Vulnerabilities.

Ag. D. Hatzimanikas a.hatzim at gmail.com
Wed Jun 25 03:58:22 PDT 2008


I've gathered this information about vulnerable packages (could be more).


PACKAGE   | LINK| BOOK VERSION | RESOLUTION|
____________________________________________
Ruby      | [1] | AFFECTED     | Upgrade   |
Freetype  | [2] | AFFECTED     | Upgrade   |
Libvorbis | [3] | AFFECTED     | [9]       | 
Openssl   | [4] | AFFECTED     | Upgrade   |
Imlib     | [5] | AFFECTED     | [10]      |
Libxslt   | [6] | AFFECTED     | Upgrade   |
Mplayer   | [7] | AFFECTED     | Upgrade   |
Libpng    | [8] | AFFECTED     | Upgrade   |
============================================


1. http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/
2. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1806
3. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1419
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1420
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1423
4. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0891
5. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2426
6. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1767
7. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1558
8. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1382

9.  http://sources.gentoo.org/viewcvs.py/gentoo-x86/media-libs/libvorbis/files/
10. http://sources.gentoo.org/viewcvs.py/*checkout*/gentoo-x86/media-libs/imlib2/files/imlib2-1.4.0-CVE-2008-2426.patch

Thanks (mostly) to GLSA (Gentoo Linux Security Advisory)

http://security.gentoo.org/

-- 
http://wiki.linuxfromscratch.org/blfs/wiki/Hacking



More information about the blfs-dev mailing list