dcsimg
Linux Today: Linux News On Internet Time.





More on LinuxToday


Advisories, February 5, 2006

Mar 06, 2006, 04:45 (0 Talkback[s])

Fedora Core


Fedora Update Notification
FEDORA-2006-133
2006-03-03

Product : Fedora Core 4
Name : squirrelmail
Version : 1.4.6
Release : 1.fc4
Summary : SquirrelMail webmail client

Description :
SquirrelMail is a standards-based webmail package written in PHP4. It includes built-in pure PHP support for the IMAP and SMTP protocols, and all pages render in pure HTML 4.0 (with no Javascript) for maximum compatibility across browsers. It has very few requirements and is very easy to configure and install. SquirrelMail has all the functionality you would want from an email client, including strong MIME support, address books, and folder manipulation.


Update Information:

Upgrade to version upstream 1.4.6 which solves these issues in addition to several bugs.

http://www.squirrelmail.org/changelog.php More details here.

Additionally Fedora's package contains fixes that may improve usability of squirrelmail in various non-English languages. Please report to Bug #162852 if this update causes any regressions in non-English language behavior.


  • Wed Mar 1 2006 David Woodhouse <dwmw2@redhat.com> 1.4.6-1
    • Upgrade to 1.4.6 proper for CVE-2006-0377 CVE-2006-0195 CVE-2006-0188
    • Script the charset changes instead of using a patch
    • Convert the ko_KR files to UTF-8, dropping invalid characters from what's theoretically supposed to be EUC-KR in the original.
  • Tue Jan 17 2006 Warren Togami <wtogami@redhat.com> 1.4.6-0.cvs20050812.3
    • do not remove mo files
    • require php-mbstring
  • Fri Dec 9 2005 Jesse Keating <jkeating@redhat.com>
    • rebuilt
  • Mon Sep 12 2005 David Woodhouse <dwmw2@redhat.com> 1.4.6-0.cvs20050812.2
    • Convert all locales to UTF-8 instead of legacy character sets to work around bug #162852. Except for ko_KR, because iconv doesn't believe its help files are actually in EUC-KR as claimed.

This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/

7fa03570698b636dcd976d0f3b6d3d51df171224 SRPMS/squirrelmail-1.4.6-1.fc4.src.rpm
9cb6adf3a5746a0187ca0f7db333884221ef7512 ppc/squirrelmail-1.4.6-1.fc4.noarch.rpm
9cb6adf3a5746a0187ca0f7db333884221ef7512 x86_64/squirrelmail-1.4.6-1.fc4.noarch.rpm
9cb6adf3a5746a0187ca0f7db333884221ef7512 i386/squirrelmail-1.4.6-1.fc4.noarch.rpm

This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/.

Gentoo Linux


Gentoo Linux Security Advisory GLSA 200603-01

http://security.gentoo.org/


Severity: Normal
Title: WordPress: SQL injection vulnerability
Date: March 04, 2006
Bugs: #121661
ID: 200603-01


Synopsis

WordPress is vulnerable to an SQL injection vulnerability.

Background

WordPress is a PHP and MySQL based content management and publishing system.

Affected packages


     Package             /  Vulnerable  /                   Unaffected

  1  www-apps/wordpress      <= 1.5.2                         >= 2.0.1

Description

Patrik Karlsson reported that WordPress 1.5.2 makes use of an insufficiently filtered User Agent string in SQL queries related to comments posting. This vulnerability was already fixed in the 2.0-series of WordPress.

Impact

An attacker could send a comment with a malicious User Agent parameter, resulting in SQL injection and potentially in the subversion of the WordPress database. This vulnerability wouldn't affect WordPress sites which do not allow comments or which require that comments go through a moderator.

Workaround

Disable or moderate comments on your WordPress blogs.

Resolution

All WordPress users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=www-apps/wordpress-2.0.1"

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200603-01.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.0


Gentoo Linux Security Advisory GLSA 200603-02

http://security.gentoo.org/


Severity: Normal
Title: teTeX, pTeX, CSTeX: Multiple overflows in included XPdf code
Date: March 04, 2006
Bugs: #115775
ID: 200603-02


Synopsis

CSTeTeX, pTeX, and teTeX include vulnerable XPdf code to handle PDF files, making them vulnerable to the execution of arbitrary code.

Background

teTex is a complete TeX distribution. It is used for creating and manipulating LaTeX documents. CSTeX is a TeX distribution with Czech and Slovak support. pTeX is and ASCII publishing TeX distribution.

Affected packages


     Package           /  Vulnerable  /                     Unaffected


1 app-text/tetex < 2.0.2-r8 >= 2.0.2-r8 2 app-text/cstetex < 2.0.2-r2 >= 2.0.2-r2 3 app-text/ptex < 3.1.5-r1 >= 3.1.5-r1 ------------------------------------------------------------------- 3 affected packages on all of their supported architectures.

Description

CSTeX, teTex, and pTeX include XPdf code to handle PDF files. This XPdf code is vulnerable to several heap overflows (GLSA 200512-08) as well as several buffer and integer overflows discovered by Chris Evans (CESA-2005-003).

Impact

An attacker could entice a user to open a specially crafted PDF file with teTeX, pTeX or CSTeX, potentially resulting in the execution of arbitrary code with the rights of the user running the affected application.

Workaround

There is no known workaround at this time.

Resolution

All teTex users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=app-text/tetex-2.0.2-r8"

All CSTeX users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=app-text/cstetex-2.0.2-r2"

All pTeX users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=app-text/ptex-3.1.5-r1"

References

[ 1 ] CVE-2005-3193

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3193

[ 2 ] GLSA 200512-08

http://www.gentoo.org/security/en/glsa/glsa-200512-08.xml

[ 3 ] CESA-2005-003

http://scary.beasts.org/security/CESA-2005-003.txt

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200603-02.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.0


Gentoo Linux Security Advisory GLSA 200603-03

http://security.gentoo.org/


Severity: Normal
Title: MPlayer: Multiple integer overflows
Date: March 04, 2006
Bugs: #115760, #122029
ID: 200603-03


Synopsis

MPlayer is vulnerable to integer overflows in FFmpeg and ASF decoding that could potentially result in the execution of arbitrary code.

Background

MPlayer is a media player capable of handling multiple multimedia file formats.

Affected packages


     Package              /    Vulnerable    /              Unaffected

  1  media-video/mplayer     < 1.0.20060217            >= 1.0.20060217

Description

MPlayer makes use of the FFmpeg library, which is vulnerable to a heap overflow in the avcodec_default_get_buffer() function discovered by Simon Kilvington (see GLSA 200601-06). Furthermore, AFI Security Research discovered two integer overflows in ASF file format decoding, in the new_demux_packet() function from libmpdemux/demuxer.h and the demux_asf_read_packet() function from libmpdemux/demux_asf.c.

Impact

An attacker could craft a malicious media file which, when opened using MPlayer, would lead to a heap-based buffer overflow. This could result in the execution of arbitrary code with the permissions of the user running MPlayer.

Workaround

There is no known workaround at this time.

Resolution

All MPlayer users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=media-video/mplayer-1.0.20060217"

References

[ 1 ] CVE-2005-4048

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4048

[ 2 ] CVE-2006-0579

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0579

[ 3 ] GLSA 200601-06

http://www.gentoo.org/security/en/glsa/glsa-200601-06.xml

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200603-03.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.0