debian NEW UPDATES Debian

[V.T. Eric Layton]

- -------------------------------------------------------------------------Debian Security Advisory DSA-2147-1 security@debian.orghttp://www.debian.org/security/ Steve KempJanuary 16, 2011 http://www.debian.org/security/faq- -------------------------------------------------------------------------Package : pimdVulnerability : insecure temporary filesProblem type : localDebian-specific: noCVE ID : CVE-2011-0007Vincent Bernat discovered that pimd, a multicast routing daemon, createsfiles with predictable names upon the receipt of particular signals.======- -------------------------------------------------------------------------Debian Security Advisory DSA-2146-1 security@debian.orghttp://www.debian.org/security/ Moritz MuehlenhoffJanuary 16, 2011 http://www.debian.org/security/faq- -------------------------------------------------------------------------Package : mydmsVulnerability : directory traversalProblem type : remoteDebian-specific: noCVE ID : CVE-2010-2006D. Fabian and L. Weichselbaum discovered a directory traversal vulnerability in MyDMS, a open-source document management system based on PHP and MySQL.

[V.T. Eric Layton]

- -------------------------------------------------------------------------Debian Security Advisory DSA-2148-1 security@debian.orghttp://www.debian.org/security/ Moritz MuehlenhoffJanuary 17, 2011 http://www.debian.org/security/faq- -------------------------------------------------------------------------Package : torVulnerability : severalProblem type : remoteDebian-specific: noCVE ID : CVE-2011-0427The developers of Tor, an anonymizing overlay network for TCP, found three security issues during a security audit. A heap overflow allowedthe execution of arbitrary code (CVE-2011-0427), a denial of servicevulnerability was found in the zlib compression handling and some keymemory was incorrectly zeroed out before being freed. The latter two issues do not yet have CVE identifiers assigned. The Debian SecurityTracker will be updated once they're available:http://security-tracker.debian.org/tracker...rce-package/tor

[V.T. Eric Layton]

- ---------------------------------------------------------------------------Debian Security Advisory DSA-2149-1 security@debian.orghttp://www.debian.org/security/ Nico GoldeJanuary 20, 2011 http://www.debian.org/security/faq- ---------------------------------------------------------------------------Package : dbusVulnerability : denial of serviceProblem type : localDebian-specific: noDebian bug : noneCVE ID : CVE-2010-4352Rémi Denis-Courmont discovered that dbus, a message bus application,is not properly limiting the nesting level when examining messages withextensive nested variants. This allows an attacker to crash the dbus systemdaemon due to a call stack overflow via crafted messages.

[V.T. Eric Layton]

- -------------------------------------------------------------------------Debian Security Advisory DSA-2150-1 security@debian.orghttp://www.debian.org/security/ Thijs KinkhorstJanuary 22, 2011 http://www.debian.org/security/faq- -------------------------------------------------------------------------Package : request-tracker3.6Vulnerability : unsalted password hashingProblem type : localDebian-specific: noCVE ID : CVE-2011-0009It was discovered that Request Tracker, an issue tracking system,stored passwords in its database by using an insufficiently stronghashing method. If an attacker would have access to the passworddatabase, he could decode the passwords stored in it.

[V.T. Eric Layton]

-------------------------------------------------------------------------The Debian Project http://www.debian.org/pdated Debian GNU/Linux: 5.0.8 released press@debian.orgJanuary 22nd, 2011 http://www.debian.org/News/2011/20110122-------------------------------------------------------------------------Updated Debian GNU/Linux: 5.0.8 releasedThe Debian project is pleased to announce the eighth update of itsstable distribution Debian GNU/Linux 5.0 (codename "lenny"). Thisupdate mainly adds corrections for security problems to the stablerelease, along with a few adjustment to serious problems.Please note that this update does not constitute a new version of DebianGNU/Linux 5.0 but only updates some of the packages included. There isno need to throw away 5.0 CDs or DVDs but only to update via anup-to-date Debian mirror after an installation, to cause any out of datepackages to be updated.Those who frequently install updates from security.debian.org won't haveto update many packages and most updates from security.debian.org areincluded in this update.New CD and DVD images containing updated packages and the regularinstallation media accompanied with the package archive respectivelywill be available soon at the regular locations.Upgrading to this revision online is usually done by pointing theaptitude (or apt) package tool (see the sources.list(5) manual page) toone of Debian's many FTP or HTTP mirrors. A comprehensive list ofmirrors is available at: Miscellaneous Bugfixes----------------------This stable update adds a few important corrections to the followingpackages: Package Reason awstats Fix directory traversal via crafted LoadPlugin directory base-files Update debian_version for the point release boxbackup Reduce root CA expiration date to avoid overflow in 2038 git-core Fix cross-site scripting vulnerability gquilt Insecure setting of PYTHONPATH hamlib Use system libltdl rather than an internal copy vulnerable to CVE-2009-3736 ia32-libs Refresh with new packages from lenny and lenny-security ia32-libs-gtk Refresh with new packages from lenny and lenny-security ldap-account-manager Fix upgrades from lenny by dropping master password debconf question libcgi-pm-perl Fix header-parsing related security issues libcgi-simple-perl Fix header-parsing related security issues libgadu Fix memory corruption when removing dcc7 sessions man-db Suppress locale warnings when being run from a dpkg maintainer script mediawiki Deny framing on most pages to minimise risk of clickjacking movabletype-opensource Fix various XSS and SQL security issues mumble Don't make configuration file world-readable; delete /var/lib/mumble-server on purge opensc Protect against buffer overflow from rogue cards perl Fix header-parsing related security bugs; update to Safe-2.25 postgresql-8.3 New upstream bugfix release spamassassin Update list of ARIN netblock delegations to avoid false positives in RelayEval splashy Modify lsb-base-logging.sh to avoid issues if splashy is removed but not purged surfraw Update Debian security-tracker URL user-mode-linux Rebuild against linux-source-2.6.26 (2.6.26-26lenny1) xdigger Fix buffer overflow errorsSecurity Updates----------------This revision adds the following security updates to the stable release.The Security Team has already released an advisory for each of theseupdates: Advisory ID Package Correction(s) DSA-2110 linux-2.6 Several issues DSA-2122 glibc Privilege escalation DSA-2126 linux-2.6 Several issues DSA-2127 wireshark Denial of service DSA-2128 libxml2 Potential code execution DSA-2129 krb5 Checksum verification weakness DSA-2130 bind9 Denial of service DSA-2131 exim4 Remote code execution DSA-2132 xulrunner Several vulnerabilities DSA-2133 collectd Denial of service DSA-2135 xpdf Several vulnerabilities DSA-2136 tor Potential code execution DSA-2137 libxml2 Several vulnerabilities DSA-2138 wordpress SQL injection DSA-2139 phpmyadmin Several DSA-2140 libapache2-mod-fcgid Stack overflow DSA-2141 apache2 Add backward compatibility options when used with new openssl DSA-2141 nss Protocol design flaw DSA-2141 apache2-mpm-itk Rebuild with apache2-src 2.2.9-10+lenny9 DSA-2141 openssl Protocol design flaw DSA-2141 lighttpd Compatibility problem with updated openssl DSA-2142 dpkg Directory traversal DSA-2143 mysql-dfsg-5.0 Several vulnerabilities DSA-2144 wireshark Buffer overflow DSA-2145 libsmi Buffer overflow DSA-2146 mydms Directory traversal problem DSA-2147 pimd Insecure temporary files DSA-2148 tor SeveralRemoved packages----------------The following packages were removed due to circumstances beyond ourcontrol: Package Reason pytris security issues; abandoned upstream python-gendoc broken with python >= 2.5 clive completely broken gmailfs broken due to gmail changes; abandoned upstream python-libgmail broken due to gmail changes; abandoned upstreamAbout Debian------------The Debian Project is an association of Free Software developers whovolunteer their time and effort in order to produce the completely freeoperating system Debian GNU/Linux.Contact Information-------------------For further information, please visit the Debian web pages at, send mail to , or contactthe stable release team at

[V.T. Eric Layton]

- --------------------------------------------------------------------------Debian Security Advisory DSA 2151-1 security@debian.orghttp://www.debian.org/security/ Martin SchulzeJanuary 26th, 2011 http://www.debian.org/security/faq- --------------------------------------------------------------------------Package : openoffice.orgVulnerability : severalProblem type : local (remote)Debian-specific: noCVE ID : CVE-2010-3450 CVE-2010-3451 CVE-2010-3452 CVE-2010-3453 CVE-2010-3454 CVE-2010-3689 CVE-2010-4253 CVE-2010-4643 Several security related problems have been discovered in theOpenOffice.org package that allows malformed documents to trick thesystem into crashes or even the execution of arbitrary code.CVE-2010-3450 During an internal security audit within Red Hat, a directory traversal vulnerability has been discovered in the way OpenOffice.org 3.1.1 through 3.2.1 processes XML filter files. If a local user is tricked into opening a specially-crafted OOo XML filters package file, this problem could allow remote attackers to create or overwrite arbitrary files belonging to local user or, potentially, execute arbitrary code.CVE-2010-3451 During his work as a consultant at Virtual Security Research (VSR), Dan Rosenberg discovered a vulnerability in OpenOffice.org's RTF parsing functionality. Opening a maliciously crafted RTF document can caus an out-of-bounds memory read into previously allocated heap memory, which may lead to the execution of arbitrary code.CVE-2010-3452 Dan Rosenberg discovered a vulnerability in the RTF file parser which can be leveraged by attackers to achieve arbitrary code execution by convincing a victim to open a maliciously crafted RTF file.CVE-2010-3453 As part of his work with Virtual Security Research, Dan Rosenberg discovered a vulnerability in the WW8ListManager::WW8ListManager() function of OpenOffice.org that allows a maliciously crafted file to cause the execution of arbitrary code.CVE-2010-3454 As part of his work with Virtual Security Research, Dan Rosenberg discovered a vulnerability in the WW8DopTypography::ReadFromMem() function in OpenOffice.org that may be exploited by a maliciously crafted file which allowins an attacker to control program flow and potentially execute arbitrary code.CVE-2010-3689 Dmitri Gribenko discovered that the soffice script does not treat an empty LD_LIBRARY_PATH variable like an unset one, may lead to the execution of arbitrary code.CVE-2010-4253 A heap based buffer overflow has been discovered with unknown impact.CVE-2010-4643 A vulnerability has been discovered in the way OpenOffice.org handles TGA graphics which can be tricked by a specially crafted TGA file that could cause the program to crash due to a heap-based buffer overflow with unknown impact.

[V.T. Eric Layton]

- -------------------------------------------------------------------------Debian Security Advisory DSA-2152-1 security@debian.orghttp://www.debian.org/security/ Moritz MuehlenhoffJanuary 27, 2011 http://www.debian.org/security/faq- -------------------------------------------------------------------------Package : hplipVulnerability : buffer overflowProblem type : remoteDebian-specific: noCVE ID : CVE-2010-4267Debian Bug : 610960Sebastian Krahmer discovered a buffer overflow in the SNMP discovery codeof the HP Linux Printing and Imaging System, which could result in theexecution of arbitrary code.

[V.T. Eric Layton]

- -------------------------------------------------------------------------Debian Security Advisory DSA-2153-1 security@debian.orghttp://www.debian.org/security/ dann frazierJanuary 30, 2011 http://www.debian.org/security/faq- -------------------------------------------------------------------------Package : linux-2.6Vulnerability : privilege escalation/denial of service/information leakProblem type : local/remoteDebian-specific: noCVE Id(s) : CVE-2010-0435 CVE-2010-3699 CVE-2010-4158 CVE-2010-4162 CVE-2010-4163 CVE-2010-4242 CVE-2010-4243 CVE-2010-4248 CVE-2010-4249 CVE-2010-4258 CVE-2010-4342 CVE-2010-4346 CVE-2010-4526 CVE-2010-4527 CVE-2010-4529 CVE-2010-4565 CVE-2010-4649 CVE-2010-4656 CVE-2010-4668 CVE-2011-0521Several vulnerabilities have been discovered in the Linux kernel that may leadto a privilege escalation, denial of service or information leak. ======- ------------------------------------------------------------------------Debian Security Advisory DSA-2154-1 security@debian.orghttp://www.debian.org/security/ Stefan FritschJanuary 30, 2011 http://www.debian.org/security/faq- ------------------------------------------------------------------------Package : exim4Vulnerability : privilege escalationProblem type : localCVE Id(s) : CVE-2010-4345 CVE-2011-0017Behaviour change : yesA design flaw (CVE-2010-4345) in exim4 allowed the loal Debian-eximuser to obtain root privileges by specifying an alternateconfiguration file using the -C option or by using the macro overridefacility (-D option). Unfortunately, fixing this vulnerability is notpossible without some changes in exim4's behvaviour. If you use the -Cor -D options or use the system filter facility, you should evaluatethe changes carefully and adjust your configuration accordingly. TheDebian default configuration is not affected by the changes.The detailed list of changes is described in the NEWS.Debian file inthe packages. The relevant sections are also reproduced below.In addition to that, missing error handling for the setuid/setgidsystem calls allowed the Debian-exim user to cause root to appendlog data to arbitrary files (CVE-2011-0017).======- -------------------------------------------------------------------------Debian Security Advisory DSA-2155-1 security@debian.orghttp://www.debian.org/security/ Moritz MuehlenhoffJanuary 30, 2011 http://www.debian.org/security/faq- -------------------------------------------------------------------------Package : freetypeVulnerability : severalProblem type : remoteDebian-specific: noCVE ID : CVE-2010-3814 CVE-2010-3855Two buffer overflows were found in the Freetype font library, which couldlead to the execution of arbitrary code.======- ------------------------------------------------------------------------Debian Security Advisory DSA-2154-2 security@debian.orghttp://www.debian.org/security/ Stefan FritschJanuary 30, 2011 http://www.debian.org/security/faq- ------------------------------------------------------------------------Package : exim4Vulnerability : privilege escalation / regressionProblem type : localCVE Id(s) : CVE-2010-4345 CVE-2011-0017Debian bug : 611572Behaviour change : yesThe updated packages from DSA-2154-1 introduced a regression whichprevented unprivileged users from using 'exim4 -bf' to test filterconfigurations. This update fixes this problem.Please also read the information provided in DSA-2154-1 if you havenot done so already.======- ------------------------------------------------------------------------Debian Security Advisory DSA-2156-1 security@debian.orghttp://www.debian.org/security/ Steve KempJanuary 31, 2011 http://www.debian.org/security/faq- ------------------------------------------------------------------------Package : pcscdVulnerability : buffer overflowProblem type : localDebian-specific: noCVE ID : CVE-2010-4531MWR InfoSecurity identified a buffer overflow in pcscd, middlewareto access a smart card via PC/SC, which could lead to the executionof arbitrary code.

[V.T. Eric Layton]

- -------------------------------------------------------------------------Debian Security Advisory DSA-2157-1 security@debian.orghttp://www.debian.org/security/ Florian WeimerFebruary 03, 2011 http://www.debian.org/security/faq- -------------------------------------------------------------------------Package : postgresql-8.3, postgresql-8.4, postgresql-9.0Vulnerability : buffer overflowProblem type : remoteDebian-specific: noCVE ID : CVE-2010-4015It was discovered that PostgreSQL's intarray contrib module does notproperly handle integers with a large number of digits, leading to aserver crash and potentially arbitary code execution.

[V.T. Eric Layton]

-------------------------------------------------------------------------The Debian Project http://www.debian.org/Debian 6.0 "Squeeze" released press@debian.orgFebruary 5th, 2011 http://www.debian.org/News/2011/20110205a-------------------------------------------------------------------------Debian 6.0 "Squeeze" releasedAfter 24 months of constant development, the Debian Project is proud topresent its new stable version 6.0 (code name "Squeeze"). Debian 6.0 isa free operating system, coming for the first time in two flavours.Alongside Debian GNU/Linux, Debian GNU/kFreeBSD is introduced with thisversion as a "technology preview".Debian 6.0 includes the KDE Plasma Desktop and Applications, the GNOME,Xfce, and LXDE desktop environments as well as all kinds of serverapplications. It also features compatibility with the FHS v2.3 andsoftware developed for version 3.2 of the LSB.Debian runs on computers ranging from palmtops and handheld systems tosupercomputers, and on nearly everything in between. A total of ninearchitectures are supported by Debian GNU/Linux: 32-bit PC / IntelIA-32 (i386), 64-bit PC / Intel EM64T / x86-64 (amd64), Motorola/IBMPowerPC (powerpc), Sun/Oracle SPARC (sparc), MIPS (mips (big-endian)and mipsel (little-endian)), Intel Itanium (ia64), IBM S/390 (s390),and ARM EABI (armel).Debian 6.0 "Squeeze" introduces technical previews of two new ports tothe kernel of the FreeBSD project using the known Debian/GNU userland:Debian GNU/kFreeBSD for the 32-bit PC (kfreebsd-i386) and the 64-bit PC(kfreebsd-amd64). These ports are the first ones ever to be included ina Debian release which are not based on the Linux kernel. The supportof common server software is strong and combines the existing featuresof Linux-based Debian versions with the unique features known from theBSD world. However, for this release these new ports are limited; forexample, some advanced desktop features are not yet supported.Another first is the completely free Linux kernel, which no longercontains problematic firmware files. These were split out into separatepackages and moved out of the Debian main archive into the non-freearea of our archive, which is not enabled by default. In this wayDebian users have the possibility of running a completely freeoperating system, but may still choose to use non-free firmware filesif necessary. Firmware files needed during installation may be loadedby the installation system; special CD images and tarballs for USBbased installations are available too. More information about this maybe found in the Debian Firmware wiki page. 1: http://wiki.debian.org/FirmwareFurthermore, Debian 6.0 introduces a dependency based boot system,making system start-up faster and more robust due to parallel executionof boot scripts and correct dependency tracking between them. Variousother changes make Debian more suitable for small form factornotebooks, like the introduction of the KDE Plasma Netbook shell.This release includes numerous updated software packages, such as: * KDE Plasma Workspaces and KDE Applications 4.4.5 * an updated version of the GNOME desktop environment 2.30 * the Xfce 4.6 desktop environment * LXDE 0.5.0 * X.Org 7.5 * OpenOffice.org 3.2.1 * GIMP 2.6.11 * Iceweasel 3.5.16 (an unbranded version of Mozilla Firefox) * Icedove 3.0.11 (an unbranded version of Mozilla Thunderbird) * PostgreSQL 8.4.6 * MySQL 5.1.49 * GNU Compiler Collection 4.4.5 * Linux 2.6.32 * Apache 2.2.16 * Samba 3.5.6 * Python 2.6.6, 2.5.5 and 3.1.3 * Perl 5.10.1 * PHP 5.3.3 * Asterisk 1.6.2.9 * Nagios 3.2.3 * Xen Hypervisor 4.0.1 (dom0 as well as domU support) * OpenJDK 6b18 * Tomcat 6.0.18 * more than 29,000 other ready-to-use software packages, built from nearly 15,000 source packages.Debian 6.0 includes over 10,000 new packages like the browser Chromium,the monitoring solution Icinga, the package management frontendSoftware Center, the network manager wicd, the Linux container toolslxc and the cluster framework Corosync.With this broad selection of packages, Debian once again stays true toits goal of being the universal operating system. It is suitable formany different use cases: from desktop systems to netbooks; fromdevelopment servers to cluster systems; and for database, web orstorage servers. At the same time, additional quality assurance effortslike automatic installation and upgrade tests for all packages inDebian's archive ensure that Debian 6.0 fulfils the high expectationsthat users have of a stable Debian release. It is rock solid andrigorously tested.Starting from Debian 6.0, the "Custom Debian Distributions" are renamedto "Debian Pure Blends" [2]. Their coverage has increased as Debian 6.0adds >Debian Accessibility [3], DebiChem [4], Debian EzGo [5], DebianGIS [6] and Debian Multimedia [7] to the already existing Debian Edu[8], Debian Med [9] and Debian Science [10] "pure blends". The fullcontent of all the blends can be browsed [11], including prospectivepackages that users are welcome to nominate for addition to the nextrelease. 2: http://blends.alioth.debian.org/ 3: http://www.debian.org/devel/debian-accessibility/ 4: http://debichem.alioth.debian.org/ 5: http://wiki.debian.org/DebianEzGo 6: http://wiki.debian.org/DebianGis 7: http://blends.alioth.debian.org/multimedia/tasks/index 8: http://wiki.debian.org/DebianEdu 9: http://www.debian.org/devel/debian-med/ 10: http://wiki.debian.org/DebianScience 11: http://blends.alioth.debian.org/Debian may be installed from various installation media such as Blu-rayDiscs, DVDs, CDs and USB sticks or from the network. GNOME is thedefault desktop environment and is contained on the first CD. Otherdesktop environments — KDE Plasma Desktop and Applications, Xfce,or LXDE — may be installed through two alternative CD images. Thedesired desktop environment may also be chosen from the boot menus ofthe CDs/DVDs. Again available with Debian 6.0 are multi-architectureCDs and DVDs which support installation of multiple architectures froma single disc. The creation of bootable USB installation media hasalso been greatly simplified; see the Installation Guide [12] for moredetails. 12: http://www.debian.org/releases/squeeze/installmanualIn addition to the regular installation media, Debian GNU/Linux mayalso be directly used without prior installation. The special imagesused, known as live images, are available for CDs, USB sticks andnetboot setups. Initially, these are provided for the amd64 and i386architectures only. It is also possible to use these live images toinstall Debian GNU/Linux.The installation process for Debian GNU/Linux 6.0 has been improved invarious ways, including easier selection of language and keyboardsettings, and partitioning of logical volumes, RAID and encryptedsystems. Support has also been added for the ext4 and Btrfs filesystemsand — on the kFreeBSD architecture — the Zettabytefilesystem (ZFS). The installation system for Debian GNU/Linux is nowavailable in 70 languages.Debian installation images may be downloaded right now via BitTorrent[13] (the recommended method), jigdo [14] or HTTP [15]; see Debian onCDs [16] for further information. It will soon be available onphysical DVD, CD-ROM and Blu-ray Discs from numerous vendors [17], too. 13: http://www.debian.org/CD/torrent-cd/ 14: http://www.debian.org/CD/jigdo-cd/#which 15: http://www.debian.org/CD/http-ftp/ 16: http://www.debian.org/CD/ 17: http://www.debian.org/CD//vendorsUpgrades to Debian GNU/Linux 6.0 from the previous release, DebianGNU/Linux 5.0 (codenamed "Lenny"), are automatically handled by theapt-get package management tool for most configurations, and to acertain degree also by the aptitude package management tool. Asalways, Debian GNU/Linux systems may be upgraded painlessly, in place,without any forced downtime, but it is strongly recommended to read therelease notes [18] as well as the installation guide [19] for possibleissues, and for detailed instructions on installing and upgrading. Therelease notes will be further improved and translated to additionallanguages in the weeks after the release. 18: http://www.debian.org/releases/squeeze/releasenotes 19: http://www.debian.org/releases/squeeze/installmanualAbout Debian------------Debian is a free operating system, developed by thousands of volunteersfrom all over the world who collaborate via the Internet. The Debianproject's key strengths are its volunteer base, its dedication to theDebian Social Contract and Free Software, and its commitment to providethe best operating system possible. Debian 6.0 is another importantstep in that direction.Contact Information-------------------For further information, please visit the Debian web pages athttp://www.debian.org or send mail to .

[V.T. Eric Layton]

------------------------------------------------------------------------The Debian Project http://www.debian.org/Debian Archive Signing Key to be changed press@debian.orgFebruary 9th, 2011 http://www.debian.org/News/2011/20110209------------------------------------------------------------------------Debian Archive Signing Key to be changedThe Debian Project wishes to announce the change of the GNU PrivacyGuard key used to digitally sign the archive reference files.Signatures are used to ensure that packages installed by users are thevery same originally distributed by Debian and have not been exchangedor tempered with.Affected distributions are the Debian unstable branch (codenamed "Sid")as well as the testing branch (codenamed "Wheezy"). The Debian Security(security.debian.org) and Backports (backports.debian.org) archive alsostart using the new key now. The current stable version DebianGNU/Linux 6.0 (codenamed "Squeeze") and the current oldstable versionDebian GNU/Linux 5.0 (codenamed "Lenny") will have their ftpmastersignature updated with their next point release.The new key has already been distributed via the debian-archive-keyring[1] package and is included in all current releases of Debian. 1: http://packages.debian.org/debian-archive-keyringStarting with the next mirror update this evening only the new key willbe used.For reference, the old key is: pub 4096R/55BE302B 2009-01-27 [expires: 2012-12-31] Key fingerprint = 150C 8614 919D 8446 E01E 83AF 9AA3 8DCD 55BE 302B uid Debian Archive Automatic Signing Key (5.0/lenny) and the new one: pub 4096R/473041FA 2010-08-27 [expires: 2018-03-05] Key fingerprint = 9FED 2BCB DCD2 9CDF 7626 78CB AED4 B06F 4730 41FA uid Debian Archive Automatic Signing Key (6.0/squeeze) This key rollover is a normal maintainance task and was started inAugust 2010 [2]. For security reasons Debian's archive signing keysregularily expire after three years. 2: http://lists.debian.org/87d3t3as2k.fsf@gkar.ganneff.de======- ------------------------------------------------------------------------Debian Security Advisory DSA-2158-1 security@debian.orghttp://www.debian.org/security/ Steve KempFebruary 9, 2011 http://www.debian.org/security/faq- ------------------------------------------------------------------------Package : cgiircVulnerability : cross-site scriptingProblem type : localDebian-specific: noCVE ID : CVE-2011-0050Michael Brooks (Sitewatch) discovered a reflective XSS flaw incgiirc, a web based IRC client, which could lead to the executionof arbitrary javascript.

[V.T. Eric Layton]

- -------------------------------------------------------------------------Debian Security Advisory DSA-2159-1 security@debian.orghttp://www.debian.org/security/ Moritz MuehlenhoffFebruary 10, 2011 http://www.debian.org/security/faq- -------------------------------------------------------------------------Package : vlcVulnerability : missing input sanitisingProblem type : (local)remoteDebian-specific: noCVE ID : CVE-2011-0531Dan Rosenberg discovered that insufficient input validation in VLC's processing of Matroska/WebM containers could lead to the execution of arbitrary code.

[V.T. Eric Layton]

- -------------------------------------------------------------------------Debian Security Advisory DSA-2160-1 security@debian.orghttp://www.debian.org/security/ Moritz MuehlenhoffFebruary 13, 2011 http://www.debian.org/security/faq- -------------------------------------------------------------------------Package : tomcat6Vulnerability : severalProblem type : remoteDebian-specific: noCVE ID : CVE-2010-3718 CVE-2011-0013 CVE-2011-0534Debian Bug : 612257Several vulnerabilities were discovered in the Tomcat Servlet and JSPengine:CVE-2010-3718 It was discovered that the SecurityManager insufficiently restricted the working directory.CVE-2011-0013 It was discovered that the HTML manager interface is affected by cross-site scripting.CVE-2011-0534 It was discovered that NIO connector performs insufficient validation of the HTTP headers, which could lead to denial of service.

[V.T. Eric Layton]

- -------------------------------------------------------------------------Debian Security Advisory DSA-2161-1 security@debian.orghttp://www.debian.org/security/ Florian WeimerFebruary 13, 2011 http://www.debian.org/security/faq- -------------------------------------------------------------------------Package : openjdk-6Vulnerability : denial of serviceProblem type : local (remote)Debian-specific: noCVE ID : CVE-2010-4476Debian Bug : 612660It was discovered that the floating point parser in OpenJDK, animplementation of the Java platform, can enter an infinite loop whenprocessing certain input strings. Such input strings represent validnumbers and can be contained in data supplied by an attacker over thenetwork, leading to a denial-of-service attack.

[V.T. Eric Layton]

- -------------------------------------------------------------------------Debian Security Advisory DSA-2162-1 security@debian.orghttp://www.debian.org/security/ Nico GoldeFebruary 14, 2011 http://www.debian.org/security/faq- -------------------------------------------------------------------------Package : opensslVulnerability : invalid memory accessProblem type : remoteDebian-specific: noCVE ID : CVE-2011-0014Neel Mehta discovered that an incorrectly formatted ClientHello handshakemessage could cause OpenSSL to parse past the end of the message. Thisallows an attacker to crash an application using OpenSSL by triggeringan invalid memory access. Additionally, some applications may be vulnerableto expose contents of a parsed OCSP nonce extension.Packages in the oldstable distribution (lenny) are not affected by thisproblem.

[V.T. Eric Layton]

- -------------------------------------------------------------------------Debian Security Advisory DSA-2163-1 security@debian.orghttp://www.debian.org/security/ Nico GoldeFebruary 14, 2011 http://www.debian.org/security/faq- -------------------------------------------------------------------------Package : python-djangoVulnerability : multipleProblem type : remoteDebian-specific: noCVE ID : CVE-2011-0696 CVE-2011-0697Several vulnerabilities were discovered in the django web developmentframework:CVE-2011-0696 For several reasons the internal CSRF protection was not used to validate ajax requests in the past. However, it was discovered that this exception can be exploited with a combination of browser plugins and redirects and thus is not sufficient.CVE-2011-0697 It was discovered that the file upload form is prone to cross-site scripting attacks via the file name.It is important to note that this update introduces minor backwardincompatibilities due to the fixes for the above issues.For the exact details, please see:http://docs.djangoproject.com/en/1.2/releases/1.2.5/and in particular the "Backwards incompatible changes" section.======- -------------------------------------------------------------------------Debian Security Advisory DSA-2161-2 security@debian.orghttp://www.debian.org/security/ Florian WeimerFebruary 14, 2011 http://www.debian.org/security/faq- -------------------------------------------------------------------------Package : openjdk-6Vulnerability : severalProblem type : remoteDebian-specific: noCVE ID : CVE-2010-4476 CVE-2009-3555Debian Bug : 612660It was discovered that the floating point parser in OpenJDK, animplementation of the Java platform, can enter an infinite loop whenprocessing certain input strings. Such input strings represent validnumbers and can be contained in data supplied by an attacker over thenetwork, leading to a denial-of-service attack.

[V.T. Eric Layton]

- -------------------------------------------------------------------------Debian Security Advisory DSA-2164-1 security@debian.orghttp://www.debian.org/security/ Nico GoldeFebruary 16, 2011 http://www.debian.org/security/faq- -------------------------------------------------------------------------Package : shadowVulnerability : insufficient input sanitizationProblem type : localDebian-specific: noCVE ID : CVE-2011-0721Kees Cook discovered that the chfn and chsh utilities do not properlysanitize user input that includes newlines. An attacker could use thisto to corrupt passwd entries and may create users or groups in NISenvironments.=====- -------------------------------------------------------------------------Debian Security Advisory DSA-2165-1 security@debian.orghttp://www.debian.org/security/ Luciano BelloFebruary 16, 2011 http://www.debian.org/security/faq- -------------------------------------------------------------------------Package : ffmpeg-debianVulnerability : buffer overflowProblem type : remoteDebian-specific: noCVE ID : CVE-2010-3429 CVE-2010-4704 CVE-2010-4705Several vulnerabilities have been discovered in FFmpeg coders, which are used byby MPlayer and other applications.CVE-2010-3429 Cesar Bernardini and Felipe Andres Manzano reported an arbitrary offset dereference vulnerability in the libavcodec, in particular in the flic file format parser. A specific flic file may exploit this vulnerability and execute arbitrary code. Mplayer is also affected by this problem, as well as other software that use this library.CVE-2010-4704 Greg Maxwell discovered an integer overflow the Vorbis decoder in FFmpeg. A specific ogg file may exploit this vulnerability and execute arbitrary code.CVE-2010-4705 A potential integer overflow has been discovered in the Vorbis decoder in FFmpeg.=====- -------------------------------------------------------------------------Debian Security Advisory DSA-2166-1 security@debian.orghttp://www.debian.org/security/ Giuseppe IuculanoFebruary 16, 2011 http://www.debian.org/security/faq- -------------------------------------------------------------------------Package : chromium-browserVulnerability : severalProblem type : remoteDebian-specific: noCVE ID : CVE-2011-0777 CVE-2011-0778 CVE-2011-0783 CVE-2011-0983 CVE-2011-0981 CVE-2011-0984 CVE-2011-0985Several vulnerabilities were discovered in the Chromium browser.The Common Vulnerabilities and Exposures project identifies thefollowing problems:CVE-2011-0777 Use-after-free vulnerability in Google Chrome before 9.0.597.84 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to image loadingCVE-2011-0778 Google Chrome before 9.0.597.84 does not properly restrict drag and drop operations, which might allow remote attackers to bypass the Same Origin Policy via unspecified vectorsCVE-2011-0783 Unspecified vulnerability in Google Chrome before 9.0.597.84 allows user-assisted remote attackers to cause a denial of service (application crash) via vectors involving a "bad volume setting."CVE-2011-0983 Google Chrome before 9.0.597.94 does not properly handle anonymous blocks, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."CVE-2011-0981 Google Chrome before 9.0.597.94 does not properly perform event handling for animations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."CVE-2011-0984 Google Chrome before 9.0.597.94 does not properly handle plug-ins, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectorsCVE-2011-0985 Google Chrome before 9.0.597.94 does not properly perform process termination upon memory exhaustion, which has unspecified impact and remote attack vectors.=====- -------------------------------------------------------------------------Debian Security Advisory DSA-2167-1 security@debian.orghttp://www.debian.org/security/ Thijs KinkhorstFebruary 16, 2011 http://www.debian.org/security/faq- -------------------------------------------------------------------------Package : phpmyadminVulnerability : sql injectionProblem type : remoteDebian-specific: noCVE ID : CVE-2011-0987It was discovered that phpMyAdmin, a a tool to administer MySQL overthe web, when the bookmarks feature is enabled, allowed to create abookmarked query which would be executed unintentionally by other users.=====- -------------------------------------------------------------------------Debian Security Advisory DSA-2168-1 security@debian.orghttp://www.debian.org/security/ Moritz MuehlenhoffFebruary 16, 2011 http://www.debian.org/security/faq- -------------------------------------------------------------------------Package : openafsVulnerability : severalProblem type : remoteDebian-specific: noCVE ID : CVE-2011-0430 CVE-2011-0431Two vulnerabilities were discovered the distributed filesystem AFS:CVE-2011-0430 Andrew Deason discovered that a double free in the Rx server process could lead to denial of service or the execution of arbitrary code.CVE-2011-0431 It was discovered that insufficient error handling in the kernel module could lead to denial of service.

[V.T. Eric Layton]

- -------------------------------------------------------------------------Debian Security Advisory DSA-2169-1 security@debian.orghttp://www.debian.org/security/ Nico GoldeFebruary 16, 2011 http://www.debian.org/security/faq- -------------------------------------------------------------------------Package : telepathy-gabbleVulnerability : insufficient input validationProblem type : remoteDebian-specific: noCVE ID : none yetIt was discovered that telepathy-gabble, the Jabber/XMMP connection managerfor the Telepathy framework, is processing google:jingleinfo updates withoutvalidating their origin. This may allow an attacker to trick telepathy-gabbleinto relaying streamed media data through a server of his choice and thusintercept audio and video calls.

[V.T. Eric Layton]

- -------------------------------------------------------------------------Debian Security Advisory DSA-2171-1 security@debian.orghttp://www.debian.org/security/ Moritz MuehlenhoffFebruary 21, 2011 http://www.debian.org/security/faq- -------------------------------------------------------------------------Package : asteriskVulnerability : buffer overflowProblem type : remoteDebian-specific: noCVE ID : CVE-2011-0495Debian Bug : 610487Matthew Nicholson discovered a buffer overflow in the SIP channel driverof Asterisk, an open source PBX and telephony toolkit, which could leadto the execution of arbitrary code.

[V.T. Eric Layton]

- -------------------------------------------------------------------------Debian Security Advisory DSA-2174-1 security@debian.orghttp://www.debian.org/security/ Thijs KinkhorstFebruary 26, 2011 http://www.debian.org/security/faq- -------------------------------------------------------------------------Package : avahiVulnerability : denial of serviceProblem type : remoteDebian-specific: noCVE ID : CVE-2011-1002Debian Bug : 614785It was discovered that avahi, an implementation of the zeroconf protocol,can be crashed remotely by a single UDP packet, which may result in adenial of service.

[V.T. Eric Layton]

- -------------------------------------------------------------------------Debian Security Advisory DSA-2173-1 security@debian.orghttp://www.debian.org/security/ Thijs KinkhorstFebruary 26, 2011 http://www.debian.org/security/faq- -------------------------------------------------------------------------Package : pam-pgsqlVulnerability : buffer overflowProblem type : remoteDebian-specific: noDebian Bug : 603436It was discovered that pam-pgsql, a PAM module to authenticate usinga PostgreSQL database, was vulnerable to a buffer overflow in suppliedIP-addresses.

[V.T. Eric Layton]

- -------------------------------------------------------------------------Debian Security Advisory DSA-2163-2 security@debian.orghttp://www.debian.org/security/ Thijs KinkhorstMarch 1, 2011 http://www.debian.org/security/faq- -------------------------------------------------------------------------Package : dajaxiceVulnerability : multipleProblem type : remoteDebian-specific: noCVE ID : CVE-2011-0696 CVE-2011-0697The changes in python-django DSA-2163 necessary to fix the issuesCVE-2011-0696 and CVE-2011-0697 introduced an unavoidable backwardincompatibility, which caused a regression in dajaxice, whichdepends on python-django. This update supplies fixed packages fordajaxice.

[V.T. Eric Layton]

- -------------------------------------------------------------------------Debian Security Advisory DSA-2176-1 security@debian.orghttp://www.debian.org/security/ Moritz MuehlenhoffMarch 02, 2011 http://www.debian.org/security/faq- -------------------------------------------------------------------------Package : cupsVulnerability : severalProblem type : remoteDebian-specific: noCVE ID : CVE-2008-5183 CVE-2009-3553 CVE-2010-0540 CVE-2010-0542 CVE-2010-1748 CVE-2010-2431 CVE-2010-2432 CVE-2010-2941Several vulnerabilities have been discovered in the Common UNIX PrintingSystem:CVE-2008-5183 A null pointer dereference in RSS job completion notifications could lead to denial of service.CVE-2009-3553 It was discovered that incorrect file descriptor handling could lead to denial of service.CVE-2010-0540 A cross-site request forgery vulnerability was discovered in the web interface.CVE-2010-0542 Incorrect memory management in the filter subsystem could lead to denial of service.CVE-2010-1748 Information disclosure in the web interface. CVE-2010-2431 Emmanuel Bouillon discovered a symlink vulnerability in handling of cache files.CVE-2010-2432 Denial of service in the authentication code.CVE-2010-2941 Incorrect memory management in the IPP code could lead to denial of service or the execution of arbitrary code.

[V.T. Eric Layton]

- -------------------------------------------------------------------------Debian Security Advisory DSA-2177-1 security@debian.orghttp://www.debian.org/security/ Florian WeimerMarch 02, 2011 http://www.debian.org/security/faq- -------------------------------------------------------------------------Package : pywebdavVulnerability : SQL injectionProblem type : remoteDebian-specific: noCVE ID : CVE-2011-0432It was discovered that python-webdav, a WebDAV server implementation,contains several SQL injection vulnerabilities in the processing ofuser credentials.=====- -------------------------------------------------------------------------Debian Security Advisory DSA-2178-1 security@debian.orghttp://www.debian.org/security/ Florian WeimerMarch 02, 2011 http://www.debian.org/security/faq- -------------------------------------------------------------------------Package : pango1.0Vulnerability : NULL pointer dereferenceProblem type : remoteDebian-specific: noCVE ID : CVE-2011-0064It was discovered that pango did not check for memory allocationfailures, causing a NULL pointer dereference with an adjustableoffset. This can lead to application crashes and potentiallyarbitrary code execution.=====- -------------------------------------------------------------------------Debian Security Advisory DSA-2179-1 security@debian.orghttp://www.debian.org/security/ Florian WeimerMarch 02, 2011 http://www.debian.org/security/faq- -------------------------------------------------------------------------Package : dtcVulnerability : SQL injectionProblem type : remoteDebian-specific: noCVE ID : CVE-2011-0434 CVE-2011-0435 CVE-2011-0436 CVE-2011-0437Debian Bug : 614302Ansgar Burchardt discovered several vulnerabilities in DTC, a webcontrol panel for admin and accounting hosting services.

[V.T. Eric Layton]

- -------------------------------------------------------------------------Debian Security Advisory DSA-2183-1 security@debian.orghttp://www.debian.org/security/ Raphael GeissertMarch 04, 2011 http://www.debian.org/security/faq- -------------------------------------------------------------------------Package : nbdVulnerability : buffer overflowProblem type : remoteDebian-specific: noCVE ID : CVE-2011-0530It was discovered a regression of a buffer overflow (CVE-2005-3534) in nbd, the Network Block Device server, that could allow arbitrary code executionon the NBD server via a large request.======- -------------------------------------------------------------------------Debian Security Advisory DSA-2184-1 security@debian.orghttp://www.debian.org/security/ Florian WeimerMarch 05, 2011 http://www.debian.org/security/faq- -------------------------------------------------------------------------Package : isc-dhcpVulnerability : denial of serviceProblem type : remoteDebian-specific: noCVE ID : CVE-2011-0413Debian Bug : 611217It was discovered that the ISC DHCPv6 server does not correctlyprocess requests which come from unexpected source addresses, leadingto an assertion failure and a daemon crash.

[V.T. Eric Layton]

- -------------------------------------------------------------------------Debian Security Advisory DSA-2185-1 security@debian.orghttp://www.debian.org/security/ Moritz MuehlenhoffMarch 07, 2011 http://www.debian.org/security/faq- -------------------------------------------------------------------------Package : proftpd-dfsgVulnerability : integer overflowProblem type : remoteDebian-specific: noCVE ID : CVE-2011-1137It was discovered that an integer overflow in the SFTP file transfermodule of the ProFTPD daemon could lead to denial of service. The oldstable distribution (lenny) is not affected.

[V.T. Eric Layton]

- -------------------------------------------------------------------------Debian Security Advisory DSA-2186-1 security@debian.orghttp://www.debian.org/security/ Moritz MuehlenhoffMarch 09, 2011 http://www.debian.org/security/faq- -------------------------------------------------------------------------Package : iceweaselVulnerability : severalProblem type : remoteDebian-specific: noCVE ID : CVE-2010-1585 CVE-2011-0051 CVE-2011-0053 CVE-2011-0054 CVE-2011-0055 CVE-2011-0055 CVE-2011-0056 CVE-2011-0057 CVE-2011-0059Several vulnerabilities have been discovered in Iceweasel, a web browser based on Firefox. The included XULRunner library provides renderingservices for several other applications included in Debian.CVE-2010-1585 Roberto Suggi Liverani discovered that the sanitising performed by ParanoidFragmentSink was incomplete.CVE-2011-0053 Crashes in the layout engine may lead to the execution of arbitrary code.CVE-2011-0051 Zach Hoffmann discovered that incorrect parsing of recursive eval() calls could lead to attackers forcing acceptance of a confirmation dialogue.CVE-2011-0054, CVE-2010-0056 Christian Holler discovered buffer overflows in the Javascript engine, which could allow the execution of arbitrary code.CVE-2011-0055 "regenrecht" and Igor Bukanov discovered a use-after-free error in the JSON-Implementation, which could lead to the execution of arbitrary code.CVE-2011-0057 Daniel Kozlowski discovered that incorrect memory handling the web workers implementation could lead to the execution of arbitrary code.CVE-2011-0059 Peleus Uhley discovered a cross-site request forgery risk in the plugin code.======- -------------------------------------------------------------------------Debian Security Advisory DSA-2187-1 security@debian.orghttp://www.debian.org/security/ Moritz MuehlenhoffMarch 09, 2011 http://www.debian.org/security/faq- -------------------------------------------------------------------------Package : icedoveVulnerability : severalProblem type : remoteDebian-specific: noCVE ID : CVE-2010-1585 CVE-2011-0051 CVE-2011-0053 CVE-2011-0054 CVE-2011-0055 CVE-2011-0056 CVE-2011-0057 CVE-2011-0059Several vulnerabilities have been discovered in Icedove, an unbrandedversion of the Thunderbird mail/news client.CVE-2010-1585 Roberto Suggi Liverani discovered that the sanitising performed by ParanoidFragmentSink was incomplete.CVE-2011-0053 Crashes in the layout engine may lead to the execution of arbitrary code.CVE-2011-0051 Zach Hoffmann discovered that incorrect parsing of recursive eval() calls could lead to attackers forcing acceptance of a confirmation dialogue.CVE-2011-0054, CVE-2010-0056 Christian Holler discovered buffer overflows in the Javascript engine, which could allow the execution of arbitrary code.CVE-2011-0055 "regenrecht" and Igor Bukanov discovered a use-after-free error in the JSON-Implementation, which could lead to the execution of arbitrary code.CVE-2011-0057 Daniel Kozlowski discovered that incorrect memory handling the web workers implementation could lead to the execution of arbitrary code.CVE-2011-0059 Peleus Uhley discovered a cross-site request forgery risk in the plugin code.======- -------------------------------------------------------------------------Debian Security Advisory DSA-2188-1 security@debian.orghttp://www.debian.org/security/ Giuseppe IuculanoMarch 10, 2011 http://www.debian.org/security/faq- -------------------------------------------------------------------------Package : webkitVulnerability : severalProblem type : remoteDebian-specific: noCVE ID : CVE-2010-1783 CVE-2010-2901 CVE-2010-4199 CVE-2010-4040 CVE-2010-4492 CVE-2010-4493 CVE-2010-4577 CVE-2010-4578 CVE-2010-0474 CVE-2011-0482 CVE-2011-0778Several vulnerabilities have been discovered in webkit, a Web content enginelibrary for Gtk+. The Common Vulnerabilities and Exposures project identifiesthe following problems:CVE-2010-1783 WebKit does not properly handle dynamic modification of a text node, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document.CVE-2010-2901 The rendering implementation in WebKit allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.CVE-2010-4199 WebKit does not properly perform a cast of an unspecified variable during processing of an SVG use element, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted SVG document.CVE-2010-4040 WebKit does not properly handle animated GIF images, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted image.CVE-2010-4492 Use-after-free vulnerability in WebKit allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG animations.CVE-2010-4493 Use-after-free vulnerability in Webkit allows remote attackers to cause a denial of service via vectors related to the handling of mouse dragging eventsCVE-2010-4577 The CSSParser::parseFontFaceSrc function in WebCore/css/CSSParser.cpp in WebKit does not properly parse Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted local font, related to "Type Confusion."CVE-2010-4578 WebKit does not properly perform cursor handling, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale pointers."CVE-2011-0482 WebKit does not properly perform a cast of an unspecified variable during handling of anchors, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted HTML documentCVE-2011-0778 WebKit does not properly restrict drag and drop operations, which might allow remote attackers to bypass the Same Origin Policy via unspecified vectors.

[V.T. Eric Layton]

- -------------------------------------------------------------------------Debian Security Advisory DSA-2189-1 security@debian.orghttp://www.debian.org/security/ Giuseppe IuculanoMarch 10, 2011 http://www.debian.org/security/faq- -------------------------------------------------------------------------Package : chromium-browserVulnerability : severalProblem type : remoteDebian-specific: noCVE ID : CVE-2011-1108 CVE-2011-1109 CVE-2011-1113 CVE-2011-1114 CVE-2011-1115 CVE-2011-1121 CVE-2011-1122Several vulnerabilities were discovered in the Chromium browser.The Common Vulnerabilities and Exposures project identifies thefollowing problems: CVE-2011-1108 Google Chrome before 9.0.597.107 does not properly implement JavaScript dialogs, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted HTML document.CVE-2011-1109 Google Chrome before 9.0.597.107 does not properly process nodes in Cascading Style Sheets (CSS) stylesheets, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."CVE-2011-1113 Google Chrome before 9.0.597.107 on 64-bit Linux platforms does not properly perform pickle deserialization, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.CVE-2011-1114 Google Chrome before 9.0.597.107 does not properly handle tables, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale node."CVE-2011-1115 Google Chrome before 9.0.597.107 does not properly render tables, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."CVE-2011-1121 Integer overflow in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a TEXTAREA element.CVE-2011-1122 The WebGL implementation in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, aka Issue 71960.

[V.T. Eric Layton]

- -------------------------------------------------------------------------Debian Security Advisory DSA-2190-1 security@debian.orghttp://www.debian.org/security/ Giuseppe IuculanoMarch 11, 2011 http://www.debian.org/security/faq- -------------------------------------------------------------------------Package : wordpressVulnerability : severalProblem type : remoteDebian-specific: noCVE ID : CVE-2011-0700 CVE-2011-0701Two XSS bugs and one potential information disclosure issue were discoveredin wordpress, a weblog manager.The Common Vulnerabilities and Exposures project identifies thefollowing problems:CVE-2011-0700 Input passed via the post title when performing a "Quick Edit" or "Bulk Edit" action and via the "post_status", "comment_status", and "ping_status" parameters is not properly sanitised before being used. Certain input passed via tags in the tags meta-box is not properly sanitised before being returned to the user.CVE-2011-0701 Wordpress incorrectly enforces user access restrictions when accessing posts via the media uploader and can be exploited to disclose the contents of e.g. private or draft posts.

[V.T. Eric Layton]

- -------------------------------------------------------------------------Debian Security Advisory DSA-2191-1 security@debian.orghttp://www.debian.org/security/ Moritz MuehlenhoffMarch 14, 2011 http://www.debian.org/security/faq- -------------------------------------------------------------------------Package : proftpd-dfsgVulnerability : severalProblem type : remoteDebian-specific: noCVE ID : CVE-2008-7265 CVE-2010-3867 CVE-2010-4652Several vulnerabilities have been discovered in ProFTPD, a versatile, virtual-hosting FTP daemon:CVE-2008-7265 Incorrect handling of the ABOR command could lead to denial of service through elevated CPU consumption.CVE-2010-3867 Several directory traversal vulnerabilities have been discovered in the mod_site_misc module.CVE-2010-4562 A SQL injection vulnerability was discovered in the mod_sql module.