I've gathered this information about vulnerable packages (could be more).
PACKAGE | LINK| BOOK VERSION | RESOLUTION| ____________________________________________ Ruby | [1] | AFFECTED | Upgrade | Freetype | [2] | AFFECTED | Upgrade | Libvorbis | [3] | AFFECTED | [9] | Openssl | [4] | AFFECTED | Upgrade | Imlib | [5] | AFFECTED | [10] | Libxslt | [6] | AFFECTED | Upgrade | Mplayer | [7] | AFFECTED | Upgrade | Libpng | [8] | AFFECTED | Upgrade | ============================================ 1. http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/ 2. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1806 3. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1419 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1420 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1423 4. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0891 5. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2426 6. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1767 7. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1558 8. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1382 9. http://sources.gentoo.org/viewcvs.py/gentoo-x86/media-libs/libvorbis/files/ 10. http://sources.gentoo.org/viewcvs.py/*checkout*/gentoo-x86/media-libs/imlib2/files/imlib2-1.4.0-CVE-2008-2426.patch Thanks (mostly) to GLSA (Gentoo Linux Security Advisory) http://security.gentoo.org/ -- http://wiki.linuxfromscratch.org/blfs/wiki/Hacking -- http://linuxfromscratch.org/mailman/listinfo/blfs-dev FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
