Joined: 12 May 2004
|Posted: Thu Nov 28, 2013 2:26 pm Post subject: [ GLSA 201311-22 ] Namazu: Multiple vulnerabilities
|Gentoo Linux Security Advisory
Title: Namazu: Multiple vulnerabilities (GLSA 201311-22)
Date: November 28, 2013
Multiple vulnerabilities have been found in Namazu, worst of which
allows remote attackers to cause a Denial of Service condition.
Namazu is a full-text search engine intended for easy use.
Vulnerable: < 2.0.21
Unaffected: >= 2.0.21
Architectures: All supported architectures
Multiple vulnerabilities have been discovered in Namazu. Please review
the CVE identifiers referenced below for details.
A remote attacker could execute arbitrary code or cause a Denial of
Furthermore, a remote attacker may be able to inject arbitrary web script
or HTML via a cookie.
There is no known workaround at this time.
All Namazu users should upgrade to the latest version:
|# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/namazu-2.0.21"