Debian Beveiliging

DSA-2477 sympa - authorization bypass

2012-05-20

Several vulnerabilities have been discovered in Sympa, a mailing list manager, that allow to skip the scenario-based authorization mechanisms. This vulnerability allows to display the archives management page, and download and delete the list archives by unauthorized users.

DSA-2476 pidgin-otr - format string vulnerability

2012-05-19

intrigeri discovered a format string error in pidgin-otr, an Off-the-Record Messaging plugin for Pidgin.

DSA-2475 openssl - integer underflow

2012-05-17

It was discovered that openssl did not correctly handle explicit Initialization Vectors for CBC encryption modes, as used in TLS 1.1, 1.2, and DTLS. An incorrect calculation would lead to an integer underflow and incorrect memory access, causing denial of service (application crash.)

DSA-2474 ikiwiki - cross-site scripting

2012-05-16

Raúl Benencia discovered that ikiwiki, a wiki compiler, does not properly escape the author (and its URL) of certain metadata, such as comments. This might be used to conduct cross-site scripting attacks.

DSA-2473 openoffice.org - buffer overflow

2012-05-16

Tielei Wang discovered that OpenOffice.org does not allocate a large enough memory region when processing a specially crafted JPEG object, leading to a heap-based buffer overflow and potentially arbitrary code execution.

DSA-2472 gridengine - privilege escalation

2012-05-15

Dave Love discovered that users who are allowed to submit jobs to a Grid Engine installation can escalate their privileges to root because the environment is not properly sanitized before creating processes.

DSA-2471 ffmpeg - several vulnerabilities

2012-05-13

Several vulnerabilities have been discovered in FFmpeg, a multimedia player, server and encoder. Multiple input validations in the decoders/ demuxers for Westwood Studios VQA, Apple MJPEG-B, Theora, Matroska, Vorbis, Sony ATRAC3, DV, NSV, files could lead to the execution of arbitrary code.

DSA-2458 iceape - several vulnerabilities

2012-05-13

Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of Seamonkey:

DSA-2457 iceweasel - several vulnerabilities

2012-05-13

Several vulnerabilities have been discovered in Iceweasel, a web browser based on Firefox. The included XULRunner library provides rendering services for several other applications included in Debian.

DSA-2470 wordpress - several vulnerabilities

2012-05-11

Several vulnerabilities were identified in WordPress, a web blogging tool. As the CVEs were allocated from releases announcements and specific fixes are usually not identified, it has been decided to upgrade the wordpress package to the latest upstream version instead of backporting the patches.

DSA-2469 linux-2.6 - privilege escalation/denial of service

2012-05-10

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems:

DSA-2468 libjakarta-poi-java - unbounded memory allocation

2012-05-09

It was discovered that Apache POI, a Java implementation of the Microsoft Office file formats, would allocate arbitrary amounts of memory when processing crafted documents. This could impact the stability of the Java virtual machine.

DSA-2467 mahara - insecure defaults

2012-05-09

It was discovered that Mahara, the portfolio, weblog, and resume builder, had an insecure default with regards to SAML-based authentication used with more than one SAML identity provider. Someone with control over one IdP could impersonate users from other IdP's.

DSA-2466 rails - cross site scripting

2012-05-09

Sergey Nartimov discovered that in Rails, a Ruby based framework for web development, when developers generate html options tags manually, user input concatenated with manually built tags may not be escaped and an attacker can inject arbitrary HTML into the document.

DSA-2465 php5 - several vulnerabilities

2012-05-09

De Eindbazen discovered that PHP, when run with mod_cgi, will interpret a query string as command line parameters, allowing to execute arbitrary code.

DSA-2422 file - missing bounds checks

2012-05-09

The file type identification tool, file, and its associated library, libmagic, do not properly process malformed files in the Composite Document File (CDF) format, leading to crashes.

DSA-2464 icedove - several vulnerabilities

2012-05-08

Several vulnerabilities have been discovered in Icedove, an unbranded version of the Thunderbird mail/news client.

DSA-2459 quagga - several vulnerabilities

2012-05-04

Several vulnerabilities have been discovered in Quagga, a routing daemon.

DSA-2462 imagemagick - several vulnerabilities

2012-05-03

Several integer overflows and missing input validations were discovered in the ImageMagick image manipulation suite, resulting in the execution of arbitrary code or denial of service.

DSA-2463 samba - missing permission checks

2012-05-02

Ivano Cristofolini discovered that insufficient security checks in Samba's handling of LSA RPC calls could lead to privilege escalation by gaining the take ownership privilege.

DSA-2461 spip - several vulnerabilities

2012-04-26

Several vulnerabilities have been found in SPIP, a website engine for publishing, resulting in cross-site scripting, script code injection and bypass of restrictions.

DSA-2460 asterisk - several vulnerabilities

2012-04-25

Several vulnerabilities were discovered in the Asterisk PBX and telephony toolkit:

DSA-2454 openssl - multiple vulnerabilities

2012-04-24

Multiple vulnerabilities have been found in OpenSSL. The Common Vulnerabilities and Exposures project identifies the following issues:

DSA-2456 dropbear - use after free

2012-04-23

Danny Fullerton discovered a use-after-free in the Dropbear SSH daemon, resulting in potential execution of arbitrary code. Exploitation is limited to users, who have been authenticated through public key authentication and for which command restrictions are in place.