[gentoo-announce] [ GLSA 200801-06 ] Xfce: Multiple vulnerabilities - gentoo-announce

From:	Robert Buchholz <rbu@g.o>
To:	gentoo-announce@l.g.o
Cc:	bugtraq@×××××××××××××.com, full-disclosure@××××××××××××××.uk, security-alerts@×××××××××××××.com
Subject:	[gentoo-announce] [ GLSA 200801-06 ] Xfce: Multiple vulnerabilities
Date:	Wed, 09 Jan 2008 23:32:05
Message-Id:	`200801100026.26274.rbu@gentoo.org`

1

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

2

Gentoo Linux Security Advisory                        GLSA 200801-06:02

3

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

4

                                            http://security.gentoo.org/

5

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

6

7

  Severity: Normal

8

     Title: Xfce: Multiple vulnerabilities

9

      Date: January 09, 2008

10

   Updated: January 09, 2008

11

      Bugs: #201292, #201293

12

        ID: 200801-06:02

13

14

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

15

16

Synopsis

17

========

18

19

Multiple vulnerabilities in Xfce might allow user-assisted attackers to

20

execute arbitrary code.

21

22

Background

23

==========

24

25

Xfce is a GTK+ 2 based desktop environment that allows to run a modern

26

desktop environment on modest hardware.

27

28

Affected packages

29

=================

30

31

    -------------------------------------------------------------------

32

     Package                /  Vulnerable  /                Unaffected

33

    -------------------------------------------------------------------

34

  1  xfce-base/xfce4-panel       < 4.4.2                      >= 4.4.2

35

  2  xfce-base/libxfcegui4       < 4.4.2                      >= 4.4.2

36

    -------------------------------------------------------------------

37

     2 affected packages on all of their supported architectures.

38

    -------------------------------------------------------------------

39

40

Description

41

===========

42

43

Gregory Andersen reported that the Xfce4 panel does not correctly

44

calculate memory boundaries, leading to a stack-based buffer overflow

45

in the launcher_update_panel_entry() function (CVE-2007-6531). Daichi

46

Kawahata reported libxfcegui4 did not copy provided values when

47

creating "SessionClient" structs, possibly leading to access of freed

48

memory areas (CVE-2007-6532).

49

50

Impact

51

======

52

53

A remote attacker could entice a user to install a specially crafted

54

"rc" file to execute arbitrary code via long strings in the "Name" and

55

"Comment" fields or via unspecified vectors involving the second

56

vulnerability.

57

58

Workaround

59

==========

60

61

There is no known workaround at this time.

62

63

Resolution

64

==========

65

66

All Xfce4 panel users should upgrade to the latest version:

67

68

    # emerge --sync

69

    # emerge --ask --oneshot --verbose ">=xfce-base/xfce4-panel-4.4.2"

70

71

All libxfcegui4 users should upgrade to the latest version:

72

73

    # emerge --sync

74

    # emerge --ask --oneshot --verbose ">=xfce-base/libxfcegui4-4.4.2"

75

76

Please refer to the Upgrading section of the Xfce Configuration Guide

77

in case you are upgrading from Xfce 4.2.

78

79

References

80

==========

81

82

  [ 1 ] CVE-2007-6531

83

        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6531

84

  [ 2 ] CVE-2007-6532

85

        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6532

86

  [ 3 ] Xfce Configuration Guide

87

        http://www.gentoo.org/doc/en/xfce-config.xml

88

89

Availability

90

============

91

92

This GLSA and any updates to it are available for viewing at

93

the Gentoo Security Website:

94

95

  http://security.gentoo.org/glsa/glsa-200801-06.xml

96

97

Concerns?

98

=========

99

100

Security is a primary focus of Gentoo Linux and ensuring the

101

confidentiality and security of our users machines is of utmost

102

importance to us. Any security concerns should be addressed to

103

security@g.o or alternatively, you may file a bug at

104

http://bugs.gentoo.org.

105

106

License

107

=======

108

109

Copyright 2008 Gentoo Foundation, Inc; referenced text

110

belongs to its owner(s).

111

112

The contents of this document are licensed under the

113

Creative Commons - Attribution / Share Alike license.

114

115

http://creativecommons.org/licenses/by-sa/2.5

Gentoo Archives: gentoo-announce

Attachments

1	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2	Gentoo Linux Security Advisory GLSA 200801-06:02
3	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
4	http://security.gentoo.org/
5	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
6
7	Severity: Normal
8	Title: Xfce: Multiple vulnerabilities
9	Date: January 09, 2008
10	Updated: January 09, 2008
11	Bugs: #201292, #201293
12	ID: 200801-06:02
13
14	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
15
16	Synopsis
17	========
18
19	Multiple vulnerabilities in Xfce might allow user-assisted attackers to
20	execute arbitrary code.
21
22	Background
23	==========
24
25	Xfce is a GTK+ 2 based desktop environment that allows to run a modern
26	desktop environment on modest hardware.
27
28	Affected packages
29	=================
30
31	-------------------------------------------------------------------
32	Package / Vulnerable / Unaffected
33	-------------------------------------------------------------------
34	1 xfce-base/xfce4-panel < 4.4.2 >= 4.4.2
35	2 xfce-base/libxfcegui4 < 4.4.2 >= 4.4.2
36	-------------------------------------------------------------------
37	2 affected packages on all of their supported architectures.
38	-------------------------------------------------------------------
39
40	Description
41	===========
42
43	Gregory Andersen reported that the Xfce4 panel does not correctly
44	calculate memory boundaries, leading to a stack-based buffer overflow
45	in the launcher_update_panel_entry() function (CVE-2007-6531). Daichi
46	Kawahata reported libxfcegui4 did not copy provided values when
47	creating "SessionClient" structs, possibly leading to access of freed
48	memory areas (CVE-2007-6532).
49
50	Impact
51	======
52
53	A remote attacker could entice a user to install a specially crafted
54	"rc" file to execute arbitrary code via long strings in the "Name" and
55	"Comment" fields or via unspecified vectors involving the second
56	vulnerability.
57
58	Workaround
59	==========
60
61	There is no known workaround at this time.
62
63	Resolution
64	==========
65
66	All Xfce4 panel users should upgrade to the latest version:
67
68	# emerge --sync
69	# emerge --ask --oneshot --verbose ">=xfce-base/xfce4-panel-4.4.2"
70
71	All libxfcegui4 users should upgrade to the latest version:
72
73	# emerge --sync
74	# emerge --ask --oneshot --verbose ">=xfce-base/libxfcegui4-4.4.2"
75
76	Please refer to the Upgrading section of the Xfce Configuration Guide
77	in case you are upgrading from Xfce 4.2.
78
79	References
80	==========
81
82	[ 1 ] CVE-2007-6531
83	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6531
84	[ 2 ] CVE-2007-6532
85	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6532
86	[ 3 ] Xfce Configuration Guide
87	http://www.gentoo.org/doc/en/xfce-config.xml
88
89	Availability
90	============
91
92	This GLSA and any updates to it are available for viewing at
93	the Gentoo Security Website:
94
95	http://security.gentoo.org/glsa/glsa-200801-06.xml
96
97	Concerns?
98	=========
99
100	Security is a primary focus of Gentoo Linux and ensuring the
101	confidentiality and security of our users machines is of utmost
102	importance to us. Any security concerns should be addressed to
103	security@g.o or alternatively, you may file a bug at
104	http://bugs.gentoo.org.
105
106	License
107	=======
108
109	Copyright 2008 Gentoo Foundation, Inc; referenced text
110	belongs to its owner(s).
111
112	The contents of this document are licensed under the
113	Creative Commons - Attribution / Share Alike license.
114
115	http://creativecommons.org/licenses/by-sa/2.5