Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


More on LinuxToday


Security Digest: February 11, 2005

Feb 12, 2005, 04:45 (0 Talkback[s])

Debian GNU/Linux


Debian Security Advisory DSA 674-2 security@debian.org
http://www.debian.org/security/ Martin Schulze
February 11th, 2005 http://www.debian.org/security/faq


Package : mailman
Vulnerability : cross-site scripting, directory traversal
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2004-1177 CAN-2005-0202

Due to an error the last mailman update was slightly broken and had to be corrected. This advisory only updates the packages updated with DSA 674-1. For completeness below is the original advisory text:

Two security related problems have been discovered in mailman, web-based GNU mailing list manager. The Common Vulnerabilities and Exposures project identifies the following problems:

CAN-2004-1177

Florian Weimer discovered a cross-site scripting vulnerability in mailman's automatically generated error messages. An attacker could craft an URL containing JavaScript (or other content embedded into HTML) which triggered a mailman error page that would include the malicious code verbatim.

CAN-2005-0202

Several listmasters have noticed unauthorised access to archives of private lists and the list configuration itself, including the users passwords. Administrators are advised to check the webserver logfiles for requests that contain "/...../" and the path to the archives or cofiguration. This does only seem to affect installations running on web servers that do not strip slashes, such as Apache 1.3.

For the stable distribution (woody) these problems have been fixed in version 2.0.11-1woody10.

For the unstable distribution (sid) these problems have been fixed in version 2.1.5-6.

We recommend that you upgrade your mailman package.

Upgrade Instructions


wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody


Source archives:

http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody10.dsc
Size/MD5 checksum: 597 c7e3f5a32db792af2488ff13cba53720
http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody10.diff.gz
Size/MD5 checksum: 33044 d625c726829feb6102efb091e078dbdd
http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11.orig.tar.gz
Size/MD5 checksum: 415129 915264cb1ac8d7b78ea9eff3ba38ee04

Alpha architecture:

http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody10_alpha.deb
Size/MD5 checksum: 461582 32f108831ba8991d938aee69b0ca0f90

ARM architecture:

http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody10_arm.deb
Size/MD5 checksum: 459196 a973d1b322b55775bcfd63a6608980c8

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody10_i386.deb
Size/MD5 checksum: 452300 b7aba555e2a33a9d0c3e3008a389dec3

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody10_ia64.deb
Size/MD5 checksum: 462146 31897c13cdd4da90fecb33b0c33c7b45

HP Precision architecture:

http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody10_hppa.deb
Size/MD5 checksum: 459838 d5c3fb3798e78cb095e2bea6756a5fd9

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody10_m68k.deb
Size/MD5 checksum: 459310 af3f277e83956802571f67fd3b7df3ef

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody10_mips.deb
Size/MD5 checksum: 459868 96fc0135d38524536a8a170be412ff61

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody10_mipsel.deb
Size/MD5 checksum: 460102 7ba1e8201b9c2f71ab5e2634ae8fa3de

PowerPC architecture:

http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody10_powerpc.deb
Size/MD5 checksum: 460144 9a83971b30446b0528593f7245b4ab9d

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody10_s390.deb
Size/MD5 checksum: 460150 a4335348dc0f4a768b8a3c9aebf627c4

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody10_sparc.deb
Size/MD5 checksum: 464862 000501b72a1afd45f28ba7bb12724b0d

These files will probably be moved into the stable distribution on its next update.


Debian Security Advisory DSA 676-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
February 11th, 2005 http://www.debian.org/security/faq


Package : xpcd
Vulnerability : buffer overflow
Problem-Type : local
Debian-specific: no
CVE ID : CAN-2005-0074

Erik Sjölund discovered a buffer overflow in pcdsvgaview, an SVGA PhotoCD viewer. xpcd-svga is part of xpcd and uses svgalib to display graphics on the Linux console for which root permissions are required. A malicious user could overflow a fixed-size buffer and may cause the program to execute arbitrary code with elevated privileges.

For the stable distribution (woody) this problem has been fixed in version 2.08-8woody3.

For the unstable distribution (sid) this problem will be fixed soon.

We recommend that you upgrade your xpcd-svga package immediately.

Upgrade Instructions


wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody


Source archives:

http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody3.dsc
Size/MD5 checksum: 706 b1e7b8aeafd929cd31f9403b6534c86b
http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody3.diff.gz
Size/MD5 checksum: 14837 e67ca4ae6f6c0cc09033e195ad188825
http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08.orig.tar.gz
Size/MD5 checksum: 103104 59bf5b8d0466ecb3c58ed1fffcdf499e

Alpha architecture:

http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody3_alpha.deb
Size/MD5 checksum: 81170 17302a158ec404cf6b7961b8434cec33
http://security.debian.org/pool/updates/main/x/xpcd/xpcd-gimp_2.08-8woody3_alpha.deb
Size/MD5 checksum: 13494 a0a1cec324c9c5fb202e18f33ee5fa59

ARM architecture:

http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody3_arm.deb
Size/MD5 checksum: 68116 7219d4fbdf1602941a2e17bb136ab348
http://security.debian.org/pool/updates/main/x/xpcd/xpcd-gimp_2.08-8woody3_arm.deb
Size/MD5 checksum: 11954 c47772b3c30cfc26be6f7c53450225bc

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody3_i386.deb
Size/MD5 checksum: 64336 33d7f7a4ddf29576e4a37b89c3feb8eb
http://security.debian.org/pool/updates/main/x/xpcd/xpcd-gimp_2.08-8woody3_i386.deb
Size/MD5 checksum: 11840 3234d80da9074230309b8ac5e3e5e0c3
http://security.debian.org/pool/updates/main/x/xpcd/xpcd-svga_2.08-8woody3_i386.deb
Size/MD5 checksum: 20964 9aba7400f6af8a22c90ff3cb69a44431

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody3_ia64.deb
Size/MD5 checksum: 97850 88da140c9f83d0f56768e80e08923b82
http://security.debian.org/pool/updates/main/x/xpcd/xpcd-gimp_2.08-8woody3_ia64.deb
Size/MD5 checksum: 15450 9333d80f7e16cf885b5138291969d3fb

HP Precision architecture:

http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody3_hppa.deb
Size/MD5 checksum: 73434 e479d36155807d7b0b19cf62e40ade42
http://security.debian.org/pool/updates/main/x/xpcd/xpcd-gimp_2.08-8woody3_hppa.deb
Size/MD5 checksum: 12944 cb8feab07d3cb23488f3487192d2f82d

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody3_m68k.deb
Size/MD5 checksum: 62778 262bc4fa9f4a76c727aa7ae3be63dd02
http://security.debian.org/pool/updates/main/x/xpcd/xpcd-gimp_2.08-8woody3_m68k.deb
Size/MD5 checksum: 11630 0240c6672a38049666b7383e9eb5b193

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody3_mips.deb
Size/MD5 checksum: 73636 75f8f7d42cdbfd51e505c89516a7966a
http://security.debian.org/pool/updates/main/x/xpcd/xpcd-gimp_2.08-8woody3_mips.deb
Size/MD5 checksum: 12736 f69a68c9c81edb75524945ee2e80b4d7

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody3_mipsel.deb
Size/MD5 checksum: 73338 50c143655e01f6b5f347520ceab3eb52
http://security.debian.org/pool/updates/main/x/xpcd/xpcd-gimp_2.08-8woody3_mipsel.deb
Size/MD5 checksum: 12710 26ef7c3f8c34638695ec779a68112d26

PowerPC architecture:

http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody3_powerpc.deb
Size/MD5 checksum: 68606 93640415d6d425b966399df9a1a9d703
http://security.debian.org/pool/updates/main/x/xpcd/xpcd-gimp_2.08-8woody3_powerpc.deb
Size/MD5 checksum: 12040 19f723b6df1e32dbc5f57affba9ba773

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody3_s390.deb
Size/MD5 checksum: 69770 97d7acf4119d481466e656d3889da854
http://security.debian.org/pool/updates/main/x/xpcd/xpcd-gimp_2.08-8woody3_s390.deb
Size/MD5 checksum: 12636 d30e6ca31aa772884d92c245cc88bd35

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody3_sparc.deb
Size/MD5 checksum: 72888 3b961c03a13520a27d3d87f45d8bf19f
http://security.debian.org/pool/updates/main/x/xpcd/xpcd-gimp_2.08-8woody3_sparc.deb
Size/MD5 checksum: 11918 b5d3f11a60c394b60eee9d42bae4af70

These files will probably be moved into the stable distribution on its next update.


For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

Debian Security Advisory DSA 677-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
February 11th, 2005 http://www.debian.org/security/faq


Package : sympa
Vulnerability : buffer overflow
Problem-Type : local
Debian-specific: no
CVE ID : CAN-2005-0073

Erik Sjölund discovered that a support script of sympa, a mailing list manager, is running setuid sympa and vulnerable to a buffer overflow. This could potentially lead to the execution of arbitrary code under the sympa user id.

For the stable distribution (woody) this problem has been fixed in version 3.3.3-3woody2.

For the unstable distribution (sid) this problem will be fixed soon.

We recommend that you upgrade your sympa package.

Upgrade Instructions


wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody


Source archives:

http://security.debian.org/pool/updates/main/s/sympa/sympa_3.3.3-3woody2.dsc
Size/MD5 checksum: 601 757b8a0b0b6dde6e1b4626768e98aaaf
http://security.debian.org/pool/updates/main/s/sympa/sympa_3.3.3-3woody2.diff.gz
Size/MD5 checksum: 44518 1bcea87b271163637a68aae20e1e14f9
http://security.debian.org/pool/updates/main/s/sympa/sympa_3.3.3.orig.tar.gz
Size/MD5 checksum: 1457710 59776560bfb6c124c5a25129127383be

Architecture independent components:

http://security.debian.org/pool/updates/main/s/sympa/wwsympa_3.3.3-3woody2_all.deb
Size/MD5 checksum: 349648 0933a74b3e7b529bc3ccfff1e44fd310

Alpha architecture:

http://security.debian.org/pool/updates/main/s/sympa/sympa_3.3.3-3woody2_alpha.deb
Size/MD5 checksum: 636122 bcf354d30dd2bda45baeebb512ac84f2

ARM architecture:

http://security.debian.org/pool/updates/main/s/sympa/sympa_3.3.3-3woody2_arm.deb
Size/MD5 checksum: 634994 3936100bb555bc3f0c67cc4476138d46

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/s/sympa/sympa_3.3.3-3woody2_i386.deb
Size/MD5 checksum: 634982 bb63c09723a848b727d95994d9804ee9

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/s/sympa/sympa_3.3.3-3woody2_ia64.deb
Size/MD5 checksum: 637714 2f88784e6c5a9cffdb5a75c56e08ec6d

HP Precision architecture:

http://security.debian.org/pool/updates/main/s/sympa/sympa_3.3.3-3woody2_hppa.deb
Size/MD5 checksum: 635516 9808c2d9c7e812141c6bb21c63694903

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/s/sympa/sympa_3.3.3-3woody2_m68k.deb
Size/MD5 checksum: 635186 0fa581c1fc424991e18079e09dec910d

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/s/sympa/sympa_3.3.3-3woody2_mips.deb
Size/MD5 checksum: 634980 b7cba06ff5e119967c0568392797d78c

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/s/sympa/sympa_3.3.3-3woody2_mipsel.deb
Size/MD5 checksum: 635016 fbf75e6f39246a03007e0627b35ea8b0

PowerPC architecture:

http://security.debian.org/pool/updates/main/s/sympa/sympa_3.3.3-3woody2_powerpc.deb
Size/MD5 checksum: 634678 061911261f49ddd13918c1af45d2738b

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/s/sympa/sympa_3.3.3-3woody2_s390.deb
Size/MD5 checksum: 635834 f127573347d01e3cd5daedb6235462b5

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/s/sympa/sympa_3.3.3-3woody2_sparc.deb
Size/MD5 checksum: 639518 c86008d13499edddeaf9f5f5daf5a667

These files will probably be moved into the stable distribution on its next update.



Debian Security Advisory DSA 678-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
February 11th, 2005 http://www.debian.org/security/faq


Package : netkit-rwho
Vulnerability : missing input validation
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2004-1180

"Vlad902" discovered a vulnerability in the rwhod program that can be used to crash the listening process. The broadcasting one is unaffected. This vulnerability only affects little endian architectures (i.e. on Debian: alpha, arm, alpha, ia64, i386, mipsel and s390).

For the stable distribution (woody) this problem has been fixed in version 0.17-4woody2.

For the unstable distribution (sid) this problem has been fixed in version 0.17-8.

We recommend that you upgrade your rwhod package.

Upgrade Instructions


wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody


Source archives:

http://security.debian.org/pool/updates/main/n/netkit-rwho/netkit-rwho_0.17-4woody2.dsc
Size/MD5 checksum: 573 232cc3d400360adf91f477ae6e4df1db
http://security.debian.org/pool/updates/main/n/netkit-rwho/netkit-rwho_0.17-4woody2.diff.gz
Size/MD5 checksum: 10970 67909ae8e428409b9d66e59d053df76d
http://security.debian.org/pool/updates/main/n/netkit-rwho/netkit-rwho_0.17.orig.tar.gz
Size/MD5 checksum: 20610 0f71620d45d472f89134ba0d74242e75

Alpha architecture:

http://security.debian.org/pool/updates/main/n/netkit-rwho/rwho_0.17-4woody2_alpha.deb
Size/MD5 checksum: 15600 9209b79116d4da8e61c042daa60d8571
http://security.debian.org/pool/updates/main/n/netkit-rwho/rwhod_0.17-4woody2_alpha.deb
Size/MD5 checksum: 19020 20244ee92243cbf7a73fbf63ef4669df

ARM architecture:

http://security.debian.org/pool/updates/main/n/netkit-rwho/rwho_0.17-4woody2_arm.deb
Size/MD5 checksum: 13096 eced290e15edb12ddec5c0f4bc2f873c
http://security.debian.org/pool/updates/main/n/netkit-rwho/rwhod_0.17-4woody2_arm.deb
Size/MD5 checksum: 17464 98c7f887ab745f562d4dcb12bf42bbbf

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/n/netkit-rwho/rwho_0.17-4woody2_i386.deb
Size/MD5 checksum: 12692 04e8597017f17b8357aabfd12171ebfe
http://security.debian.org/pool/updates/main/n/netkit-rwho/rwhod_0.17-4woody2_i386.deb
Size/MD5 checksum: 17364 d510fe20152828ede22d85c9e8b7eeb8

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/n/netkit-rwho/rwho_0.17-4woody2_ia64.deb
Size/MD5 checksum: 15946 3e478d1bb74472c6cd967e7890e5d624
http://security.debian.org/pool/updates/main/n/netkit-rwho/rwhod_0.17-4woody2_ia64.deb
Size/MD5 checksum: 20658 4f3f5a38d76c868ea028e20df6a58abf

HP Precision architecture:

http://security.debian.org/pool/updates/main/n/netkit-rwho/rwho_0.17-4woody2_hppa.deb
Size/MD5 checksum: 13906 5890c7723b8aad599e8605e122934a93
http://security.debian.org/pool/updates/main/n/netkit-rwho/rwhod_0.17-4woody2_hppa.deb
Size/MD5 checksum: 18066 4c9fc358830c8ad2885779f02c246b66

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/n/netkit-rwho/rwho_0.17-4woody2_m68k.deb
Size/MD5 checksum: 12654 f600ddc3d01ee478115438c751c0836f
http://security.debian.org/pool/updates/main/n/netkit-rwho/rwhod_0.17-4woody2_m68k.deb
Size/MD5 checksum: 17100 d47344fcf36586bf35ba8552b924e7e9

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/n/netkit-rwho/rwho_0.17-4woody2_mips.deb
Size/MD5 checksum: 13218 05ce9334de62e64a6031d0a397b52b8e
http://security.debian.org/pool/updates/main/n/netkit-rwho/rwhod_0.17-4woody2_mips.deb
Size/MD5 checksum: 17120 5c7e1752201621b82154d8107e466fe0

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/n/netkit-rwho/rwho_0.17-4woody2_mipsel.deb
Size/MD5 checksum: 13266 58bdafa0f3727901bea58b5337078dc6
http://security.debian.org/pool/updates/main/n/netkit-rwho/rwhod_0.17-4woody2_mipsel.deb
Size/MD5 checksum: 17446 d2a3eb4211c8b7beaa502a489a08037c

PowerPC architecture:

http://security.debian.org/pool/updates/main/n/netkit-rwho/rwho_0.17-4woody2_powerpc.deb
Size/MD5 checksum: 13030 e472eb81db77c5e50b5756ce58c92795
http://security.debian.org/pool/updates/main/n/netkit-rwho/rwhod_0.17-4woody2_powerpc.deb
Size/MD5 checksum: 17122 fc8bb02bcc162a54076405e1cbe7b0d0

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/n/netkit-rwho/rwho_0.17-4woody2_s390.deb
Size/MD5 checksum: 13414 9f2dea228f0c0ed3452d26e11366a47f
http://security.debian.org/pool/updates/main/n/netkit-rwho/rwhod_0.17-4woody2_s390.deb
Size/MD5 checksum: 17842 00320623fa238648f89a6fde1a03eefc

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/n/netkit-rwho/rwho_0.17-4woody2_sparc.deb
Size/MD5 checksum: 16062 d8b71eb71a33f4b45132a91731ab1d6e
http://security.debian.org/pool/updates/main/n/netkit-rwho/rwhod_0.17-4woody2_sparc.deb
Size/MD5 checksum: 19818 9b1462f4fbf007255f380ce632bf868c

These files will probably be moved into the stable distribution on its next update.


For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

Fedora Legacy


Fedora Legacy Update Advisory

Synopsis: Updated gpdf package fixes security issues
Advisory ID: FLSA:2353
Issue date: 2005-02-10
Product: Fedora Core
Keywords: Bugfix
Cross references: https://bugzilla.fedora.us/show_bug.cgi?id=2353
CVE Names: CAN-2004-0888 CAN-2004-1125 CAN-2005-0064



1. Topic:

An updated gpdf package that fixes a number of integer overflow security flaws is now available.

GPdf is a viewer for Portable Document Format (PDF) files for GNOME.

2. Relevant releases/architectures:

Fedora Core 1 - i386

3. Problem description:

During a source code audit, Chris Evans and others discovered a number of integer overflow bugs that affected all versions of xpdf. These issues also affect gpdf as it is based on xpdf source code. An attacker could construct a carefully crafted PDF file that could cause gpdf to crash or possibly execute arbitrary code when opened. The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name CAN-2004-0888 to this issue.

A buffer overflow flaw was found in the Gfx::doImage function of Xpdf. This flaw also affects gpdf as it is based on xpdf source code. An attacker could construct a carefully crafted PDF file that could cause gpdf to crash or possibly execute arbitrary code when opened. The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name CAN-2004-1125 to this issue.

A buffer overflow flaw was found when processing the /Encrypt /Length tag. An attacker could construct a carefully crafted PDF file that could cause gpdf to crash or possibly execute arbitrary code when opened. The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name CAN-2005-0064 to this issue.

Users of gpdf are advised to upgrade to this errata package, which contains backported patches correcting these issues.

4. Solution:

Before applying this update, make sure all previously released errata relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory only contains the desired RPMs.

Please note that this update is also available via yum and apt. Many people find this an easier way to apply updates. To use yum issue:

yum update

or to use apt:

apt-get update; apt-get upgrade

This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. This assumes that you have yum or apt-get configured for obtaining Fedora Legacy content. Please visit http://www fedoralegacy.org/docs for directions on how to configure yum and apt-get.

5. Bug IDs fixed:

http://bugzilla.fedora.us - bug #2353 - xpdf buffer overflows apply to gpdf

6. RPMs required:

Fedora Core 1:

SRPM:
http://download.fedoralegacy.org/fedora/1/updates/SRPMS/gpdf-0.110-1.4.legacy.src.rpm

i386:
http://download.fedoralegacy.org/fedora/1/updates/i386/gpdf-0.110-1.4.legacy.i386.rpm

7. Verification:

SHA1 sum Package Name


63438a137ac33d1355bc6b8065fef0a03dde7e68 fedora/1/updates/i386/gpdf-0.110-1.4.legacy.i386.rpm
19c4e9fd40a135b4ad782c228990edcdc38dad04 fedora/1/updates/SRPMS/gpdf-0.110-1.4.legacy.src.rpm

These packages are GPG signed by Fedora Legacy for security. Our key is available from http://www.fedoralegacy org/about/security.php

You can verify each package with the following command:

rpm --checksig -v <filename>

If you only wish to verify that each package has not been corrupted or tampered with, examine only the sha1sum with the following command:

sha1sum <filename>

8. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0888
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1125
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0064
http://www.idefense.com/application/poi/display?id=186&type=vulnerabilities

9. Contact:

The Fedora Legacy security contact is <secnotice@fedoralegacy.org>. More project details at http://www.fedoralegacy.org



Fedora Legacy Update Advisory

Synopsis: Updated iptables packages resolve security issues
Advisory ID: FLSA:2252
Issue date: 2005-02-10
Product: Red Hat Linux, Fedora Core
Keywords: Bugfix
Cross references: https://bugzilla.fedora.us/show_bug.cgi?id=2252
CVE Names: CAN-2004-0986



1. Topic:

Updated iptables packages that correct a security problem are now available.

The iptables utility controls the network packet filtering code in the Linux kernel.

2. Relevant releases/architectures:

Red Hat Linux 7.3 - i386
Red Hat Linux 9 - i386
Fedora Core 1 - i386

3. Problem description:

Under certain conditions, iptables did not properly load the required modules at system startup, which caused the firewall rules to fail to load and protect the system from remote attackers. The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name CAN-2004-0986 to this issue.

Users of iptables are advised to upgrade to these errata packages, which contain backported patches correcting these issues.

4. Solution:

Before applying this update, make sure all previously released errata relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory only contains the desired RPMs.

Please note that this update is also available via yum and apt. Many people find this an easier way to apply updates. To use yum issue:

yum update

or to use apt:

apt-get update; apt-get upgrade

This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. This assumes that you have yum or apt-get configured for obtaining Fedora Legacy content. Please visit http://www fedoralegacy.org/docs for directions on how to configure yum and apt-get.

5. Bug IDs fixed:

http://bugzilla.fedora.us - bug #2252 - iptables May Fail to Automatically Load Some Modules

6. RPMs required:

Red Hat Linux 7.3:

SRPM:
http://download.fedoralegacy.org/redhat/7.3/updates/SRPMS/iptables-1.2.8-8.73.1.legacy.src.rpm

i386:
http://download.fedoralegacy.org/redhat/7.3/updates/i386/iptables-1.2.8-8.73.1.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/iptables-ipv6-1.2.8-8.73.1.legacy.i386.rpm

Red Hat Linux 9:

SRPM:
http://download.fedoralegacy.org/redhat/9/updates/SRPMS/iptables-1.2.8-8.90.1.legacy.src.rpm

i386:
http://download.fedoralegacy.org/redhat/9/updates/i386/iptables-1.2.8-8.90.1.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/iptables-ipv6-1.2.8-8.90.1.legacy.i386.rpm

Fedora Core 1:

SRPM:
http://download.fedoralegacy.org/redhat/9/updates/SRPMS/iptables-1.2.9-1.0.1.legacy.src.rpm

i386:
http://download.fedoralegacy.org/redhat/9/updates/i386/iptables-1.2.9-1.0.1.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/iptables-devel-1.2.9-1.0.1.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/iptables-ipv6-1.2.9-1.0.1.legacy.i386.rpm

7. Verification:

SHA1 sum Package Name


83895bb3697fc2c0a6442a12a481e5670a4c4e36 redhat/7.3/updates/i386/iptables-1.2.8-8.73.1.legacy.i386.rpm
a4fbd94e3307c8f6915e9cdf23b98069e7c9e44c redhat/7.3/updates/i386/iptables-ipv6-1.2.8-8.73.1.legacy.i386.rpm
d0630819c5a33d60976b5b3c0ed5b7e67bbfc1f6 redhat/7.3/updates/SRPMS/iptables-1.2.8-8.73.1.legacy.src.rpm
1bf551072cb97cb4dfcec90530dbe5f71d3eb4b0 redhat/9/updates/i386/iptables-1.2.8-8.90.1.legacy.i386.rpm
e80b93d0c4161576a2707253b25240a2330f7d43 redhat/9/updates/i386/iptables-ipv6-1.2.8-8.90.1.legacy.i386.rpm
5a7849fa4cc500bf6bc0d8320080fb6ba23d9e32 redhat/9/updates/SRPMS/iptables-1.2.8-8.90.1.legacy.src.rpm
87484b5ab4fed7ddaeea720d5303e7f9eca88d16 fedora/1/updates/i386/iptables-1.2.9-1.0.1.legacy.i386.rpm
6aa4eab81a36ddbbd00d4bde0280dd673dfd5324 fedora/1/updates/i386/iptables-devel-1.2.9-1.0.1.legacy.i386.rpm
4d545e88fbec8ff2371a4ed9c5bc494400db6d63 fedora/1/updates/i386/iptables-ipv6-1.2.9-1.0.1.legacy.i386.rpm
7ded8f4994d1a0017d804969318d8d0a6fa5053c fedora/1/updates/SRPMS/iptables-1.2.9-1.0.1.legacy.src.rpm

These packages are GPG signed by Fedora Legacy for security. Our key is available from http://www.fedoralegacy org/about/security.php

You can verify each package with the following command:

rpm --checksig -v <filename>

If you only wish to verify that each package has not been corrupted or tampered with, examine only the sha1sum with the following command:

sha1sum <filename>

8. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0986

9. Contact:

The Fedora Legacy security contact is <secnotice@fedoralegacy.org>. More project details at http://www.fedoralegacy.org



Fedora Legacy Update Advisory

Synopsis: Updated Xpdf package fixes security issues
Advisory ID: FLSA:2352
Issue date: 2005-02-10
Product: Red Hat Linux, Fedora Core
Keywords: Bugfix
Cross references: https://bugzilla.fedora.us/show_bug.cgi?id=2352
CVE Names: CAN-2004-0888 CAN-2004-1125 CAN-2005-0064



1. Topic:

Updated Xpdf packages that fix several security issues are now available.

Xpdf is an X Window System based viewer for Portable Document Format (PDF) files.

2. Relevant releases/architectures:

Red Hat Linux 7.3 - i386
Red Hat Linux 9 - i386
Fedora Core 1 - i386

3. Problem description:

During a source code audit, Chris Evans and others discovered a number of integer overflow bugs that affected all versions of xpdf. An attacker could construct a carefully crafted PDF file that could cause xpdf to crash or possibly execute arbitrary code when opened. The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name CAN-2004-0888 to this issue.

A buffer overflow flaw was found in the Gfx::doImage function of Xpdf. An attacker could construct a carefully crafted PDF file that could cause Xpdf to crash or possibly execute arbitrary code when opened. The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name CAN-2004-1125 to this issue.

A buffer overflow flaw was found when processing the /Encrypt /Length tag. An attacker could construct a carefully crafted PDF file that could cause Xpdf to crash or possibly execute arbitrary code when opened. The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name CAN-2005-0064 to this issue.

Users of xpdf are advised to upgrade to these errata packages, which contain backported patches correcting these issues.

4. Solution:

Before applying this update, make sure all previously released errata relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory only contains the desired RPMs.

Please note that this update is also available via yum and apt. Many people find this an easier way to apply updates. To use yum issue:

yum update

or to use apt:

apt-get update; apt-get upgrade

This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. This assumes that you have yum or apt-get configured for obtaining Fedora Legacy content. Please visit http://www fedoralegacy.org/docs for directions on how to configure yum and apt-get.

5. Bug IDs fixed:

http://bugzilla.fedora.us - bug #2352 - xpdf 3.00 Buffer overflow

6. RPMs required:

Red Hat Linux 7.3:

SRPM:
http://download.fedoralegacy.org/redhat/7.3/updates/SRPMS/xpdf-1.00-7.4.legacy.src.rpm

i386:
http://download.fedoralegacy.org/redhat/7.3/updates/i386/xpdf-1.00-7.4.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/xpdf-chinese-simplified-1.00-7.4.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/xpdf-chinese-traditional-1.00-7.4.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/xpdf-japanese-1.00-7.4.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/xpdf-korean-1.00-7.4.legacy.i386.rpm

Red Hat Linux 9:

SRPM:
http://download.fedoralegacy.org/redhat/9/updates/SRPMS/xpdf-2.01-11.3.legacy.src.rpm

i386:
http://download.fedoralegacy.org/redhat/9/updates/i386/xpdf-2.01-11.3.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/xpdf-chinese-simplified-2.01-11.3.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/xpdf-chinese-traditional-2.01-11.3.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/xpdf-japanese-2.01-11.3.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/xpdf-korean-2.01-11.3.legacy.i386.rpm

Fedora Core 1:

SRPM:
http://download.fedoralegacy.org/fedora/1/updates/SRPMS/xpdf-2.03-1.3.legacy.src.rpm

i386:
http://download.fedoralegacy.org/fedora/1/updates/i386/xpdf-2.03-1.3.legacy.i386.rpm

7. Verification:

SHA1 sum Package Name


423ffbb749b7ee88eeb10e6a859eeb0bf065e14f redhat/7.3/updates/i386/xpdf-1.00-7.4.legacy.i386.rpm
c73127114f7369b5b7dc47f888bd751aff93126e redhat/7.3/updates/i386/xpdf-chinese-simplified-1.00-7.4.legacy.i386.rpm
fc92215a4b5767adc4fc97dbdab273116ba4d633 redhat/7.3/updates/i386/xpdf-chinese-traditional-1.00-7.4.legacy.i386.rpm
f723ea683d914c4a07715a06aa986f91617bd4ea redhat/7.3/updates/i386/xpdf-japanese-1.00-7.4.legacy.i386.rpm
81c63ff5b9f1fc0e6a9a384407a46bd699f33feb redhat/7.3/updates/i386/xpdf-korean-1.00-7.4.legacy.i386.rpm
e4a7aabeaaac53c1773f2cee640ec1052cffb820 redhat/7.3/updates/SRPMS/xpdf-1.00-7.4.legacy.src.rpm
67e76b9214471447bf79ea1b5b191b16122ba2c0 redhat/9/updates/i386/xpdf-2.01-11.3.legacy.i386.rpm
7c6d5c6374dd7e5c952d37ead71071500ac9fda3 redhat/9/updates/i386/xpdf-chinese-simplified-2.01-11.3.legacy.i386.rpm
e351ec803bc2e7c27aa4677dcd57ad9f4772c492 redhat/9/updates/i386/xpdf-chinese-traditional-2.01-11.3.legacy.i386.rpm
fcde9f1758de64bd50e5ef003cf344c63264b940 redhat/9/updates/i386/xpdf-japanese-2.01-11.3.legacy.i386.rpm
a5e48c1ef2bca6e59b4c27f442078231d6dd68c2 redhat/9/updates/i386/xpdf-korean-2.01-11.3.legacy.i386.rpm
118304e7529774f84fd2a7ac23c4220fe5f92a52 redhat/9/updates/SRPMS/xpdf-2.01-11.3.legacy.src.rpm
604172c53feadba2f6049a41e214dd61ec24fd95 fedora/1/updates/i386/xpdf-2.03-1.3.legacy.i386.rpm
93454fd7f71a3fe88bcc89593312c6120e7168fc fedora/1/updates/SRPMS/xpdf-2.03-1.3.legacy.src.rpm

These packages are GPG signed by Fedora Legacy for security. Our key is available from http://www.fedoralegacy org/about/security.php

You can verify each package with the following command:

rpm --checksig -v <filename>

If you only wish to verify that each package has not been corrupted or tampered with, examine only the sha1sum with the following command:

sha1sum <filename>

8. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0888
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1125
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0064
http://www.idefense.com/application/poi/display?id=186&type=vulnerabilities

9. Contact:

The Fedora Legacy security contact is <secnotice@fedoralegacy.org>. More project details at http://www.fedoralegacy.org



Fedora Legacy Update Advisory

Synopsis: Updated gaim package resolves security issues
Advisory ID: FLSA:2188
Issue date: 2005-02-10
Product: Red Hat Linux, Fedora Core
Keywords: Bugfix
Cross references: https://bugzilla.fedora.us/show_bug.cgi?id=2188
CVE Names: CAN-2004-0891



1. Topic:

An updated gaim package that fixes security issues and various bugs is now avaliable.

The gaim application is a multi-protocol instant messaging client.

2. Relevant releases/architectures:

Red Hat Linux 7.3 - i386
Red Hat Linux 9 - i386
Fedora Core 1 - i386

3. Problem description:

A buffer overflow has been discovered in the MSN protocol handler. When receiving unexpected sequence of MSNSLP messages, it is possible that an attacker could cause an internal buffer overflow, leading to a crash or possible code execution. The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name CAN-2004-0891 to this issue.

This updated gaim package also fixes multiple user interface, protocol, and error handling problems, including an ICQ communication encoding issue.

Users of gaim are advised to upgrade to this updated package which contains gaim version 1.0.2 and is not vulnerable to these issues.

4. Solution:

Before applying this update, make sure all previously released errata relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory only contains the desired RPMs.

Please note that this update is also available via yum and apt. Many people find this an easier way to apply updates. To use yum issue:

yum update

or to use apt:

apt-get update; apt-get upgrade

This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. This assumes that you have yum or apt-get configured for obtaining Fedora Legacy content. Please visit http://www fedoralegacy.org/docs for directions on how to configure yum and apt-get.

5. Bug IDs fixed:

http://bugzilla.fedora.us - bug #2188 - gaim MSN protocol buffer overflow.

6. RPMs required:

Red Hat Linux 7.3:

SRPM:
http://download.fedoralegacy.org/redhat/7.3/updates/SRPMS/gaim-1.0.2-0.FC0.73.0.legacy.src.rpm

i386:
http://download.fedoralegacy.org/redhat/7.3/updates/i386/gaim-1.0.2-0.FC0.73.0.legacy.i386.rpm

Red Hat Linux 9:

SRPM:
http://download.fedoralegacy.org/redhat/9/updates/SRPMS/gaim-1.0.2-0.FC0.90.0.legacy.src.rpm

i386:
http://download.fedoralegacy.org/redhat/9/updates/i386/gaim-1.0.2-0.FC0.90.0.legacy.i386.rpm

Fedora Core 1:

SRPM:
http://download.fedoralegacy.org/redhat/9/updates/SRPMS/gaim-1.0.2-0.FC1.0.legacy.src.rpm

i386:
http://download.fedoralegacy.org/redhat/9/updates/i386/gaim-1.0.2-0.FC1.0.legacy.i386.rpm

7. Verification:

SHA1 sum Package Name


a174d3f8283b608124a7d1061d951d3f44eaf5df redhat/7.3/updates/i386/gaim-1.0.2-0.FC0.73.0.legacy.i386.rpm
b16668fdeddf34c3534065ab971b511774c346a8 redhat/7.3/updates/SRPMS/gaim-1.0.2-0.FC0.73.0.legacy.src.rpm
4b1ebfc27b5b05868f5737064f16711d72904565 redhat/9/updates/i386/gaim-1.0.2-0.FC0.90.0.legacy.i386.rpm
23dc361672ef204e40dcdba7f5c3a395200625f4 redhat/9/updates/SRPMS/gaim-1.0.2-0.FC0.90.0.legacy.src.rpm
78e9993c468e49abf30779c99a9436046fcce426 fedora/1/updates/i386/gaim-1.0.2-0.FC1.0.legacy.i386.rpm
bed1c8a428c099d51086ddc4acf90571f3a04a98 fedora/1/updates/SRPMS/gaim-1.0.2-0.FC1.0.legacy.src.rpm

These packages are GPG signed by Fedora Legacy for security. Our key is available from http://www.fedoralegacy org/about/security.php

You can verify each package with the following command:

rpm --checksig -v <filename>

If you only wish to verify that each package has not been corrupted or tampered with, examine only the sha1sum with the following command:

sha1sum <filename>

8. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0891

9. Contact:

The Fedora Legacy security contact is <secnotice@fedoralegacy.org>. More project details at http://www.fedoralegacy.org


Gentoo Linux


Gentoo Linux Security Advisory GLSA 200502