This is a list of security announcments that have been released for the current stable version of Frugalware
- Author: Miklos Vajna
- Vulnerable: 1.7-4
- Unaffected: 1.7-5locris1
A vulnerability has been reported in Kerberos, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an assertion error within the “spnego_gss_accept_sec_context()” function in src/lib/gssapi/spnego/spnego_mech.c when receiving an invalid packet, which can be exploited to e.g. crash an application using the library by sending a specially crafted packet.
CVEs:
- Author: Miklos Vajna
- Vulnerable: 0.9.21-2
- Unaffected: 0.9.21-3locris1
This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
The security issue is caused due to the application performing chown() and chmod() calls without checking for symbolic links in existing directories. This can be exploited to e.g. change permissions and ownership of arbitrary files via symlink attacks.
CVEs:
- Author: Miklos Vajna
- Vulnerable: 5.x_1.0-1
- Unaffected: 5.x_1.1-1locris1
A vulnerability has been reported in the Mime Mail module for Drupal, while can be exploited by malicious users to compromise a vulnerable system.
The vulnerability is caused due to an error in the PCRE regular expression engine, which can be exploited to execute arbitrary PHP code.
Successful exploitation requires the ability to send HTML email via the Mime Mail module.
CVEs:
- Author: Miklos Vajna
- Vulnerable: 3.6-1
- Unaffected: 3.6.2-1locris1
A vulnerability has been reported in Mozilla Firefox, which can be exploited by malicious people to compromise a user’s system.
The vulnerability is caused due to an integer overflow error when processing WOFF fonts. This can be exploited to cause a heap-based buffer overflow via a web page embedding a WOFF font with an overly large “origLen” field.
CVEs:
- Author: Miklos Vajna
- Vulnerable: 1.0.4-1
- Unaffected: 1.0.4-2locris1
libesmtp did not properly handle a ‘\0’ character in a domain name in the subject’s Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.
CVEs:
- Author: Miklos Vajna
- Vulnerable: 5.x_2.5-1
- Unaffected: 5.x_2.6-1locris1
A vulnerability has been reported in the Internationalization module for Drupal, which can be exploited by malicious users to compromise a vulnerable system.
Certain unspecified input is not properly sanitised before being used to translate the text. This can be exploited to execute arbitrary PHP code by passing a malicious string to the input filter.
CVEs:
- Author: Miklos Vajna
- Vulnerable: 5.21-1
- Unaffected: 5.22-2locris1
Some vulnerabilities have been reported in Drupal, which can be exploited by malicious users to conduct script insertion attacks and bypass certain security restrictions.
- Input passed via the “langcode”, “name”, and “native” parameters in the languages interface while using the Locale module is not properly sanitised before being displayed to the user. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user’s browser session in context of an affected site when the malicious data is being viewed.
Successful exploitation requires “administer languages” permissions.
- An error in the handling of certain sessions can be exploited to maintain an open session despite the user being blocked.
CVEs:
- Author: Miklos Vajna
- Vulnerable: 2.9.1-1
- Unaffected: 2.9.2-1locris1
A vulnerability has been discovered in WordPress, which can be exploited by malicious users to bypass certain security restrictions.
The vulnerability is caused due to WordPress not properly restricting access to trashed posts, which can be exploited to e.g. view a trashed post by accessing it’s page directly.
Successful exploitation requires a valid user account.
CVEs:
