Category:Security:SSA

From SlackWiki
Revision as of 10:32, 30 January 2012 by Asteroid (talk | contribs) (→‎httpd: detail for httpd holes)
Jump to navigation Jump to search

Slackware has recently started to be inactive. At the same time, a number of security issues have been found in various components. This page aims at listing them in order to help everyone know which components have known vulnerabilities.

The list below is provided as-is. It is meant to be as good as possible but we can't guarantee anything. It is sorted by slackware categories: a/, ap/, d/, ...

A more comprehensive effort might appear at some point in the future (binary packages?) but this is currently only a list of packages and their CVEs when applicable and useful. In some cases, we consider pointing out a specific CVE is not useful because of the number of issues (i.e. get the last version; e.g. mozilla-*).

The CVEs are typically listed as follow: ${SUMMARY}

  • Fix:
    • Fixed upstream on: ${DATE}
    • Available in version: ${UPSTREAM_VERSION_WITH_FIX} (-current ${VERSION_IN_CURRENT}; -stable: ${VERSION_IN_13_37})
    • Upstream commit: ${URL_TO_THE_SPECIFIC_FIX_COMMIT}

a

linux

ap

cups : CVE-2011-3170 CVE-2011-2896

d

perl

CVE-2011-2939 (DDoS, affected: current and stable)

Off-by-one error in the decode_xs function in Unicode/Unicode.xs in the Encode module before 2.44, as used in Perl before 5.15.6, might allow context-dependent attackers to cause a denial of service (memory corruption) via a crafted Unicode string, which triggers a heap-based buffer overflow (on cve.mitre.org).

ruby

CVE-2011-2705 CVE-2011-1004 CVE-2011-0188

e

emacs

l

t1lib : CVE-2011-1554 CVE-2011-1553 CVE-2011-1552 CVE-2011-0764

freetype2 : CVE-2011-0226

libxml2 : CVE-2011-1944

n

httpd

CVE-2011-4415 (DoS, affected : current, 13.37 and all before)

The ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, does not restrict the size of values of environment variables, which allows local users to cause a denial of service (memory consumption or NULL pointer dereference) via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, related to (1) the "len +=" statement and (2) the apr_pcalloc function call, a different vulnerability than CVE-2011-3607.

CVE-2011-3607 (OverflowGain privileges, affected : current, 13.37 and all before)

Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, allows local users to gain privileges via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, leading to a heap-based buffer overflow.

CVE-2011-3368 (CSRF , affected : current, 13.37 and all before)

Cross-site request forgery (CSRF) vulnerability in post_bug.cgi in Bugzilla 2.x, 3.x, and 4.x before 4.2rc1 allows remote attackers to hijack the authentication of arbitrary users for requests that create bug reports.

dhcp

CVE-2011-4868 CVE-2011-4539 CVE-2011-2749 CVE-2011-2748

openssl

CVE-2012-0027 CVE-2011-4619 CVE-2011-4576 CVE-2011-4109 CVE-2011-4108 CVE-2011-3210

proftpd

CVE-2011-4130 (Execute Code, affected : current, 13.37, and all before)

(proftpd bug tracker #3711)


Use-after-free vulnerability in the Response API in ProFTPD before 1.3.3g allows remote authenticated users to execute arbitrary code via vectors involving an error that occurs after an FTP data transfer.

php

CVE-2011-4885 CVE-2011-3379

x

libXfont : CVE-2011-2895

xap

pidgin : CVE-2011-4603 CVE-2011-4602 CVE-2011-4601 CVE-2011-3594 CVE-2011-3184 CVE-2011-2943

This category currently contains no pages or media.