headers
Tim Sammut | 21 May 09:09
Picon
Favicon
Gravatar

[ GLSA 201205-03 ] Chromium, V8: Multiple vulnerabilities

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory                           GLSA 201205-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                            http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal
    Title: Chromium, V8: Multiple vulnerabilities
     Date: May 21, 2012
     Bugs: #416119
       ID: 201205-03

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities have been reported in Chromium and V8, some of
which may allow execution of arbitrary code.

Background
==========

Chromium is an open source web browser project. V8 is Google’s open
source JavaScript engine.

Affected packages
=================

    -------------------------------------------------------------------
(Continue reading)

Permalink | Reply | 0 comments |
headers
Sean Amoss | 16 May 00:18
Picon
Favicon
Gravatar

[ GLSA 201205-02 ] ConnMan: Multiple vulnerabilities

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory                           GLSA 201205-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                            http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal
    Title: ConnMan: Multiple vulnerabilities
     Date: May 15, 2012
     Bugs: #415415
       ID: 201205-02

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities have been found in ConnMan, allowing attackers
to execute arbitrary code or cause Denial of Service.

Background
==========

ConnMan provides a daemon for managing Internet connections.

Affected packages
=================

    -------------------------------------------------------------------
     Package              /     Vulnerable     /            Unaffected
(Continue reading)

Permalink | Reply | 0 comments |
headers
Tim Sammut | 15 May 09:12
Picon
Favicon
Gravatar

[ GLSA 201205-01 ] Chromium: Multiple vulnerabilities

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory                           GLSA 201205-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                            http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal
    Title: Chromium: Multiple vulnerabilities
     Date: May 15, 2012
     Bugs: #414199
       ID: 201205-01

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities have been reported in Chromium, some of which
may allow execution of arbitrary code.

Background
==========

Chromium is an open source web browser project.

Affected packages
=================

    -------------------------------------------------------------------
     Package              /     Vulnerable     /            Unaffected
(Continue reading)

Permalink | Reply | 0 comments |
headers
Sean Amoss | 18 Apr 01:48
Picon
Favicon
Gravatar

[ GLSA 201204-08 ] Perl DBD-Pg Module: Arbitrary code execution

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory                           GLSA 201204-08
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                            http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal
    Title: Perl DBD-Pg Module: Arbitrary code execution
     Date: April 17, 2012
     Bugs: #407549
       ID: 201204-08

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Two format string vulnerabilities have been found in the Perl DBD-Pg
module, allowing a remote PostgreSQL servers to execute arbitrary code.

Background
==========

DBD-Pg is a PostgreSQL interface module for Perl.

Affected packages
=================

    -------------------------------------------------------------------
     Package              /     Vulnerable     /            Unaffected
(Continue reading)

Permalink | Reply | 0 comments |
headers
Sean Amoss | 18 Apr 01:46
Picon
Favicon
Gravatar

[ GLSA 201204-07 ] Adobe Flash Player: Multiple vulnerabilities

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory                           GLSA 201204-07
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                            http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal
    Title: Adobe Flash Player: Multiple vulnerabilities
     Date: April 17, 2012
     Bugs: #390149, #404101, #407023, #410005
       ID: 201204-07

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities in Adobe Flash Player, the worst of which
might allow remote attackers to execute arbitrary code.

Background
==========

The Adobe Flash Player is a renderer for the SWF file format, which is
commonly used to provide interactive websites.

Affected packages
=================

    -------------------------------------------------------------------
(Continue reading)

Permalink | Reply | 0 comments |
headers
Sean Amoss | 18 Apr 01:42
Picon
Favicon
Gravatar

[ GLSA 201204-06 ] PolicyKit: Multiple vulnerabilities

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory                           GLSA 201204-06
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                            http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: High
    Title: PolicyKit: Multiple vulnerabilities
     Date: April 17, 2012
     Bugs: #314535, #364973, #401513
       ID: 201204-06

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities have been found in PolicyKit, the worst of
which may allow a local attacker to gain root privileges.

Background
==========

PolicyKit is a toolkit for controlling privileges for system-wide
services.

Affected packages
=================

    -------------------------------------------------------------------
(Continue reading)

Permalink | Reply | 0 comments |
headers
Sean Amoss | 18 Apr 01:38
Picon
Favicon
Gravatar

[ GLSA 201204-05 ] SWFTools: User-assisted execution of arbitrary code

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory                           GLSA 201204-05
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                            http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal
    Title: SWFTools: User-assisted execution of arbitrary code
     Date: April 17, 2012
     Bugs: #332649
       ID: 201204-05

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

A heap-based buffer overflow in SWFTools could result in the execution
of arbitrary code.

Background
==========

SWFTools is a collection of SWF manipulation and generation utilities
written by Rainer Böhme and Matthias Kramm.

Affected packages
=================

    -------------------------------------------------------------------
(Continue reading)

Permalink | Reply | 0 comments |
headers
Sean Amoss | 18 Apr 01:11
Picon
Favicon
Gravatar

[ GLSA 201204-04 ] FreeType: Multiple vulnerabilities

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory                           GLSA 201204-04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                            http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal
    Title: FreeType: Multiple vulnerabilities
     Date: April 17, 2012
     Bugs: #407257
       ID: 201204-04

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities have been found in FreeType, allowing remote
attackers to possibly execute arbitrary code or cause Denial of
Service.

Background
==========

FreeType is a high-quality and portable font engine.

Affected packages
=================

    -------------------------------------------------------------------
(Continue reading)

Permalink | Reply | 0 comments |
headers
Tim Sammut | 11 Apr 00:07
Picon
Favicon
Gravatar

[ GLSA 201204-03 ] Chromium: Multiple vulnerabilities

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory                           GLSA 201204-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                            http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal
    Title: Chromium: Multiple vulnerabilities
     Date: April 10, 2012
     Bugs: #410963
       ID: 201204-03

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities have been reported in Chromium, some of which
may allow execution of arbitrary code.

Background
==========

Chromium is an open source web browser project.

Affected packages
=================

    -------------------------------------------------------------------
     Package              /     Vulnerable     /            Unaffected
(Continue reading)

Permalink | Reply | 0 comments |
headers
Sean Amoss | 10 Apr 13:22
Picon
Favicon
Gravatar

[ GLSA 201204-02 ] InspIRCd: Arbitrary code execution

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory                           GLSA 201204-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                            http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: High
    Title: InspIRCd: Arbitrary code execution
     Date: April 10, 2012
     Bugs: #409159
       ID: 201204-02

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

A heap-based buffer overflow in InspIRCd may allow execution of
arbitrary code.

Background
==========

InspIRCd (Inspire IRCd) is a modular C++ IRC daemon

Affected packages
=================

    -------------------------------------------------------------------
     Package              /     Vulnerable     /            Unaffected
(Continue reading)

Permalink | Reply | 0 comments |
headers
Sean Amoss | 10 Apr 00:53
Picon
Favicon
Gravatar

[ GLSA 201204-01 ] VirtualBox: Multiple vulnerabilities

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201204-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: VirtualBox: Multiple vulnerabilities Date: April 09, 2012 Bugs: #386317, #399807 ID: 201204-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities were found in VirtualBox, allowing local attackers to gain escalated privileges. Background ========== VirtualBox is a powerful virtualization product from Oracle. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-emulation/virtualbox < 4.1.8 >= 4.1.8 2 app-emulation/virtualbox-bin < 4.1.8 >= 4.1.4 ------------------------------------------------------------------- 2 affected packages Description =========== Multiple unspecified vulnerabilities have been discovered in VirtualBox. Please review the CVE identifiers referenced below for details. Impact ====== A local attacker may be able to gain escalated privileges via unknown attack vectors. Workaround ========== There is no known workaround at this time. Resolution ========== All VirtualBox users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-emulation/virtualbox-4.1.8" All VirtualBox binary users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=app-emulation/virtualbox-bin-4.1.8" References ========== [ 1 ] CVE-2010-4414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4414 [ 2 ] CVE-2011-2300 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2300 [ 3 ] CVE-2011-2305 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2305 [ 4 ] CVE-2012-0105 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0105 [ 5 ] CVE-2012-0111 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0111 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201204-01.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security <at> gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5
Permalink | Reply | 0 comments |

Gmane