[SECURITY-L] Vulnerabilidades de seguranca

Qui Nov 17 16:36:45 -02 2005

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Srs. Assinantes,

Atualizamos o site do CSIRT (Computer Security Incident Response Team) da Unicamp
com os seguintes boletins de vulnerabilidades:

Anúncio de Segurança do Conectiva Linux:
========================================
08/11/2005 - CLA-2005:1044
Assunto: Correcoes para vulnerabilidades do Clamav. 
http://www.security.unicamp.br/docs/bugs/2005/11/v28.txt

08/11/2005 - CLA-2005:1043
Assunto: Correcoes para diversas falhas de seguranca no ethereal. 
http://www.security.unicamp.br/docs/bugs/2005/11/v27.txt

07/11/2005 - CLA-2005:1042
Assunto: Correcoes de seguranca para o koffice.
http://www.security.unicamp.br/docs/bugs/2005/11/v26.txt

CAIS-Alerta:
============
14/11/2005
Assunto: Multiplas Vunerabilidades na implementacao do protocolo ISAKMP. 
http://www.security.unicamp.br/docs/bugs/2005/11/v31.txt

09/11/2005
Assunto: Vulnerabilidades no Sistema de Renderizacao de Imagens
do Windows (896424). 
http://www.security.unicamp.br/docs/bugs/2005/11/v30.txt

07/11/2005
Assunto: Vulnerabilidade no XMLRPC para PHP. 
http://www.security.unicamp.br/docs/bugs/2005/11/v29.txt

Debian Security Advisory:
=========================
15/11/2005 - DSA 897-1
Assunto: phpsysinfo.
http://www.security.unicamp.br/docs/bugs/2005/11/v69.txt

15/11/2005 - DSA 896-1
Assunto: linux-ftpd-ssl. 
http://www.security.unicamp.br/docs/bugs/2005/11/v68.txt

14/11/2005 - DSA 895-1
Assunto: uim. 
http://www.security.unicamp.br/docs/bugs/2005/11/v67.txt

14/11/2005 - DSA 894-1
Assunto: abiword. 
http://www.security.unicamp.br/docs/bugs/2005/11/v66.txt

14/11/2005 - DSA 893-1
Assunto: acidlab. 
http://www.security.unicamp.br/docs/bugs/2005/11/v65.txt

09/11/2005 - DSA 890-1
Assunto: libungif4. 
http://www.security.unicamp.br/docs/bugs/2005/11/v61.txt

08/11/2005 - DSA 889-1
Assunto: enigmail. 
http://www.security.unicamp.br/docs/bugs/2005/11/v60.txt

07/11/2005 - DSA 809-3
Assunto: squid. 
http://www.security.unicamp.br/docs/bugs/2005/11/v59.txt

07/11/2005 - DSA 888-1
Assunto: openssl. 
http://www.security.unicamp.br/docs/bugs/2005/11/v58.txt

07/11/2005 - DSA 886-1
Assunto: chmlib. 
http://www.security.unicamp.br/docs/bugs/2005/11/v57.txt

07/11/2005 - DSA 885-1
Assunto: openvpn. 
http://www.security.unicamp.br/docs/bugs/2005/11/v56.txt

07/11/2005 - DSA 884-1
Assunto: horde3. 
http://www.security.unicamp.br/docs/bugs/2005/11/v55.txt

Fedora Update Notification:
===========================
14/11/2005 - FEDORA-2005-1078
Assunto: Fedora Core 3: lynx. 
http://www.security.unicamp.br/docs/bugs/2005/11/v43.txt

10/11/2005 - FEDORA-2005-1072
Assunto: Fedora Core 3: sysreport. 
http://www.security.unicamp.br/docs/bugs/2005/11/v42.txt

10/11/2005 - FEDORA-2005-1071
Assunto: Fedora Core 4: sysreport.
http://www.security.unicamp.br/docs/bugs/2005/11/v41.txt

09/11/2005 - FEDORA-2005-1066
Assunto: Fedora Core 4: spamassassin. 
http://www.security.unicamp.br/docs/bugs/2005/11/v40.txt

09/11/2005 - FEDORA-2005-1065
Assunto: Fedora Core 3: spamassassin. 
http://www.security.unicamp.br/docs/bugs/2005/11/v39.txt

09/11/2005 - FEDORA-2005-1063
Assunto: Fedora Core 3: sylpheed. 
http://www.security.unicamp.br/docs/bugs/2005/11/v38.txt

07/11/2005 - FEDORA-2005-1053
Assunto: Fedora Core 4: lm_sensors. 
http://www.security.unicamp.br/docs/bugs/2005/11/v35.txt

07/11/2005 - FEDORA-2005-1029
Assunto: Fedora Core 3: libgda. 
http://www.security.unicamp.br/docs/bugs/2005/11/v34.txt

07/11/2005 - FEDORA-2005-992
Assunto: Fedora Core 4: openldap. 
http://www.security.unicamp.br/docs/bugs/2005/11/v33.txt

07/11/2005 - FEDORA-2005-1054
Assunto: Fedora Core 3: lm_sensors. 
http://www.security.unicamp.br/docs/bugs/2005/11/v32.txt

Gentoo Linux Security Advisory:
===============================
16/11/2005 - GLSA 200511-14
Assunto: GTK+ 2, GdkPixbuf: Multiple XPM decoding vulnerabilities. 
http://www.security.unicamp.br/docs/bugs/2005/11/v54.txt

15/11/2005 - GLSA 200511-13
Assunto: Sylpheed, Sylpheed-Claws: Buffer overflow in LDIF importer. 
http://www.security.unicamp.br/docs/bugs/2005/11/v53.txt

15/11/2005 - GLSA 200511-12
Assunto: Scorched 3D: Multiple vulnerabilities. 
http://www.security.unicamp.br/docs/bugs/2005/11/v51.txt

13/11/2005 - GLSA 200511-11
Assunto: linux-ftpd-ssl: Remote buffer overflow. 
http://www.security.unicamp.br/docs/bugs/2005/11/v52.txt

13/11/2005 - GLSA 200511-10
Assunto: RAR: Format string and buffer overflow vulnerabilities.
http://www.security.unicamp.br/docs/bugs/2005/11/v50.txt

13/11/2005 - GLSA 200511-09
Assunto: Lynx: Arbitrary command execution. 
http://www.security.unicamp.br/docs/bugs/2005/11/v49.txt

13/11/2005 - GLSA 200511-08
Assunto: PHP: Multiple vulnerabilities. 
http://www.security.unicamp.br/docs/bugs/2005/11/v48.txt

06/11/2005 - GLSA 200511-07
Assunto: OpenVPN: Multiple vulnerabilities. 
http://www.security.unicamp.br/docs/bugs/2005/11/v47.txt

06/11/2005 - GLSA 200511-06
Assunto: fetchmail: Password exposure in fetchmailconf. 
http://www.security.unicamp.br/docs/bugs/2005/11/v46.txt

06/11/2005 - GLSA 200511-05
Assunto: GNUMP3d: Directory traversal and XSS vulnerabilities. 
http://www.security.unicamp.br/docs/bugs/2005/11/v44.txt

06/11/2005 - GLSA 200511-04
Assunto: ClamAV: Multiple vulnerabilities. 
http://www.security.unicamp.br/docs/bugs/2005/11/v45.txt

Mandriva Linux Security Update Advisory:
========================================
16/11/2005 - MDKSA-2005:212
Assunto: egroupware. 
http://www.security.unicamp.br/docs/bugs/2005/11/v82.txt

12/11/2005 - MDKSA-2005:211
Assunto: lynx. 
http://www.security.unicamp.br/docs/bugs/2005/11/v81.txt

09/11/2005 - MDKSA-2005:210
Assunto: w3c-libwww. 
http://www.security.unicamp.br/docs/bugs/2005/11/v80.txt

09/11/2005 - MDKSA-2005:209
Assunto: fetchmail. 
http://www.security.unicamp.br/docs/bugs/2005/11/v79.txt

09/11/2005 - MDKSA-2005:208
Assunto: emacs. 
http://www.security.unicamp.br/docs/bugs/2005/11/v78.txt

09/11/2005 - MDKSA-2005:207
Assunto: libungif. 
http://www.security.unicamp.br/docs/bugs/2005/11/v77.txt

08/11/2005 - MDKSA-2005:206
Assunto: openvpn.
http://www.security.unicamp.br/docs/bugs/2005/11/v76.txt

07/11/2005 - MDKSA-2005:205
Assunto: clamav. 
http://www.security.unicamp.br/docs/bugs/2005/11/v75.txt

Slackware Security Advisory:
============================
08/11/2005 - SSA:2005-311-01
Assunto: elm mailer. 
http://www.security.unicamp.br/docs/bugs/2005/11/v74.txt

Ubuntu Security Notice:
=======================
16/11/2005 - USN-216-1
Assunto: gtk+2.0, gdk-pixbuf vulnerabilities. 
http://www.security.unicamp.br/docs/bugs/2005/11/v73.txt

09/11/2005 - USN-151-4
Assunto: rpm vulnerability. 
http://www.security.unicamp.br/docs/bugs/2005/11/v71.txt

07/11/2005 - USN-215-1
Assunto: fetchmail vulnerability. 
http://www.security.unicamp.br/docs/bugs/2005/11/v72.txt

07/11/2005 - USN-214-1
Assunto: libungif4 vulnerabilities.
http://www.security.unicamp.br/docs/bugs/2005/11/v70.txt

- --
Computer Security Incident Response Team - CSIRT
Universidade Estadual de Campinas - UNICAMP
mailto:security at unicamp.br
http://www.security.unicamp.br
GnuPG Public Key: http://www.security.unicamp.br/security.asc

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (FreeBSD)

iD8DBQFDfM2P/UMb1l3gm8IRAp/4AKCPuro+1P1FaYuMeIGA2NQqPITaxwCg83i5
tj7pd6Enb4UA4TGsQuI7C6c=
=M4gH
-----END PGP SIGNATURE-----