[Bug 1048203]
This issue was resolved and addressed in GLSA 201503-04 at http://security.gentoo.org/glsa/glsa-201503-04.xml by GLSA coordinator Kristian Fiskerstrand (K_F). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1048203 Title: (CVE-2012-4412) glibc: strcoll() integer overflow leading to buffer overflow To manage notifications about this bug go to: https://bugs.launchpad.net/glibc/+bug/1048203/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1110273]
This issue was resolved and addressed in GLSA 201403-06 at http://security.gentoo.org/glsa/glsa-201403-06.xml by GLSA coordinator Mikle Kolyada (Zlogene). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1110273 Title: [Security] Vulnerability on UPnP, need an update to libupnp 1.6.18 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libupnp/+bug/1110273/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1039881]
This issue was resolved and addressed in GLSA 201401-24 at http://security.gentoo.org/glsa/glsa-201401-24.xml by GLSA coordinator Chris Reffett (creffett). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1039881 Title: https://bugs.launchpad.net/ubuntu/+source/inn2/+bug/1039881/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 222592]
This issue was resolved and addressed in GLSA 201311-07 at http://security.gentoo.org/glsa/glsa-201311-07.xml by GLSA coordinator Sean Amoss (ackle). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/222592 Title: [CVE-2008-1102] Blender imb_loadhdr() buffer overflow To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/blender/+bug/222592/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1037434]
This issue was resolved and addressed in GLSA 201308-05 at http://security.gentoo.org/glsa/glsa-201308-05.xml by GLSA coordinator Sergey Popov (pinkbyte). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1037434 Title: https://bugs.launchpad.net/ubuntu/+source/wireshark/+bug/1037434/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1110273]
CVE-2012-5960 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5960): Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) before 1.6.18 allows remote attackers to execute arbitrary code via a long UDN (aka upnp:rootdevice) field in a UDP packet. CVE-2012-5959 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5959): Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) before 1.6.18 allows remote attackers to execute arbitrary code via a long UDN (aka uuid) field within a string that contains a :: (colon colon) in a UDP packet. CVE-2012-5958 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5958): Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) before 1.6.18 allows remote attackers to execute arbitrary code via a UDP packet with a crafted string that is not properly handled after a certain pointer subtraction. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1110273 Title: [Security] Vulnerability on UPnP, need an update to libupnp 1.6.18 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libupnp/+bug/1110273/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1039560]
This issue was resolved and addressed in GLSA 201301-03 at http://security.gentoo.org/glsa/glsa-201301-03.xml by GLSA coordinator Sean Amoss (ackle). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1039560 Title: https://bugs.launchpad.net/ubuntu/+source/tor/+bug/1039560/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 894782]
CVE-2011-4612 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4612): icecast before 2.3.3 allows remote attackers to inject control characters such as newlines into the error loc (error.log) via a crafted URL. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/894782 Title: Newline injection in error.log To manage notifications about this bug go to: https://bugs.launchpad.net/icecast/+bug/894782/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1039881]
CVE-2012-3523 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3523): The STARTTLS implementation in nnrpd in INN before 2.5.3 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack, a similar issue to CVE-2011-0411. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1039881 Title: https://bugs.launchpad.net/ubuntu/+source/inn2/+bug/1039881/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1011823]
This issue was resolved and addressed in GLSA 201211-01 at http://security.gentoo.org/glsa/glsa-201211-01.xml by GLSA coordinator Tobias Heinlein (keytoaster). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1011823 Title: mantisbt : multiple vulnerabilities To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/mantis/+bug/1011823/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1022012]
This issue was resolved and addressed in GLSA 201209-17 at http://security.gentoo.org/glsa/glsa-201209-17.xml by GLSA coordinator Sean Amoss (ackle). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1022012 Title: (CVE-2012-3374) https://bugs.launchpad.net/pidgin/+bug/1022012/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1022360]
This issue was resolved and addressed in GLSA 201209-15 at http://security.gentoo.org/glsa/glsa-201209-15.xml by GLSA coordinator Sean Amoss (ackle). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1022360 Title: (CVE-2012-3812) CVE-2012-3812 asterisk: Remote crash vulnerability in voice mail application (CVE-2012-3863) CVE-2012-3863 asterisk: Possible resource leak on uncompleted re-invite transactions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/asterisk/+bug/1022360/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1037434]
CVE-2012-4298 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4298): Integer signedness error in the vwr_read_rec_data_ethernet function in wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 1.8.x before 1.8.2 allows user-assisted remote attackers to execute arbitrary code via a crafted packet-trace file that triggers a buffer overflow. CVE-2012-4297 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4297): Buffer overflow in the dissect_gsm_rlcmac_downlink function in epan/dissectors/packet-gsm_rlcmac.c in the GSM RLC MAC dissector in Wireshark 1.6.x before 1.6.10 and 1.8.x before 1.8.2 allows remote attackers to execute arbitrary code via a malformed packet. CVE-2012-4296 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4296): Buffer overflow in epan/dissectors/packet-rtps2.c in the RTPS2 dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (CPU consumption) via a malformed packet. CVE-2012-4295 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4295): Array index error in the channelised_fill_sdh_g707_format function in epan/dissectors/packet-erf.c in the ERF dissector in Wireshark 1.8.x before 1.8.2 might allow remote attackers to cause a denial of service (application crash) via a crafted speed (aka rate) value. CVE-2012-4294 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4294): Buffer overflow in the channelised_fill_sdh_g707_format function in epan/dissectors/packet-erf.c in the ERF dissector in Wireshark 1.8.x before 1.8.2 allows remote attackers to execute arbitrary code via a large speed (aka rate) value. CVE-2012-4293 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4293): plugins/ethercat/packet-ecatmb.c in the EtherCAT Mailbox dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly handle certain integer fields, which allows remote attackers to cause a denial of service (application exit) via a malformed packet. CVE-2012-4292 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4292): The dissect_stun_message function in epan/dissectors/packet-stun.c in the STUN dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly interact with key-destruction behavior in a certain tree library, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. CVE-2012-4291 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4291): The CIP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet. CVE-2012-4290 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4290): The CTDB dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a malformed packet. CVE-2012-4289 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4289): epan/dissectors/packet-afp.c in the AFP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a large number of ACL entries. CVE-2012-4288 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4288): Integer overflow in the dissect_xtp_ecntl function in epan/dissectors/packet-xtp.c in the XTP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop or application crash) via a large value for a span length. CVE-2012-4287 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4287): epan/dissectors/packet-mongo.c in the MongoDB dissector in Wireshark 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a small value for a BSON document length. CVE-2012-4286 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4286): The pcapng_read_packet_block function in wiretap/pcapng.c in the pcap-ng file parser in Wireshark 1.8.x before 1.8.2 allows user-assisted remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted pcap-ng file. CVE-2012-4285 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4285): The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a zero-length message. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1037434 Title: https://bugs.launchpad.net/ubuntu/+source/wireshark/+bug/1037434/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.
[Bug 1025111]
This issue was resolved and addressed in GLSA 201208-03 at http://security.gentoo.org/glsa/glsa-201208-03.xml by GLSA coordinator Sean Amoss (ackle). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1025111 Title: (CVE-2012-2842) https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1025111/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1023931]
CVE-2012-3867 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3867): lib/puppet/ssl/certificate_authority.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, does not properly restrict the characters in the Common Name field of a Certificate Signing Request (CSR), which makes it easier for user-assisted remote attackers to trick administrators into signing a crafted agent certificate via ANSI control sequences. CVE-2012-3866 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3866): lib/puppet/defaults.rb in Puppet 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, uses 0644 permissions for last_run_report.yaml, which allows local users to obtain sensitive configuration information by leveraging access to the puppet master server to read this file. CVE-2012-3865 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3865): Directory traversal vulnerability in lib/puppet/reports/store.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, when Delete is enabled in auth.conf, allows remote authenticated users to delete arbitrary files on the puppet master server via a .. (dot dot) in a node name. CVE-2012-3864 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3864): Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, allows remote authenticated users to read arbitrary files on the puppet master server by leveraging an arbitrary user's certificate and private key in a GET request. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1023931 Title: (CVE-2012-3864) puppet: multiple vulnerabilities for 2.7.17 and earlier releases (CVE-(2012-{3408,3864,3865,3866,3867}) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1023931/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1020403]
CVE-2012-3377 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3377): Heap-based buffer overflow in the Ogg_DecodePacket function in the OGG demuxer (modules/demux/ogg.c) in VideoLAN VLC media player before 2.0.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted OGG file. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1020403 Title: https://bugs.launchpad.net/ubuntu/+source/vlc/+bug/1020403/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1025111]
CVE-2012-2843 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2843): Use-after-free vulnerability in Google Chrome before 20.0.1132.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to layout height tracking. CVE-2012-2842 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2842): Use-after-free vulnerability in Google Chrome before 20.0.1132.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to counter handling. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1025111 Title: (CVE-2012-2842) https://bugs.launchpad.net/ubuntu/+source/chromium-browser/+bug/1025111/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1022012]
CVE-2012-3374 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3374): Buffer overflow in markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.5 allows remote attackers to execute arbitrary code via a crafted inline image in a message. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1022012 Title: (CVE-2012-3374) https://bugs.launchpad.net/pidgin/+bug/1022012/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1022360]
CVE-2012-3863 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3863): channels/chan_sip.c in Asterisk Open Source 1.8.x before 1.8.13.1 and 10.x before 10.5.2, Asterisk Business Edition C.3.x before C.3.7.5, Certified Asterisk 1.8.11-certx before 1.8.11-cert4, and Asterisk Digiumphones 10.x.x-digiumphones before 10.5.2-digiumphones does not properly handle a provisional response to a SIP reINVITE request, which allows remote authenticated users to cause a denial of service (RTP port exhaustion) via sessions that lack final responses. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1022360 Title: (CVE-2012-3812) CVE-2012-3812 asterisk: Remote crash vulnerability in voice mail application (CVE-2012-3863) CVE-2012-3863 asterisk: Possible resource leak on uncompleted re-invite transactions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/asterisk/+bug/1022360/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1022360]
CVE-2012-3812 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3812): Double free vulnerability in apps/app_voicemail.c in Asterisk Open Source 1.8.x before 1.8.13.1 and 10.x before 10.5.2, Certified Asterisk 1.8.11-certx before 1.8.11-cert4, and Asterisk Digiumphones 10.x.x-digiumphones before 10.5.2-digiumphones allows remote authenticated users to cause a denial of service (daemon crash) by establishing multiple voicemail sessions and accessing both the Urgent mailbox and the INBOX mailbox. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1022360 Title: (CVE-2012-3812) CVE-2012-3812 asterisk: Remote crash vulnerability in voice mail application (CVE-2012-3863) CVE-2012-3863 asterisk: Possible resource leak on uncompleted re-invite transactions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/asterisk/+bug/1022360/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs