15 Updates for Gentoo
Posted on: 06/27/2012 08:10 AM

15 updates has been released for Gentoo Linux: [ GLSA 201206-27 ] mini_httpd: Arbitrary code execution, [ GLSA 201206-26 ] RPM: Multiple vulnerabilities, [ GLSA 201206-25 ] Apache HTTP Server: Multiple vulnerabilities, [ GLSA 201206-24 ] Apache Tomcat: Multiple vulnerabilities, [ GLSA 201206-23 ] PyCrypto: Weak key generation, [ GLSA 201206-22 ] Samba: Multiple vulnerabilities, [ GLSA 201206-36 ] logrotate: Multiple vulnerabilities, [ GLSA 201206-35 ] nbd: Multiple vulnerabilities, [ GLSA 201206-34 ] msmtp: X.509 NULL spoofing vulnerability, [ GLSA 201206-33 ] Postfix: Multiple vulnerabilities, [ GLSA 201206-32 ] Links: SSL verification vulnerability, [ GLSA 201206-31 ] Linux-PAM: Multiple vulnerabilities, [ GLSA 201206-30 ] sendmail: X.509 NULL spoofing vulnerability, [ GLSA 201206-29 ] mount-cifs: Multiple vulnerabilites, and [ GLSA 201206-28 ] TeX Live: Multiple vulnerabilities

[ GLSA 201206-27 ] mini_httpd: Arbitrary code execution
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201206-27
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: mini_httpd: Arbitrary code execution
Date: June 24, 2012
Bugs: #303755
ID: 201206-27

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

A vulnerability in mini_httpd could allow remote attackers to execute
arbitrary code.

Background
==========

mini_httpd is a small webserver with optional SSL and IPv6 support.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-servers/mini_httpd *<= 1.19 Vulnerable!
-------------------------------------------------------------------
NOTE: Certain packages are still vulnerable. Users should migrate
to another package if one is available or wait for the
existing packages to be marked stable by their
architecture maintainers.

Description
===========

mini_httpd does not properly check for shell escapes when parsing HTTP
requests.

Impact
======

A remote attacker could send specially crafted HTTP requests, possibly
resulting in execution of arbitrary code with the privileges of the
process, or allowing for overwriting of files.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

Gentoo discontinued support for mini_httpd. We recommend that users
unmerge mini_httpd:

# emerge --unmerge "www-servers/mini_httpd"

References
==========

[ 1 ] CVE-2009-4490
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4490

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201206-27.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5




[ GLSA 201206-26 ] RPM: Multiple vulnerabilities
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201206-26
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: RPM: Multiple vulnerabilities
Date: June 24, 2012
Bugs: #335880, #384967, #410949
ID: 201206-26

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities have been found in RPM, possibly allowing
local attackers to gain elevated privileges or remote attackers to
execute arbitrary code.

Background
==========

The Red Hat Package Manager (RPM) is a command line driven package
management system capable of installing, uninstalling, verifying,
querying, and updating computer software packages.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-arch/rpm < 4.9.1.3 >= 4.9.1.3

Description
===========

Multiple vulnerabilities have been found in RPM:

* fsm.c fails to properly strip setuid and setgid bits from executable
files during a package upgrade (CVE-2010-2059).
* RPM does not properly parse spec files (CVE-2010-2197).
* fsm.c fails to properly strip POSIX file capabilities from executable
files during a package upgrade or removal (CVE-2010-2198).
* fsm.c fails to properly strip POSIX ACLs from executable files during
a package upgrade or removal (CVE-2010-2199).
* header.c does not properly parse region offsets in package files
(CVE-2011-3378).
* RPM does not properly sanitize region tags in package headers
(CVE-2012-0060).
* RPM does not properly sanitize region sizes in package headers
(CVE-2012-0061).
* RPM does not properly sanitize region offsets in package
headers(CVE-2012-0815).

Impact
======

A local attacker may be able to gain elevated privileges. Furthermore,
a remote attacker could entice a user to open a specially crafted RPM
package, possibly resulting in execution of arbitrary code with the
privileges of the process or a Denial of Service condition.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All RPM users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=app-arch/rpm-4.9.1.3"

References
==========

[ 1 ] CVE-2010-2059
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2059
[ 2 ] CVE-2010-2197
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2197
[ 3 ] CVE-2010-2198
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2198
[ 4 ] CVE-2010-2199
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2199
[ 5 ] CVE-2011-3378
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3378
[ 6 ] CVE-2012-0060
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0060
[ 7 ] CVE-2012-0061
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0061
[ 8 ] CVE-2012-0815
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0815

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201206-26.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5




[ GLSA 201206-25 ] Apache HTTP Server: Multiple vulnerabilities
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201206-25
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: Apache HTTP Server: Multiple vulnerabilities
Date: June 24, 2012
Bugs: #308049, #330195, #380475, #382971, #385859, #389353,
#392189, #398761, #401081, #412481
ID: 201206-25

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities were found in Apache HTTP Server.

Background
==========

Apache HTTP Server is one of the most popular web servers on the
Internet.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-servers/apache < 2.2.22-r1 >= 2.2.22-r1

Description
===========

Multiple vulnerabilities have been discovered in Apache HTTP Server.
Please review the CVE identifiers referenced below for details.

Impact
======

A remote attacker might obtain sensitive information, gain privileges,
send requests to unintended servers behind proxies, bypass certain
security restrictions, obtain the values of HTTPOnly cookies, or cause
a Denial of Service in various ways.

A local attacker could gain escalated privileges.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All Apache HTTP Server users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=www-servers/apache-2.2.22-r1"

References
==========

[ 1 ] CVE-2010-0408
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0408
[ 2 ] CVE-2010-0434
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0434
[ 3 ] CVE-2010-1452
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1452
[ 4 ] CVE-2010-2791
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2791
[ 5 ] CVE-2011-3192
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3192
[ 6 ] CVE-2011-3348
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3348
[ 7 ] CVE-2011-3368
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3368
[ 8 ] CVE-2011-3607
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3607
[ 9 ] CVE-2011-4317
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4317
[ 10 ] CVE-2012-0021
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0021
[ 11 ] CVE-2012-0031
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0031
[ 12 ] CVE-2012-0053
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0053
[ 13 ] CVE-2012-0883
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0883

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201206-25.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5




[ GLSA 201206-24 ] Apache Tomcat: Multiple vulnerabilities
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201206-24
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Apache Tomcat: Multiple vulnerabilities
Date: June 24, 2012
Bugs: #272566, #273662, #303719, #320963, #329937, #373987,
#374619, #382043, #386213, #396401, #399227
ID: 201206-24

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities were found in Apache Tomcat, the worst of
which allowing to read, modify and overwrite arbitrary files.

Background
==========

Apache Tomcat is a Servlet-3.0/JSP-2.2 Container.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-servers/tomcat *< 5.5.34 *>= 6.0.35
*< 6.0.35 >= 7.0.23
< 7.0.23

Description
===========

Multiple vulnerabilities have been discovered in Apache Tomcat. Please
review the CVE identifiers referenced below for details.

Impact
======

The vulnerabilities allow an attacker to cause a Denial of Service, to
hijack a session, to bypass authentication, to inject webscript, to
enumerate valid usernames, to read, modify and overwrite arbitrary
files, to bypass intended access restrictions, to delete work-directory
files, to discover the server's hostname or IP, to bypass read
permissions for files or HTTP headers, to read or write files outside
of the intended working directory, and to obtain sensitive information
by reading a log file.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All Apache Tomcat 6.0.x users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=www-servers/tomcat-6.0.35"

All Apache Tomcat 7.0.x users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=www-servers/tomcat-7.0.23"

References
==========

[ 1 ] CVE-2008-5515
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5515
[ 2 ] CVE-2009-0033
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0033
[ 3 ] CVE-2009-0580
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0580
[ 4 ] CVE-2009-0781
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0781
[ 5 ] CVE-2009-0783
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0783
[ 6 ] CVE-2009-2693
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2693
[ 7 ] CVE-2009-2901
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2901
[ 8 ] CVE-2009-2902
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2902
[ 9 ] CVE-2010-1157
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1157
[ 10 ] CVE-2010-2227
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2227
[ 11 ] CVE-2010-3718
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3718
[ 12 ] CVE-2010-4172
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4172
[ 13 ] CVE-2010-4312
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4312
[ 14 ] CVE-2011-0013
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0013
[ 15 ] CVE-2011-0534
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0534
[ 16 ] CVE-2011-1088
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1088
[ 17 ] CVE-2011-1183
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1183
[ 18 ] CVE-2011-1184
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1184
[ 19 ] CVE-2011-1419
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1419
[ 20 ] CVE-2011-1475
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1475
[ 21 ] CVE-2011-1582
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1582
[ 22 ] CVE-2011-2204
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2204
[ 23 ] CVE-2011-2481
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2481
[ 24 ] CVE-2011-2526
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2526
[ 25 ] CVE-2011-2729
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2729
[ 26 ] CVE-2011-3190
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3190
[ 27 ] CVE-2011-3375
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3375
[ 28 ] CVE-2011-4858
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4858
[ 29 ] CVE-2011-5062
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5062
[ 30 ] CVE-2011-5063
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5063
[ 31 ] CVE-2011-5064
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5064
[ 32 ] CVE-2012-0022
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0022

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201206-24.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5




[ GLSA 201206-23 ] PyCrypto: Weak key generation
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201206-23
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: PyCrypto: Weak key generation
Date: June 24, 2012
Bugs: #417625
ID: 201206-23

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

PyCrypto generates weak ElGamal keys.

Background
==========

PyCrypto is the Python Cryptography Toolkit.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-python/pycrypto < 2.6 >= 2.6

Description
===========

An error in the generate() function in ElGamal.py causes PyCrypto to
generate weak ElGamal keys.

Impact
======

A remote attacker might be able to derive private keys.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All PyCrypto users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-python/pycrypto-2.6"

References
==========

[ 1 ] CVE-2012-2417
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2417

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201206-23.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5




[ GLSA 201206-22 ] Samba: Multiple vulnerabilities
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201206-22
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: Samba: Multiple vulnerabilities
Date: June 24, 2012
Bugs: #290633, #310105, #323785, #332063, #337295, #356917,
#382263, #386375, #405551, #411487, #414319
ID: 201206-22

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities have been found in Samba, the worst of which
may allow execution of arbitrary code with root privileges.

Background
==========

Samba is a suite of SMB and CIFS client/server programs.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-fs/samba < 3.5.15 >= 3.5.15

Description
===========

Multiple vulnerabilities have been discovered in Samba. Please review
the CVE identifiers referenced below for details.

Impact
======

A remote attacker could possibly execute arbitrary code with root
privileges, cause a Denial of Service condition, take ownership of
shared files, or bypass file permissions. Furthermore, a local attacker
may be able to cause a Denial of Service condition or obtain sensitive
information in a Samba credentials file.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All Samba users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=net-fs/samba-3.5.15"

References
==========

[ 1 ] CVE-2009-2906
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2906
[ 2 ] CVE-2009-2948
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2948
[ 3 ] CVE-2010-0728
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0728
[ 4 ] CVE-2010-1635
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1635
[ 5 ] CVE-2010-1642
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1642
[ 6 ] CVE-2010-2063
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2063
[ 7 ] CVE-2010-3069
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3069
[ 8 ] CVE-2011-0719
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0719
[ 9 ] CVE-2011-1678
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1678
[ 10 ] CVE-2011-2724
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2724
[ 11 ] CVE-2012-0870
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0870
[ 12 ] CVE-2012-1182
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1182
[ 13 ] CVE-2012-2111
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2111

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201206-22.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5




[ GLSA 201206-36 ] logrotate: Multiple vulnerabilities
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201206-36
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: logrotate: Multiple vulnerabilities
Date: June 25, 2012
Bugs: #356811, #372973
ID: 201206-36

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities were found in logrotate, which could lead to
arbitrary system command execution.

Background
==========

logrotate rotates, compresses, and mails system logs.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-admin/logrotate < 3.8.0 >= 3.8.0

Description
===========

Multiple vulnerabilities have been discovered in logrotate. Please
review the CVE identifiers referenced below for details.

Impact
======

A local attacker could use this flaw to truncate arbitrary system file,
to change file owner or mode on arbitrary system files, to conduct
symlink attacks and send arbitrary system files, to execute arbitrary
system commands, to cause abort in subsequent logrotate runs, to
disclose sensitive information, to execute arbitrary code or cause a
Denial of Service condition.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All logrotate users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=app-admin/logrotate-3.8.0"

References
==========

[ 1 ] CVE-2011-1098
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1098
[ 2 ] CVE-2011-1154
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1154
[ 3 ] CVE-2011-1155
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1155
[ 4 ] CVE-2011-1549
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1549

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201206-36.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5




[ GLSA 201206-35 ] nbd: Multiple vulnerabilities
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201206-35
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: nbd: Multiple vulnerabilities
Date: June 25, 2012
Bugs: #353097, #372891
ID: 201206-35

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities were found in nbd, which could lead to remote
execution of arbitrary code.

Background
==========

nbd is a userland client/server for kernel network block device.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 sys-block/nbd < 2.9.22 >= 2.9.22

Description
===========

Multiple vulnerabilities have been discovered in nbd. Please review the
CVE identifiers referenced below for details.

Impact
======

nbd allows remote attackers to cause a denial of service (NULL pointer
dereference and crash) or the execution of arbitrary code.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All nbd users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=sys-block/nbd-2.9.22"

References
==========

[ 1 ] CVE-2011-0530
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0530
[ 2 ] CVE-2011-1925
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1925

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201206-35.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5




[ GLSA 201206-34 ] msmtp: X.509 NULL spoofing vulnerability
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201206-34
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: msmtp: X.509 NULL spoofing vulnerability
Date: June 25, 2012
Bugs: #293647
ID: 201206-34

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

An error in the hostname matching in msmtp might enable remote
attackers to conduct man-in-the-middle attacks.

Background
==========

msmtp is an SMTP client and SMTP plugin for mail user agents such as
Mutt.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 mail-mta/msmtp < 1.4.19 >= 1.4.19

Description
===========

A vulnerability have been discovered in msmtp. Please review the CVE
identifier referenced below for details.

Impact
======

A remote attacker might employ a specially crafted certificate to
conduct man-in-the-middle attacks on SSL connections made using msmtp.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All msmtp users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=mail-mta/msmtp-1.4.19"

References
==========

[ 1 ] CVE-2009-3942
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3942

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201206-34.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5




[ GLSA 201206-33 ] Postfix: Multiple vulnerabilities
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201206-33
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: Postfix: Multiple vulnerabilities
Date: June 25, 2012
Bugs: #358085, #366605
ID: 201206-33

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

A vulnerability has been found in Postfix, the worst of which possibly
allowing remote code execution.

Background
==========

Postfix is Wietse Venema’s mailer that attempts to be fast, easy to
administer, and secure, as an alternative to the widely-used Sendmail
program.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 mail-mta/postfix < 2.7.4 >= 2.7.4

Description
===========

A vulnerability have been discovered in Postfix. Please review the CVE
identifier referenced below for details.

Impact
======

An attacker could perform a man-in-the-middle attack and inject SMTP
commands during the plaintext to TLS session switch or might execute
arbitrary code.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All Postfix users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=mail-mta/postfix-2.7.4"

References
==========

[ 1 ] CVE-2011-0411
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0411
[ 2 ] CVE-2011-1720
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1720

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201206-33.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5




[ GLSA 201206-32 ] Links: SSL verification vulnerability
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201206-32
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Links: SSL verification vulnerability
Date: June 25, 2012
Bugs: #253847, #411493
ID: 201206-32

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

An error in the verification of SSL certificates in Links might enable
remote attackers to conduct man-in-the-middle attacks.

Background
==========

Links is a fast lightweight text and graphic web-browser.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-client/links < 2.6 >= 2.6

Description
===========

A SSL verification vulnerability and two unspecified vulnerabilities
have been discovered in Links. Please review the Secunia Advisory
referenced below for details.

Impact
======

An attacker might conduct man-in-the-middle attacks. The unspecified
errors could allow for out-of-bounds reads and writes.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All Links users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/links-2.6"

References
==========

[ 1 ] Secunia Advisory SA33391
http://secunia.com/Advisories/33391/

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201206-32.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5




[ GLSA 201206-31 ] Linux-PAM: Multiple vulnerabilities
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201206-31
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: Linux-PAM: Multiple vulnerabilities
Date: June 25, 2012
Bugs: #343399, #386273, #388431
ID: 201206-31

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities have been found in Linux-PAM, allowing local
attackers to possibly gain escalated privileges, cause a Denial of
Service, corrupt data, or obtain sensitive information.

Background
==========

Linux-PAM (Pluggable Authentication Modules) is an architecture
allowing the separation of the development of privilege granting
software from the development of secure and appropriate authentication
schemes.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 sys-libs/pam < 1.1.5 >= 1.1.5

Description
===========

Multiple vulnerabilities have been discovered in Linux-PAM. Please
review the CVE identifiers referenced below for details.

Impact
======

A local attacker could use specially crafted files to cause a buffer
overflow, possibly resulting in privilege escalation or Denial of
Service. Furthermore, a local attacker could execute specially crafted
programs or symlink attacks, possibly resulting in data loss or
disclosure of sensitive information.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All Linux-PAM users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=sys-libs/pam-1.1.5"

NOTE: This is a legacy GLSA. Updates for all affected architectures are
available since November 25, 2011. It is likely that your system is
already no longer affected by this issue.

References
==========

[ 1 ] CVE-2010-3316
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3316
[ 2 ] CVE-2010-3430
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3430
[ 3 ] CVE-2010-3431
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3431
[ 4 ] CVE-2010-3435
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3435
[ 5 ] CVE-2010-3853
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3853
[ 6 ] CVE-2010-4706
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4706
[ 7 ] CVE-2010-4707
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4707
[ 8 ] CVE-2010-4708
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4708
[ 9 ] CVE-2011-3148
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3148
[ 10 ] CVE-2011-3149
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3149

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201206-31.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5




[ GLSA 201206-30 ] sendmail: X.509 NULL spoofing vulnerability
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201206-30
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: sendmail: X.509 NULL spoofing vulnerability
Date: June 25, 2012
Bugs: #299120
ID: 201206-30

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

An error in the hostname matching in sendmail might enable remote
attackers to conduct man-in-the-middle attacks.

Background
==========

sendmail is a widely-used Mail Transport Agent (MTA).

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 mail-mta/sendmail < 8.14.4 >= 8.14.4

Description
===========

A vulnerability has been discovered in sendmail. Please review the CVE
identifier referenced below for details.

Impact
======

A remote attacker might employ a specially crafted certificate to
conduct man-in-the-middle attacks on SSL connections made using
sendmail.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All sendmail users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=mail-mta/sendmail-8.14.4"

References
==========

[ 1 ] CVE-2009-4565
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4565

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201206-30.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5




[ GLSA 201206-29 ] mount-cifs: Multiple vulnerabilites
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201206-29
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: mount-cifs: Multiple vulnerabilites
Date: June 25, 2012
Bugs: #308067
ID: 201206-29

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities were found in mount-cifs, the worst of which
leading to privilege escalation.

Background
==========

mount-cifs is the cifs filesystem mount helper split from Samba.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-fs/mount-cifs < 3.4.6 >= 3.4.6

Description
===========

Multiple vulnerabilities have been discovered in mount-cifs. Please
review the CVE identifiers referenced below for details.

Impact
======

The vulnerabilities allow local users to cause a denial of service
(mtab corruption) via a crafted string. Also, local users could mount a
CIFS share on an arbitrary mountpoint, and gain privileges via a
symlink attack on the mountpoint directory file.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All mount-cifs users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=net-fs/mount-cifs-3.4.6"

References
==========

[ 1 ] CVE-2010-0547
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0547
[ 2 ] CVE-2010-0787
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0787

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201206-29.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5




[ GLSA 201206-28 ] TeX Live: Multiple vulnerabilities
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201206-28
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: TeX Live: Multiple vulnerabilities
Date: June 25, 2012
Bugs: #264598, #324019
ID: 201206-28

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities were found in texlive-core, allowing attackers
to execute arbitrary code.

Background
==========

TeX Live is a complete TeX distribution.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-text/texlive-core < 2009-r2 >= 2009-r2

Description
===========

Multiple vulnerabilities have been discovered in texlive-core. Please
review the CVE identifiers referenced below for details.

Impact
======

These vulnerabilities might allow user-assisted remote attackers to
execute arbitrary code via a specially-crafted DVI file, or cause a
Denial of Service.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All texlive-core users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/texlive-core-2009-r2"

References
==========

[ 1 ] CVE-2009-1284
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1284
[ 2 ] CVE-2010-0739
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0739
[ 3 ] CVE-2010-0827
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0827
[ 4 ] CVE-2010-1440
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1440

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201206-28.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5







Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/15_updates_for_gentoo.html)