This is a list of security announcments that have been released for the current stable version of Frugalware
Tavis Ormandy discovered that the patch applied to fix CVE-2014-6271 for bash, the GNU Bourne-Again Shell, was incomplete and could still allow some characters to be injected into another environment (CVE-2014-7169). With this update prefix and suffix for environment variable names which contain shell functions are added as hardening measure.
Stephane Chazelas discovered a vulnerability in bash, the GNU Bourne-Again Shell, related to how environment variables are processed. In many common configurations, this vulnerability is exploitable over the network, especially if bash has been configured as the system shell.
Several remotely exploitable security issues have been uncovered in libvncserver, some of which might allow a remote authenticated user code execution or application crashes.
Several remotely exploitable security issues have been uncovered in libvncserver, some of which might allow a remote authenticated user code execution or application crashes.
Multiple SQL injection vulnerabilities have been discovered in the Mantis bug tracking system.
Ivan Fratric of the Google Security Team discovered a bug in nginx, a web server, which might allow an attacker to bypass security restrictions by using a specially crafted request. Antoine Delignat-Lavaud and Karthikeyan Bhargavan discovered that it was possible to reuse cached SSL sessions in unrelated contexts, allowing virtual host confusion attacks in some configurations by an attacker in a privileged network position.
On 64-bit platforms, file descriptor passing could be abused by local users to cause heap corruption in dbus-daemon, leading to a crash, or potentially to arbitrary code execution. A denial-of-service vulnerability in dbus-daemon allowed local attackers to prevent new connections to dbus-daemon, or disconnect existing clients, by exhausting descriptor limits. Malicious local users could create D-Bus connections to dbus-daemon which could not be terminated by killing the participating processes, resulting in a denial-of-service vulnerability. dbus-daemon suffered from a denial-of-service vulnerability in the code which tracks which messages expect a reply, allowing local attackers to reduce the performance of dbus-daemon. dbus-daemon did not properly reject malicious connections from local users, resulting in a denial-of-service vulnerability.
By not detecting and rejecting domain names for partial literal IP addresses properly when parsing received HTTP cookies, libcurl can be fooled to both sending cookies to wrong sites and into allowing arbitrary sites to set cookies for others. libcurl wrongly allows cookies to be set for Top Level Domains (TLDs), thus making them apply broader than cookies are allowed.
It was found that _check_signature() in python-oauth2, an application for authorization flows for web application, ignored the nonce values when validating signed urls. It was found that in python-oauth2, an application for authorizing flows for web application, the nonce value generated isn’t random enough, because while doing bulk operations, nonce might get repeated, so there is a chance of predictability.
Sebastian Krahmer discovered an off-by-one error, leading to a heap-based buffer overflow flaw, in the way Squid handled UDP SNMP requests.
