Gentoo 2509 Published by

18 updates for Gentoo Linux has been released: [ GLSA 201209-06 ] Expat: Multiple vulnerabilities, [ GLSA 201209-05 ] LibreOffice: Multiple vulnerabilities, [ GLSA 201209-08 ] SquidClamav: Denial of Service, [ GLSA 201209-07 ] International Components for Unicode: User-assisted execution of arbitrary code, [ GLSA 201209-12 ] Libtasn1: Denial of Service, [ GLSA 201209-11 ] Opera: Multiple vulnerabilities, [ GLSA 201209-10 ] Calligra: User-assisted execution of arbitrary code, [ GLSA 201209-09 ] Atheme IRC Services: Denial of Service, [ GLSA 201209-14 ] file: Denial of Service, [ GLSA 201209-13 ] libjpeg-turbo: User-assisted execution of arbitrary code, [ GLSA 201209-16 ] SQLAlchemy: SQL injection, [ GLSA 201209-15 ] Asterisk: Multiple vulnerabilities, [ GLSA 201209-17 ] Pidgin: Arbitrary code execution, [ GLSA 201209-19 ] NUT: Arbitrary code execution, [ GLSA 201209-18 ] Postfixadmin: Multiple vulnerabilities, [ GLSA 201209-22 ] libgssglue: Privilege escalation, [ GLSA 201209-21 ] fastjar: Directory traversal, and [ GLSA 201209-20 ] mod_rpaf: Denial of Service



[ GLSA 201209-06 ] Expat: Multiple vulnerabilities
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201209-06
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Expat: Multiple vulnerabilities
Date: September 24, 2012
Bugs: #280615, #303727, #407519
ID: 201209-06

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities have been found in Expat, possibly resulting
in Denial of Service.

Background
==========

Expat is a set of XML parsing libraries.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/expat < 2.1.0_beta3 >= 2.1.0_beta3

Description
===========

Multiple vulnerabilities have been discovered in Expat. Please review
the CVE identifiers referenced below for details.

Impact
======

A remote attacker could entice a user to open a specially crafted XML
file in an application linked against Expat, possibly resulting in a
Denial of Service condition.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All Expat users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/expat-2.1.0_beta3"

Packages which depend on this library may need to be recompiled. Tools
such as revdep-rebuild may assist in identifying some of these
packages.

References
==========

[ 1 ] CVE-2009-3560
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3560
[ 2 ] CVE-2009-3720
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3720
[ 3 ] CVE-2012-0876
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0876
[ 4 ] CVE-2012-1147
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1147
[ 5 ] CVE-2012-1148
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1148

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201209-06.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5



[ GLSA 201209-05 ] LibreOffice: Multiple vulnerabilities
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201209-05
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: LibreOffice: Multiple vulnerabilities
Date: September 24, 2012
Bugs: #386081, #409455, #416457, #429482
ID: 201209-05

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities have been found in LibreOffice, allowing
remote attackers to execute arbitrary code or cause a Denial of
Service.

Background
==========

LibreOffice is a full office productivity suite.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-office/libreoffice < 3.5.5.3 >= 3.5.5.3
2 app-office/libreoffice-bin
< 3.5.5.3 >= 3.5.5.3
-------------------------------------------------------------------
2 affected packages

Description
===========

Multiple vulnerabilities have been found in LibreOffice:

* The Microsoft Word Document parser contains an out-of-bounds read
error (CVE-2011-2713).
* The Raptor RDF parser contains an XML External Entity expansion error
(CVE-2012-0037).
* The graphic loading parser contains an integer overflow error which
could cause a heap-based buffer overflow (CVE-2012-1149).
* Multiple errors in the XML manifest handling code could cause a
heap-based buffer overflow (CVE-2012-2665).

Impact
======

A remote attacker could entice a user to open a specially crafted
document file using LibreOffice, possibly resulting in execution of
arbitrary code with the privileges of the process or a Denial of
Service condition.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All LibreOffice users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=app-office/libreoffice-3.5.5.3"

All users of the LibreOffice binary package should upgrade to the
latest version:

# emerge --sync
# emerge --ask --oneshot -v ">=app-office/libreoffice-bin-3.5.5.3"

References
==========

[ 1 ] CVE-2011-2713
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2713
[ 2 ] CVE-2012-0037
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0037
[ 3 ] CVE-2012-1149
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1149
[ 4 ] CVE-2012-2665
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2665

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201209-05.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5



[ GLSA 201209-08 ] SquidClamav: Denial of Service
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201209-08
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: SquidClamav: Denial of Service
Date: September 24, 2012
Bugs: #428778
ID: 201209-08

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

A vulnerability in SquidClamav may result in Denial of Service.

Background
==========

SquidClamav is a HTTP anti-virus for Squid based on ClamAV and ICAP.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-proxy/squidclamav < 6.8 >= 6.8

Description
===========

SquidClamav does not properly escape URLs before passing them to the
system command call.

Impact
======

A remote attacker could send a specially crafted URL to SquidClamav,
possibly resulting in a Denial of Service condition.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All SquidClamav users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=net-proxy/squidclamav-6.8"

References
==========

[ 1 ] CVE-2012-3501
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3501
[ 2 ] SquidClamav News
http://squidclamav.darold.net/news.html

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201209-08.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5



[ GLSA 201209-07 ] International Components for Unicode: User-assisted execution of arbitrary code
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201209-07
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: International Components for Unicode: User-assisted execution
of arbitrary code
Date: September 24, 2012
Bugs: #394201
ID: 201209-07

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

A buffer overflow in International Components for Unicode could result
in execution of arbitrary code or Denial of Service.

Background
==========

International Components for Unicode (ICU) is a set of C/C++ and Java
libraries providing Unicode and Globalization support for software
applications.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/icu < 49.1.1-r1 >= 49.1.1-r1

Description
===========

An error in the _canonicalize() function in uloc.cpp could cause a
stack-based buffer overflow.

Impact
======

A remote attacker could entice a user to open a specially crafted
locale representation using an application linked against ICU, possibly
resulting in execution of arbitrary code with the privileges of the
process or a Denial of Service condition.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All ICU users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/icu-49.1.1-r1"

References
==========

[ 1 ] CVE-2011-4599
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4599

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201209-07.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5



[ GLSA 201209-12 ] Libtasn1: Denial of Service
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201209-12
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Libtasn1: Denial of Service
Date: September 25, 2012
Bugs: #409031
ID: 201209-12

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

A vulnerability in Libtasn1 might cause a Denial of Service condition.

Background
==========

Libtasn1 is a library used to parse ASN.1 (Abstract Syntax Notation
One) objects, and perform DER (Distinguished Encoding Rules) decoding.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/libtasn1 < 2.12 >= 2.12

Description
===========

Libtasn1 does not properly handle length fields when performing DER
decoding.

Impact
======

A remote attacker could entice a user to open a specially crafted
DER-encoded object in an application linked against Libtasn1, possibly
resulting in Denial of Service.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All Libtasn1 users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/libtasn1-2.12"

Packages which depend on this library may need to be recompiled. Tools
such as revdep-rebuild may assist in identifying some of these
packages.

References
==========

[ 1 ] CVE-2012-1569
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1569

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201209-12.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5



[ GLSA 201209-11 ] Opera: Multiple vulnerabilities
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201209-11
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Opera: Multiple vulnerabilities
Date: September 25, 2012
Bugs: #429478, #434584
ID: 201209-11

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities have been found in Opera, the worst of which
may allow remote execution of arbitrary code.

Background
==========

Opera is a fast web browser that is available free of charge.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-client/opera < 12.01.1532 >= 12.01.1532

Description
===========

Multiple vulnerabilities have been discovered in Opera. Please review
the CVE identifiers and Opera Release Notes referenced below for
details.

Impact
======

A remote attacker could entice a user to open a specially crafted web
page using Opera, possibly resulting in execution of arbitrary code
with the privileges of the process or a Denial of Service condition.
Furthermore, a remote attacker may be able to trick a user into
downloading and executing files, conduct Cross-Site Scripting (XSS)
attacks, spoof the address bar, or have other unspecified impact.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All Opera users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/opera-12.01.1532"

References
==========

[ 1 ] CVE-2012-4010
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4010
[ 2 ] CVE-2012-4142
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4142
[ 3 ] CVE-2012-4143
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4143
[ 4 ] CVE-2012-4144
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4144
[ 5 ] CVE-2012-4145
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4145
[ 6 ] CVE-2012-4146
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4146
[ 7 ] Opera 12.01 for UNIX changelog
http://www.opera.com/docs/changelogs/unix/1201/

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201209-11.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5



[ GLSA 201209-10 ] Calligra: User-assisted execution of arbitrary code
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201209-10
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Calligra: User-assisted execution of arbitrary code
Date: September 25, 2012
Bugs: #428890
ID: 201209-10

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

A buffer overflow vulnerability in Calligra could result in the
execution of arbitrary code.

Background
==========

Calligra is an office suite by KDE.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-office/calligra < 2.4.3-r1 >= 2.4.3-r1

Description
===========

An error in the read() function in styles.cpp could cause a heap-based
buffer overflow.

Impact
======

A remote attacker could entice a user to open a specially crafted ODF
file, possibly resulting in execution of arbitrary code with the
privileges of the process or a Denial of Service condition.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All Calligra users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=app-office/calligra-2.4.3-r1"

References
==========

[ 1 ] CVE-2012-3456
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3456

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201209-10.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5



[ GLSA 201209-09 ] Atheme IRC Services: Denial of Service
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201209-09
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Atheme IRC Services: Denial of Service
Date: September 25, 2012
Bugs: #409103
ID: 201209-09

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

A vulnerability has been found in Atheme which may lead to Denial of
Service or a bypass of security restrictions.

Background
==========

Atheme is a portable and secure set of open-source and modular IRC
services. CertFP is certificate fingerprinting used to authenticate
users to nicknames.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-irc/atheme-services < 6.0.10 >= 6.0.10

Description
===========

The myuser_delete() function in account.c does not properly remove
CertFP entries when deleting user accounts.

Impact
======

A remote authenticated attacker may be able to cause a Denial of
Service condition or gain access to an Atheme IRC Services user
account.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All Atheme users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=net-irc/atheme-services-6.0.10"

References
==========

[ 1 ] CVE-2012-1576
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1576

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201209-09.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5



[ GLSA 201209-14 ] file: Denial of Service
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201209-14
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: file: Denial of Service
Date: September 26, 2012
Bugs: #427368
ID: 201209-14

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

A vulnerability in file could result in Denial of Service.

Background
==========

file is a utility that guesses a file format by scanning binary data
for patterns.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 sys-apps/file < 5.11 >= 5.11

Description
===========

Multiple out-of-bounds read errors and invalid pointer dereference
errors have been found in cdf.c.

Impact
======

A remote attacker could entice a user to open a specially crafted
Composite Document File (CDF) using file, possibly resulting in a
Denial of Service condition.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All file users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=sys-apps/file-5.11"

References
==========

[ 1 ] CVE-2012-1571
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1571

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201209-14.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5



[ GLSA 201209-13 ] libjpeg-turbo: User-assisted execution of arbitrary code
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201209-13
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: libjpeg-turbo: User-assisted execution of arbitrary code
Date: September 26, 2012
Bugs: #426938
ID: 201209-13

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

A vulnerability in libjpeg-turbo could result in execution of arbitrary
code or Denial of Service.

Background
==========

libjpeg-turbo accelerates JPEG compression and decompression.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 media-libs/libjpeg-turbo
< 1.2.1 >= 1.2.1

Description
===========

A vulnerability in the get_sos() function in jdmarker.c could cause a
heap-based buffer overflow.

Impact
======

A remote attacker could entice a user to open a specially crafted JPEG
file in an application linked against libjpeg-turbo, possibly resulting
in the remote execution of arbitrary code with the permissions of the
user running the application, or Denial of Service.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All libjpeg-turbo users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=media-libs/libjpeg-turbo-1.2.1"

Packages which depend on this library may need to be recompiled. Tools
such as revdep-rebuild may assist in identifying some of these
packages.

References
==========

[ 1 ] CVE-2012-2806
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2806

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201209-13.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5



[ GLSA 201209-16 ] SQLAlchemy: SQL injection
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201209-16
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: SQLAlchemy: SQL injection
Date: September 26, 2012
Bugs: #407437
ID: 201209-16

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

An input sanitation flaw in SQLAlchemy allows remote attacker to
conduct SQL injection.

Background
==========

SQLAlchemy is a Python SQL toolkit and Object Relational Mapper.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-python/sqlalchemy < 0.7.4 >= 0.7.4

Description
===========

SQLAlchemy does not properly sanitize input passed from the "limit" and
"offset" keywords to the select() function before using it in an SQL
query.

Impact
======

A remote attacker could exploit this vulnerability to execute arbitrary
SQL statements.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All SQLAlchemy users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-python/sqlalchemy-0.7.4"

References
==========

[ 1 ] CVE-2012-0805
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0805

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201209-16.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5



[ GLSA 201209-15 ] Asterisk: Multiple vulnerabilities
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201209-15
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Asterisk: Multiple vulnerabilities
Date: September 26, 2012
Bugs: #425050, #433750
ID: 201209-15

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities have been found in Asterisk, the worst of
which may allow execution of arbitrary code.

Background
==========

Asterisk is an open source telephony engine and toolkit.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-misc/asterisk < 1.8.15.1 >= 1.8.15.1

Description
===========

Multiple vulnerabilities have been found in Asterisk:

* An error in manager.c allows shell access (CVE-2012-2186).
* An error in Asterisk could cause all RTP ports to be exhausted
(CVE-2012-3812).
* A double-free error could occur when two parties attempt to
manipulate the same voicemail account simultaneously (CVE-2012-3863).
* Asterisk does not properly implement certain ACL rules
(CVE-2012-4737).

Impact
======

A remote, authenticated attacker could execute arbitrary code with the
privileges of the process, cause a Denial of Service condition, or
bypass outbound call restrictions.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All Asterisk users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/asterisk-1.8.15.1"

References
==========

[ 1 ] CVE-2012-2186
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2186
[ 2 ] CVE-2012-3812
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3812
[ 3 ] CVE-2012-3863
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3863
[ 4 ] CVE-2012-4737
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4737

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201209-15.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5



[ GLSA 201209-17 ] Pidgin: Arbitrary code execution
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201209-17
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: Pidgin: Arbitrary code execution
Date: September 27, 2012
Bugs: #425076
ID: 201209-17

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

A buffer overflow in Pidgin might allow remote attackers to execute
arbitrary code or cause Denial of Service.

Background
==========

Pidgin is a GTK Instant Messenger client for a variety of instant
messaging protocols. libpurple is the core library for Pidgin.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-im/pidgin < 2.10.6 >= 2.10.6

Description
===========

A stack-based buffer overflow vulnerability has been found in the MXit
protocol plug-in for libpurple.

Impact
======

A remote attacker could possibly execute arbitrary code with the
privileges of the Pidgin process, or cause a Denial of Service
condition.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All Pidgin users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=net-im/pidgin-2.10.6"

References
==========

[ 1 ] CVE-2012-3374
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3374

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201209-17.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5



[ GLSA 201209-19 ] NUT: Arbitrary code execution
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201209-19
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: NUT: Arbitrary code execution
Date: September 27, 2012
Bugs: #419377
ID: 201209-19

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

A buffer overflow in NUT might allow remote attackers to execute
arbitrary code.

Background
==========

Network UPS Tools (NUT) provide support for power devices.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 sys-power/nut < 2.6.3 >= 2.6.3

Description
===========

An error in the addchar() function in parseconf.c may cause a buffer
overflow.

Impact
======

A remote attacker could send a specially crafted string to upsd,
possibly resulting in execution of arbitrary code with the privileges
of the process or a Denial of Service condition.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All NUT users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=sys-power/nut-2.6.3"

References
==========

[ 1 ] CVE-2012-2944
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2944

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201209-19.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5



[ GLSA 201209-18 ] Postfixadmin: Multiple vulnerabilities
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201209-18
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Postfixadmin: Multiple vulnerabilities
Date: September 27, 2012
Bugs: #400971
ID: 201209-18

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities have been found in Postfixadmin which may lead
to SQL injection or cross-site scripting attacks.

Background
==========

Postfixadmin is a web-based management tool for Postfix-style virtual
domains and users.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-apps/postfixadmin < 2.3.5 >= 2.3.5

Description
===========

Multiple SQL injection vulnerabilities (CVE-2012-0811) and cross-site
scripting vulnerabilities (CVE-2012-0812) have been found in
Postfixadmin.

Impact
======

A remote attacker could exploit these vulnerabilities to execute
arbitrary SQL statements or arbitrary HTML and script code.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All Postfixadmin users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=www-apps/postfixadmin-2.3.5"

References
==========

[ 1 ] CVE-2012-0811
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0811
[ 2 ] CVE-2012-0812
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0812

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201209-18.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5



[ GLSA 201209-22 ] libgssglue: Privilege escalation
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201209-22
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: libgssglue: Privilege escalation
Date: September 28, 2012
Bugs: #385321
ID: 201209-22

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

A vulnerability in libgssglue may allow a local attacker to gain
escalated privileges.

Background
==========

libgssglue exports a GSSAPI interface which calls other random GSSAPI
libraries.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-libs/libgssglue < 0.4 >= 0.4

Description
===========

libgssglue does not securely use getenv() when loading a library for a
setuid application.

Impact
======

A local attacker could gain escalated privileges.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All libgssglue users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/libgssglue-0.4"

References
==========

[ 1 ] CVE-2011-2709
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2709

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201209-22.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5



[ GLSA 201209-21 ] fastjar: Directory traversal
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201209-21
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: fastjar: Directory traversal
Date: September 28, 2012
Bugs: #325557
ID: 201209-21

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Two directory traversal vulnerabilities have been found in fastjar,
allowing remote attackers to create or overwrite arbitrary files.

Background
==========

fastjar is a Java archiver written in C.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-arch/fastjar < 0.98-r1 >= 0.98-r1

Description
===========

Two directory traversal vulnerabilities have been discovered in
fastjar. Please review the CVE identifiers referenced below for
details.

Impact
======

A remote attacker could entice a user to open a specially crafted JAR
file, possibly resulting in the creation or truncation of arbitrary
files.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All fastjar users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=app-arch/fastjar-0.98-r1"

References
==========

[ 1 ] CVE-2010-0831
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0831
[ 2 ] CVE-2010-2322
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2322

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201209-21.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5



[ GLSA 201209-20 ] mod_rpaf: Denial of Service
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201209-20
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: mod_rpaf: Denial of Service
Date: September 27, 2012
Bugs: #432406
ID: 201209-20

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

A vulnerability in mod_rpaf may result in Denial of Service.

Background
==========

mod_rpaf is a reverse proxy add forward module for backend Apache
servers.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-apache/mod_rpaf < 0.6 >= 0.6

Description
===========

An error has been found in the way mod_rpaf handles X-Forwarded-For
headers. Please review the CVE identifier referenced below for details.

Impact
======

A remote attacker could send a specially crafted HTTP header, possibly
resulting in a Denial of Service condition.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All mod_rpaf users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=www-apache/mod_rpaf-0.6"

References
==========

[ 1 ] CVE-2012-3526
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3526

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201209-20.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5