April 2008 - security [ARCHIVED] - Fedora mailing-lists

[Bug 240397] New: CVE-2007-2721: jasper DoS, heap corruption
by Red Hat Bugzilla 08 Sep '08

08 Sep '08

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=240397 Summary: CVE-2007-2721: jasper DoS, heap corruption Product: Fedora Extras Version: fc6 Platform: All OS/Version: Linux Status: NEW Severity: medium Priority: medium Component: jasper AssignedTo: rdieter(a)math.unl.edu ReportedBy: ville.skytta(a)iki.fi QAContact: extras-qa(a)fedoraproject.org CC: fedora-security-list(a)redhat.com http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2721 "The jpc_qcx_getcompparms function in jpc/jpc_cs.c for the JasPer JPEG-2000 library (libjasper) before 1.900 allows remote user-assisted attackers to cause a denial of service (crash) and possibly corrupt the heap via malformed image files, as originally demonstrated using imagemagick convert." Appears to affect 1.900.1 too. -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

1 3

[Bug 237533] New: CVE-2007-2165: proftpd auth bypass vulnerability
by Red Hat Bugzilla 30 Jul '08

30 Jul '08

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=237533 Summary: CVE-2007-2165: proftpd auth bypass vulnerability Product: Fedora Extras Version: fc6 Platform: All OS/Version: Linux Status: NEW Severity: high Priority: high Component: proftpd AssignedTo: matthias(a)rpmforge.net ReportedBy: ville.skytta(a)iki.fi QAContact: extras-qa(a)fedoraproject.org CC: fedora-security-list(a)redhat.com http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2165 http://bugs.proftpd.org/show_bug.cgi?id=2922 "The Auth API in ProFTPD before 20070417, when multiple simultaneous authentication modules are configured, does not require that the module that checks authentication is the same as the module that retrieves authentication data, which might allow remote attackers to bypass authentication, as demonstrated by use of SQLAuthTypes Plaintext in mod_sql, with data retrieved from /etc/passwd." -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

1 19

[Bug 245211] New: Wordpress 2.2: SQL injection, XSS vulnerabilities
by Red Hat Bugzilla 07 May '08

07 May '08

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245211 Summary: Wordpress 2.2: SQL injection, XSS vulnerabilities Product: Fedora Version: f7 Platform: All OS/Version: Linux Status: NEW Severity: low Priority: low Component: wordpress AssignedTo: jwb(a)redhat.com ReportedBy: ville.skytta(a)iki.fi QAContact: extras-qa(a)fedoraproject.org CC: fedora-security-list(a)redhat.com XML-RPC SQL injection: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3140 Cross site scripting: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3238 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3239 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3240 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3241 Note: these have been reported against Wordpress 2.2, I haven't investigated whether 2.1.3 currently in Fedora is affected. Also, 2.2.1 seems to have been released today, fixing at least some of these issues. -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

1 10

[Bug 307471] New: CVE-2007-13{20-23}, CVE-2007-1366: qemu multiple vulnerabilities
by Red Hat Bugzilla 06 May '08

06 May '08

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. https://bugzilla.redhat.com/show_bug.cgi?id=307471 Summary: CVE-2007-13{20-23}, CVE-2007-1366: qemu multiple vulnerabilities Product: Fedora Version: fc6 Platform: All URL: http://www.vuxml.org/freebsd/0ac89b39-f829-11db-b55c- 000e0c6d38a9.html OS/Version: Linux Status: NEW Severity: medium Priority: medium Component: qemu AssignedTo: dwmw2(a)infradead.org ReportedBy: clalance(a)redhat.com QAContact: extras-qa(a)fedoraproject.org CC: fedora-security-list@redhat.com,j.w.r.degoede@hhs.nl +++ This bug was initially created as a clone of Bug #238723 +++ Not sure if these affect any qemu versions in Fedora, but here goes: http://www.vuxml.org/freebsd/0ac89b39-f829-11db-b55c-000e0c6d38a9.html "Several vulnerabilities have been discovered in the QEMU processor emulator, which may lead to the execution of arbitrary code or denial of service. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-1320 Tavis Ormandy discovered that a memory management routine of the Cirrus video driver performs insufficient bounds checking, which might allow the execution of arbitrary code through a heap overflow. CVE-2007-1321 Tavis Ormandy discovered that the NE2000 network driver and the socket code perform insufficient input validation, which might allow the execution of arbitrary code through a heap overflow. CVE-2007-1322 Tavis Ormandy discovered that the "icebp" instruction can be abused to terminate the emulation, resulting in denial of service. CVE-2007-1323 Tavis Ormandy discovered that the NE2000 network driver and the socket code perform insufficient input validation, which might allow the execution of arbitrary code through a heap overflow. CVE-2007-1366 Tavis Ormandy discovered that the "aam" instruction can be abused to crash qemu through a division by zero, resulting in denial of service." -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

1 4

[Bug 187353] CVE-2006-1390 nethack: Local privilege escalation via crafted score file
by Red Hat Bugzilla 04 Apr '08

04 Apr '08

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: CVE-2006-1390 nethack: Local privilege escalation via crafted score file Alias: CVE-2006-1390 https://bugzilla.redhat.com/show_bug.cgi?id=187353 ------- Additional Comments From metcalfegreg(a)qwest.net 2008-04-04 15:09 EST ------- yum localinstall failed w/ "Package nethack-3.4.3-17.fc7.i386.rpm is not signed", but it went in via rpm. Link problem fixed. -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

1 0

[Bug 187353] CVE-2006-1390 nethack: Local privilege escalation via crafted score file
by Red Hat Bugzilla 04 Apr '08

04 Apr '08

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: CVE-2006-1390 nethack: Local privilege escalation via crafted score file Alias: CVE-2006-1390 https://bugzilla.redhat.com/show_bug.cgi?id=187353 ------- Additional Comments From lmacken(a)redhat.com 2008-04-04 14:15 EST ------- (In reply to comment #12) > I just installed it, and got this error, as I have no /etc/X11/fontpath.d/: > ln: creating symbolic link `/etc/X11/fontpath.d/nethack': No such file or directory > error: %post(nethack-3.4.3-16.fc7.i386) scriptlet failed, exit status 1 > Installed: nethack.i386 0:3.4.3-16.fc7 > Complete! Oops! I fixed this a couple of months ago, but never pushed an update out. http://admin.fedoraproject.org/updates/F7/pending/nethack-3.4.3-17.fc7 Should fix that issue. -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

1 0

[Bug 187353] CVE-2006-1390 nethack: Local privilege escalation via crafted score file
by Red Hat Bugzilla 04 Apr '08

04 Apr '08

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: CVE-2006-1390 nethack: Local privilege escalation via crafted score file Alias: CVE-2006-1390 https://bugzilla.redhat.com/show_bug.cgi?id=187353 ------- Additional Comments From metcalfegreg(a)qwest.net 2008-04-04 13:44 EST ------- My group count is already up to 60, with one user. IMHO, adding another for some random game is not optimal. It only life makes life harder for people writing system profiling/hardening/management tools, and systems administrators that would like to use them to manage groups of machines. A best practice for *writing* SUID/SGID programs is to use those privileges as early as possible, then revoke them. If nethack isn't doing that, I have to wonder what other problems it might have, and whether I should allow it on the system at all. I just installed it, and got this error, as I have no /etc/X11/fontpath.d/: ln: creating symbolic link `/etc/X11/fontpath.d/nethack': No such file or directory error: %post(nethack-3.4.3-16.fc7.i386) scriptlet failed, exit status 1 Installed: nethack.i386 0:3.4.3-16.fc7 Complete! So, another problem. I started it, and find the following files in var/games/nethack: -rw-rw-r-- 1 root games 0 2008-01-23 12:48 logfile -rw-rw-r-- 1 root games 0 2008-01-23 12:48 perm -rw-rw-r-- 1 root games 0 2008-01-23 12:48 record drwxrwxr-x 2 root games 4096 2008-01-23 12:48 save I quit, and logfile contains: 3.4.3 0 0 1 1 14 14 0 20080404 20080404 500 Pri Hum Fem Cha gregm,quit So it does have to write into /var/log, as current designed. Some other characteristics of the executable: $ eu-readelf -l /usr/games/nethack-3.4.3/nethack | fgrep STACK | awk '{ print $7 }' RW eu-readelf -d /usr/games/nethack-3.4.3/nethack | fgrep -q TEXTREL exits with 1, so the program contains no text relocations. So at least those bits are OK. But I wonder if this program couldn't have been better written, to use /tmp, then call a logger before exit. I just don't like the idea of adding yet another group for some random game. -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

1 0

[Bug 187353] CVE-2006-1390 nethack: Local privilege escalation via crafted score file
by Red Hat Bugzilla 04 Apr '08

04 Apr '08

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: CVE-2006-1390 nethack: Local privilege escalation via crafted score file Alias: CVE-2006-1390 https://bugzilla.redhat.com/show_bug.cgi?id=187353 ------- Additional Comments From j.w.r.degoede(a)hhs.nl 2008-04-04 10:19 EST ------- (In reply to comment #10) > (In reply to comment #8) > > From me (repeating myself from comment #3): > > > > Although users are not in the games group on Fedora this is still a problem, > > this hole allows the following scenario: > > - find a sgid game which is exploitable to get games gid rights > > - use the games gid rights to drop a crafted file which will > > exploit nethack when opened by nethack. > > - once another users runs nethack and opens the crafted file > > unwanted things get done with the rights of the other user. > > > > So although low priority this needs fixing never the less. > > So, do you think we should try and get the patch from upstream, or do the same > thing that you did with vultures eye and create a separate 'nethack' group ? I vote for creating a seperate group, because AFAIK nethack needs several files under /var/games and opens / close these several times during one run of the game, making early sgid dropping, as we do with other games impossible (or atleast quite hard todo), so putting it in its own group probably is best. For more on the early sgid dropping we do, see: http://fedoraproject.org/wiki/SIGs/Games/Packaging#head-193b9a502a42098e625… The idea here is that if even if one manages to subvert a sgid games game, one does still not have access to gid games rights, as those have been dropt, so the damaged for a subverted game is limited to write access to that games highscore file. -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

1 0

[Bug 187353] CVE-2006-1390 nethack: Local privilege escalation via crafted score file
by Red Hat Bugzilla 04 Apr '08

04 Apr '08

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: CVE-2006-1390 nethack: Local privilege escalation via crafted score file Alias: CVE-2006-1390 https://bugzilla.redhat.com/show_bug.cgi?id=187353 lmacken(a)redhat.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |lmacken(a)redhat.com ------- Additional Comments From lmacken(a)redhat.com 2008-04-04 09:44 EST ------- (In reply to comment #8) > From me (repeating myself from comment #3): > > Although users are not in the games group on Fedora this is still a problem, > this hole allows the following scenario: > - find a sgid game which is exploitable to get games gid rights > - use the games gid rights to drop a crafted file which will > exploit nethack when opened by nethack. > - once another users runs nethack and opens the crafted file > unwanted things get done with the rights of the other user. > > So although low priority this needs fixing never the less. So, do you think we should try and get the patch from upstream, or do the same thing that you did with vultures eye and create a separate 'nethack' group ? -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

1 0

[Bug 187353] CVE-2006-1390 nethack: Local privilege escalation via crafted score file
by Red Hat Bugzilla 04 Apr '08

04 Apr '08

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: CVE-2006-1390 nethack: Local privilege escalation via crafted score file Alias: CVE-2006-1390 https://bugzilla.redhat.com/show_bug.cgi?id=187353 thoger(a)redhat.com changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|Possible security issue |CVE-2006-1390 nethack: Local | |privilege escalation via | |crafted score file -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

1 0

[Bug 187353] Possible security issue
by Red Hat Bugzilla 04 Apr '08

04 Apr '08

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Possible security issue Alias: CVE-2006-1390 https://bugzilla.redhat.com/show_bug.cgi?id=187353 jonstanley(a)gmail.com changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|lmacken(a)redhat.com |security-response- | |team(a)redhat.com QAContact|extras-qa(a)fedoraproject.org | -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

1 0

[Bug 187353] Possible security issue
by Red Hat Bugzilla 04 Apr '08

04 Apr '08

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Possible security issue Alias: CVE-2006-1390 https://bugzilla.redhat.com/show_bug.cgi?id=187353 jonstanley(a)gmail.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jonstanley(a)gmail.com Component|nethack |vulnerability Product|Fedora |Security Response Version|rawhide |unspecified ------- Additional Comments From jonstanley(a)gmail.com 2008-04-04 08:16 EST ------- Changing product to Security Response -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

1 0

[Bug 187353] Possible security issue
by Red Hat Bugzilla 04 Apr '08

04 Apr '08

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Possible security issue Alias: CVE-2006-1390 https://bugzilla.redhat.com/show_bug.cgi?id=187353 ------- Additional Comments From j.w.r.degoede(a)hhs.nl 2008-04-04 07:30 EST ------- >From me (repeating myself from comment #3): Although users are not in the games group on Fedora this is still a problem, this hole allows the following scenario: - find a sgid game which is exploitable to get games gid rights - use the games gid rights to drop a crafted file which will exploit nethack when opened by nethack. - once another users runs nethack and opens the crafted file unwanted things get done with the rights of the other user. So although low priority this needs fixing never the less. -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

1 0

[Bug 187353] Possible security issue
by Red Hat Bugzilla 04 Apr '08

04 Apr '08

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Possible security issue Alias: CVE-2006-1390 https://bugzilla.redhat.com/show_bug.cgi?id=187353 ------- Additional Comments From lmacken(a)redhat.com 2008-04-04 07:23 EST ------- >From upstream: " We could probably extract the relevant changes, but I don't think that you actually need them. The real security bug is being caused by gentoo's policy of giving users full access to the same group as nethack's setgid setting. They shot themselves in the foot here, by allowing users to modify the score file outside of nethack. The lax buffer handling has been (or will be, from a 3.4.3 perspective...) fixed, but it is not exploitable in a standard installation where nethack runs in a group whose files can't be manipulated by arbitrary users. I assume that redhat/fedora doesn't have the same config issue as gentoo. If I'm wrong, then you should change nethack to run in a distinct group rather than--or in addition to-- patching its score file parsing code." -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

1 0

[Bug 187353] Possible security issue
by Red Hat Bugzilla 04 Apr '08

04 Apr '08

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Possible security issue Alias: CVE-2006-1390 https://bugzilla.redhat.com/show_bug.cgi?id=187353 j.w.r.degoede(a)hhs.nl changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |ASSIGNED Flag|needinfo? | -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

1 0

[Bug 187353] Possible security issue
by Red Hat Bugzilla 04 Apr '08

04 Apr '08

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Possible security issue Alias: CVE-2006-1390 https://bugzilla.redhat.com/show_bug.cgi?id=187353 j.w.r.degoede(a)hhs.nl changed: What |Removed |Added ---------------------------------------------------------------------------- Status Whiteboard| bzcl34nup |bzcl34nup Flag| |needinfo? ------- Additional Comments From j.w.r.degoede(a)hhs.nl 2008-04-04 05:33 EST ------- AFAIK (might have get fixed through upstream) this bug is still present in rawhide, gentoo has a patch for this here: http://bugs.gentoo.org/attachment.cgi?id=139487&action=view Worth fixing, not sure if its worth marking the fix security though IMHO. -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

1 0

[Bug 233705] New: CVE-2007-0653 XMMS multiple issues (CVE-2007-0654)
by Red Hat Bugzilla 04 Apr '08

04 Apr '08

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=233705 Summary: CVE-2007-0653 XMMS multiple issues (CVE-2007-0654) Product: Fedora Extras Version: fc6 Platform: All OS/Version: Linux Status: NEW Severity: low Priority: normal Component: xmms AssignedTo: paul(a)all-the-johnsons.co.uk ReportedBy: ville.skytta(a)iki.fi QAContact: extras-qa(a)fedoraproject.org CC: fedora-security-list(a)redhat.com Cloning RHEL bug for FE[56]. +++ This bug was initially created as a clone of Bug #228013 +++ Sven Krewitt of Secunia reported two flaws he discovered in the way XMMS handles skin files. Here are the technical details provided by Sven: --- Details --- CVE-2007-0654 1) An integer underflow error exists when loading skin bitmap images, which can be exploited to cause a stack-based buffer overflow via specially crafted skin images containing manipulated header information. The vulnerability is caused due to errors within "read_bmp()" in xmms/bmp.c when loading skin bitmap images. -- xmms/bmp.c -- GdkPixmap *read_bmp(gchar * filename) [...] fseek(file, 8, SEEK_CUR); read_le_long(file, &offset); <-- [1] read_le_long(file, &headSize); [...] else if (bitcount != 24 && bitcount != 16 && bitcount != 32) { gint ncols, i; ncols = offset - headSize - 14; <-- [2] if (headSize == 12) { ncols = MIN(ncols / 3, 256); for (i = 0; i < ncols; i++) fread(&rgb_quads[i], 3, 1, file); } else { ncols = MIN(ncols / 4, 256); fread(rgb_quads, 4, ncols, file); <-- [3] [...] ----- "offset" [1] is not properly verified before being used to calculate "ncols" [2]. "bitcount" has to be set to a different value than 24, 16 or 32 (but can also be user controlled). This can be exploited to cause a integer underflow, resulting in a stack based buffer overflow, which can be used to overwrite the return address of "read_bmp()" [3]. Successful exploitation allows execution of arbitrary code. CVE-2007-0653 2) An integer overflow error exists when loading skin bitmap images. This can be exploited to cause a memory corruption via specially crafted skin images containing manipulated header information. -- xmms/bmp.c -- GdkPixmap *read_bmp(gchar * filename) [...] else if (headSize == 40) /* BITMAPINFO */ { guint16 tmp; read_le_long(file, &w); <-- [4] read_le_long(file, &h); <-- [4] [...] fseek(file, offset, SEEK_SET); buffer = g_malloc(imgsize); fread(buffer, imgsize, 1, file); fclose(file); data = g_malloc0((w * 3 * h) + 3); <-- [5] if (bitcount == 1) ---- -- Additional comment from bressers(a)redhat.com on 2007-02-09 10:23 EST -- These flaws also affect RHEL2.1 and RHEL3 -- Additional comment from davidz(a)redhat.com on 2007-02-09 12:32 EST -- Are there patches for these yet? -- Additional comment from bressers(a)redhat.com on 2007-02-09 13:19 EST -- There are no patches yet. I'm still trying to contact someone upstream about this. If you have any upstream contacts, please let me know. -- Additional comment from bressers(a)redhat.com on 2007-03-21 09:26 EST -- Lifting embargo -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

1 7

[Bug 229990] New: CVE-2007-1030: libevent < 1.3 DoS
by Red Hat Bugzilla 04 Apr '08

04 Apr '08

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=229990 Summary: CVE-2007-1030: libevent < 1.3 DoS Product: Fedora Extras Version: devel Platform: All OS/Version: Linux Status: NEW Severity: medium Priority: normal Component: libevent AssignedTo: redhat-bugzilla(a)camperquake.de ReportedBy: ville.skytta(a)iki.fi QAContact: extras-qa(a)fedoraproject.org CC: fedora-security-list@redhat.com,steved@redhat.com http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1030 "Niels Provos libevent 1.2 and 1.2a allows remote attackers to cause a denial of service (infinite loop) via a DNS response containing a label pointer that references its own offset." FE5 and FC6 are at 1.1a, not clear if those versions are affected. Rawhide was updated to 1.2a a few days ago, however (unlike the changelog says) the latest upstream is 1.3a, not 1.2a. -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

1 7

[Bug 187353] Possible security issue
by Red Hat Bugzilla 03 Apr '08

03 Apr '08

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Possible security issue Alias: CVE-2006-1390 https://bugzilla.redhat.com/show_bug.cgi?id=187353 ------- Additional Comments From fedora-triage-list(a)redhat.com 2008-04-03 13:11 EST ------- Based on the date this bug was created, it appears to have been reported against rawhide during the development of a Fedora release that is no longer maintained. In order to refocus our efforts as a project we are flagging all of the open bugs for releases which are no longer maintained. If this bug remains in NEEDINFO thirty (30) days from now, we will automatically close it. If you can reproduce this bug in a maintained Fedora version (7, 8, or rawhide), please change this bug to the respective version and change the status to ASSIGNED. (If you're unable to change the bug's version or status, add a comment to the bug and someone will change it for you.) Thanks for your help, and we apologize again that we haven't handled these issues to this point. The process we're following is outlined here: http://fedoraproject.org/wiki/BugZappers/F9CleanUp We will be following the process here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping to ensure this doesn't happen again. -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

1 0

[Bug 187353] Possible security issue
by Red Hat Bugzilla 03 Apr '08

03 Apr '08

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Possible security issue Alias: CVE-2006-1390 https://bugzilla.redhat.com/show_bug.cgi?id=187353 fedora-triage-list(a)redhat.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

1 0

[Bug 187353] Possible security issue
by Red Hat Bugzilla 03 Apr '08

03 Apr '08

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Possible security issue Alias: CVE-2006-1390 https://bugzilla.redhat.com/show_bug.cgi?id=187353 fedora-triage-list(a)redhat.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status Whiteboard| | bzcl34nup -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

1 0

[Bug 187353] Possible security issue
by Red Hat Bugzilla 03 Apr '08

03 Apr '08

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Possible security issue Alias: CVE-2006-1390 https://bugzilla.redhat.com/show_bug.cgi?id=187353 bugzilla(a)redhat.com changed: What |Removed |Added ---------------------------------------------------------------------------- Severity|normal |medium Priority|normal |medium Product|Fedora Extras |Fedora Alias| |CVE-2006-1390 Version|devel |rawhide fedora-triage-list(a)redhat.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |fedora-triage- | |list(a)redhat.com -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

1 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

security [ARCHIVED] April 2008