http://security.debian.org/ Debian-Sicherheitsankündigung 2012-05-17T20:10:30+00:00 http://www.debian.org/security/2012/dsa-2474 <p>Raúl Benencia discovered that ikiwiki, a wiki compiler, does not properly escape the author (and its URL) of certain metadata, such as comments. This might be used to conduct cross-site scripting attacks.</p> 2012-05-16 http://www.debian.org/security/2012/dsa-2473 <p>Tielei Wang discovered that OpenOffice.org does not allocate a large enough memory region when processing a specially crafted JPEG object, leading to a heap-based buffer overflow and potentially arbitrary code execution.</p> 2012-05-16 http://www.debian.org/security/2012/dsa-2472 <p>Dave Love discovered that users who are allowed to submit jobs to a Grid Engine installation can escalate their privileges to root because the environment is not properly sanitized before creating processes.</p> 2012-05-15 http://www.debian.org/security/2012/dsa-2471 <p>Several vulnerabilities have been discovered in FFmpeg, a multimedia player, server and encoder. Multiple input validations in the decoders/ demuxers for Westwood Studios VQA, Apple MJPEG-B, Theora, Matroska, Vorbis, Sony ATRAC3, DV, NSV, files could lead to the execution of arbitrary code.</p> 2012-05-13 http://www.debian.org/security/2012/dsa-2458 <p>Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of Seamonkey:</p> 2012-05-13 http://www.debian.org/security/2012/dsa-2457 <p>Several vulnerabilities have been discovered in Iceweasel, a web browser based on Firefox. The included XULRunner library provides rendering services for several other applications included in Debian.</p> 2012-05-13 http://www.debian.org/security/2012/dsa-2470 <p>Several vulnerabilities were identified in WordPress, a web blogging tool. As the CVEs were allocated from releases announcements and specific fixes are usually not identified, it has been decided to upgrade the wordpress package to the latest upstream version instead of backporting the patches.</p> 2012-05-11 http://www.debian.org/security/2012/dsa-2469 <p>Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems:</p> 2012-05-10 http://www.debian.org/security/2012/dsa-2468 <p>It was discovered that Apache POI, a Java implementation of the Microsoft Office file formats, would allocate arbitrary amounts of memory when processing crafted documents. This could impact the stability of the Java virtual machine.</p> 2012-05-09 http://www.debian.org/security/2012/dsa-2467 <p>It was discovered that Mahara, the portfolio, weblog, and resume builder, had an insecure default with regards to SAML-based authentication used with more than one SAML identity provider. Someone with control over one IdP could impersonate users from other IdP's.</p> 2012-05-09 http://www.debian.org/security/2012/dsa-2466 <p>Sergey Nartimov discovered that in Rails, a Ruby based framework for web development, when developers generate html options tags manually, user input concatenated with manually built tags may not be escaped and an attacker can inject arbitrary HTML into the document.</p> 2012-05-09 http://www.debian.org/security/2012/dsa-2465 <p>De Eindbazen discovered that PHP, when run with mod_cgi, will interpret a query string as command line parameters, allowing to execute arbitrary code.</p> 2012-05-09 http://www.debian.org/security/2012/dsa-2422 <p>The file type identification tool, file, and its associated library, libmagic, do not properly process malformed files in the Composite Document File (CDF) format, leading to crashes.</p> 2012-05-09 http://www.debian.org/security/2012/dsa-2464 <p>Several vulnerabilities have been discovered in Icedove, an unbranded version of the Thunderbird mail/news client.</p> 2012-05-08 http://www.debian.org/security/2012/dsa-2459 <p>Several vulnerabilities have been discovered in Quagga, a routing daemon.</p> 2012-05-04 http://www.debian.org/security/2012/dsa-2462 <p>Several integer overflows and missing input validations were discovered in the ImageMagick image manipulation suite, resulting in the execution of arbitrary code or denial of service.</p> 2012-05-03 http://www.debian.org/security/2012/dsa-2463 <p>Ivano Cristofolini discovered that insufficient security checks in Samba's handling of LSA RPC calls could lead to privilege escalation by gaining the <q>take ownership</q> privilege.</p> 2012-05-02 http://www.debian.org/security/2012/dsa-2461 <p>Several vulnerabilities have been found in SPIP, a website engine for publishing, resulting in cross-site scripting, script code injection and bypass of restrictions.</p> 2012-04-26 http://www.debian.org/security/2012/dsa-2460 <p>Several vulnerabilities were discovered in the Asterisk PBX and telephony toolkit:</p> 2012-04-25 http://www.debian.org/security/2012/dsa-2454 <p>Multiple vulnerabilities have been found in OpenSSL. The Common Vulnerabilities and Exposures project identifies the following issues:</p> 2012-04-24 http://www.debian.org/security/2012/dsa-2456 <p>Danny Fullerton discovered a use-after-free in the Dropbear SSH daemon, resulting in potential execution of arbitrary code. Exploitation is limited to users, who have been authenticated through public key authentication and for which command restrictions are in place.</p> 2012-04-23 http://www.debian.org/security/2012/dsa-2455 <p>Helmut Hummel of the TYPO3 security team discovered that TYPO3, a web content management system, is not properly sanitizing output of the exception handler. This allows an attacker to conduct cross-site scripting attacks if either third-party extensions are installed that do not sanitize this output on their own or in the presence of extensions using the extbase MVC framework which accept objects to controller actions.</p> 2012-04-20