Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


Top White Papers

More on LinuxToday


Advisories: August 30, 2005

Aug 31, 2005, 04:45 (0 Talkback[s])

Debian GNU/Linux


Debian Security Advisory DSA 790-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
August 30th, 2005 http://www.debian.org/security/faq


Package : phpldapadmin
Vulnerability : programming error
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2005-2654
Debian Bug : 322423

Alexander Gerasiov discovered that phpldapadmin, a web based interface for administering LDAP servers, allows anybody to access the LDAP server anonymously, even if this is disabled in the configuration with the "disable_anon_bind" statement.

The old stable distribution (woody) is not vulnerable to this problem.

For the stable distribution (sarge) this problem has been fixed in version 0.9.5-3sarge1.

For the unstable distribution (sid) this problem has been fixed in version 0.9.6c-5.

We recommend that you upgrade your phpldapadmin package.

Upgrade Instructions


wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.1 alias sarge


Source archives:

    http://security.debian.org/pool/updates/main/p/phpldapadmin/phpldapadmin_0.9.5-3sarge2.dsc
      Size/MD5 checksum: 619 d6da0a97614965ba396e3ca4079ddabb
    http://security.debian.org/pool/updates/main/p/phpldapadmin/phpldapadmin_0.9.5-3sarge2.diff.gz
      Size/MD5 checksum: 11564 543a7a99fb997976bbdaa51056e85d4f
    http://security.debian.org/pool/updates/main/p/phpldapadmin/phpldapadmin_0.9.5.orig.tar.gz
      Size/MD5 checksum: 617707 fb0669d4c4b88573875555aef2630de8

Architecture independent components:

    http://security.debian.org/pool/updates/main/p/phpldapadmin/phpldapadmin_0.9.5-3sarge2_all.deb
      Size/MD5 checksum: 616852 2ea5bc2d2f2eb0736f75cc8b48618842

These files will probably be moved into the stable distribution on its next update.



Debian Security Advisory DSA 791-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
August 30th, 2005 http://www.debian.org/security/faq


Package : maildrop
Vulnerability : missing privilege release
Problem-Type : local
Debian-specific: yes
CVE ID : CAN-2005-2655
Debian Bug : 325135

Max Vozeler discoveredt hat the lockmail program from maildrop, a simple mail delivery agent with filtering abilities, does not drop group privileges before executing commands given on the commandline, allowing an attacker to execute arbitrary commands under with group mail privileges.

The old stable distribution (woody) is not affected by this problem.

For the stable distribution (sarge) this problem has been fixed in version 1.5.3-1.1sarge1.

For the unstable distribution (sid) this problem has been fixed in version 1.5.3-2.

We recommend that you upgrade your maildrop package.

Upgrade Instructions


wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.1 alias sarge


Source archives:

    http://security.debian.org/pool/updates/main/m/maildrop/maildrop_1.5.3-1.1sarge1.dsc
      Size/MD5 checksum: 596 e76d7a43dde5122dbabd21b994a32f2f
    http://security.debian.org/pool/updates/main/m/maildrop/maildrop_1.5.3-1.1sarge1.diff.gz
      Size/MD5 checksum: 22819 3ec43b768cfb2c8b006c5c4a381afc3b
    http://security.debian.org/pool/updates/main/m/maildrop/maildrop_1.5.3.orig.tar.gz
      Size/MD5 checksum: 1009174 5c7727ddff120a339fb9658d6c553462

Alpha architecture:

    http://security.debian.org/pool/updates/main/m/maildrop/maildrop_1.5.3-1.1sarge1_alpha.deb
      Size/MD5 checksum: 363330 5aa987d64b2d28961fb2b1e65b865ea3

AMD64 architecture:

    http://security.debian.org/pool/updates/main/m/maildrop/maildrop_1.5.3-1.1sarge1_amd64.deb
      Size/MD5 checksum: 329170 29e4ae76fce86fa5c7b17be3fc06b07f

ARM architecture:

    http://security.debian.org/pool/updates/main/m/maildrop/maildrop_1.5.3-1.1sarge1_arm.deb
      Size/MD5 checksum: 305936 c99c08496e5aa6f4e48f3cead6cd1041

Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/m/maildrop/maildrop_1.5.3-1.1sarge1_i386.deb
      Size/MD5 checksum: 315316 45a21b635d79fd783a6a4b2ea8eeb0fb

Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/m/maildrop/maildrop_1.5.3-1.1sarge1_ia64.deb
      Size/MD5 checksum: 405646 c2be65e5af7085deafd4c332d624f9b5

HP Precision architecture:

    http://security.debian.org/pool/updates/main/m/maildrop/maildrop_1.5.3-1.1sarge1_hppa.deb
      Size/MD5 checksum: 348108 400ddf8ee844b685e683893de2bc7186

Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/m/maildrop/maildrop_1.5.3-1.1sarge1_m68k.deb
      Size/MD5 checksum: 294932 72e7e31ec6408f5a00012141718666d6

Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/m/maildrop/maildrop_1.5.3-1.1sarge1_mips.deb
      Size/MD5 checksum: 348182 f66f3863c068e3f3897ee531f242f4ea

Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/m/maildrop/maildrop_1.5.3-1.1sarge1_mipsel.deb
      Size/MD5 checksum: 348002 6b8b8047154a4aae6ae4a08a26c328a4

PowerPC architecture:

    http://security.debian.org/pool/updates/main/m/maildrop/maildrop_1.5.3-1.1sarge1_powerpc.deb
      Size/MD5 checksum: 326702 0b5a94cede67887ce474ca37cd48da54

IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/m/maildrop/maildrop_1.5.3-1.1sarge1_s390.deb
      Size/MD5 checksum: 321620 d7c3b3acc5445e5ca53cf9986a837d81

Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/m/maildrop/maildrop_1.5.3-1.1sarge1_sparc.deb
      Size/MD5 checksum: 307994 0ca7e53ae93ba472527eedda1d92490f

These files will probably be moved into the stable distribution on its next update.


For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

Fedora Core


Fedora Update Notification
FEDORA-2005-822
2005-08-29

Product : Fedora Core 4
Name : dbus
Version : 0.33
Release : 3.fc4.1
Summary : D-BUS message bus

Description :

D-BUS is a system for sending messages between applications. It is used both for the systemwide message bus service, and as a per-user-login-session messaging facility.


  • Mon Aug 29 2005 John (J5) Palmieri <johnp@redhat.com> - 0.33-3.fc4.1
    • add patch from 0.2x series that fixes an exploit where users can attach to another user's session bus (CAN-2005-0201)

This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/

a5f7ec019ae83d8ba7bc34ad5e455b1f SRPMS/dbus-0.33-3.fc4.1.src.rpm
b18b22127961fdfffe5361a408a8a3a1 ppc/dbus-0.33-3.fc4.1.ppc.rpm
8e3fa6f831df2888842035c2272573f4 ppc/dbus-devel-0.33-3.fc4.1.ppc.rpm
989d3af37848d07a11fe85af05729cfe ppc/dbus-glib-0.33-3.fc4.1.ppc.rpm
6aba9846ef9ed05e276a73570ba9250b ppc/dbus-x11-0.33-3.fc4.1.ppc.rpm
a51431b65a5a7dc389ab1b680f93d22b ppc/dbus-python-0.33-3.fc4.1.ppc.rpm
e4f117cea0d30e1c6cc475ae1b168740 ppc/debug/dbus-debuginfo-0.33-3.fc4.1.ppc.rpm
84823a401d47631f95dac20d76b49aaf ppc/dbus-0.33-3.fc4.1.ppc64.rpm
863a61e3a5a69682bbb72a603c5f4228 ppc/dbus-glib-0.33-3.fc4.1.ppc64.rpm
1900b51f1a622fca3677ccf33fee8712 x86_64/dbus-0.33-3.fc4.1.x86_64.rpm
e469ec09a5df40b99f6a5e592723bcb2 x86_64/dbus-devel-0.33-3.fc4.1.x86_64.rpm
5609ebfc1844fa3d4fd82772dd055709 x86_64/dbus-glib-0.33-3.fc4.1.x86_64.rpm
8a232308c032cd5b7b3d798aa7e18339 x86_64/dbus-x11-0.33-3.fc4.1.x86_64.rpm
b82c3f4720c867dc88202c8f58ac65f4 x86_64/dbus-python-0.33-3.fc4.1.x86_64.rpm
429984bab7e596546906e95bfd9698ea x86_64/debug/dbus-debuginfo-0.33-3.fc4.1.x86_64.rpm
ccc0b77a02f0586dbf1acf1adc81e019 x86_64/dbus-0.33-3.fc4.1.i386.rpm
0f3a59c3f02f5b2f7097989ebfa7b41a x86_64/dbus-glib-0.33-3.fc4.1.i386.rpm
ccc0b77a02f0586dbf1acf1adc81e019 i386/dbus-0.33-3.fc4.1.i386.rpm
ce7293f13fadcfd3b71c2bd1989c3eaa i386/dbus-devel-0.33-3.fc4.1.i386.rpm
0f3a59c3f02f5b2f7097989ebfa7b41a i386/dbus-glib-0.33-3.fc4.1.i386.rpm
04e3b4b44f14b21d5b5ce95313ee25ad i386/dbus-x11-0.33-3.fc4.1.i386.rpm
b00faaa5e17a85defadb884b3dcfdf30 i386/dbus-python-0.33-3.fc4.1.i386.rpm
99f4db31da2d4ab69878127151deab3b i386/debug/dbus-debuginfo-0.33-3.fc4.1.i386.rpm

This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command.


Gentoo Linux


Gentoo Linux Security Advisory GLSA 200508-19

http://security.gentoo.org/


Severity: Normal
Title: lm_sensors: Insecure temporary file creation
Date: August 30, 2005
Bugs: #103568
ID: 200508-19


Synopsis

lm_sensors is vulnerable to linking attacks, potentially allowing a local user to overwrite arbitrary files.

Background

lm_sensors is a software package that provides drivers for monitoring the temperatures, voltages, and fans of Linux systems with hardware monitoring devices.

Affected packages


     Package              /  Vulnerable  /                  Unaffected

  1  sys-apps/lm_sensors     < 2.9.1-r1                    >= 2.9.1-r1

Description

Javier Fernandez-Sanguino Pena has discovered that lm_sensors insecurely creates temporary files with predictable filenames when saving configurations.

Impact

A local attacker could create symbolic links in the temporary file directory, pointing to a valid file somewhere on the filesystem. When the pwmconfig script of lm_sensors is executed, this would result in the file being overwritten with the rights of the user running the script, which typically is the root user.

Workaround

There is no known workaround at this time.

Resolution

All lm_sensors users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=sys-apps/lm_sensors-2.9.1-r1"

References

[ 1 ] CAN-2005-2672

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2672

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200508-19.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2005 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.0


Gentoo Linux Security Advisory GLSA 200508-20

http://security.gentoo.org/


Severity: High
Title: phpGroupWare: Multiple vulnerabilities
Date: August 30, 2005
Bugs: #102379
ID: 200508-20


Synopsis

phpGroupWare is vulnerable to multiple issues ranging from information disclosure to a potential execution of arbitrary code.

Background

phpGroupWare is a multi-user groupware suite written in PHP.

Affected packages


     Package                /   Vulnerable   /              Unaffected

  1  www-apps/phpgroupware     < 0.9.16.008              >= 0.9.16.008

Description

phpGroupWare improperly validates the "mid" parameter retrieved via a forum post. The current version of phpGroupWare also adds several safeguards to prevent XSS issues, and disables the use of a potentially vulnerable XML-RPC library.

Impact

A remote attacker may leverage the XML-RPC vulnerability to execute arbitrary PHP script code. He could also create a specially crafted request that will reveal private posts.

Workaround

There is no known workaround at this time.

Resolution

All phpGroupWare users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=www-apps/phpgroupware-0.9.16.008"

References

[ 1 ] CAN-2005-2498

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2005-2498

[ 2 ] CAN-2005-2600

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2005-2600

[ 3 ] Secunia Advisory SA16414

http://secunia.com/advisories/16414

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200508-20.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2005 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.0

Slackware Linux

[slackware-security] PCRE library (SSA:2005-242-01)

New PCRE packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, and -current to fix a security issue. A buffer overflow could be triggered by a specially crafted regular expression. Any applications that use PCRE to process untrusted regular expressions may be exploited to run arbitrary code as the user running the application.

The PCRE library is also provided in an initial installation by the aaa_elflibs package, so if your system has a /usr/lib/libpcre.so.0 symlink, then you should install this updated package even if the PCRE package itself is not installed on the system.

More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491

Here are the details from the Slackware 10.1 ChangeLog:
+--------------------------+
patches/packages/pcre-6.3-i486-1.tgz: Upgraded to pcre-6.3.
This fixes a buffer overflow that could be triggered by the processing of a specially crafted regular expression. Theoretically this could be a security issue if regular expressions are accepted from untrusted users to be processed by a user with greater privileges, but this doesn't seem like a common scenario (or, for that matter, a good idea). However, if you are using an application that links to the shared PCRE library and accepts outside input in such a manner, you will want to update to this new package. For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491
(* Security fix *)
+--------------------------+

Where to find the new packages:

Updated package for Slackware 8.1:
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/pcre-6.3-i386-1.tgz

Updated package for Slackware 9.0:
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/pcre-6.3-i386-1.tgz

Updated package for Slackware 9.1:
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/pcre-6.3-i486-1.tgz

Updated package for Slackware 10.0:
ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/pcre-6.3-i486-1.tgz

Updated package for Slackware 10.1:
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/pcre-6.3-i486-1.tgz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/pcre-6.3-i486-1.tgz

MD5 signatures:

Slackware 8.1 package:
6d4ea9a84341297ebb86a3d218ee6520 pcre-6.3-i386-1.tgz

Slackware 9.0 package:
539769e82bb6e03db449f4154d557e36 pcre-6.3-i386-1.tgz

Slackware 9.1 package:
bb49c4be6ba9c8ed19d4be7997da065a pcre-6.3-i486-1.tgz

Slackware 10.0 package:
591c6fce5c0084f668bab1ea3ada4ebe pcre-6.3-i486-1.tgz

Slackware 10.1 package:
8f5f604fd35876d397d4e2d4e4fe83a1 pcre-6.3-i486-1.tgz

Slackware -current package:
c699044b38a70720439ace1097e84013 pcre-6.3-i486-1.tgz

Installation instructions:

Upgrade the package as root:
# upgradepkg pcre-6.3-i486-1.tgz

Then, restart any applications that use the PCRE library.

+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

[slackware-security] PHP (SSA:2005-242-02)

New PHP packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, and -current to fix security issues. PHP has been relinked with the shared PCRE library to fix an overflow issue with PHP's builtin PRCE code, and PEAR::XMLRPC has been upgraded to version 1.4.0 which eliminates the eval() function. The eval() function is believed to be insecure as implemented, and would be difficult to secure.

Note that these new packages now require that the PCRE package be installed, so be sure to get the new package from the patches/packages/ directory if you don't already have it. A new version of this (6.3) was also issued today, so be sure that is the one you install.

More details about these issues may be found in the Common Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2498

Here are the details from the Slackware 10.1 ChangeLog:
+--------------------------+
patches/packages/php-4.3.11-i486-3.tgz: Relinked with the system PCRE library, as the builtin library has a buffer overflow that could be triggered by the processing of a specially crafted regular expression.
Note that this change requires the pcre package to be installed. For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491
(* Security fix *)
Upgraded PEAR::XMLRPC to version 1.4.0, which eliminates the use of the insecure eval() function.
For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2498 (* Security fix *)
+--------------------------+

Where to find the new packages:

Updated package for Slackware 8.1:
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/php-4.3.11-i386-4.tgz

Updated package for Slackware 9.0:
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/php-4.3.11-i386-4.tgz

Updated package for Slackware 9.1:
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/php-4.3.11-i486-4.tgz

Updated package for Slackware 10.0:
ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/php-4.3.11-i486-3.tgz

Updated package for Slackware 10.1:
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/php-4.3.11-i486-3.tgz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/php-4.4.0-i486-3.tgz

MD5 signatures:

Slackware 8.1 package:
06ae1e8f982f2c8142194eb4691cb2c0 php-4.3.11-i386-4.tgz

Slackware 9.0 package:
41d878638bca9f1fd13086ab1c3b5528 php-4.3.11-i386-4.tgz

Slackware 9.1 package:
28c5d2d4a1f16ff7656606962b6c05b5 php-4.3.11-i486-4.tgz

Slackware 10.0 package:
da1920c127a633a38efc49035307f069 php-4.3.11-i486-3.tgz

Slackware 10.1 package:
5f7efa91b92ca0239b6dc413a2cc6a41 php-4.3.11-i486-3.tgz

Slackware -current package:
e60c975944a7ee9709819918d65d4699 php-4.4.0-i486-3.tgz

Installation instructions:

First, stop apache:
# apachectl stop

Next, upgrade to the new PHP package:
# upgradepkg php-4.3.11-i486-3.tgz

Finally, restart apache:
# apachectl start (or: apachectl startssl)

+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

[slackware-security] gaim (SSA:2005-242-03)

New gaim packages are available for Slackware 9.0, 9.1, 10.0, 10.1, and -current to fix some security issues. including:

AIM/ICQ away message buffer overflow
AIM/ICQ non-UTF-8 filename crash
Gadu-Gadu memory alignment bug

Sites that use GAIM should upgrade to the new version.

More details about these issues may be found in the Common Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2103
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2102
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2370

Here are the details from the Slackware 10.1 ChangeLog:
+--------------------------+
patches/packages/gaim-1.5.0-i486-1.tgz: Upgraded to gaim-1.5.0.
This fixes some more security issues. For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2103
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2102
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2370
(* Security fix *)
+--------------------------+

Where to find the new packages:

Updated package for Slackware 9.0:
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/gaim-1.5.0-i386-1.tgz

Updated package for Slackware 9.1:
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/gaim-1.5.0-i486-1.tgz

Updated package for Slackware 10.0:
ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/gaim-1.5.0-i486-1.tgz

Updated package for Slackware 10.1:
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/gaim-1.5.0-i486-1.tgz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/gaim-1.5.0-i486-1.tgz

MD5 signatures:

Slackware 9.0 package:
676bad766cfddb50c7453554d66b1748 gaim-1.5.0-i386-1.tgz

Slackware 9.1 package:
d2cc0baba627ba9dbf3f218bdeacc630 gaim-1.5.0-i486-1.tgz

Slackware 10.0 package:
98d55471ed0a2f9def7fcded90860839 gaim-1.5.0-i486-1.tgz

Slackware 10.1 package:
bc6891f4acb22530c472218f5d9493fb gaim-1.5.0-i486-1.tgz

Slackware -current package:
b9a55d4359183b81e1150bea6e13b61e gaim-1.5.0-i486-1.tgz

Installation instructions:

Upgrade the package as root:
# upgradepkg gaim-1.5.0-i486-1.tgz

+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

SUSE Linux


SUSE Security Announcement

Package: pcre
Announcement ID: SUSE-SA:2005:048
Date: Tue, 30 Aug 2005 15:00:00 +0000
Affected Products: 9.0, 9.1, 9.2, 9.3 SUSE Linux Desktop 1.0 SUSE Linux Enterprise Server 8, 9 Novell Linux Desktop 9
Vulnerability Type: remote code execution
Severity (1-10): 6
SUSE Default Package: yes
Cross-References: CAN-2005-2491

Content of This Advisory:

  1. Security Vulnerability Resolved: pcre integer overflow security problem Problem Description
  2. Solution or Work-Around
  3. Special Instructions and Notes
  4. Package Location and Checksums
  5. Pending Vulnerabilities, Solutions, and Work-Arounds: none
  6. Authenticity Verification and Additional Information

1) Problem Description and Brief Discussion

A vulnerability was found in the PCRE regular expression handling library which allows an attacker to crash or overflow a buffer in the program by specifying a special regular expression.

Since this library is used in a large number of packages, including apache2, php4, exim, postfix and similar, a remote attack could be possible.

This is tracked by the Mitre CVE ID CAN-2005-2491.

2) Solution or Work-Around

Install the updated packages.

3) Special Instructions and Notes

Please make sure you restart services linked against the pcre library (apache, exim, postfix).

4) Package Location and Checksums

The preferred method for installing security updates is to use the YaST Online Update (YOU) tool. YOU detects which updates are required and automatically performs the necessary steps to verify and install them. Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command

rpm -Fhv <file.rpm>

to apply the update, replacing <file.rpm> with the filename of the downloaded RPM package.

Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web.

x86 Platform:

SUSE Linux 9.3:
   ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/pcre-5.0-3.2.i586.rpm ccc4711c80659d57a7d06754d577a33c
   ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/pcre-devel-5.0-3.2.i586.rpm 18ad1553287682ad09b2412dd038c5c5
   ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/pcre-32bit-9.3-7.1.x86_64.rpm 0246d39b1aa7bbfa8872a4f841d2842f

SUSE Linux 9.2:
   ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/pcre-4.5-2.2.i586.rpm d1c4af6faceecbbc028c5c5b32cd46bd
   ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/pcre-devel-4.5-2.2.i586.rpm 276ecc193b12cf20e5ac1e2be2e9484c
   ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/pcre-32bit-9.2-200508260320.x86_64.rpm 107c8c3ac5218348e89cc5d6a235f34d

SUSE Linux 9.1:
   ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/pcre-4.4-109.4.i586.rpm 0330a3dd845c33bd460851e13abdcb01
   ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/pcre-devel-4.4-109.4.i586.rpm ca1722d18e465cce1e6be5fc69a97586
   ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/i586/pcre-32bit-9.1-200508261306.i586.rpm 2933451df49a408b53d9d2628fd74d38 source rpm(s):
   ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/pcre-4.4-109.4.src.rpm 131e5f816d7f9e6e8536416e574a2e07

SUSE Linux 9.0:
   ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/pcre-4.4-112.i586.rpm 7f6492b3fdd2e9cf9ff104c7ef366fd2
   ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/pcre-devel-4.4-112.i586.rpm c1e36f246764869a672f3e69c879a976
   ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/i586/pcre-32bit-9.0-5.i586.rpm 7e4d12f5af0bc2a68d21a8d72ccb1d37 source rpm(s):
   ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/pcre-4.4-112.src.rpm 367ad88cdd0c0ec060992312e96a9997

x86-64 Platform:

SUSE Linux 9.3:
   ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/pcre-5.0-3.2.x86_64.rpm 36c7d2b3713c27c79292a7637443a285
   ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/pcre-devel-5.0-3.2.x86_64.rpm db8e83e2867c3d2f713a43705b655ffe source rpm(s):
   ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/pcre-5.0-3.2.src.rpm b4d17fa6f1f4359196b04495a7d6fb19

SUSE Linux 9.2:
   ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/pcre-4.5-2.2.x86_64.rpm dcaeeb4225fb820c85927dd2104c9f9f
   ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/pcre-devel-4.5-2.2.x86_64.rpm bcbcb9ec334e1a8896ca29b3c10a5a72 source rpm(s):
   ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/pcre-4.5-2.2.src.rpm 096c4732ffd1c34e424ee62b86fcb741

SUSE Linux 9.1:
   ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/pcre-4.4-109.4.x86_64.rpm 167f6794525cdb24cc6d0fe16c7d3baf
   ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/pcre-devel-4.4-109.4.x86_64.rpm a1a105c4c60d7c2e0745d6d81b24afef source rpm(s):
   ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/pcre-4.4-109.4.src.rpm 4186754b93b1e2856d2dbb83be5fb6f5

SUSE Linux 9.0:
   ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/pcre-4.4-112.x86_64.rpm 0884bc87e09d1607e80d98ab7c898549
   ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/pcre-devel-4.4-112.x86_64.rpm a336cf08fe6b8e4818480304bd63cfb6 source rpm(s):
   ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/pcre-4.4-112.src.rpm 308b513ff579695f0292b881d7022f8f


5) Pending Vulnerabilities, Solutions, and Work-Arounds:

none


6) Authenticity Verification and Additional Information

  • Announcement authenticity verification:

    SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature.

    To verify the signature of the announcement, save it as text into a file and run the command

    gpg --verify <file>

    replacing <file> with the name of the file where you saved the announcement. The output for a valid signature looks like:

    gpg: Signature made <DATE> using RSA key ID 3D25D3D9
    gpg: Good signature from "SuSE Security Team <security@suse.de>"

    where <DATE> is replaced by the date the document was signed.

    If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command

    gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc

  • Package authenticity verification:

    SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with.

    There are two verification methods that can be used independently from each other to prove the authenticity of a downloaded file or RPM package:

    1. Using the internal gpg signatures of the rpm package
    2. MD5 checksums as provided in this announcement
    1. The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command

      rpm -v --checksig <file.rpm>

      to verify the signature of the package, replacing <file.rpm> with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build@suse.de with the key ID 9C800ACA. This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement.

    2. If you need an alternative means of verification, use the md5sum

      command to verify the authenticity of the packages. Execute the command

      md5sum <filename.rpm>

      after you downloaded the file from a SUSE FTP server or its mirrors. Then compare the resulting md5sum with the one that is listed in the SUSE security announcement. Because the announcement containing the checksums is cryptographically signed (by security@suse.de), the checksums show proof of the authenticity of the package if the signature of the announcement is valid. Note that the md5 sums published in the SUSE Security Announcements are valid for the respective packages only. Newer versions of these packages cannot be verified.

  • SUSE runs two security mailing lists to which any interested party may subscribe:

        suse-security@suse.com

    For general information or the frequently asked questions (FAQ), send mail to <suse-security-info@suse.com> or <suse-security-faq@suse.com>.


    SUSE's security contact is <security@suse.com> or <security@suse.de>. The <security@suse.de> public key is listed below.


The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text.

SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory.

Type Bits/KeyID Date User ID
pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security@suse.de>
pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build@suse.de>


SUSE Security Announcement

Package: php4, php5
Announcement ID: SUSE-SA:2005:049
Date: Tue, 30 Aug 2005 15:00:00 +0000
Affected Products: 9.0, 9.1, 9.2, 9.3 SUSE Linux Enterprise Server 8, 9
Vulnerability Type: remote code execution
Severity (1-10): 8
SUSE Default Package: yes
Cross-References: CAN-2005-2498 CAN-2005-2491

Content of This Advisory:

  1. Security Vulnerability Resolved: Pear::XML_RPC code injection problem, pcre integer overflow Problem Description
  2. Solution or Work-Around
  3. Special Instructions and Notes
  4. Package Location and Checksums
  5. Pending Vulnerabilities, Solutions, and Work-Arounds: See SUSE Security Summary Report.
  6. Authenticity Verification and Additional Information

1) Problem Description and Brief Discussion

This update fixes the following security issues in the PHP scripting language.

  • Bugs in the PEAR::XML_RPC library allowed remote attackers to pass arbitrary PHP code to the eval() function (CAN-2005-1921, CAN-2005-2498).

    The Pear::XML_RPC library is not used by default in SUSE Linux, but might be used by third-party PHP applications.

  • A integer overflow bug was found in the PCRE (perl compatible regular expression) library which could be used by an attacker to potentially execute code. (CAN-2005-2491)
2) Solution or Work-Around

Please install the updated packages.

3) Special Instructions and Notes

Make sure you restart the web server using PHP after the update.

4) Package Location and Checksums

The preferred method for installing security updates is to use the YaST Online Update (YOU) tool. YOU detects which updates are required and automatically performs the necessary steps to verify and install them. Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command

rpm -Fhv <file.rpm>

to apply the update, replacing <file.rpm> with the filename of the downloaded RPM package.

Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web.

x86 Platform:

SUSE Linux 9.3:
   ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/apache2-mod_php4-4.3.10-14.9.i586.rpm f4e6d7578b6ae62a0b49989a3be4ef4b
   ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/apache2-mod_php5-5.0.3-14.9.i586.rpm 79bb1fdc66068aba68a253d16a02f471
   ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/mod_php4-servlet-4.3.10-14.9.i586.rpm 08708573a0dee6ea412f7afc0d472244
   ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/php4-4.3.10-14.9.i586.rpm ffc0d7f665be377b1c9450f16d8b0b35
   ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/php4-devel-4.3.10-14.9.i586.rpm 44bbb9ec8f40b92030a591a718312ce1
   ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/php4-exif-4.3.10-14.9.i586.rpm 081168bede1cc4409c17fe71ea891f6e
   ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/php4-fastcgi-4.3.10-14.9.i586.rpm f6beca45181a6f92cba938b6b1009b39
   ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/php4-pear-4.3.10-14.9.i586.rpm c35765443f99ee337e8df8b54414ef74
   ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/php4-session-4.3.10-14.9.i586.rpm 9681a8e5dd6db224689d8e5dc6f07aff
   ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/php4-sysvshm-4.3.10-14.9.i586.rpm 9f18c0bce655a1eda2fa9db9cb703e68
   ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/php5-5.0.3-14.9.i586.rpm d39bb57b5df06dc64e3cc5cf484c030c
   ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/php5-devel-5.0.3-14.9.i586.rpm 514561227c94e8af808dfb9d47a8143a
   ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/php5-exif-5.0.3-14.9.i586.rpm a08670d24ea2af4e22425b9879804fa9
   ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/php5-fastcgi-5.0.3-14.9.i586.rpm 9c374d9ed218a85399d5a529f8f97417
   ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/php5-pear-5.0.3-14.9.i586.rpm 4cba59009162137d5e4a79f0c355ec15
   ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/php5-sysvmsg-5.0.3-14.9.i586.rpm a31dd5f81ebe25fc69b4a3a29321fed9
   ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/php5-sysvshm-5.0.3-14.9.i586.rpm 4b1cf3f9ccfc1f4a546f188768a54da2
   ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/php4-32bit-9.3-7.4.x86_64.rpm 4cddafbceded22b220e48542f6371337

SUSE Linux 9.2:
   ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/apache2-mod_php4-4.3.8-8.12.i586.rpm b5f30d4fcad5a1f8a3e5dfc9db519914
   ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/mod_php4-servlet-4.3.8-8.12.i586.rpm eed1a644b3908e719d81359b96ef4244
   ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/php4-4.3.8-8.12.i586.rpm 3a9fd735f7897fb97be921dee4afe850
   ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/php4-devel-4.3.8-8.12.i586.rpm 6145bf500d49378b1f7cd5441612ad92
   ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/php4-exif-4.3.8-8.12.i586.rpm 38c72905c9c47a6ab680faa781927020
   ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/php4-fastcgi-4.3.8-8.12.i586.rpm 8483c7ce1b73710f03120fb7cf009740
   ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/php4-pear-4.3.8-8.12.i586.rpm 202af06b5ee93fd667a7484d01c3089b
   ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/php4-session-4.3.8-8.12.i586.rpm 498f23a90eab4da6a06de67e44a84014
   ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/php4-sysvshm-4.3.8-8.12.i586.rpm 254f0ee5ac6d04f244a8cfd171fdff57
   ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/php4-32bit-9.2-200508260320.x86_64.rpm 528b00aeb3433f5829cd070a84cfeeb9

SUSE Linux 9.1:
   ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/apache2-mod_php4-4.3.4-43.41.i586.rpm 214e4ef40cb48c998342995cac9d04b8
   ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/mod_php4-core-4.3.4-43.41.i586.rpm f2d4e625ea55fa7ead3a754238ca7078
   ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/mod_php4-servlet-4.3.4-43.41.i586.rpm fabfae99a0462b49ec5f1109cd6820a9
   ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/php4-4.3.4-43.41.i586.rpm ca1aaef816f44495a90d4fb487a26524
   ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/php4-devel-4.3.4-43.41.i586.rpm 66fe3a880315e1de5d408a5dcaca3680
   ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/php4-exif-4.3.4-43.41.i586.rpm c21383cbc809a455c7eff45b8f533f52
   ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/php4-fastcgi-4.3.4-43.41.i586.rpm 21363ed91ae437ca66a97ba597c2529c
   ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/php4-imap-4.3.4-43.41.i586.rpm ebdd8e83894392f455f57f8bf96022ea
   ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/php4-mysql-4.3.4-43.41.i586.rpm f6bf0f02c69fe67d2b229000bb5c93de
   ftp://f