Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=192830
Summary: CVE-2006-2453 Additional dia format string flaws
Product: Fedora Extras
Version: fc5
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: dia
AssignedTo: j.w.r.degoede(a)hhs.nl
ReportedBy: bressers(a)redhat.com
QAContact: extras-qa(a)fedoraproject.org
CC: extras-qa(a)fedoraproject.org,fedora-security-
list(a)redhat.com
A number of additional format string issues were discovered by Hans de Goede and
has been assigned the CVE id CVE-2006-2453.
The fix is attachment 129852
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=215136
Summary: CVE-2006-5864: gv <= 3.6.2 stack-based buffer overflow
Product: Fedora Extras
Version: fc6
Platform: All
URL: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5864
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: gv
AssignedTo: orion(a)cora.nwra.com
ReportedBy: ville.skytta(a)iki.fi
QAContact: extras-qa(a)fedoraproject.org
CC: extras-qa(a)fedoraproject.org,fedora-security-
list(a)redhat.com
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5864
"Stack-based buffer overflow in the ps_gettext function in ps.c for GNU gv
3.6.2, and possibly earlier versions, allows user-assisted attackers to execute
arbitrary code via a PostScript (PS) file with certain headers that contain long
comments, as demonstrated using the DocumentMedia header."
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=220041
Summary: CVE-2006-6625, CVE-2006-6626: moodle XSS vulnerabilities
Product: Fedora Extras
Version: fc6
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: moodle
AssignedTo: imlinux(a)gmail.com
ReportedBy: ville.skytta(a)iki.fi
QAContact: extras-qa(a)fedoraproject.org
CC: extras-qa(a)fedoraproject.org,fedora-security-
list(a)redhat.com
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-6625
Reported against 1.6.1 but an upstream patch which I suppose fixes this is not
applied in 1.6.3:
http://moodle.cvs.sourceforge.net/moodle/moodle/mod/forum/discuss.php?r1=1.…http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-6626
Reported against 1.5, too little information available at the moment to say
whether this is an issue with 1.6.3.
All FC4+ distro releases are equally affected (or not).
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=209167
Summary: seamonkey < 1.0.5 multiple vulnerabilities
Product: Fedora Extras
Version: fc4
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: seamonkey
AssignedTo: kengert(a)redhat.com
ReportedBy: ville.skytta(a)iki.fi
QAContact: extras-qa(a)fedoraproject.org
CC: extras-qa(a)fedoraproject.org,fedora-security-
list(a)redhat.com
seamonkey 1.0.4 in FE4 is probably affected by CVE-2006-4253, CVE-2006-4340,
CVE-2006-4565, CVE-2006-4566, CVE-2006-4568, CVE-2006-4570 and CVE-2006-4571.
According to upstream, these are fixed in 1.0.5 (FE5+)
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=216706
Summary: CVE-2006-5793 libpng, libpng10 DoS
Product: Fedora Core
Version: fc6
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: libpng
AssignedTo: tgl(a)redhat.com
ReportedBy: ville.skytta(a)iki.fi
CC: fedora-security-list@redhat.com,mclasen@redhat.com
+++ This bug was initially created as a clone of Bug #215405 +++
Tavis Ormandy told vendor-sec about a OOB memory read flaw in libpng. This flaw
is a denial of service flaw.
quoting the mail from Tavis:
Hello, there's a typo in the sPLT chunk handling code in libpng,
potentially resulting in an OOB read. AFAICT, the extent of the
vulnerability is denial of service, but would appreciate a second pair
of eyes to verify.
Around line ~983 of pngset.c, in png_set_sPLT()
to->entries =3D (png_sPLT_entryp)png_malloc(png_ptr,=20
from->nentries * png_sizeof(png_sPLT_t));
should be `png_sizeof(png_sPLT_entry)`
and the same on this line:
png_memcpy(to->entries, from->entries,
from->nentries * png_sizeof(png_sPLT_t));
This issue also affects RHEL2.1 and RHEL3
-- Additional comment from bressers(a)redhat.com on 2006-11-14 16:28 EST --
This issue is now public:
http://bugs.gentoo.org/show_bug.cgi?id=154380
---
Possibly affected: libpng in FC5, FC6, and devel, and libpng10 in FC5.
(libpng10 in Extras has been updated, see bug 216263)
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=219938
Summary: CVE-2006-6563: proftpd < 1.3.1rc1 mod_ctrls buffer
overflow
Product: Fedora Extras
Version: fc6
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: proftpd
AssignedTo: matthias(a)rpmforge.net
ReportedBy: ville.skytta(a)iki.fi
QAContact: extras-qa(a)fedoraproject.org
CC: extras-qa(a)fedoraproject.org,fedora-security-
list(a)redhat.com
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-6563
"Stack-based buffer overflow in the pr_ctrls_recv_request function in ctrls.c in
the mod_ctrls module in ProFTPD before 1.3.1rc1 allows local users to execute
arbitrary code via a large reqarglen length value."
All FC-3+ releases possibly affected.
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=214820
Summary: CVE-2006-5815: proftpd unspecified vulnerability
Product: Fedora Extras
Version: fc6
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: proftpd
AssignedTo: matthias(a)rpmforge.net
ReportedBy: ville.skytta(a)iki.fi
QAContact: extras-qa(a)fedoraproject.org
CC: extras-qa(a)fedoraproject.org,fedora-security-
list(a)redhat.com
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5815
Very little information available at the moment.
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=221023
Summary: CVE-2006-6808: wordpress 2.0.5 XSS vulnerability
Product: Fedora Extras
Version: fc6
Platform: All
OS/Version: Linux
Status: NEW
Severity: high
Priority: normal
Component: wordpress
AssignedTo: jwb(a)redhat.com
ReportedBy: ville.skytta(a)iki.fi
QAContact: extras-qa(a)fedoraproject.org
CC: fedora-security-list(a)redhat.com
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-6808
"Cross-site scripting (XSS) vulnerability in wp-admin/templates.php in WordPress
2.0.5 allows remote attackers to inject arbitrary web script or HTML via the
file parameter."
All FE4+ releases affected. This is supposedly fixed in 2.0.6, but it looks
like it hasn't been released yet. Patch at http://trac.wordpress.org/changeset/4665
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=212699
Summary: CVE-2006-5602: xsupplicant < 1.2.6 memory leaks
Product: Fedora Extras
Version: fc3
Platform: All
URL: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5602
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: xsupplicant
AssignedTo: tcallawa(a)redhat.com
ReportedBy: ville.skytta(a)iki.fi
QAContact: extras-qa(a)fedoraproject.org
CC: extras-qa(a)fedoraproject.org,fedora-security-
list(a)redhat.com
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5602 (FC3 only)
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=219937
Summary: CVE-2006-6574: mantis < 1.1.0a2 information disclosure
Product: Fedora Extras
Version: fc6
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: mantis
AssignedTo: giallu(a)gmail.com
ReportedBy: ville.skytta(a)iki.fi
QAContact: extras-qa(a)fedoraproject.org
CC: extras-qa(a)fedoraproject.org,fedora-security-
list(a)redhat.com
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-6574
"Mantis before 1.1.0a2 does not implement per-item access control for Issue
History (Bug History), which allows remote attackers to obtain sensitive
information by reading the Change column, as demonstrated by the Change column
of a custom field."
All FE releases are possibly affected.
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.