Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=192830
Summary: CVE-2006-2453 Additional dia format string flaws
Product: Fedora Extras
Version: fc5
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: dia
AssignedTo: j.w.r.degoede(a)hhs.nl
ReportedBy: bressers(a)redhat.com
QAContact: extras-qa(a)fedoraproject.org
CC: extras-qa(a)fedoraproject.org,fedora-security-
list(a)redhat.com
A number of additional format string issues were discovered by Hans de Goede and
has been assigned the CVE id CVE-2006-2453.
The fix is attachment 129852
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=215136
Summary: CVE-2006-5864: gv <= 3.6.2 stack-based buffer overflow
Product: Fedora Extras
Version: fc6
Platform: All
URL: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5864
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: gv
AssignedTo: orion(a)cora.nwra.com
ReportedBy: ville.skytta(a)iki.fi
QAContact: extras-qa(a)fedoraproject.org
CC: extras-qa(a)fedoraproject.org,fedora-security-
list(a)redhat.com
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5864
"Stack-based buffer overflow in the ps_gettext function in ps.c for GNU gv
3.6.2, and possibly earlier versions, allows user-assisted attackers to execute
arbitrary code via a PostScript (PS) file with certain headers that contain long
comments, as demonstrated using the DocumentMedia header."
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=209167
Summary: seamonkey < 1.0.5 multiple vulnerabilities
Product: Fedora Extras
Version: fc4
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: seamonkey
AssignedTo: kengert(a)redhat.com
ReportedBy: ville.skytta(a)iki.fi
QAContact: extras-qa(a)fedoraproject.org
CC: extras-qa(a)fedoraproject.org,fedora-security-
list(a)redhat.com
seamonkey 1.0.4 in FE4 is probably affected by CVE-2006-4253, CVE-2006-4340,
CVE-2006-4565, CVE-2006-4566, CVE-2006-4568, CVE-2006-4570 and CVE-2006-4571.
According to upstream, these are fixed in 1.0.5 (FE5+)
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=216706
Summary: CVE-2006-5793 libpng, libpng10 DoS
Product: Fedora Core
Version: fc6
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: libpng
AssignedTo: tgl(a)redhat.com
ReportedBy: ville.skytta(a)iki.fi
CC: fedora-security-list@redhat.com,mclasen@redhat.com
+++ This bug was initially created as a clone of Bug #215405 +++
Tavis Ormandy told vendor-sec about a OOB memory read flaw in libpng. This flaw
is a denial of service flaw.
quoting the mail from Tavis:
Hello, there's a typo in the sPLT chunk handling code in libpng,
potentially resulting in an OOB read. AFAICT, the extent of the
vulnerability is denial of service, but would appreciate a second pair
of eyes to verify.
Around line ~983 of pngset.c, in png_set_sPLT()
to->entries =3D (png_sPLT_entryp)png_malloc(png_ptr,=20
from->nentries * png_sizeof(png_sPLT_t));
should be `png_sizeof(png_sPLT_entry)`
and the same on this line:
png_memcpy(to->entries, from->entries,
from->nentries * png_sizeof(png_sPLT_t));
This issue also affects RHEL2.1 and RHEL3
-- Additional comment from bressers(a)redhat.com on 2006-11-14 16:28 EST --
This issue is now public:
http://bugs.gentoo.org/show_bug.cgi?id=154380
---
Possibly affected: libpng in FC5, FC6, and devel, and libpng10 in FC5.
(libpng10 in Extras has been updated, see bug 216263)
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=214820
Summary: CVE-2006-5815: proftpd unspecified vulnerability
Product: Fedora Extras
Version: fc6
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: proftpd
AssignedTo: matthias(a)rpmforge.net
ReportedBy: ville.skytta(a)iki.fi
QAContact: extras-qa(a)fedoraproject.org
CC: extras-qa(a)fedoraproject.org,fedora-security-
list(a)redhat.com
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5815
Very little information available at the moment.
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=212699
Summary: CVE-2006-5602: xsupplicant < 1.2.6 memory leaks
Product: Fedora Extras
Version: fc3
Platform: All
URL: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5602
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: xsupplicant
AssignedTo: tcallawa(a)redhat.com
ReportedBy: ville.skytta(a)iki.fi
QAContact: extras-qa(a)fedoraproject.org
CC: extras-qa(a)fedoraproject.org,fedora-security-
list(a)redhat.com
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5602 (FC3 only)
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=208299
Summary: CVE-2006-4976: php-adodb information disclosure
Product: Fedora Extras
Version: fc5
Platform: All
URL: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-4976
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: php-adodb
AssignedTo: gauret(a)free.fr
ReportedBy: ville.skytta(a)iki.fi
QAContact: extras-qa(a)fedoraproject.org
CC: extras-qa(a)fedoraproject.org,fedora-security-
list(a)redhat.com
CVE-2006-4976: The Date Library in John Lim ADOdb Library for PHP allows remote
attackers to obtain sensitive information via a direct request for [...]
There's not much information about this issue (?) available at the moment.
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=212698
Summary: CVE-2006-4513: multiple integer overflows in wv < 1.2.3
Product: Fedora Extras
Version: fc6
Platform: All
URL: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-4513
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: abiword
AssignedTo: uwog(a)uwog.net
ReportedBy: ville.skytta(a)iki.fi
QAContact: extras-qa(a)fedoraproject.org
CC: extras-qa(a)fedoraproject.org,fedora-security-
list(a)redhat.com
+++ This bug was initially created as a clone of Bug #212696 +++
Multiple integer overflows in wv < 1.2.3:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-4513
abiword uses an internal copy of wv, which seems to be 1.0.3 as of abiword
2.4.5, so it may be affected.
Additionally, would it be possible to change abiword to use the system
installed wv instead of the internal one?
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210825
Summary: RSA signature forgery issues in BouncyCastle < 1.34
Product: Fedora Core
Version: fc5
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: java-1.4.2-gcj-compat
AssignedTo: fitzsim(a)redhat.com
ReportedBy: ville.skytta(a)iki.fi
CC: fedora-security-list(a)redhat.com
>From BouncyCastle 1.34 release notes:
Security Advisory If you are using RSA with a public exponent of three you
must upgrade to this release if you want to avoid recent forgery attacks that
have been described against specific implementations of the RSA signature
algorithm.
java-1.4.2-gcj-compat in FC5 ship with BC 1.31 and may thus be affected.
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=213985
Summary: CVE-2006-5705: wordpress < 2.0.5 directory traversal
vulnerability
Product: Fedora Extras
Version: fc6
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: wordpress
AssignedTo: jwb(a)redhat.com
ReportedBy: ville.skytta(a)iki.fi
QAContact: extras-qa(a)fedoraproject.org
CC: extras-qa(a)fedoraproject.org,fedora-security-
list(a)redhat.com
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5705
"Directory traversal vulnerability in plugins/wp-db-backup.php in WordPress
before 2.0.5 allows remote attackers to read arbitrary files via directory
traversal sequences in unspecified parameters related to the backup of fragment
files."
Based on the version number, all FE releases are affected.
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.