A Gentoo is kiadta az OpenAFS (race condition) és a Squid (DoS) csomagok biztonsági frissítését. Még szeptemberben javítottak egy buffer overflow-t az Eggdrop IRC botban. A javítás nem sikerült tökéletesre, most ismét kiadták. Az R egy GPL-licenszű implementációja az S programozási nyelvnek. Mivel az R tartalmazza a PCRE library kódját, ezért a PCRE legutóbbi memóriakezelési hibáit az R-ben is javították. Az unp egy perl szkript különböző formátumú tömörített file-ok kicsomagolására. Mint kiderült, nem escape-eli ki tökéletesen a file-neveket, mielőtt shell hívásoknak adja át őket. Ezt kihasználva rosszindulatú file-nevek segítségével tetszőleges shell parancsok futtathatók. A Claws Mail GTK-alapú e-mail kliens nem biztonságosan kezel átmeneti állományokat, ami symlink támadásra ad lehetőséget. Az Xfce-ben több memóriakezelési hibát találtak, az egyik egy buffer overflow a launcher_update_panel_entry() függvényben, amit egy preparált "rc" file segítségével kihasználva tetszőleges kód futtatható. Egy másik hiba felszabadított memóriaterületekhez való hozzáférést eredményezhet. A Gentoo kiadta a hibák javítását.
--- Begin Message ---- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory [ERRATA UPDATE] GLSA 200709-07:02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Eggdrop: Buffer overflow Date: September 15, 2007 Updated: September 26, 2007 Bugs: #179354 ID: 200709-07:02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Errata ====== The unaffected ebuild, as reported in the original version of this Security Advisory, did not properly address all vulnerabilities. All Eggdrop users should upgrade to net-irc/eggdrop-1.6.18-r3. The corrected sections appear below. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-irc/eggdrop < 1.6.18-r3 >= 1.6.18-r3 Resolution ========== All Eggdrop users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-irc/eggdrop-1.6.18-r3" Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200709-07.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org. License ======= Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5Attachment: signature.asc
Description: This is a digitally signed message part.
--- End Message ---
--- Begin Message ---- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200801-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: unp: Arbitrary command execution Date: January 09, 2008 Bugs: #203106 ID: 200801-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== unp allows execution of arbitrary code via malicious file names. Background ========== unp is a script for unpacking various file formats. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-arch/unp < 1.0.14 >= 1.0.14 Description =========== Erich Schubert from Debian discovered that unp does not escape file names properly before passing them to calls of the shell. Impact ====== A remote attacker could entice a user or automated system to unpack a compressed archive with a specially crafted file name, leading to the execution of shell commands from within the filename. That code will be executed with the privileges of the user running unp. Workaround ========== There is no known workaround at this time. Resolution ========== All unp users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-arch/unp-1.0.14" References ========== [ 1 ] CVE-2007-6610 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6610 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200801-01.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org. License ======= Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5Attachment: signature.asc
Description: This is a digitally signed message part.
--- End Message ---
--- Begin Message --------BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200801-02:02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: R: Multiple vulnerabilities Date: January 09, 2008 Updated: January 09, 2008 Bugs: #198976 ID: 200801-02:02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities in R could result in the execution of arbitrary code. Background ========== R is a GPL licensed implementation of S, a language and environment for statistical computing and graphics. PCRE is a library providing functions for Perl-compatible regular expressions. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-lang/R < 2.2.1-r1 >= 2.2.1-r1 Description =========== R includes a copy of PCRE which is vulnerable to multiple buffer overflows and memory corruptions vulnerabilities (GLSA 200711-30). Impact ====== An attacker could entice a user to process specially crafted regular expressions with R, which could possibly lead to the execution of arbitrary code, a Denial of Service or the disclosure of sensitive information. Workaround ========== There is no known workaround at this time. Resolution ========== All R users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-lang/R-2.2.1-r1" References ========== [ 1 ] GLSA 200711-30 http://www.gentoo.org/security/en/glsa/glsa-200711-30.xml Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200801-02.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org. License ======= Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHhSzNuhJ+ozIKI5gRAv/GAJ4s+FJxqDrpwUoSN19kvoaGdvTOsQCfRsyW 4eyDYija0jo+SnV0Fr9EvOY= =C47N -----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message --------BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200801-03 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Claws Mail: Insecure temporary file creation Date: January 09, 2008 Bugs: #201244 ID: 200801-03 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Claws Mail uses temporary files in an insecure manner, allowing for a symlink attack. Background ========== Claws Mail is a GTK based e-mail client. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 mail-client/claws-mail < 3.0.2-r1 >= 3.0.2-r1 Description =========== Nico Golde from Debian reported that the sylprint.pl script that is part of the Claws Mail tools creates temporary files in an insecure manner. Impact ====== A local attacker could exploit this vulnerability to conduct symlink attacks to overwrite files with the privileges of the user running Claws Mail. Workaround ========== There is no known workaround at this time. Resolution ========== All Claws Mail users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=mail-client/claws-mail-3.0.2-r1" References ========== [ 1 ] CVE-2007-6208 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6208 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200801-03.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org. License ======= Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHhUESuhJ+ozIKI5gRAkiaAJsFprbZ/y+eIaDIzjNcbfkTb7AWiwCgoKd3 kpuxtp+N0a8cOR18w92erRk= =OSCT -----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message --------BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200801-04 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: OpenAFS: Denial of Service Date: January 09, 2008 Bugs: #203573 ID: 200801-04 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== A Denial of Service vulnerability has been discovered in OpenAFS. Background ========== OpenAFS is a distributed network filesystem. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-fs/openafs < 1.4.6 >= 1.4.6 Description =========== Russ Allbery, Jeffrey Altman, Dan Hyde and Thomas Mueller discovered a race condition due to an improper handling of the clients callbacks lists. Impact ====== A remote attacker could construct cases which trigger the race condition, resulting in a server crash. Workaround ========== There is no known workaround at this time. Resolution ========== All OpenAFS users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-fs/openafs-1.4.6" References ========== [ 1 ] CVE-2007-6599 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6599 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200801-04.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org. License ======= Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHhUQMuhJ+ozIKI5gRAuF1AKCMYn3Jd4M81ene/Hj6ukqPw99APQCcDXSx HkZZBmIBgaGEG6jnE263OXU= =FiXw -----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message --------BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200801-05 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Squid: Denial of Service Date: January 09, 2008 Bugs: #201209 ID: 200801-05 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== A Denial of Service vulnerability has been reported in Squid. Background ========== Squid is a multi-protocol proxy server. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-proxy/squid < 2.6.17 >= 2.6.17 Description =========== The Wikimedia Foundation reported a memory leak vulnerability when performing cache updates. Impact ====== A remote attacker could perform numerous specially crafted requests to the vulnerable server, resulting in a Denial of Service. Workaround ========== There is no known workaround at this time. Resolution ========== All Squid users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-proxy/squid-2.6.17" References ========== [ 1 ] CVE-2007-6239 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6239 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200801-05.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org. License ======= Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHhUgPuhJ+ozIKI5gRAgYqAJ4uh6/QqM5T7YCWzgv+ghjNjY4jBgCfW1h8 q0XYmO+oZH7V5VX1HerwBT8= =/Oh0 -----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200801-06:02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Xfce: Multiple vulnerabilities Date: January 09, 2008 Updated: January 09, 2008 Bugs: #201292, #201293 ID: 200801-06:02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities in Xfce might allow user-assisted attackers to execute arbitrary code. Background ========== Xfce is a GTK+ 2 based desktop environment that allows to run a modern desktop environment on modest hardware. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 xfce-base/xfce4-panel < 4.4.2 >= 4.4.2 2 xfce-base/libxfcegui4 < 4.4.2 >= 4.4.2 ------------------------------------------------------------------- 2 affected packages on all of their supported architectures. ------------------------------------------------------------------- Description =========== Gregory Andersen reported that the Xfce4 panel does not correctly calculate memory boundaries, leading to a stack-based buffer overflow in the launcher_update_panel_entry() function (CVE-2007-6531). Daichi Kawahata reported libxfcegui4 did not copy provided values when creating "SessionClient" structs, possibly leading to access of freed memory areas (CVE-2007-6532). Impact ====== A remote attacker could entice a user to install a specially crafted "rc" file to execute arbitrary code via long strings in the "Name" and "Comment" fields or via unspecified vectors involving the second vulnerability. Workaround ========== There is no known workaround at this time. Resolution ========== All Xfce4 panel users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=xfce-base/xfce4-panel-4.4.2" All libxfcegui4 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=xfce-base/libxfcegui4-4.4.2" Please refer to the Upgrading section of the Xfce Configuration Guide in case you are upgrading from Xfce 4.2. References ========== [ 1 ] CVE-2007-6531 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6531 [ 2 ] CVE-2007-6532 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6532 [ 3 ] Xfce Configuration Guide http://www.gentoo.org/doc/en/xfce-config.xml Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200801-06.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org. License ======= Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5Attachment: signature.asc
Description: This is a digitally signed message part.
--- End Message ---