Category Archives: Mandriva

Mandriva Security Advisory

Mandriva

MDVSA-2015:039: glibc

A vulnerability has been discovered and corrected in glibc:

Heap-based buffer overflow in the __nss_hostname_digits_dots
function in glibc 2.2, and other 2.x versions before 2.18, allows
context-dependent attackers to execute arbitrary code via vectors
related to the (1) gethostbyname or (2) gethostbyname2 function,
aka GHOST. (CVE-2015-0235)

The updated packages have been patched to correct this issue.

Mandriva

[ MDVSA-2015:039 ] glibc

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2015:039
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : glibc
 Date    : February 10, 2015
 Affected: Business Server 1.0
 _______________________________________________________________________

 Problem Description:

 A vulnerability has been discovered and corrected in glibc:
 
 Heap-based buffer overflow in the __nss_hostname_digits_dots
 function in glibc 2.2, and other 2.x versions before 2.18, allows
 context-dependent attackers to execute arbitrary code via vectors
 related to the (1) gethostbyname or (2) gethostbyname2 function,
 aka GHOST. (CVE-2015-0235)
 
 The updated packages have been patched to correct this issue.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin
Mandriva

MDVSA-2015:036: python-django

Updated python-django packages fix security vulnerabilities:

Jedediah Smith discovered that Django incorrectly handled underscores
in WSGI headers. A remote attacker could possibly use this issue to
spoof headers in certain environments (CVE-2015-0219).

Mikko Ohtamaa discovered that Django incorrectly handled user-supplied
redirect URLs. A remote attacker could possibly use this issue to
perform a cross-site scripting attack (CVE-2015-0220).

Alex Gaynor discovered that Django incorrectly handled reading files
in django.views.static.serve(). A remote attacker could possibly use
this issue to cause Django to consume resources, resulting in a denial
of service (CVE-2015-0221).

Mandriva

[ MDVSA-2015:037 ] vorbis-tools

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2015:037
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : vorbis-tools
 Date    : February 6, 2015
 Affected: Business Server 1.0
 _______________________________________________________________________

 Problem Description:

 Updated vorbis-tools package fixes security vulnerability:
 
 oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to
 cause a denial of service (out-of-bounds read) via a crafted raw file
 (CVE-2014-9640).
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9640
 http://advisories.mageia.org/MGASA-2015-0051.html
 _______________________________________________________________________

 Updated Packages:

 Mandriva Business
Mandriva

[ MDVSA-2015:036 ] python-django

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2015:036
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : python-django
 Date    : February 6, 2015
 Affected: Business Server 1.0
 _______________________________________________________________________

 Problem Description:

 Updated python-django packages fix security vulnerabilities:
 
 Jedediah Smith discovered that Django incorrectly handled underscores
 in WSGI headers. A remote attacker could possibly use this issue to
 spoof headers in certain environments (CVE-2015-0219).
 
 Mikko Ohtamaa discovered that Django incorrectly handled user-supplied
 redirect URLs. A remote attacker could possibly use this issue to
 perform a cross-site scripting attack (CVE-2015-0220).
 
 Alex Gaynor discovered that Django incorrectly handled reading files
Mandriva

[ MDVSA-2015:035 ] libvirt

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2015:035
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : libvirt
 Date    : February 6, 2015
 Affected: Business Server 1.0
 _______________________________________________________________________

 Problem Description:

 Updated libvirt packages fix security vulnerability:
 
 The XML getters for for save images and snapshots objects don't
 check ACLs for the VIR_DOMAIN_XML_SECURE flag and might possibly dump
 security sensitive information. A remote attacker able to establish
 a connection to libvirtd could use this flaw to cause leak certain
 limited information from the domain xml file (CVE-2015-0236).
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CV
Mandriva

[ MDVSA-2015:034 ] jasper

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2015:034
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : jasper
 Date    : February 6, 2015
 Affected: Business Server 1.0
 _______________________________________________________________________

 Problem Description:

 Updated jasper packages fix security vulnerabilities:
 
 An off-by-one flaw, leading to a heap-based buffer overflow, was found
 in the way JasPer decoded JPEG 2000 image files. A specially crafted
 file could cause an application using JasPer to crash or, possibly,
 execute arbitrary code (CVE-2014-8157).
 
 An unrestricted stack memory use flaw was found in the way JasPer
 decoded JPEG 2000 image files. A specially crafted file could cause
 an application using JasPer to crash or, possibly, execute arbitrary
 code (CVE-2014-81
Mandriva

[ MDVSA-2015:033 ] java-1.7.0-openjdk

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2015:033
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : java-1.7.0-openjdk
 Date    : February 6, 2015
 Affected: Business Server 1.0
 _______________________________________________________________________

 Problem Description:

 Updated java-1.7.0 packages fix security vulnerabilities:
 
 A flaw was found in the way the Hotspot component in OpenJDK verified
 bytecode from the class files. An untrusted Java application or applet
 could possibly use this flaw to bypass Java sandbox restrictions
 (CVE-2014-6601).
 
 Multiple improper permission check issues were discovered in the
 JAX-WS, and RMI components in OpenJDK. An untrusted Java application
 or applet could use these flaws to bypass Java sandbox restrictions
 (CVE-2015-0412, CVE-2015-04
Mandriva

MDVSA-2015:028: aircrack-ng

Updated aircrack-ng package fixes security vulnerabilities:

A length parameter inconsistency in Aircrack-ng before 1.2-rc1
at aireplay tcp_test() which may lead to remote code execution
(CVE-2014-8322).

A missing check for data format in Aircrack-ng before 1.2-rc1 at
buddy-ng which may lead to denial of service (CVE-2014-8323).

A missing check for invalid values in Aircrack-ng before 1.2-rc1
at airserv-ng net_get() which may lead to denial of service
(CVE-2014-8324).