Frugalware Security Announcements (FSAs)

This is a list of security announcments that have been released for the current stable version of Frugalware

e2fsprogs

  • Author: vmiklos
  • Vulnerable: 1.40.2-1
  • Unaffected: 1.40.2-2sayshell1

Some vulnerabilities have been reported in the libext2fs library of e2fsprogs, which potentially can be exploited by malicious people to compromise an application using the library. The vulnerabilities are caused due to integer overflows, which potentially can be exploited to execute arbitrary code by e.g. tricking a user into processing a specially crafted file system with an application using libext2fs.

CVEs:

cacti

  • Author: voroskoi
  • Vulnerable: 0.8.6j-2
  • Unaffected: 0.8.6j-3terminus1

A vulnerability has been reported in Cacti, which potentially can be exploited by malicious people to conduct SQL injection attacks. Certain unspecified input is not properly sanitised before being used in an SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

CVEs:

cairo

  • Author: voroskoi
  • Vulnerable: 1.4.10-1
  • Unaffected: 1.4.10-2sayshell1

A vulnerability has been reported in Cairo, which potentially can be exploited by malicious people to compromise an application using the library. The vulnerability is caused due to an integer overflow error within the “read_png()” function in cairo-png.c. This can be exploited to cause a heap-based buffer overflow via a specially crafted PNG file. Successful exploitation may allow execution of arbitrary code.

CVEs:

claws-mail

  • Author: voroskoi
  • Vulnerable: 3.0.1-1
  • Unaffected: 3.0.1-2sayshell1

A security issue has been reported in Claws Mail, which can be exploited by malicious, local users to perform certain actions with escalated privileges. The security issue is caused due to the sylprint.pl script using temporary files in an insecure manner. This can be exploited to overwrite or delete arbitrary files via symlink attacks.

CVEs:

drupal

  • Author: voroskoi
  • Vulnerable: 5.2-2sayshell1
  • Unaffected: 5.2-2sayshell2

A vulnerability has been reported in Drupal, which can be exploited by malicious people to conduct SQL injection attacks. Input passed to the “taxonomy_select_nodes()” function is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation requires that a module that passes unsanitised data to “taxonomy_select_nodes()” is installed.

CVEs:

liferea

  • Author: voroskoi
  • Vulnerable: 1.2.23-2sayshell1
  • Unaffected: 1.2.23-2sayshell2

A security issue has been reported in Liferea, which can be exploited by malicious, local users to gain escalated privileges. The security issue is caused due to the Liferea starter script incorrectly setting the environment variable LD_LIBRARY_PATH. This can be exploited to gain escalated privileges e.g. by tricking a user into running Liferea in a directory containing a malicious library.

CVEs:

  • There is no CVE for this issue.

seamonkey

  • Author: vmiklos
  • Vulnerable: 1.1.5-1sayshell1
  • Unaffected: 1.1.7-1sayshell1

Some vulnerabilities have been reported in Mozilla SeaMonkey, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks and potentially to compromise a user’s system.

CVEs:

thunderbird

  • Author: voroskoi
  • Vulnerable: 2.0.0.6-2
  • Unaffected: 2.0.0.9-1terminus1

Some vulnerabilities have been reported in Mozilla Thunderbird, which potentially can be exploited by malicious people to compromise a user’s system.

  1. Various errors in the browser engine can be exploited to cause a memory corruption.
  2. Various errors in the Javascript engine can be exploited to cause a memory corruption.

CVEs:

wesnoth

  • Author: voroskoi
  • Vulnerable: 1.2.6-2terminus1
  • Unaffected: 1.2.8-1terminus1

Some vulnerabilities have been reported in Wesnoth, which can be exploited by malicious people to cause a DoS (Denial of Service), disclose potentially sensitive information, or potentially compromise a vulnerable system.

  1. An error within the WML preprocessor can be exploited via a malicious add-on to disclose the content of arbitrary files on an affected system when processing pathnames that contain directory traversal sequences.
  2. An error within the handling of the “turn_cmd” option can be exploited to cause a DoS or potentially execute arbitrary commands via a malicious add-on.

CVEs:

wireshark

  • Author: vmiklos
  • Vulnerable: 0.99.6-4
  • Unaffected: 0.99.7-1terminus1

Some vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerabilities are caused due to various errors (e.g. large loops with extreme memory consumption, endless loops, crashes, and buffer overflows) within the following: * SSL, ANSI MAP, Firebird/Interbase, NCP, HTTP, MEGACO, DCP ETSI, PPP, Bluetooth SDP, SMB, USB, WiMAX, RPL, and CIP dissectors * when processing a malformed MP3 or iSeries (OS/400) Communication trace file * when processing a malformed DNP or RPC Portmap packet These can be exploited to crash Wireshark or consume large amounts of system resources by e.g. parsing a specially crafted packet that is either captured off the wire or loaded via a capture file.