Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--metadata/glsa/glsa-201709-04.xml55
-rw-r--r--metadata/glsa/glsa-201709-05.xml50
-rw-r--r--metadata/glsa/glsa-201709-06.xml56
-rw-r--r--metadata/glsa/glsa-201709-07.xml60
-rw-r--r--metadata/glsa/glsa-201709-08.xml66
-rw-r--r--metadata/glsa/glsa-201709-09.xml75
6 files changed, 362 insertions, 0 deletions
diff --git a/metadata/glsa/glsa-201709-04.xml b/metadata/glsa/glsa-201709-04.xml
new file mode 100644
index 000000000000..d64934455429
--- /dev/null
+++ b/metadata/glsa/glsa-201709-04.xml
@@ -0,0 +1,55 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="201709-04">
+ <title>mod_gnutls: Certificate validation error</title>
+ <synopsis>A vulnerability in mod_gnutls allows remote attackers to spoof
+ clients via crafted certificates.
+ </synopsis>
+ <product type="ebuild">mod_gnutls</product>
+ <announced>2017-09-17</announced>
+ <revised>2017-09-17: 1</revised>
+ <bug>541038</bug>
+ <access>remote</access>
+ <affected>
+ <package name="www-apache/mod_gnutls" auto="yes" arch="*">
+ <unaffected range="ge">0.7.3</unaffected>
+ <vulnerable range="lt">0.7.3</vulnerable>
+ </package>
+ </affected>
+ <background>
+ <p>mod_gnutls is an extension for ​Apache’s httpd. It uses the
+ ​GnuTLS library to provide HTTPS. It supports some protocols and
+ features that mod_ssl does not.
+ </p>
+
+ </background>
+ <description>
+ <p>It was discovered that the authentication hook in mod_gnutls does not
+ validate client’s certificates even when option
+ “GnuTLSClientVerify” is set to “require”.
+ </p>
+ </description>
+ <impact type="normal">
+ <p>A remote attacker could present a crafted certificate and spoof clients
+ data.
+ </p>
+ </impact>
+ <workaround>
+ <p>There is no known workaround at this time.</p>
+ </workaround>
+ <resolution>
+ <p>All mod_gnutls users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose "&gt;=www-apache/mod_gnutls-0.7.3"
+ </code>
+ </resolution>
+ <references>
+ <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2091">
+ CVE-2015-2091
+ </uri>
+ </references>
+ <metadata tag="requester" timestamp="2017-06-17T21:37:14Z">whissi</metadata>
+ <metadata tag="submitter" timestamp="2017-09-17T15:43:18Z">chrisadr</metadata>
+</glsa>
diff --git a/metadata/glsa/glsa-201709-05.xml b/metadata/glsa/glsa-201709-05.xml
new file mode 100644
index 000000000000..771f0cdc9cd3
--- /dev/null
+++ b/metadata/glsa/glsa-201709-05.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="201709-05">
+ <title>chkrootkit: Local privilege escalation</title>
+ <synopsis>A vulnerability in chkrootkit may allow local users to gain root
+ privileges.
+ </synopsis>
+ <product type="ebuild">chkrootkit</product>
+ <announced>2017-09-17</announced>
+ <revised>2017-09-17: 1</revised>
+ <bug>512356</bug>
+ <access>local</access>
+ <affected>
+ <package name="app-forensics/chkrootkit" auto="yes" arch="*">
+ <unaffected range="ge">0.50</unaffected>
+ <vulnerable range="lt">0.50</vulnerable>
+ </package>
+ </affected>
+ <background>
+ <p>chkrootkit is a tool to locally check for signs of a rootkit.</p>
+ </background>
+ <description>
+ <p>When /tmp is mounted without the noexec option chkrootkit will execute
+ files in /tmp with root privileges.
+ </p>
+ </description>
+ <impact type="high">
+ <p>A local attacker could possibly execute arbitrary code with root
+ privileges.
+ </p>
+ </impact>
+ <workaround>
+ <p>Users should mount /tmp with noexec option.</p>
+ </workaround>
+ <resolution>
+ <p>All chkrootkit users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose "&gt;=app-forensics/chkrootkit-0.50"
+ </code>
+ </resolution>
+ <references>
+ <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0476">
+ CVE-2014-0476
+ </uri>
+ </references>
+ <metadata tag="requester" timestamp="2017-09-10T06:30:28Z">BlueKnight</metadata>
+ <metadata tag="submitter" timestamp="2017-09-17T15:44:38Z">chrisadr</metadata>
+</glsa>
diff --git a/metadata/glsa/glsa-201709-06.xml b/metadata/glsa/glsa-201709-06.xml
new file mode 100644
index 000000000000..e7fa1c162310
--- /dev/null
+++ b/metadata/glsa/glsa-201709-06.xml
@@ -0,0 +1,56 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="201709-06">
+ <title>Supervisor: command injection vulnerability</title>
+ <synopsis>A vulnerability in Supervisor might allow remote attackers to
+ execute arbitrary code.
+
+ </synopsis>
+ <product type="ebuild">supervisor</product>
+ <announced>2017-09-17</announced>
+ <revised>2017-09-17: 1</revised>
+ <bug>626100</bug>
+ <access>remote</access>
+ <affected>
+ <package name="app-admin/supervisor" auto="yes" arch="*">
+ <unaffected range="ge">3.1.4</unaffected>
+ <vulnerable range="lt">3.1.4</vulnerable>
+ </package>
+ </affected>
+ <background>
+ <p>Supervisor is a client/server system that allows its users to monitor
+ and control a number of processes on UNIX-like operating systems.
+ </p>
+ </background>
+ <description>
+ <p>A vulnerability in Supervisor was discovered in which an authenticated
+ client could send malicious XML-RPC requests and supervidord will run
+ them as shell commands with process privileges. In some cases,
+ supervisord is configured with root permissions.
+ </p>
+ </description>
+ <impact type="high">
+ <p>A remote attacker could execute arbitrary code with the privileges of
+ the process.
+ </p>
+ </impact>
+ <workaround>
+ <p>There is no known workaround at this time.</p>
+ </workaround>
+ <resolution>
+ <p>All Supervisor users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose "=app-admin/supervisor-3.1.4"
+ </code>
+
+ </resolution>
+ <references>
+ <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-11610">
+ CVE-2017-11610
+ </uri>
+ </references>
+ <metadata tag="requester" timestamp="2017-07-27T14:58:00Z">b-man</metadata>
+ <metadata tag="submitter" timestamp="2017-09-17T15:45:48Z">chrisadr</metadata>
+</glsa>
diff --git a/metadata/glsa/glsa-201709-07.xml b/metadata/glsa/glsa-201709-07.xml
new file mode 100644
index 000000000000..aebd775ed1fa
--- /dev/null
+++ b/metadata/glsa/glsa-201709-07.xml
@@ -0,0 +1,60 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="201709-07">
+ <title>Kpathsea: User-assisted execution of arbitrary code</title>
+ <synopsis>A vulnerability in Kpathsea allows remote attackers to execute
+ arbitrary commands by manipulating the -tex option from mpost program.
+ </synopsis>
+ <product type="ebuild">kpathsea</product>
+ <announced>2017-09-17</announced>
+ <revised>2017-09-17: 1</revised>
+ <bug>612328</bug>
+ <access>remote</access>
+ <affected>
+ <package name="dev-libs/kpathsea" auto="yes" arch="*">
+ <unaffected range="ge">6.2.2_p20160523</unaffected>
+ <vulnerable range="lt">6.2.2_p20160523</vulnerable>
+ </package>
+ </affected>
+ <background>
+ <p>Kpathsea is a library to do path searching. It is used by TeX Live and
+ others TeX related software.
+ </p>
+ </background>
+ <description>
+ <p>It was discovered that the mpost program from the shell_escape_commands
+ list is capable of executing arbitrary external programs during the
+ conversion of .tex files. The responsible function is runpopen()
+ (texmfmp.c).
+ </p>
+ </description>
+ <impact type="normal">
+ <p>A remote attacker, by enticing a user to open a specially crafted .tex
+ file, could possibly execute arbitrary code with the privileges of the
+ process.
+ </p>
+ </impact>
+ <workaround>
+ <p>There is no known workaround at this time.</p>
+ </workaround>
+ <resolution>
+ <p>All Kpathsea users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose
+ "&gt;=dev-libs/kpathsea-6.2.2_p20160523"
+ </code>
+
+ <p>Packages which depend on this library may need to be recompiled. Tools
+ such as revdep-rebuild may assist in identifying some of these packages.
+ </p>
+ </resolution>
+ <references>
+ <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-10243">
+ CVE-2016-10243
+ </uri>
+ </references>
+ <metadata tag="requester" timestamp="2017-06-17T20:59:54Z">whissi</metadata>
+ <metadata tag="submitter" timestamp="2017-09-17T15:47:02Z">chrisadr</metadata>
+</glsa>
diff --git a/metadata/glsa/glsa-201709-08.xml b/metadata/glsa/glsa-201709-08.xml
new file mode 100644
index 000000000000..4ae457a5b5bc
--- /dev/null
+++ b/metadata/glsa/glsa-201709-08.xml
@@ -0,0 +1,66 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="201709-08">
+ <title>GDK-PixBuf: Multiple vulnerabilities</title>
+ <synopsis>Multiple vulnerabilities have been found in GDK-PixBuf, the worst
+ of which could result in the execution of arbitrary code.
+ </synopsis>
+ <product type="ebuild">gdk-pixbuf</product>
+ <announced>2017-09-17</announced>
+ <revised>2017-09-17: 1</revised>
+ <bug>592976</bug>
+ <bug>611390</bug>
+ <bug>630026</bug>
+ <access>remote</access>
+ <affected>
+ <package name="x11-libs/gdk-pixbuf" auto="yes" arch="*">
+ <unaffected range="ge">2.36.9</unaffected>
+ <vulnerable range="lt">2.36.9</vulnerable>
+ </package>
+ </affected>
+ <background>
+ <p>GDK-PixBuf is an image loading library for GTK+.</p>
+ </background>
+ <description>
+ <p>Multiple vulnerabilities have been discovered in GDK-PixBuf. Please
+ review the referenced CVE identifiers for details.
+ </p>
+ </description>
+ <impact type="normal">
+ <p>A remote attacker, by sending a specially crafted TIFF, JPEG, or URL,
+ could execute arbitrary code with the privileges of the process or cause
+ a Denial of Service condition.
+ </p>
+ </impact>
+ <workaround>
+ <p>There is no known workaround at this time.</p>
+ </workaround>
+ <resolution>
+ <p>All GDK-PixBuf users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose "&gt;=x11-libs/gdk-pixbuf-2.36.9"
+ </code>
+
+ <p>Packages which depend on this library may need to be recompiled. Tools
+ such as revdep-rebuild may assist in identifying some of these packages.
+ </p>
+ </resolution>
+ <references>
+ <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6311">
+ CVE-2017-6311
+ </uri>
+ <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6312">
+ CVE-2017-6312
+ </uri>
+ <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6313">
+ CVE-2017-6313
+ </uri>
+ <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6314">
+ CVE-2017-6314
+ </uri>
+ </references>
+ <metadata tag="requester" timestamp="2017-09-10T23:08:28Z">b-man</metadata>
+ <metadata tag="submitter" timestamp="2017-09-17T15:48:14Z">chrisadr</metadata>
+</glsa>
diff --git a/metadata/glsa/glsa-201709-09.xml b/metadata/glsa/glsa-201709-09.xml
new file mode 100644
index 000000000000..b0fb60e8ed49
--- /dev/null
+++ b/metadata/glsa/glsa-201709-09.xml
@@ -0,0 +1,75 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
+<glsa id="201709-09">
+ <title>Subversion: Arbitrary code execution</title>
+ <synopsis>A command injection vulnerability in Subversion may allow remote
+ attackers to execute arbitrary code.
+ </synopsis>
+ <product type="ebuild">subversion</product>
+ <announced>2017-09-17</announced>
+ <revised>2017-09-17: 1</revised>
+ <bug>627480</bug>
+ <access>remote</access>
+ <affected>
+ <package name="dev-vcs/subversion" auto="yes" arch="*">
+ <unaffected range="ge">1.9.7</unaffected>
+ <unaffected range="rgt">1.8.18</unaffected>
+ <vulnerable range="lt">1.9.7</vulnerable>
+ </package>
+ </affected>
+ <background>
+ <p>Subversion is a version control system intended to eventually replace
+ CVS. Like CVS, it has an optional client-server architecture (where the
+ server can be an Apache server running mod_svn, or an ssh program as in
+ CVS’s :ext: method). In addition to supporting the features found in
+ CVS, Subversion also provides support for moving and copying files and
+ directories.
+ </p>
+ </background>
+ <description>
+ <p>Specially crafted ‘ssh://...’ URLs may allow the owner of the
+ repository to execute arbitrary commands on client’s machine if those
+ commands are already installed on the client’s system. This is
+ especially dangerous when the third-party repository has one or more
+ submodules with specially crafted ‘ssh://...’ URLs. Each time the
+ repository is recursively cloned or submodules are updated the payload
+ will be triggered.
+ </p>
+ </description>
+ <impact type="normal">
+ <p>A remote attacker, by enticing a user to clone a specially crafted
+ repository, could possibly execute arbitrary code with the privileges of
+ the process.
+ </p>
+ </impact>
+ <workaround>
+ <p>There are several alternative ways to fix this vulnerability. Please
+ refer to Subversion Team Announce for more details.
+ </p>
+ </workaround>
+ <resolution>
+ <p>All Subversion 1.9.x users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose "&gt;=dev-vcs/subversion-1.9.7"
+ </code>
+
+ <p>All Subversion 1.8.x users should upgrade to the latest version:</p>
+
+ <code>
+ # emerge --sync
+ # emerge --ask --oneshot --verbose "&gt;=dev-vcs/subversion-1.8.18"
+ </code>
+ </resolution>
+ <references>
+ <uri link="https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-9800">
+ CVE-2017-9800
+ </uri>
+ <uri link="https://subversion.apache.org/security/CVE-2017-9800-advisory.txt">
+ Subversion Team Announce
+ </uri>
+ </references>
+ <metadata tag="requester" timestamp="2017-09-01T12:55:21Z">b-man</metadata>
+ <metadata tag="submitter" timestamp="2017-09-17T15:50:43Z">chrisadr</metadata>
+</glsa>