Gentoo 2478 Published by

The following 12 Gentoo updates has been released: [ GLSA 201203-12 ] OpenSSL: Multiple vulnerabilities, [ GLSA 201203-11 ] usbmuxd: User-assisted execution of arbitrary code, [ GLSA 201203-10 ] libmikmod: User-assisted execution of arbitrary code, [ GLSA 201203-09 ] ImageMagick: User-assisted execution of arbitrary code, [ GLSA 201203-08 ] libxslt: Denial of Service, [ GLSA 201203-07 ] foomatic-filters: User-assisted execution of arbitrary code, [ GLSA 201203-06 ] sudo: Privilege escalation, [ GLSA 201203-05 ] Rack: Denial of Service, [ GLSA 201203-04 ] libxml2: Denial of Service, [ GLSA 201203-03 ] Puppet: Multiple vulnerabilities, [ GLSA 201203-01 ] spamdyke: Arbitrary code execution, and [ GLSA 201203-02 ] cURL: Multiple vulnerabilities



[ GLSA 201203-12 ] OpenSSL: Multiple vulnerabilities
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201203-12
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: OpenSSL: Multiple vulnerabilities
Date: March 06, 2012
Bugs: #397695, #399365
ID: 201203-12

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities have been found in OpenSSL, allowing remote
attackers to cause a Denial of Service or obtain sensitive information.

Background
==========

OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer
(SSL v2/v3) and Transport Layer Security (TLS v1) as well as a general
purpose cryptography library.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/openssl < 1.0.0g *>= 0.9.8t
>= 1.0.0g

Description
===========

Multiple vulnerabilities have been found in OpenSSL:

* Timing differences for decryption are exposed by CBC mode encryption
in OpenSSL's implementation of DTLS (CVE-2011-4108).
* A policy check failure can result in a double-free error when
X509_V_FLAG_POLICY_CHECK is set (CVE-2011-4109).
* Clients and servers using SSL 3.0 handshakes do not clear the block
cipher padding, allowing a record to contain up to 15 bytes of
uninitialized memory, which could include sensitive information
(CVE-2011-4576).
* Assertion errors can occur during the handling of malformed X.509
certificates when OpenSSL is built with RFC 3779 support
(CVE-2011-4577).
* A resource management error can occur when OpenSSL's server gated
cryptography (SGC) does not properly handle handshake restarts
(CVE-2011-4619).
* Invalid parameters in the GOST block cipher are not properly handled
by the GOST ENGINE(CVE-2012-0027).
* An incorrect fix for CVE-2011-4108 creates an unspecified
vulnerability for DTLS applications using OpenSSL (CVE-2012-0050).

Impact
======

A remote attacker may be able to cause a Denial of Service or obtain
sensitive information, including plaintext passwords.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All OpenSSL users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.0g"

References
==========

[ 1 ] CVE-2011-4108
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4108
[ 2 ] CVE-2011-4109
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4109
[ 3 ] CVE-2011-4576
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4576
[ 4 ] CVE-2011-4577
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4577
[ 5 ] CVE-2011-4619
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4619
[ 6 ] CVE-2012-0027
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0027
[ 7 ] CVE-2012-0050
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0050

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201203-12.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5



[ GLSA 201203-11 ] usbmuxd: User-assisted execution of arbitrary code
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201203-11
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: usbmuxd: User-assisted execution of arbitrary code
Date: March 06, 2012
Bugs: #399409
ID: 201203-11

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

A buffer overflow vulnerability in usbmuxd could result in the
execution of arbitrary code.

Background
==========

usbmuxd is a USB multiplex daemon for use with Apple iPhone and iPod
Touch devices.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-pda/usbmuxd < 1.0.7-r1 >= 1.0.7-r1

Description
===========

The "receive_packet()" function in libusbmuxd.c contains a boundary
error when parsing the "SerialNumber" field of a USB device, which
could cause a heap-based buffer overflow.

Impact
======

An attacker could gain physical access or entice a user to connect to a
malicious USB device, possibly resulting in execution of arbitrary code
with the privileges of the "usbmux" user.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All usbmuxd users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=app-pda/usbmuxd-1.0.7-r1"

References
==========

[ 1 ] CVE-2012-0065
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0065

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201203-11.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5



[ GLSA 201203-10 ] libmikmod: User-assisted execution of arbitrary code
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201203-10
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: libmikmod: User-assisted execution of arbitrary code
Date: March 06, 2012
Bugs: #335892
ID: 201203-10

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple buffer overflow vulnerabilities in libmikmod may allow an
attacker to execute arbitrary code or cause a Denial of Service
condition.

Background
==========

libmikmod is a library to play a wide range of module formats.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 media-libs/libmikmod < 3.2.0_beta2-r3 >= 3.2.0_beta2-r3
*>= 3.1.12-r1

Description
===========

Multiple boundary errors have been found in load_it.c in libmikmod,
which may cause a buffer overflow.

Impact
======

A remote attacker could entice a user to open specially crafted files
in an application linked against libmikmod, possibly resulting in
execution of arbitrary code with the permissions of the user running
the application, or Denial of Service.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All libmikmod 3.2 users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot -v ">=media-libs/libmikmod-3.2.0_beta2-r3"

All libmikmod 3.1 users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=media-libs/libmikmod-3.1.12-r1"

Packages which depend on this library may need to be recompiled. Tools
such as revdep-rebuild may assist in identifying some of these
packages.

References
==========

[ 1 ] CVE-2010-2546
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2546
[ 2 ] CVE-2010-2971
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2971

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201203-10.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5



[ GLSA 201203-09 ] ImageMagick: User-assisted execution of arbitrary code
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201203-09
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: ImageMagick: User-assisted execution of arbitrary code
Date: March 06, 2012
Bugs: #402999
ID: 201203-09

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Vulnerabilities found in ImageMagick might allow remote attackers to
execute arbitrary code.

Background
==========

ImageMagick is a collection of tools and libraries for manipulating
various image formats.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 media-gfx/imagemagick < 6.7.5.3 >= 6.7.5.3

Description
===========

Two vulnerabilities have been found in ImageMagick:

* Incorrect offset and count values in the ResolutionUnit tag in EXIF
IFD could cause memory corruption (CVE-2012-0247).
* IOP tag offsets pointing to the beginning of an IFD could cause an
infinite loop of ImageMagick parsing the IFD structure
(CVE-2012-0248).

Impact
======

A remote attacker could entice a user to open a specially crafted
image, possibly resulting in execution of arbitrary code or a Denial of
Service condition.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All ImageMagick users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=media-gfx/imagemagick-6.7.5.3"

References
==========

[ 1 ] CVE-2012-0247
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0247
[ 2 ] CVE-2012-0248
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0248

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201203-09.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5



[ GLSA 201203-08 ] libxslt: Denial of Service
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201203-08
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: libxslt: Denial of Service
Date: March 06, 2012
Bugs: #402861
ID: 201203-08

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

A vulnerability in libxslt could result in Denial of Service.

Background
==========

libxslt is the XSLT C library developed for the GNOME project. XSLT is
an XML language to define transformations for XML.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/libxslt < 1.1.26-r3 >= 1.1.26-r3

Description
===========

An out of bounds read error has been found in libxslt/pattern.c in
libxslt.

Impact
======

A remote attacker could entice a user to process an XML file using a
specially crafted XSLT stylesheet in an application linked against
libxslt, possibly resulting in a Denial of Service condition.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All libxslt users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/libxslt-1.1.26-r3"

References
==========

[ 1 ] CVE-2011-3970
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3970

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201203-08.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5



[ GLSA 201203-07 ] foomatic-filters: User-assisted execution of arbitrary code
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201203-07
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: foomatic-filters: User-assisted execution of arbitrary code
Date: March 06, 2012
Bugs: #379559
ID: 201203-07

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

A vulnerability in foomatic-filters could result in the execution of
arbitrary code.

Background
==========

The foomatic-filters package contains wrapper scripts which are
designed to be used with Foomatic.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-print/foomatic-filters
< 4.0.9 >= 4.0.9

Description
===========

The foomatic-rip filter improperly handles command-line arguments,
including those issued by FoomaticRIPCommandLine fields in PPD files.

Impact
======

A remote attacker could entice a user to open a specially crafted PPD
file, possibly resulting in execution of arbitrary code with the
privileges of the system user "lp".

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All foomatic-filters users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot -v ">=net-print/foomatic-filters-4.0.9"

References
==========

[ 1 ] CVE-2011-2697
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2697
[ 2 ] CVE-2011-2964
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2964

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201203-07.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5



[ GLSA 201203-06 ] sudo: Privilege escalation
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201203-06
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: sudo: Privilege escalation
Date: March 06, 2012
Bugs: #351490, #401533
ID: 201203-06

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Two vulnerabilities have been discovered in sudo, allowing local
attackers to possibly gain escalated privileges.

Background
==========

sudo allows a system administrator to give users the ability to run
commands as other users.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-admin/sudo < 1.8.3_p2 >= 1.8.3_p2
*>= 1.7.4_p5

Description
===========

Two vulnerabilities have been discovered in sudo:

* When the sudoers file is configured with a Runas group, sudo does not
prompt for a password when changing to the new group (CVE-2011-0010).
* A format string vulnerability exists in the "sudo_debug()" function
(CVE-2012-0809).

Impact
======

A local attacker could possibly gain the ability to run arbitrary
commands with the privileges of other users or groups, including root.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All sudo users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=app-admin/sudo-1.8.3_p2"

References
==========

[ 1 ] CVE-2011-0010
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0010
[ 2 ] CVE-2012-0809
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0809

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201203-06.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5



[ GLSA 201203-05 ] Rack: Denial of Service
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201203-05
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Rack: Denial of Service
Date: March 06, 2012
Bugs: #396455
ID: 201203-05

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

A hash collision vulnerability in Rack allows remote attackers to cause
a Denial of Service condition.

Background
==========

Rack is a modular Ruby web server interface.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-ruby/rack < 1.1.3 >= 1.1.3

Description
===========

Rack does not properly randomize hash functions to protect against hash
collision attacks.

Impact
======

A remote attacker could send a specially crafted form post, possibly
resulting in a Denial of Service condition.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All Rack users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-ruby/rack-1.1.3"

References
==========

[ 1 ] CVE-2011-5036
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5036

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201203-05.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5



[ GLSA 201203-04 ] libxml2: Denial of Service
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201203-04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: libxml2: Denial of Service
Date: March 06, 2012
Bugs: #405261
ID: 201203-04

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

A hash collision vulnerability in libxml2 allows remote attackers to
cause a Denial of Service condition.

Background
==========

libxml2 is the XML C parser and toolkit developed for the Gnome
project.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/libxml2 < 2.7.8-r5 >= 2.7.8-r5

Description
===========

libxml2 does not properly randomize hash functions to protect against
hash collision attacks.

Impact
======

A remote attacker could entice a user or automated system to open a
specially crafted XML document with an application using libxml2
resulting in a Denial of Service condition.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All libxml2 users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/libxml2-2.7.8-r5"

References
==========

[ 1 ] CVE-2012-0841
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0841

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201203-04.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5



[ GLSA 201203-03 ] Puppet: Multiple vulnerabilities
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201203-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: Puppet: Multiple vulnerabilities
Date: March 06, 2012
Bugs: #303729, #308031, #384859, #385149, #388161, #403963
ID: 201203-03

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities have been found in Puppet, the worst of which
might allow local attackers to gain escalated privileges.

Background
==========

Puppet is a system configuration management tool written in Ruby.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-admin/puppet < 2.7.11 >= 2.7.11

Description
===========

Multiple vulnerabilities have been discovered in Puppet. Please review
the CVE identifiers referenced below for details.

Impact
======

A local attacker could gain elevated privileges, or access and modify
arbitrary files. Furthermore, a remote attacker may be able to spoof a
Puppet Master or write X.509 Certificate Signing Requests to arbitrary
locations.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All Puppet users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=app-admin/puppet-2.7.11"

References
==========

[ 1 ] CVE-2009-3564
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3564
[ 2 ] CVE-2010-0156
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0156
[ 3 ] CVE-2011-3848
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3848
[ 4 ] CVE-2011-3869
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3869
[ 5 ] CVE-2011-3870
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3870
[ 6 ] CVE-2011-3871
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3871
[ 7 ] CVE-2011-3872
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3872
[ 8 ] CVE-2012-1053
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1053
[ 9 ] CVE-2012-1054
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1054

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201203-03.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5



[ GLSA 201203-01 ] spamdyke: Arbitrary code execution
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201203-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: spamdyke: Arbitrary code execution
Date: March 06, 2012
Bugs: #399157
ID: 201203-01

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

A buffer overflow in spamdyke might allow remote attackers to execute
arbitrary code.

Background
==========

spamdyke is a drop-in connection-time spam filter for qmail.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 mail-filter/spamdyke < 4.3.0 >= 4.3.0

Description
===========

Boundary errors related to the "snprintf()" and "vsnprintf()" functions
in spamdyke could cause a buffer overflow.

Impact
======

A remote attacker could possibly execute arbitrary code or cause a
Denial of Service.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All spamdyke users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=mail-filter/spamdyke-4.3.0"

References
==========

[ 1 ] CVE-2012-0802
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0802

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201203-01.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5



[ GLSA 201203-02 ] cURL: Multiple vulnerabilities
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201203-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: cURL: Multiple vulnerabilities
Date: March 06, 2012
Bugs: #308645, #373235, #400799
ID: 201203-02

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities have been found in cURL, the worst of which
might allow remote execution of arbitrary code.

Background
==========

cURL is a command line tool for transferring files with URL syntax,
supporting numerous protocols.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-misc/curl < 7.24.0 >= 7.24.0

Description
===========

Multiple vulnerabilities have been found in cURL:

* When zlib is enabled, the amount of data sent to an application for
automatic decompression is not restricted (CVE-2010-0734).
* When performing GSSAPI authentication, credential delegation is
always used (CVE-2011-2192).
* When SSL is enabled, cURL improperly disables the OpenSSL workaround
to mitigate an information disclosure vulnerability in the SSL and
TLS protocols (CVE-2011-3389).
* libcurl does not properly verify file paths for escape control
characters in IMAP, POP3 or SMTP URLs (CVE-2012-0036).

Impact
======

A remote attacker could entice a user or automated process to open a
specially crafted file or URL using cURL, possibly resulting in the
remote execution of arbitrary code, a Denial of Service condition,
disclosure of sensitive information, or unwanted actions performed via
the IMAP, POP3 or SMTP protocols. Furthermore, remote servers may be
able to impersonate clients via GSSAPI requests.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All cURL users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/curl-7.24.0"

References
==========

[ 1 ] CVE-2010-0734
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0734
[ 2 ] CVE-2011-2192
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2192
[ 3 ] CVE-2011-3389
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3389
[ 4 ] CVE-2012-0036
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0036

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201203-02.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5