10 Gentoo Updates
Posted on: 07/10/2012 08:03 AM

The following 10 Gentoo Linux updates has been released: [ GLSA 201207-02 ] libxml2: User-assisted execution of arbitrary code, [ GLSA 201207-01 ] sudo: Privilege escalation, [ GLSA 201207-10 ] CUPS: Multiple vulnerabilities, [ GLSA 201207-07 ] Keepalived: Denial of Service, [ GLSA 201207-08 ] Gnash: Multiple vulnerabilities, [ GLSA 201207-09 ] mod_fcgid: Multiple vulnerabilities, [ GLSA 201207-06 ] JRuby: Denial of Service, [ GLSA 201207-05 ] pidgin-otr: Arbitrary code execution, [ GLSA 201207-04 ] X.Org X Server: Privilege escalation, and [ GLSA 201207-03 ] ChaSen: User-assisted execution of arbitrary code

[ GLSA 201207-02 ] libxml2: User-assisted execution of arbitrary code
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201207-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: libxml2: User-assisted execution of arbitrary code
Date: July 09, 2012
Bugs: #416209
ID: 201207-02

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

A off-by-one error in libxml2 could result in execution of arbitrary
code or Denial of Service.

Background
==========

libxml2 is the XML C parser and toolkit developed for the Gnome
project.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/libxml2 < 2.8.0_rc1 >= 2.8.0_rc1

Description
===========

The "xmlXPtrEvalXPtrPart()" function in xpointer.c contains an
off-by-one error.

Impact
======

A remote attacker could entice a user or automated system to open a
specially crafted XML document with an application using libxml2,
possibly resulting in execution of arbitrary code or a Denial of
Service condition.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All libxml2 users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/libxml2-2.8.0_rc1"

References
==========

[ 1 ] CVE-2011-3102
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3102

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201207-02.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5




[ GLSA 201207-01 ] sudo: Privilege escalation
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201207-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: sudo: Privilege escalation
Date: July 09, 2012
Bugs: #416281
ID: 201207-01

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

A vulnerability has been found in sudo which may allow local users to
gain escalated privileges.

Background
==========

sudo allows a system administrator to give users the ability to run
commands as other users. Access to commands may also be granted on a
range to hosts.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-admin/sudo < 1.8.5_p1 >= 1.8.5_p1

Description
===========

An error in sudo may allow unintended IPv4 hosts to be granted access
to commands.

Impact
======

A local attacker could gain escalated privileges.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All sudo users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=app-admin/sudo-1.8.5_p1"

References
==========

[ 1 ] CVE-2012-2337
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2337

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201207-01.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5




[ GLSA 201207-10 ] CUPS: Multiple vulnerabilities
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201207-10
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: CUPS: Multiple vulnerabilities
Date: July 09, 2012
Bugs: #295256, #308045, #325551, #380771
ID: 201207-10

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities have been found in CUPS, some of which may
allow execution of arbitrary code or local privilege escalation.

Background
==========

CUPS, the Common Unix Printing System, is a full-featured print server.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-print/cups < 1.4.8-r1 >= 1.4.8-r1

Description
===========

Multiple vulnerabilities have been discovered in CUPS. Please review
the CVE identifiers referenced below for details.

Impact
======

A remote attacker may be able to execute arbitrary code using specially
crafted streams, IPP requests or files, or cause a Denial of Service
(daemon crash or hang). A local attacker may be able to gain escalated
privileges or overwrite arbitrary files. Furthermore, a remote attacker
may be able to obtain sensitive information from the CUPS process or
hijack a CUPS administrator authentication request.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All CUPS users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=net-print/cups-1.4.8-r1"

NOTE: This is a legacy GLSA. Updates for all affected architectures are
available since September 03, 2011. It is likely that your system is
already no longer affected by this issue.

References
==========

[ 1 ] CVE-2009-3553
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3553
[ 2 ] CVE-2010-0302
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0302
[ 3 ] CVE-2010-0393
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0393
[ 4 ] CVE-2010-0540
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0540
[ 5 ] CVE-2010-0542
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0542
[ 6 ] CVE-2010-1748
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1748
[ 7 ] CVE-2010-2431
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2431
[ 8 ] CVE-2010-2432
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2432
[ 9 ] CVE-2010-2941
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2941
[ 10 ] CVE-2011-3170
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3170

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201207-10.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5




[ GLSA 201207-07 ] Keepalived: Denial of Service
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201207-07
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Keepalived: Denial of Service
Date: July 09, 2012
Bugs: #371469
ID: 201207-07

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Keepalived uses world-writable PID files, allowing a local attacker to
kill arbitrary processes.

Background
==========

Keepalived is a strong & robust keepalive facility to the Linux Virtual
Server project.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 sys-cluster/keepalived < 1.2.2-r3 >= 1.2.2-r3

Description
===========

The "pidfile_write()" function in pidfile.c in Keepalived writes PID
files with insecure permissions.

Impact
======

A local attacker may be able to cause a Denial of Service of arbitrary
processes.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All Keepalived users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot -v ">=sys-cluster/keepalived-1.2.2-r3"

References
==========

[ 1 ] CVE-2011-1784
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1784

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201207-07.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5




[ GLSA 201207-08 ] Gnash: Multiple vulnerabilities
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201207-08
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Gnash: Multiple vulnerabilities
Date: July 09, 2012
Bugs: #391283, #408209
ID: 201207-08

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities have been found in Gnash which could result in
execution of arbitrary code, Denial of Service, or information
disclosure.

Background
==========

Gnash is a GNU flash movie player that supports many SWF features.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-plugins/gnash < 0.8.10-r2 >= 0.8.10-r2

Description
===========

Multiple vulnerabilities have been found in Gnash:

* The "nsPluginInstance::setupCookies()" function in plugin.cpp creates
world-readable cookies with predictable file names (CVE-2011-4328).
* The "GnashImage::size()" function in GnashImage.h contains an integer
overflow error which could cause a heap-based buffer overflow
(CVE-2012-1175).

Impact
======

A remote attacker could entice a user to open a specially crafted SWF
file, possibly resulting in execution of arbitrary code or a Denial of
Service condition. Furthermore, a local attacker may be able to obtain
sensitive information.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All Gnash users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=www-plugins/gnash-0.8.10-r2"

References
==========

[ 1 ] CVE-2011-4328
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4328
[ 2 ] CVE-2012-1175
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1175

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201207-08.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5




[ GLSA 201207-09 ] mod_fcgid: Multiple vulnerabilities
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201207-09
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: mod_fcgid: Multiple vulnerabilities
Date: July 09, 2012
Bugs: #344685, #409373
ID: 201207-09

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities have been found in mod_fcgid, allowing
execution of arbitrary code or Denial of Service.

Background
==========

mod_fcgid is a binary-compatible alternative to mod_fastcgi with better
process management.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-apache/mod_fcgid < 2.3.7 >= 2.3.7

Description
===========

Multiple vulnerabilities have been found in mod_fcgid:

* An error in the "fcgid_header_bucket_read()" function in
fcgid_bucket.c could cause a stack-based buffer overflow
(CVE-2010-3872).
* An error in the "is_spawn_allowed() function in fcgid_spawn_ctl.c
prevents Apache from recognizing the FcgidMaxProcessesPerClass
directive for a virtual host (CVE-2012-1181).

Impact
======

A local attacker could possibly execute arbitrary code with the
privileges of the process or cause a Denial of Service condition.
Furthermore, a remote attacker could send specially crafted HTTP
requests, possibly resulting in a Denial of Service condition.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All mod_fcgid users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=www-apache/mod_fcgid-2.3.7"

References
==========

[ 1 ] CVE-2010-3872
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3872
[ 2 ] CVE-2012-1181
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1181

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201207-09.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5




[ GLSA 201207-06 ] JRuby: Denial of Service
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201207-06
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: JRuby: Denial of Service
Date: July 09, 2012
Bugs: #396305
ID: 201207-06

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

A hash collision vulnerability in JRuby allows remote attackers to
cause a Denial of Service condition.

Background
==========

JRuby is a Java-based Ruby interpreter implementation.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-java/jruby < 1.6.5.1 >= 1.6.5.1

Description
===========

JRuby does not properly randomize hash functions to protect against
hash collision attacks.

Impact
======

A remote attacker could send a specially crafted input, possibly
resulting in a Denial of Service condition.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All JRuby users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-java/jruby-1.6.5.1"

References
==========

[ 1 ] CVE-2011-4838
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4838

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201207-06.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5




[ GLSA 201207-05 ] pidgin-otr: Arbitrary code execution
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201207-05
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: pidgin-otr: Arbitrary code execution
Date: July 09, 2012
Bugs: #416263
ID: 201207-05

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

A format string vulnerability in pidgin-otr may allow execution of
arbitrary code.

Background
==========

pidgin-otr messaging allows you to have private conversations over
instant messaging.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 x11-plugins/pidgin-otr < 3.2.1 >= 3.2.1

Description
===========

A format string vulnerability has been found in the "log_message_cb()"
function in otr-plugin.c.

Impact
======

A remote attacker could possibly execute arbitrary code with the
privileges of the process or cause a Denial of Service condition.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All pidgin-otr users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=x11-plugins/pidgin-otr-3.2.1"

References
==========

[ 1 ] CVE-2012-2369
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2369

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201207-05.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5




[ GLSA 201207-04 ] X.Org X Server: Privilege escalation
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201207-04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: X.Org X Server: Privilege escalation
Date: July 09, 2012
Bugs: #412609
ID: 201207-04

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

A format string vulnerability in X.Org X Server may allow local
privilege escalation or Denial of Service.

Background
==========

The X Window System is a graphical windowing system based on a
client/server model.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 x11-base/xorg-server < 1.11.4-r1 >= 1.11.4-r1
*>= 1.10.6-r1
*<= 1.9.5-r1

Description
===========

The "LogVHdrMessageVerb()" function in log.c contains a format string
vulnerability.

NOTE: Exposure to this vulnerability is reduced in Gentoo due to X.Org
X Server being built with "-D_FORTIFY_SOURCE=2" by default.

Impact
======

A local attacker could gain escalated privileges or cause a Denial of
Service condition.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All X.Org X Server 1.11.x users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=x11-base/xorg-server-1.11.4-r1"

All X.Org X Server 1.10.x users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=x11-base/xorg-server-1.10.6-r1"

X.Org X Server 1.9.x is not affected.

References
==========

[ 1 ] CVE-2012-2118
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2118

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201207-04.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5




[ GLSA 201207-03 ] ChaSen: User-assisted execution of arbitrary code
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201207-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: ChaSen: User-assisted execution of arbitrary code
Date: July 09, 2012
Bugs: #390769
ID: 201207-03

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

A buffer overflow vulnerability in ChaSen could result in the execution
of arbitrary code.

Background
==========

ChaSen is a Japanese morphological analysis system.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-text/chasen < 2.4.4-r2 >= 2.4.4-r2

Description
===========

An error in chalib.c of ChaSen could cause a buffer overflow.

Impact
======

A remote attacker could entice a user to open a specially crafted text
file using ChaSen or an application using the ChaSen libraries,
possibly resulting in execution of arbitrary code with the privileges
of the process or a Denial of Service condition.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All ChaSen users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/chasen-2.4.4-r2"

References
==========

[ 1 ] CVE-2011-4000
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4000

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201207-03.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5







Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/10_gentoo_updates.html)