Releases

frugalware-0.8 (Kalgan)
Mar 11, 2008

frugalware-0.7 (Sayshell)
Oct 13, 2007

frugalware-0.6 (Terminus)
Mar 22, 2007

frugalware-0.5 (Siwenna)
Sep 14, 2006

frugalware-0.4 (Wanda)
Mar 30, 2006

frugalware-0.3 (Trantor)
Oct 13, 2005

frugalware-0.2 (Aurora)
Apr 28, 2005

frugalware-0.1 (Genesis)
Nov 02, 2004

RSS

Donations

Donate to support our development efforts.

Recent updates
devel-core/
 pacman-tools
1.1.2-2solaria1-x86_64
devel-core/
 pacman-tools
1.1.2-2solaria1-i686
base/pacman-g2
3.7.2-2solaria1-x86_64
base/pacman-g2
3.7.2-2solaria1-i686
devel-extra/fwsetup
0.9.5-2solaria1-x86_64
devel-extra/fwsetup
0.9.5-2solaria1-i686
devel-extra/fwsetup
0.9.5-1-x86_64
devel-extra/fwsetup
0.9.5-1-i686
xapps/splashy
0.3.11-4-i686
xapps/splashy
0.3.11-4-i686

RSS
Languages
Change language | Change language | Change language | Change language | Change language | Change language | Change language
Information
Go Frugalware, Go
Valid XHTML 1.0!
Valid CSS!
Valid RSS!
Server information
Uptime:
10 day(s) 9 h 8 m 54 s
Frugalware Security Announcements (FSAs)
This is a list of security announcments that have been released for the current stable version of Frugalware
FSA525 - pidgin
Package:pidgin
Date:2008-08-31
Vulnerable version:2.4.3-1kalgan1
Unaffected version:2.4.3-1kalgan2
Bug tracker entry:http://bugs.frugalware.org/task/3308
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3532
Description:A security issue has been reported in Pidgin, which can be exploited by malicious people to conduct spoofing attacks. The problem is that the certificate presented by e.g. a Jabber server at the beginning of an SSL session is not verified. This can be exploited to spoof valid servers via a man-in-the-middle attack. Successful exploitation requires that Pidgin is configured to use the NSS plugin.
FSA524 - graphicsmagick
Package:graphicsmagick
Date:2008-08-31
Vulnerable version:1.1.14-1kalgan1
Unaffected version:1.2.4-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3204
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3134
Description:Some vulnerabilities have been reported in GraphicsMagick, which can be exploited by malicious people to cause a DoS (Denial of Service). 1) Multiple errors exist in the AVI, AVS, DCM, EPT, FITS, MTV, PALM, RLA, and TGA decoders. These can be exploited to trigger crashes, overly large memory allocations, or the execution of infinite loops. 2) An error within the "GetImageCharacteristics()" function in magick/image.c can be exploited to crash an affected application via specially crafted e.g. PNG, JPEG, BMP, or TIFF files.
FSA523 - poppler
Package:poppler
Date:2008-08-31
Vulnerable version:0.6.4-1
Unaffected version:0.6.4-2kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3311
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2950
Description:A vulnerability has been reported in Poppler, which potentially can be exploited by malicious people to compromise an application using the library. The vulnerability is caused due to the "Page" constructor leaving the "pageWidgets" object uninitialized under specific circumstances. This can be exploited to potentially trigger the "free()" of an arbitrary address when the object is deleted. Successful exploitation may allow execution of arbitrary code via a specially crafted PDF file.
FSA522 - mono
Package:mono
Date:2008-08-31
Vulnerable version:1.2.6-3
Unaffected version:1.2.6-4kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3306
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3422
Description:Dean Brettle has reported some security issues in Mono, which can be exploited by malicious people to conduct cross-site scripting attacks. The security issues are caused due to Mono's ASP.net implementation not properly sanitising certain attributes (e.g. "HtmlSelect.Value", "HtmlSelect.Text", and the "action" attribute of the "form" element). This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
FSA521 - openttd
Package:openttd
Date:2008-08-31
Vulnerable version:0.5.3-1
Unaffected version:0.6.2-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3303
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3576 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3577
Description:A vulnerability has been reported in OpenTTD, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the "TruncateString()" function in src/gfx.cpp. This can be exploited to potentially cause a buffer overflow via a specially crafted string. Successful exploitation may allow execution of arbitrary code.
FSA520 - freetype2
Package:freetype2
Date:2008-08-31
Vulnerable version:2.3.5-2
Unaffected version:2.3.7-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3178
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1806 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1807 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1808
Description:Some vulnerabilities have been reported in FreeType, which potentially can be exploited by malicious people to compromise an application using the library. 1) An integer overflow error exists in the processing of PFB font files. This can be exploited to cause a heap-based buffer overflow via a PFB file containing a specially crafted "Private" dictionary table. 2) An error in the processing of PFB font files can be exploited to trigger the "free()" of memory areas that are not allocated on the heap. 3) An off-by-one error exists in the processing of PFB font files. This can be exploited to cause a one-byte heap-based buffer overflow via a specially crafted PFB file. 4) An off-by-one error exists in the implementation of the "SHC" instruction while processing TTF files. This can be exploited to cause a one-byte heap-based buffer overflow via a specially crafted TTF file. Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
FSA519 - httrack
Package:httrack
Date:2008-08-31
Vulnerable version:3.42-1
Unaffected version:3.42_3-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3304
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3429
Description:A security issue has been reported in HTTrack, which potentially can be exploited by malicious people to compromise a vulnerable system. The security issue is caused due to a boundary error when processing command line arguments. This can be exploited to cause a buffer overflow by passing overly long URLs to the application.
FSA518 - python
Package:python
Date:2008-08-29
Vulnerable version:2.5.2-2kalgan1
Unaffected version:2.5.2-2kalgan2
Bug tracker entry:http://bugs.frugalware.org/task/3286
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2315 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2316 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3142 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3142
Description:Some vulnerabilities have been reported in Python, where some have unknown impact and others can potentially be exploited by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system. 1) Various integer overflow errors exist in core modules e.g. stringobject, unicodeobject, bufferobject, longobject, tupleobject, stropmodule, gcmodule, mmapmodule. 2) An integer overflow in the hashlib module can lead to an unreliable cryptographic digest results. 3) Integer overflow errors in the processing of unicode strings can be exploited to cause buffer overflows on 32-bit systems. 4) An integer overflow exists in the PyOS_vsnprintf() function on architectures that do not have a "vsnprintf()" function. 5) An integer underflow error in the PyOS_vsnprintf() function when passing zero-length strings can lead to memory corruption. Successful exploitation of some of these vulnerabilities may allow to crash an application or to execute arbitrary code, but depends on the implementation of an Python application.
FSA517 - apache
Package:apache
Date:2008-08-29
Vulnerable version:2.2.8-2kalgan1
Unaffected version:2.2.8-2kalgan2
Bug tracker entry:http://bugs.frugalware.org/task/3307
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939
Description:A vulnerability has been reported in Apache, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to mod_proxy_ftp via an URL containing a FTP wildcard character (e.g. "*"), is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
FSA516 - links
Package:links
Date:2008-08-29
Vulnerable version:2.1pre33-1
Unaffected version:2.1-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3272
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3329
Description:Unspecified vulnerability in Links before 2.1, when "only proxies" is enabled, has unknown impact and attack vectors related to providing "URLs to external programs."
FSA515 - ruby
Package:ruby
Date:2008-08-29
Vulnerable version:1.8.6-4
Unaffected version:1.8.6-5kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3300
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3655 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3656 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3657 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3443
Description:Some vulnerabilities have been reported in Ruby, which can be exploited by malicious people to bypass certain security restrictions, cause a DoS (Denial of Service), and conduct spoofing attacks. 1) Multiple errors in the implementation of safe level restrictions can be exploited to call "untrace_var()", perform syslog operations, and modify "$PROGRAM_NAME" at safe level 4, or call insecure methods at safe levels 1 through 3. 2) An error exists in the usage of regular expressions in "WEBrick::HTTPUtils.split_header_value()". This can be exploited to consume large amounts of CPU via a specially crafted HTTP request. 3) An error in "DL" can be exploited to bypass security restrictions and call potentially dangerous functions. 4) The vulnerability is caused due to resolv.rb not sufficiently randomising the DNS query port number, which can be exploited to poison the DNS cache.
FSA514 - libxslt
Package:libxslt
Date:2008-08-29
Vulnerable version:1.1.22-2kalgan1
Unaffected version:1.1.22-2kalgan2
Bug tracker entry:http://bugs.frugalware.org/task/3285
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2935
Description:Chris Evans has reported some vulnerabilities in libxslt, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library. The vulnerabilities are caused due to boundary errors within crypto.c when handling the XSLT "crypto:rc4_encrypt" and "crypto:rc4_decrypt" functions. This can be exploited to cause a heap-based buffer overflow via a specially crafted stylesheet.
FSA513 - git
Package:git
Date:2008-08-26
Vulnerable version:1.5.4.3-1
Unaffected version:1.5.6.4-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3305
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3546
Description:Stack-based buffer overflow in the (1) diff_addremove and (2) diff_change functions in GIT before 1.5.6.4 might allow local users to execute arbitrary code via a PATH whose length is larger than the system's PATH_MAX when running GIT utilities such as git-diff or git-grep.
FSA512 - amarok
Package:amarok
Date:2008-08-26
Vulnerable version:1.4.8-2
Unaffected version:1.4.10-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3312
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3699
Description:A security issue has been reported in Amarok, which can be exploited by malicious, local users to perform certain actions with escalated privileges. The security issue is caused due to the "MagnatuneBrowser::listDownloadComplete()" function handling temporary files in an insecure manner. This can be exploited via symlink attacks in combination with a race condition to overwrite arbitrary files with the privileges of the user running the application.
FSA511 - pdns
Package:pdns
Date:2008-08-26
Vulnerable version:2.9.21-3
Unaffected version:2.9.21.1-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3309
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3337
Description:A weakness has been reported in PowerDNS, which can be exploited by malicious people to conduct spoofing attacks. The weakness is caused due to the server dropping DNS queries for invalid DNS records within a valid domain. This can be exploited to facilitate the spoofing of the valid domain on third-party DNS servers.
FSA510 - thunderbird
Package:thunderbird
Date:2008-08-26
Vulnerable version:2.0.0.14-1kalgan1
Unaffected version:2.0.0.16-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3206
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2798 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2799 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2802 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2803 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2811
Description:Some vulnerabilities have been reported in Mozilla Thunderbird, which potentially can be exploited by malicious people to compromise a user's system. For more information, see FSA509
FSA509 - firefox
Package:firefox
Date:2008-08-26
Vulnerable version:2.0.0.14-1kalgan1
Unaffected version:2.0.0.15-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3202
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2798 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2799 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2800 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2801 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2802 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2803 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2805 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2806 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2807 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2808 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2809 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2810 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2811
Description:Some vulnerabilities have been reported in Mozilla Firefox, which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks, bypass certain security restrictions, disclose sensitive information, or potentially compromise a user's system. 1) Multiple errors in the layout and JavaScript engines can be exploited to corrupt memory. 2) An error in the handling of unprivileged XUL documents can be exploited to load Chrome scripts from a "fastload" file via "script" elements. 3) An error in the "mozIJSSubScriptLoader.LoadScript()" function can be exploited to bypass XPCNativeWrappers and run arbitrary code with Chrome privileges. Successful exploitation requires that an add-on using the affected function is installed. 4) An error in the block reflow process can be exploited to cause a crash or potentially execute arbitrary code. 5) An error in the processing of file URLs contained within local directory listings can potentially be exploited to execute malicious JavaScript content. 6) Multiple errors in the implementation of the JavaScript same origin policy can be exploited to execute arbitrary script code in the context of a different domain. 7) Multiple errors in the verification of signed JAR files can be exploited to execute arbitrary JavaScript code with the privileges of the JAR's signer. 8) An error in the implementation of file upload forms can be exploited to upload arbitrary local files to a remote webserver via specially crafted "DOM Range" and "originalTarget" elements. 9) An error in the Java LiveConnect implementation on Mac OS X can be exploited to establish arbitrary socket connections. 10) An uninitialized memory access in the processing of improperly encoded ".properties" files can potentially be exploited to disclose sensitive memory via an add-on using the malformed file. 11) An error in the processing of "Alt Names" provided by "peer" trusted certificates can be exploited to conduct spoofing attacks. 12) An error in the processing of Windows URL shortcuts can be exploited to run a remote site as a local file.
FSA507 - postfix
Package:postfix
Date:2008-08-16
Vulnerable version:2.4.6-1
Unaffected version:2.4.7-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3296
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2936 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2937
Description:Sebastian Krahmer has reported some security issues in Postfix, which can be exploited by malicious, local users to disclose potentially sensitive information and perform certain actions with escalated privileges. 1) A security issue is caused due to Postfix incorrectly handling symlink files. This can be exploited to e.g. append mail messages to arbitrary files by creating a hardlink to a symlink owned by the root user. Successful exploitation requires write permission to the mail spool directory, that there is no "root" mailbox, and users can create a hardlink to a symlink (e.g. Linux 2.x, Solaris, Irix 6.5). 2) A security issue is caused due to Postfix not correctly checking the ownership of the destination when delivering email. This can be exploited to e.g. disclose emails by creating an insecure mailbox file for other users. Successful exploitation requires permission to create files within the mail spool directory.
FSA506 - drupal
Package:drupal
Date:2008-08-16
Vulnerable version:5.9-1kalgan1
Unaffected version:5.10-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3299
CVEs:There is no CVE for this issue yet, see http://drupal.org/node/295053
Description:Some vulnerabilities have been reported in Drupal, which can be exploited by malicious users to conduct script insertion attacks and compromise a vulnerable system, and by malicious people to conduct cross-site scripting and cross-site request forgery attacks. 1) Input passed to an unspecified parameter is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) A vulnerability is caused by the fact that the private filesystem uses the MIME media type it receives from the web browser when handling uploads. This can be exploited for script insertion attacks. Successful exploitation of this vulnerability requires valid user credentials with the right to upload files. 3) A vulnerability is caused due to missing restrictions on what file types that users are allowed to upload in the BlogAPI module. This can be exploited to e.g. execute arbitrary PHP code. Successful exploitation of this vulnerability requires valid user credentials with the "administer content with blog api" permission. 4) A vulnerability is caused due to the application allowing users to perform certain actions via HTTP requests without performing any validity checks to verify the request. This can be exploited to add or delete user access rules, by enticing a logged-in user to visit a malicious web page.
FSA505 - phpmyadmin
Package:phpmyadmin
Date:2008-08-16
Vulnerable version:2.11.7.1-1kalgan1
Unaffected version:2.11.8.1-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3271
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3456 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3457
Description:Aung Khant has reported two vulnerabilities in phpMyAdmin, which can be exploited by malicious local users to conduct cross-site scripting attacks, and by malicious people to conduct spoofing attacks. 1) Many scripts except for index.php do not check if they are linked into another site's frames. This can potentially be used for spoofing and phishing attacks. 2) Input from the config/config.inc.php configuration file to scripts/setup.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
FSA504 - mantis
Package:mantis
Date:2008-08-15
Vulnerable version:1.1.1-1
Unaffected version:1.1.2-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3249
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2276 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3331 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3332 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3333
Description:Some vulnerabilities have been reported in Mantis, which can be exploited by malicious users to compromise a vulnerable system and malicious people to conduct cross-site scripting and request forgery attacks. 1) Input passed to the "filter_target" parameter in return_dynamic_filters.php is not properly sanitised before being returned to a user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) A vulnerability is caused due to the application allowing users to perform certain actions via HTTP requests without performing any validity checks to verify the request. This can be exploited to e.g. add a new user with administrative privileges by enticing a logged-in administrator to visit a malicious site. 3) Input passed to the "value" parameter in adm_config_set.php is not properly sanitised before being used in an "eval()" statement. This can be exploited to e.g. execute arbitrary PHP commands via a specially crafted request. Successful exploitation requires administrator access, but see vulnerability #2. 4) Input passed to the "language" parameter in account_prefs_update.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources.
FSA503 - openldap
Package:openldap
Date:2008-07-27
Vulnerable version:2.3.41-1
Unaffected version:2.3.43-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3207
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2952
Description:A vulnerability has been reported in OpenLDAP, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the "ber_get_next()" function in libraries/liblber/io.c. This can be exploited to trigger an "assert()" and terminate the "slapd" process via a specially crafted ASN.1 BER encoded packet.
FSA502 - afuse
Package:afuse
Date:2008-07-27
Vulnerable version:0.2-1
Unaffected version:0.2-2kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3243
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2232
Description:Anders Kaseorg discovered that afuse, an automounting file system in user-space, did not properly escape meta characters in paths. This allowed a local attacker with read access to the filesystem to execute commands as the owner of the filesystem.
FSA501 - phpbb
Package:phpbb
Date:2008-07-27
Vulnerable version:2.0.22-1
Unaffected version:3.0.2-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3244
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3224
Description:Unspecified vulnerability in phpBB before 3.0.1 has unknown impact and attack vectors related to "urls gone through redirect() being used within login_box()."
FSA500 - pidgin
Package:pidgin
Date:2008-07-27
Vulnerable version:2.3.1-2
Unaffected version:2.4.3-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3217
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2927
Description:Some vulnerabilities have been reported in Pidgin, which potentially can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused due to integer overflow errors in the "msn_slplink_process_msg" function in libpurple/protocols/msnp9/slplink.c and libpurple/protocols/msn/slplink.c, and can potentially be exploited to execute arbitrary code via a specially crafted SLP message. Successful exploitation requires that the attacker is allowed to send messages to a victim (by default only users in the buddy list).
FSA499 - ffmpeg
Package:ffmpeg
Date:2008-07-27
Vulnerable version:20070422-3
Unaffected version:20070422-4kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3252
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3162
Description:A vulnerability has been reported in FFmpeg, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error within the "str_read_packet()" function in libavformat/psxstr.c. This can be exploited to cause a heap-based buffer overflow via a specially crafted STR file.
FSA498 - checkinstall
Package:checkinstall
Date:2008-07-27
Vulnerable version:1.6.1-1
Unaffected version:1.6.1-2kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3209
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2958
Description:Two security issues have been reported in CheckInstall, which can be exploited by malicious, local users to perform certain actions with escalated privileges. The security issues are caused due to the "checkinstall" and "installwatch" scripts creating directories in an insecure manner. This can potentially be exploited via symlink attacks to delete or modify arbitrary files with the privileges of the user running the affected scripts.
FSA497 - byacc
Package:byacc
Date:2008-07-27
Vulnerable version:1.9-1
Unaffected version:1.9-2kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3251
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3196
Description:Otto Moerbeck has reported the following potential out of bounds of the allocated stack access in the yacc binary: Fix an venerable bug: if we're reducing a rule that has an empty right hand side and the yacc stackpointer is pointing at the very end of the allocated stack, we end up accessing the stack out of bounds by the implicit $$ = $1 action. Detected by my new malloc.
FSA496 - perl
Package:perl
Date:2008-07-27
Vulnerable version:5.10.0-3
Unaffected version:5.10.0-4kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3210
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2827
Description:Description: A vulnerability has been reported in Perl, which can be exploited by malicious, local user to perform actions with escalated privileges. The vulnerability is caused due to the insecure use of chmod on symbolic links and can be exploited to change permissions of arbitrary files to 0777 via symlink attacks.
FSA495 - bind
Package:bind
Date:2008-07-26
Vulnerable version:9.4.2-2
Unaffected version:9.4.2-3kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3219
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447
Description:A vulnerability has been reported in ISC BIND, which can be exploited by malicious people to poison the DNS cache. The vulnerability is caused due to the DNS servers not sufficiently randomising the DNS query port number, which can be exploited to poison the DNS cache.
FSA494 - wireshark
Package:wireshark
Date:2008-07-26
Vulnerable version:1.0.1-1kalgan1
Unaffected version:1.0.2-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3224
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3145
Description:A vulnerability has been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error when reassembling packets and can be exploited to cause the application to crash when processing a series of malformed packets that are either captured off the wire or loaded via a capture file.
FSA493 - drupal
Package:drupal
Date:2008-07-26
Vulnerable version:5.7-1
Unaffected version:5.9-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3256
CVEs:There is no CVE for this issue, see http://drupal.org/node/286417
Description:A vulnerability has been reported in Drupal, which can be exploited by malicious people to conduct session fixation attacks. An error in the handling of certain sessions can be exploited to hijack another user's session by tricking the user into logging in after following a specially crafted link.
FSA492 - drupal
Package:drupal
Date:2008-07-26
Vulnerable version:5.7-1
Unaffected version:5.9-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3222
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3219 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3220 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3221 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3222 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3223
Description:Some vulnerabilities have been reported in Drupal, which can be exploited by malicious people to conduct SQL injection and script insertion attacks. 1) The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the request. This can be exploited to e.g. delete OpenID identities or translation strings by enticing a logged-in user to visit a malicious site. 2) Certain input passed to numeric fields in the Schema API is not properly sanitised before being used in an SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
FSA491 - phpmyadmin
Package:phpmyadmin
Date:2008-07-26
Vulnerable version:2.11.7-1kalgan1
Unaffected version:2.11.7.1-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3247
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3197
Description:Aung Khant has discovered some vulnerabilities in phpMyAdmin, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the request. This can be exploited to create databases and change the connection character set for an authenticated user, who is tricked into visiting a malicious website.
FSA490 - clamav
Package:clamav
Date:2008-07-26
Vulnerable version:0.93.1-1kalgan1
Unaffected version:0.93.3-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3250
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2713
Description:A vulnerability has been reported in ClamAV, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to a boundary error in libclamav/petite.c. This can be exploited to trigger an out-of-bounds read via a specially crafted Petite packed executable.
FSA489 - kernel
Package:kernel
Date:2008-07-11
Vulnerable version:2.6.24-4kalgan3
Unaffected version:2.6.24-4kalgan4
Bug tracker entry:http://bugs.frugalware.org/task/3173
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2750
Description:A vulnerability has been reported in the Linux Kernel, which potentially can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to a boundary error in the "pppol2tp_recvmsg()" function and can potentially be exploited to corrupt kernel memory via a specially crafted PPP over L2TP packet.
FSA488 - wireshark
Package:wireshark
Date:2008-07-11
Vulnerable version:1.0.0-1kalgan1
Unaffected version:1.0.1-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3203
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3137 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3138 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3139 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3140 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3141
Description:Some vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to disclose potentially sensitive information or cause a DoS (Denial of Service). 1) An error in the GSM SMS dissector can be exploited to crash the application. 2) An error in the PANA and KISMET dissectors can be exploited to trigger an application exit. 3) An use-after-free error in the RTMPT dissector can be exploited to crash the application. 4) An unspecified error in the RMI dissector can be exploited to disclose system memory. 5) An error in the syslog dissector can be exploited to crash the application via an incomplete SS7 MSU syslog encapsulated packet.
FSA487 - phpmyadmin
Package:phpmyadmin
Date:2008-07-11
Vulnerable version:2.11.5.2-1kalgan1
Unaffected version:2.11.7-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3205
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2960
Description:Some vulnerabilities have been reported in phpMyAdmin, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via unspecified parameters to files in /libraries is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Successful exploitation requires that "register_globals" is enabled and support for ".htaccess" files is disabled.
FSA486 - opera
Package:opera
Date:2008-07-11
Vulnerable version:9.27-1kalgan1
Unaffected version:9.50-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3176
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2714 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2715 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2716
Description:Some vulnerabilities have been reported in Opera, which can be exploited by malicious people to disclose potentially sensitive information or to conduct spoofing attacks. 1) An error in the handling of certain characters in a page address can be exploited to e.g. make a site's address look like another site's address. 2) An error in the checking of the source of images when used by HTML CANVAS elements can be exploited to retrieve the image data. 3) Pages in frames are able to change the location of pages in other frames on the parent page.
FSA485 - courier-authlib
Package:courier-authlib
Date:2008-07-02
Vulnerable version:0.60.2-1
Unaffected version:0.60.6-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3180
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2667
Description:A vulnerability has been reported in the Courier Authentication Library, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via e.g. the username to the library is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code and e.g. potentially bypass authentication. Successful exploitation requires that a MySQL database is used for authentication and that a Non-Latin character set is selected.
FSA484 - xorg-server
Package:xorg-server
Date:2008-07-02
Vulnerable version:1.4.0.90-5
Unaffected version:1.4.0.90-6kalgan2
Bug tracker entry:http://bugs.frugalware.org/task/3175
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1377 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1379 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2360 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2361 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2362
Description:Some vulnerabilities have been reported in X.org X11, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, or to gain escalated privileges. 1) An integer overflow error when calculating the size of the glyph exists in the "AllocateGlyph()" function within the Render extension. This can be exploited to cause a heap-based buffer overflow via a specially crafted request. 2) An integer overflow error when calculating the size of the glyph in the "ProcRenderCreateCursor()" function within the Render extension can be exploited to crash the X server via a specially crafted request. 3) An integer overflow error exists in the Render extension when parsing client requests for the "SProcRenderCreateLinearGradient", "SProcRenderCreateRadialGradient", or "SProcRenderCreateConicalGradient" functions and can be exploited to corrupt heap memory. 4) Multiple input validation errors in the "SProcSecurityGenerateAuthorization()", "SProcRecordCreateContext()", and "SProcRecordRegisterClients()" functions within the Record and Security extensions can be exploited to corrupt heap memory via specially crafted requests. Successful exploitation of vulnerabilities #1, #3, and #4 may allow execution of arbitrary code with privileges of the X server (typically root). 5) An integer overflow error when processing parameters to the "ShmPutImage()" request can be exploited to disclose arbitrary memory of the X server process.
FSA483 - apache
Package:apache
Date:2008-07-02
Vulnerable version:2.2.8-1
Unaffected version:2.2.8-2kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3177
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364
Description:A vulnerability has been reported in the Apache mod_proxy module, which potentially can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error in the "ap_proxy_http_process_response()" function when forwarding interim responses. This can be exploited to consume large amounts of memory by tricking mod_proxy into sending an overly large number of interim responses to the client.
FSA482 - net-snmp
Package:net-snmp
Date:2008-06-26
Vulnerable version:5.4.1-4kalgan1
Unaffected version:5.4.1-4kalgan2
Bug tracker entry:http://bugs.frugalware.org/task/3142
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0960
Description:A vulnerability has been reported in Net-SNMP, which can be exploited by malicious people to spoof authenticated SNMPv3 packets. The vulnerability is caused due to an error within the verification of the HMAC digest. This can be exploited to increase the chance of successfully spoofing a packet to 1 in 256 by sending a specially crafted SNMPv3 packet with an incomplete 1 byte HMAC digest. Successful exploitation requires a valid username.
FSA481 - horde-webmail
Package:horde-webmail
Date:2008-06-26
Vulnerable version:1.1-1kalgan1
Unaffected version:1.1.1-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3167
CVEs:There is no CVE for this issue, see http://lists.horde.org/archives/announce/2008/000420.html.
Description:Some vulnerabilities have been reported in various Horde products, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks. 1) Input passed to item names is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is viewed. Successful exploitation requires valid user credentials. 2) Input passed to contact views is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is viewed. Successful exploitation requires valid user credentials. 3) Input passed to unspecified input is not properly sanitised before being returned to the user in the add event screen. This can be exploited to execute arbitrary HTML and script code in a user's browser session in contact of an affected site.
FSA480 - exiv2
Package:exiv2
Date:2008-06-26
Vulnerable version:0.16-1
Unaffected version:0.16-2kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3135
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2696
Description:A vulnerability has been reported in Exiv2, which potentially can be exploited by malicious people to crash an application using the library. The vulnerability is caused due to a floating point exception within the pretty printing functionality when processing certain Nicon camera lens information. This can be exploited to crash an application linked against the Exiv2 library when a image containing specially-crafted metadata is processed.
FSA479 - kernel
Package:kernel
Date:2008-06-24
Vulnerable version:2.6.24-4kalgan2
Unaffected version:2.6.24-4kalgan3
Bug tracker entry:http://bugs.frugalware.org/task/3140
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1673
Description:A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. The vulnerability is caused due to an error within the ASN.1 BER decoder of the cifs and ip_nat_snmp_basic modules when calculating the buffer size. This can be exploited to cause a crash or potentially execute arbitrary code by sending specially crafted BER encoded data to a vulnerable system.
FSA478 - xdvik
Package:xdvik
Date:2008-06-13
Vulnerable version:22.84.12-1
Unaffected version:22.84.14-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3127
CVEs:There is no CVE for this issue, see http://xdvi.sourceforge.net/releases.html#22.84.14
Description:A security issue has been reported in xdvik, which can be exploited by malicious, local users. The vulnerability is caused by creating predictably named temporary files by using mktemp.
FSA477 - graphicsmagick
Package:graphicsmagick
Date:2008-06-13
Vulnerable version:1.1.12-1kalgan1
Unaffected version:1.1.14-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3137
CVEs:There is no CVE for this issue, see: http://sourceforge.net/project/shownotes.php?release_id=604785 http://sourceforge.net/project/shownotes.php?release_id=604837
Description:Some vulnerabilities have been reported in GraphicsMagick, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. 1) Two boundary errors exist within the "ReadPALMImage()" function in coders/palm.c. These can be exploited to cause a heap-based buffer underflow via a specially crafted PALM image. 2) A boundary error exists within the "DecodeImage()" function in coders/pict.c. This can be exploited to cause a heap-based buffer overflow via a specially crafted PICT image. 3) Multiple unspecified errors within the processing of XCF, DPX, and CINEON images can be exploited to crash the application. Successful exploitation may allow execution of arbitrary code.
FSA476 - asterisk-addons
Package:asterisk-addons
Date:2008-06-13
Vulnerable version:1.4.4-1
Unaffected version:1.4.7-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3136
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2543
Description:A vulnerability has been reported in Asterisk Addons, which can be exploited by malicious people to cause a DoS (Denial of Service). The problem is that the "ooh323" channel driver extracts memory addresses from incoming TCP packets and uses them in memory operations. This can be exploited to crash an affected application by sending a TCP packet containing invalid memory references.
FSA475 - samba
Package:samba
Date:2008-06-13
Vulnerable version:3.0.28-1
Unaffected version:3.0.30-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3115
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1105
Description:Secunia Research has discovered a vulnerability in Samba, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the "receive_smb_raw()" function in lib/util_sock.c when parsing SMB packets. This can be exploited to cause a heap-based buffer overflow via an overly large SMB packet received in a client context. Successful exploitation allows execution of arbitrary code by tricking a user into connecting to a malicious server (e.g. by clicking an "smb://" link) or by sending specially crafted packets to an "nmbd" server configured as a local or domain master browser.
FSA474 - blender
Package:blender
Date:2008-06-13
Vulnerable version:2.45-1
Unaffected version:2.45-2kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3039
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1102
Description:Secunia Research has discovered a vulnerability in Blender, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the "imb_loadhdr()" function in source/blender/imbuf/intern/radiance_hdr.c, which can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into opening a specially crafted Blender (*.blend) file containing a malicious Radiance RGBE image. Successful exploitation allows execution of arbitrary code.
FSA473 - libvorbis
Package:libvorbis
Date:2008-06-13
Vulnerable version:1.2.0-1
Unaffected version:1.2.0-2kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3093
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1419 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1420 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1423
Description:Some vulnerabilities have been reported in libvorbis, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise an application using the library. 1) An input validation error can be exploited to crash an application, cause an infinite loop, or to cause a heap overflow via a specially crafted OGG file containing a codebook dimension of "0". 2) An integer overflow error in the processing of residue partition values can be exploited to cause a heap-based buffer overflow via a specially crafted OGG file. 3) An integer overflow error exists in the computation of "quantvals" and of required space for "quantlist". This can be exploited to cause a heap-based buffer overflow via a specially crafted OGG file. Successful exploitation may allow execution of arbitrary code.
FSA472 - emacs
Package:emacs
Date:2008-06-13
Vulnerable version:22.1-3kalgan1
Unaffected version:22.1-3kalgan2
Bug tracker entry:http://bugs.frugalware.org/task/3086
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2142
Description:Morten Welinder has reported a vulnerability in GNU Emacs, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error in the processing of fast-lock files (.flc) for corresponding source files. This can be exploited to execute arbitrary Emacs Lisp code when e.g. a source file is opened and a specially crafted fast-lock file exists in the same directory. Successful exploitation requires that "font-lock-support-mode" is set to "fast-lock-mode".
FSA471 - stunnel
Package:stunnel
Date:2008-06-13
Vulnerable version:4.21-1
Unaffected version:4.24-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3122
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2420
Description:A security issue has been reported in Stunnel, which can be exploited by malicious people to bypass certain security restrictions. The security issue is caused due to an unspecified error in the OCSP functionality and can lead to a revoked certificate being successfully authenticated.
FSA470 - imlib2
Package:imlib2
Date:2008-06-13
Vulnerable version:1.4.0-1
Unaffected version:1.4.0-2kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3124
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2426
Description:Secunia Research has discovered two vulnerabilities in imlib2, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise an application using the library. 1) A boundary error exists within the "load()" function in src/modules/loaders/loader_pnm.c when processing the header of a PNM image file. This can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into opening a specially crafted PNM image in an application using the imlib2 library. Successful exploitation allows execution of arbitrary code. 2) A boundary error exists within the "load()" function in src/modules/loader_xpm.c when processing an XPM image file. This can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into opening a specially crafted XPM image in an application using the imlib2 library. Successful exploitation may allow execution of arbitrary code.
FSA469 - mrxvt
Package:mrxvt
Date:2008-06-13
Vulnerable version:0.5.3-1
Unaffected version:0.5.3-2kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3090
CVEs:There is no CVE for this issue.
Description:A security issue has been reported in mrxvt, which can be exploited by malicious, local users to gain escalated privileges. For more information, see FSA466.
FSA468 - rxvt-unicode
Package:rxvt-unicode
Date:2008-06-13
Vulnerable version:9.02-1
Unaffected version:9.02-2kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3089
CVEs:There is no CVE for this issue.
Description:A security issue has been reported in rxvt-unicode, which can be exploited by malicious, local users to gain escalated privileges. For more information, see FSA466.
FSA467 - aterm
Package:aterm
Date:2008-06-13
Vulnerable version:1.0.1-1
Unaffected version:1.0.1-2kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3088
CVEs:There is no CVE for this issue.
Description:A security issue has been reported in aterm, which can be exploited by malicious, local users to gain escalated privileges. For more information, see FSA466.
FSA466 - rxvt
Package:rxvt
Date:2008-06-13
Vulnerable version:2.6.4-2
Unaffected version:2.7.10-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/2925
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1142
Description:Bernhard R. Link has reported a security issue in rxvt, which can be exploited by malicious, local users to gain escalated privileges. The security issue is caused due to the program using ":0" as it's X11 display if the DISPLAY environment variable is missing. This can be exploited to execute arbitrary commands with the privileges of the user running rxvt via a malicious X server.
FSA465 - net-snmp
Package:net-snmp
Date:2008-06-10
Vulnerable version:5.4.1-3
Unaffected version:5.4.1-4kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3092
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2292
Description:A vulnerability has been reported in Net-snmp, which potentially can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the "__snprint_value()" function in perl/SNMP/SNMP.xs. This can be exploited to cause a buffer overflow in an application using the Net-snmp Perl module by tricking the user into connecting to a malicious SNMP agent.
FSA464 - horde-webmail
Package:horde-webmail
Date:2008-06-06
Vulnerable version:1.0.6-1kalgan1
Unaffected version:1.1-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3120
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6018
Description:Secunia Research has discovered a vulnerability in IMP Webmail Client and Horde Groupware Webmail Edition, which can be exploited by malicious people to bypass certain security restrictions and manipulate data. The HTML filter does not filter out frame and frameset HTML elements. Additionally, the application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the request. This can be exploited to (a) delete an arbitrary number of e-mail messages by referencing their numeric IDs and (b) purge deleted mails, when the victim opens a malicious HTML mail. Successful exploitation requires that the victim opens the HTML part of a malicious message.
FSA463 - openssl
Package:openssl
Date:2008-06-06
Vulnerable version:0.9.8-11
Unaffected version:0.9.8-12kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3114
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0891 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1672
Description:Two vulnerabilities have been reported in OpenSSL, which can be exploited by malicious people to cause a DoS (Denial of Service). 1) A double-free error in the handling of server name extension data if "server_name" set to 0x00 can be exploited to crash a server application using OpenSSL by sending a specially crafted TLS 1.0 Client Hello packet. Successful exploitation requires that OpenSSL is compiled using the TLS server name extensions. 2) A NULL pointer dereference error can be exploited by a malicious server to crash a client application when the "Server Key exchange message" is omitted from a TLS handshake and anonymous Diffie-Hellman key exchange is used.
FSA462 - libxslt
Package:libxslt
Date:2008-05-26
Vulnerable version:1.1.22-2kalgan1
Unaffected version:1.1.22-2kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3104
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1767
Description:A vulnerability has been reported in libxslt, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a vulnerable system. The vulnerability is caused due to an error in the handling of XSL style-sheet files. This can potentially be exploited to trigger the use of uninitialized memory in e.g. a call to "free()" when a specially crafted XSL file is being processed by an application using the library. Successful exploitation may allow execution of arbitrary code.
FSA461 - mysql
Package:mysql
Date:2008-05-26
Vulnerable version:5.0.51-2
Unaffected version:5.0.51-3kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3075
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2079
Description:A security issue has been reported in MySQL, which can be exploited by malicious, local users to bypass certain security restrictions. The problem is that it is possible to bypass certain privilege checks by creating a MyISAM table with certain DATA DIRECTORY and INDEX DIRECTORY options to overwrite existing table files in the MySQL data directory.
FSA460 - seamonkey
Package:seamonkey
Date:2008-05-26
Vulnerable version:1.1.9-1kalgan1
Unaffected version:1.1.9-1kalgan2
Bug tracker entry:http://bugs.frugalware.org/task/3021
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1380
Description:A vulnerability has been reported in Mozilla SeaMonkey, which can potentially be exploited by malicious people to compromise a user's system. For more information, see FSA431.
FSA459 - django
Package:django
Date:2008-05-26
Vulnerable version:0.96.1-1
Unaffected version:0.96.2-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3084
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2302
Description:A vulnerability has been reported in Django, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the URL is not properly sanitised before being returned to the user through the login form. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
FSA458 - asterisk
Package:asterisk
Date:2008-05-26
Vulnerable version:1.4.17-1
Unaffected version:1.4.19.2-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3077
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1897 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1923
Description:A vulnerability has been reported in Asterisk, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to improper verification of ACK responses during IAX2 handshakes, which can be exploited to spoof an IAX2 handshake and cause a DoS via high bandwidth usage.
FSA457 - kvm
Package:kvm
Date:2008-05-25
Vulnerable version:61-2
Unaffected version:61-3kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3044
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2004
Description:A vulnerability has been reported in KVM, which can be exploited by malicious, local users to bypass certain security restrictions or cause a DoS (Denial of Service). The error can be exploited by a guest to read arbitrary files on the host via a specially crafted disk header. For more information, see FSA455.
FSA456 - xemacs
Package:xemacs
Date:2008-05-25
Vulnerable version:21.4.21-1
Unaffected version:21.4.21-2kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3041
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1694
Description:Some security issues have been reported in XEmacs, which can be exploited by malicious, local users to perform certain actions with escalated privileges. The security issues are caused due to the use of vulnerable GNU Emacs code. For more information, see FSA423.
FSA455 - qemu
Package:qemu
Date:2008-05-25
Vulnerable version:0.9.1-2
Unaffected version:0.9.1-3kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3043
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2004
Description:A vulnerability has been reported in QEMU, which can be exploited by malicious, local users to bypass certain security restrictions. The vulnerability is caused due to the "drive_init()" function in vl.c determining the format of a disk from data contained in the disk's header. This can be exploited by a malicious user in a guest system to e.g. read arbitrary files on the host by writing a fake header to a raw formatted disk image.
FSA454 - chicken
Package:chicken
Date:2008-05-25
Vulnerable version:2.732-1
Unaffected version:3.1.10-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3091
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0674
Description:A vulnerability been reported in Chicken, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. The vulnerabilities are caused due to the use of a vulnerable version of the PCRE library.
FSA453 - gnutls
Package:gnutls
Date:2008-05-25
Vulnerable version:2.2.0-1
Unaffected version:2.2.5-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3100
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1948 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1949 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1950
Description:Some vulnerabilities have been reported in GnuTLS, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise an application using the library. 1) A boundary error exists in the processing "Client Hello" messages containing a "Server Name" extension. This can be exploited to cause a heap-based buffer overflow via a specially crafted TLS packet. Successful exploitation may allow execution of arbitrary code. 2) A NULL-pointer dereference error in the processing of TLS packets containing multiple "Client Hello" messages can be exploited to crash an affected application. 3) A signedness error exists within the "_gnutls_ciphertext2compressed()" function in lib/gnutls_cipher.c. This can be exploited to cause an out of bounds read and crash an affected application via specially crafted, encrypted TLS data.
FSA452 - graphicsmagick
Package:graphicsmagick
Date:2008-05-20
Vulnerable version:1.1.11-1
Unaffected version:1.1.12-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3076
CVEs:There is no CVE for this issue, see http://sourceforge.net/project/shownotes.php?release_id=595544
Description:A security issue has been reported in GraphicsMagick, which can be exploited by malicious people to bypass certain security restrictions. The security issue is caused due to the improper processing of file extensions and can be exploited to e.g. access X11 or to invoke certain delegate programs. Successful exploitation requires that a user is tricked into processing a malicious file with a specific file extension.
FSA451 - audacity
Package:audacity
Date:2008-05-20
Vulnerable version:1.3.3-2
Unaffected version:1.3.5-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3080
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6061
Description:Viktor Griph has reported a security issue in Audacity, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or to delete arbitrary files and directories. The security issue is caused due to the "AudacityApp::OnInit()" method in src/AudacityApp.cpp handling temporary files in an insecure manner. This can be exploited to delete arbitrary files and directories via symlink attacks, or to cause a deadlock.
FSA450 - pngcrush
Package:pngcrush
Date:2008-05-20
Vulnerable version:1.6.4-1
Unaffected version:1.6.5-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3079
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1382
Description:A vulnerability has been reported in Pngcrush, which can be exploited by malicious people to disclose potentially sensitive information or potentially compromise a user's system. The vulnerability is caused due to the use of vulnerable libpng code. For more information, see FSA434.
FSA449 - rdesktop
Package:rdesktop
Date:2008-05-20
Vulnerable version:1.5.0-2
Unaffected version:1.6.0-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3078
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1801 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1802 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1803
Description:Some vulnerabilities have been reported in rdesktop, which can be exploited by malicious people to compromise a user's system. 1) An integer underflow error in iso.c when processing RDP requests can be exploited to cause a heap-based buffer overflow. 2) An input validation error in rdp.c when processing RDP redirect requests can be exploited to cause a BSS-based buffer overflow. 3) A signedness error within "xrealloc()" in rdesktop.c can be exploited to cause a heap-based buffer overflow. Successful exploitation allows execution of arbitrary code but requires that a user is tricked into connecting to a malicious RDP server.
FSA448 - php
Package:php
Date:2008-05-20
Vulnerable version:5.2.5-2
Unaffected version:5.2.6-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3074
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0599 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2050 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2051 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2107 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2108
Description:Some vulnerabilities have been reported in PHP, where some have unknown impacts and others can be exploited by malicious users to bypass certain security restrictions, and potentially by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system. 1) An unspecified error in the FastCGI SAPI can be exploited to cause a stack-based buffer overflow. 2) An error in the processing of multibyte characters within the "escapeshellcmd()" and "escapeshellarg()" functions can be exploited to escape the inserted backslash or quote characters via certain multibyte characters. Successful exploitation allows to bypass the "safe_mode_exec_dir" and "disable_functions" directives, and potentially to inject arbitrary shell commands via user controlled input, but requires that the shell uses a locale with a variable width character (e.g. GBK, EUC-KR, SJIS). 3) A vulnerability is caused due to an error during path translation in cgi_main.c. This can potentially be exploited to execute arbitrary code, but depends on how a targeted application is using PHP. 4) An error in cURL can be exploited to bypass the "safe_mode" directive. 5) A boundary error in PCRE can potentially be exploited by malicious people to cause a DoS or compromise a vulnerable system.
FSA447 - eterm
Package:eterm
Date:2008-05-15
Vulnerable version:0.9.4-2
Unaffected version:0.9.4-3kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/2918
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1692
Description:A security issue has been reported in Eterm, which can be exploited by malicious, local users to gain escalated privileges. Eterm 0.9.4 opens a terminal window on :0 if -display is not specified and the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections. NOTE: realistic attack scenarios require that the victim enters a command on the wrong machine.
FSA446 - kdelibs
Package:kdelibs
Date:2008-05-15
Vulnerable version:3.5.9-1
Unaffected version:3.5.9-2kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3047
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1671
Description:A vulnerability has been reported in KDE, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or to potentially gain escalated privileges. The vulnerability is caused due to an error in the start_kdeinit script (installed setuid root by default). This can be exploited to send signals to privileged processes, cause a DoS, or potentially execute arbitrary code in the context of the target process.
FSA445 - kernel
Package:kernel
Date:2008-05-15
Vulnerable version:2.6.24-4kalgan1
Unaffected version:2.6.24-4kalgan2
Bug tracker entry:http://bugs.frugalware.org/task/3060
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1669
Description:A vulnerability has been reported in the Linux kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service). The vulnerability is caused due to an error when preventing race conditions between "fcntl_setlk()" and "close()" calls on SMP systems. This can be exploited to trigger the improper, reordered access to the file descriptor table and the "file_lock" structure of an inode, between threads running on different CPUs.
FSA444 - thunderbird
Package:thunderbird
Date:2008-05-15
Vulnerable version:2.0.0.12-1
Unaffected version:2.0.0.14-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/2906
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1233 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1234 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1235 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1236 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1237
Description:Some vulnerabilities have been reported in Mozilla Thunderbird, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, or potentially compromise a user's system. For more information, see FSA407.
FSA443 - util-linux-ng
Package:util-linux-ng
Date:2008-05-15
Vulnerable version:2.13.1-1
Unaffected version:2.13.1-2kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3046
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1926
Description:A weakness has been reported in util-linux-ng, which can be exploited by malicious people to manipulate certain data. The security issue is caused due to an error in login.c while logging login attempts. This can be exploited to inject e.g. an arbitrary address in the audit logs via a specially crafted username.
FSA442 - wordpress
Package:wordpress
Date:2008-05-15
Vulnerable version:2.3.3-2kalgan1
Unaffected version:2.5.1-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3048
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1930 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2068
Description:Two vulnerabilities have been reported in WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and to compromise a vulnerable system. 1) A vulnerability is caused due to improper access restriction of the administration section. This can be exploited to bypass the authentication mechanism and gain administrative access by setting a specially crafted cookie. This can further be exploited to execute arbitrary PHP code. Successful exploitation of this vulnerability requires that registering new accounts is enabled. The vulnerability is reported in version 2.5. 2) Input passed to an unspecified parameter is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
FSA441 - kernel
Package:kernel
Date:2008-05-05
Vulnerable version:2.6.24-3
Unaffected version:2.6.24-4kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3050
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1375
Description:A vulnerability has been reported in the Linux kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or to potentially gain escalated privileges. A race condition error exists in the dnotify subsystem between calls to "fcntl()" and "close()". This can be exploited to cause a system crash or potentially gain root privileges.
FSA440 - frugalwareutils
Package:frugalwareutils
Date:2008-05-05
Vulnerable version:0.7.9-1
Unaffected version:0.7.9-2kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3052
CVEs:There is no CVE for this issue.
Description:A vulnerability has been reported in frugalwareutils, which can potentially be exploited by malicious people to cause a DoS on a vulnerable system. The vulnerability is caused due to creating new files as root without checking the current value of umask. Successful exploitation may allow execution of arbitrary code.
FSA439 - vorbis-tools
Package:vorbis-tools
Date:2008-05-05
Vulnerable version:1.1.1-3
Unaffected version:1.1.1-4kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3032
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686
Description:A vulnerability has been reported in vorbis-tools, which can potentially be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to the use of vulnerable libfishsound; an input validation error when processing Speex headers, which can be exploited via a specially crafted Speex stream containing a negative "modeID" field in the header. Successful exploitation may allow execution of arbitrary code.
FSA438 - xine-lib
Package:xine-lib
Date:2008-05-05
Vulnerable version:1.1.11-1kalgan2
Unaffected version:1.1.11-1kalgan3
Bug tracker entry:http://bugs.frugalware.org/task/3027
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1878
Description:Guido Landi has discovered a vulnerability in xine-lib, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error within the "demux_nsf_send_chunk()" function in src/demuxers/demux_nsf.c. This can be exploited to cause a stack-based buffer overflow via an overly long NSF title.
FSA437 - xine-lib
Package:xine-lib
Date:2008-05-05
Vulnerable version:1.1.11-1kalgan2
Unaffected version:1.1.11-1kalgan3
Bug tracker entry:http://bugs.frugalware.org/task/3010
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686
Description:A vulnerability has been reported in xine-lib, which can potentially be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to the use of vulnerable libfishsound; an input validation error when processing Speex headers, which can be exploited via a specially crafted Speex stream containing a negative "modeID" field in the header. Successful exploitation may allow execution of arbitrary code.
FSA436 - phpmyadmin
Package:phpmyadmin
Date:2008-04-25
Vulnerable version:2.11.5.1-1kalgan1
Unaffected version:2.11.5.2-1kalgan1
Bug tracker entry:http://bugs.frugalware.org/task/3035
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1924
Description:A vulnerability has been reported in phpMyAdmin, which can be exploited by malicious users to disclose sensitive information. The vulnerability is caused due to an unspecified error and can be exploited to disclose arbitrary files via a specially crafted HTTP POST request. Successful exploitation requires a certain level of access e.g. on a shared host.
FSA435 - openssh
Package:openssh
Date:2008-04-25
Vulnerable version:4.7p1-4kalgan1
Unaffected version:4.7p1-4kalgan2
Bug tracker entry:http://bugs.frugalware.org/task/2961
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1657
Description:A weakness has been reported in OpenSSH, which can be exploited by malicious, local users to bypass certain security restrictions. The weakness is caused due to the improper implementation of the "ForceCommand" directive. This can be exploited to execute arbitrary commands via the ~/.ssh/rc file even if a "ForceCommand" directive is in effect.
FSA434 - libpng
Package:libpng
Date:2008-04-25