Category Archives: Security

Security

Fedora

Fedora 19 Security Update: php-ZendFramework-1.12.9-1.fc19

Resolved Bugs
1151278 – php-ZendFramework2: various flaws [fedora-all]
1151276 – CVE-2014-8088 php-ZendFramework: null byte issue, connect to LDAP without knowing the password (ZF2014-05)
1151277 – CVE-2014-8089 php-ZendFramework: SQL injection issue when using the sqlsrv PHP extension (ZF2014-06)<br
Contains fixes for two security relevant bugs:
* “ZF2014-05: Anonymous authentication in ldap_bind() function of PHP, using null byte” (http://framework.zend.com/security/advisory/ZF2014-05)
* “ZF2014-06: SQL injection vector when manually quoting values for sqlsrv extension, using null byte” (http://framework.zend.com/security/advisory/ZF2014-06)

Fedora

Fedora 21 Security Update: php-ZendFramework-1.12.9-1.fc21

Resolved Bugs
1151278 – php-ZendFramework2: various flaws [fedora-all]
1151276 – CVE-2014-8088 php-ZendFramework: null byte issue, connect to LDAP without knowing the password (ZF2014-05)
1151277 – CVE-2014-8089 php-ZendFramework: SQL injection issue when using the sqlsrv PHP extension (ZF2014-06)<br
Contains fixes for two security relevant bugs:
* “ZF2014-05: Anonymous authentication in ldap_bind() function of PHP, using null byte” (http://framework.zend.com/security/advisory/ZF2014-05)
* “ZF2014-06: SQL injection vector when manually quoting values for sqlsrv extension, using null byte” (http://framework.zend.com/security/advisory/ZF2014-06)

Fedora

Fedora 20 Security Update: sddm-0.9.0-2.20141007git6a28c29b.fc20

Resolved Bugs
1114192 – SELinux is preventing /usr/bin/sddm from ‘write’ accesses on the file .
1119777 – PrivateTmp makes files invisible for the same user
1123506 – sddm startup is slow
1125129 – SELinux is preventing sddm from ‘write’ accesses on the file /etc/sddm.conf.
1140386 – SDDM login screen is not reached.
1112841 – Cannot log into account with NFS home directory
1128463 – sddm does not open kde wallet with pam_wallet.so
1128465 – sddm does not run /etc/X11/xinit/Xsession
1149608 – CVE-2014-7271 sddm: user “sddm” can login without authentication.
1149628 – CVE-2014-7271 sddm: user “sddm” can login without authentication. [fedora-all]
1148659 – sddm: multiple flaws in SDDM display manager leading to privilege escalation to root
1148660 – sddm: multiple flaws in SDDM display manager leading to privilege escalation to root [fedora-all]
1149610 – CVE-2014-7272 sddm: several local privileges escalation issues
1149629 – CVE-2014-7272 sddm: several local privileges escalation issues [fedora-all]<br
Bump to latest upstream git (and a new release), fixes CVE-2014-7271 and CVE-2014-7272

CentOS

CEBA-2014:1368 CentOS 5 at BugFix Update

CentOS Errata and Bugfix Advisory 2014:1368 

Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-1368.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
380ebf4be76ba9eded6f619366711e01537d705dacca24f7c5592a985bb8d6c2  at-3.1.8-84.el5_11.1.i386.rpm

x86_64:
ba03ad178a7e969747230ed905e4cdb79c4e67202ffbadc4a21fde7438747f98  at-3.1.8-84.el5_11.1.x86_64.rpm

Source:
fa016225f2927a0b81fe40dccc7511de0ad20b12f3a23a5a579f3da3d0c0101f  at-3.1.8-84.el5_11.1.src.rpm
NVD

CVE-2014-3190 (chrome, enterprise_linux_desktop_supplementary, enterprise_linux_server_supplementary, enterprise_linux_server_supplementary_eus, enterprise_linux_workstation_supplementary)

Use-after-free vulnerability in the Event::currentTarget function in core/events/Event.cpp in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JavaScript code that accesses the path property of an Event object.

NVD

CVE-2014-3195 (chrome, enterprise_linux_desktop_supplementary, enterprise_linux_server_supplementary, enterprise_linux_server_supplementary_eus, enterprise_linux_workstation_supplementary)

Google V8, as used in Google Chrome before 38.0.2125.101, does not properly track JavaScript heap-memory allocations as allocations of uninitialized memory and does not properly concatenate arrays of double-precision floating-point numbers, which allows remote attackers to obtain sensitive information via crafted JavaScript code, related to the PagedSpace::AllocateRaw and NewSpace::AllocateRaw functions in heap/spaces-inl.h, the LargeObjectSpace::AllocateRaw function in heap/spaces.cc, and the Runtime_ArrayConcat function in runtime.cc.

NVD

CVE-2014-3191 (chrome, enterprise_linux_desktop_supplementary, enterprise_linux_server_supplementary, enterprise_linux_server_supplementary_eus, enterprise_linux_workstation_supplementary)

Use-after-free vulnerability in Blink, as used in Google Chrome before 38.0.2125.101, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers a widget-position update that improperly interacts with the render tree, related to the FrameView::updateLayoutAndStyleForPainting function in core/frame/FrameView.cpp and the RenderLayerScrollableArea::setScrollOffset function in core/rendering/RenderLayerScrollableArea.cpp.

NVD

CVE-2014-3197 (chrome, enterprise_linux_desktop_supplementary, enterprise_linux_server_supplementary, enterprise_linux_server_supplementary_eus, enterprise_linux_workstation_supplementary)

The NavigationScheduler::schedulePageBlock function in core/loader/NavigationScheduler.cpp in Blink, as used in Google Chrome before 38.0.2125.101, does not properly provide substitute data for pages blocked by the XSS auditor, which allows remote attackers to obtain sensitive information via a crafted web site.