Linux Compatible - Gentoo (Page 20)

GLSA 200504-07: GnomeVFS, libcdaudio: CDDB response overflow

Gentoo 2530 Published 2005-04-08 10:50 by Philipp Esselbach 0

A GnomeVFS security update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200504-07
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: GnomeVFS, libcdaudio: CDDB response overflow
Date: April 08, 2005
Bugs: #84936
ID: 200504-07

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

The GnomeVFS and libcdaudio libraries contain a buffer overflow that can be triggered by a large CDDB response, potentially allowing the execution of arbitrary code.

GLSA 200504-06: sharutils: Insecure temporary file creation

Gentoo 2530 Published 2005-04-06 18:09 by Philipp Esselbach 0

A sharutils security update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200504-06
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: sharutils: Insecure temporary file creation
Date: April 06, 2005
Bugs: #87939
ID: 200504-06

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

The unshar utility is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files.

GLSA 200504-05: Gaim: Denial of Service issues

Gentoo 2530 Published 2005-04-06 09:39 by Philipp Esselbach 0

A Gaim security update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200504-05
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Low
Title: Gaim: Denial of Service issues
Date: April 06, 2005
Updated: April 06, 2005
Bugs: #87903
ID: 200504-05:02

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Gaim contains multiple vulnerabilities that can lead to a Denial of Service.

GLSA 200504-04: mit-krb5: Multiple buffer overflows in telnet

Gentoo 2530 Published 2005-04-06 09:36 by Philipp Esselbach 0

A mit-krb5 security update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200504-04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: mit-krb5: Multiple buffer overflows in telnet client
Date: April 06, 2005
Bugs: #87145
ID: 200504-04

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

The mit-krb5 telnet client is vulnerable to two buffer overflows, which could allow a malicious telnet server operator to execute arbitrary code.

GLSA 200504-03: Dnsmasq: Poisoning and Denial of Service

Gentoo 2530 Published 2005-04-04 08:10 by Philipp Esselbach 0

A Dnsmasq security update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200504-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Low
Title: Dnsmasq: Poisoning and Denial of Service vulnerabilities
Date: April 04, 2005
Bugs: #86718
ID: 200504-03

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Dnsmasq is vulnerable to DNS cache poisoning attacks and a potential Denial of Service from the local network.

GLSA 200504-02: Sylpheed, Sylpheed-claws: Buffer overflow

Gentoo 2530 Published 2005-04-02 06:33 by Philipp Esselbach 0

A Sylpheed, Sylpheed-claws security update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200504-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Sylpheed, Sylpheed-claws: Buffer overflow on message
display
Date: April 02, 2005
Bugs: #86541
ID: 200504-02

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Sylpheed and Sylpheed-claws contain a vulnerability that can be triggered when displaying messages with specially crafted attachments.

GLSA 200504-01: telnet-bsd: Multiple buffer overflows

Gentoo 2530 Published 2005-04-01 05:58 by Philipp Esselbach 0

A telnet-bsd security update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200504-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: telnet-bsd: Multiple buffer overflows
Date: April 01, 2005
Bugs: #87019
ID: 200504-01

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

The telnet-bsd telnet client is vulnerable to two buffer overflows, which could allow a malicious telnet server operator to execute arbitrary code.

GLSA 200503-37: LimeWire: Disclosure of sensitive informati

Gentoo 2530 Published 2005-03-31 12:45 by Philipp Esselbach 0

A LimeWare security update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200503-37
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Low
Title: LimeWire: Disclosure of sensitive information
Date: March 31, 2005
Bugs: #85380
ID: 200503-37

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Two vulnerabilities in LimeWire can be exploited to disclose sensitive information.

GLSA 200503-36: netkit-telnetd: Buffer overflow

Gentoo 2530 Published 2005-03-31 12:43 by Philipp Esselbach 0

A netkit-telnetd security update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200503-36
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: netkit-telnetd: Buffer overflow
Date: March 31, 2005
Bugs: #87211
ID: 200503-36

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

The netkit-telnetd telnet client is vulnerable to a buffer overflow, which could allow a malicious telnet server operator to execute arbitrary code.

GLSA 200503-35: Smarty: Template vulnerability

Gentoo 2530 Published 2005-03-30 09:10 by Philipp Esselbach 0

A Smarty ecurity update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200503-35
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: Smarty: Template vulnerability
Date: March 30, 2005
Bugs: #86488
ID: 200503-35

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Smarty's "Template security" feature can be bypassed, potentially allowing a remote attacker to execute arbitrary PHP code.

GLSA 200503-34: mpg321: Format string vulnerability

Gentoo 2530 Published 2005-03-28 16:03 by Philipp Esselbach 0

A mpg321 security update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200503-34
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: mpg321: Format string vulnerability
Date: March 28, 2005
Bugs: #86033
ID: 200503-34

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

A flaw in the processing of ID3 tags in mpg321 could potentially lead to the execution of arbitrary code.

Gentoo Linux 2005.0

Gentoo 2530 Published 2005-03-28 03:47 by Philipp Esselbach 0

Gentoo Linux 2005.0 has been released

GLSA 200503-33: IPsec-Tools: racoon Denial of Service

Gentoo 2530 Published 2005-03-25 15:45 by Philipp Esselbach 0

An IPsec-Tools security update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200503-33
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: IPsec-Tools: racoon Denial of Service
Date: March 25, 2005
Bugs: #84479
ID: 200503-33

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

IPsec-Tools' racoon is affected by a remote Denial of Service vulnerability.

GLSA 200503-29: GnuPG: OpenPGP protocol attack

Gentoo 2530 Published 2005-03-25 05:42 by Philipp Esselbach 0

A GnuPG security update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200503-29
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Low
Title: GnuPG: OpenPGP protocol attack
Date: March 24, 2005
Bugs: #85547
ID: 200503-29

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Automated systems using GnuPG may leak plaintext portions of an encrypted message.

GLSA 200503-28: Sun Java: Web Start argument injection

Gentoo 2530 Published 2005-03-25 05:40 by Philipp Esselbach 0

A Sun Java security update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200503-28
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Sun Java: Web Start argument injection vulnerability
Date: March 24, 2005
Bugs: #85804
ID: 200503-28

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Java Web Start JNLP files can be abused to evade sandbox restriction and execute arbitrary code.

GLSA 200503-27: Xzabite dyndnsupdate: Multiple vulnerabilities

Gentoo 2530 Published 2005-03-21 12:48 by Philipp Esselbach 0

A Xzabite dyndnsupdate security update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200503-27
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Xzabite dyndnsupdate: Multiple vulnerabilities
Date: March 21, 2005
Bugs: #84659
ID: 200503-27

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Xzabite's dyndnsupdate software suffers from multiple vulnerabilities, potentially resulting in the remote execution of arbitrary code.

GLSA 200503-26: Sylpheed, Sylpheed-claws

Gentoo 2530 Published 2005-03-21 05:29 by Philipp Esselbach 0

Sylpheed, Sylpheed-claws security update are available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200503-26
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Sylpheed, Sylpheed-claws: Message reply overflow
Date: March 20, 2005
Bugs: #84056
ID: 200503-26

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Sylpheed and Sylpheed-claws contain a vulnerability that can be triggered when replying to specially crafted messages.

GLSA 200503-24: LTris: Buffer overflow

Gentoo 2530 Published 2005-03-21 05:28 by Philipp Esselbach 0

A LTris security update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200503-24
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: LTris: Buffer overflow
Date: March 20, 2005
Bugs: #85770
ID: 200503-24

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

LTris is vulnerable to a buffer overflow which could lead to the execution of arbitrary code.

GLSA 200503-23: rxvt-unicode: Buffer overflow

Gentoo 2530 Published 2005-03-21 05:26 by Philipp Esselbach 0

A rxvt-unicode security update is availalble for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200503-23
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: rxvt-unicode: Buffer overflow
Date: March 20, 2005
Bugs: #84680
ID: 200503-23

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

rxvt-unicode is vulnerable to a buffer overflow that could lead to the execution of arbitrary code.

GLSA 200503-21: Grip: CDDB response overflow

Gentoo 2530 Published 2005-03-17 12:55 by Philipp Esselbach 0

A Grip security update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200503-21
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Grip: CDDB response overflow
Date: March 17, 2005
Bugs: #84704
ID: 200503-21

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Grip contains a buffer overflow that can be triggered by a large CDDB response, potentially allowing the execution of arbitrary code.