|
|
| Top White Papers
Current Newswire:
Advisories, September 13, 2006Sep 14, 2006, 03:45 (0 Talkback[s])Debian GNU/LinuxDebian Security Advisory DSA 1161-2 security@debian.org Package : mozilla-firefox The latest security updates of Mozilla Firefox introduced a regression that led to a disfunctional attachment panel which warrants a correction to fix this issue. For reference please find below the original advisory text: Several security related problems have been discovered in Mozilla and derived products like Mozilla Firefox. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities: CVE-2006-3805 The Javascript engine might allow remote attackers to execute arbitrary code. [MFSA-2006-50] CVE-2006-3806 Multiple integer overflows in the Javascript engine might allow remote attackers to execute arbitrary code. [MFSA-2006-50] CVE-2006-3807 Specially crafted Javascript allows remote attackers to execute arbitrary code. [MFSA-2006-51] CVE-2006-3808 Remote AutoConfig (PAC) servers could execute code with elevated privileges via a specially crafted PAC script. [MFSA-2006-52] CVE-2006-3809 Scripts with the UniversalBrowserRead privilege could gain UniversalXPConnect privileges and possibly execute code or obtain sensitive data. [MFSA-2006-53] CVE-2006-3811 Multiple vulnerabilities allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code. [MFSA-2006-55] For the stable distribution (sarge) these problems have been fixed in version 1.0.4-2sarge11. For the unstable distribution (sid) these problems have been fixed in version 1.5.dfsg+1.5.0.5-1. We recommend that you upgrade your mozilla-firefox package. Upgrade Instructions wget url will fetch the file for you will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given at the end of this advisory: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.1 alias sarge Source archives: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge11.dsc Alpha architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge11_alpha.deb AMD64 architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge11_amd64.deb ARM architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge11_arm.deb HP Precision architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge11_hppa.deb Intel IA-32 architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge11_i386.deb Intel IA-64 architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge11_ia64.deb Motorola 680x0 architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge11_m68k.deb Big endian MIPS architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge11_mips.deb Little endian MIPS architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge11_mipsel.deb PowerPC architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge11_powerpc.deb IBM S/390 architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge11_s390.deb Sun Sparc architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge11_sparc.deb These files will probably be moved into the stable distribution on its next update. Debian Security Advisory DSA 1175-1 security@debian.org Package : isakmpd A flaw has been found in isakmpd, OpenBSD's implementation of the Internet Key Exchange protocol, that caused Security Associations to be created with a replay window of 0 when isakmpd was acting as the responder during SA negotiation. This could allow an attacker to re-inject sniffed IPsec packets, which would not be checked against the replay counter. For the stable distribution (sarge) this problem has been fixed in version 20041012-1sarge1 For the unstable distribution (sid) this problem has been fixed in version 20041012-4 We recommend that you upgrade your isakmpd package. Upgrade Instructions wget url will fetch the file for you will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.1 alias sarge Source archives: http://security.debian.org/pool/updates/main/i/isakmpd/isakmpd_20041012-1sarge1.dsc Alpha architecture: http://security.debian.org/pool/updates/main/i/isakmpd/isakmpd_20041012-1sarge1_alpha.deb AMD64 architecture: http://security.debian.org/pool/updates/main/i/isakmpd/isakmpd_20041012-1sarge1_amd64.deb ARM architecture: http://security.debian.org/pool/updates/main/i/isakmpd/isakmpd_20041012-1sarge1_arm.deb HP Precision architecture: http://security.debian.org/pool/updates/main/i/isakmpd/isakmpd_20041012-1sarge1_hppa.deb Intel IA-32 architecture: http://security.debian.org/pool/updates/main/i/isakmpd/isakmpd_20041012-1sarge1_i386.deb Intel IA-64 architecture: http://security.debian.org/pool/updates/main/i/isakmpd/isakmpd_20041012-1sarge1_ia64.deb Motorola 680x0 architecture: http://security.debian.org/pool/updates/main/i/isakmpd/isakmpd_20041012-1sarge1_m68k.deb Big endian MIPS architecture: http://security.debian.org/pool/updates/main/i/isakmpd/isakmpd_20041012-1sarge1_mips.deb Little endian MIPS architecture: http://security.debian.org/pool/updates/main/i/isakmpd/isakmpd_20041012-1sarge1_mipsel.deb PowerPC architecture: http://security.debian.org/pool/updates/main/i/isakmpd/isakmpd_20041012-1sarge1_powerpc.deb IBM S/390 architecture: http://security.debian.org/pool/updates/main/i/isakmpd/isakmpd_20041012-1sarge1_s390.deb Sun Sparc architecture: http://security.debian.org/pool/updates/main/i/isakmpd/isakmpd_20041012-1sarge1_sparc.deb These files will probably be moved into the stable distribution on its next update. Debian Security Advisory DSA 1176-1 security@debian.org Package : zope2.7 It was discovered that the Zope web application server does not disable the csv_table directive in web pages containing ReST markup, allowing the exposure of files readable by the Zope server. For the stable distribution (sarge) this problem has been fixed in version 2.7.5-2sarge2. The unstable distribution (sid) doesn't contain zope2.7 any longer, for zope2.8 this problem has been fixed in version 2.8.8-2. We recommend that you upgrade your Zope package. Upgrade Instructions wget url will fetch the file for you will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.1 alias sarge Source archives: http://security.debian.org/pool/updates/main/z/zope2.7/zope2.7_2.7.5-2sarge3.dsc Alpha architecture: http://security.debian.org/pool/updates/main/z/zope2.7/zope2.7_2.7.5-2sarge3_alpha.deb AMD64 architecture: http://security.debian.org/pool/updates/main/z/zope2.7/zope2.7_2.7.5-2sarge3_amd64.deb ARM architecture: http://security.debian.org/pool/updates/main/z/zope2.7/zope2.7_2.7.5-2sarge3_arm.deb HP Precision architecture: http://security.debian.org/pool/updates/main/z/zope2.7/zope2.7_2.7.5-2sarge3_hppa.deb Intel IA-32 architecture: http://security.debian.org/pool/updates/main/z/zope2.7/zope2.7_2.7.5-2sarge3_i386.deb Intel IA-64 architecture: http://security.debian.org/pool/updates/main/z/zope2.7/zope2.7_2.7.5-2sarge3_ia64.deb Motorola 680x0 architecture: http://security.debian.org/pool/updates/main/z/zope2.7/zope2.7_2.7.5-2sarge3_m68k.deb Big endian MIPS architecture: http://security.debian.org/pool/updates/main/z/zope2.7/zope2.7_2.7.5-2sarge3_mips.deb Little endian MIPS architecture: http://security.debian.org/pool/updates/main/z/zope2.7/zope2.7_2.7.5-2sarge3_mipsel.deb PowerPC architecture: http://security.debian.org/pool/updates/main/z/zope2.7/zope2.7_2.7.5-2sarge3_powerpc.deb IBM S/390 architecture: http://security.debian.org/pool/updates/main/z/zope2.7/zope2.7_2.7.5-2sarge3_s390.deb Sun Sparc architecture: http://security.debian.org/pool/updates/main/z/zope2.7/zope2.7_2.7.5-2sarge3_sparc.deb These files will probably be moved into the stable distribution on its next update. For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> Gentoo LinuxGentoo Linux Security Advisory GLSA 200609-07 Severity: High SynopsisSome buffer overflows were discovered in the CID font parser, potentially resulting in the execution of arbitrary code with elevated privileges. BackgroundlibXfont is the X.Org Xfont library, some parts are based on the FreeType code base. Affected packages
Package / Vulnerable / Unaffected
DescriptionSeveral integer overflows have been found in the CID font parser. ImpactA remote attacker could exploit this vulnerability by enticing a user to load a malicious font file resulting in the execution of arbitrary code with the permissions of the user running the X server which typically is the root user. A local user could exploit this vulnerability to gain elevated privileges. WorkaroundDisable CID-encoded Type 1 fonts by removing the "type1" module and replacing it with the "freetype" module in xorg.conf. ResolutionAll libXfont users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=x11-libs/libXfont-1.2.1"
All monolithic X.org users are advised to migrate to modular X.org. References[ 1 ] CVE-2006-3739 http://cve.mitre.org/cgi-bin/cvename.cgi?name=2006-3739 [ 2 ] CVE-2006-3740 http://cve.mitre.org/cgi-bin/cvename.cgi?name=2006-3740 AvailabilityThis GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200609-07.xml Concerns?Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org. LicenseCopyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 Gentoo Linux Security Advisory GLSA 200609-08 Severity: Normal Synopsisxine-lib is vulnerable to multiple buffer overflows that could be exploited to execute arbitrary code. Backgroundxine is a high performance, portable and reusable multimedia playback engine. xine-lib is xine's core engine. Affected packages
Package / Vulnerable / Unaffected
1 media-libs/xine-lib < 1.1.2-r2 >= 1.1.2-r2 Descriptionxine-lib contains buffer overflows in the processing of AVI. Additionally, xine-lib is vulnerable to a buffer overflow in the HTTP plugin (xineplug_inp_http.so) via a long reply from an HTTP server. ImpactAn attacker could trigger the buffer overflow vulnerabilities by enticing a user to load a specially crafted AVI file in xine. This might result in the execution of arbitrary code with the rights of the user running xine. Additionally, a remote HTTP server serving a xine client a specially crafted reply could crash xine and possibly execute arbitrary code. WorkaroundThere is no known workaround at this time. ResolutionAll xine-lib users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=media-libs/xine-lib-1.1.2-r2"
References[ 1 ] CVE-2006-2802 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2802 AvailabilityThis GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200609-08.xml Concerns?Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org. LicenseCopyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 Gentoo Linux Security Advisory GLSA 200609-09 Severity: Normal SynopsisFFmpeg is vulnerable to multiple buffer overflows that might be exploited to execute arbitrary code. BackgroundFFmpeg is a very fast video and audio converter. Affected packages
Package / Vulnerable / Unaffected
1 media-video/ffmpeg < 0.4.9_p20060530 >= 0.4.9_p20060530 DescriptionFFmpeg contains buffer overflows in the AVI processing code. ImpactAn attacker could trigger the buffer overflows by enticing a user to load a specially crafted AVI file in an application using the FFmpeg library. This might result in the execution of arbitrary code in the context of the running application. WorkaroundThere is no known workaround at this time. ResolutionAll FFmpeg users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=media-video/ffmpeg-0.4.9_p20060530"
AvailabilityThis GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200609-09.xml Concerns?Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org. LicenseCopyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 UbuntuUbuntu Security Notice USN-345-1 September 13, 2006 mailman vulnerabilities CVE-2006-2941, CVE-2006-3636 A security issue affects the following Ubuntu releases: Ubuntu 5.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 5.04: Ubuntu 5.10: Ubuntu 6.06 LTS: In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Steve Alexander discovered that mailman did not properly handle attachments with special filenames. A remote user could exploit that to stop mail delivery until the server administrator manually cleaned these posts. (CVE-2006-2941) Various cross-site scripting vulnerabilities have been reported by Barry Warsaw. By using specially crafted email addresses, names, and similar arbitrary user-defined strings, a remote attacker could exploit this to run web script code in the list administrator's web browser. (CVE-2006-3636) URLs logged to the error log file are now checked for invalid characters. Before, specially crafted URLs could inject arbitrary messages into the log. Updated packages for Ubuntu 5.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-7ubuntu0.3.diff.gz amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-7ubuntu0.3_amd64.deb i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-7ubuntu0.3_i386.deb powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-7ubuntu0.3_powerpc.deb Updated packages for Ubuntu 5.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-8ubuntu2.3.diff.gz amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-8ubuntu2.3_amd64.deb i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-8ubuntu2.3_i386.deb powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-8ubuntu2.3_powerpc.deb sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-8ubuntu2.3_sparc.deb Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-9ubuntu4.1.diff.gz amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-9ubuntu4.1_amd64.deb i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-9ubuntu4.1_i386.deb powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-9ubuntu4.1_powerpc.deb sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/main/m/mailman/mailman_2.1.5-9ubuntu4.1_sparc.deb
0 Talkback[s]
(click to add your comment)
|
