNATURE----- From vmiklos at frugalware.org Wed Jul 27 01:03:44 2011 From: vmiklos at frugalware.org (Miklos Vajna) Date: Wed, 27 Jul 2011 01:03:44 +0200 (CEST) Subject: [Frugalware-security] [ FSA-731 ] wireshark Message-ID: <20110726230344.7C02EBAC007@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-731 Date: 2011-07-27 Package: wireshark Vulnerable versions: <= 1.4.7-1nexon1 Unaffected versions: >= 1.6.1-1nexon1 Related bugreport: http://bugs.frugalware.org/task/4532 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2597 Description =========== Two vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service). 1) An error in the Lucent/Ascend file parser can be exploited to cause an infinite loop via specially crafted packets. 2) An infinite recursion error in the "elem_cell_id_list()" function in epan/dissectors/packet-ansi_a.c can be exploited to cause a stack overflow e.g. via a specially crafted MAP packet. Updated Packages ================ Check if you have wireshark installed: # pacman-g2 -Q wireshark If found, then you should upgrade to the latest version: # pacman-g2 -Sy wireshark Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/731 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAk4vR9AACgkQZ7NElSD1VhlcZQCfRbYW0Q3Mn2lrZj84QN9DUUCq 0Q0AnRSeYQIZAoXhjQcbs6y3T8Cfry70 =GqV7 -----END PGP SIGNATURE----- From vmiklos at frugalware.org Wed Jul 27 01:08:06 2011 From: vmiklos at frugalware.org (Miklos Vajna) Date: Wed, 27 Jul 2011 01:08:06 +0200 (CEST) Subject: [Frugalware-security] [ FSA-732 ] phpmyadmin Message-ID: <20110726230806.312EDBAC006@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-732 Date: 2011-07-27 Package: phpmyadmin Vulnerable versions: <= 3.4.3.1-1nexon1 Unaffected versions: >= 3.4.3.2-1nexon1 Related bugreport: http://bugs.frugalware.org/task/4536 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2642 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2643 Description =========== Multiple vulnerabilities have been reported in phpMyAdmin, which can be exploited by malicious users to conduct cross-site scripting attacks and potentially compromise a vulnerable system and by malicious people to disclose potentially sensitive information and potentially compromise a vulnerable system. 1) Certain input passed to the table name in the table print view script is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Successful exploitation of this vulnerability requires that a specially crafted table name exists. 2) Certain input passed to the MIME-type transformation parameter is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources. Successful exploitation of this vulnerability requires that the configuration storage mechanism is configured. 3) Certain input passed to an unspecified parameter in the 'relational schema' code is not properly sanitised before being used to concatenate a class name. This can be exploited to include arbitrary files from local resources. 4) An unspecified error within the Swekey authentication can be exploited to overwrite session variables. Updated Packages ================ Check if you have phpmyadmin installed: # pacman-g2 -Q phpmyadmin If found, then you should upgrade to the latest version: # pacman-g2 -Sy phpmyadmin Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/732 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAk4vSNYACgkQZ7NElSD1VhlL3ACfQSUaBJUjIXuOwtBzUD61MEFB VokAoIJT+arZulQocDhSZvHF6kcZWTMc =msRx -----END PGP SIGNATURE----- From vmiklos at frugalware.org Sat Jul 30 23:48:47 2011 From: vmiklos at frugalware.org (Miklos Vajna) Date: Sat, 30 Jul 2011 23:48:47 +0200 (CEST) Subject: [Frugalware-security] [ FSA-733 ] drupal7 Message-ID: <20110730214847.7822BBAC007@genesis.frugalware.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Frugalware Security Advisory FSA-733 Date: 2011-07-30 Package: drupal7 Vulnerable versions: <= 7.4-1nexon1 Unaffected versions: >= 7.7-1nexon1 Related bugreport: http://bugs.frugalware.org/task/4538 CVE: No CVE references, see http://drupal.org/node/1231510 Description =========== A vulnerability has been reported in Drupal, which can be exploited by malicious users to bypass certain security restrictions. The vulnerability is caused due to the application not properly restricting access to files attached to a comment when access to the comment is restricted, which can be exploited to e.g. download the files. Updated Packages ================ Check if you have drupal7 installed: # pacman-g2 -Q drupal7 If found, then you should upgrade to the latest version: # pacman-g2 -Sy drupal7 Availability ============ The latest revision of this advisory is available at http://frugalware.org/security/733 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: See http://ftp.frugalware.org/pub/README.GPG for info iEYEARECAAYFAk40fD4ACgkQZ7NElSD1VhmPyQCfRJwrM6vINRLd/od5VJfb6aaZ E/4An01RSf1+mDVhRlWzPxHdnF4oblrM =ct2I -----END PGP SIGNATURE-----