Frugalware Let's make things frugal!
En Fr Es It

Frugalware Security Announcements (FSAs)

This is a list of security announcments that have been released for the current stable version of Frugalware
Package:squid
Date:2014-08-29
Posted by:kikadf
Vulnerable version:3.1.19-1
Unaffected version:3.1.19-2arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5643 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0189 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3609
Description:Squid3, a fully featured Web proxy cache, is prone to a denial of service attack due to memory consumption caused by memory leaks in cachemgr.cgi. Matthew Daley discovered that Squid 3 did not properly perform input validation in request parsing.
Package:cups
Date:2014-08-28
Posted by:kikadf
Vulnerable version:1.6.1-3arcturus3
Unaffected version:1.6.1-3arcturus4
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5029 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5030 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5031
Description:The web interface in CUPS 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/ and language[0] set to null. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3537. CUPS before 2.0 allows local users to read arbitrary files via a symlink attack on (1) index.html, (2) index.class, (3) index.pl, (4) index.php, (5) index.pyc, or (6) index.py. The web interface in CUPS before 2.0 does not check that files have world-readable permissions, which allows remote attackers to obtains sensitive information via unspecified vectors.
Package:glibc
Date:2014-08-28
Posted by:kikadf
Vulnerable version:2.16.0-3
Unaffected version:2.16.0-4arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0475 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5119
Description:A directory traveral flaw was found in the way glibc loaded locale files. Tavis Ormandy reported an off-by-one error leading to a heap-based buffer overflow flaw in glibc's __gconv_translit_find() function.
Package:ipython
Date:2014-08-28
Posted by:kikadf
Vulnerable version:1.0.0-1
Unaffected version:1.0.0-2arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3429
Description:Cross-domain websocket hijacking vulnerability.
Package:ppp
Date:2014-08-26
Posted by:kikadf
Vulnerable version:2.4.5-3
Unaffected version:2.4.5-4arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3158
Description:Integer overflow in option parsing.
Package:mediawiki
Date:2014-08-26
Posted by:kikadf
Vulnerable version:1.19.16-1arcturus1
Unaffected version:1.19.18-1arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5241 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5243
Description:It was discovered that MediaWiki, a website engine for collaborative work, is vulnerable to JSONP injection in Flash (CVE-2014-5241) and clickjacking between OutputPage and ParserOutput (CVE-2014-5243).
Package:django
Date:2014-08-26
Posted by:kikadf
Vulnerable version:1.5.2-2arcturus2
Unaffected version:1.5.9-1arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0480 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0481 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0482 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0483
Description:Florian Apolloner discovered that in certain situations, URL reversing could generate scheme-relative URLs which could unexpectedly redirect a user to a different host, leading to phishing attacks. David Wilson reported a file upload denial of service vulnerability. David Greisen discovered that under some circumstances, the use of the RemoteUserMiddleware middleware and the RemoteUserBackend authentication backend could result in one user receiving another user's session, if a change to the REMOTE_USER header occurred without corresponding logout/login actions. Collin Anderson discovered that it is possible to reveal any field's data by modifying the popup and to_field parameters of the query string on an admin change form page.
Package:imaging
Date:2014-08-26
Posted by:kikadf
Vulnerable version:1.1.7-5arcturus1
Unaffected version:1.1.7-5arcturus2
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3589
Description:Andrew Drake discovered that missing input sanitising in the icns decoder of the Python Imaging Library could result in denial of service if a malformed image is processed.
Package:php
Date:2014-08-21
Posted by:kikadf
Vulnerable version:5.3.26-2arcturus4
Unaffected version:5.3.26-2arcturus5
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4670
Description:It was discovered that the CDF parser of the fileinfo module does not properly process malformed files in the Composite Document File (CDF) format, leading to crashes. It was discovered that PHP incorrectly handled certain SPL Iterators. A local attacker could use this flaw to cause PHP to crash, resulting in a denial of service.
Package:cacti
Date:2014-08-21
Posted by:kikadf
Vulnerable version:0.8.8b-2arcturus1
Unaffected version:0.8.8b-2arcturus2
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5025 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5026 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5043 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5261 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5262
Description:Multiple security issues (cross-site scripting, missing input sanitising and SQL injection) have been discovered in Cacti, a web interface for graphing of monitoring systems.
Package:wordpress
Date:2014-08-20
Posted by:kikadf
Vulnerable version:3.9-1arcturus1
Unaffected version:3.9.2-1arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2053 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5204 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5240 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5265 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5266
Description:Multiple security issues have been discovered in Wordpress, a web blogging tool, resulting in denial of service or information disclosure.
Package:wireshark
Date:2014-08-20
Posted by:kikadf
Vulnerable version:1.8.13-1arcturus1
Unaffected version:1.8.15-1arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5161 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5162 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5163 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5164 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5165
Description:Multiple vulnerabilities were discovered in the dissectors for Catapult DCT2000, IrDA, GSM Management, RLC ASN.1 BER, which could result in denial of service.
Package:tor
Date:2014-08-20
Posted by:kikadf
Vulnerable version:0.2.3.25-2
Unaffected version:0.2.4.23-1arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5117
Description:Several issues have been discovered in Tor, a connection-based low-latency anonymous communication system, resulting in information leaks.
Package:serf
Date:2014-08-20
Posted by:kikadf
Vulnerable version:1.2.1-1
Unaffected version:1.2.1-2arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3504
Description:Ben Reser discovered that serf did not correctly handle SSL certificates with NUL bytes in the CommonName or SubjectAltNames fields.
Package:openssl
Date:2014-08-20
Posted by:kikadf
Vulnerable version:1.0.1-5arcturus5
Unaffected version:1.0.1-5arcturus6
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3505 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3506 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3507 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3508 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3509 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3510 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3511 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3512 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5139
Description:Multiple vulnerabilities have been identified in OpenSSL, a Secure Sockets Layer toolkit, that may result in denial of service (application crash, large memory consumption), information leak, protocol downgrade. Additionally, a buffer overrun affecting only applications explicitly set up for SRP has been fixed.
Package:kdelibs
Date:2014-08-20
Posted by:kikadf
Vulnerable version:4.11.1-1
Unaffected version:4.11.1-2arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5033
Description:Sebastian Krahmer discovered that Kauth used Policykit insecurely by relying on the process ID. This could result in privilege escalation.
Package:krb5
Date:2014-08-20
Posted by:kikadf
Vulnerable version:1.10.1-1
Unaffected version:1.10.1-2arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4341 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4342 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4344 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4345
Description:An unauthenticated remote attacker with the ability to inject packets into a legitimately established GSSAPI application session can cause a program crash due to invalid memory references when attempting to read beyond the end of a buffer. An unauthenticated remote attacker with the ability to inject packets into a legitimately established GSSAPI application session can cause a program crash due to invalid memory references when reading beyond the end of a buffer or by causing a null pointer dereference. An unauthenticated remote attacker with the ability to spoof packets appearing to be from a GSSAPI acceptor can cause a double-free condition in GSSAPI initiators (clients) which are using the SPNEGO mechanism, by returning a different underlying mechanism than was proposed by the initiator. An unauthenticated or partially authenticated remote attacker can cause a NULL dereference and application crash during a SPNEGO negotiation by sending an empty token as the second or later context token from initiator to acceptor. When kadmind is configured to use LDAP for the KDC database, an authenticated remote attacker can cause it to perform an out-of-bounds write (buffer overflow).
Package:lzo
Date:2014-08-20
Posted by:kikadf
Vulnerable version:2.0.6-1
Unaffected version:2.0.6-1arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4607
Description:Don A. Bailey from Lab Mouse Security discovered an integer overflow flaw in the way the lzo library decompressed certain archives compressed with the LZO algorithm. An attacker could create a specially crafted LZO-compressed input that, when decompressed by an application using the lzo library, would cause that application to crash or, potentially, execute arbitrary code.
Package:gpgme
Date:2014-08-20
Posted by:kikadf
Vulnerable version:1.3.1-5
Unaffected version:1.3.1-6arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3564
Description:Tomáš Trnka discovered a heap-based buffer overflow within the gpgsm status handler of GPGME, a library designed to make access to GnuPG easier for applications. An attacker could use this issue to cause an application using GPGME to crash (denial of service) or possibly to execute arbitrary code.
Package:drupal7
Date:2014-08-20
Posted by:kikadf
Vulnerable version:7.22-2arcturus3
Unaffected version:7.22-2arcturus4
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5265 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5266 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5267
Description:A denial of service vulnerability was discovered in Drupal, a fully-featured content management framework. A remote attacker could exploit this flaw to cause CPU and memory exhaustion and the site's database to reach the maximum number of open connections, leading to the site becoming unavailable or unresponsive.
Package:drupal6
Date:2014-08-20
Posted by:kikadf
Vulnerable version:6.32-1arcturus1
Unaffected version:6.33-1arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5265 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5266 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5267
Description:A denial of service vulnerability was discovered in Drupal, a fully-featured content management framework. A remote attacker could exploit this flaw to cause CPU and memory exhaustion and the site's database to reach the maximum number of open connections, leading to the site becoming unavailable or unresponsive.
Package:apache
Date:2014-08-20
Posted by:kikadf
Vulnerable version:2.2.23-3arcturus1
Unaffected version:2.2.23-3arcturus2
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0117 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0118 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0226 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0231
Description:Marek Kroemeke discovered that the mod_proxy module incorrectly handled certain requests. Giancarlo Pellegrino and Davide Balzarotti discovered that the mod_deflate module incorrectly handled body decompression. Marek Kroemeke and others discovered that the mod_status module incorrectly handled certain requests. Rainer Jung discovered that the mod_cgid module incorrectly handled certain scripts.
Package:libtasn1
Date:2014-07-23
Posted by:kikadf
Vulnerable version:2.11-1
Unaffected version:2.11-2arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3467 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3468 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3469
Description:It was discovered that Libtasn1 incorrectly handled certain ASN.1 data structures. It was discovered that Libtasn1 incorrectly handled negative bit lengths.
Package:cups
Date:2014-07-23
Posted by:kikadf
Vulnerable version:1.6.1-3arcturus2
Unaffected version:1.6.1-3arcturus3
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3537
Description:Francisco Alonso discovered that the CUPS web interface incorrectly validated permissions on rss files.
Package:drupal6
Date:2014-07-23
Posted by:kikadf
Vulnerable version:6.31-1arcturus1
Unaffected version:6.32-1arcturus1
Bug tracker entry:
CVEs:https://www.drupal.org/SA-CORE-2014-003
Description:Multiple security issues have been discovered in the Drupal content management system, ranging from denial of service to cross-site scripting.
Package:drupal7
Date:2014-07-23
Posted by:kikadf
Vulnerable version:7.22-2arcturus2
Unaffected version:7.22-2arcturus3
Bug tracker entry:
CVEs:https://www.drupal.org/SA-CORE-2014-003
Description:Multiple security issues have been discovered in the Drupal content management system, ranging from denial of service to cross-site scripting.
Package:activerecord
Date:2014-07-20
Posted by:kikadf
Vulnerable version:3.2.13-1
Unaffected version:3.2.13-2arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3482 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3483
Description:Sean Griffin discovered two vulnerabilities in the PostgreSQL adapter for Active Record which could lead to SQL injection.
Package:transmission-cli
Date:2014-07-20
Posted by:kikadf
Vulnerable version:2.81-1
Unaffected version:2.81-2arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4909
Description:Ben Hawkes discovered that Transmission incorrectly handled certain peer messages.
Package:miniupnpc
Date:2014-07-20
Posted by:kikadf
Vulnerable version:1.7-1
Unaffected version:1.7-2arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3985
Description:It was discovered that MiniUPnPc incorrectly handled certain buffer lengths.
Package:file
Date:2014-07-20
Posted by:kikadf
Vulnerable version:5.14-2arcturus2
Unaffected version:5.14-2arcturus3
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7345 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538
Description:Mike Frysinger discovered that the file awk script detector used multiple wildcard with unlimited repetitions. Francisco Alonso discovered that file incorrectly handled certain CDF documents. Jan Kaluža discovered that file did not properly restrict the amount of data read during regex searches.
Package:fail2ban
Date:2014-07-20
Posted by:kikadf
Vulnerable version:0.8.4-3
Unaffected version:0.8.13-1arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7176 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7177
Description:Two vulnerabilities were discovered in Fail2ban, a solution to ban hosts that cause multiple authentication errors. When using Fail2ban to monitor Postfix or Cyrus IMAP logs, improper input validation in log parsing could enable a remote attacker to trigger an IP ban on arbitrary addresses, resulting in denial of service.
Package:mysql
Date:2014-07-20
Posted by:kikadf
Vulnerable version:5.5.37-1arcturus1
Unaffected version:5.5.38-1arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2494 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4207 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4258 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4260
Description:Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to ENARC. Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to SROPTZR. Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SRINFOSC. Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect integrity and availability via vectors related to SRCHAR.
Package:php
Date:2014-07-17
Posted by:kikadf
Vulnerable version:5.3.26-2arcturus3
Unaffected version:5.3.26-2arcturus4
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721
Description:Francisco Alonso of the Red Hat Security Response Team reported an incorrect boundary check in the cdf_read_short_sector() function. Francisco Alonso of the Red Hat Security Response Team discovered a flaw in the way the truncated pascal string size in the mconvert() function is computed. Francisco Alonso of the Red Hat Security Response Team reported an incorrect boundary check in the cdf_check_stream_offset() function. rancisco Alonso of the Red Hat Security Response Team reported an insufficient boundary check in the cdf_count_chain() function. Francisco Alonso of the Red Hat Security Response Team discovered an incorrect boundary check in the cdf_read_property_info() funtion. Stefan Esser discovered a type confusion issue affecting phpinfo(), which might allow an attacker to obtain sensitive information from process memory.
Package:vlc
Date:2014-07-17
Posted by:kikadf
Vulnerable version:2.0.8-2
Unaffected version:2.0.8-3arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4388
Description:Multiple buffer overflows have been found in the VideoLAN media player. Processing malformed subtitles or movie files could lead to denial of service and potentially the execution of arbitrary code.
Package:dbus
Date:2014-07-03
Posted by:kikadf
Vulnerable version:1.6.8-9
Unaffected version:1.6.8-10arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2168 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3477 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3532 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3533
Description:Alban Crequy at Collabora Ltd. discovered that dbus-daemon sends an AccessDenied error to the service instead of a client when the client is prohibited from accessing the service. Alban Crequy at Collabora Ltd. discovered a bug in dbus-daemon's support for file descriptor passing. Alban Crequy at Collabora Ltd. and Alejandro Martínez Suárez discovered that a malicious process could force services to be disconnected from the D-Bus system by causing dbus-daemon to attempt to forward invalid file descriptors to a victim process, leading to a denial of service.
Package:cacti
Date:2014-07-03
Posted by:kikadf
Vulnerable version:0.8.8b-1
Unaffected version:0.8.8b-2arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1435 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5588 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5589 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2327 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2327 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2328 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2708 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2709 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4002
Description:Multiple security issues (cross-site scripting, cross-site request forgery, SQL injections, missing input sanitising) have been found in Cacti, a web frontend for RRDTool.
Package:gnupg2
Date:2014-06-26
Posted by:kikadf
Vulnerable version:2.0.20-1
Unaffected version:2.0.20-2arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4617
Description:Jean-René Reinhard, Olivier Levillain and Florian Maury reported that GnuPG, the GNU Privacy Guard, did not properly parse certain garbled compressed data packets.
Package:gnupg
Date:2014-06-26
Posted by:kikadf
Vulnerable version:1.4.14-2arcturus1
Unaffected version:1.4.14-2arcturus2
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4617
Description:Jean-René Reinhard, Olivier Levillain and Florian Maury reported that GnuPG, the GNU Privacy Guard, did not properly parse certain garbled compressed data packets.
Package:thunderbird
Date:2014-06-26
Posted by:kikadf
Vulnerable version:24.4.0-1arcturus1
Unaffected version:24.6.0-1arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1533 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1538 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1541 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1545
Description:Multiple security issues have been found in the Mozilla Thunderbird mail and news client: multiple memory safety errors and buffer overflows may lead to the execution of arbitrary code or denial of service.
Package:samba
Date:2014-06-23
Posted by:kikadf
Vulnerable version:3.6.23-1arcturus1
Unaffected version:3.6.24-1arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0244 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3493
Description:Denial of service (infinite CPU loop) in the nmbd Netbios name service daemon. Denial of service (daemon crash) in the smbd file server daemon.
Package:php
Date:2014-06-23
Posted by:kikadf
Vulnerable version:5.3.26-2arcturus2
Unaffected version:5.3.26-2arcturus3
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4049
Description:Stefan Esser discovered that PHP incorrectly handled DNS TXT records.
Package:mediawiki
Date:2014-06-23
Posted by:kikadf
Vulnerable version:1.18.1-1
Unaffected version:1.19.16-1arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3966
Description:Omer Iqbal discovered that Mediawiki, a wiki engine, parses invalid usernames on Special:PasswordReset as wikitext when $wgRawHtml is enabled. On such wikis this allows an unauthenticated attacker to insert malicious JavaScript, a cross site scripting attack.
Package:json-c
Date:2014-06-25
Posted by:kikadf
Vulnerable version:0.9-1
Unaffected version:0.9-2arcturus2
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6370
Description:Florian Weimer discovered that json-c incorrectly handled buffer lengths.
Package:kernel
Date:2014-06-18
Posted by:kikadf
Vulnerable version:3.10-7
Unaffected version:3.10-8arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3153 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1739 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4014
Description:Pinkie Pie discovered a flaw in the Linux kernel's futex subsystem. Kernel Infoleak vulnerability in media_enum_entities(). Linux kernel user namespace bug.
Package:firefox
Date:2014-06-14
Posted by:kikadf
Vulnerable version:29.0-1arcturus1
Unaffected version:30.0-1arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1533 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1534 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1536 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1537 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1538 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1540 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1541 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1542
Description:Gary Kwong, Christoph Diehl, Christian Holler, Hannes Verschore, Jan de Mooij, Ryan VanderMeulen, Jeff Walden, Kyle Huey, Jesse Ruderman, Gregor Wagner, Benoit Jacob and Karl Tomlinson discovered multiple memory safety issues in Firefox. Abhishek Arya discovered multiple use-after-free and out-of-bounds read issues in Firefox. Tyson Smith and Jesse Schwartzentruber discovered a use-after-free in the event listener manager. A use-after-free was discovered in the SMIL animation controller. Holger Fuhrmannek discovered a buffer overflow in Web Audio.
Package:chromium-browser
Date:2014-06-13
Posted by:kikadf
Vulnerable version:35.0.1916.114-1arcturus1
Unaffected version:35.0.1916.153-1arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3154 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3155 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3156 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3157
Description:Use-after-free in filesystem api. Out-of-bounds read in SPDY. Buffer overflow in clipboard. Heap overflow in media.
Package:mupdf
Date:2014-06-06
Posted by:kikadf
Vulnerable version:1.1-1
Unaffected version:1.1-2arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2013
Description:It was discovered that a buffer overflow in the MuPDF viewer might lead to the execution of arbitrary code.
Package:openssl
Date:2014-06-05
Posted by:kikadf
Vulnerable version:1.0.1-5arcturus4
Unaffected version:1.0.1-5arcturus5
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470
Description:Jüri Aedla discovered that OpenSSL incorrectly handled invalid DTLS fragments. Imre Rad discovered that OpenSSL incorrectly handled DTLS recursions. Kikuchi Masashi discovered that OpenSSL incorrectly handled certain handshakes. Felix Gröbert and Ivan Fratrić discovered that OpenSSL incorrectly handled anonymous ECDH ciphersuites.
Package:python-gnupg
Date:2014-06-05
Posted by:kikadf
Vulnerable version:0.3.4-1
Unaffected version:0.3.6-1arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7323 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1927 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1928 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1929
Description:Multiple vulnerabilities were discovered in the Python wrapper for the Gnu Privacy Guard (GPG). Insufficient sanitising could lead to the execution of arbitrary shell commands.
Package:chkrootkit
Date:2014-06-05
Posted by:kikadf
Vulnerable version:49-1
Unaffected version:50-1arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0476
Description:Thomas Stangner discovered a vulnerability in chkrootkit, a rootkit detector, which may allow local attackers to gain root access when /tmp is mounted without the noexec option.
Package:chromium-browser
Date:2014-06-05
Posted by:kikadf
Vulnerable version:34.0.1847.118-1arcturus1
Unaffected version:35.0.1916.114-1arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1743 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1744 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1745 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1746 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1747 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1748 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1749 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3152
Description:Cloudfuzzer discovered a use-after-free issue in the Blink/Webkit document object model implementation. Aaron Staple discovered an integer overflow issue in audio input handling. Atte Kettunen discovered a use-after-free issue in the Blink/Webkit scalable vector graphics implementation. Holger Fuhrmannek discovered an out-of-bounds read issue in the URL protocol implementation for handling media. Packagesu discovered a cross-site scripting issue involving malformed MHTML files. Jordan Milne discovered a user interface spoofing issue. The Google Chrome development team discovered and fixed multiple issues with potential security impact. An integer underflow issue was discovered in the v8 javascript library.
Package:php
Date:2014-06-02
Posted by:kikadf
Vulnerable version:5.3.26-2arcturus1
Unaffected version:5.3.26-2arcturus2
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0185 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270
Description:The default PHP FPM socket permission has been changed from 0666 to 0660 to mitigate a security vulnerability (CVE-2014-0185) in PHP FPM that allowed any local user to run a PHP code under the active user of FPM process via crafted FastCGI client. Denial of service in the CDF parser of the fileinfo module. (CVE-2014-0237,0238) Denial of service in the fileinfo module. (CVE-2014-2270)
Package:gnutls
Date:2014-06-02
Posted by:kikadf
Vulnerable version:2.12.17-2arcturus1
Unaffected version:2.12.17-2arcturus2
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3466
Description:Joonas Kuorilehto discovered that GNU TLS performed insufficient validation of session IDs during TLS/SSL handshakes. A malicious server could use this to execute arbitrary code or perform denial of service.
Package:mod_wsgi
Date:2014-06-02
Posted by:kikadf
Vulnerable version:3.4-1
Unaffected version:3.4-2arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0240
Description:Robert Kisteleki discovered a potential privilege escalation in daemon mode.
Package:lxml
Date:2014-05-24
Posted by:kikadf
Vulnerable version:2.3-1
Unaffected version:2.3.5-1arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3146
Description:It was discovered that the lxml.html.clean module incorrectly stripped control characters. An attacked could potentially exploit this to conduct cross-site scripting (XSS) attacks.
Package:pidgin
Date:2014-05-22
Posted by:kikadf
Vulnerable version:2.10.7-2arcturus2
Unaffected version:2.10.7-2arcturus3
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3775
Description:It was discovered that Pidgin incorrectly handled certain messages from Gadu-Gadu file relay servers.
Package:libgadu
Date:2014-05-22
Posted by:kikadf
Vulnerable version:1.11.2-2arcturus1
Unaffected version:1.11.2-2arcturus2
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3775
Description:It was discovered that libgadu incorrectly handled certain messages from file relay servers.
Package:actionpack
Date:2014-05-17
Posted by:kikadf
Vulnerable version:3.2.6-2arcturus1
Unaffected version:3.2.6-2arcturus2
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0081 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0082 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0130
Description:The actionview/lib/action_view/helpers/number_helper.rb contains multiple cross-site scripting vulnerabilities. The actionpack/lib/action_view/template/text.rb performs symbol interning on MIME type strings, allowing remote denial-of-service attacks via increased memory consumption. A directory traversal vulnerability in actionpack/lib/abstract_controller/base.rb allows remote attackers to read arbitrary files.
Package:libxml2
Date:2014-05-16
Posted by:kikadf
Vulnerable version:2.8.0-1
Unaffected version:2.8.0-2arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5134 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2877 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0191
Description:It was discovered that libxml2 had a heap-based buffer underflow when parsing entities. It was discovered that libxml2 would load XML external entities by default. It was discovered that libxml2 incorrectly handled documents that end abruptly. Daniel Berrange discovered that libxml2 would incorrectly perform entity substitution even when requested not to.
Package:dovecot
Date:2014-05-16
Posted by:kikadf
Vulnerable version:2.1.8-2
Unaffected version:2.1.8-3arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3430
Description:It was discovered that Dovecot incorrectly handled closing inactive SSL/TLS connections.
Package:django
Date:2014-05-15
Posted by:kikadf
Vulnerable version:1.5.2-2arcturus1
Unaffected version:1.5.2-2arcturus2
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1418
Description:Stephen Stewart, Michael Nelson, Natalia Bidart and James Westby discovered that Django improperly removed Vary and Cache-Control headers from HTTP responses when replying to a request from an Internet Explorer or Chrome Frame client. Peter Kuma and Gavin Wahl discovered that Django did not correctly validate some malformed URLs, which are accepted by some browsers.
Package:kernel
Date:2014-05-15
Posted by:James Buren
Vulnerable version:3.10-6
Unaffected version:3.10-7
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0196 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1737 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2851 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3122
Description:Jiri Slaby discovered a race condition in the pty layer, which could lead to denial of service or privilege escalation. Matthew Daley discovered that missing input sanitising in the FDRAWCMD ioctl and an information leak could result in privilege escalation. Incorrect reference counting in the ping_init_sock() function allows denial of service or privilege escalation. Incorrect locking of memory can result in local denial of service.
Package:libxfont
Date:2014-05-14
Posted by:kikadf
Vulnerable version:1.4.5-2arcturus2
Unaffected version:1.4.5-2arcturus3
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0209 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0210 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0211
Description:Integer overflow of allocations in font metadata file parsing could allow a local user who is already authenticated to the X server to overwrite other memory in the heap. Libxfont does not validate length fields when parsing xfs protocol replies allowing to write past the bounds of allocated memory when storing the returned data from the font server. Integer overflows calculating memory needs for xfs replies could result in allocating too little memory and then writing the returned data from the font server past the end of the allocated buffer.
Package:rxvt-unicode
Date:2014-05-09
Posted by:kikadf
Vulnerable version:9.18-1
Unaffected version:9.18-2arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3121
Description:Phillip Hallam-Baker discovered that window property values could be queried in rxvt-unicode, resulting in the potential execution of arbitrary commands.
Package:libtiff
Date:2014-05-07
Posted by:kikadf
Vulnerable version:3.9.5-1
Unaffected version:3.9.5-2arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1173 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2088 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2113 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3401 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4447 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4564 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5581 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1960 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1961 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4231 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4232 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4243 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4244
Description:It was discovered that LibTIFF incorrectly handled certain malformed images when using the gif2tiff tool. If a user or automated system were tricked into opening a specially crafted GIF image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges.
Package:strongswan
Date:2014-05-07
Posted by:kikadf
Vulnerable version:5.0.1-2arcturus1
Unaffected version:5.0.1-2arcturus2
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2891
Description:A vulnerability has been found in the ASN.1 parser of strongSwan, an IKE/IPsec suite used to establish IPsec protected links.
Package:openssl
Date:2014-05-07
Posted by:kikadf
Vulnerable version:1.0.1-5arcturus3
Unaffected version:1.0.1-5arcturus4
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198
Description:It was discovered that OpenSSL incorrectly handled memory in the do_ssl3_write() function. A remote attacker could use this issue to possibly cause OpenSSL to crash, resulting in a denial of service.
Package:libmms
Date:2014-04-30
Posted by:kikadf
Vulnerable version:0.6.2-1
Unaffected version:0.6.2-2arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2892
Description:Alex Chapman discovered that a buffer overflow in processing "MMS over HTTP" messages could result in the execution of arbitrary code.
Package:qemu
Date:2014-04-28
Posted by:kikadf
Vulnerable version:1.5.2-3arcturus3
Unaffected version:1.5.2-3arcturus4
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4544 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2894
Description:Michael S. Tsirkin discovered that QEMU incorrectly handled vmxnet3 devices. Benoît Canet discovered that QEMU incorrectly handled SMART self-tests. A local guest could possibly use this issue to cause a denial of service, or possibly execute arbitrary code on the host.
Package:drupal7
Date:2014-04-26
Posted by:kikadf
Vulnerable version:7.22-2arcturus1
Unaffected version:7.22-2arcturus2
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2983
Description:An information disclosure vulnerability was discovered in Drupal, a fully-featured content management framework. When pages are cached for anonymous users, form state may leak between anonymous users. Sensitive or private information recorded for one anonymous user could thus be disclosed to other users interacting with the same form at the same time.
Package:drupal6
Date:2014-04-26
Posted by:kikadf
Vulnerable version:6.30-1arcturus1
Unaffected version:6.31-1arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2983
Description:An information disclosure vulnerability was discovered in Drupal, a fully-featured content management framework. When pages are cached for anonymous users, form state may leak between anonymous users. Sensitive or private information recorded for one anonymous user could thus be disclosed to other users interacting with the same form at the same time.
Package:cups
Date:2014-04-25
Posted by:kikadf
Vulnerable version:1.6.1-3arcturus1
Unaffected version:1.6.1-3arcturus2
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2856
Description:Alex Korobkin discovered that the CUPS web interface incorrectly protected against cross-site scripting (XSS) attacks.
Package:django
Date:2014-04-22
Posted by:kikadf
Vulnerable version:1.5.2-1
Unaffected version:1.5.2-2arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0472 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0473 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0474
Description:Benjamin Bach discovered that Django incorrectly handled dotted Python paths when using the reverse() function. Paul McMillan discovered that Django incorrectly cached certain pages that contained CSRF cookies. Michael Koziarski discovered that Django did not always perform explicit conversion of certain fields when using a MySQL database.
Package:qemu
Date:2014-04-20
Posted by:kikadf
Vulnerable version:1.5.2-3arcturus2
Unaffected version:1.5.2-3arcturus3
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0150
Description:Michael S. Tsirkin of Red Hat discovered a buffer overflow flaw in the way qemu processed MAC addresses table update requests from the guest. A privileged guest user could use this flaw to corrupt qemu process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the qemu process.
Package:openssl
Date:2014-04-18
Posted by:kikadf
Vulnerable version:1.0.1-5arcturus2
Unaffected version:1.0.1-5arcturus3
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298
Description:A read buffer can be freed even when it still contains data that is used later on, leading to a use-after-free. Given a race condition in a multi-threaded application it may permit an attacker to inject data from one connection into another or cause denial of service.
Package:ntp
Date:2014-04-18
Posted by:kikadf
Vulnerable version:4.2.6p5-2
Unaffected version:4.2.6p5-3arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5211
Description:The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service (traffic amplification) via forged (1) REQ_MON_GETLIST or (2) REQ_MON_GETLIST_1 requests, as exploited in the wild in December 2013.
Package:openssh
Date:2014-04-18
Posted by:kikadf
Vulnerable version:6.1p1-1
Unaffected version:6.1p1-2arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4548 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2532 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2653
Description:Jann Horn discovered that OpenSSH incorrectly handled wildcards in AcceptEnv lines. A remote attacker could use this issue to trick OpenSSH into accepting any environment variable that contains the characters before the wildcard character. Matthew Vernon reported that if a SSH server offers a HostCertificate that the ssh client doesn't accept, then the client doesn't check the DNS for SSHFP records. As a consequence a malicious server can disable SSHFP-checking by presenting a certificate.
Package:python
Date:2014-04-18
Posted by:kikadf
Vulnerable version:2.7.5-1
Unaffected version:2.7.5-2arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4238 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1912
Description:Ryan Sleevi discovered that NULL characters in the subject alternate names of SSL cerficates were parsed incorrectly. Ryan Smith-Roberts discovered a buffer overflow in the socket.recvfrom_into() function.
Package:imaging
Date:2014-04-17
Posted by:kikadf
Vulnerable version:1.1.7-4
Unaffected version:1.1.7-5arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1932 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1933
Description:Jakub Wilk discovered that the Python Imaging Library incorrectly handled temporary files. A local attacker could possibly use this issue to overwrite arbitrary files, or gain access to temporary file contents.
Package:xalan-j
Date:2014-04-17
Posted by:kikadf
Vulnerable version:2.7.1-2
Unaffected version:2.7.1-3arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0107
Description:Nicolas Gregoire discovered several vulnerabilities in libxalan2-java, a Java library for XSLT processing. Crafted XSLT programs could access system properties or load arbitrary classes, resulting in information disclosure and, potentially, arbitrary code execution.
Package:wordpress
Date:2014-04-17
Posted by:kikadf
Vulnerable version:3.5.1-1
Unaffected version:3.9-1arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0165 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0166
Description:A user with a contributor role, using a specially crafted request, can publish posts, which is reserved for users of the next-higher role. Jon Cave of the WordPress security team discovered that the wp_validate_auth_cookie function in wp-includes/pluggable.php does not properly determine the validity of authentication cookies, allowing a remote attacker to obtain access via a forged cookie.
Package:strongswan
Date:2014-04-17
Posted by:kikadf
Vulnerable version:5.0.1-1
Unaffected version:5.0.1-2arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5018 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6075 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2338
Description:A vulnerability has been found in the ASN.1 parser of strongSwan, an IKE daemon used to establish IPsec protected links. An authentication bypass vulnerability was found in charon, the daemon handling IKEv2 in strongSwan, an IKE/IPsec suite. The state machine handling the security association (IKE_SA) handled some state transitions incorrectly.
Package:samba
Date:2014-04-17
Posted by:kikadf
Vulnerable version:3.6.9-4arcturus1
Unaffected version:3.6.23-1arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4496 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6442
Description:Andrew Bartlett discovered that Samba did not properly enforce the password guessing protection mechanism for all interfaces. Samba have a flaw in the smbcacls command. If smbcacls is used with the "-C|--chown name" or "-G|--chgrp name" command options it will remove the existing ACL on the object being modified, leaving the file or directory unprotected.
Package:postfixadmin
Date:2014-04-17
Posted by:kikadf
Vulnerable version:2.3.6-1
Unaffected version:2.3.6-2arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2655
Description:An SQL injection vulnerability was discovered in postfixadmin, a web administration interface for the Postfix Mail Transport Agent, which allowed authenticated users to make arbitrary manipulations to the database.
Package:net-snmp
Date:2014-04-16
Posted by:kikadf
Vulnerable version:5.7.1-3
Unaffected version:5.7.1-4arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6151 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2284 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2285
Description:Ken Farnen discovered that Net-SNMP incorrectly handled AgentX timeouts. It was discovered that the Net-SNMP ICMP-MIB incorrectly validated input. Viliam Púčik discovered that the Net-SNMP perl trap handler incorrectly handled NULL arguments.
Package:jbigkit
Date:2014-04-16
Posted by:kikadf
Vulnerable version:2.0-2
Unaffected version:2.0-3arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6369
Description:Florian Weimer of the Red Hat product security team discovered multiple buffer overflows in jbigkit, which could lead to the execution of arbitrary code when processing malformed images.
Package:curl
Date:2014-04-16
Posted by:kikadf
Vulnerable version:7.26.0-2arcturus2
Unaffected version:7.26.0-2arcturus3
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0138 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0139
Description:Steve Holme discovered that libcurl can in some circumstances re-use the wrong connection when asked to do transfers using other protocols than HTTP and FTP. Richard Moore from Westpoint Ltd. reported that libcurl does not behave compliant to RFC 2828 under certain conditions and incorrectly validates wildcard SSL certificates containing literal IP addresses.
Package:libyaml
Date:2014-04-14
Posted by:kikadf
Vulnerable version:0.1.4-3arcturus1
Unaffected version:0.1.4-3arcturus2
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2525
Description:Ivan Fratric of the Google Security Team discovered a heap-based buffer overflow vulnerability in LibYAML, a fast YAML 1.1 parser and emitter library.
Package:apache
Date:2014-04-14
Posted by:kikadf
Vulnerable version:2.2.23-2
Unaffected version:2.2.23-3arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3499 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4558 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1862 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1896 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6438 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0098
Description:Ning Zhang and Amin Tora discovered that the mod_dav module incorrectly handled whitespace characters in CDATA sections. Rainer M Canavan discovered that the mod_log_config module incorrectly handled certain cookies.
Package:actionmailer
Date:2014-04-14
Posted by:kikadf
Vulnerable version:3.2.6-1
Unaffected version:3.2.6-2arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4389
Description:Aaron Neyer discovered that missing input sanitising in the logging component of Ruby Actionmailer could result in denial of service through a malformed e-mail message.
Package:actionpack
Date:2014-04-14
Posted by:kikadf
Vulnerable version:3.2.6-1
Unaffected version:3.2.6-2arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3424 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3463 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3465 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0155 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1855 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1857 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4389 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4491 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6414 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6415 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6417
Description:Toby Hsieh, Peter McLarnan, Ankit Gupta, Sudhir Rao and Kevin Reintjes discovered multiple cross-site scripting and denial of service vulnerabilities in Ruby Actionpack.
Package:a2ps
Date:2014-04-12
Posted by:kikadf
Vulnerable version:4.14-4
Unaffected version:4.14-5arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1953 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0466
Description:The spy_user function which is called when a2ps is invoked with the --debug flag insecurely used temporary files. Brian M. Carlson reported that a2ps's fixps script does not invoke gs with the -dSAFER option. Consequently executing fixps on a malicious PostScript file could result in files being deleted or arbitrary commands being executed with the privileges of the user running fixps.
Package:openssl
Date:2014-04-08
Posted by:James Buren
Vulnerable version:1.0.1-5arcturus1
Unaffected version:1.0.1-5arcturus2
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160
Description:A vulnerability has been discovered in OpenSSL's support for the TLS/DTLS Heartbeat extension. Up to 64KB of memory from either client or server can be recovered by an attacker. This vulnerability might allow an attacker to compromise the private key and other sensitive data in memory.
Package:lighttpd
Date:2014-03-15
Posted by:kikadf
Vulnerable version:1.4.32-2
Unaffected version:1.4.35-1arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2323 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2324 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4508 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4559 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4560
Description:Jann Horn discovered that specially crafted host names can be used to inject arbitrary MySQL queries in lighttpd servers using the MySQL virtual hosting module (mod_mysql_vhost). Jann Horn discovered that specially crafted host names can be used to traverse outside of the document root under certain situations in lighttpd servers using either the mod_mysql_vhost, mod_evhost, or mod_simple_vhost virtual hosting modules.
Package:mutt-devel
Date:2014-03-14
Posted by:kikadf
Vulnerable version:1.5.21-3
Unaffected version:1.5.21-4arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0467
Description:Beatrice Torracca and Evgeni Golov discovered a buffer overflow in the mutt mailreader. Malformed RFC2047 header lines could result in denial of service or potentially the execution of arbitrary code.
Package:php
Date:2014-03-13
Posted by:kikadf
Vulnerable version:5.3.26-1
Unaffected version:5.3.26-2arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4413 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4248 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6420 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6712 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1943
Description:It was discovered that file, a file type classification tool, contains a flaw in the handling of indirect magic rules in the libmagic library, which leads to an infinite recursion when trying to determine the file type of certain files.
Package:icedtea-web
Date:2014-03-13
Posted by:kikadf
Vulnerable version:1.3.1-1
Unaffected version:1.3.1-2arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6493
Description:Michael Scherer discovered that IcedTea Web created temporary directories in an unsafe fashion.
Package:cups-filters
Date:2014-03-13
Posted by:kikadf
Vulnerable version:1.0.24-1
Unaffected version:1.0.24-2arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6474 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6475 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6476
Description:Florian Weimer of the Red Hat Product Security Team discovered multiple vulnerabilities in the pdftoopvp CUPS filter, which could result in the execution of aribitrary code if a malformed PDF file is processed.
Package:libssh
Date:2014-03-13
Posted by:kikadf
Vulnerable version:0.5.3-1
Unaffected version:0.5.3-2arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0176 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0017
Description:Aris Adamantiadis discovered that libssh allowed the OpenSSL PRNG state to be reused when implementing forking servers.
Package:udisks
Date:2014-03-13
Posted by:kikadf
Vulnerable version:1.0.4-7
Unaffected version:1.0.4-8arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0004
Description:Florian Weimer discovered a buffer overflow in udisks's mount path parsing code which may result in privilege escalation.
Package:file
Date:2014-03-13
Posted by:kikadf
Vulnerable version:5.14-2arcturus1
Unaffected version:5.14-2arcturus2
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270
Description:Aaron Reffett reported a flaw in the way the file utility determined the type of Portable Executable (PE) format files, the executable format used on Windows. When processing a defective or intentionally prepared PE executable which contains invalid offset information, the file_strncmp routine will access memory that is out of bounds, causing file to crash.
Package:wireshark
Date:2014-03-13
Posted by:kikadf
Vulnerable version:1.8.6-1
Unaffected version:1.8.13-1arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2281 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2283 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2299
Description:Moshe Kaplan discovered that the NFS dissector could be crashed, resulting in denial of service. It was discovered that the RLC dissector could be crashed, resulting in denial of service. Wesley Neelen discovered a buffer overflow in the MPEG file parser, which could lead to the execution of arbitrary code.
Package:postgresql
Date:2014-03-13
Posted by:kikadf
Vulnerable version:9.1.9-1
Unaffected version:9.1.12-1arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0060 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0061 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0062 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0063 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0064 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0065 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0066 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0067
Description:Shore up GRANT ... WITH ADMIN OPTION restrictions (Noah Misch). Prevent privilege escalation via manual calls to PL validator functions (Andres Freund). Avoid multiple name lookups during table and index DDL (Robert Haas, Andres Freund). Prevent buffer overrun with long datetime strings (Noah Misch). Prevent buffer overrun due to integer overflow in size calculations (Noah Misch, Heikki Linnakangas). Prevent overruns of fixed-size buffers (Peter Eisentraut, Jozef Mlich). Avoid crashing if crypt() returns NULL (Honza Horak, Bruce Momjian). Document risks of make check in the regression testing instructions (Noah Misch, Tom Lane).
Package:gnutls
Date:2014-03-05
Posted by:kikadf
Vulnerable version:2.12.17-1
Unaffected version:2.12.17-2arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0092 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1959
Description:Nikos Mavrogiannopoulos of Red Hat discovered an X.509 certificate verification issue in GnuTLS, an SSL/TLS library. A certificate validation could be reported sucessfully even in cases were an error would prevent all verification steps to be performed. Suman Jana reported that GnuTLS, deviating from the documented behavior, considers a version 1 intermediate certificate as a CA certificate by default.
Package:file
Date:2014-02-27
Posted by:kikadf
Vulnerable version:5.14-1
Unaffected version:5.14-2arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1943
Description:It was discovered that file, a file type classification tool, contains a flaw in the handling of "indirect" magic rules in the libmagic library, which leads to an infinite recursion when trying to determine the file type of certain files.
Package:libtar
Date:2014-02-27
Posted by:kikadf
Vulnerable version:1.2.11-5
Unaffected version:1.2.20-1arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4397 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4420
Description:Timo Warns reported multiple integer overflow vulnerabilities in libtar, a library for manipulating tar archives, which can result in the execution of arbitrary code. A directory traversal attack was reported against libtar, a C library for manipulating tar archives. The application does not validate the filenames inside the tar archive, allowing to extract files in arbitrary path. An attacker can craft a tar file to override files beyond the tar_extract_glob and tar_extract_all prefix parameter.
Package:perl
Date:2014-02-14
Posted by:kikadf
Vulnerable version:5.14.1-5
Unaffected version:5.14.1-6arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5526 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6329 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1667
Description:It was discovered that Perl's Locale::Maketext module incorrectly handled backslashes and fully qualified method names. An attacker could possibly use this flaw to execute arbitrary code when an application used untrusted templates.
Package:pidgin
Date:2014-02-14
Posted by:kikadf
Vulnerable version:2.10.7-1
Unaffected version:2.10.7-2arcturus2
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6152 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6477 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6478 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6479 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6481 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6482 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6483 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6484 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6485 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6487 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6489 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6490 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0020
Description:Jaime Breva Ribes discovered that a remote XMPP user can trigger a crash by sending a message with a timestamp in the distant future. Pidgin could be crashed through overly wide tooltip windows. Jacob Appelbaum discovered that a malicious server or a "man in the middle" could send a malformed HTTP header resulting in denial of service. Daniel Atallah discovered that Pidgin could be crashed through malformed Yahoo! P2P messages. Fabian Yamaguchi and Christian Wressnegger discovered that Pidgin could be crashed through malformed MSN messages. Fabian Yamaguchi and Christian Wressnegger discovered that Pidgin could be crashed through malformed XMPP messages. It was discovered that incorrect error handling when reading the response from a STUN server could result in a crash. Matt Jones discovered a buffer overflow in the parsing of malformed HTTP responses. Yves Younan and Ryan Pentney discovered a buffer overflow when parsing Gadu-Gadu messages. Yves Younan and Pawel Janic discovered an integer overflow when parsing MXit emoticons. Yves Younan discovered a buffer overflow when parsing SIMPLE headers. Daniel Atallah discovered that Pidgin could be crashed via malformed IRC arguments.
Package:mumble
Date:2014-02-14
Posted by:kikadf
Vulnerable version:1.2.4-1
Unaffected version:1.2.4-2arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0044 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0045
Description:It was discovered that a malformed Opus voice packet sent to a Mumble client could trigger a NULL pointer dereference or an out-of-bounds array access. A malicious remote attacker could exploit this flaw to mount a denial of service attack against a mumble client by causing the application to crash. It was discovered that a malformed Opus voice packet sent to a Mumble client could trigger a heap-based buffer overflow. A malicious remote attacker could use this flaw to cause a client crash (denial of service) or potentially use it to execute arbitrary code.
Package:libgadu
Date:2014-02-14
Posted by:kikadf
Vulnerable version:1.11.2-1
Unaffected version:1.11.2-2arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6487
Description:Yves Younan and Ryan Pentney discovered that libgadu, a library for accessing the Gadu-Gadu instant messaging service, contained an integer overflow leading to a buffer overflow. Attackers which impersonate the server could crash clients and potentially execute arbitrary code.
Package:drupal6
Date:2014-02-07
Posted by:kikadf
Vulnerable version:6.28-1
Unaffected version:6.30-1arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6385 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6386 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1475
Description:Multiple vulnerabilities have been discovered in Drupal, a fully-featured content management framework: Cross-site request forgery, insecure pseudo random number generation, code execution, incorrect security token validation and cross-site scripting. Christian Mainka and Vladislav Mladenov reported a vulnerability in the OpenID module that allows a malicious user to log in as other users on the site, including administrators, and hijack their accounts.
Package:drupal7
Date:2014-02-07
Posted by:kikadf
Vulnerable version:7.22-1
Unaffected version:7.22-2arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6385 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6386 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6387 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6388 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6389 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1475 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1476
Description:Multiple vulnerabilities have been discovered in Drupal, a fully-featured content management framework: Cross-site request forgery, insecure pseudo random number generation, code execution, incorrect security token validation and cross-site scripting. Christian Mainka and Vladislav Mladenov reported a vulnerability in the OpenID module that allows a malicious user to log in as other users on the site, including administrators, and hijack their accounts. Matt Vance and Damien Tournoud reported an access bypass vulnerability in the taxonomy module. Under certain circumstances, unpublished content can appear on listing pages provided by the taxonomy module and will be visible to users who should not have permission to see it.
Package:curl
Date:2014-02-06
Posted by:kikadf
Vulnerable version:7.26.0-2arcturus1
Unaffected version:7.26.0-2arcturus2
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0015
Description:Paras Sethia and Yehezkel Horowitz discovered that libcurl incorrectly reused connections when NTLM authentication was being used. This could lead to the use of unintended credentials, possibly exposing sensitive information.
Package:libotr
Date:2014-02-06
Posted by:kikadf
Vulnerable version:3.2.0-3
Unaffected version:3.2.0-4arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3461
Description:Just Ferguson discovered that libotr, an off-the-record (OTR) messaging library, can be forced to perform zero-length allocations for heap buffers that are used in base64 decoding routines. An attacker can exploit this flaw by sending crafted messages to an application that is using libotr to perform denial of service attacks or potentially execute arbitrary code.
Package:libyaml
Date:2014-02-06
Posted by:kikadf
Vulnerable version:0.1.4-2
Unaffected version:0.1.4-3arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-CVE-2013-6393
Description:Florian Weimer discovered that LibYAML incorrectly handled certain large yaml documents. An attacker could use this issue to cause LibYAML to crash, resulting in a denial of service, or possibly execute arbitrary code.
Package:qemu
Date:2014-02-06
Posted by:kikadf
Vulnerable version:1.5.2-2
Unaffected version:1.5.2-3arcturus2
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4344 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4375 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4377
Description:Asias He discovered that QEMU incorrectly handled SCSI controllers with more than 256 attached devices. A local user could possibly use this flaw to elevate privileges. (CVE-2013-4344) It was discovered that QEMU incorrectly handled Xen disks. A local guest could possibly use this flaw to consume resources, resulting in a denial of service. (CVE-2013-4375) Sibiao Luo discovered that QEMU incorrectly handled device hot-unplugging. A local user could possibly use this flaw to cause a denial of service. (CVE-2013-4377)
Package:gnupg
Date:2014-01-18
Posted by:kikadf
Vulnerable version:1.4.14-1
Unaffected version:1.4.14-2arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4351 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4402 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4576
Description:Daniel Kahn Gillmor discovered that GnuPG treated keys with empty usage flags as being valid for all usages. (CVE-2013-4351) Taylor R Campbell discovered that GnuPG incorrectly handled certain OpenPGP messages. (CVE-2013-4402) Daniel Genkin, Adi Shamir, and Eran Tromer discovered that GnuPG was susceptible to an adaptive chosen ciphertext attack via acoustic emanations. (CVE-2013-4576)
Package:curl
Date:2014-01-18
Posted by:kikadf
Vulnerable version:7.26.0-1
Unaffected version:7.26.0-2arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0249 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1944 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2174 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4545 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6422
Description:CVE-2013-0249: It was discovered that curl incorrectly handled SASL authentication when communicating over POP3, SMTP or IMAP. CVE-2013-1944: Yamada Yasuharu discovered that cURL, an URL transfer library, is vulnerable to expose potentially sensitive information when doing requests across domains with matching tails. CVE-2013-2174: Timo Sirainen discovered that cURL, an URL transfer library, is prone to a heap overflow vulnerability due to bad checking of the input data in the curl_easy_unescape function. CVE-2013-4545: Scott Cantor discovered that curl, a file retrieval tool, would disable the CURLOPT_SSLVERIFYHOST check when the CURLOPT_SSL_VERIFYPEER setting was disabled. This would also disable ssl certificate host name checks when it should have only disabled verification of the certificate trust chain. CVE-2013-6422: Marc Deslauriers discovered that curl, a file retrieval tool, would mistakenly skip verifying the CN and SAN name fields when digital signature verification was disabled in the libcurl GnuTLS backend.
Package:cups
Date:2014-01-17
Posted by:kikadf
Vulnerable version:1.6.1-2
Unaffected version:1.6.1-3arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6891
Description:Jann Horn discovered that the CUPS lppasswd tool incorrectly read a user configuration file in certain configurations. A local attacker could use this to read sensitive information from certain files, bypassing access restrictions.
Package:nspr
Date:2014-01-17
Posted by:kikadf
Vulnerable version:4.9.2-3
Unaffected version:4.9.2-4arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5607
Description:It was discovered that NSPR, Netscape Portable Runtime library, could crash an application using the library when parsing a certificate that causes an integer overflow. This flaw only affects 64-bit systems.
Package:graphviz
Date:2014-01-17
Posted by:kikadf
Vulnerable version:2.28.0-1
Unaffected version:2.28.0-2arcturus2
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0978 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1236
Description:CVE-2014-0978: It was discovered that user-supplied input used in the yyerror() function in lib/cgraph/scan.l is not bound-checked before beeing copied into an insufficiently sized memory buffer. A context-dependent attacker could supply a specially crafted input file containing a long line to cause a stack-based buffer overlow, resulting in a denial of service (application crash) or potentially allowing the execution of arbitrary code. CVE-2014-1236: Sebastian Krahmer reported an overflow condition in the chkNum() function in lib/cgraph/scan.l that is triggered as the used regular expression accepts an arbitrary long digit list. With a specially crafted input file, a context-dependent attacker can cause a stack-based buffer overflow, resulting in a denial of service (application crash) or potentially allowing the execution of arbitrary code.
Package:djvulibre
Date:2014-01-17
Posted by:kikadf
Vulnerable version:3.5.25.2-1
Unaffected version:3.5.25.2-2arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6535
Description:It was discovered that djvulibre, the Open Source DjVu implementation project, can be crashed or possibly make it execute arbitrary code when processing a specially crafted djvu file.
Package:hplip
Date:2014-01-16
Posted by:kikadf
Vulnerable version:3.12.11-1
Unaffected version:3.12.11-2arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4267 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4325 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6402 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6427
Description:Multiple vulnerabilities have been found in the HP Linux Printing and Imaging System: Insecure temporary files, insufficient permission checks in PackageKit and the insecure hp-upgrade service has been disabled.
Package:bind
Date:2014-01-14
Posted by:kikadf
Vulnerable version:9.9.2-2
Unaffected version:9.9.4-1arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2266 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4854 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0591
Description:libdns allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exhaustion attack against a machine running a named process. Maxim Shudrak and the HP Zero Day Initiative reported a denial of service vulnerability in BIND, a DNS server. A specially crafted query that includes malformed rdata can cause named daemon to terminate with an assertion failure while rejecting the malformed query.
Package:memcached
Date:2014-01-13
Posted by:kikadf
Vulnerable version:1.4.15-1
Unaffected version:1.4.15-2arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7239
Description:It was reported that SASL authentication could be bypassed due to a flaw related to the managment of the SASL authentication state. With a specially crafted request, a remote attacker may be able to authenticate with invalid SASL credentials.
Package:openssl
Date:2014-01-12
Posted by:kikadf
Vulnerable version:1.0.1-4
Unaffected version:1.0.1-5arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4353 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6449 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6450
Description:Anton Johansson discovered that an invalid TLS handshake package could crash OpenSSL with a NULL pointer dereference. Multiple security issues have been fixed in OpenSSL: The TLS 1.2 support was susceptible to denial of service and retransmission of DTLS messages was fixed. In addition this update disables the insecure Dual_EC_DRBG algorithm and no longer uses the RdRand feature available on some Intel CPUs as a sole source of entropy unless explicitly requested.
Package:spice
Date:2014-01-12
Posted by:kikadf
Vulnerable version:0.12.2-1
Unaffected version:0.12.2-2arcturus1
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4130
Description:David Gibson of Red Hat discovered that SPICE incorrectly handled certain network errors. A remote user able to initiate a SPICE connection to an application acting as a SPICE server could use this flaw to crash the application.
Package:libxfont
Date:2014-01-10
Posted by:kikadf
Vulnerable version:1.4.5-1
Unaffected version:1.4.5-2arcturus2
Bug tracker entry:
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6462
Description:It was discovered that a buffer overflow in the processing of Glyph Bitmap Distribution fonts (BDF) could result in the execution of arbitrary code.
Package:drupal6-webform
Date:2012-03-08
Posted by:James Buren
Vulnerable version:6.x_3.15-1
Unaffected version:6.x_3.17-fermus1
Bug tracker entry:https://bugs.frugalware.org/ticket/4671
CVEs:none
Description:A security issue and a vulnerability have been reported in drupal6-webform, which can be exploited by malicious people to manipulate certain data and bypass certain security restrictions. 1) Certain unspecified input is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed.
Package:phpmyadmin
Date:2012-03-08
Posted by:James Buren
Vulnerable version:3.4.9-1
Unaffected version:3.4.10.1-fermus1
Bug tracker entry:https://bugs.frugalware.org/ticket/4659
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1190
Description:A security issue and a vulnerability have been reported in phpmyadmin, which can be exploited by malicious people to manipulate certain data and bypass certain security restrictions. 1) It was possible to conduct XSS using a crafted database name.
Package:thunderbird
Date:2012-03-08
Posted by:James Buren
Vulnerable version:10.0-1
Unaffected version:10.0.2-fermus1
Bug tracker entry:https://bugs.frugalware.org/ticket/4663
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3026
Description:A security issue and a vulnerability have been reported in thunderbird, which can be exploited by malicious people to manipulate certain data and bypass certain security restrictions. 1) Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation.
Package:chromium-browser
Date:2012-03-08
Posted by:James Buren
Vulnerable version:16.0.912.63-2
Unaffected version:17.0.963.47-fermus1
Bug tracker entry:https://bugs.frugalware.org/ticket/4664
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3026
Description:A security issue and a vulnerability have been reported in chromium-browser, which can be exploited by malicious people to manipulate certain data and bypass certain security restrictions. 1) Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation.
Package:firefox
Date:2012-03-08
Posted by:James Buren
Vulnerable version:10.0-1
Unaffected version:10.0.2-fermus1
Bug tracker entry:https://bugs.frugalware.org/ticket/4662
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3026
Description:A security issue and a vulnerability have been reported in firefox, which can be exploited by malicious people to manipulate certain data and bypass certain security restrictions. 1) Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation.
Package:flashplugin
Date:2012-03-08
Posted by:James Buren
Vulnerable version:11.1.102.55-1
Unaffected version:11.1.102.63-fermus1
Bug tracker entry:https://bugs.frugalware.org/ticket/4673
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0768 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0769
Description:A security issue and a vulnerability have been reported in flashplugin, which can be exploited by malicious people to manipulate certain data and bypass certain security restrictions. 1) The Matrix3D component in Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.7 on Android 2.x and 3.x; and before 11.1.115.7 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. 2) Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.7 on Android 2.x and 3.x; and before 11.1.115.7 on Android 4.x does not properly handle integers, which allows attackers to obtain sensitive information via unspecified vectors.
Package:drupal6
Date:2012-02-05
Posted by:Miklos Vajna
Vulnerable version:6.22-1
Unaffected version:6.24-1mores1
Bug tracker entry:https://bugs.frugalware.org/ticket/4654
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0825 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0826 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0827
Description:A security issue and a vulnerability have been reported in Drupal, which can be exploited by malicious people to manipulate certain data and bypass certain security restrictions. 1) The security issue is caused due to the OpenID module not properly verifying the signature of Attribute Exchange (AX) information, which can be exploited to manipulate AX information. 2) An error in the File module when using certain field access modules can be exploited to download private files which would otherwise be restricted.
Package:drupal7
Date:2012-02-05
Posted by:Miklos Vajna
Vulnerable version:7.7-1
Unaffected version:7.12-1mores1
Bug tracker entry:https://bugs.frugalware.org/ticket/4655
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0825 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0826 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0827
Description:A security issue and a vulnerability have been reported in Drupal, which can be exploited by malicious people to manipulate certain data and bypass certain security restrictions. 1) The security issue is caused due to the OpenID module not properly verifying the signature of Attribute Exchange (AX) information, which can be exploited to manipulate AX information. 2) An error in the File module when using certain field access modules can be exploited to download private files which would otherwise be restricted.
Package:wireshark
Date:2012-02-05
Posted by:Miklos Vajna
Vulnerable version:1.6.3-1mores1
Unaffected version:1.6.5-1mores1
Bug tracker entry:https://bugs.frugalware.org/ticket/4650
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0041 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0042 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0043 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0066 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0067 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0068
Description:Multiple vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a user's system. 1) NULL pointer dereference errors when reading certain packet information can be exploited to cause a crash. 2) An error within the RLC dissector can be exploited to cause a buffer overflow via a specially crafted RLC packet capture file. Successful exploitation of this vulnerability may allow execution of arbitrary code. 3) An error within the "lanalyzer_read()" function (wiretap/lanalyzer.c) when parsing LANalyzer files can be exploited to cause a heap-based buffer underflow. Successful exploitation of this vulnerability may allow execution of arbitrary code. NOTE: A weakness within the file parser, which can lead to a crash when handling capture files has also been reported.
Package:wordpress
Date:2012-02-05
Posted by:Miklos Vajna
Vulnerable version:3.2.1-1
Unaffected version:3.3.1-1mores1
Bug tracker entry:https://bugs.frugalware.org/ticket/4644
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0287
Description:Aditya Modha and Samir Shah discovered a vulnerability in WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the URL to e.g. wp-comments-post.php is not properly sanitised within the "wp_guess_url()" function in wp-includes/functions.php before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
Package:phpmyadmin
Date:2012-02-05
Posted by:Miklos Vajna
Vulnerable version:3.4.8-1mores1
Unaffected version:3.4.9-1mores1
Bug tracker entry:https://bugs.frugalware.org/ticket/4643
CVEs:http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4780
Description:Multiple cross-site scripting (XSS) vulnerabilities in libraries/display_export.lib.php in phpMyAdmin allow remote attackers to inject arbitrary web script or HTML via crafted URL parameters, related to the export panels in the (1) server, (2) database, and (3) table sections.
Package:phpmyadmin
Date:2011-12-23
Posted by:Miklos Vajna
Vulnerable version:3.4.7.1-1mores1
Unaffected version:3.4.8-1mores1
Bug tracker entry:https://bugs.frugalware.org/ticket/4640
CVEs:http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4634
Description:Using crafted database names, it was possible to produce XSS in the Database Synchronize and Database rename panels. Using an invalid and crafted SQL query, it was possible to produce XSS when editing a query on a table overview panel or when using the view creation dialog. Using a crafted column type, it was possible to produce XSS in the table search and create index dialogs.
Package:roundcube
Date:2011-12-23
Posted by:Miklos Vajna
Vulnerable version:0.5.4-1mores1
Unaffected version:0.7-1mores1
Bug tracker entry:https://bugs.frugalware.org/ticket/4642
CVEs:No CVE, see http://sourceforge.net/news/?group_id=139281&id=305129.
Description:Beside fixing bugs the developers added some security improvements which will protect the Roundcube users from XSS and clickjacking attacks.
Package:wireshark
Date:2011-12-23
Posted by:Miklos Vajna
Vulnerable version:1.6.2-1mores1
Unaffected version:1.6.3-1mores1
Bug tracker entry:https://bugs.frugalware.org/ticket/4633
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4100 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4101 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4102
Description:Multiple vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system. 1) An error related to an uninitialised variable within the CSN.1 dissector can be exploited to cause a crash. 2) A NULL pointer dereference error within the Infiniband dissector can be exploited to cause a crash. 3) An error within the ERF file parser can be exploited to cause a heap-based buffer overflow. Successful exploitation of this vulnerability may allow execution of arbitrary code.
Package:drupal6-views
Date:2011-12-23
Posted by:Miklos Vajna
Vulnerable version:6.x_2.12-2
Unaffected version:6.x_2.14-1mores1
Bug tracker entry:https://bugs.frugalware.org/ticket/4632
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4113
Description:A vulnerability has been reported in the Views module for Drupal, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via certain filters or arguments on certain types of views is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
Package:libreoffice
Date:2011-10-06
Posted by:Miklos Vajna
Vulnerable version:3.4.2.3-1
Unaffected version:3.4.3.2-1mores1
Bug tracker entry:http://bugs.frugalware.org/task/4609
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2713
Description:Red Hat, Inc. security researcher Huzaifa Sidhpurwala reported multiple vulnerabilities in the binary Microsoft Word (doc) file format importer where custom crafted documents trigger out of bounds behaviour. Thanks to Huzaifa Sidhpurwala of Red Hat Security Team for reporting this vulnerability.
Package:django
Date:2011-09-17
Posted by:Miklos Vajna
Vulnerable version:1.3-2
Unaffected version:1.3.1-1mores1
Bug tracker entry:http://bugs.frugalware.org/task/4590
CVEs:No CVE, see https://www.djangoproject.com/weblog/2011/sep/09/security-releases-issued/
Description:Some vulnerabilities have been reported in Django, which can be exploited by malicious people to disclose certain system information, manipulate certain data, conduct cache poisoning attacks, and cause a DoS (Denial of Service). 1) An error within the handling of sessions within django.contrib.sessions when using the caching backend can be exploited to manipulate session information. Successful exploitation requires that the session key is known and the application allows attackers to store dictionary-like objects with a valid session key in the cache. 2) An error when verifying if URLs provided to the "URLField" field type correctly resolve can be exploited to exhaust all of the server's processes and memory by providing an URL to a malicious server. 3) An error within the handling of redirect responses when verifying URLs provided to the "URLField" field type can be exploited to e.g. determine the existence of local files on the server by returning a redirect response to a "file://" URL. 4) An error within the handling of the "X-Forwarded-Host" HTTP header when e.g. generating full URLs for redirect responses can be exploited to conduct cache poisoning attacks.
Package:librsvg
Date:2011-09-13
Posted by:Miklos Vajna
Vulnerable version:2.34.0-1
Unaffected version:2.34.1-1mores1
Bug tracker entry:http://bugs.frugalware.org/task/4582
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3146
Description:A vulnerability has been reported in librsvg, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library. The vulnerability is caused due to an error within the handling of node types, which can be exploited to dereference invalid memory via specially crafted SVG images.
Package:mantis
Date:2011-09-09
Posted by:Miklos Vajna
Vulnerable version:1.2.7-1mores1
Unaffected version:1.2.8-1mores1
Bug tracker entry:http://bugs.frugalware.org/task/4586
CVEs:No CVE, see https://www.htbridge.ch/advisory/multiple_vulnerabilities_in_mantisbt.html
Description:Some vulnerabilities have been reported in MantisBT, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose potentially sensitive information and by malicious users to compromise a vulnerable system. 1) Certain input passed via the URL is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed to the "action" parameter in bug_actiongroup_ext_page.php and bug_actiongroup_page.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes. Note: In combination with MantisBT's file upload functionality, this can be exploited to execute arbitrary PHP code. 3) Input passed to the "os", "os_build", and "platform" parameters in bug_report_page.php and bug_update_advanced_page.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a users browser session in context of an affected site.
Package:apache
Date:2011-09-07
Posted by:Miklos Vajna
Vulnerable version:2.2.19-2mores1
Unaffected version:2.2.20-1mores1
Bug tracker entry:http://bugs.frugalware.org/task/4571
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192
Description:Kingcope has discovered a vulnerability in Apache HTTP Server, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the ByteRange filter when processing requests containing a large amount of ranges, which can be exploited to exhaust memory via specially crafted HTTP requests sent to the server.
Package:foomatic-filters
Date:2011-09-03
Posted by:Miklos Vajna
Vulnerable version:4.0.1-5
Unaffected version:4.0.1-6mores1
Bug tracker entry:http://bugs.frugalware.org/task/4556
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2924
Description:It was found that foomatic-rip filter used insecurely created temporary file for storage of PostScript data by rendering the data, intended to be sent to the PostScript filter, when the debug mode was enabled. A local attacker could use this flaw to conduct symlink attacks (overwrite arbitrary file accessible with the privileges of the user running the foomatic-rip universal print filter).
Package:phpmyadmin
Date:2011-08-29
Posted by:Miklos Vajna
Vulnerable version:3.4.3.2-1
Unaffected version:3.4.4-1mores1
Bug tracker entry:http://bugs.frugalware.org/task/4567
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3181
Description:Some vulnerabilities have been reported in phpMyAdmin, which can be exploited by malicious users to conduct script insertion attacks. Certain input passed to table, column, and index names is not properly sanitised before being used in the Tracking feature. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed.
Package:stunnel
Date:2011-08-28
Posted by:Miklos Vajna
Vulnerable version:4.39-1
Unaffected version:4.42-1mores1
Bug tracker entry:http://bugs.frugalware.org/task/4552
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2940
Description:A vulnerability has been reported in Stunnel, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. The vulnerability is caused due to an unspecified error and can be exploited to corrupt heap memory.
Package:krb5
Date:2011-08-27
Posted by:Miklos Vajna
Vulnerable version:1.7-6
Unaffected version:1.7.2-1mores1
Bug tracker entry:http://bugs.frugalware.org/task/4256
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0628 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1320 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1321
Description:1) A vulnerability has been reported in Kerberos, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an assertion error within the "spnego_gss_accept_sec_context()" function in src/lib/gssapi/spnego/spnego_mech.c when receiving an invalid packet, which can be exploited to e.g. crash an application using the library by sending a specially crafted packet. 2) Joel Johnson has reported a vulnerability in Kerberos, which can be exploited by malicious users to potentially compromise a vulnerable system. The vulnerability is caused due to an error in KDC within the "process_tgs_req()" function in kdc/do_tgs_req.c when validating or renewing tickets and can be exploited to trigger a double-free condition. Successful exploitation may allow execution of arbitrary code. 3) A vulnerability has been reported in Kerberos, which can be exploited by malicious users to cause a DoS (Denial of Service). The vulnerability is caused due to a NULL pointer dereference error when processing certain Kerberos AP-REQ authenticators, which can be exploited to cause a crash in e.g. kadmind or other applications linked against the GSS-API library by sending an AP-REQ authenticator with a missing checksum field.
Package:mantis
Date:2011-08-24
Posted by:Miklos Vajna
Vulnerable version:1.2.5-1
Unaffected version:1.2.7-1mores1
Bug tracker entry:http://bugs.frugalware.org/task/4553
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2938
Description:A vulnerability has been discovered in MantisBT, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "project_id" parameter to search.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
Package:roundcube
Date:2011-08-23
Posted by:Miklos Vajna
Vulnerable version:0.3-2
Unaffected version:0.5.4-1mores1
Bug tracker entry:http://bugs.frugalware.org/task/4554
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2937
Description:A vulnerability has been reported in RoundCube Webmail, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "_mbox" parameter to various scripts is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
Package:xpdf
Date:2011-08-22
Posted by:Miklos Vajna
Vulnerable version:3.02-6
Unaffected version:3.02-7mores1
Bug tracker entry:http://bugs.frugalware.org/task/4236
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1188 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609
Description:Some vulnerabilities have been reported in Xpdf, which can be exploited by malicious people to potentially compromise a user's system. 1) Multiple integer overflows in "SplashBitmap::SplashBitmap()" can be exploited to cause heap-based buffer overflows. 2) An integer overflow error in "ObjectStream::ObjectStream()" can be exploited to cause a heap-based buffer overflow. 3) Multiple integer overflows in "Splash::drawImage()" can be exploited to cause heap-based buffer overflows. 4) An integer overflow error in "PSOutputDev::doImageL1Sep()" can be exploited to cause a heap-based buffer overflow when converting a PDF document to a PS file. Successful exploitation of the vulnerabilities may allow execution of arbitrary code by tricking a user into opening a specially crafted PDF file.
Package:flashplugin
Date:2011-08-17
Posted by:Miklos Vajna
Vulnerable version:10.3.181.34-1
Unaffected version:10.3.183.5-1mores1
Bug tracker entry:http://bugs.frugalware.org/task/4545
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2130 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2134 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2135 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2136 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2137 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2138 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2139 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2140 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2414 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2415 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2416 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2417 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2424 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2425
Description:Multiple vulnerabilities have been reported in Adobe Flash Player, which can be exploited by malicious people to disclose sensitive information and compromise a user's system. 1) An unspecified error can be exploited to cause a buffer overflow and potentially execute arbitrary code. 2) An unspecified error can be exploited to cause a buffer overflow and potentially execute arbitrary code. 3) An error exists within a certain ActionScript function in the "flash.display" class when parsing certain parameters and can be exploited to corrupt memory and potentially execute arbitrary code. 4) An integer overflow error within a certain ActionScript function can be exploited to corrupt memory and potentially execute arbitrary code. 5) An unspecified error can be exploited to cause a buffer overflow and potentially execute arbitrary code. 6) An integer overflow error when handling the "scroll" method of the ActionScript Bitmap class can be exploited to corrupt memory. 7) An unspecified error can be exploited to disclose certain information from another domain. 8) An unspecified error can be exploited to corrupt memory and potentially execute arbitrary code. 9) An unspecified error can be exploited to cause a buffer overflow and potentially execute arbitrary code. 10) An error within the "Setslot()" method when parsing a certain field from an SWF file can be exploited to cause a buffer overflow and potentially execute arbitrary code. 11) An integer overflow error within a certain ActionScript function can be exploited to corrupt memory and potentially execute arbitrary code. 12) An unspecified error can be exploited to corrupt memory and potentially execute arbitrary code. 13) An error within the "Bitmapdata" class when parsing a certain field from an SWF file can be exploited to corrupt memory and potentially execute arbitrary code. 14) 80 unspecified errors of various types when parsing SWF file content may be exploited to corrupt memory.