[Bug 217950] New: CVE-2006-6169: gnupg2 < 2.0.1 buffer overflow
by Red Hat Bugzilla
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=217950
Summary: CVE-2006-6169: gnupg2 < 2.0.1 buffer overflow
Product: Fedora Extras
Version: fc6
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: gnupg2
AssignedTo: rdieter(a)math.unl.edu
ReportedBy: ville.skytta(a)iki.fi
QAContact: extras-qa(a)fedoraproject.org
CC: extras-qa(a)fedoraproject.org,fedora-security-
list(a)redhat.com
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-6171
"Buffer overflow in the ask_outfile_name function in openfile.c for GnuPG (gpg)
1.4 and 2.0, when running interactively, might allow attackers to execute
arbitrary code via messages that cause the make_printable_string function to
return a longer string than expected while constructing a prompt."
FE[3456] seem affected, devel looks ok.
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
17 years, 4 months
[Bug 216263] New: CVE-2006-5793: libpng10 < 1.0.21 DoS vulnerability
by Red Hat Bugzilla
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=216263
Summary: CVE-2006-5793: libpng10 < 1.0.21 DoS vulnerability
Product: Fedora Extras
Version: fc6
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: libpng10
AssignedTo: paul(a)city-fan.org
ReportedBy: ville.skytta(a)iki.fi
QAContact: extras-qa(a)fedoraproject.org
CC: extras-qa(a)fedoraproject.org,fedora-security-
list(a)redhat.com
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5793
"The sPLT chunk handling code (png_set_sPLT function in pngset.c) in libpng
1.0.6 through 1.2.12 uses a sizeof operator on the wrong data type, which allows
context-dependent attackers to cause a denial of service (crash) via malformed
sPLT chunks that trigger an out-of-bounds read."
Appears to be fixed in 1.0.21.
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
17 years, 4 months
[Bug 216186] New: CVE-2006-5705
by Red Hat Bugzilla
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=216186
Summary: CVE-2006-5705
Product: Fedora Extras
Version: devel
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: wordpress
AssignedTo: jwb(a)redhat.com
ReportedBy: dennis(a)ausil.us
QAContact: extras-qa(a)fedoraproject.org
CC: extras-qa(a)fedoraproject.org,fedora-security-
list(a)redhat.com
Description of problem:
wordpress 2.04 has a multiple security Vulnerabilities little detail is
available 2.05 is reported to be not Vunerable.
Please update FC-4 FC-5 FC-6 and devel to the newer version.
Version-Release number of selected component (if applicable):
How reproducible:
Steps to Reproduce:
1.
2.
3.
Actual results:
Expected results:
Additional info:
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
17 years, 5 months