Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


More on LinuxToday


Advisories, February 4, 2007

Mar 05, 2007, 05:30 (1 Talkback[s])

Debian GNU/Linux


Debian Security Advisory DSA 1262-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
March 4th, 2007 http://www.debian.org/security/faq


Package : gnomemeeting
Vulnerability : format string
Problem-Type : remote
Debian-specific: no
CVE ID : CVE-2007-1007

"Mu Security" discovered that a format string vulnerability in the VoIP solution GnomeMeeting allows the execution of arbitrary code.

For the stable distribution (sarge) this problem has been fixed in version 1.2.1-1sarge1.

For the upcoming stable distribution (etch) this problem has been fixed in version 2.0.3-2.1 of the ekiga package.

For the unstable distribution (sid) this problem has been fixed in version 2.0.3-2.1 of the ekiga package.

We recommend that you upgrade your gnomemeeting package.

Upgrade Instructions


wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.1 alias sarge


Source archives:

    http://security.debian.org/pool/updates/main/g/gnomemeeting/gnomemeeting_1.2.1-1sarge1.dsc
      Size/MD5 checksum: 1746 e82643f764d6b43c521cca39a387e8f8
    http://security.debian.org/pool/updates/main/g/gnomemeeting/gnomemeeting_1.2.1-1sarge1.diff.gz
      Size/MD5 checksum: 22888 194f7471c22e1c81d5ab4325603e0cd1
    http://security.debian.org/pool/updates/main/g/gnomemeeting/gnomemeeting_1.2.1.orig.tar.gz
      Size/MD5 checksum: 5525398 93829f3eee783f32eaefebc9e717fb89

Alpha architecture:

    http://security.debian.org/pool/updates/main/g/gnomemeeting/gnomemeeting_1.2.1-1sarge1_alpha.deb
      Size/MD5 checksum: 3146922 f500df544b335593a2bb9431cbd21592

AMD64 architecture:

    http://security.debian.org/pool/updates/main/g/gnomemeeting/gnomemeeting_1.2.1-1sarge1_amd64.deb
      Size/MD5 checksum: 3119044 672fbec91d13256a46a8803486a03346

ARM architecture:

    http://security.debian.org/pool/updates/main/g/gnomemeeting/gnomemeeting_1.2.1-1sarge1_arm.deb
      Size/MD5 checksum: 3089174 45beb5e78751eddbb13bd812b464cfb2

HP Precision architecture:

    http://security.debian.org/pool/updates/main/g/gnomemeeting/gnomemeeting_1.2.1-1sarge1_hppa.deb
      Size/MD5 checksum: 3119086 7f92e053556ba684c120aa83c7a7c114

Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/g/gnomemeeting/gnomemeeting_1.2.1-1sarge1_i386.deb
      Size/MD5 checksum: 3105396 4883efb8f1da3aa1641e249f50030f10

Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/g/gnomemeeting/gnomemeeting_1.2.1-1sarge1_ia64.deb
      Size/MD5 checksum: 3192488 393b4321afb3e4077a3958d686fa02a1

Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/g/gnomemeeting/gnomemeeting_1.2.1-1sarge1_m68k.deb
      Size/MD5 checksum: 3080404 d9663a63d7077b2a0cd81722a44e53d0

Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/g/gnomemeeting/gnomemeeting_1.2.1-1sarge1_mips.deb
      Size/MD5 checksum: 3131084 2c7367aabe62f5f9169fc81ea217c448

Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/g/gnomemeeting/gnomemeeting_1.2.1-1sarge1_mipsel.deb
      Size/MD5 checksum: 3123832 ca06f5a2993f0b1ded5834ed1077e969

PowerPC architecture:

    http://security.debian.org/pool/updates/main/g/gnomemeeting/gnomemeeting_1.2.1-1sarge1_powerpc.deb
      Size/MD5 checksum: 3103054 22b5b85dd549856800375f06cfc0dfa6

IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/g/gnomemeeting/gnomemeeting_1.2.1-1sarge1_s390.deb
      Size/MD5 checksum: 3110952 bcf48d4d889661c1659c1afcbeaa2d24

Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/g/gnomemeeting/gnomemeeting_1.2.1-1sarge1_sparc.deb
      Size/MD5 checksum: 3093420 1d6df4cf0981cf802be3d9b06075ec41

These files will probably be moved into the stable distribution on its next update.


For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

Fedora Core


Fedora Update Notification
FEDORA-2007-277
2007-03-02

Product : Fedora Core 5
Name : kernel
Version : 2.6.19
Release : 1.2288.2.1.fc5
Summary : The Linux kernel (the core of the Linux operating system)

Description :
The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc.


Update Information:

Updated to kernel 2.6.19.5-rc1 plus additional fixes:

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.19.4

2.6.19.5-rc1:
4 V4L fixes
3 usbaudio fixes
3 wireless driver fixes
2 IDE driver cable detection fixes
NFS bugfix
various other fixes

CVE-2007-0772:
Summary: The Linux kernel before 2.6.20.1 allows remote attackers to cause a denial of service (oops) via a crafted NFSACL 2 ACCESS request that triggers a free of an incorrect pointer.

CVE-2006-5753:
Summary: Unspecified vulnerability in the listxattr system call in Linux kernel, when a "bad inode" is present, allows local users to cause a denial of service (data corruption) and possibly gain privileges via unknown vectors.


  • Thu Feb 22 2007 Chuck Ebbert <cebbert@redhat.com>
    • 2.6.19.4 (CVE-2007-0772)
    • 2.6.19.5-rc1
    • bad_inode_ops patch (CVE-2006-5753)
    • disable MSI on forcedeth cards (FC6 bz #222556)
    • Intel HDA si3054 codec (FC6 bz #228879)
    • "no irq for vector" fix (FC6 bz #225399)
    • usbnet oops fix (FC6 bz #228231)
    • swiotlb synchronization fix
    • scsi cdrom ioctls were broken
    • NAPI netpoll fixes from FC6 2911 kernel
  • Sat Feb 10 2007 Chuck Ebbert <cebbert@redhat.com>
    • add missing "provides" for debug-devel packages
    • clean up some other "provides" things
    • add fixes for RHBZ#211672 (CIFS) and RHBZ#227802 (8139too)
  • Wed Feb 7 2007 Chuck Ebbert <cebbert@redhat.com>
    • add missing debug-devel and smp-debug-devel sections
  • Wed Feb 7 2007 Chuck Ebbert <cebbert@redhat.com>
    • fix up x86_64 Xen build
  • Tue Feb 6 2007 Chuck Ebbert <cebbert@redhat.com>
    • disable Tux
    • add another GFS2 update
    • add crypto key collision patch (CVE-2007-0006)
  • Mon Feb 5 2007 Dave Jones <davej@redhat.com>
    • Reenable Tux.
  • Mon Feb 5 2007 Chuck Ebbert <cebbert@redhat.com>
    • 2.6.19.3
    • updated mirrors: refer to ftp ftp2.kernel.org until kernel.org problems are fixed
  • Sun Feb 4 2007 Dave Jones <davej@redhat.com>
    • 2.6.19.3rc1
  • Sat Feb 3 2007 Dave Jones <davej@redhat.com>
    • Disable kdump options in non-kdump kernels.
  • Thu Feb 1 2007 Chuck Ebbert <cebbert@redhat.com>
    • Added i586 optimized AES and Blowfish modules to the i686 config
    • Fixed .cvsignore
  • Wed Jan 31 2007 Markus Armbruster <
    • The previous cset folded the Xen paravirt framebuffer patch into linux-2.6-xen.patch, and commented out the obsoleted patch files. Remove them.
  • Wed Jan 31 2007 Chuck Ebbert <cebbert@redhat.com>
    • Update to 2.6.19.2
  • Tue Jan 30 2007 Markus Armbruster <
    • Update Xen paravirt framebuffer patch to upstream xen-unstable changeset 13066, less changeset 12680, because that breaks with console=tty console=xvc. Also change default domU console back to /dev/xcv0. This changes the protocol to the one accepted upstream.
    • Add compatibility with guests running our initial protocol.
    • Update Xen console major/minor to lanana.org-assigned numbers.
  • Wed Dec 20 2006 Dave Jones <davej@redhat.com>
    • Update to 2.6.18.6 final (no changes since rc2)
    • Reenable squashfs (#220293)
  • Fri Dec 15 2006 Dave Jones <davej@redhat.com>
    • 2.6.18.6rc2
  • Wed Dec 13 2006 Dave Jones <davej@redhat.com>
    • squashfs robustness fixes from Phillip Lougher.
    • lower max CPU count for x86-64 to 64 CPUs.
  • Thu Dec 7 2006 Juan Quintela <quintela@redhat.com>
    • update xen to 2.6.18.5.
    • Fix bug 211986 on xen eventchn (Glaubert).
  • Tue Dec 5 2006 Dave Jones <davej@redhat.com>
    • 2.6.18.5
    • Disable auto-apic patch, it needs more thought.
    • Enable sonypi driver for 586 kernels. (#218434)
  • Tue Nov 21 2006 Juan Quintela <quintela@redhat.com>
    • Update xen to 2.6.18.3.
      • linux-2.6.18-xen changeset: 36186:053cdad40903
      • xen-3.0.3-testing changeset: 11774:52ae8dd4bc75
      • linux-2.6-xen-3.0.3 changeset: 22949:4281f5246814
  • Mon Nov 20 2006 Dave Jones <davej@redhat.com>
    • 2.6.18.3
    • Fix CIFS mount failure when domain not specified (#211753)
    • Avoid null pointer dereference in SATA Promise. (#199142)
  • Fri Nov 17 2006 Dave Jones <davej@redhat.com>
    • Fix up fallout from disabling utrace.
  • Fri Nov 17 2006 Juan Quintela <quintela@redhat.com>
    • merge xen missing bits from FC6 kernel.
  • Thu Nov 16 2006 Dave Jones <davej@redhat.com>
    • Fix up error handling in HFS. (MOKB-14-11-2006)
  • Thu Nov 16 2006 Juan Quintela <quintela@redhat.com>
    • Update xen HV to 3.0.3_0 (cset 11774).
    • Update xen kernel patch to 3.0.3_0:
      • linux-2.6.18-xen changeset: 36182:c6ef4b521aef
      • xen-3.0.3-testing changeset: 11774:52ae8dd4bc75
      • linux-2.6-xen-3.0.3 changeset: 22949:4281f5246814
  • Thu Nov 16 2006 Dave Jones <davej@redhat.com>
    • Fix squashfs corruption bug. (#211237)
    • Drop experimental utrace from FC5.
  • Fri Nov 10 2006 Juan Quintela <quintela@redhat.com>
    • disable XEN_FRAMEBUFFER & XEN_KEYBOARD.
  • Fri Nov 10 2006 Dave Jones <davej@redhat.com>
    • Xen grant table operations security fix.
    • Disable W1 (#195825)
  • Thu Nov 9 2006 Dave Jones <davej@redhat.com>
    • Change HZ to 1000 for increased accuracy. (Except in Xen, where it stays at 250 for now).
    • TTY locking fixes.
    • splice : Must fully check for FIFO
    • Fix potential NULL dereference in sys_move_pages
    • ISO9660 __findgetblock_slow() denial of service CVE-2006-5757
    • Fix up oops in cramfs when encountering corrupt images.
    • E1000 suspend/resume fixes.
    • Set CIFS preferred IO size. (#214607)
  • Mon Nov 6 2006 Roland McGrath <roland@redhat.com>
    • New utrace patch: fix locking snafu crash on second engine attach.
  • Sun Nov 5 2006 Dave Jones <davej@redhat.com>
    • Suspend/Resume fixes for forcedeth. (#187653)
  • Sat Nov 4 2006 Dave Jones <davej@redhat.com>
    • 2.6.18.2
  • Thu Nov 2 2006 Dave Jones <davej@redhat.com>
    • Nuke broken lazy execshield xen patch.
    • Use heuristics to determine whether to enable lapic on i386.
  • Wed Nov 1 2006 Dave Jones <davej@redhat.com>
    • 2.6.18.2-rc1
  • Tue Oct 31 2006 Dave Jones <davej@redhat.com>
    • Fix UFS mounts on x86-64 (#209921)
    • Fix problem where USB storage isn't seen on reboot. (#212191)
  • Sun Oct 29 2006 Dave Jones <davej@redhat.com>
    • More ext3 robustness fixes.
    • Include more verbose BUG() data
    • x86_64: Fix up C3 timer latency.
  • Sat Oct 21 2006 Dave Jones <davej@redhat.com>
    • Reenable NCPFS (#211325, #203663)
    • Netpoll fixes. (#199295)
  • Fri Oct 20 2006 Dave Jones <davej@redhat.com>
    • Fix autofs creating bad dentries in NFS mount. (#211206, #211207)
    • Fix softlockup with ips driver. (#196437)
    • Further exec-shield improvements.
    • Fix lockup with sky2 driver. (#202203)
  • Thu Oct 19 2006 Dave Jones <davej@redhat.com>
    • Export copy_4K_page for ppc64 (#211410)
    • Attempt to fix CIFS bug (#211070)
  • Wed Oct 18 2006 Dave Jones <davej@redhat.com>
    • Fix up aic7xxx SBLKCTL register handling (#211251)
    • Disable SECMARK by default. (#211115)
    • Disable some extra debugging stuff that crept in.
    • Remove broken VIA quirk that prevented booting on some EPIAs (#211298)
  • Tue Oct 17 2006 Dave Jones <davej@redhat.com>
    • Silence noisy boot-time messages. (#180606)
    • Workaround gcc bug with weak symbols (#191458)
    • Don't let speedstep-smi register on mobile Pentium4 (#204477)
  • Sat Oct 14 2006 Dave Jones <davej@redhat.com>
    • Fix jbd crash with 1KB block size filesystems.
  • Sat Oct 14 2006 Dave Jones <davej@redhat.com> [2.6.18-1.2200.fc5]
    • 2.6.18.1
  • Tue Oct 10 2006 Dave Jones <davej@redhat.com>
    • DWARF2 unwinder fixes.
    • Various lockdep fixes.
    • Sync various other patches from the FC6 kernel.
  • Sun Oct 1 2006 Dave Jones <davej@redhat.com>
    • Drop the STICKY tag from acpi-cpufreq, it breaks suspend/resume.
  • Fri Sep 29 2006 Dave Jones <davej@redhat.com>
    • Execshield improvements. (Bart Oldeman)
    • Disable PM_DEBUG
  • Thu Sep 28 2006 Roland McGrath <roland@redhat.com>
    • utrace typo fix for x86-64 watchpoints (#207467)
  • Thu Sep 28 2006 Dave Jones <davej@redhat.com>
    • Fix ISAPNP messages on ppc32. (#207641)
  • Thu Sep 28 2006 Dave Jones <davej@redhat.com>
    • Another day, another round of lockdep fixes.
    • Align kernel data segment to page boundary. (#206863)
  • Thu Sep 28 2006 Steven Whitehouse <swhiteho@redhat.com>
    • New GFS2 patch
  • Thu Sep 28 2006 Dave Jones <davej@redhat.com>
    • Fix "kernel BUG at fs/buffer.c:2789!" bug
  • Wed Sep 27 2006 Dave Jones <davej@redhat.com>
    • yet more lockdep fixes.
    • Fix a problem with XFS & the inode diet patches.
    • Fix rpc_pipefs umount oops
    • Enable alternative TCP congestion algorithms.
  • Tue Sep 26 2006 Dave Jones <davej@redhat.com>
    • Enable serverworks IDE driver for x86-64.
    • More lockdep fixes.
  • Mon Sep 25 2006 Jarod Wilson <jwilson@redhat.com>
    • Make kernel packages own initrd files
  • Mon Sep 25 2006 John W. Linville <linville@redhat.com>
    • Add periodic work fix for bcm43xx driver
  • Sat Sep 23 2006 Dave Jones <davej@redhat.com>
    • Disable dgrs driver.
  • Thu Sep 21 2006 Dave Jones <davej@redhat.com>
    • reiserfs: make sure all dentry refs are released before calling kill_block_super
    • Fix up some compile warnings
  • Thu Sep 21 2006 Juan Quintela <quintela@redhat.com>
    • re-enable xen.
    • update xen:
      • linux-2.6 changeset: 34294:dc1d277d06e0
      • linux-2.6-xen-fedora changeset: 36184:47c098fdce14
      • xen-unstable changeset: 11540:9837ff37e354
    • update xen HV to changeset: 11540:9837ff37e354
    • xen HV printf rate limit (rostedt).
  • Wed Sep 20 2006 Dave Jones <davej@redhat.com>
    • 2.6.18
    • i965 AGP suspend support.
    • AGP x8 fixes.
  • Tue Sep 19 2006 Juan Quintela <quintela@redhat.com>
    • updated xen configs to sync with rawhide ones (don't be afraid, xen0/xenU still around).
    • xen update.
      • linux-2.6 changeset: 34228:ea3369ba1e2c
      • linux-2.6-xen-fedora changeset: 36109:eefcfd07d102
      • linux-2.6-xen changeset: 22905:d8ae02f7df05
      • xen-unstable changeset: 11460:1ece34466781ec55f41fd29d53f6dafd208ba2fa
  • Mon Sep 18 2006 Dave Jones <davej@redhat.com>
    • Bring back 586smp
    • Fix RTC lockdep bug. (Peter Zijlstra)
  • Mon Sep 18 2006 Juan Quintela <quintela@redhat.com>
    • xen HV update (cset 11470:2b8dc69744e3).
  • Sun Sep 17 2006 Juan Quintela <quintela@redhat.com>
    • xen update:
      • linux-2.6 changeset: 34228:ea3369ba1e2c
      • linux-2.6-xen-fedora changeset: 36107:47256dbb1583
      • linux-2.6-xen changeset: 22905:d8ae02f7df05
      • xen-unstable changeset: 11460:1ece34466781ec55f41fd29d53f6dafd208ba2fa
  • Sun Sep 17 2006 Dave Jones <davej@redhat.com>
    • Rebase to 2.6.18rc7-git2
  • Mon Sep 11 2006 Dave Jones <davej@redhat.com> [2.6.17-1.2187_FC5]
    • Add quirk for Samsung mp3 player. (#198128)
  • Sun Sep 10 2006 Dave Jones <davej@redhat.com>
    • Fix up mismerge in USB storage driver.
  • Sat Sep 9 2006 Dave Jones <davej@redhat.com>
    • 2.6.17.13
  • Fri Sep 8 2006 Dave Jones <davej@redhat.com>
    • 2.6.17.12
  • Thu Aug 24 2006 Jarod Wilson <jwilson@redhat.com>
    • update to 2.6.17.11
  • Tue Aug 22 2006 Bill Nottingham <notting@redhat.com>
    • update to 2.6.17.10
  • Tue Aug 15 2006 Juan Quintela <quintela@redhat.com>
    • linux-2.6-xen update
      • linux-2.6.17-xen cset changeset: 29033:e6adb54afb96
      • linux-2.6-xen cset 22813:80c2ccf5c330
    • s/xen_version/xen_hv_cset/ as Fedora.
    • update xen hv to cset 11061.
    • Drop iscsi update patch.
  • Mon Aug 7 2006 Dave Jones <davej@redhat.com>
    • 2.6.17.8
  • Fri Aug 4 2006 Dave Jones <davej@redhat.com>
    • Fix split lock patch for 64bit.
  • Fri Aug 4 2006 Dave Jones <davej@redhat.com> [2.6.17-1.2171_FC5]
    • 2.6.17.8rc1
  • Wed Aug 2 2006 Dave Jones <davej@redhat.com>
    • Readd patch to allow 460800 baud on 16C950 UARTs
  • Sat Jul 29 2006 Dave Jones <davej@redhat.com>
    • Silence noisy SCSI ioctl. (#200638)
  • Fri Jul 28 2006 Dave Jones <davej@redhat.com>
    • 2.6.17.7
  • Thu Jul 27 2006 Rik van Riel <mchristi@redhat.com>
    • reduce hypervisor stack use with -O2, this really fixes bug (#198932)
  • Tue Jul 25 2006 Rik van Riel <mchristi@redhat.com>
    • disable debug=y hypervisor build option because of stack overflow (#198932)
  • Tue Jul 25 2006 Dave Jones <davej@redhat.com>
    • Enable serio_raw (#199387)
  • Sun Jul 16 2006 Dave Jones <davej@redhat.com>
    • Support up to 4GB in the 586 kernel again.
  • Sun Jul 16 2006 Dave Jones <davej@redhat.com>
    • 2.6.17.6
  • Fri Jul 14 2006 Dave Jones <davej@redhat.com>
    • Reenable SMC NIC driver.
  • Tue Jul 11 2006 Dave Jones <davej@redhat.com>
    • 2.6.17.4
    • Disable split pagetable lock
  • Sat Jul 8 2006 Juan Quintela <quintela@redhat.com>
    • enable CONFIG_CRASH on xen kernels.
    • enable CONFIG_PCIDEV_BACKEND on xen kernels.
    • make BLKDEV_FRONTEND a module on xen kernels.
    • rebase with linux-2.6-xen-fedora 28918.
    • Update to xen-unstable HV cset 10508.
    • xen: credit scheduler is the default now.
  • Wed Jul 5 2006 Dave Jones <davej@redhat.com>
    • Get rid of stack backtrace on panic, which in most cases actually caused a loss of info instead of a gain.
  • Tue Jul 4 2006 Juan Quintela <quintela@redhat.com>
    • new merge with xen upstream.
    • xen kernel don't require xen userland.
    • new xen kernel (same as rawhide one) with PAE support.
    • removed xen0-PAE & xenU-PAE (see xen kernel).
  • Fri Jun 30 2006 Dave Jones <davej@redhat.com>
    • 2.6.17.3
    • 2.6.17.2
    • Fix the ALSA list_add bug.
  • Mon Jun 26 2006 Dave Jones <davej@redhat.com>
    • Enable fake PCI hotplug driver. (#190437)
    • Enable gameport/joystick on i586 builds. (#196581)
  • Sat Jun 24 2006 Dave Jones <davej@redhat.com>
    • Enable profiling for 586 kernels.
  • Fri Jun 23 2006 Dave Jones <davej@redhat.com>
    • Make 'quiet' work again.
  • Tue Jun 20 2006 Dave Jones <davej@redhat.com> [2.6.17-1.2139_FC5]
    • Rebuild with slab debug off.
  • Tue Jun 20 2006 Dave Jones <davej@redhat.com> [2.6.17-1.2138_FC5]
    • 2.6.17.1
  • Sun Jun 18 2006 Dave Jones <davej@redhat.com>
    • 2.6.17
    • Only print info about SMP alternatives on SMP kernels.
  • Tue Jun 6 2006 Dave Jones <davej@redhat.com> [2.6.16-1.2133_FC5]
    • Add a PPC64 kdump kernel.
  • Mon Jun 5 2006 Dave Jones <davej@redhat.com> [2.6.16-1.2132_FC5]
    • 2.6.16.20
  • Thu Jun 1 2006 Dave Jones <davej@redhat.com>
    • Reenable Xen builds.
  • Tue May 30 2006 Dave Jones <davej@redhat.com>
    • 2.6.16.19
  • Sun May 28 2006 Dave Jones <davej@redhat.com>
    • Fix unresolved symbol. (#193333)
  • Sat May 27 2006 Dave Jones <davej@redhat.com>
    • Improve list corruption debugging patch.
  • Fri May 26 2006 Dave Jones <davej@redhat.com>
    • Remove xenU initrd's when kernel is removed.
  • Fri May 26 2006 Juan Quintela <quintela@redhat.com>
    • Remove ARCH=xen reminiscences on spec file

This update can be downloaded from:

    http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/

82623291d8b24f73db7c1e74c8199cbcb45267c7 SRPMS/kernel-2.6.19-1.2288.2.1.fc5.src.rpm
82623291d8b24f73db7c1e74c8199cbcb45267c7 noarch/kernel-2.6.19-1.2288.2.1.fc5.src.rpm
bdc515a55fc99a40b3770535f76a90be89fb5692 ppc/kernel-2.6.19-1.2288.2.1.fc5.ppc.rpm
a7932bd6a0346b28b9c723c5eb46b60a48f1cdf9 ppc/debug/kernel-debuginfo-2.6.19-1.2288.2.1.fc5.ppc.rpm
a82e1ad7bdff7199624da1d414d4cce8d2762a7f ppc/kernel-smp-devel-2.6.19-1.2288.2.1.fc5.ppc.rpm
ef08c9019190ced47523abdc9b453a4173189379 ppc/kernel-smp-2.6.19-1.2288.2.1.fc5.ppc.rpm
d39072fe42024465182826e366499ff095577a46 ppc/kernel-devel-2.6.19-1.2288.2.1.fc5.ppc.rpm
13288f3db86f210017415d5b90e72f7649db53bd ppc/kernel-doc-2.6.19-1.2288.2.1.fc5.noarch.rpm
374d4826a762a8cf808d7513a5b667a72fab8598 x86_64/kernel-devel-2.6.19-1.2288.2.1.fc5.x86_64.rpm
f6cb1e9dbb708e3561b3f8e0583f5ec816356665 x86_64/kernel-2.6.19-1.2288.2.1.fc5.x86_64.rpm
1aab8ee0a54899e5f240d1fd6e226cbc3a0060d6 x86_64/kernel-kdump-devel-2.6.19-1.2288.2.1.fc5.x86_64.rpm
27607f435d59babc4caf6dbef081119c99f5b8b8 x86_64/kernel-debug-devel-2.6.19-1.2288.2.1.fc5.x86_64.rpm
833ea971cbcc4df3c44a9cc45b19f6e40da40272 x86_64/kernel-kdump-2.6.19-1.2288.2.1.fc5.x86_64.rpm
04ae05187f352dc2107287a621256f6e68bb2256 x86_64/debug/kernel-debuginfo-2.6.19-1.2288.2.1.fc5.x86_64.rpm
14a432b179b3c46aa2976513297be23004befe8e x86_64/kernel-debug-2.6.19-1.2288.2.1.fc5.x86_64.rpm
13288f3db86f210017415d5b90e72f7649db53bd x86_64/kernel-doc-2.6.19-1.2288.2.1.fc5.noarch.rpm
e969b055be17653023522006701995e6d6737be3 i386/debug/kernel-debuginfo-2.6.19-1.2288.2.1.fc5.i386.rpm
a33501849bba5269f15be82d261c429a01d24b1c i386/kernel-smp-2.6.19-1.2288.2.1.fc5.i586.rpm
1c045a9a21c2bcccf43576f9487a651880359717 i386/debug/kernel-debuginfo-2.6.19-1.2288.2.1.fc5.i586.rpm
f29e07edebe59ad2e17b158a5b397c9e9bd4bd28 i386/kernel-devel-2.6.19-1.2288.2.1.fc5.i586.rpm
713a48ad101f28508fc57a8f19d667a0f74acbd0 i386/kernel-2.6.19-1.2288.2.1.fc5.i586.rpm
8d49860b7338b0061f2c6286d66078f1c982b7e3 i386/kernel-smp-devel-2.6.19-1.2288.2.1.fc5.i586.rpm
39598844dc8ec41ca2024b4c2834413e774db718 i386/kernel-smp-debug-devel-2.6.19-1.2288.2.1.fc5.i686.rpm
096a8c967a10f8c0da2484a1a13e6e0ebaf5dbf0 i386/kernel-smp-2.6.19-1.2288.2.1.fc5.i686.rpm
39dacd647234179631a381c62050c8da1fd3048a i386/kernel-smp-debug-2.6.19-1.2288.2.1.fc5.i686.rpm
95c559d9be94102ef5fe626cac745ac2822ace2f i386/kernel-2.6.19-1.2288.2.1.fc5.i686.rpm
cfc79fdbb56179ca9adb276cfb77fbcb8e6d72be i386/kernel-devel-2.6.19-1.2288.2.1.fc5.i686.rpm
8ec8d6309d60d124931274dcf1210ffaa065b08c i386/kernel-smp-devel-2.6.19-1.2288.2.1.fc5.i686.rpm
b647349b8e582d4d3098f34bf0967af382808f56 i386/kernel-kdump-devel-2.6.19-1.2288.2.1.fc5.i686.rpm
499a6b1cc16f092ba140f34354b683e1ee832b6f i386/kernel-debug-2.6.19-1.2288.2.1.fc5.i686.rpm
a4a094bc5a42507e01e5b0ab3d4e2dd2ceec46f7 i386/kernel-debug-devel-2.6.19-1.2288.2.1.fc5.i686.rpm
0a44dc2d7b90ca66a4f2ad77b212e1d86288d795 i386/debug/kernel-debuginfo-2.6.19-1.2288.2.1.fc5.i686.rpm
e3442de6f6ee41b00ee2105608e7ea80a85ab0f9 i386/kernel-kdump-2.6.19-1.2288.2.1.fc5.i686.rpm
13288f3db86f210017415d5b90e72f7649db53bd i386/kernel-doc-2.6.19-1.2288.2.1.fc5.noarch.rpm

This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/.


Fedora Update Notification
FEDORA-2007-291
2007-03-02

Product : Fedora Core 6
Name : kernel
Version : 2.6.19
Release : 1.2911.6.4.fc6
Summary : The Linux kernel (the core of the Linux operating system)

Description :
The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc.


Update Information:

Updated to kernel 2.6.19.5 plus additional fixes:

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.19.4
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.19.5

CVE-2007-0772:
Summary: The Linux kernel before 2.6.20.1 allows remote attackers to cause a denial of service (oops) via a crafted NFSACL 2 ACCESS request that triggers a free of an incorrect pointer.

CVE-2006-5753:
Summary: Unspecified vulnerability in the listxattr system call in Linux kernel, when a "bad inode" is present, allows local users to cause a denial of service (data corruption) and possibly gain privileges via unknown vectors.

Fixed broken SCSI CDROM IOCTLs.
Added Xen, which was missing from 1.2911.6.3


  • Sat Feb 24 2007 Chuck Ebbert <cebbert@redhat.com>
    • 2.6.19.5
    • re-enable Xen
  • Thu Feb 22 2007 Chuck Ebbert <cebbert@redhat.com>
    • 2.6.19.4 (CVE-2007-0772)
    • 2.6.19.5-rc1
    • bad_inode_ops patch (CVE-2006-5753)
    • disable MSI on forcedeth cards (bz #222556)
    • Intel HDA si3054 codec (bz #228879)
    • "no irq for vector" fix (bz #225399)
    • usbnet oops fix (bz #228231)
    • swiotlb synchronization fix
    • scsi cdrom ioctls were broken

This update can be downloaded from:

    http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/

3b9c104fb1d67bc46e30f7aeea61dba378fa9746 SRPMS/kernel-2.6.19-1.2911.6.4.fc6.src.rpm
3b9c104fb1d67bc46e30f7aeea61dba378fa9746 noarch/kernel-2.6.19-1.2911.6.4.fc6.src.rpm
8d0ee970cca88644eeecdd92e2061b132f7e7d88 ppc/kernel-smp-devel-2.6.19-1.2911.6.4.fc6.ppc.rpm
4d8af9bdad003eea636765b81b2227ca105a5508 ppc/debug/kernel-debuginfo-common-2.6.19-1.2911.6.4.fc6.ppc.rpm
b69b995617f08c337850a27afbb04b6bd55d95fb ppc/kernel-smp-2.6.19-1.2911.6.4.fc6.ppc.rpm
a2ae46ea39f017018d7f920e81fd3a908b7c2aca ppc/debug/kernel-debuginfo-2.6.19-1.2911.6.4.fc6.ppc.rpm
e8f0423850df3badc3c4423b96ddd1a7383436e0 ppc/kernel-headers-2.6.19-1.2911.6.4.fc6.ppc.rpm
a954f0c8a26a90e325106ed781805ea80504e5d3 ppc/kernel-2.6.19-1.2911.6.4.fc6.ppc.rpm
fb14aacd01fcb3c812fccab31c34d8ab7c2889f1 ppc/kernel-devel-2.6.19-1.2911.6.4.fc6.ppc.rpm
d8ac1ac311f78d91a2cb6c2d62aa74cbd3a7ae6c ppc/debug/kernel-smp-debuginfo-2.6.19-1.2911.6.4.fc6.ppc.rpm
5bef6ccd05ac52463bf07136805a554b78abc293 ppc/kernel-doc-2.6.19-1.2911.6.4.fc6.noarch.rpm
c8186b782d6b72cdbe656df74ca0b68066e358f6 x86_64/debug/kernel-kdump-debuginfo-2.6.19-1.2911.6.4.fc6.x86_64.rpm
635820d0672d3087b00f2aabd06cf227a5ac81d6 x86_64/debug/kernel-debug-debuginfo-2.6.19-1.2911.6.4.fc6.x86_64.rpm
90cc99803c13ae6c301b19936a347f18393dbf87 x86_64/debug/kernel-debuginfo-common-2.6.19-1.2911.6.4.fc6.x86_64.rpm
7e32e9700922d87c211cd7cf9972ec16f51862be x86_64/kernel-headers-2.6.19-1.2911.6.4.fc6.x86_64.rpm
1f5247118404dd081f872bad871d01a4df4c9f48 x86_64/kernel-devel-2.6.19-1.2911.6.4.fc6.x86_64.rpm
e9b8f363fde7786dbc01aeff84982669ba1addfd x86_64/debug/kernel-debuginfo-2.6.19-1.2911.6.4.fc6.x86_64.rpm
c575eca9f89cd49194926f7adfaa5349733156be x86_64/debug/kernel-xen-debuginfo-2.6.19-1.2911.6.4.fc6.x86_64.rpm
7758dbccf92e386794981107d24e8b0afe3336ec x86_64/kernel-debug-devel-2.6.19-1.2911.6.4.fc6.x86_64.rpm
9f9da8579c498b937718dab6cc6c36981edb25e0 x86_64/kernel-debug-2.6.19-1.2911.6.4.fc6.x86_64.rpm
af71cb466816585b1e1ef52b219d243331acf48c x86_64/kernel-2.6.19-1.2911.6.4.fc6.x86_64.rpm
1d64d3df3530a51ccbe6c9a6011871d347a22bb3 x86_64/kernel-kdump-2.6.19-1.2911.6.4.fc6.x86_64.rpm
36319a5af26ac5c5ac54981f172e7ddcb747e108 x86_64/kernel-xen-devel-2.6.19-1.2911.6.4.fc6.x86_64.rpm
2349dbcbdc7a3fb36595b5ed230fbb0cb6b53870 x86_64/kernel-kdump-devel-2.6.19-1.2911.6.4.fc6.x86_64.rpm
0c185d900d99544d035c976cd67d1474dbda245f x86_64/kernel-xen-2.6.19-1.2911.6.4.fc6.x86_64.rpm
5bef6ccd05ac52463bf07136805a554b78abc293 x86_64/kernel-doc-2.6.19-1.2911.6.4.fc6.noarch.rpm
0ebe323bdfda431b7a130c795c23db74230b9c2e i386/kernel-headers-2.6.19-1.2911.6.4.fc6.i386.rpm
b63fb516605aca199fc2b64836d19dc6ff8f4385 i386/debug/kernel-debuginfo-2.6.19-1.2911.6.4.fc6.i586.rpm
c26a954b50047145d7e5047c521ac6f0a19f079b i386/kernel-2.6.19-1.2911.6.4.fc6.i586.rpm
90a0861cbe6c29392a4c79e7999f32a564a5b27b i386/debug/kernel-debuginfo-common-2.6.19-1.2911.6.4.fc6.i586.rpm
f499a8c9672b1a9f48c0496470f1d32e7a410511 i386/kernel-devel-2.6.19-1.2911.6.4.fc6.i586.rpm
a51887765a0486a3c45259b14f7764f9b6c47534 i386/kernel-xen-2.6.19-1.2911.6.4.fc6.i686.rpm
ad0b66fef22c4345c0c09f6708ef261edad6ee3e i386/debug/kernel-PAE-debuginfo-2.6.19-1.2911.6.4.fc6.i686.rpm
8bb06b600a54b6c9a84b2eea5b527a8fd140f0ff i386/kernel-PAE-debug-devel-2.6.19-1.2911.6.4.fc6.i686.rpm
6503131a6626c7d663e111dc4fcada5d5fbbfd86 i386/kernel-xen-devel-2.6.19-1.2911.6.4.fc6.i686.rpm
3c06d8d1fc9968a608d3c7b11997c2f5615fa0ea i386/debug/kernel-PAE-debug-debuginfo-2.6.19-1.2911.6.4.fc6.i686.rpm
928e207a8f6ba0078d2542ef00dce6ec6c88e57e i386/kernel-devel-2.6.19-1.2911.6.4.fc6.i686.rpm
c152a8bd1295ad530403b0b28872dbcd983bd95c i386/debug/kernel-debuginfo-2.6.19-1.2911.6.4.fc6.i686.rpm
57feaf429fb2a621b12dfe6f197b6e6b8085397e i386/kernel-kdump-devel-2.6.19-1.2911.6.4.fc6.i686.rpm
14092a07b3f413d8a2ef6638421f7b43fc84ee2e i386/kernel-PAE-2.6.19-1.2911.6.4.fc6.i686.rpm
854a3f431853eba65a7ff0606c1e0d4bf5e42163 i386/kernel-kdump-2.6.19-1.2911.6.4.fc6.i686.rpm
a5041c5c75ea3ae219f3e441003ea3bdc6e6936d i386/kernel-debug-devel-2.6.19-1.2911.6.4.fc6.i686.rpm
26d245bb933095da338b09210b13318cb4ce67b5 i386/kernel-2.6.19-1.2911.6.4.fc6.i686.rpm
c2a4b2ffd08a7506063c37aab9319d430f7d89f0 i386/debug/kernel-xen-debuginfo-2.6.19-1.2911.6.4.fc6.i686.rpm
ebde06cf5161547121917b373dd9c76afca391d2 i386/kernel-PAE-debug-2.6.19-1.2911.6.4.fc6.i686.rpm
ec2513833b94472935f8b7b9971f3f3512476144 i386/kernel-debug-2.6.19-1.2911.6.4.fc6.i686.rpm
b4a2da9eb3082806afaeee95e81e1ef9fdc88e48 i386/debug/kernel-kdump-debuginfo-2.6.19-1.2911.6.4.fc6.i686.rpm
5f7aa907b024d69f92b99c204c5aab9302fd4229 i386/debug/kernel-debuginfo-common-2.6.19-1.2911.6.4.fc6.i686.rpm
d70d9ec257ed8867bf1deb11d86aca8aee834981 i386/kernel-PAE-devel-2.6.19-1.2911.6.4.fc6.i686.rpm
ab22eb32f09b3210de7d4b4dd53111706448cf75 i386/debug/kernel-debug-debuginfo-2.6.19-1.2911.6.4.fc6.i686.rpm
5bef6ccd05ac52463bf07136805a554b78abc293 i386/kernel-doc-2.6.19-1.2911.6.4.fc6.noarch.rpm

This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/.

Gentoo Linux


Gentoo Linux Security Advisory GLSA 200703-01

http://security.gentoo.org/


Severity: High
Title: Snort: Remote execution of arbitrary code
Date: February 23, 2007
Bugs: #167730
ID: 200703-01


Synopsis

The Snort DCE/RPC preprocessor contains a buffer overflow that could result in the remote execution of arbitrary code.

Background

Snort is a widely deployed intrusion detection program.

Affected packages


Package / Vulnerable / Unaffected
1 net-analyzer/snort < 2.6.1.3 >= 2.6.1.3

Description

The Snort DCE/RPC preprocessor does not properly reassemble certain types of fragmented SMB and DCE/RPC packets.

Impact

A remote attacker could send specially crafted fragmented SMB or DCE/RPC packets, without the need to finish the TCP handshake, that would trigger a stack-based buffer overflow while being reassembled. This could lead to the execution of arbitrary code with the permissions of the user running the Snort preprocessor.

Workaround

Disable the DCE/RPC processor by commenting 'preprocessor rpc_decode' and 'include $RULE_PATH/rpc.rules' from /etc/snort/snort.conf .

Resolution

All Snort users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=net-analyzer/snort-2.6.1.3"

References

[ 1 ] CVE-2006-5276

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5276

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200703-01.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2007 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5


Gentoo Linux Security Advisory [ERRATA UPDATE] GLSA 200703-01:02

http://security.gentoo.org/


Severity: High
Title: Snort: Remote execution of arbitrary code
Date: February 23, 2007
Updated: March 02, 2007
Bugs: #167730
ID: 200703-01:02


Errata

The initial workaround provided by the GLSA does not avoid the mentioned vulnerability.

The corrected section appears below.

Workaround

Disable the DCE/RPC processor by commenting the 'preprocessor dcerpc' section in /etc/snort/snort.conf .

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200703-01.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2007 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5


Gentoo Linux Security Advisory GLSA 200703-02

http://security.gentoo.org/


Severity: Normal
Title: SpamAssassin: Long URI Denial of Service
Date: March 02, 2007
Bugs: #166969
ID: 200703-02


Synopsis

SpamAssassin is vulnerable to a Denial of Service attack.

Background

SpamAssassin is an extensible email filter used to identify junk email.

Affected packages


     Package                   /  Vulnerable  /             Unaffected

  1  mail-filter/spamassassin       < 3.1.8                   >= 3.1.8

Description

SpamAssassin does not correctly handle very long URIs when scanning emails.

Impact

An attacker could cause SpamAssassin to consume large amounts of CPU and memory resources by sending one or more emails containing very long URIs.

Workaround

There is no known workaround at this time.

Resolution

All SpamAssassin users should upgrade to the latest version.

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=mail-filter/spamassassin-3.1.8"

References

[ 1 ] CVE-2007-0451

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0451

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200703-02.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2007 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5


Gentoo Linux Security Advisory GLSA 200703-03

http://security.gentoo.org/


Severity: Normal
Title: ClamAV: Denial of Service
Date: March 02, 2007
Bugs: #167201
ID: 200703-03


Synopsis

ClamAV contains two vulnerabilities allowing a Denial of Service.

Background

ClamAV is a GPL virus scanner.

Affected packages


     Package               /  Vulnerable  /                 Unaffected

  1  app-antivirus/clamav       < 0.90                         >= 0.90

Description

An anonymous researcher discovered a file descriptor leak error in the processing of CAB archives and a lack of validation of the "id" parameter string used to create local files when parsing MIME headers.

Impact

A remote attacker can send several crafted CAB archives with a zero-length record header that will fill the available file descriptors until no other is available, which will prevent ClamAV from scanning most archives. An attacker can also send an email with specially crafted MIME headers to overwrite local files with the permissions of the user running ClamAV, such as the virus database file, which could prevent ClamAV from detecting any virus.

Workaround

The first vulnerability can be prevented by refusing any file of type CAB, but there is no known workaround for the second issue.

Resolution

All ClamAV users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=app-antivirus/clamav-0.90"

References

[ 1 ] CVE-2007-0897

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0897

[ 2 ] CVE-2007-0898

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0898

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200703-03.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2007 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5


Gentoo Linux Security Advisory GLSA 200703-04

http://security.gentoo.org/


Severity: Normal
Title: Mozilla Firefox: Multiple vulnerabilities
Date: March 02, 2007
Bugs: #165555
ID: 200703-04


Synopsis

Multiple vulnerabilities have been reported in Mozilla Firefox, some of which may allow user-assisted arbitrary remote code execution.

Background

Mozilla Firefox is a popular open-source web browser from the Mozilla Project.

Affected packages


     Package                         /  Vulnerable  /       Unaffected


1 www-client/mozilla-firefox < 2.0.0.2 *>= 1.5.0.10 >= 2.0.0.2 2 www-client/mozilla-firefox-bin < 2.0.0.2 *>= 1.5.0.10 >= 2.0.0.2 ------------------------------------------------------------------- 2 affected packages on all of their supported architectures.

Description

Tom Ferris reported a heap-based buffer overflow involving wide SVG stroke widths that affects Mozilla Firefox 2 only. Various researchers reported some errors in the JavaScript engine potentially leading to memory corruption. Mozilla Firefox also contains minor vulnerabilities involving cache collision and unsafe pop-up restrictions, filtering or CSS rendering under certain conditions.

Impact

An attacker could entice a user to view a specially crafted web page that will trigger one of the vulnerabilities, possibly leading to the execution of arbitrary code. It is also possible for an attacker to spoof the address bar, steal information through cache collision, bypass the local files protection mechanism with pop-ups, or perform cross-site scripting attacks, leading to the exposure of sensitive information, like user credentials.

Workaround

There is no known workaround at this time for all of these issues, but most of them can be avoided by disabling JavaScript.

Resolution

Users upgrading to the following releases of Mozilla Firefox should note that this upgrade has been found to lose the saved passwords file in some cases. The saved passwords are encrypted and stored in the 'signons.txt' file of ~/.mozilla/ and we advise our users to save that file before performing the upgrade.

All Mozilla Firefox 1.5 users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=www-client/mozilla-firefox-1.5.0.10"

All Mozilla Firefox 1.5 binary users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=www-client/mozilla-firefox-bin-1.5.0.10"

All Mozilla Firefox 2.0 users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=www-client/mozilla-firefox-2.0.0.2"

All Mozilla Firefox 2.0 binary users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=www-client/mozilla-firefox-bin-2.0.0.2"

References

[ 1 ] CVE-2006-6077

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6077

[ 2 ] CVE-2007-0775

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0775

[ 3 ] CVE-2007-0776

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0776

[ 4 ] CVE-2007-0777

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0777

[ 5 ] CVE-2007-0778

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0778

[ 6 ] CVE-2007-0779

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0779

[ 7 ] CVE-2007-0780

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0780

[ 8 ] CVE-2007-0800

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0800

[ 9 ] CVE-2007-0801

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0801

[ 10 ] CVE-2007-0981

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0981

[ 11 ] CVE-2007-0995

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0995

[ 12 ] Mozilla password loss bug

https://bugzilla.mozilla.org/show_bug.cgi?id=360493#c366

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200703-04.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2007 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5


Gentoo Linux Security Advisory GLSA 200703-05

http://security.gentoo.org/


Severity: Normal
Title: Mozilla Suite: Multiple vulnerabilities
Date: March 03, 2007
Bugs: #135257
ID: 200703-05


Synopsis

Several vulnerabilities exist in the Mozilla Suite, which is no longer supported by the Mozilla project.

Background

The Mozilla Suite is a popular all-in-one web browser that includes a mail and news reader.

Affected packages


     Package                 /  Vulnerable  /               Unaffected


1 www-client/mozilla <= 1.7.13 Vulnerable! 2 www-client/mozilla-bin <= 1.7.13 Vulnerable! ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers. ------------------------------------------------------------------- 2 affected packages on all of their supported architectures.

Description

Several vulnerabilities ranging from code execution with elevated privileges to information leaks affect the Mozilla Suite.

Impact

A remote attacker could entice a user to browse to a specially crafted website or open a specially crafted mail that could trigger some of the vulnerabilities, potentially allowing execution of arbitrary code, denials of service, information leaks, or cross-site scripting attacks leading to the robbery of cookies of authentication credentials.

Workaround

Most of the issues, but not all of them, can be prevented by disabling the HTML rendering in the mail client and JavaScript on every application.

Resolution

The Mozilla Suite is no longer supported and has been masked after some necessary changes on all the other ebuilds which used to depend on it. Mozilla Suite users should unmerge www-client/mozilla or www-client/mozilla-bin, and switch to a supported product, like SeaMonkey, Thunderbird or Firefox.

    # emerge --unmerge "www-client/mozilla"
    # emerge --unmerge "www-client/mozilla-bin"

References

[ 1 ] Official Advisory

http://www.mozilla.org/projects/security/known-vulnerabilities.html#Mozilla

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200703-05.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2007 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5

Mandriva Linux


Mandriva Linux Security Advisory MDKSA-2007:050-1
http://www.mandriva.com/security/


Package : mozilla-firefox
Date : March 2, 2007
Affected: 2007.0, Corporate 3.0, Corporate 4.0


Problem Description:

A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 1.5.0.10.

This update provides the latest Firefox to correct these issues.

Update:

A regression was found in the latest Firefox packages provided where changes to library