Frugalware Security Announcements (FSAs)

Author: kikadf Vulnerable: 3.5.1-1 Unaffected: 3.9-1arcturus1 A user with a contributor role, using a specially crafted request, can publish posts, which is reserved for users of the next-higher role. Jon Cave of the WordPress security team discovered that the wp_validate_auth_cookie function in wp-includes/pluggable.php does not properly determine the validity of authentication cookies, allowing a remote attacker to obtain access via a forged cookie. CVEs: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0165 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0166

Author: kikadf Vulnerable: 2.7.1-2 Unaffected: 2.7.1-3arcturus1 Nicolas Gregoire discovered several vulnerabilities in libxalan2-java, a Java library for XSLT processing. Crafted XSLT programs could access system properties or load arbitrary classes, resulting in information disclosure and, potentially, arbitrary code execution. CVEs: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0107

Author: kikadf Vulnerable: 7.26.0-2arcturus2 Unaffected: 7.26.0-2arcturus3 Steve Holme discovered that libcurl can in some circumstances re-use the wrong connection when asked to do transfers using other protocols than HTTP and FTP. Richard Moore from Westpoint Ltd. reported that libcurl does not behave compliant to RFC 2828 under certain conditions and incorrectly validates wildcard SSL certificates containing literal IP addresses. CVEs: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0138 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0139

Author: kikadf Vulnerable: 2.0-2 Unaffected: 2.0-3arcturus1 Florian Weimer of the Red Hat product security team discovered multiple buffer overflows in jbigkit, which could lead to the execution of arbitrary code when processing malformed images. CVEs: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6369

Author: kikadf Vulnerable: 5.7.1-3 Unaffected: 5.7.1-4arcturus1 Ken Farnen discovered that Net-SNMP incorrectly handled AgentX timeouts. It was discovered that the Net-SNMP ICMP-MIB incorrectly validated input. Viliam Púčik discovered that the Net-SNMP perl trap handler incorrectly handled NULL arguments. CVEs: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6151 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2284 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2285

Author: kikadf Vulnerable: 3.2.6-1 Unaffected: 3.2.6-2arcturus1 Aaron Neyer discovered that missing input sanitising in the logging component of Ruby Actionmailer could result in denial of service through a malformed e-mail message. CVEs: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4389

Author: kikadf Vulnerable: 3.2.6-1 Unaffected: 3.2.6-2arcturus1 Toby Hsieh, Peter McLarnan, Ankit Gupta, Sudhir Rao and Kevin Reintjes discovered multiple cross-site scripting and denial of service vulnerabilities in Ruby Actionpack. CVEs: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3424 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3463 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3465 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0155 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1855 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1857 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4389 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4491 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6414 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6415 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6417

Author: kikadf Vulnerable: 2.2.23-2 Unaffected: 2.2.23-3arcturus1 Ning Zhang and Amin Tora discovered that the mod_dav module incorrectly handled whitespace characters in CDATA sections. Rainer M Canavan discovered that the mod_log_config module incorrectly handled certain cookies. CVEs: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3499 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4558 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1862 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1896 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6438 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0098

Author: kikadf Vulnerable: 0.1.4-3arcturus1 Unaffected: 0.1.4-3arcturus2 Ivan Fratric of the Google Security Team discovered a heap-based buffer overflow vulnerability in LibYAML, a fast YAML 1.1 parser and emitter library. CVEs: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2525

Author: kikadf Vulnerable: 4.14-4 Unaffected: 4.14-5arcturus1 The spy_user function which is called when a2ps is invoked with the –debug flag insecurely used temporary files. Brian M. Carlson reported that a2ps’s fixps script does not invoke gs with the -dSAFER option. Consequently executing fixps on a malicious PostScript file could result in files being deleted or arbitrary commands being executed with the privileges of the user running fixps. CVEs: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1953 http://cve.