Home · Compatibility Lists · Support Forums · FAQ · News Archive · Articles · Submit News/Upcoming News

Linux Compatible

advertisement

Latest Linux News

GLSA 200907-03 APR Utili...
PHP 5.3.0-final preview p...
DSA 1826-1: New eggdrop p...
Security Notice: Attempte...
Wine release 1.1.25
DSA 1825-1: New nagios2/n...
An Interview With A Linux...
GLSA 200907-02 ModSecuri...
GLSA 200907-01 libwmf: U...
USN-795-1: Nagios vulnera...

Latest Threads

Enter To Win an AMD TWKR ...
OC3D: Roccat Taito Gaming...
eCOMPOSITE releases GPSRe...
ASUS N90Sv-A2 Multimedia ...
10 Benefits of Video Game...
[gentoo-announce] [ GLSA ...
XFX HD 4890 1000M Black E...
BFG Tech EX Series 1000 W...
Divinity 2: Ego Draconis ...
Section 8 Trailer #4 and ...

Latest Web News

Process Lasso 3.61.3 Beta
Lian Li PC-8 Review
ASUS N90Sv-A2 Multimedia ...
Panda Cloud Antivirus 0.0...
HostsMan 3.2.71 Beta 7
FurMark 1.7.0
Daily Reviews Summary 07/...
10 Benefits of Video Games
BFG Tech EX Series 1000 W...
USB 2.0 VGA / DVI / HDMI ...

Latest Mac News

Breaking: shot fired, one...
Countering rumor says App...
Breaking: shot fired at V...
NVIDIA Sources Refute Cla...
Breaking: shots fired at ...
Apple working to fix unre...
Apple looks towards finge...
Apple developing "ac...
Jobs' Quiet Comeback, Min...
Apple to Rate Your Karaok...

Welcome to our website

To take full advantage of all features you need to login or register. Registration is completely free and takes only a few seconds.

Advertisement

Topics

Linux
Reviews
Guides
GNOME
KDE
Red Hat
Debian
Mandriva
Ubuntu
CentOS
Gentoo
SUSE
Slackware
General

News Feeds

Handheld/PDA
XML News Feeds
View Sidebar
Mozilla Sidebar

Appearance

Default
Default Bold
Wide
Wide Bold

Links

HDTV.Esselbach.at
Links Page

GLSA 200805-11 Chicken: Multiple vulnerabilities
Posted by Bob on: 2008-05-12 23:25:02 [ Print | Permalink ]

A new security update has been released for Gentoo Linux - Chicken: Multiple vulnerabilities. Here the announcement:

"Gentoo Linux Security Advisory GLSA 200805-11
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Chicken: Multiple vulnerabilities
Date: May 12, 2008
Bugs: #198979
ID: 200805-11

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities in Chicken could result in the execution of
arbitrary code.

Background
==========

Chicken is a Scheme interpreter and native Scheme to C compiler.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-scheme/chicken < 3.1.0 >= 3.1.0

Description
===========

Chicken includes a copy of PCRE which is vulnerable to multiple buffer
overflows and memory corruption vulnerabilities (GLSA 200711-30).

Impact
======

An attacker could entice a user to process specially crafted regular
expressions with Chicken, which could possibly lead to the execution of
arbitrary code, a Denial of Service or the disclosure of sensitive
information.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All Chicken users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-scheme/chicken-3.1.0"

References
==========

[ 1 ] GLSA 200711-30
http://www.gentoo.org/security/en/glsa/glsa-200711-30.xml

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200805-11.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
http://bugs.gentoo.org.

License
=======

Copyright 2008 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5
"

Digg it!

Slashdot

Del.icio.us

Technorati

Fark it!

Binklist

Furl

Newsvine

Windows Live

Netscape

Google Bookmarks

Reddit!

LinkaGoGo

Tailrank

Wink

Dzone

Simpy

Spurl

Yahoo! MyWeb

NetVouz

RawSugar

Smarking

Scuttle

Magnolia

BlogMarks

Nowpublic

FeedMeLinks

Wists

Onlywire

Connotia

Shadows

Co.mments

News Source: Gentoo

Related Stories

- GLSA 200907-03 APR Utility Library: Multiple vulnerabilities (07/04/2009 09:55 am)
- GLSA 200907-02 ModSecurity: Denial of Service (07/02/2009 09:50 pm)
- GLSA 200907-01 libwmf: User-assisted execution of arbitrary code (07/02/2009 09:45 pm)
- GLSA 200906-05 Wireshark: Multiple vulnerabilities (06/30/2009 03:25 pm)
- GLSA 200906-04 Apache Tomcat JK Connector: Information disclosure (06/30/2009 12:55 am)
- GLSA 200906-03 phpMyAdmin: Multiple vulnerabilities (06/30/2009 12:50 am)
- GLSA 200906-02 Ruby: Denial of Service (06/28/2009 11:45 pm)
- GLSA 200906-01 libpng: Information disclosure (06/28/2009 10:30 pm)
- GLSA 200905-09 libsndfile: User-assisted execution of arbitrary code (05/27/2009 08:45 pm)
- GLSA 200905-08 NTP: Remote execution of arbitrary code (05/26/2009 06:15 pm)
- GLSA 200905-07 Pidgin: Multiple vulnerabilities (05/26/2009 01:15 am)
- GLSA 200905-06 acpid: Denial of Service (05/24/2009 08:50 pm)
- GLSA 200905-05 FreeType: Multiple vulnerabilities (05/24/2009 08:10 pm)
- GLSA 200905-04 GnuTLS: Multiple vulnerabilities (05/24/2009 03:40 pm)
- GLSA 200905-03 IPSec Tools: Denial of Service (05/24/2009 03:30 pm)
- GLSA 200905-02 Cscope: User-assisted execution of arbitrary code (05/24/2009 03:10 pm)
- GLSA 200905-01 Asterisk: Multiple vulnerabilities (05/02/2009 08:05 pm)
- GLSA 200904-20 CUPS: Multiple vulnerabilities (04/24/2009 12:00 am)
- GLSA 200904-19 LittleCMS: Multiple vulnerabilities (04/19/2009 05:50 pm)
- GLSA 200904-18 udev: Multiple vulnerabilities (04/18/2009 09:15 pm)
- GLSA 200904-17 Adobe Reader: User-assisted execution of arbitrary code (04/18/2009 01:25 pm)

Related Threads

- [gentoo-announce] [ GLSA 200907-03 ] APR Utility Library: Multiple vulnerabilities (07/04/2009 09:56 am)
- [gentoo-announce] [ GLSA 200907-02 ] ModSecurity: Denial of Service (07/02/2009 09:49 pm)
- [gentoo-announce] [ GLSA 200907-01 ] libwmf: User-assisted execution of arbitrary code (07/02/2009 09:42 pm)
- [gentoo-announce] [ GLSA 200906-05 ] Wireshark: Multiple vulnerabilities (06/30/2009 03:28 pm)
- [gentoo-announce] [ GLSA 200906-04 ] Apache Tomcat JK Connector: Information disclosure (06/30/2009 12:56 am)
- [gentoo-announce] [ GLSA 200906-03 ] phpMyAdmin: Multiple vulnerabilities (06/30/2009 12:49 am)
- [gentoo-announce] [ GLSA 200906-02 ] Ruby: Denial of Service (06/28/2009 11:42 pm)
- [gentoo-announce] [ GLSA 200906-01 ] libpng: Information disclosure (06/28/2009 10:35 pm)
- [gentoo-announce] [ GLSA 200905-09 ] libsndfile: User-assisted execution of arbitrary code (05/27/2009 08:49 pm)
- [gentoo-announce] [ GLSA 200905-08 ] NTP: Remote execution of arbitrary code (05/26/2009 06:14 pm)
- [gentoo-announce] [ GLSA 200905-07 ] Pidgin: Multiple vulnerabilities (05/26/2009 01:21 am)
- [gentoo-announce] [ GLSA 200905-06 ] acpid: Denial of Service (05/24/2009 08:49 pm)
- [gentoo-announce] [ GLSA 200905-05 ] FreeType: Multiple vulnerabilities (05/24/2009 08:14 pm)
- [gentoo-announce] [ GLSA 200905-04 ] GnuTLS: Multiple vulnerabilities (05/24/2009 03:42 pm)
- [gentoo-announce] [ GLSA 200905-03 ] IPSec Tools: Denial of Service (05/24/2009 03:28 pm)
- [gentoo-announce] [ GLSA 200905-02 ] Cscope: User-assisted execution of arbitrary code (05/24/2009 03:14 pm)
- [gentoo-announce] [ GLSA 200905-01 ] Asterisk: Multiple vulnerabilities (05/02/2009 08:07 pm)
- [gentoo-announce] [ GLSA 200904-20 ] CUPS: Multiple vulnerabilities (04/24/2009 12:07 am)
- [gentoo-announce] [ GLSA 200904-19 ] LittleCMS: Multiple vulnerabilities (04/19/2009 05:49 pm)
- [gentoo-announce] [ GLSA 200904-18 ] udev: Multiple vulnerabilities (04/18/2009 09:14 pm)

All products mentioned are registered trademarks or trademarks of their respective owners.
© 2002-2009 Esselbach Internet Solutions - All Rights Reserved. Terms and privacy policy
Website powered by Esselbach Storyteller CMS System