Package: node-cli
Version: 0.4.4~20120516-1
Severity: critical
Tags: security
Dear Maintainer,
The `node-cli` library makes insecure use of the following two
temporary files:
lock_file = '/tmp/' + cli.app + '.pid',
log_file = '/tmp/' + cli.app + '.log';
These allow overwriting
Package: stalin
Version: 0.11-5
Severity: critical
Tags: security
When `stalin` launches it attempts to detect its environment via
the following code in /usr/lib/stalin/QobiScheme.sc:
(system "uname -m >/tmp/QobiScheme.tmp")
...
(system "rm -f /tmp/QobiScheme.tmp"))
This is a
The patches seem to work successfully for me:
* The test-suite that runs at compile-time still passes.
* The reproducer stops segfaulting.
The reproducer I'm using is:
--
#!/usr/bin/ruby1.8
require 'json'
JSON.parse([1.+1*30+])
--
Steve
--
http://www.steve.org.uk/
Simple patch:
--- src/njam.cpp-orig 2011-12-13 17:06:04.0 +
+++ src/njam.cpp2011-12-13 17:07:08.0 +
@@ -339,7 +339,7 @@
sprintf(linux_sdl_driver, x11\0);
char *driver_name = getenv(SDL_VIDEODRIVER);
if (driver_name)
- sprintf(linux_sdl_driver,
Package: njam
Version: 1.25-5
Justification: user security hole
Severity: grave
Tags: security
*** Please type your report below this line ***
The setgid(games) binary /usr/games/njam makes insecure use of the
environmental variable SDL_VIDEODRIVER.
This potentially allows the execution of
Package: winkeydaemon
Version: 1.0.1-3
Justification: user security hole
Severity: grave
Tags: security
*** Please type your report below this line ***
This is probably not a hugely exploitable issue, but reporting
regardless:
winkeydaemon.pl:
if (-d /tmp/.winkey) {
# ok, no action
Package: oping
Version: 1.3.2-1
Justification: user security hole
Severity: grave
Tags: security
*** Please type your report below this line ***
oping is setuid root and one of the command line arguments allows
a configuration file to be specified. This file is read and *reported*
to the
On Fri Sep 18, 2009 at 13:38:39 +0200, Arnaud Fontaine wrote:
I have prepared yesterday a package for Lenny including this patch. At
the moment, I'm waiting for a reply from the debian-security team.
Great. Don't forget etch to.
Thank you very much for the patch and bug report.
Did
On Fri Sep 18, 2009 at 14:06:44 +0200, Arnaud Fontaine wrote:
No I didn't, I could not find this discussion, could you please point it
me out? As soon as all these issues will have been addressed, I will
prepare a package (debian-security team: please do not upload the
package for
The patch doesn't account for case variations, so it shold be updated:
+
+for i in xrange (len (attrs)):
+k,v = attrs[i]
+if (( k == src ) or ( k == href ) ) and
(v.lower().find(javascript: ) -1 ):
+del attrs[i]
+
return attrs
Steve
--
Subject: planet-venus: [CVE-2009-2937] - Insufficient escaping of input feeds
Package: planet-venus
Justification: user security hole
Severity: grave
Tags: security
*** Please type your report below this line ***
The planet feed aggregator attempts to remove malicious content from
user-submitted
Subject: planet: [CVE-2009-2937] - Insufficient escaping of input feeds
Package: planet
Justification: user security hole
Severity: grave
Tags: security
*** Please type your report below this line ***
The planet feed aggregator attempts to remove malicious content from
user-submitted feeds. It
Package: mantis
Severity: grave
Tags: security
Version: 1.1.6+dfsg-2
There's a security issue in the mantis version in lenny, at least,
which allows registered users to run commands on the server.
Details here:
http://secunia.com/advisories/32314/
Patch here:
Looks like I filed this too soon - the bug is fixed in Lenny's
package already.
Steve
--
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
The patch below my sig is sufficient to fix the bug.
See here for more details:
http://blog.steve.org.uk/what_can_you_do__sparta_will_need_sons_.html
Steve
--
Managed Anti-Spam Service
http://mail-scanning.com/
s...@gold:/tmp$ diff --unified --ignore-space-change
On Wed Aug 13, 2008 at 11:31:54 +1000, Sven Dowideit wrote:
I will have to assume that this report is indeed incorrect unless I hear
otherwise.
On my Debian Etch system:
[EMAIL PROTECTED]:~$ apt-get source twiki
Reading package lists... Done
Building dependency tree... Done
Need to get
On Wed Aug 13, 2008 at 22:51:00 +1000, Sven Dowideit wrote:
no, its got nothing to do with /var/lib/twiki/data etc, its the location
for session data - produced by CGI::Session etc.
Yes it does.
The code we're talking about is contained in the file debian/postinst,
and only executes
On Wed Jul 09, 2008 at 12:04:01 +0200, Wichert Akkerman wrote:
I see CVE-2008-2960 reported in the BTS as #489756 but I see no mention
of a fix for stable. Is someone working on a DSA for stable?
There isn't one in progress. Tonight there will be a release of
an update to handle
On Wed May 07, 2008 at 18:12:09 -0400, Jamie Strandboge wrote:
vorbis-tools contains embedded speex code, and although vorbis-tools is linked
to libspeex, it compiles the vulnerable code. Attached is a debdiff that
Ubuntu
is using in its 1.1.1 versions of vorbis-tools (fuzz removed).
I'd
On Tue Apr 15, 2008 at 21:36:13 -0400, Andres Salomon wrote:
Cool. The package is here:
http://people.debian.org/~dilinger/security/kazehakase/etch/
I will give it a bit more testing later on tonight.
Thanks. I'll upload this tomorrow. I assume this will
be handled in the same
On Tue Apr 15, 2008 at 15:46:02 -0400, Andres Salomon wrote:
I'd rather see kaz linked against the system's pcre;
it's much easier to deal w/. Does the security team agree?
Definitely!
Steve
--
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble?
Package: tss
Version: 0.8.1-3
Severity: grave
Justification: user security hole
Tags: security
*** Please type your report below this line ***
Due to poor permission checking the tss binary allows local
users to read arbitrary files upon the system.
For example the following reveals the
Package: xwine
Version: 1.0.1-1.1
Severity: grave
Justification: user security hole
Tags: security
*** Please type your report below this line ***
I'd urge for the removal of this package from Lenny/Sid because
of bug 460783 + this one...
xwine contains two flaws:
1. Insecure use of
On Thu Feb 21, 2008 at 02:41:41 +0100, Gregory Colpart wrote:
The package turba2 has vulnerabilities (See CVE-2008-0807, bug
#464058 and changelogs of fixed sarge/etch packages).
A shining example of how to handle security updates. Thanks very
very much for the fixed packages, and the clear
On Fri Nov 23, 2007 at 12:25:42 +, Domijor wrote:
Today I updated with aptitude the package samba to the version
samba_3.0.24-6etch5_i386.deb. I have PDC server with Samba. The cliente
don't connect
to server. The cliente connect with smbfs. The log of system is:
The
On Fri Nov 23, 2007 at 12:02:59 +, Error update
samba_3.0.24-6etch5_i386.deb wrote:
Today I updated with aptitude the package samba to the version
samba_3.0.24-6etch5_i386.deb. I have PDC server with Samba. The cliente
don't connect
to server. The cliente connect with smbfs. The log
On Mon Oct 29, 2007 at 19:33:17 +0100, Tomas Hoger wrote:
During testing of our updated dhcp packages, we have found out that
patch for CVE-2007-5365 used by OpenBSD was not sufficient and it was
still possible to crash dhcpd. Your dhcp packages released in DSA
1388-1 also seem affected. You
Package: xen-utils-3.0.3-1
Version: 3.0.3-0-3
Severity: grave
Tags: security
Justification: user security hole
Xen versions 3.x, and 3.1 contain a tool for processing Xen trace
buffer information.
This tool uses the static file /tmp/xenq-shm insecurely allowing
a local user to truncate
On Fri Oct 12, 2007 at 22:51:24 +1000, Steffen Joeris wrote:
A patch is attached below. Please tell me, if you want to take care of
it or if i should upload.
Thanks for the patch, I will upload with it.
Steve
--
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of
On Mon Sep 10, 2007 at 13:41:10 +0200, Stefan Andersson wrote:
Package: lighttpd
Version: 1.4.13-4etch1
Severity: critical
Tags: security
Justification: arbitrary code execution
Fixed already in DSA-1362.
Steve
--
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of
On Thu Aug 09, 2007 at 01:07:47 +1000, Steffen Joeris wrote:
Package: zziplib
Severity: grave
Tags: security
Justification: user security hole
Hi
The following CVE[0] has be issued against zziplib.
This seems to be a low-risk, from the one page I found describing
it:
On Thu Aug 02, 2007 at 23:34:10 +0200, Stefan Fritsch wrote:
Package: postfix-policyd
Version: 1.80-2.1
Severity: grave
Tags: security
Justification: user security hole
A vulnerability has been found in policyd. From CVE-2007-3791:
Building now.
Steve
--
--
To UNSUBSCRIBE, email to
On Sat Jul 28, 2007 at 11:18:54 +0300, Touko Korpela wrote:
This bug has patch included, maybe security team could do upload?
The code in Etch already contains this patch... I've not
had a chance to check sarge yet, but I'm thinking that we're
OK.
Steve
--
# The Debian Security Audit
On Fri Jul 27, 2007 at 09:11:48 -0500, Adam Majer wrote:
Package: lighttpd
Severity: critical
Tags: security
Upstream patches from Trac seem to be available from upstream.
Still waiting on CVE IDs. I can upload without them, but I'd
rather not ..
Steve
--
--
To UNSUBSCRIBE, email
This one isn't going to get released as-is, as there are a couple
more pending issues with lighttpd.
I'll roll them all up once I have valid identifiers for them.
Steve
--
# The Debian Security Audit Project.
http://www.debian.org/security/audit
--
To UNSUBSCRIBE, email to [EMAIL
On Tue Jul 24, 2007 at 21:14:31 +0200, Olaf van der Spek wrote:
Lighttpd 1.4.16 has been released and contains security fixes, see
http://www.lighttpd.net/2007/7/24/1-4-16-let-s-ship-it
A release is in preperation, just waiting on CVE IDs. We have
one ..
Steve
--
--
To UNSUBSCRIBE,
On Fri Jul 20, 2007 at 11:02:07 +0200, Pierre Habouzit wrote:
attached is the patch that fixes it. I'm going to NMU lighttpd in
unstable, please someone takes care of etch.
Joey if you could allocate a DOS CVE ID I'll do the upload,
I've already done lighttpd patches for etch.
Steve
--
On Fri Jul 13, 2007 at 08:16:07 -0500, John Goerzen wrote:
I will upload a fix to unstable shortly. However, it sounds like this could
also impact the version in stable, so CCing [EMAIL PROTECTED]
Yes that looks to be the case.
If you had a patch that would apply to the version in Stable
On Mon Jul 09, 2007 at 17:43:47 -0700, Steve Langasek wrote:
Ok, uploading.
sigh -- please kick this one out, I just noticed I built it with
stable-security as the target.
I'd be happy to do that if you, or somebody else, could tell me
how to do so..
Let me know if you would like me
On Mon Jul 09, 2007 at 12:43:57 -0700, Steve Langasek wrote:
I've uploaded a freetype 2.1.7-7 package to
http://people.debian.org/~vorlon/freetype/, signed and built for sarge.
Thanks.
Let me know if you would like me to upload this to security.d.o (I promise
I'll even use the embargoed
Package: gfax
Version: 0.4.2-11
Severity: grave
Usertags: sourcescan
Tags: security
*** Please type your report below this line ***
The gfax package as released in Sarge, make unsafe use of temporary files
which allow local users to gain root trivially.
Etch, Lenny, and Sid are
This is fixed in DSA-1329-1. Just reported here for reference.
Steve
--
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Package: gsambad
Version: 0.1.5-5
Severity: grave
Usertags: sourcescan
*** Please type your report below this line ***
Security issue: CVE-2007-2838
The gsambad package contains a binary (which may only be
executed by the root user) with the following code in it:
Package: fireflier-server
Version: 1.1.6-3
Severity: grave
Usertags: sourcescan
*** Please type your report below this line ***
Security issue: CVE-2007-2837.
The server, fireflierd, runs with root privileges and the code
contains this gem which I think speaks for itself:
string
Package: unicon-imc2
Version: 3.0.4-11
Severity: grave
Usertags: sourcescan
*** Please type your report below this line ***
CVE-2007-2835 : Allows local root compromise via zhcon.
Anyway, the setuid(0) zhcon application links to this library,
which contains a buffer overflow which may be
]
+
+ -- Steve Kemp [EMAIL PROTECTED] Thu, 28 Jun 2007 16:47:39 +
+
+gsambad (0.1.4-2) unstable; urgency=medium
* Adjusting the icondir.
* Makeing use of su-to-root in the desktop file.
only in patch2:
unchanged:
--- gsambad-0.1.4.orig/src/populate_conns.c
+++ gsambad-0.1.4/src/populate_conns.c
On Sun Jul 01, 2007 at 21:47:42 +0200, Daniel Baumann wrote:
uploaded 0.1.6-2 with your patch and urgency=high, so you probably want
to mention this version for testing/sid in the DSA.
Great.
no offence intended, but i'd be happy if you can next time attach the
patch to the bug report
]
+
+ -- Steve Kemp [EMAIL PROTECTED] Sun, 24 Jul 2007 15:02:42 +
+
unicon (3.0.4-11) unstable; urgency=low
* Changed TLS_PthSocket ::read ::write to Read, Write.
Steve
--
http://www.steve.org.uk/
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact
On Sun Jul 01, 2007 at 21:56:43 +0200, Martin MAURER wrote:
I agree that this code could become a problem, although I wasn't able to
reproduce using screen and the command written in your mail.
I could reproduce this using the -qt version of the client. First of
all adding some rules, then
On Wed Jun 27, 2007 at 11:29:12 +0900, Taku YASUI wrote:
I'll upload new upstream version to sid soon.
And I attach the patch to fix this problem.
Great, thanks.
If you could tell us which version in Sid would fix the problem
I can include that in the advisory.
Steve
--
--
To
Hiki 0.8.0 - 0.8.6 is affected, it means that stable, testing and unstable
pacakges in Debian are affected. Please update hiki package.
For more detail, see http://hikiwiki.org/en/advisory20070624.html
Joey if you could allocate an ID I'll upload a fixed package.
Steve
--
--
To
On Thu Jun 21, 2007 at 20:16:41 +0200, Stefan Fritsch wrote:
CVE-2006-4168:
Integer overflow in the exif_data_load_data_entry function in
libexif/exif-data.c in Libexif before 0.6.16 allows remote attackers to
cause a denial of service (application crash) or execute arbitrary code
via an
I see no copy of the vulnerable code in the Debian version of unzoo,
I suspect this is only an issue for the non-free version of unzoo,
which we'll not release an update for.
Comments?
Steve
--
# Commercial Debian GNU/Linux Support
http://www.linux-administration.org/
--
To
Fixed already in Stable (etch):
w3m (0.5.1-5.1) unstable; urgency=high
* NMU by the Security Team:
* Fix format string vulnerability in display of SSL certificates.
(No CVE ID yet) (Closes: #404564)
-- Moritz Muehlenhoff [EMAIL PROTECTED] Tue, 26 Dec 2006 18:49:26 +0100
On Sun Jun 17, 2007 at 18:20:01 +0200, Thijs Kinkhorst wrote:
For stable I've checked whether it's
vulnerable and I believe it's not: the vulnerability is in the SendmailSend()
function. That requires for the calling code to actually use the sendmail
method, which Flyspray does not allow
On Wed May 30, 2007 at 06:19:29 -0700, Steve Langasek wrote:
Signed package for etch is on its way up to
http://people.debian.org/~vorlon/freetype/ right now (built with -sa, so
should indeed be ready for upload straight to security-master).
Thanks a lot, Steve.
Let me know if there's
vectors, like embedding TTFs in other document types, etc.
Agreed.
Steve Kemp wanted to work on a DSA, so you should probably check back
with him before preparing an upload.
I was planning on handling this yes, so if there were a fixed package
available for Etch then I'd appreciate seeing
On Fri, Dec 22, 2006 at 06:42:41PM +0100, Stefan Fritsch wrote:
A vulnerability has been reported in Netrik:
Thanks for the report. Security update for Sarge is building now.
Patch attached:
Steve
--
--- form-file.c 2003-08-06 10:28:45.0 +
+++ /home/skx/form-file.c
Package: libapache2-mod-ifier
Version: 0.8-2
Severity: grave
Justification: renders package unusable
This module, when installed and enabled, breaks all processing of
POST requests.
It should be removed from Etch until it can be updated to work
correctly.
-- System Information:
Debian
On Mon, Oct 30, 2006 at 10:56:28PM +0100, Marco d'Itri wrote:
By creating a /tmp/start_thttpd symlink a local attacker will be able to
create/touch any file as root.
Thanks for the report. Once I get a CVE identifier allocated I'll
handle an update for Sarge.
Daniel if you have a
) stable-security; urgency=high
+
+ * Non-maintainer upload by the Security Team.
+ * Fix the insecure use of temporary files when invoked by logrotate.
+[CVE-2006-4248]
+
+ -- Steve Kemp [EMAIL PROTECTED] Tue, 31 Oct 2006 17:49:34 +
+
thttpd (2.23beta1-3sarge1) stable-security; urgency=high
On Sun, Oct 22, 2006 at 01:08:18PM +0200, Jan Strnad wrote:
Package: gaim-encryption
Version: 3.0~beta5-3
Severity: critical
Tags: security
Justification: root security hole
This doesn't appear to have any security implications. Certainly
not a root hole.
Sure you could argue that
On Sat, Sep 09, 2006 at 01:22:25PM +0200, Stefan Fritsch wrote:
On Saturday 09 September 2006 12:35, Lo?c Minier wrote:
I think only apache was uploaded for CVE-2006-3918, and not
apache2. Do you intend to issue a DSA for apache2 as well? Or
isn't it affected by the vulnerability?
A security advisory is pending.
This bug applies to both the apache and apache2 packages. Same
fix in both packages, but in different locations...
Steve
--
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
On Fri, Jul 28, 2006 at 05:06:38PM +0200, Daniel Leidert wrote:
The latest release notes [1] of apache 1.3.37, 2.0.59 and 2.2.3 contains a
note, about an off-by-one flaw (CVE-2006-3747 [2]).
[1] http://www.apache.org/dist/httpd/Announcement2.2.html
[2]
On Sun, Jul 23, 2006 at 06:16:00PM +0200, Christian Perrier wrote:
Hello dear Security team (and ftpmasters, and shadow package maintainers),
Being back from 2 days holiday I discover CVE-2006-3378 which has just
been revealed to our attention (#359174 in the BTS).
I guess you mean #379174
On Sun, Jul 23, 2006 at 12:42:28AM +, Henning Sprang wrote:
Package: xen-tools
Version: 2.1-3
Severity: grave
Justification: renders package unusable
Grave seems a little extreme since the package clearly works for
some. However I'm happy to leave it there for a day or two at
least
On Sun, Jul 23, 2006 at 01:03:33AM +0200, Henning Sprang wrote:
I also tried the same with a loopback dislk image - no success.
OK that is good to know.
I do exactlky what is documented, and have no idea how to investigate
the problem further.
I've given you things to try. The most
On Sun, Jul 23, 2006 at 01:27:51AM +0200, Henning Sprang wrote:
Actually, that helped, as said before, but it is not clear, or even
evident, that --debootstrap/--rpmstrap must be given from the manpage,
I think it is - from man xen-create-image:
--cut--
INSTALLATION METHODS
The
On Tue, Jul 04, 2006 at 02:39:00PM +0200, Pierre Chifflier wrote:
On Tue, Jul 04, 2006 at 02:30:10PM +0200, Julien Danjou wrote:
Hello,
The fix for DSA-1006-1 on wzdftpd broke dependencies as explained in bug
report #372531.
We would like to see this bug fixed in the next stable
On Sun, Jun 25, 2006 at 03:09:51PM -0700, Steve Langasek wrote:
As mentioned earlier this month, a regression was found in the freetype
2.1.7-2.5 package uploaded for DSA-1095 which caused applications to crash
with division-by-zero errors. I've prepared a maintainer upload to fix
this
On Sat, Jun 24, 2006 at 05:21:32PM -0400, Daniel Schepler wrote:
From my pbuilder build log:
Good catch, thanks for reporting it.
...
tests/getopt..ok 1 - File exists: ./bin/xen-create-image
ok 2 - File is executable
Cannot read file '/etc/xen-tools/xen-tools.conf' - No
On Sat, Jun 17, 2006 at 08:01:22PM +0200, Robert Millan wrote:
Package: firefox
Severity: grave
Tags: security
Not a security bug.
When pasting using X11 clipboard to a firefox window, unless the focus is in a
specific place like the navigation bar or an edit box, it'll assume you want
On Sat, Jun 17, 2006 at 10:30:40PM +0200, Robert Millan wrote:
Thanks, it seems disabling middlemouse.contentLoadURL gets rid of the
problem. Could you make this the default?
I think that is up to either
a) Firefox upstream
b) The Debian firefox maintainers
It certainly isn't
On Tue, May 30, 2006 at 07:14:11PM +0200, Jeroen van Wolffelaar wrote:
On Tue, May 30, 2006 at 09:55:16AM +0200, Thijs Kinkhorst wrote:
On Sun, 2006-05-28 at 22:11 +0100, Steve Kemp wrote:
Uploaded.
Thanks! But... can't find the upload anywhere? Maybe something went
wrong or am I
On Sun, May 28, 2006 at 11:02:18PM +0200, Thijs Kinkhorst wrote:
On Tue, 2006-05-23 at 12:36 +0200, Thijs Kinkhorst wrote:
Problem is that Jeroen announced that he's on a trip through Mexico
now,
so I'm left without someone to upload. Maybe the (testing) security
team
or any other DD
On Mon, Apr 03, 2006 at 10:59:32PM +0200, Matteo Croce wrote:
Package: passwd
Version: 1:4.0.14-9
Severity: critical
Tags: security
Justification: root security hole
Just press ^D instead of the new password and passwd will segfaults.
I think that this is grave because it's set uid root.
On Wed, Feb 15, 2006 at 02:01:51PM +1100, Geoff Crompton wrote:
This bug has been closed for unstable (see bug 350964) with the 4.6
upload, but will it be fixed for sarge?
Please see DSA-969-1 released two days ago:
http://www.us.debian.org/security/2006/dsa-969
Sarge is fixed.
On Wed, Jan 25, 2006 at 12:29:32PM +0100, Thierry Reding wrote:
* Bastian Blank wrote:
Package: komi
Version: 1.03-4
Severity: serious
There was an error while trying to autobuild your package:
I've investigated this a bit, and it looks like the upstream Makefile links
On Sat, Jan 21, 2006 at 07:17:36PM -0500, Chris Howie wrote:
Package: tor
Version: 0.1.0.16-1
Severity: grave
Tags: security
Justification: user security hole
Tor isn't included in a Debian stable release, so no need for
a DSA.
Steve
--
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
On Wed, Jan 11, 2006 at 03:46:19PM -0600, Bonilla, Alejandro wrote:
I have sent the strace of apachetop and the bug system is not letting it
in, maybe as an spam check?
Here goes again attached.
Cheers, got it.
Looks like I tracked down the bug without this. See :
Package: smstools
Version: 1.16-1+b1
Severity: grave
Justification: user security hole
Tags: security
*** Please type your report below this line ***
A DSA has just been released for smstools due to an insecure
usage of syslog in the logging code.
The following patch will correct the
On Fri, Dec 23, 2005 at 12:10:00AM +0100, Florian Ernst wrote:
Steve, btw, any news on CVE-2005-3302 aka bug#330895 (arbitrary code
execution when importing a .bvh file)? Last I heard you were going to
prepare an update unless anybody had an issue with the changes made,
yet I haven't heard of
On Fri, Dec 23, 2005 at 05:56:59PM +0100, Wouter van Heyst wrote:
It looks good to me. I've built a package and if nobody has any
objections I'll upload later today.
No objections from me.
Great I already uploaded the package ;)
Steve
--
--
To UNSUBSCRIBE, email to [EMAIL
On Tue, Nov 22, 2005 at 12:36:46PM +0100, S. Thommerel wrote:
To reproduce this bug:
su root and then load firefox from the term. Then launch firefox from
another unrelated and normal user terminal. The newly launched firefox reads
root's
profile and gets root's rights.
Isn't this
On Sun, Nov 20, 2005 at 08:17:17PM +0100, Uwe Zeisberger wrote:
Tags: security patch
With the attached patch applied, it uses mktemp for their creation.
The patch is .. missing.
Steve
--
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact
On Wed, Nov 16, 2005 at 02:05:11PM +0100, Loic Minier wrote:
Security team, did you start work on CVE-2005-3186 and CVE-2005-2975,
CVE-2005-2976 (not described in this report)? Ubuntu has released some
packages which might help http://www.ubuntu.com/usn/usn-216-1.
Do you need the Gtk
On Wed, Nov 09, 2005 at 04:42:08AM -0800, Charles Stevenson wrote:
Due to a bug in the environment variable substitution code it is
possible to inject environment variables such as LD_PRELOAD and gain a
root shell.
Confirmed.
Joey we'll need an ID for it.
I guess we need to use two
The following patch extracted from the SF.net discussion linked
above fixes the issue for me.
Steve
--
--- xine-ui-0.99.3.orig/src/xitk/menus.c
+++ xine-ui-0.99.3/src/xitk/menus.c
@@ -425,8 +425,7 @@
int x, y;
xitk_menu_widget_t menu;
char
Package: wordpress
Version: 1.5.2-2
Severity: grave
Justification: user security hole
As described upon the following bugtraq post the class Snoopy which
is included in wordpress potentially allows arbitary command execution.
On Sun, Oct 23, 2005 at 08:19:35PM -0400, Collin E Borrlewyn wrote:
vncserver lets me in without supplying the full password.
To reproduce this:
start vncserver: vncserver :1
whe prompted enter a password of eight or more characters
start xvncviewer and connect to :1
when prompted enter
On Thu, Oct 13, 2005 at 10:52:28AM +0200, Michal ??iha?? wrote:
xine announcement [1] is four day old, it says issue has been found by
Debian Security Audit Project, so I'd expect that Debian will have it
fixed also :-).
We do.
Sorry if you're already working on this issue and I interrupt
On Mon, Sep 26, 2005 at 09:23:16AM -0500, John Goerzen wrote:
Attached are the patches that Joey (Schulze) approved.
Can you (or Joey) comment: did you use a different patch because you
believe mine to be insecure, or for a different reason? (That's an
important question, since as you
Package: anon-proxy
Version: 00.02.39-7
Severity: serious
Tags: patch, upstream
The logging code in anon-proxy contains a misuse of the syslog function
allowing potential remote compromise of the host it is running upon.
(This depends whether logging is enabled).
The patch below fixes
On Sat, Aug 27, 2005 at 07:03:55PM -0400, Andres Salomon wrote:
Certainly. Once the advisory is out I can make an upload if Joy
hasn't already made one.
I can also do an upload; Joy already said I should comaintain, I've just
been waiting for racke to do a new courier upload so
On Sat, Aug 27, 2005 at 12:27:51PM +0200, Martin Schulze wrote:
Thanks a lot for the report. This is CAN-2005-2655.
The bug affects 1.5.3-1.1 sarge/etch/sid and 1.8.1-2 in experimental,
and should be easy to fix: Just add setgid(getgid()) before the
execvp(). I tested the attached patch
On Tue, Mar 15, 2005 at 01:36:08AM +0100, txemi wrote:
Package: dsniff
Version: 2.4b1-8
Severity: grave
dsniff fails this way in debian testing after last upgrade:
Strange it works for me.
$ sudo dsniff
dsniff: error while loading shared libraries: libnids.so.1.19: cannot
open shared
On Tue, Mar 15, 2005 at 01:36:08AM +0100, txemi wrote:
Package: dsniff
Version: 2.4b1-8
I spoke too soon.
libnids 1.20 has made it into testing. dsniff version 2.4b1-9 has
not.
This is not something I can fix, when the most recent version of
dsniff makes it into testing your problem
On Wed, Feb 16, 2005 at 06:53:07PM +, Dafydd Harries wrote:
Filing this bug to track the security hole in the DSA below. Apparently
a fix for unstable has not yet been uploaded.
Since I don't have a copy of the original security patch, I tried to
extract the changes by interdiffing
99 matches
Mail list logo
