Sorties

frugalware-0.9 (Solaria)
Sep 9, 2008

frugalware-0.8 (Kalgan)
Mar 11, 2008

frugalware-0.7 (Sayshell)
Oct 13, 2007

frugalware-0.6 (Terminus)
Mar 22, 2007

frugalware-0.5 (Siwenna)
Sep 14, 2006

frugalware-0.4 (Wanda)
Mar 30, 2006

frugalware-0.3 (Trantor)
Oct 13, 2005

frugalware-0.2 (Aurora)
Apr 28, 2005

frugalware-0.1 (Genesis)
Nov 02, 2004

RSS

Dons

Fait une donation pour aider à nos efforts de développement.

Mises à jours récentes
xmultimedia-extra/
 dvdrip
0.98.9-1-i686
xmultimedia-extra/
 dvdrip
0.98.9-1-x86_64
games-extra/
 freenukum
0.2.10-1-i686
devel-extra/
 perl-locale-maketext-lexicon
0.71-1-x86_64
apps-extra/jhead
2.84-1-x86_64
apps-extra/jhead
2.84-1-i686
devel-extra/
 perl-locale-maketext-lexicon
0.71-1-i686
devel-extra/bcmail
141-1-x86_64
devel-extra/bcmail
141-1-i686
devel-extra/bcprov
141-1-x86_64

RSS
Langues
Changer de langue | Changer de langue | Changer de langue | Changer de langue | Changer de langue | Changer de langue | Changer de langue
Information
Go Frugalware, Go
Valid XHTML 1.0!
Valid CSS!
Valid RSS!
Informations serveur
Temps de fonctionnement:
29 jour(s) 7 h 29 m 5 s
Annonces de Sécurité Frugalware (FSAs)
Ceci est la liste des annonces de sécurité qui ont été faites pour la version stable actuelle de Frugalware
FSA529 - drupal-simplenews
Paquet:drupal-simplenews
Date:2008-09-26
Posté par:Miklos Vajna
Version vulnérable:5.x_1.4-1
Version non affectée:5.x_1.5-1solaria1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3362
CVEs:There is no CVE for this issue yet, see http://drupal.org/node/312944.
Description:A vulnerability has been reported in the Simplenews module for Drupal, which can be exploited by malicious users to conduct script insertion attacks. Input passed as Newsletter categories is not properly sanitised before being stored. This can be exploited to insert arbitrary HTML and script code, which is executed in a user's browser session in context of an affected site when the malicious data is viewed. Successful exploitation requires valid user credentials with the "administer taxonomy" permission.
FSA528 - phpmyadmin
Paquet:phpmyadmin
Date:2008-09-26
Posté par:Miklos Vajna
Version vulnérable:2.11.9.1-1solaria1
Version non affectée:2.11.9.2-1solaria1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3361
CVEs:There is no CVE for this issue yet, see http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-8.
Description:A vulnerability has been reported in phpMyAdmin, which can be exploited by malicious people to conduct cross-site scripting attacks. An error exists in the "PMA_escapeJsString()" function in libraries/js_escape.lib.php, which can be exploited to bypass certain filters and execute arbitrary HTML and script code in a user's browser session in context of an affected site when e.g. Microsoft Internet Explorer is used.
FSA527 - bitlbee
Paquet:bitlbee
Date:2008-09-24
Posté par:Miklos Vajna
Version vulnérable:1.2.2-1
Version non affectée:1.2.3-1solaria1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3344
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3969
Description:A security issue has been reported in BitlBee, which can be exploited by malicious people to bypass certain security restrictions and hijack accounts. The security issue is caused due to an unspecified error, which can be exploited to overwrite existing accounts.
FSA526 - phpmyadmin
Paquet:phpmyadmin
Date:2008-09-21
Version vulnérable:2.11.8.1-1
Version non affectée:2.11.9.1-1solaria1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3352
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4096
Description:Norman Hippert has reported a vulnerability in phpMyAdmin, which can be exploited by malicious users to compromise a vulnerable system. Input passed to the "sort_by" parameter in server_databases.php is not properly sanitised before being used. This can be exploited to execute arbitrary PHP code. Successful exploitation requires valid user credentials.
© 2003-2008. The Frugalware Developer Team