Resolved Bugs
1142602 – CVE-2014-6429 CVE-2014-6430 CVE-2014-6431 CVE-2014-6432 wireshark: DOS Sniffer file parser flaw (wnpa-sec-2014-19)
1142603 – CVE-2014-6428 wireshark: SES dissector crash (wnpa-sec-2014-18)
1142604 – CVE-2014-6427 wireshark: RTSP dissector crash (wnpa-sec-2014-17)
1142609 – CVE-2014-6424 wireshark: Netflow dissector crash (wnpa-sec-2014-14)
1142610 – CVE-2014-6423 wireshark: MEGACO dissector infinite loop (wnpa-sec-2014-13)
1142611 – CVE-2014-6421 CVE-2014-6422 wireshark: RTP dissector crash (wnpa-sec-2014-12)
1150080 – CVE-2014-6430 et.al. applies to F21 version of wireshark too<br
Ver. 1.12.1
Monthly Archives: October 2014
Fedora 19 Security Update: php-ZendFramework-1.12.9-1.fc19
Resolved Bugs
1151278 – php-ZendFramework2: various flaws [fedora-all]
1151276 – CVE-2014-8088 php-ZendFramework: null byte issue, connect to LDAP without knowing the password (ZF2014-05)
1151277 – CVE-2014-8089 php-ZendFramework: SQL injection issue when using the sqlsrv PHP extension (ZF2014-06)<br
Contains fixes for two security relevant bugs:
* “ZF2014-05: Anonymous authentication in ldap_bind() function of PHP, using null byte” (http://framework.zend.com/security/advisory/ZF2014-05)
* “ZF2014-06: SQL injection vector when manually quoting values for sqlsrv extension, using null byte” (http://framework.zend.com/security/advisory/ZF2014-06)
Fedora 21 Security Update: php-ZendFramework-1.12.9-1.fc21
Resolved Bugs
1151278 – php-ZendFramework2: various flaws [fedora-all]
1151276 – CVE-2014-8088 php-ZendFramework: null byte issue, connect to LDAP without knowing the password (ZF2014-05)
1151277 – CVE-2014-8089 php-ZendFramework: SQL injection issue when using the sqlsrv PHP extension (ZF2014-06)<br
Contains fixes for two security relevant bugs:
* “ZF2014-05: Anonymous authentication in ldap_bind() function of PHP, using null byte” (http://framework.zend.com/security/advisory/ZF2014-05)
* “ZF2014-06: SQL injection vector when manually quoting values for sqlsrv extension, using null byte” (http://framework.zend.com/security/advisory/ZF2014-06)
Fedora 20 Security Update: sddm-0.9.0-2.20141007git6a28c29b.fc20
Resolved Bugs
1114192 – SELinux is preventing /usr/bin/sddm from ‘write’ accesses on the file .
1119777 – PrivateTmp makes files invisible for the same user
1123506 – sddm startup is slow
1125129 – SELinux is preventing sddm from ‘write’ accesses on the file /etc/sddm.conf.
1140386 – SDDM login screen is not reached.
1112841 – Cannot log into account with NFS home directory
1128463 – sddm does not open kde wallet with pam_wallet.so
1128465 – sddm does not run /etc/X11/xinit/Xsession
1149608 – CVE-2014-7271 sddm: user “sddm” can login without authentication.
1149628 – CVE-2014-7271 sddm: user “sddm” can login without authentication. [fedora-all]
1148659 – sddm: multiple flaws in SDDM display manager leading to privilege escalation to root
1148660 – sddm: multiple flaws in SDDM display manager leading to privilege escalation to root [fedora-all]
1149610 – CVE-2014-7272 sddm: several local privileges escalation issues
1149629 – CVE-2014-7272 sddm: several local privileges escalation issues [fedora-all]<br
Bump to latest upstream git (and a new release), fixes CVE-2014-7271 and CVE-2014-7272
SAP Business Objects Denial Of Service Via CORBA
Onapsis Security Advisory – The CMS CORBA listener includes functions in the OSCAFactory::Session ORB that allows any user to remotely turn off that Business Objects server without authentication.
SAP Business Objects Information Disclosure
Onapsis Security Advisory – A malicious user can discover information relating to valid users using a vulnerable Business Objects Enterprise instance. This information could be used to allow the malicious user to specialize their attacks against the system.
CEBA-2014:1368 CentOS 5 at BugFix Update
CentOS Errata and Bugfix Advisory 2014:1368 Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-1368.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 380ebf4be76ba9eded6f619366711e01537d705dacca24f7c5592a985bb8d6c2 at-3.1.8-84.el5_11.1.i386.rpm x86_64: ba03ad178a7e969747230ed905e4cdb79c4e67202ffbadc4a21fde7438747f98 at-3.1.8-84.el5_11.1.x86_64.rpm Source: fa016225f2927a0b81fe40dccc7511de0ad20b12f3a23a5a579f3da3d0c0101f at-3.1.8-84.el5_11.1.src.rpm
CVE-2014-3198 (chrome, enterprise_linux_desktop_supplementary, enterprise_linux_server_supplementary, enterprise_linux_server_supplementary_eus, enterprise_linux_workstation_supplementary)
The Instance::HandleInputEvent function in pdf/instance.cc in the PDFium component in Google Chrome before 38.0.2125.101 interprets a certain -1 value as an index instead of a no-visible-page error code, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
CVE-2014-3193 (chrome, enterprise_linux_desktop_supplementary, enterprise_linux_server_supplementary, enterprise_linux_server_supplementary_eus, enterprise_linux_workstation_supplementary)
The SessionService::GetLastSession function in browser/sessions/session_service.cc in Google Chrome before 38.0.2125.101 allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors that leverage “type confusion” for callback processing.
CVE-2014-3194 (chrome, enterprise_linux_desktop_supplementary, enterprise_linux_server_supplementary, enterprise_linux_server_supplementary_eus, enterprise_linux_workstation_supplementary)
Use-after-free vulnerability in the Web Workers implementation in Google Chrome before 38.0.2125.101 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.