LWN.net Weekly Edition for April 21, 2005

LCA2005: The state of Debian

Bdale Garbee led off the linux.conf.au 2005 Debian "miniconf" with a discussion of the state of the Debian project as he sees it. He covered several topics of interest to the Debian community - and beyond.

With regard to the recently-concluded project leader election: Bdale was clearly not entirely comfortable with Branden Robinson as a project leader candidate. He did say, however, that Branden clearly wants to do the right thing with Debian, and that the community should work with him to make that happen. It will, he says, be interesting.

In general, there are difficulties with the whole concept of the Debian project leader. The Debian community prizes cooperation and working together to create the best distribution possible, but the project leader process focuses, instead, on singling out an individual. The job is too much for one person to handle, and, in any case, that one person can only do so much to affect the development of Debian. And the election process, which extends over a nine-week period, takes far too long relative to a one-year term.

The Debian technical committee is not working as well as it could be either. Its current composition needs to be reviewed; some of the committee's members have not been active participants for some time. The committee could take a more active role in directing Debian's development. At the same time, the people who complain that the committee is insufficiently active could also step forward and try to influence things on their own.

Project Scud is an initiative to create a sort of advisory committee to help the Debian project leader in his work. This project was endorsed by Branden Robinson, so one assumes that it will be implemented in some form. Bdale noted that not everybody is comfortable with this idea. The committee's role, as it relates to the project's constitution, is not particularly clear. The committee is self-selected, and is not necessarily representative of the entire project. Some people feel left out. Bdale feels that Scud might improve the situation. But, he says, it's a hack, and the project can do better.

Bdale's proposal for doing better is to amend the constitution to bring about a significant change in the project's governance. The Debian project leader would be replaced with an elected board. A board could divide up the work, and, hopefully, give more attention to what needs to be done. Board candidates could emphasize how well they can work with a team. Running for a board seat is less intimidating than going for a single position. The result of all this could be that more qualified people run for (and are elected to) board seats.

Bdale hopes to get some discussion of this idea at Debconf5, to be held in Helsinki this July. If some sort of consensus emerges, a general resolution could be proposed to the community as a whole. The idea could change a lot in the process, but, Bdale says, there is a pressing need to think creatively about how to evolve Debian, or it will eventually cease to be interesting.

With regard to the sarge release: Bdale noted (jokingly) that he was the last Debian project leader to have overseen a Debian stable release. There comes a point where you have to simply list the remaining hurdles and summon up the will to deal with them. Debian is, he says, getting to the point where it is ready to do this and get sarge out the door. After that, he would like to see Debian go to a more predictable (and shorter) release schedule.

A question was asked about shipping XFree86 4.3 in sarge, long after most other distributions have moved over to the X.Org release. It is, of course, simply a question of getting the sarge release out the door. Now is not the time to replace such a large and fundamental component of the system. It would have been better if sarge had shipped some time ago so that this sort of issue would not come up, but there is little to be done about that now.

Meanwhile, Bdale's plots of the number of Debian maintainers and the number of packages continue to show a linear increase over many years. Debian continues to grow, and is showing no sign of stopping. The project must, it seems, be doing something right.

Comments (1 posted)

How Tridge reverse engineered BitKeeper

Andrew Tridgell delivered the first linux.conf.au keynote on Thursday morning. The bulk of the talk covered software engineering techniques and how the free software community is taking a leading role in adopting those techniques. It was a good talk, and your editor will attempt to write it up later on.

At the end, however, Tridge touched on his role in the separation of the kernel project and BitKeeper. He couldn't talk about much, and he did not announce the release of his BitKeeper client. But he noted that there has been quite a bit of confusion and misinformation regarding what he actually did. It was not, he says, an act of wizardly reverse engineering. Getting a handle on the BitKeeper network protocol turned out to be rather easier than that.

He started by noting that a BitKeeper repository has an identifier like bk://thunk.org:5000/. So, he asked, what happens if you connect to the BitKeeper server port using telnet? A quick demonstration sufficed:

    telnet thunk.org 5000
    Trying 69.25.196.29...
    Connected to thunk.org.
    Escape character is '^]'.

Once connected, why not type a command at it?

    help
    ? - print this help
    abort - abort resolve
    check - check repository
    clone - clone the current repository
    help - print this help
    httpget - http get command
    [...]

Tridge noted that this sort of output made the "reverse engineering" process rather easier. What, he wondered, was the help command there for? Did the BitKeeper client occasionally get confused and have to ask for guidance?

Anyway, given that output, Tridge concluded that perhaps the clone command could be utilized to obtain a clone of a repository. Sure enough, it returned a large volume of output. Even better, that output was a simple series of SCCS files. At that point, the "reverse engineering" task is essentially complete. There was not a whole lot to it.

Now we know about the work which brought about an end to the BitKeeper era.

Comments (22 posted)

Security in Firefox

Perhaps even more than Linux, Firefox is rapidly becoming the poster child for open source. Many users who wouldn't even consider installing Linux on their desktop have happily installed Firefox, looking for features not found in Internet Explorer, and trusting in Firefox's reputation as a more secure alternative than IE.

This reputation has been a bit tattered in recent weeks, though perhaps unfairly. The Mozilla project has released three security updates since February, which has prompted some to call into question the respective security of Firefox in particular, and open source products in general.

Is this proof that Firefox or the Mozilla Suite suffer from as many serious security vulnerabilities as Internet Explorer? Maybe, but the evidence that's in so far suggests otherwise. We spoke to Chris Hofmann, Mozilla's director of engineering, about the recent security fixes and the Mozilla Foundation's security policies.

Hofmann said that Mozilla has built "a larger security community since the Firefox 1.0 release, with "some experts working with us to examine the code and identify potential problems." He also acknowledged that there will be vulnerabilities, but the project is committed to providing a secure browser and repairing problems as quickly as possible.

The latest update closed nine security vulnerabilities three tagged "critical," two rated "high" severity and four rated as "moderate" vulnerabilities. Some of the vulnerabilities have yet to be disclosed, despite the fact that the update is now available. Hofmann said that the project was respecting the wishes of the person reporting the bugs, and that the project tries to use "best judgement" about providing information about exploits. He also noted that it gives users ample time to install updates prior to releasing information that might be used to exploit vulnerabilities.

We also checked on the Mozilla Project's security policies to see what they had to say about disclosure:

Interested readers may also want to peruse the rest of the Mozilla project's security policies.

The 1.0.3 release went through several release candidates before it was finally officially released. We asked Hofmann about the length of time required to release a security fix, what was involved and why it took several weeks to push out a patch. Hofmann said that the Mozilla team was capable of putting out a release quickly, and noted the 24-hour turnaround with the shell exploit discovered last fall.

Hofmann also pointed out that the Mozilla team has pushed out security updates in a matter of days or weeks, whereas Microsoft has been known to push out fixes for vulnerabilities that have been known for months rather than just a short time.

He also noted that the team needs to push out documentation updates, and get information out to application developers and authors of extensions. Hofmann said that a couple of the changes in the 1.0.3 release will require some extension authors to make "adjustments to be forward-compatible" and that most extensions that were affected already have new versions available for Firefox 1.0.3.

At any rate, as pointed out on MozillaNews, there have been more vulnerabilities documented by Symantec that affect Mozilla browsers, but that IE has a greater number of high-severity vulnerabilities. It should also be noted that the vulnerabilities listed for Firefox have not been widely exploited, while IE has been widely exploited. Several critical issues in IE remain open. To be fair, a few vulnerabilities are still listed for Firefox as well.

It's certainly true that Firefox and the Mozilla Suite are not perfect, and do not offer a 100 percent guarantee against security problems simply because the projects are open source. The increased attention being paid to Firefox almost assures that further vulnerabilities will be found. However, the project is developing a good track record of fixing security vulnerabilities as they are discovered, and proactively seeking out security problems. To date, Hofmann says that he is not aware of any exploits in the wild that affect Firefox or Mozilla, which means that the vulnerabilities that have been reported have not had any real impact on the Mozilla userbase aside from the inconvenience of upgrading -- which can hardly be said for Internet Explorer.

Those with a careful eye for distinguishing between the severity of vulnerabilities, the length of time required to find fixes and actual exploits, will find that Firefox is still the better choice for security-conscious users.

Comments (5 posted)

The Grumpy Editor's Guide to Image Management Applications

This article is part of the LWN Grumpy Editor series.

Your editor has, on and off, been interested in photography for more than 25 years. In the beginning, the bleeding-edge technology available included dim red lights, special trays to keep chemicals at the right temperature, and a disk on a stick for those advanced burning and dodging techniques. Though your editor thinks that he can take an OK picture, LWN readers can probably be thankful that this remains a text-oriented publication.

The technology of photography has moved forward in recent years, but certain issues remain. Your editor's closets contain numerous binders full of carefully organized negatives, contact sheets, and slides. Said closets also contain several boxes full of rather less carefully organized photographic output. There's a lot of great pictures there, but chances are good that nobody will ever see them. Organizing photographs is hard.

Now your editor's hard drive looks rather like those boxes in the closet; several years worth of digital photos have accumulated in a messy directory hierarchy with no easy way to find anything of interest. The move to the digital format has, if anything, made the mess worse. How can one cope with all those images? Your editor decided that there must be a free application out there which might help; here is what he found.

Features to look for

Any graphical file manager can enable mouse-based navigation through a directory tree full of images. An application tuned to image management, however, should offer more than that. Anything that can be done to help find a specific image - searching by date, where the picture was taken, who is in it, etc. - is more than welcome. One should not have to dig through a huge box of photos to find that darling shot of one's toddler performing gravity research with the new laptop. This sort of searching requires the creation and maintenance of metadata for images; a good application will make that task easy.

Images from digital cameras include a significant amount of embedded data in the exchangeable image file format (EXIF). The EXIF data can contain the date and time of the picture and a great deal of information on the state of the camera. An image manager should provide easy access to that data, and make use of it when appropriate.

Image management also involves various types of image manipulation. At the simple end of the scale, this means quickly getting rid of the unsuccessful (or incriminating) shots, and, perhaps, changing the orientation of portrait-mode shots. Your editor has found that the family does not always appreciate receiving full-resolution images from his 7 megapixel camera, so the ability to rescale images is needed. Cropping is another common task, both to remove uninteresting imagery or to fit a specific aspect ratio. From there, one can get into color balance tweaking, red-eye removal, noise removal, in-law removal, and advanced psychedelic effects. A good image manager should make the simpler tasks quick and easy, and the harder tasks possible - even if that just involves dumping the user into the Gimp.

An image manager should work well with the rest of the system; it doesn't necessarily help to fix up an image if you can't find the result afterward. An image manager which claims ownership over images and makes them hard to find outside of the application is making life harder. Similarly, some graphical users may appreciate a "move to trash" capability, but the more grumpy among us still like files to simply go away when asked, and have no use for a trash can; an image manager should be able to make files just go away. A good image manager will make printing easy, including selecting high-quality modes, printing multiple images per page, etc. An added bonus for some users might be the ability to quickly create a web page with a set of images. The ability to write a set of images to a CD might also be useful for some.

Your editor reviewed five image management applications, and spent a long day valiantly trying to build a working version of a sixth. Each tool was used to work with its own copy of a directory hierarchy containing about 3000 photos taken over many years. This has been a fun project; there is some good work being done in this area. Free image management tools are still in a relatively primitive form, however; some of them are maturing quickly, but there is some ground yet to cover.

digiKam

Your editor reviewed DigiKam once before, as part of a previous article on camera interface tools. We'll return to digiKam (and gthumb, below) to examine its image management capabilities. DigiKam is a KDE-based application under active development; version 0.7.2 was released on March 4.

DigiKam wants to organize images into "albums." An album is a simple directory full of image files, though digiKam goes out of its way to hide that fact. Files can be "imported" into an album from anywhere; if the file comes from outside the album's directory, however, a copy will be made. The importing process for a large tree of images can be slow, but it only has to be done once. A binary file (digikam.db) appears to track all of the albums known to the application.

The digiKam window shows a pane with the album hierarchy, and a large area with thumbnails from the currently-selected album. By default, the thumbnails are annotated with the size of the image (only); the presentation used consumes a relatively large amount of screen space. Double-clicking on a thumbnail will produce a new window displaying the image itself.

The left-hand pane also includes an area called "My Tags." A few predefined tags ("Events," "People") exist; adding others is easily done with the menus. Clicking on a tag will bring up all images which currently have that tag assigned to them. There appears to be no way to get a view of more than one tag at once. Tags are hierarchical, but there is no inheritance by default. So, for example, if you create tags for each family member under "People," and assign those tags to images, clicking on "People" will not display any of those images. There is a configuration option to change this behavior, however.

Assignment of tags to images is done by way of a right-button menu attached to the thumbnail images. There is also a separate "comments and tags" dialog which, in addition to tag management, allows comments to be associated with images. Both comments and tags are displayed underneath each thumbnail image.

Other dialogs available from the thumbnail view include a "file properties" window and an EXIF information browser. The properties dialog allows the name and permissions of the file to be changed; it will happily make an image file setuid if you ask. There is also a histogram display which gives information on color distribution in the image. The EXIF browser provides full (read-only) access to the metadata stored within the image file; it has a help window describing (briefly) what each EXIF field means.

The image window displays the picture itself, and provides a set of editing options. Rotation, resizing, and cropping are done here; there appears to be no way to constrain the aspect ratio of a cropped image. Rotation of images in digiKam is not optimal: each image must be brought up separately in the image window, rotated, then saved. When you've just pulled dozens of images from your camera, you would like a quicker way to get that job done. Your editor's research indicates that the image window rotation is not lossless. There is said to be a plugin available which can do lossless rotation, but your editor was not able to get it installed.

Printing is a big hole in digiKam's capabilities. There appears to be no option to print multiple images at once (much less N-per-page capabilities). The image view window can print a single image, but it requires the user to type in a print command. At this point in the development of the Linux desktop, we can do better than that.

Like most KDE applications, digiKam is highly configurable; most users will want to tweak at least a few options. By default, digiKam wants to use a "trash can" when asked to remove images, but it can be convinced to simply delete them instead. There is also a plugin mechanism which can be used to add image editing tools.

In summary, digiKam is a capable and useful tool with a few remaining shortcomings. Given its pace of development, chances are that those issues will be ironed out in short order.

f-spot

Perhaps the newest entry into the image management space is f-spot, currently at version 0.0.12. It is a Mono application, written in C#. Despite its youth, f-spot already shows considerable promise, and is a useful application.

f-spot does not bother with albums, directories, or any such nonsense. Instead, it implements a single, time-sorted stream of images with the ability to sort on various types of metadata. Images must be imported into f-spot before use, and the import process can be quite slow. After the import process, the user gets a window with a list of tags on the left, an information area on the bottom left, and a large pane with (possibly thousands of) thumbnails. The thumbnails are not rendered until needed, thankfully.

A feature unique to f-spot is a timeline at the top; clicking on a given month will scroll the thumbnail window to pictures taken on that date. The timeline is not updated when the thumbnail window is scrolled, however, so the two can get out of sync. The sorting of images depends on the date stored in each image's EXIF data; if that data does not exist, the images are given the current date. There appears to be no way to fix an image with a missing date, so it will be forever displayed in the wrong place.

Clicking on a thumbnail causes the lower-left window to be updated with information on that image - date, resolution, and exposure information. Once an image has been selected, a number of editing options are available, including color manipulation, focus adjustment, and rotation. It is possible to select multiple images (by holding down the control key) and rotate them in a single operation.

There is a separate window which can be requested (from the "View" menu) to look at the EXIF information stored in an image.

f-spot allows the user to assign tags to images in a manner very similar to digiKam's. The application also implements the concept of "categories." Your editor was not able to figure out what categories are supposed to do, and how they relate to tags. It was impossible to create new top-level tags (or categories). In general, the tag mechanism appears to need a little work. At the basic level, however, it functions just fine: clicking on a tag will narrow the thumbnail to images with that tag assigned; it is also possible to narrow further to a specific date range.

It would be nice to be able to automatically attach one or more tags to images when they are imported.

Double-clicking on a thumbnail replaces the thumbnail pane with the selected image. It is, thus, not possible to view the thumbnail directory and a specific image at the same time. At the bottom of the image window is a line clearly intended for the entry of comments (though the comments are used nowhere else). There is also a pulldown for the desired aspect ratio; using the mouse, a box (constrained to the chosen ratio) can be drawn over the image, and a click on the scissors icon will crop accordingly. There is a red-eye removal option; the user must first select an area to be affected. In your editor's experience, the selection must be done very carefully, or the red-eye removal will leave obvious artifacts. Given the nature of the task, it would be nice to be able to select elliptical areas, rather than squares, for red-eye removal. There is also a color editing dialog available. Nicely, the mouse wheel will quickly zoom the image in and out.

f-spot handles image editing in an interesting way. The original image is never overwritten; instead, f-spot creates a new version (called "modified" by default). Different versions are selectable via a pulldown in the image information area. Since f-spot seems to assume you'll never do anything with the files directly, it feels free to give modified versions names like "dsc00450 (Modified (2)).jpg".

There is a full set of "export" options for getting images out of f-spot. Images can be exported, for example, to Flickr, to a web gallery, or burned to a CD. The CD writing process seems to work, though some things are unclear - does the program write the original form of an image, or the modified form? The printing support in f-spot is minimal, relative to some of the other tools reviewed here; there is little control over layout and it is easy to get it to attempt to print pages which do not fit on the paper.

f-spot shows some clear potential, especially for those who like the "tagged flat" method of organizing things. Its youth is apparent, but it would seem to be growing up fast; f-spot is worth watching.

flphoto

flphoto is a simple image manager based on the FLTK toolkit. It may be suitable for those looking for a lightweight application, but it has been left behind by the competition in a number of ways. Your editor also found this application relatively easy to crash. Version v1.2 was released in January, 2004; there does not appear to have been a great deal of development activity since then.

Like digiKam, flphoto works with the concept of "albums," into which photos must be imported. Unlike digikam, however, flphoto cannot import a whole directory hierarchy at once; instead, each directory must be fed to the application separately. An album itself is really just a ".album" file which contains a list of image file names.

The flphoto window consists primarily of an image viewing area. Thumbnails are presented in a long, horizontally scrolling window at the bottom; they show up in the order in which they were imported. Clicking on a thumbnail brings the image itself into the main part of the window. To your editor's eye, the quality of the image rendering is poorer than with other applications.

Some image editing options are available, including rotation, scaling, cropping (with aspect ratio constraints), sharpening, and red-eye reduction. There is an "edit" option which fires up the GIMP on the selected image. There is no way to rotate multiple images at once. There is a "properties" window which shows basic EXIF information and allows the entry of comments; those comments are not used for anything, however. flphoto has no concept of tags, or of searching for images in any way.

Printing works well, with a fair amount of flexibility in how images are printed, and even a simple calendar generator. There is a function for exporting images to a web page; flphoto is not able to burn images to a CD.

Overall, flphoto is a tool with some capability, but your editor would recommend that people looking for a new image management utility look elsewhere.

gthumb

gthumb is a GNOME-based application; in many ways it is the most fully-featured of the set. Unlike many other image management applications, gthumb is very much directory-oriented. It is happy working with any directory tree it is pointed to; no need to create albums, import pictures, etc. It thus works well for people who use other applications in their directory hierarchy, or for those who simply want to get started quickly.

The main gthumb window should look familiar by now; it has the usual directory pane and area full of thumbnails. The gthumb "folder" pane only shows one level of the hierarchy, however, which increases the amount of clicking required to wander around in a directory tree. A number of operations can be applied to images in the thumbnail view; these include lossless rotation, series renaming, and series format conversion. There is also a tool for locating duplicate images.

Double-clicking on a thumbnail brings up the image view; it is not possible to have thumbnails and a full image on the screen simultaneously. EXIF information is available in the image view - if you happen to tell gthumb to show "comments." There are reasonable tools for scaling and cropping (with aspect ratio constraints), and a number of more advanced (but not always useful) image manipulation capabilities. There is no red-eye removal, however.

Tags in gthumb are called "categories"; they are not hierarchical. gthumb supports comments on images; it also maintains the location of the image separately. Dates for images are supported; they can be taken from the EXIF information, the file date, or entered manually. The default, however, is "no date," even if the image has EXIF metadata; getting gthumb to actually use that metadata requires bringing up a dialog for each image. There does not appear to be a way to change that unfortunate default.

gthumb has the most complete image searching capabilities of any of the tools tested; if you take the time to enter metadata for your images, quite a few search options are available. Searches can be done on any subset of the file name, the image comment (it greps for substrings), the location, the date (on, before, or after - there is no way to specify a date range bounded on both ends), and the categories assigned to the image. If you want to look for all pictures of Aunt Tillie taken at home since the beginning of the year, gthumb can do it.

While gthumb normally works with the directory hierarchy, it also implements "catalogs," which are its version of albums. Images can be added to multiple catalogs at will. A special catalog contains the results of the most recent search; those images can be added, in bulk, to another catalog if desired. Thus, the search mechanism can be used to create catalogs relatively quickly - if you have your metadata in place. "Libraries" can be used to create hierarchies of catalogs.

Printing support in gthumb is flexible, with the ability to print up to 16 pictures per page. What gthumb lacks (as do all the others) is the ability to specify advanced printing options, such as print quality and paper type. Since that is just the sort of thing one might want to adjust when printing photographs, this omission is a true shortcoming.

KimDaBa

KimDaBa (the KDE Image Database) is the final tool which your editor was able to make work. It has some powerful capabilities, but could benefit from some usability work. KimDaBa 2.0 was released in October, 2004.

The first time a user runs KimDaBa, it asks for an image directory; all images managed by KimDaBa must be kept underneath that directory. If the number of images is large, the import process can take a very long time. When, eventually, the user quits the application, it will ask "do you want to save the changes?" without specifying what the changes are. If the user elects not to "save the changes," KimDaBa will not write its special XML file, and the whole import process must be done again the next time.

As it turns out, if you modify an image, KimDaBa will happily exit without asking about saving changes, and those changes will be lost.

The initial window is dismayingly textual for an image manager. It gives a few entries with names like "Folder" and "Locations"; the bulk of the window, however, consists of lines like "View images (1-100) 100 images." Clicking on one of those lines will bring up a thumbnail view with exactly 100 images in it. Images are sorted in no clear order; it has little to do with the date or the underlying directory structure. The default background is black (that can be changed), which is a little jarring.

KimDaBa does provide other ways of sorting images. The "Folder" line will yield a flattened, directory-oriented view. Users can assign three types of tags to images: "persons," "locations," and "keywords." There is a separate view for each type of tag, allowing quick access to all photos of a specific person, taken in a specific place, or with a given keyword attached to it. The "search" line pops up a dialog which enables a search for a combination of tags. There is also the ability to look at all images within a given date range - but the date filtering does not work in conjunction with the tags.

Clicking on an image pops up a window with the full image view. The image window has options for assigning tags to images and for performing rotation; there is no way to do rotation from the thumbnail view. There is also a button on the properties window which will delete the image. Amusingly, KimDaBa offers a "draw on image" option; it allows the user to add arrows, circles, and squares (in black only) to the picture. It is not clear how this capability would be useful.

KimDaBa does not provide a way to get at an image's EXIF information, though it is able to use the date found there. In fact, the application will not even display an image's resolution; there seems to be no way to get that information. There is also no option to resize an image.

There is a bizarre "lock images" function which causes the application to refuse to display them until the password is entered. Said password, as it turns out, is stored, in plain text, in the "index.xml" file. It would be better to leave out this sort of option; all it provides is a false feeling of security.

KimDaBa offers no printing options at all, no web page export, and no CD burning. There is an export operation; it creates a special file which can be imported into KimDaBa running on another system.

Work continues on KimDaBa; it appears that version 2.1 will include a plugin mechanism (presumably for image editing functions) and a date bar similar to the one provided by f-spot.

Conclusion

One application which your editor was unable to make work is imgSeek. It is a Python program; its unique feature is the ability to look for images which are similar to a drawing made by the user. Version 0.8.4 of imgSeek was released in September, 2004; development seems to be quite slow since then. The version of imgSeek in Debian sid does not run as of this writing. Your editor hopes that imgSeek is able to move forward; this application's developers are trying to do some interesting things.

In general, there is a lot going on in this area. Clearly the time has come for the free software world to produce some high-quality image management applications.

That said, none of the tools reviewed here can truly be said to be complete, and your editor will resist the temptation to pick a "winner" from the set. Printing support is, perhaps, the weakest area at the moment; Linux now has the capability to provide a great deal of control over printing, but the image managers are not yet using it. Still, the applications reviewed here have reached the point where they are useful tools. It will be fun to see where they go from here.

Comments (67 posted)

Page editor: Rebecca Sobol

Security

Security news

Buffer overflows in XV

What do you do with security problems in programs that aren't freely licensed, and the maintainer has stopped responding when notified of security problems and so forth? One example of this is the XV image viewing and editing application. The application is getting a bit long in the tooth, to say the least. The last release is more than ten years old, but it is still shipped by Novell/SUSE (at least in 9.2), Gentoo and others. Even grumpy editors continue to find XV an attractive choice, albeit less than acceptable due to its licensing.

Several vulnerabilities have been reported in XV since its development came to a halt, including a buffer overflow last August that was not completely addressed by vendor patches. The lack of security updates from the original author, John Bradley, is something of a problem. There have been patches and updates from other sources since the last official release, but the XV page itself seems to have been last updated in March of 2001.

Greg Roelofs has released a patch that is supposed to take care of the problem in his jumbo patches to add features to XV. (Note that the vulnerability that affects XV has also been reported by Bruno Rohee to affect Gwenview and ImageMagick.)

However, this doesn't address the problem of getting the patches into the upstream version. We attempted to contact Bradley, but received no response to our e-mail. Presumably, Bradley is not particularly interested in maintaining XV at this point, but has not seen fit to release the code to anyone else for maintainership, either.

Though the code is available for XV, the license precludes another person or group from picking up maintainership of the project. XV has a "shareware" license that is relatively liberal, allowing personal use without registration, and distribution is permitted for non-commercial purposes. In short, the license allows for distribution of patches and so forth, but it does not allow for a third party to assume control of the project and give it the care and feeding it obviously needs.

Given the amount of effort that has gone into patches for XV, it would seem more logical for interested parties to turn their attention to image viewers and editors that are not encumbered by proprietary licenses. XV provides yet another cautionary tale for users considering software that is "free enough" without actually having an open source license that allows the project to be carried by users interested in its further development.

Comments (none posted)

Main AGNULA Host attacked (and potentially compromised)

The main AGNULA host was attacked on April 16. Although they do not believe that the unknown attacker was successful in his attempts to install a backdoor, they are taking no chances. "However, following good security practices and common sense, we can not guarantee the integrity of the host. Since we had already planned an extensive upgrade of the server, we decided to go down the safer route: completely wipe out the system, reinstall everything from scratch and recover backup data from the day before the attempted compromise." AGNULA should be back in action by April 25.

Full Story (comments: none)

New vulnerabilities

cvs: multiple vulnerabilities

Package(s):	cvs	CVE #(s):	CAN-2005-0753
Created:	April 18, 2005	Updated:	July 13, 2005
Description:	CVS (in version prior to 1.11.20) has one or more buffer overflow vulnerabilities, memory leaks, and a NULL pointer dereferencing error. These can be used to launch a remote denial of service or to remotely execute arbitrary code.
Alerts:	Debian DSA-742-1 2005-07-07 Fedora-Legacy FLSA:155508 2005-05-12 Ubuntu USN-117-1 2005-05-04 Red Hat RHSA-2005:387-01 2005-04-25 Gentoo 200504-16:02 2005-04-18 Slackware SSA:2005-111-01 2005-04-22 Trustix TSLSA-2005-0013 2005-04-20 Mandriva MDKSA-2005:073 2005-04-20 Fedora FEDORA-2005-330 2005-04-20 Gentoo 200504-16 2005-04-18 SuSE SUSE-SA:2005:024 2005-04-18

Comments (none posted)

geneweb: insecure file operations

Package(s):	geneweb	CVE #(s):	CAN-2005-0391
Created:	April 19, 2005	Updated:	April 20, 2005
Description:	Tim Dijkstra discovered a problem during the upgrade of geneweb, a genealogy software with web interface. The maintainer scripts automatically converted files without checking their permissions and content, which could lead to the modification of arbitrary files.
Alerts:	Debian DSA-712-1 2005-04-19

Comments (none posted)

htdig: unescaped output

Package(s):	htdig	CVE #(s):
Created:	April 19, 2005	Updated:	April 20, 2005
Description:	Unescaped output in htsearch and qtest causes security problems.
Alerts:	Fedora FEDORA-2005-367 2005-04-19

Comments (none posted)

info2www: missing input sanitizing

Package(s):	info2www	CVE #(s):	CAN-2004-1341
Created:	April 19, 2005	Updated:	April 20, 2005
Description:	Nicolas Gregoire discovered a cross-site scripting vulnerability in info2www, a converter for info files to HTML. A malicious person could place a harmless looking link on the web that could cause arbitrary commands to be executed in a user's browser.
Alerts:	Debian DSA-711-1 2005-04-19

Comments (none posted)

logwatch: denial of service

Package(s):	logwatch	CVE #(s):	CAN-2005-1061
Created:	April 19, 2005	Updated:	April 20, 2005
Description:	A bug was found in the logwatch secure script. If an attacker is able to inject an arbitrary string into the /var/log/secure file, it is possible to prevent logwatch from detecting malicious activity.
Alerts:	Red Hat RHSA-2005:364-01 2005-04-19

Comments (none posted)

monkeyd: multiple vulnerabilities

Package(s):	monkeyd	CVE #(s):
Created:	April 15, 2005	Updated:	April 20, 2005
Description:	Tavis Ormandy of the Gentoo Linux Security Audit Team discovered a double expansion error in monkeyd, resulting in a format string vulnerability. Ciaran McCreesh of Gentoo Linux discovered a Denial of Service vulnerability, a syntax error caused monkeyd to zero out unallocated memory should a zero byte file be requested.
Alerts:	Gentoo 200504-14 2005-04-15

Comments (none posted)

Mozilla Firefox, Mozilla Suite: multiple vulnerabilities

Package(s):	mozilla	CVE #(s):	CAN-2005-0989
Created:	April 19, 2005	Updated:	July 18, 2005
Description:	The following vulnerabilities were found and fixed in the Mozilla Suite and Mozilla Firefox: Vladimir V. Perepelitsa reported a memory disclosure bug in JavaScript's regular expression string replacement when using an anonymous function as the replacement argument (CAN-2005-0989). moz_bug_r_a4 discovered that Chrome UI code was overly trusting DOM nodes from the content window, allowing privilege escalation via DOM property overrides. Michael Krax reported a possibility to run JavaScript code with elevated privileges through the use of javascript: favicons. Michael Krax also discovered that malicious Search plugins could run JavaScript in the context of the displayed page or stealthily replace existing search plugins. shutdown discovered a technique to pollute the global scope of a window in a way that persists from page to page. Doron Rosenberg discovered a possibility to run JavaScript with elevated privileges when the user asks to "Show" a blocked popup that contains a JavaScript URL. Finally, Georgi Guninski reported missing Install object instance checks in the native implementations of XPInstall-related JavaScript objects. The following Firefox-specific vulnerabilities have also been discovered: Kohei Yoshino discovered a new way to abuse the sidebar panel to execute JavaScript with elevated privileges. Omar Khan reported that the Plugin Finder Service can be tricked to open javascript: URLs with elevated privileges.
Alerts:	Gentoo 200507-17 2005-07-18 Fedora-Legacy FLSA:152883 2005-05-18 Red Hat RHSA-2005:384-01 2005-04-28 SuSE SUSE-SA:2005:028 2005-04-27 Red Hat RHSA-2005:386-01 2005-04-26 Slackware SSA:2005-111-04 2005-04-22 Red Hat RHSA-2005:383-01 2005-04-21 Gentoo 200504-18 2005-04-19

Comments (none posted)

MPlayer: heap overflows

Package(s):	mplayer	CVE #(s):
Created:	April 20, 2005	Updated:	July 12, 2005
Description:	Heap overflows have been found in the code handling RealMedia RTSP and Microsoft Media Services streams over TCP (MMST). By setting up a malicious server and enticing a user to use its streaming data, a remote attacker could possibly execute arbitrary code on the client computer with the permissions of the user running MPlayer.
Alerts:	Mandriva MDKSA-2005:115 2005-07-11 Gentoo 200504-19 2005-04-20

Comments (none posted)

MySQL: privilege escalation

Package(s):	MySQL	CVE #(s):	CAN-2004-0957
Created:	April 14, 2005	Updated:	April 20, 2005
Description:	MySQL has a vulnerability in which a user with grant privileges can can grant privileges in other databases. In order to use this exploit, the database must have an underscore character in the name.
Alerts:	Conectiva CLA-2005:947 2005-04-20 Mandriva MDKSA-2005:070 2005-04-12

Comments (1 posted)

php4: integer overflow and denial of service

Package(s):	php4	CVE #(s):	CAN-2005-1042 CAN-2005-1043
Created:	April 14, 2005	Updated:	July 13, 2005
Description:	The php4 EXIF module has two vulnerabilities. An integer overflow in the exif_process_IFD_TAG() function can be exploited to cause a buffer overflow for the purpose of arbitrary code execution. EXIF headers with a large IFD nesting level can be used to cause a denial of service. Remote exploits are possible.
Alerts:	Fedora-Legacy FLSA:155505 2005-07-10 Red Hat RHSA-2005:406-01 2005-05-04 Red Hat RHSA-2005:405-01 2005-04-28 Mandriva MDKSA-2005:072 2005-04-18 Ubuntu USN-112-1 2005-04-14

Comments (none posted)

realplayer: arbitrary code execution

Package(s):	realplayer helixplayer	CVE #(s):	CAN-2005-0755
Created:	April 20, 2005	Updated:	June 27, 2005
Description:	RealNetworks, Inc. has fixed a security vulnerability that offered the potential for an attacker to run arbitrary or malicious code on a customer's machine. Linux RealPlayer 10 (10.0.0 - 3) and Helix Player (10.0.0 - 3) are vulnerable.
Alerts:	Red Hat RHSA-2005:523-01 2005-06-23 Red Hat RHSA-2005:517-01 2005-06-23 Gentoo 200504-21 2005-04-22 Red Hat RHSA-2005:394-01 2005-04-20 Red Hat RHSA-2005:392-03 2005-04-20 Red Hat RHSA-2005:363-03 2005-04-20 Fedora FEDORA-2005-329 2005-04-20 SuSE SUSE-SA:2005:026 2005-04-20

Comments (none posted)

squid: denial of service

Package(s):	squid	CVE #(s):	CAN-2005-0718
Created:	April 14, 2005	Updated:	April 29, 2005
Description:	Squid has a remote denial of service vulnerability that can be triggered by a remote connection abort during a PUT or POST request, leading to an eventual server crash.
Alerts:	SuSE SUSE-SR:2005:012 2005-04-29 Mandriva MDKSA-2005:078 2005-04-28 Conectiva CLA-2005:948 2005-04-27 Ubuntu USN-111-1 2005-04-14

Comments (none posted)

vixie-cron: crontab allows any user to read another users crontabs

Package(s):	vixie-cron	CVE #(s):	CAN-2005-1038
Created:	April 15, 2005	Updated:	March 15, 2006
Description:	crontab in Vixie cron 4.1, when running with the -e option, allows local users to read the cron files of other users by changing the file being edited to a symlink. NOTE: there is insufficient information to know whether this is a duplicate of CVE-2001-0235. See also this Security Focus report.
Alerts:	Red Hat RHSA-2006:0117-01 2006-03-15 Red Hat RHSA-2005:361-01 2005-10-05 Fedora FEDORA-2005-320 2005-04-15

Comments (none posted)

XV: multiple vulnerabilities

Package(s):	xv	CVE #(s):
Created:	April 19, 2005	Updated:	July 19, 2005
Description:	Greg Roelofs has reported multiple input validation errors in XV image decoders. Tavis Ormandy of the Gentoo Linux Security Audit Team has reported insufficient validation in the PDS (Planetary Data System) image decoder, format string vulnerabilities in the TIFF and PDS decoders, and insufficient protection from shell meta-characters in malformed filenames. Successful exploitation would require a victim to view a specially created image file using XV, potentially resulting in the execution of arbitrary code.
Alerts:	Slackware SSA:2005-195-02 2005-07-15 Gentoo 200504-17 2005-04-19

Comments (none posted)

Updated vulnerabilities

a2ps: input validation error

Package(s):	a2ps	CVE #(s):	CAN-2004-1170 CAN-2004-1377
Created:	November 26, 2004	Updated:	December 19, 2005
Description:	The GNU a2ps utility fails to properly sanitize filenames, which can be abused by a malicious user to execute arbitrary commands with the privileges of the user running the vulnerable application. More information at Security Focus.
Alerts:	Fedora-Legacy FLSA:152870 2005-12-17 Mandriva MDKSA-2005:097 2005-06-07 OpenPKG OpenPKG-SA-2005.003 2005-01-17 Gentoo 200501-02 2005-01-04 Debian DSA-612-1 2004-12-20 Mandrake MDKSA-2004:140 2004-11-25

Comments (none posted)

Axel: vulnerability in HTTP redirection handling

Package(s):	axel	CVE #(s):	CAN-2005-0390
Created:	April 12, 2005	Updated:	April 13, 2005
Description:	A possible buffer overflow has been reported in the HTTP redirection handling code in conn.c. A remote attacker could exploit this vulnerability by setting up a malicious site and enticing a user to connect to it. This could possibly lead to the execution of arbitrary code with the permissions of the user running Axel.
Alerts:	Debian DSA-706-1 2005-04-13 Gentoo 200504-09 2005-04-12

Comments (none posted)

cdrecord: insecure temp file

Package(s):	cdrecord	CVE #(s):	CAN-2005-0866
Created:	March 24, 2005	Updated:	April 28, 2005
Description:	The cdrecord utility makes insecure temp files if DEBUG is enabled in /etc/cdrecord/rscsi. This can allow a local user to launch a sym link attack and execute code with the user's privileges.
Alerts:	Mandriva MDKSA-2005:077 2005-04-20 Ubuntu USN-100-1 2005-03-24

Comments (1 posted)

cpio - file permissions error

Package(s):	cpio	CVE #(s):	CAN-1999-1572
Created:	February 2, 2005	Updated:	July 19, 2005
Description:	Some versions of cpio contain an ancient vulnerability where files created by that utility have overly generous access permissions.
Alerts:	Fedora-Legacy FLSA:152891 2005-07-15 Red Hat RHSA-2005:080-01 2005-02-18 Red Hat RHSA-2005:073-01 2005-02-15 Mandrake MDKSA-2005:032-1 2005-02-11 Mandrake MDKSA-2005:032 2005-02-10 Ubuntu USN-75-1 2005-02-04 Debian DSA-664-1 2005-02-02

Comments (none posted)

cURL: buffer overflow

Package(s):	curl	CVE #(s):	CAN-2005-0490
Created:	February 28, 2005	Updated:	July 19, 2005
Description:	Multiple stack-based buffer overflows in libcURL and cURL 7.12.1, and possibly other versions, allow remote malicious web servers to execute arbitrary code via base64 encoded replies that exceed the intended buffer lengths when decoded.
Alerts:	Fedora-Legacy FLSA:152917 2005-07-15 Fedora FEDORA-2005-325 2005-04-20 Red Hat RHSA-2005:340-01 2005-04-05 Conectiva CLA-2005:940 2005-03-21 Gentoo 200503-20 2005-03-16 Mandrake MDKSA-2005:048 2005-03-04 SuSE SUSE-SA:2005:011 2005-02-28 Ubuntu USN-86-1 2005-02-28

Comments (none posted)

cyrus-imapd: buffer overflows

Package(s):	cyrus-imapd	CVE #(s):	CAN-2005-0546
Created:	February 23, 2005	Updated:	April 9, 2006
Description:	Cyrus-imapd, prior to version 2.2.12, contains several buffer overflows which could be exploited by an (authenticated) attacker to run code on the server system.
Alerts:	Fedora-Legacy FLSA:156290 2006-04-04 Red Hat RHSA-2005:408-01 2005-05-17 Fedora FEDORA-2005-339 2005-04-27 OpenPKG OpenPKG-SA-2005.005 2005-04-05 Conectiva CLA-2005:937 2005-03-17 Mandrake MDKSA-2005:051 2005-03-04 Ubuntu USN-87-1 2005-02-28 SuSE SUSE-SA:2005:009 2005-02-24 Gentoo 200502-29 2005-02-23

Comments (none posted)

dhcp: format string vulnerability

Package(s):	dhcp	CVE #(s):	CAN-2004-1006
Created:	November 4, 2004	Updated:	July 13, 2005
Description:	Dhcp has a format string vulnerability in the log functions of dhcp 2.x that may be exploited via a malicious DNS server.
Alerts:	Fedora-Legacy FLSA:152835 2005-07-10 Red Hat RHSA-2005:212-01 2005-04-12 Debian DSA-584-1 2004-11-04

Comments (none posted)

Dnsmasq: poisoning and DoS

Package(s):	dnsmasq	CVE #(s):
Created:	April 4, 2005	Updated:	July 21, 2005
Description:	Dnsmasq does not properly detect that DNS replies received do not correspond to any DNS query that was sent. Rob Holland of the Gentoo Linux Security Audit team also discovered two off-by-one buffer overflows that could crash DHCP lease files parsing.
Alerts:	Slackware SSA:2005-201-01 2005-07-21 Gentoo 200504-03 2005-04-04

Comments (none posted)

emacs21: format string vulnerability in "movemail"

Package(s):	emacs21	CVE #(s):	CAN-2005-0100
Created:	February 7, 2005	Updated:	May 15, 2006
Description:	Max Vozeler discovered a format string vulnerability in the "movemail" utility of Emacs. By sending specially crafted packets, a malicious POP3 server could cause a buffer overflow, which could be exploited to execute arbitrary code with the privileges of the user and the "mail" group.
Alerts:	Fedora-Legacy FLSA:152898 2006-05-12 Debian DSA-685-1 2005-02-17 Mandrake MDKSA-2005:038 2005-02-15 Gentoo 200502-20 2005-02-15 Fedora FEDORA-2005-146 2005-02-14 Fedora FEDORA-2005-145 2005-02-14 Red Hat RHSA-2005:133-01 2005-02-15 Red Hat RHSA-2005:110-01 2005-02-15 Red Hat RHSA-2005:134-01 2005-02-10 Red Hat RHSA-2005:112-01 2005-02-10 Fedora FEDORA-2005-116 2005-02-08 Fedora FEDORA-2005-115 2005-02-08 Debian DSA-671-1 2005-02-08 Debian DSA-670-1 2005-02-08 Ubuntu USN-76-1 2005-02-07

Comments (none posted)

enscript: arbitrary code execution

Package(s):	enscript	CVE #(s):	CAN-2004-1184 CAN-2004-1185 CAN-2004-1186
Created:	January 21, 2005	Updated:	May 27, 2006
Description:	Erik Sjölund has discovered several security relevant problems in enscript, a program to convert ASCII text into Postscript and other formats. Unsanitized input can cause the execution of arbitrary commands via EPSF pipe support. Due to missing sanitizing of filenames it is possible that a specially crafted filename can cause arbitrary commands to be executed. Multiple buffer overflows can cause the program to crash.
Alerts:	rPath rPSA-2006-0083-1 2006-05-26 Fedora-Legacy FLSA:152892 2005-12-17 Red Hat RHSA-2005:040-01 2005-02-15 Mandrake MDKSA-2005:033 2005-02-10 Gentoo 200502-03 2005-02-02 Red Hat RHSA-2005:039-01 2005-02-01 Fedora FEDORA-2005-096 2005-01-31 Fedora FEDORA-2005-092 2005-01-28 Fedora FEDORA-2005-091 2005-01-28 Fedora FEDORA-2005-016 2005-01-26 Fedora FEDORA-2005-015 2005-01-26 Ubuntu USN-68-1 2005-01-24 Debian DSA-654-1 2005-01-21

Comments (none posted)

evolution: arbitrary code execution

Package(s):	evolution	CVE #(s):	CAN-2005-0102
Created:	January 24, 2005	Updated:	May 19, 2005
Description:	Max Vozeler discovered an integer overflow in camel-lock-helper. A user-supplied length value was not validated, so that a value of -1 caused a buffer allocation of 0 bytes; this buffer was then filled by an arbitrary amount of user-supplied data. A local attacker or a malicious POP3 server could exploit this to execute arbitrary code with root privileges (because camel-lock-helper is installed as setuid root).
Alerts:	Red Hat RHSA-2005:238-01 2005-05-19 Conectiva CLA-2005:925 2005-02-16 Debian DSA-673-1 2005-02-10 Mandrake MDKSA-2005:024 2005-01-27 Gentoo 200501-35 2005-01-24 Ubuntu USN-69-1 2005-01-24

Comments (1 posted)

evolution: message crash vulnerability

Package(s):	evolution	CVE #(s):	CAN-2005-0806
Created:	March 17, 2005	Updated:	August 11, 2005
Description:	The Evolution mail client can be crashed when reading certain types of messages.
Alerts:	Ubuntu USN-166-1 2005-08-11 Red Hat RHSA-2005:397-01 2005-05-04 Conectiva CLA-2005:950 2005-04-27 Fedora FEDORA-2005-338 2005-04-22 Mandrake MDKSA-2005:059 2005-03-16

Comments (none posted)

f2c: insecure temp files

Package(s):	f2c	CVE #(s):	CAN-2005-0017 CAN-2005-0018
Created:	January 27, 2005	Updated:	April 20, 2005
Description:	The f2c fortran to C translator has a vulnerability due to insecure opening of temporary files. A local attacker can use this to launch a symlink attack.
Alerts:	Debian DSA-661-2 2005-04-20 Gentoo 200501-43 2005-01-30 Debian DSA-661-1 2005-01-27

Comments (none posted)

Foomatic: Arbitrary command execution in foomatic-rip

Package(s):	foomatic	CVE #(s):	CAN-2004-0801
Created:	September 20, 2004	Updated:	May 31, 2006
Description:	There is a vulnerability in the foomatic-filters package. This vulnerability is due to insufficient checking of command-line parameters and environment variables in the foomatic-rip filter. This vulnerability may allow both local and remote attackers to execute arbitrary commands on the print server with the permissions of the spooler.
Alerts:	SuSE SUSE-SA:2006:026 2006-05-30 Fedora-Legacy FLSA:2076 2004-11-05 Conectiva CLA-2004:880 2004-10-27 Fedora FEDORA-2004-303 2004-09-21 Gentoo 200409-24 2004-09-20

Comments (none posted)

gaim: client freezes

Package(s):	gaim	CVE #(s):	CAN-2005-0472 CAN-2005-0473
Created:	February 22, 2005	Updated:	April 27, 2005
Description:	The Gaim client freezes when receiving certain invalid messages and crashes when receiving specific malformed HTML. See this Secunia Advisory for additional information.
Alerts:	Debian DSA-716-1 2005-04-27 Ubuntu USN-85-1 2005-02-25 Fedora FEDORA-2005-160 2005-02-21 Fedora FEDORA-2005-159 2005-02-21

Comments (none posted)

gaim: buffer overflow, DoS

Package(s):	gaim	CVE #(s):	CAN-2005-0965 CAN-2005-0966
Created:	April 5, 2005	Updated:	May 15, 2005
Description:	Jean-Yves Lefort discovered a buffer overflow in the gaim_markup_strip_html() function. This caused Gaim to crash when receiving certain malformed HTML messages. (CAN-2005-0965) Jean-Yves Lefort also noticed that many functions that handle IRC commands do not escape received HTML metacharacters; this allowed remote attackers to cause a Denial of Service by injecting arbitrary HTML code into the conversation window, popping up arbitrarily many empty dialog boxes, or even causing Gaim to crash. (CAN-2005-0966)
Alerts:	Slackware SSA:2005-133-01 2005-05-15 Conectiva CLA-2005:949 2005-04-27 Slackware SSA:2005-111-03 2005-04-22 Mandriva MDKSA-2005:071 2005-04-13 Red Hat RHSA-2005:365-01 2005-04-12 Gentoo 200504-05 2005-04-06 Fedora FEDORA-2005-299 2005-04-05 Fedora FEDORA-2005-298 2005-04-05 Ubuntu USN-106-1 2005-04-05

Comments (none posted)

gtk-pixbuf, gtk2: denial of service

Package(s):	gdk-pixbuf gtk2	CVE #(s):	CAN-2005-0891
Created:	March 30, 2005	Updated:	December 19, 2005
Description:	The BMP image processing code in gdk-pixbuf and gtk2 contains a denial of service vulnerability exploitable via a specially crafted image file.
Alerts:	Fedora-Legacy FLSA:155510 2005-12-17 Fedora-Legacy FLSA:154272 2005-07-15 SuSE SUSE-SR:2005:010 2005-04-08 Mandrake MDKSA-2005:069 2005-04-07 Mandrake MDKSA-2005:068 2005-04-07 Ubuntu USN-108-1 2005-04-05 Red Hat RHSA-2005:343-01 2005-04-05 Red Hat RHSA-2005:344-01 2005-04-01 Fedora FEDORA-2005-268 2005-03-30 Fedora FEDORA-2005-267 2005-03-30 Fedora FEDORA-2005-266 2005-03-30 Fedora FEDORA-2005-265 2005-03-30

Comments (none posted)

gettext: Insecure temporary file handling

Package(s):	gettext	CVE #(s):	CAN-2004-0966
Created:	October 11, 2004	Updated:	March 1, 2006
Description:	gettext insecurely creates temporary files in world-writeable directories with predictable names. A local attacker could create symbolic links in the temporary files directory, pointing to a valid file somewhere on the filesystem. When gettext is called, this would result in file access with the rights of the user running the utility, which could be the root user.
Alerts:	Mandriva MDKSA-2006:051 2006-02-28 Fedora-Legacy FLSA:136323 2006-01-09 Gentoo 200410-10:02 2004-10-10 OpenPKG OpenPKG-SA-2004.055 2004-12-23 Ubuntu USN-5-1 2004-10-27 Gentoo 200410-10 2004-10-10

Comments (1 posted)

gftp: missing input sanitizing

Package(s):	gftp	CVE #(s):	CAN-2005-0372 CAN-2004-1376
Created:	February 17, 2005	Updated:	July 13, 2005
Description:	gftp has a directory traversal vulnerability. A remote server could use specially crafted filenames to overwrite local files.
Alerts:	Fedora-Legacy FLSA:152908 2005-07-10 Red Hat RHSA-2005:410-01 2005-06-13 Fedora FEDORA-2005-310 2005-04-07 Fedora FEDORA-2005-309 2005-04-07 Mandrake MDKSA-2005:050 2005-03-04 Gentoo 200502-27 2005-02-19 SuSE SUSE-SR:2005:005 2005-02-18 Debian DSA-686-1 2005-02-17

Comments (none posted)

ghostscript: symlink vulnerabilities

Package(s):	ghostscript	CVE #(s):	CAN-2004-0967
Created:	October 20, 2004	Updated:	September 28, 2005
Description:	The ghostscript package (prior to version 7.07.1-r7) contains several scripts which are vulnerable to symlink attacks.
Alerts:	Red Hat RHSA-2005:081-01 2005-09-28 Ubuntu USN-3-1 2004-10-27 Gentoo 200410-18 2004-10-20

Comments (none posted)

gld: multiple vulnerabilities

Package(s):	gld	CVE #(s):
Created:	April 13, 2005	Updated:	April 13, 2005
Description:	The Postfix graylisting daemon (gld), through version 1.4, contains several remotely exploitable buffer overflow vulnerabilities. See this advisory for details.
Alerts:	Gentoo 200504-10 2005-04-13

Comments (none posted)

glibc: Information leak with LD_DEBUG

Package(s):	glibc	CVE #(s):	CAN-2004-1453
Created:	August 17, 2004	Updated:	May 26, 2005
Description:	Silvio Cesare discovered a potential information leak in glibc. It allows LD_DEBUG on SUID binaries where it should not be allowed. This has various security implications, which may be used to gain confidential information. An attacker can gain the list of symbols a SUID application uses and their locations and can then use a trojaned library taking precedence over those symbols to gain information or perform further exploitation.
Alerts:	Red Hat RHSA-2005:256-01 2005-05-18 Gentoo 200408-16 2004-08-16

Comments (1 posted)

glibc: tempfile vulnerability in catchsegv script

Package(s):	glibc	CVE #(s):	CAN-2004-0968
Created:	October 21, 2004	Updated:	November 14, 2005
Description:	The catchsegv script in the glibc package has a symlink vulnerability that may allow a local user to overwrite arbitrary files with the permissions of the user that is running the script.
Alerts:	Fedora-Legacy FLSA:152848 2005-11-13 Red Hat RHSA-2005:261-01 2005-04-28 Debian DSA-636-1 2005-01-12 Mandrake MDKSA-2004:159 2004-12-29 Red Hat RHSA-2004:586-01 2004-12-20 Fedora FEDORA-2004-356 2004-11-11 Ubuntu USN-4-1 2004-10-27 Gentoo 200410-19 2004-10-21

Comments (none posted)

gnupg: information leak

Package(s):	gnupg	CVE #(s):	CAN-2005-0366
Created:	March 16, 2005	Updated:	August 19, 2005
Description:	GnuPG (and other PGP-like systems) suffers from an information leak which could, in some situations, be used by an attacker to obtain plain text from an encrypted message. See this message for a detailed explanation of the problem. "We know of no real-world application that is affected by this type of attack. It is an attack that requires the active participation of someone who holds the actual key required to decrypt a message. Thus, it is not something you are likely to see."
Alerts:	Ubuntu USN-170-1 2005-08-19 Gentoo 200503-29 2005-03-24 Mandrake MDKSA-2005:057 2005-03-15

Comments (none posted)

grip: buffer overflow

Package(s):	grip	CVE #(s):	CAN-2005-0706
Created:	March 10, 2005	Updated:	September 16, 2005
Description:	Grip, a CD ripper, has a buffer overflow vulnerability that can occur when the CDDB server returns more than 16 matches.
Alerts:	Fedora-Legacy FLSA:152919 2005-09-15 Mandriva MDKSA-2005:074 2005-04-20 Mandriva MDKSA-2005:075 2005-04-20 Gentoo 200504-07 2005-04-08 Mandrake MDKSA-2005:066 2005-04-01 Red Hat RHSA-2005:304-01 2005-03-28 Gentoo 200503-21 2005-03-17 Fedora FEDORA-2005-203 2005-03-09 Fedora FEDORA-2005-202 2005-03-09

Comments (none posted)

groff: insecure temporary directory

Package(s):	groff	CVE #(s):	CAN-2004-0969
Created:	November 1, 2004	Updated:	February 9, 2006
Description:	Recently, Trustix Secure Linux discovered a vulnerability in the groff package. The utility "groffer" created a temporary directory in an insecure way, which allowed exploitation of a race condition to create or overwrite files with the privileges of the user invoking the program.
Alerts:	Mandriva MDKSA-2006:038 2006-02-08 Gentoo 200411-15 2004-11-08 Ubuntu USN-13-1 2004-11-01

Comments (none posted)

gtkhtml: malformed messages cause crash

Package(s):

gtkhtml

CVE #(s):

CAN-2003-0133 CAN-2003-0541