security | 24 Oct 15:27 2014

[ MDVSA-2014:209 ] java-1.7.0-openjdk


 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2014:209
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : java-1.7.0-openjdk
 Date    : October 24, 2014
 Affected: Business Server 1.0
 _______________________________________________________________________

 Problem Description:

 Multiple vulnerabilities has been discovered and corrected in
 java-1.7.0-openjdk:

 Multiple flaws were discovered in the Libraries, 2D, and Hotspot
 components in OpenJDK. An untrusted Java application or applet
 could use these flaws to bypass certain Java sandbox restrictions
 (CVE-2014-6506, CVE-2014-6531, CVE-2014-6502, CVE-2014-6511,
 CVE-2014-6504, CVE-2014-6519).

 It was discovered that the StAX XML parser in the JAXP component in
 OpenJDK performed expansion of external parameter entities even when
 external entity substitution was disabled. A remote attacker could
 use this flaw to perform XML eXternal Entity (XXE) attack against
 applications using the StAX parser to parse untrusted XML documents
 (CVE-2014-6517).

(Continue reading)

security | 24 Oct 15:19 2014

[ MDVSA-2014:208 ] phpmyadmin


 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2014:208
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : phpmyadmin
 Date    : October 24, 2014
 Affected: Business Server 1.0
 _______________________________________________________________________

 Problem Description:

 Updated phpmyadmin package fixes security vulnerability:

 In phpMyAdmin before 4.2.10.1, with a crafted database or table name
 it is possible to trigger an XSS in SQL debug output when enabled and
 in server monitor page when viewing and analysing executed queries
 (CVE-2014-8326).
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8326
 http://advisories.mageia.org/MGASA-2014-0420.html
 _______________________________________________________________________

 Updated Packages:

(Continue reading)

security | 24 Oct 15:17 2014

[ MDVSA-2014:207 ] ejabberd


 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2014:207
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : ejabberd
 Date    : October 24, 2014
 Affected: Business Server 1.0
 _______________________________________________________________________

 Problem Description:

 Updated ejabberd packages fix security vulnerability:

 A flaw was discovered in ejabberd that allows clients to connect
 with an unencrypted connection even if starttls_required is set
 (CVE-2014-8760).
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8760
 http://advisories.mageia.org/MGASA-2014-0417.html
 _______________________________________________________________________

 Updated Packages:

 Mandriva Business Server 1/X86_64:
(Continue reading)

security | 24 Oct 15:15 2014

[ MDVSA-2014:206 ] ctags


 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2014:206
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : ctags
 Date    : October 24, 2014
 Affected: Business Server 1.0
 _______________________________________________________________________

 Problem Description:

 Updated ctags package fixes security vulnerability:

 A denial of service issue was discovered in ctags 5.8. A remote
 attacker could cause excessive CPU usage and disk space consumption
 via a crafted JavaScript file by triggering an infinite loop
 (CVE-2014-7204).
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7204
 http://advisories.mageia.org/MGASA-2014-0415.html
 _______________________________________________________________________

 Updated Packages:

(Continue reading)

security | 24 Oct 15:13 2014

[ MDVSA-2014:205 ] lua


 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2014:205
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : lua
 Date    : October 24, 2014
 Affected: Business Server 1.0
 _______________________________________________________________________

 Problem Description:

 Updated lua and lua5.1 packages fix security vulnerability:

 A heap-based overflow vulnerability was found in the way Lua handles
 varargs functions with many fixed parameters called with few arguments,
 leading to application crashes or, potentially, arbitrary code
 execution (CVE-2014-5461).
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5461
 http://advisories.mageia.org/MGASA-2014-0414.html
 _______________________________________________________________________

 Updated Packages:

(Continue reading)

Slackware Security Team | 24 Oct 07:36 2014

[slackware-security] glibc (SSA:2014-296-01)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security]  glibc (SSA:2014-296-01)

New glibc packages are available for Slackware 14.1 and -current to fix
security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/glibc-2.17-i486-8_slack14.1.txz:  Rebuilt.
  This update fixes several security issues, and adds an extra security
  hardening patch from Florian Weimer.  Thanks to mancha for help with
  tracking and backporting patches.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4424
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4412
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4237
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4788
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4458
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4043
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0475
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5119
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6040
  (* Security fix *)
patches/packages/glibc-i18n-2.17-i486-8_slack14.1.txz:  Rebuilt.
patches/packages/glibc-profile-2.17-i486-8_slack14.1.txz:  Rebuilt.
patches/packages/glibc-solibs-2.17-i486-8_slack14.1.txz:  Rebuilt.
patches/packages/glibc-zoneinfo-2014i-noarch-1_slack14.1.txz:  Upgraded.
(Continue reading)

Slackware Security Team | 24 Oct 07:36 2014

[slackware-security] pidgin (SSA:2014-296-02)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security]  pidgin (SSA:2014-296-02)

New pidgin packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
and -current to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
pidgin-2.10.10-i486-1_slack14.1.txz:  Upgraded.
  This update fixes several security issues:
  Insufficient SSL certificate validation (CVE-2014-3694)
  Remote crash parsing malformed MXit emoticon (CVE-2014-3695)
  Remote crash parsing malformed Groupwise message (CVE-2014-3696)
  Malicious smiley themes could alter arbitrary files (CVE-2014-3697)
  Potential information leak from XMPP (CVE-2014-3698)
    For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3694
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3695
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3696
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3697
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3698
  (* Security fix *)
+--------------------------+

Where to find the new packages:
+-----------------------------+

(Continue reading)

Moritz Muehlenhoff | 23 Oct 23:05 2014
Picon

[SECURITY] [DSA 3055-1] pidgin security update


-------------------------------------------------------------------------
Debian Security Advisory DSA-3055-1                   security <at> debian.org
http://www.debian.org/security/                        Moritz Muehlenhoff
October 23, 2014                       http://www.debian.org/security/faq
-------------------------------------------------------------------------

Package        : pidgin
CVE ID         : CVE-2014-3694 CVE-2014-3695 CVE-2014-3696 CVE-2014-3698

Multiple vulnerabilities have been discovered in Pidgin, a multi-protocol
instant messaging client:

CVE-2014-3694

    It was discovered that the SSL/TLS plugins failed to validate the
    basic constraints extension in intermediate CA certificates.

CVE-2014-3695

    Yves Younan and Richard Johnson discovered that emotictons with
    overly large length values could crash Pidgin.

CVE-2014-3696

    Yves Younan and Richard Johnson discovered that malformed Groupwise
    messages could crash Pidgin.

CVE-2014-3698

(Continue reading)

Alejandro Hernandez | 23 Oct 22:45 2014
Picon

OpenBSD <= 5.5 Local Kernel Panic

OpenBSD <= 5.5 (All architectures) is prone to a local DoS condition by triggering a kernel panic through a
malformed ELF executable.

A patch has been released to address this issue. See "013 Reliability Fix" at: 
http://www.openbsd.org/errata55.html#013_kernexec

More details and PoC code: 
http://www.ioactive.com/pdfs/IOActive_Advisory_OpenBSD_5_5_Local_Kernel_Panic.pdf

Regards,

Alejandro Hernandez
Senior Security Consultant

IOActive, Ltd
Mobile: (+521) 55 2515 7446
http://www.ioactive.com
alejandro.hernandez <at> ioactive.co.uk
"Using our past to secure your future"
The Americas | EMEA | AsiaPac

security | 23 Oct 16:01 2014

[ MDVSA-2014:203 ] openssl


 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2014:203
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : openssl
 Date    : October 23, 2014
 Affected: Business Server 1.0
 _______________________________________________________________________

 Problem Description:

 Multiple vulnerabilities has been discovered and corrected in openssl:

 OpenSSL has added support for TLS_FALLBACK_SCSV to allow applications
 to block the ability for a MITM attacker to force a protocol
 downgrade. Some client applications (such as browsers) will reconnect
 using a downgraded protocol to work around interoperability bugs in
 older servers. This could be exploited by an active man-in-the-middle
 to downgrade connections to SSL 3.0 even if both sides of the
 connection support higher protocols. SSL 3.0 contains a number of
 weaknesses including POODLE (CVE-2014-3566).

 When an OpenSSL SSL/TLS/DTLS server receives a session ticket the
 integrity of that ticket is first verified. In the event of a session
 ticket integrity check failing, OpenSSL will fail to free memory
 causing a memory leak. By sending a large number of invalid session
 tickets an attacker could exploit this issue in a Denial Of Service
(Continue reading)

security | 23 Oct 16:07 2014

[ MDVSA-2014:204 ] libxml2


 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2014:204
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : libxml2
 Date    : October 23, 2014
 Affected: Business Server 1.0
 _______________________________________________________________________

 Problem Description:

 A vulnerability has been found and corrected in libxml2:

 A denial of service flaw was found in libxml2, a library providing
 support to read, modify and write XML and HTML files. A remote attacker
 could provide a specially crafted XML file that, when processed by
 an application using libxml2, would lead to excessive CPU consumption
 (denial of service) based on excessive entity substitutions, even if
 entity substitution was disabled, which is the parser default behavior
 (CVE-2014-3660).

 The updated packages have been patched to correct this issue.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3660
(Continue reading)


Gmane