14 Gentoo Security Updates
Posted on: 06/24/2012 09:19 AM

The following 14 updates has been released for Gentoo Linux: [ GLSA 201206-12 ] tftp-hpa: Remote buffer overflow, [ GLSA 201206-09 ] MediaWiki: Multiple vulnerabilites, [ GLSA 201206-10 ] ejabberd: Multiple Denial of Service vulnerabilities, [ GLSA 201206-11 ] Pidgin: Multiple vulnerabilities, [ GLSA 201206-08 ] Wicd: Multiple vulnerabilities, [ GLSA 201206-07 ] nginx: User-assisted execution of arbitrary code, [ GLSA 201206-17 ] virtualenv: Insecure temporary file usage, [ GLSA 201206-16 ] TagLib: Multiple vulnerabilities, [ GLSA 201206-15 ] libpng: Multiple vulnerabilities, [ GLSA 201206-14 ] Adobe Reader: Multiple vulnerabilities, [ GLSA 201206-21 ] Adobe Flash Player: Multiple vulnerabilities, [ GLSA 201206-20 ] gdk-pixbuf: Denial of Service, [ GLSA 201206-19 ] NVIDIA Drivers: Privilege escalation, and [ GLSA 201206-18 ] GnuTLS: Multiple vulnerabilities

[ GLSA 201206-12 ] tftp-hpa: Remote buffer overflow
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201206-12
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: tftp-hpa: Remote buffer overflow
Date: June 21, 2012
Bugs: #374001
ID: 201206-12

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

A vulnerability was found in tftp-hpa, which leads to remote execution
of arbitrary code.

Background
==========

tftp-hpa is the port of the OpenBSD TFTP server.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-ftp/tftp-hpa < 5.1 >= 5.1

Description
===========

A vulnerability has been discovered in tftp-hpa. Please review the CVE
identifier referenced below for details.

Impact
======

The vulnerability might allow remote attackers to execute arbitrary
code.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All tftp-hpa users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=net-ftp/tftp-hpa-5.1"

References
==========

[ 1 ] CVE-2011-2199
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2199

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201206-12.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5




[ GLSA 201206-09 ] MediaWiki: Multiple vulnerabilites
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201206-09
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: MediaWiki: Multiple vulnerabilites
Date: June 21, 2012
Bugs: #366685, #409513
ID: 201206-09

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities have been found in MediaWiki, the worst of
which leading to remote execution of arbitrary code.

Background
==========

The MediaWiki wiki web application as used on wikipedia.org.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-apps/mediawiki < 1.18.2 >= 1.18.2

Description
===========

Multiple vulnerabilities have been discovered in mediawiki. Please
review the CVE identifiers referenced below for details.

Impact
======

MediaWiki allows remote attackers to bypass authentication, to perform
imports from any wgImportSources wiki via a crafted POST request, to
conduct cross-site scripting (XSS) attacks or obtain sensitive
information, to inject arbitrary web script or HTML, to conduct
clickjacking attacks, to execute arbitrary PHP code, to inject
arbitrary web script or HTML, to bypass intended access restrictions
and to obtain sensitive information.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All MediaWiki users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=www-apps/mediawiki-1.18.2"

References
==========

[ 1 ] CVE-2010-2787
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2787
[ 2 ] CVE-2010-2788
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2788
[ 3 ] CVE-2010-2789
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2789
[ 4 ] CVE-2011-0003
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0003
[ 5 ] CVE-2011-0047
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0047
[ 6 ] CVE-2011-0537
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0537
[ 7 ] CVE-2011-1579
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1579
[ 8 ] CVE-2011-1580
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1580
[ 9 ] CVE-2011-1766
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1766
[ 10 ] CVE-2011-1766
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1766
[ 11 ] CVE-2012-1578
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1578
[ 12 ] CVE-2012-1579
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1579
[ 13 ] CVE-2012-1580
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1580
[ 14 ] CVE-2012-1581
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1581
[ 15 ] CVE-2012-1582
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1582

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201206-09.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5




[ GLSA 201206-10 ] ejabberd: Multiple Denial of Service vulnerabilities
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201206-10
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: ejabberd: Multiple Denial of Service vulnerabilities
Date: June 21, 2012
Bugs: #308047, #370201, #386075
ID: 201206-10

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities have been found in ejabberd, the worst of
which allowing for remote Denial of Service.

Background
==========

ejabberd is the Erlang jabber daemon.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-im/ejabberd < 2.1.9 >= 2.1.9

Description
===========

Multiple vulnerabilities have been discovered in ejabberd. Please
review the CVE identifiers referenced below for details.

Impact
======

ejabberd allows remote attackers to cause a Denial of Service condition
with the result of either crashing the daemon or the whole system by
causing memory and CPU consumption.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All ejabberd users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=net-im/ejabberd-2.1.9"

References
==========

[ 1 ] CVE-2010-0305
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0305
[ 2 ] CVE-2011-1753
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1753
[ 3 ] CVE-2011-4320
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4320

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201206-10.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5




[ GLSA 201206-11 ] Pidgin: Multiple vulnerabilities
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201206-11
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: Pidgin: Multiple vulnerabilities
Date: June 21, 2012
Bugs: #299751, #372785, #385073
ID: 201206-11

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities were found in Pidgin, the worst of which
allowing for the remote execution of arbitrary code.

Background
==========

Pidgin is an GTK Instant Messenger client.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-im/pidgin < 2.10.0-r1 >= 2.10.0-r1

Description
===========

Multiple vulnerabilities have been discovered in Pidgin. Please review
the CVE identifiers referenced below for details.

Impact
======

These vulnerabilities allow for arbitrary file retrieval, Denial of
Service and arbitrary code execution with the privileges of the user
running Pidgin.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All Pidgin users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=net-im/pidgin-2.10.0-r1"

References
==========

[ 1 ] CVE-2010-0013
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0013
[ 2 ] CVE-2011-2485
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2485
[ 3 ] CVE-2011-3594
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3594

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201206-11.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5




[ GLSA 201206-08 ] Wicd: Multiple vulnerabilities
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201206-08
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: Wicd: Multiple vulnerabilities
Date: June 21, 2012
Bugs: #401005, #411729
ID: 201206-08

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities have been found in Wicd, the worst of which
might allow execution of arbitrary code as root.

Background
==========

Wicd is an open source wired and wireless network manager for Linux.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-misc/wicd < 1.7.2.1 >= 1.7.2.1

Description
===========

Two vulnerabilities have been found in Wicd:

* Passwords and passphrases are written to /var/log/wicd
(CVE-2012-0813).
* Input from the daemon's D-Bus interface is not properly sanitized
(CVE-2012-2095).

Impact
======

A local attacker could gain privileges of the root user or obtain
sensitive information.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All Wicd users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/wicd-1.7.2.1"

References
==========

[ 1 ] CVE-2012-0813
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0813
[ 2 ] CVE-2012-2095
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2095

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201206-08.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5




[ GLSA 201206-07 ] nginx: User-assisted execution of arbitrary code
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201206-07
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: nginx: User-assisted execution of arbitrary code
Date: June 21, 2012
Bugs: #411751
ID: 201206-07

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

A buffer overflow vulnerability in nginx could result in the execution
of arbitrary code.

Background
==========

nginx is a robust, small, and high performance HTTP and reverse proxy
server.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-servers/nginx < 1.0.15 >= 1.0.15

Description
===========

An error in ngx_http_mp4_module.c could cause a buffer overflow.

NOTE: nginx must have been emerged with USE="nginx_modules_http_mp4" in
order to be affected by this vulnerability.

Impact
======

A remote attacker could entice a user to place a specially crafted MP4
file on the nginx server, possibly resulting in execution of arbitrary
code with the privileges of the process or a Denial of Service
condition.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All nginx users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=www-servers/nginx-1.0.15"

References
==========

[ 1 ] CVE-2012-2089
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2089

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201206-07.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5




[ GLSA 201206-17 ] virtualenv: Insecure temporary file usage
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201206-17
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: virtualenv: Insecure temporary file usage
Date: June 22, 2012
Bugs: #395285
ID: 201206-17

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

An insecure temporary file usage has been reported in virtualenv,
possibly allowing symlink attacks.

Background
==========

virtualenv is a virtual Python environment builder.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-python/virtualenv < 1.5.1 >= 1.5.1

Description
===========

The virtualenv.py script in virtualenv does not handle temporary files
securely.

Impact
======

A local attacker could perform symlink attacks to overwrite arbitrary
files with the privileges of the user running the application.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All virtualenv users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-python/virtualenv-1.5.1"

References
==========

[ 1 ] CVE-2011-4617
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4617

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201206-17.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5




[ GLSA 201206-16 ] TagLib: Multiple vulnerabilities
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201206-16
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: TagLib: Multiple vulnerabilities
Date: June 22, 2012
Bugs: #407673, #410953
ID: 201206-16

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities have been found in TagLib, possibly resulting
in Denial of Service.

Background
==========

TagLib is a library for reading and editing audio meta data.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 media-libs/taglib < 1.7.1 >= 1.7.1

Description
===========

Multiple vulnerabilities have been found in TagLib:

* The "analyzeCurrent()" function in ape/apeproperties.cpp contains a
division by zero error (CVE-2012-1107).
* The "parse()" function in inogg/xiphcomment.cpp contains an error
when processing the "vendorLength" field (CVE-2012-1108).
* The "mid()" function in toolkit/tbytevector.cpp contains an integer
overflow error (CVE-2012-1584).

Impact
======

A remote attacker could entice a user or automated system to open a
specially crafted OGG file with an application using TagLib, possibly
resulting in a Denial of Service condition.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All TagLib users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=media-libs/taglib-1.7.1"

Packages which depend on this library may need to be recompiled. Tools
such as revdep-rebuild may assist in identifying some of these
packages.

References
==========

[ 1 ] CVE-2012-1107
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1107
[ 2 ] CVE-2012-1108
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1108
[ 3 ] CVE-2012-1584
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1584

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201206-16.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5




[ GLSA 201206-15 ] libpng: Multiple vulnerabilities
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201206-15
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: libpng: Multiple vulnerabilities
Date: June 22, 2012
Bugs: #373967, #386185, #401987, #404197, #410153
ID: 201206-15

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities in libpng might allow remote attackers to
execute arbitrary code or cause a Denial of Service condition.

Background
==========

libpng is a standard library used to process PNG (Portable Network
Graphics) images. It is used by several programs, including web
browsers and potentially server processes.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 media-libs/libpng < 1.5.10 >= 1.5.10
*>= 1.2.49

Description
===========

Multiple vulnerabilities have been discovered in libpng:

* The "embedded_profile_len()" function in pngwutil.c does not check
for negative values, resulting in a memory leak (CVE-2009-5063).
* The "png_format_buffer()" function in pngerror.c contains an
off-by-one error (CVE-2011-2501).
* The "png_rgb_to_gray()" function in pngrtran.c contains an integer
overflow error (CVE-2011-2690).
* The "png_err()" function in pngerror.c contains a NULL pointer
dereference error (CVE-2011-2691).
* The "png_handle_sCAL()" function in pngrutil.c improperly handles
malformed sCAL chunks(CVE-2011-2692).
* The "png_decompress_chunk()" function in pngrutil.c contains an
integer overflow error (CVE-2011-3026).
* The "png_inflate()" function in pngrutil.c contains and out of bounds
error (CVE-2011-3045).
* The "png_set_text_2()" function in pngset.c contains an error which
could result in memory corruption (CVE-2011-3048).
* The "png_formatted_warning()" function in pngerror.c contains an
off-by-one error (CVE-2011-3464).

Impact
======

An attacker could exploit these vulnerabilities to execute arbitrary
code with the permissions of the user running the vulnerable program,
which could be the root user, or to cause programs linked against the
library to crash.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All libpng 1.5 users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=media-libs/libpng-1.5.10"

All libpng 1.2 users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=media-libs/libpng-1.2.49"

Packages which depend on this library may need to be recompiled. Tools
such as revdep-rebuild may assist in identifying some of these
packages.

References
==========

[ 1 ] CVE-2009-5063
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-5063
[ 2 ] CVE-2011-2501
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2501
[ 3 ] CVE-2011-2690
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2690
[ 4 ] CVE-2011-2691
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2691
[ 5 ] CVE-2011-2692
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2692
[ 6 ] CVE-2011-3026
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3026
[ 7 ] CVE-2011-3045
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3045
[ 8 ] CVE-2011-3048
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3048
[ 9 ] CVE-2011-3464
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3464

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201206-15.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5




[ GLSA 201206-14 ] Adobe Reader: Multiple vulnerabilities
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201206-14
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Adobe Reader: Multiple vulnerabilities
Date: June 22, 2012
Bugs: #405949, #411499
ID: 201206-14

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities in Adobe Reader might allow remote attackers
to execute arbitrary code or conduct various other attacks.

Background
==========

Adobe Reader is a closed-source PDF reader.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-text/acroread < 9.5.1 >= 9.5.1

Description
===========

Multiple vulnerabilities have been found in Adobe Reader, including an
integer overflow in TrueType Font handling (CVE-2012-0774) and multiple
unspecified errors which could cause memory corruption.

Impact
======

A remote attacker could entice a user to open a specially crafted PDF
file, possibly resulting in execution of arbitrary code with the
privileges of the process or a Denial of Service condition.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All Adobe Reader users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/acroread-9.5.1"

References
==========

[ 1 ] CVE-2011-4370
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4370
[ 2 ] CVE-2011-4371
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4371
[ 3 ] CVE-2011-4372
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4372
[ 4 ] CVE-2011-4373
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4373
[ 5 ] CVE-2012-0774
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0774
[ 6 ] CVE-2012-0775
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0775
[ 7 ] CVE-2012-0776
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0776
[ 8 ] CVE-2012-0777
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0777

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201206-14.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5




[ GLSA 201206-21 ] Adobe Flash Player: Multiple vulnerabilities
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201206-21
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Adobe Flash Player: Multiple vulnerabilities
Date: June 23, 2012
Bugs: #414603, #420311
ID: 201206-21

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities have been found in Adobe Flash Player could
result in the execution of arbitrary code or Denial of Service.

Background
==========

The Adobe Flash Player is a renderer for the SWF file format, which is
commonly used to provide interactive websites.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-plugins/adobe-flash < 11.2.202.236 >= 11.2.202.236

Description
===========

Multiple vulnerabilities have been discovered in Adobe Flash Player.
Please review the CVE identifiers referenced below for details.

Impact
======

A remote attacker could entice a user to open a specially crafted SWF
file, possibly resulting in execution of arbitrary code with the
privileges of the process or a Denial of Service condition.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All Adobe Flash Player users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.236"

References
==========

[ 1 ] CVE-2012-0779
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0779
[ 2 ] CVE-2012-2034
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2034
[ 3 ] CVE-2012-2035
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2035
[ 4 ] CVE-2012-2036
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2036
[ 5 ] CVE-2012-2037
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2037
[ 6 ] CVE-2012-2038
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2038
[ 7 ] CVE-2012-2039
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2039
[ 8 ] CVE-2012-2040
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2040

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201206-21.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5




[ GLSA 201206-20 ] gdk-pixbuf: Denial of Service
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201206-20
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: gdk-pixbuf: Denial of Service
Date: June 23, 2012
Bugs: #373999, #412033
ID: 201206-20

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities in gdk-pixbuf may create a Denial of Service
condition.

Background
==========

gdk-pixbuf is an image loading library for GTK+.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 x11-libs/gdk-pixbuf < 2.24.1-r1 >= 2.24.1-r1

Description
===========

Two vulnerabilities have been found in gdk-pixbuf:

* The "gdk_pixbuf__gif_image_load()" function in io-gif.c fails to
properly handle certain return values from subroutines
(CVE-2011-2485).
* The "read_bitmap_file_data()" function in io-xbm.c contains an
integer overflow error (CVE-2012-2370).

Impact
======

A remote attacker could entice a user to open a specially crafted image
in an application linked against gdk-pixbuf, possibly resulting in
Denial of Service.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All gdk-pixbuf users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=x11-libs/gdk-pixbuf-2.24.1-r1"

Packages which depend on this library may need to be recompiled. Tools
such as revdep-rebuild may assist in identifying some of these
packages.

References
==========

[ 1 ] CVE-2011-2485
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2485
[ 2 ] CVE-2012-2370
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2370

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201206-20.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5




[ GLSA 201206-19 ] NVIDIA Drivers: Privilege escalation
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201206-19
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: NVIDIA Drivers: Privilege escalation
Date: June 23, 2012
Bugs: #411617
ID: 201206-19

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

A vulnerability in NVIDIA drivers may allow a local attacker to gain
escalated privileges.

Background
==========

The NVIDIA drivers provide X11 and GLX support for NVIDIA graphic
boards.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 x11-drivers/nvidia-drivers
< 295.40 >= 295.40

Description
===========

A vulnerability has been found in the way NVIDIA drivers handle
read/write access to GPU device nodes, allowing access to arbitrary
system memory locations.

NOTE: Exposure to this vulnerability is reduced in Gentoo due to 660
permissions being used on the GPU device nodes by default.

Impact
======

A local attacker could gain escalated privileges.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All NVIDIA driver users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot -v ">=x11-drivers/nvidia-drivers-295.40"

References
==========

[ 1 ] CVE-2012-0946
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0946

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201206-19.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5




[ GLSA 201206-18 ] GnuTLS: Multiple vulnerabilities
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201206-18
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: GnuTLS: Multiple vulnerabilities
Date: June 23, 2012
Bugs: #281224, #292025, #389947, #409287
ID: 201206-18

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities have been found in GnuTLS, allowing a remote
attacker to perform man-in-the-middle or Denial of Service attacks.

Background
==========

GnuTLS is an Open Source implementation of the TLS 1.2 and SSL 3.0
protocols.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/gnutls < 2.12.18 >= 2.12.18

Description
===========

Multiple vulnerabilities have been found in GnuTLS:

* An error in libgnutls does not properly sanitize "\0" characters from
certificate fields (CVE-2009-2730).
* An error in the TLS and SSL protocols mistreats renegotiation
handshakes (CVE-2009-3555).
* A boundary error in the "gnutls_session_get_data()" function in
gnutls_session.c could cause a buffer overflow (CVE-2011-4128).
* An error in the "_gnutls_ciphertext2compressed()" function in
gnutls_cipher.c could cause memory corruption (CVE-2012-1573).

Impact
======

A remote attacker could perform man-in-the-middle attacks to spoof
arbitrary SSL servers or cause a Denial of Service condition in
applications linked against GnuTLS.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All GnuTLS users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/gnutls-2.12.18"

References
==========

[ 1 ] CVE-2009-2730
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2730
[ 2 ] CVE-2009-3555
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3555
[ 3 ] CVE-2011-4128
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4128
[ 4 ] CVE-2012-1573
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1573

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201206-18.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5







Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/14_gentoo_security_updates.html)