Linux Compatible - Gentoo (Page 15)

GLSA 200501-21: HylaFAX: hfaxd unauthorized login vulnerabi

Gentoo 2529 Published 2005-01-11 15:34 by Philipp Esselbach 0

A HylaFAX security update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200501-21
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: HylaFAX: hfaxd unauthorized login vulnerability
Date: January 11, 2005
Bugs: #75941
ID: 200501-21

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

HylaFAX is subject to a vulnerability in its username matching code, potentially allowing remote users to bypass access control lists.

GLSA 200501-19: imlib2: Buffer overflows in image decoding

Gentoo 2529 Published 2005-01-11 15:32 by Philipp Esselbach 0

An imlib2 security update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200501-19
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: imlib2: Buffer overflows in image decoding
Date: January 11, 2005
Bugs: #77002
ID: 200501-19

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Multiple overflows have been found in the imlib2 library image decoding routines, potentially allowing the execution of arbitrary code.

GLSA 200501-17: KPdf, KOffice

Gentoo 2529 Published 2005-01-11 14:57 by Philipp Esselbach 0

A Xpdf security update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200501-17
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: KPdf, KOffice: More vulnerabilities in included Xpdf
Date: January 11, 2005
Bugs: #75203, #75204
ID: 200501-17

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

KPdf and KOffice both include vulnerable Xpdf code to handle PDF files, making them vulnerable to the execution of arbitrary code if a user is enticed to view a malicious PDF file.

GLSA 200501-16: Konqueror: Java sandbox vulnerabilities

Gentoo 2529 Published 2005-01-11 14:50 by Philipp Esselbach 0

A konqueror security update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200501-16
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Konqueror: Java sandbox vulnerabilities
Date: January 11, 2005
Bugs: #72750
ID: 200501-16

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

The Java sandbox environment in Konqueror can be bypassed to access arbitrary packages, allowing untrusted Java applets to perform unrestricted actions on the host system.

GLSA 200501-15: UnRTF: Buffer overflow

Gentoo 2529 Published 2005-01-11 04:43 by Philipp Esselbach 0

An UnRTF security update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200501-15
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: UnRTF: Buffer overflow
Date: January 10, 2005
Bugs: #74480
ID: 200501-15

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

A buffer overflow in UnRTF allows an attacker to execute arbitrary code by way of a specially crafted RTF file.

GLSA 200501-14: mpg123: Buffer overflow

Gentoo 2529 Published 2005-01-11 04:42 by Philipp Esselbach 0

A mpg123 security update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200501-14
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: mpg123: Buffer overflow
Date: January 10, 2005
Bugs: #76862
ID: 200501-14

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

An attacker may be able to execute arbitrary code by way of specially crafted MP2 or MP3 files.

GLSA 200501-13: pdftohtml: Vulnerabilities in included Xpdf

Gentoo 2529 Published 2005-01-10 08:02 by Philipp Esselbach 0

A pdftohtml security update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200501-13
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: pdftohtml: Vulnerabilities in included Xpdf
Date: January 10, 2005
Bugs: #75200
ID: 200501-13

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

pdftohtml includes vulnerable Xpdf code to handle PDF files, making it vulnerable to execution of arbitrary code upon converting a malicious PDF file.

GLSA 200501-12: TikiWiki: Arbitrary command execution

Gentoo 2529 Published 2005-01-10 08:00 by Philipp Esselbach 0

A TikiWiki security update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200501-12
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: TikiWiki: Arbitrary command execution
Date: January 10, 2005
Bugs: #75568
ID: 200501-12

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

A bug in TikiWiki allows certain users to upload and execute malicious PHP scripts.

GLSA 200501-11: Dillo: Format string vulnerability

Gentoo 2529 Published 2005-01-09 18:58 by Philipp Esselbach 0

A Dillo security update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200501-11
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Dillo: Format string vulnerability
Date: January 09, 2005
Bugs: #76665
ID: 200501-11

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Dillo is vulnerable to a format string bug, which may result in the execution of arbitrary code.

GLSA 200501-10: Vilistextum: Buffer overflow vulnerability

Gentoo 2529 Published 2005-01-06 19:52 by Philipp Esselbach 0

A Vilistextum security update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200501-10
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Vilistextum: Buffer overflow vulnerability
Date: January 06, 2005
Bugs: #74694
ID: 200501-10

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Vilistextum is vulnerable to a buffer overflow that allows an attacker to execute arbitrary code through the use of a malicious webpage.

GLSA 200501-09: xzgv: Multiple overflows

Gentoo 2529 Published 2005-01-06 19:51 by Philipp Esselbach 0

A xzgv security update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200501-09
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: xzgv: Multiple overflows
Date: January 06, 2005
Bugs: #74069
ID: 200501-09

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

xzgv contains multiple overflows that may lead to the execution of arbitrary code.

GLSA 200501-08: phpGroupWare: Various vulnerabilities

Gentoo 2529 Published 2005-01-06 16:13 by Philipp Esselbach 0

A phpGroupWare security update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200501-08
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: phpGroupWare: Various vulnerabilities
Date: January 06, 2005
Bugs: #74487
ID: 200501-08

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Multiple vulnerabilities have been discovered in phpGroupWare that could lead to information disclosure or remote compromise.

GLSA 200501-07: xine-lib: Multiple overflows

Gentoo 2529 Published 2005-01-06 15:34 by Philipp Esselbach 0

A xine-lib security update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200501-07
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: xine-lib: Multiple overflows
Date: January 06, 2005
Bugs: #74475
ID: 200501-07

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

xine-lib contains multiple overflows potentially allowing execution of arbitrary code.

GLSA 200501-06: tiff: New overflows in image decoding

Gentoo 2529 Published 2005-01-05 20:19 by Philipp Esselbach 0

A tiff security update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200501-06
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: tiff: New overflows in image decoding
Date: January 05, 2005
Bugs: #75213
ID: 200501-06

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

An integer overflow has been found in the TIFF library image decoding routines and the tiffdump utility, potentially allowing arbitrary code execution.

GLSA 200501-05: mit-krb5: Heap overflow in libkadm5srv

Gentoo 2529 Published 2005-01-05 20:18 by Philipp Esselbach 0

A mit-krb5 security update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200501-05
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: mit-krb5: Heap overflow in libkadm5srv
Date: January 05, 2005
Bugs: #75143
ID: 200501-05

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

The MIT Kerberos 5 administration library (libkadm5srv) contains a heap overflow that could lead to execution of arbitrary code.

GLSA 200501-04: Shoutcast Server: Remote code execution

Gentoo 2529 Published 2005-01-05 19:23 by Philipp Esselbach 0

A Shoutcast Server security update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200501-04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Shoutcast Server: Remote code execution
Date: January 05, 2005
Bugs: #75482
ID: 200501-04

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Shoutcast Server contains a possible buffer overflow that could lead to the execution of arbitrary code.

GLSA 200501-02: a2ps: Insecure temporary files handling

Gentoo 2529 Published 2005-01-04 18:18 by Philipp Esselbach 0

An a2ps security update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200501-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: a2ps: Insecure temporary files handling
Date: January 04, 2005
Bugs: #75784
ID: 200501-02

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

The fixps and psmandup scripts in the a2ps package are vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files.

GLSA 200501-01: LinPopUp: Buffer overflow in message reply

Gentoo 2529 Published 2005-01-04 18:17 by Philipp Esselbach 0

A LinPopUp security update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200501-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: LinPopUp: Buffer overflow in message reply
Date: January 04, 2005
Bugs: #74705
ID: 200501-01

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

LinPopUp contains a buffer overflow potentially allowing execution of arbitrary code.

GLSA 200412-26: ViewCVS: Information leak

Gentoo 2529 Published 2004-12-28 18:26 by Philipp Esselbach 0

A ViewCVS security update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200412-26
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Low
Title: ViewCVS: Information leak and XSS vulnerabilities
Date: December 28, 2004
Bugs: #72461, #73772
ID: 200412-26

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

ViewCVS is vulnerable to an information leak and to cross-site scripting (XSS) issues.

GLSA 200412-25: CUPS: Multiple vulnerabilities

Gentoo 2529 Published 2004-12-28 18:16 by Philipp Esselbach 0

A CUPS security update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200412-25
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: CUPS: Multiple vulnerabilities
Date: December 28, 2004
Bugs: #74479, #75197
ID: 200412-25

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Multiple vulnerabilities have been found in CUPS, ranging from local Denial of Service attacks to the remote execution of arbitrary code.