Gentoo 2514 Published by

The following 7 new security updates are available for Gentoo Linux:

GLSA 201006-07: SILC: Multiple vulnerabilities
GLSA 201006-06: Transmission: Multiple vulnerabilities
GLSA 201006-05: Wireshark: Multiple vulnerabilities
GLSA 201006-04: xine-lib: User-assisted execution of arbitrary code
GLSA 201006-03: ImageMagick: User-assisted execution of arbitrary code
GLSA 201006-02: CamlImages: User-assisted execution of arbitrary code
GLSA 201006-01: FreeType 1: User-assisted execution of arbitrary code



[gentoo-announce] [ GLSA 201006-07 ] SILC: Multiple vulnerabilities
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201006-07
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: SILC: Multiple vulnerabilities
Date: June 01, 2010
Bugs: #284561
ID: 201006-07

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities were discovered in SILC Toolkit and SILC
Client, the worst of which allowing for execution of arbitrary code.

Background
==========

SILC (Secure Internet Live Conferencing protocol) Toolkit is a software
development kit for use in clients, and SILC Client is an IRSSI-based
text client.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-im/silc-toolkit < 1.1.10 >= 1.1.10
2 net-im/silc-client < 1.1.8 >= 1.1.8
-------------------------------------------------------------------
2 affected packages on all of their supported architectures.
-------------------------------------------------------------------

Description
===========

Multiple vulnerabilities were discovered in SILC Toolkit and SILC
Client. For further information please consult the CVE entries
referenced below.

Impact
======

A remote attacker could overwrite stack locations and possibly execute
arbitrary code via a crafted OID value, Content-Length header or format
string specifiers in a nickname field or channel name.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All SILC Toolkit users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=net-im/silc-toolkit-1.1.10"

All SILC Client users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=net-im/silc-client-1.1.8"

References
==========

[ 1 ] CVE-2008-7159
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7159
[ 2 ] CVE-2008-7160
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7160
[ 3 ] CVE-2009-3051
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3051
[ 4 ] CVE-2009-3163
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3163

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201006-07.xml
[gentoo-announce] [ GLSA 201006-06 ] Transmission: Multiple vulnerabilities
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201006-06
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Transmission: Multiple vulnerabilities
Date: June 01, 2010
Bugs: #309831
ID: 201006-06

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Stack-based buffer overflows in Transmission may allow for remote
execution of arbitrary code.

Background
==========

Transmission is a cross-platform BitTorrent client.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-p2p/transmission < 1.92 >= 1.92

Description
===========

Multiple stack-based buffer overflows in the tr_magnetParse() function
in libtransmission/magnet.c have been discovered.

Impact
======

A remote attacker could cause a Denial of Service or possibly execute
arbitrary code via a crafted magnet URL with a large number of tr or ws
links.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All Transmission users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=net-p2p/transmission-1.92"

References
==========

[ 1 ] CVE-2010-1853
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1853

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201006-06.xml
[gentoo-announce] [ GLSA 201006-05 ] Wireshark: Multiple vulnerabilities
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201006-05
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Wireshark: Multiple vulnerabilities
Date: June 01, 2010
Bugs: #297388, #318935
ID: 201006-05

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities were found in Wireshark.

Background
==========

Wireshark is a versatile network protocol analyzer.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-analyzer/wireshark < 1.2.8-r1 >= 1.2.8-r1

Description
===========

Multiple vulnerabilities were found in the Daintree SNA file parser,
the SMB, SMB2, IPMI, and DOCSIS dissectors. For further information
please consult the CVE entries referenced below.

Impact
======

A remote attacker could cause a Denial of Service and possibly execute
arbitrary code via crafted packets or malformed packet trace files.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All Wireshark users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=net-analyzer/wireshark-1.2.8-r1"

References
==========

[ 1 ] CVE-2009-4376
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4376
[ 2 ] CVE-2009-4377
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4377
[ 3 ] CVE-2009-4378
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4378
[ 4 ] CVE-2010-1455
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1455

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201006-05.xml
[gentoo-announce] [ GLSA 201006-04 ] xine-lib: User-assisted execution of arbitrary code
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201006-04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: xine-lib: User-assisted execution of arbitrary code
Date: June 01, 2010
Bugs: #234777, #249041, #260069, #265250
ID: 201006-04

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities in xine-lib might result in the remote
execution of arbitrary code.

Background
==========

xine-lib is the core library package for the xine media player, and
other players such as Amarok, Codeine/Dragon Player and Kaffeine.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 media-libs/xine-lib < 1.1.16.3 >= 1.1.16.3

Description
===========

Multiple vulnerabilites have been reported in xine-lib. Please review
the CVE identifiers referenced below for details.

Impact
======

A remote attacker could entice a user to play a specially crafted video
file or stream with a player using xine-lib, potentially resulting in
the execution of arbitrary code with the privileges of the user running
the application.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All xine-lib users should upgrade to an unaffected version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=media-libs/xine-lib-1.1.16.3"

NOTE: This is a legacy GLSA. Updates for all affected architectures are
available since April 10, 2009. It is likely that your system is
already no longer affected by this issue.

References
==========

[ 1 ] CVE-2008-3231
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3231
[ 2 ] CVE-2008-5233
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5233
[ 3 ] CVE-2008-5234
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5234
[ 4 ] CVE-2008-5235
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5235
[ 5 ] CVE-2008-5236
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5236
[ 6 ] CVE-2008-5237
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5237
[ 7 ] CVE-2008-5238
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5238
[ 8 ] CVE-2008-5239
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5239
[ 9 ] CVE-2008-5240
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5240
[ 10 ] CVE-2008-5241
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5241
[ 11 ] CVE-2008-5242
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5242
[ 12 ] CVE-2008-5243
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5243
[ 13 ] CVE-2008-5244
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5244
[ 14 ] CVE-2008-5245
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5245
[ 15 ] CVE-2008-5246
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5246
[ 16 ] CVE-2008-5247
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5247
[ 17 ] CVE-2008-5248
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5248
[ 18 ] CVE-2009-0698
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0698
[ 19 ] CVE-2009-1274
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1274

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201006-04.xml
[gentoo-announce] [ GLSA 201006-03 ] ImageMagick: User-assisted execution of arbitrary code
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201006-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: ImageMagick: User-assisted execution of arbitrary code
Date: June 01, 2010
Bugs: #271502
ID: 201006-03

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

An integer overflow in ImageMagick might allow remote attackers to
cause the remote execution of arbitrary code.

Background
==========

ImageMagick is a collection of tools and libraries for manipulating
various image formats.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 media-gfx/imagemagick < 6.5.2.9 >= 6.5.2.9

Description
===========

Tielei Wang has discovered that the XMakeImage() function in
magick/xwindow.c is prone to an integer overflow, possibly leading to a
buffer overflow.

Impact
======

A remote attacker could entice a user to open a specially crafted
image, possibly resulting in the remote execution of arbitrary code
with the privileges of the user running the application, or a Denial of
Service.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All ImageMagick users should upgrade to an unaffected version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=media-gfx/imagemagick-6.5.2.9"

NOTE: This is a legacy GLSA. Updates for all affected architectures are
available since June 4, 2009. It is likely that your system is already
no longer affected by this issue.

References
==========

[ 1 ] CVE-2009-1882
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1882

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201006-03.xml
[gentoo-announce] [ GLSA 201006-02 ] CamlImages: User-assisted execution of arbitrary code
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201006-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: CamlImages: User-assisted execution of arbitrary code
Date: June 01, 2010
Bugs: #276235, #290222
ID: 201006-02

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple integer overflows in CamlImages might result in the remote
execution of arbitrary code.

Background
==========

CamlImages is an image processing library for Objective Caml.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-ml/camlimages < 3.0.2 >= 3.0.2

Description
===========

Tielei Wang reported multiple integer overflows, possibly leading to
heap-based buffer overflows in the (1) read_png_file() and
read_png_file_as_rgb24() functions, when processing a PNG image
(CVE-2009-2295) and (2) gifread.c and jpegread.c files when processing
GIF or JPEG images (CVE-2009-2660).

Other integer overflows were also found in tiffread.c (CVE-2009-3296).

Impact
======

A remote attacker could entice a user to open a specially crafted,
overly large PNG, GIF, TIFF, or JPEG image using an application that
uses the CamlImages library, possibly resulting in the execution of
arbitrary code with the privileges of the user running the application.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All CamlImages users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose =dev-ml/camlimages-3.0.2

References
==========

[ 1 ] CVE-2009-2295
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2295
[ 2 ] CVE-2009-2660
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2660
[ 3 ] CVE-2009-3296
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3296

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201006-02.xml
[gentoo-announce] [ GLSA 201006-01 ] FreeType 1: User-assisted execution of arbitrary code
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201006-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: FreeType 1: User-assisted execution of arbitrary code
Date: June 01, 2010
Bugs: #271234
ID: 201006-01

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities in FreeType might result in the remote
execution of arbitrary code.

Background
==========

FreeType is a True Type Font rendering library.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 freetype < 1.4_pre20080316-r2 >= 1.4_pre20080316-r2

Description
===========

Multiple issues found in FreeType 2 were also discovered in FreeType 1.
For details on these issues, please review the Gentoo Linux Security
Advisories and CVE identifiers referenced below.

Impact
======

A remote attacker could entice a user to open a specially crafted TTF
file, possibly resulting in the execution of arbitrary code with the
privileges of the user running FreeType.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All FreeType 1 users should upgrade to an unaffected version:

# emerge --sync
# emerge --ask --oneshot --verbose
">=media-libs/freetype-1.4_pre20080316-r2"

NOTE: This is a legacy GLSA. Updates for all affected architectures are
available since May 27, 2009. It is likely that your system is already
no longer affected by this issue.

References
==========

[ 1 ] CVE-2006-1861
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1861
[ 2 ] CVE-2007-2754
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2754
[ 3 ] GLSA 200607-02
http://www.gentoo.org/security/en/glsa/glsa-200607-02.xml
[ 4 ] GLSA 200705-22
http://www.gentoo.org/security/en/glsa/glsa-200705-22.xml

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201006-01.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
Gentoo Bugzilla Main Page

License
=======

Copyright 2010 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

Creative Commons