Frugalware Security Announcements (FSAs)

Author: James Buren
Vulnerable: 3.4.9-1
Unaffected: 3.4.10.1-fermus1

A security issue and a vulnerability have been reported in phpmyadmin, which can be exploited by malicious people to manipulate certain data and bypass certain security restrictions.

It was possible to conduct XSS using a crafted database name.

Bug Tracker URL: https://bugs.frugalware.org/ticket/4659

CVEs:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1190

Author: James Buren
Vulnerable: 10.0-1
Unaffected: 10.0.2-fermus1

A security issue and a vulnerability have been reported in thunderbird, which can be exploited by malicious people to manipulate certain data and bypass certain security restrictions.

Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation.

Bug Tracker URL: https://bugs.frugalware.org/ticket/4663

CVEs:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3026

Author: Miklos Vajna
Vulnerable: 6.22-1
Unaffected: 6.24-1mores1

A security issue and a vulnerability have been reported in Drupal, which can be exploited by malicious people to manipulate certain data and bypass certain security restrictions.

The security issue is caused due to the OpenID module not properly verifying the signature of Attribute Exchange (AX) information, which can be exploited to manipulate AX information.
An error in the File module when using certain field access modules can be exploited to download private files which would otherwise be restricted.

Bug Tracker URL: https://bugs.frugalware.org/ticket/4654

CVEs:

Author: Miklos Vajna
Vulnerable: 7.7-1
Unaffected: 7.12-1mores1

A security issue and a vulnerability have been reported in Drupal, which can be exploited by malicious people to manipulate certain data and bypass certain security restrictions.

The security issue is caused due to the OpenID module not properly verifying the signature of Attribute Exchange (AX) information, which can be exploited to manipulate AX information.
An error in the File module when using certain field access modules can be exploited to download private files which would otherwise be restricted.

Bug Tracker URL: https://bugs.frugalware.org/ticket/4655

CVEs:

Author: Miklos Vajna
Vulnerable: 3.4.8-1mores1
Unaffected: 3.4.9-1mores1

Multiple cross-site scripting (XSS) vulnerabilities in libraries/display_export.lib.php in phpMyAdmin allow remote attackers to inject arbitrary web script or HTML via crafted URL parameters, related to the export panels in the (1) server, (2) database, and (3) table sections.

Bug Tracker URL: https://bugs.frugalware.org/ticket/4643

CVEs:

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4780

Author: Miklos Vajna
Vulnerable: 1.6.3-1mores1
Unaffected: 1.6.5-1mores1

Multiple vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a user’s system.

NULL pointer dereference errors when reading certain packet information can be exploited to cause a crash.
An error within the RLC dissector can be exploited to cause a buffer overflow via a specially crafted RLC packet capture file. Successful exploitation of this vulnerability may allow execution of arbitrary code.
An error within the “lanalyzer_read()” function (wiretap/lanalyzer.c) when parsing LANalyzer files can be exploited to cause a heap-based buffer underflow. Successful exploitation of this vulnerability may allow execution of arbitrary code. NOTE: A weakness within the file parser, which can lead to a crash when handling capture files has also been reported.

Bug Tracker URL: https://bugs.frugalware.org/ticket/4650

CVEs:

Author: Miklos Vajna
Vulnerable: 3.2.1-1
Unaffected: 3.3.1-1mores1

Aditya Modha and Samir Shah discovered a vulnerability in WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the URL to e.g. wp-comments-post.php is not properly sanitised within the “wp_guess_url()” function in wp-includes/functions.php before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user’s browser session in context of an affected site.

Author: Miklos Vajna
Vulnerable: 6.x_2.12-2
Unaffected: 6.x_2.14-1mores1

A vulnerability has been reported in the Views module for Drupal, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via certain filters or arguments on certain types of views is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

Bug Tracker URL: https://bugs.frugalware.org/ticket/4632

CVEs:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4113

Author: Miklos Vajna
Vulnerable: 3.4.7.1-1mores1
Unaffected: 3.4.8-1mores1

Using crafted database names, it was possible to produce XSS in the Database Synchronize and Database rename panels. Using an invalid and crafted SQL query, it was possible to produce XSS when editing a query on a table overview panel or when using the view creation dialog. Using a crafted column type, it was possible to produce XSS in the table search and create index dialogs.

Author: Miklos Vajna
Vulnerable: 0.5.4-1mores1
Unaffected: 0.7-1mores1

Beside fixing bugs the developers added some security improvements which will protect the Roundcube users from XSS and clickjacking attacks.

Bug Tracker URL: https://bugs.frugalware.org/ticket/4642

CVEs:

No CVE, see http://sourceforge.net/news/?group_id=139281&id=305129.

Frugalware Security Announcements (FSAs)

phpmyadmin

CVEs:

thunderbird

CVEs:

drupal6

CVEs:

drupal7

CVEs:

phpmyadmin

CVEs:

wireshark

CVEs:

wordpress

drupal6-views

CVEs:

phpmyadmin

roundcube

CVEs: