Multiple vulnerabilities has been discovered and corrected in openssl:
OpenSSL has added support for TLS_FALLBACK_SCSV to allow applications
to block the ability for a MITM attacker to force a protocol
downgrade. Some client applications (such as browsers) will reconnect
using a downgraded protocol to work around interoperability bugs in
older servers. This could be exploited by an active man-in-the-middle
to downgrade connections to SSL 3.0 even if both sides of the
connection support higher protocols. SSL 3.0 contains a number of
weaknesses including POODLE (CVE-2014-3566).
When an OpenSSL SSL/TLS/DTLS server receives a session ticket the
integrity of that ticket is first verified. In the event of a session
ticket integrity check failing, OpenSSL will fail to free memory
causing a memory leak. By sending a large number of invalid session
tickets an attacker could exploit this issue in a Denial Of Service
attack (CVE-2014-3567).
The updated packages have been upgraded to the 1.0.0o version where
these security flaws has been fixed.
A vulnerability has been found and corrected in libxml2:
A denial of service flaw was found in libxml2, a library providing
support to read, modify and write XML and HTML files. A remote attacker
could provide a specially crafted XML file that, when processed by
an application using libxml2, would lead to excessive CPU consumption
(denial of service) based on excessive entity substitutions, even if
entity substitution was disabled, which is the parser default behavior
(CVE-2014-3660).
The updated packages have been patched to correct this issue.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2014:204
http://www.mandriva.com/en/support/security/
_______________________________________________________________________
Package : libxml2
Date : October 23, 2014
Affected: Business Server 1.0
_______________________________________________________________________
Problem Description:
A vulnerability has been found and corrected in libxml2:
A denial of service flaw was found in libxml2, a library providing
support to read, modify and write XML and HTML files. A remote attacker
could provide a specially crafted XML file that, when processed by
an application using libxml2, would lead to excessive CPU consumption
(denial of service) based on excessive entity substitutions, even if
entity substitution was disabled, which is the parser default behavior
(CVE-2014-3660).
The updated packages have been
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2014:203
http://www.mandriva.com/en/support/security/
_______________________________________________________________________
Package : openssl
Date : October 23, 2014
Affected: Business Server 1.0
_______________________________________________________________________
Problem Description:
Multiple vulnerabilities has been discovered and corrected in openssl:
OpenSSL has added support for TLS_FALLBACK_SCSV to allow applications
to block the ability for a MITM attacker to force a protocol
downgrade. Some client applications (such as browsers) will reconnect
using a downgraded protocol to work around interoperability bugs in
older servers. This could be exploited by an active man-in-the-middle
to downgrade connections to SSL 3.0 even if both sides of the
connection support higher protocols. SSL 3.0 contain
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2014:202
http://www.mandriva.com/en/support/security/
_______________________________________________________________________
Package : php
Date : October 23, 2014
Affected: Business Server 1.0
_______________________________________________________________________
Problem Description:
A vulnerability has been discovered and corrected in php:
A heap corruption issue was reported in PHP's exif_thumbnail()
function. A specially-crafted JPEG image could cause the PHP
interpreter to crash or, potentially, execute arbitrary code
(CVE-2014-3670).
The updated php packages have been upgraded to the 5.5.18 version
resolve this security flaw.
Additionally, php-apc has been rebuilt against the updated php
packages.
_______________________________________________________________________
References:
ht
Rainer Gerhards, the rsyslog project leader, reported a vulnerability
in Rsyslog. As a consequence of this vulnerability an attacker can send
malformed messages to a server, if this one accepts data from untrusted
sources, and trigger a denial of service attack (CVE-2014-3634).
MediaWiki before 1.23.4 is vulnerable to cross-site scripting due to
JavaScript injection via CSS in uploaded SVG files (CVE-2014-7199).
MediaWiki before 1.23.5 is vulnerable to cross-site scripting due to
JavaScript injection via user-specificed CSS in certain special pages
(CVE-2014-7295).
Updated perl and perl-Data-Dumper packages fixes security
vulnerability:
The Dumper method in Data::Dumper before 2.154, allows
context-dependent attackers to cause a denial of service (stack
consumption and crash) via an Array-Reference with many nested
Array-References, which triggers a large number of recursive calls
to the DD_dump function (CVE-2014-4330).
The Data::Dumper module bundled with perl and the perl-Data-Dumper
packages has been updated to fix this issue.
If a new comment was marked private to the insider group, and a flag
was set in the same transaction, the comment would be visible to flag
recipients even if they were not in the insider group (CVE-2014-1571).
An attacker creating a new Bugzilla account can override certain
parameters when finalizing the account creation that can lead to the
user being created with a different email address than originally
requested. The overridden login name could be automatically added to
groups based on the group’s regular expression setting (CVE-2014-1572).
During an audit of the Bugzilla code base, several places were found
where cross-site scripting exploits could occur which could allow an
attacker to access sensitive information (CVE-2014-1573).