This is a list of security announcments that have been released for the current stable version of Frugalware
A user with a contributor role, using a specially crafted request, can publish posts, which is reserved for users of the next-higher role. Jon Cave of the WordPress security team discovered that the wp_validate_auth_cookie function in wp-includes/pluggable.php does not properly determine the validity of authentication cookies, allowing a remote attacker to obtain access via a forged cookie.
Nicolas Gregoire discovered several vulnerabilities in libxalan2-java, a Java library for XSLT processing. Crafted XSLT programs could access system properties or load arbitrary classes, resulting in information disclosure and, potentially, arbitrary code execution.
Steve Holme discovered that libcurl can in some circumstances re-use the wrong connection when asked to do transfers using other protocols than HTTP and FTP. Richard Moore from Westpoint Ltd. reported that libcurl does not behave compliant to RFC 2828 under certain conditions and incorrectly validates wildcard SSL certificates containing literal IP addresses.
Florian Weimer of the Red Hat product security team discovered multiple buffer overflows in jbigkit, which could lead to the execution of arbitrary code when processing malformed images.
Ken Farnen discovered that Net-SNMP incorrectly handled AgentX timeouts. It was discovered that the Net-SNMP ICMP-MIB incorrectly validated input. Viliam Púčik discovered that the Net-SNMP perl trap handler incorrectly handled NULL arguments.
Aaron Neyer discovered that missing input sanitising in the logging component of Ruby Actionmailer could result in denial of service through a malformed e-mail message.
Toby Hsieh, Peter McLarnan, Ankit Gupta, Sudhir Rao and Kevin Reintjes discovered multiple cross-site scripting and denial of service vulnerabilities in Ruby Actionpack.
Ning Zhang and Amin Tora discovered that the mod_dav module incorrectly handled whitespace characters in CDATA sections. Rainer M Canavan discovered that the mod_log_config module incorrectly handled certain cookies.
Ivan Fratric of the Google Security Team discovered a heap-based buffer overflow vulnerability in LibYAML, a fast YAML 1.1 parser and emitter library.
The spy_user function which is called when a2ps is invoked with the –debug flag insecurely used temporary files. Brian M. Carlson reported that a2ps’s fixps script does not invoke gs with the -dSAFER option. Consequently executing fixps on a malicious PostScript file could result in files being deleted or arbitrary commands being executed with the privileges of the user running fixps.
