Linux Today - Advisories, February 1, 2006

Linux Today
Enterprise Linux Today
Apache Today
JustLinux.com
Linux Planet
PHPBuilder
All Linux Devices

Technology Jobs

LinuxToday Newsletters

Server Daily
IT Management Daily
Subscribe News
Subscribe PR
Subscribe Security

internet.com

Internet News
Small Business

Advertise
Newsletters
Tech Jobs
E-mail Offers

Current Newswire:

Malware devs embrace open-source

A tale of two distros: Ubuntu and Linux Mint

Raspberry Pi benchmarked against Beagleboard, low price is long term

20 popular Ubuntu Linux apps you may want to try

A Selection of the Very Best Open Source Tutorials and Tools

Android Ice Cream Sandwich ported to x86 tablets, netbooks and notebooks

SECURITY: Google Chrome 17 Improves Security

How to read a CSV file in Perl?

Red Hat Brings Gluster to Amazon Cloud

New Linux kernel fixes power-saving issues

Applications Management Engineer Sr (NYC)
Next Step Systems
US-NY-New York

Post A Job | Post A Resume

:Advisories, February 1, 2006

Advisories, February 1, 2006
Feb 2, 2006, 04 :45 UTC (0 Talkback[s]) (2745 reads)

Debian GNU/Linux

Debian Security Advisory DSA 961-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
February 1st, 2006 http://www.debian.org/security/faq

Package : pdfkit.framework
Vulnerability : buffer overflows
Problem type : remote
Debian-specific: no
CVE IDs : CVE-2005-3191 CVE-2005-3192 CVE-2005-3193 CVE-2005-3624 CVE-2005-3625 CVE-2005-3626 CVE-2005-3627 CVE-2005-3628

"infamous41md" and Chris Evans discovered several heap based buffer overflows in xpdf which are also present in pdfkit.framework, the GNUstep framework for rendering PDF content, and which can lead to a denial of service by crashing the application or possibly to the execution of arbitrary code.

The old stable distribution (woody) does not contain pdfkit.framework packages.

For the stable distribution (sarge) these problems have been fixed in version 0.8-2sarge1.

For the unstable distribution (sid) these problems will be fixed soon.

We recommend that you upgrade your pdfkit.framework package.

Upgrade Instructions

wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.1 alias sarge

Source archives:

    http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge1.dsc
      Size/MD5 checksum: 725 67fb49e4f05a6eef25396d23ca0baacd
    http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge1.diff.gz
      Size/MD5 checksum: 5699 61578e6e26adf73639b464210830896b
    http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8.orig.tar.gz
      Size/MD5 checksum: 1780533 7676643ff78a0602c10bfb97fe0bd448

Alpha architecture:

http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge1_alpha.deb
Size/MD5 checksum: 1821874 8fe74b91409115b4547ba273501e8f79

AMD64 architecture:

http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge1_amd64.deb
Size/MD5 checksum: 1796698 c6f96adecd322a60d77379d1513b26dc

ARM architecture:

http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge1_arm.deb
Size/MD5 checksum: 1756056 8632f1ef914df5fcc3b6c3f6dc9ce459

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge1_i386.deb
Size/MD5 checksum: 1750384 f000dee97e83dbe85941c1305e689ef2

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge1_ia64.deb
Size/MD5 checksum: 1980936 dce8ad12b1ce0e5e097c51243c68f749

HP Precision architecture:

http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge1_hppa.deb
Size/MD5 checksum: 1862404 b4b0d1a421d02987330502e4a653e6a9

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge1_m68k.deb
Size/MD5 checksum: 1785734 1c14679aba2cd8cd8bf7aabd42db1cf6

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge1_mips.deb
Size/MD5 checksum: 1769138 6600cf166ba6ced0b6c067338f9565c1

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge1_mipsel.deb
Size/MD5 checksum: 1754778 0539c52303cf950f3ea66f78eb875449

PowerPC architecture:

http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge1_powerpc.deb
Size/MD5 checksum: 1770876 a8098242afc68c1dfd0c2141f95d88f5

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge1_s390.deb
Size/MD5 checksum: 1804716 88af5f5ab641839eac628f9dd36e4509

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge1_sparc.deb
Size/MD5 checksum: 1779964 c07986d5367f97f1598d7e2d592fdc40

These files will probably be moved into the stable distribution on its next update.

Debian Security Advisory DSA 962-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
February 1st, 2006 http://www.debian.org/security/faq

Package : pdftohtml
Vulnerability : buffer overflows
Problem type : remote
Debian-specific: no
CVE IDs : CVE-2005-3191 CVE-2005-3192 CVE-2005-3193 CVE-2005-3624 CVE-2005-3625 CVE-2005-3626 CVE-2005-3627 CVE-2005-3628

"infamous41md" and Chris Evans discovered several heap based buffer overflows in xpdf which are also present in pdftohtml, a utility that translates PDF documents into HTML format, and which can lead to a denial of service by crashing the application or possibly to the execution of arbitrary code.

The old stable distribution (woody) does not contain pdftohtml packages.

For the stable distribution (sarge) these problems have been fixed in version 0.36-11sarge1.

For the unstable distribution (sid) these problems will be fixed soon.

We recommend that you upgrade your pdftohtml package.

Upgrade Instructions

wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.1 alias sarge

Source archives:

    http://security.debian.org/pool/updates/main/p/pdftohtml/pdftohtml_0.36-11sarge1.dsc
      Size/MD5 checksum: 602 c7095f7045d69bcebca90ade3f62a9a4
    http://security.debian.org/pool/updates/main/p/pdftohtml/pdftohtml_0.36-11sarge1.diff.gz
      Size/MD5 checksum: 11388 17672ff97722b502d4d5b3ab804401e3
    http://security.debian.org/pool/updates/main/p/pdftohtml/pdftohtml_0.36.orig.tar.gz
      Size/MD5 checksum: 300922 75ad095bb51e1f66c9f7691e6af12f44

Alpha architecture:

http://security.debian.org/pool/updates/main/p/pdftohtml/pdftohtml_0.36-11sarge1_alpha.deb
Size/MD5 checksum: 313926 ec897e4a81702159e516e823317e8652

AMD64 architecture:

http://security.debian.org/pool/updates/main/p/pdftohtml/pdftohtml_0.36-11sarge1_amd64.deb
Size/MD5 checksum: 259576 de188540a99fb893584e2c9a2f1c0e41

ARM architecture:

http://security.debian.org/pool/updates/main/p/pdftohtml/pdftohtml_0.36-11sarge1_arm.deb
Size/MD5 checksum: 266372 93821a971df9623124f68216c541f307

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/p/pdftohtml/pdftohtml_0.36-11sarge1_i386.deb
Size/MD5 checksum: 253790 45b7b46b375e72507ebdf83b609b9bd3

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/p/pdftohtml/pdftohtml_0.36-11sarge1_ia64.deb
Size/MD5 checksum: 374010 a64d9a344341b8ff8f88ceba02a2481e

HP Precision architecture:

http://security.debian.org/pool/updates/main/p/pdftohtml/pdftohtml_0.36-11sarge1_hppa.deb
Size/MD5 checksum: 330128 4ccc9307617411979efbca1d594f463b

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/p/pdftohtml/pdftohtml_0.36-11sarge1_m68k.deb
Size/MD5 checksum: 234598 e14153061b6f573e619f9dbd76bfbda8

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/p/pdftohtml/pdftohtml_0.36-11sarge1_mips.deb
Size/MD5 checksum: 311310 067a76c99fd6f144f7c75613b37493c7

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/p/pdftohtml/pdftohtml_0.36-11sarge1_mipsel.deb
Size/MD5 checksum: 307086 9890b5cec47e5e8e8ae4a9442c326253

PowerPC architecture:

http://security.debian.org/pool/updates/main/p/pdftohtml/pdftohtml_0.36-11sarge1_powerpc.deb
Size/MD5 checksum: 269364 9f345aa5ef3480b3d4591eeb4071bfa7

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/p/pdftohtml/pdftohtml_0.36-11sarge1_s390.deb
Size/MD5 checksum: 242284 4eb6779646c115bfe6ca7e7baaaaaec8

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/p/pdftohtml/pdftohtml_0.36-11sarge1_sparc.deb
Size/MD5 checksum: 245330 7dbf6432f1cc0a2e6d9b42ffa80b588f

These files will probably be moved into the stable distribution on its next update.

For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

Red Hat Linux

Red Hat Security Advisory

Synopsis: Important: kernel security update
Advisory ID: RHSA-2006:0190-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0190.html
Issue date: 2006-02-01
Updated on: 2006-02-01
Product: Red Hat Enterprise Linux
CVE Names: CVE-2002-2185 CVE-2004-1058 CVE-2004-1073 CVE-2005-0400 CVE-2005-0815 CVE-2005-2458 CVE-2005-2708 CVE-2005-2709 CVE-2005-2973 CVE-2005-3180 CVE-2005-3274 CVE-2005-3275 CVE-2005-3806

1. Summary:

Updated kernel packages that fix a number of security issues as well as other bugs are now available for Red Hat Enterprise Linux 2.1 (64 bit architectures).

This security advisory has been rated as having important security impact by the Red Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - ia64 Red Hat Linux Advanced Workstation 2.1 - ia64

3. Problem description:

The Linux kernel handles the basic functions of the operating system.

These new kernel packages contain fixes for the security issues described below:

a flaw in network IGMP processing that a allowed a remote user on the local network to cause a denial of service (disabling of multicast reports) if the system is running multicast applications (CVE-2002-2185, moderate)
a race condition that allowed local users to read the environment variables of another process (CVE-2004-1058, low)
a flaw in the open_exec function of execve that allowed a local user to read setuid ELF binaries that should otherwise be protected by standard permissions. (CVE-2004-1073, moderate). Red Hat originally reported this flaw as being fixed by RHSA-2004:504, but a patch for this issue was missing from that update.
a potential leak of kernel data from ext2 file system handling (CVE-2005-0400, low)
flaws in ISO-9660 file system handling that allowed the mounting of an invalid image on a CD-ROM to cause a denial of service (crash) or potentially execute arbitrary code (CVE-2005-0815, moderate)
a flaw in gzip/zlib handling internal to the kernel that may allow a local user to cause a denial of service (crash) (CVE-2005-2458, low)
a flaw in exec() handling on some 64-bit architectures that allowed a local user to cause a denial of service (crash) (CVE-2005-2708, important)
a flaw in procfs handling during unloading of modules that allowed a local user to cause a denial of service or potentially gain privileges (CVE-2005-2709, moderate)
a flaw in IPv6 network UDP port hash table lookups that allowed a local user to cause a denial of service (hang) (CVE-2005-2973, important)
a network buffer info leak using the orinoco driver that allowed a remote user to possibly view uninitialized data (CVE-2005-3180, important)
a race condition affecting SMP systems that allowed a local user to cause a denial of service (crash) (CVE-2005-3274, important)
a flaw in IPv4 network TCP and UDP netfilter handling that allowed a local user to cause a denial of service (crash) (CVE-2005-3275, important)
a flaw in the IPv6 flowlabel code that allowed a local user to cause a denial of service (crash) (CVE-2005-3806, important)

The following bugs were also addressed:

Handle set_brk() errors in binfmt_elf
Correct scsi error return

All Red Hat Enterprise Linux 2.1 users are advised to upgrade their kernels to the packages associated with their machine architectures and configurations as listed in this erratum.

4. Solution:

Before applying this update, make sure all previously released errata relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/):

133117 - CVE-2004-1058 /proc/<PID>/cmdline information disclosure
144172 - binfmt_aout DoS
152402 - CVE-2005-0400 ext2 mkdir() directory entry random kernel memory leak (ipf)
152408 - CVE-2005-0815 isofs range checking flaws (ipf)
152554 - CVE-2004-1073 looks unfixed in RHEL2.1-ia64
165681 - CVE-2005-2458 gzip/zlib flaws (ipf)
168313 - CVE-2005-2708 user code panics kernel in exec.c
168927 - CVE-2005-2709 More sysctl flaws (ipf)
170279 - CVE-2005-3180 orinoco driver information leakage (ipf)
170775 - CVE-2005-2973 ipv6 infinite loop - ipf
171385 - CVE-2005-3274 ip_vs_conn_flush race
171388 - CVE-2005-3275 NAT DoS (ipf)
174083 - CVE-2005-3806 ipv6 DOS (ipf)
174810 - CVE-2002-2185 IGMP DoS (ipf)

6. RPMs required:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/kernel-2.4.18-e.61.src.rpm
18fcaf89b8220a46e56a68fc3a2075b3 kernel-2.4.18-e.61.src.rpm

ia64:
ee967c6080a5b77039b6fa61a8464e0d kernel-2.4.18-e.61.ia64.rpm
30656fcfaaf8ad481384a7e96a62f438 kernel-doc-2.4.18-e.61.ia64.rpm
27e92933a580dfe66e24bf28f420af80 kernel-smp-2.4.18-e.61.ia64.rpm
62e72c6adf63c8a551da0a2907e754bd kernel-source-2.4.18-e.61.ia64.rpm

Red Hat Linux Advanced Workstation 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/kernel-2.4.18-e.61.src.rpm
18fcaf89b8220a46e56a68fc3a2075b3 kernel-2.4.18-e.61.src.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package

7. References:

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact/

Red Hat Security Advisory

Synopsis: Important: kernel security update
Advisory ID: RHSA-2006:0191-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0191.html
Issue date: 2006-02-01
Updated on: 2006-02-01
Product: Red Hat Enterprise Linux
CVE Names: CVE-2002-2185 CVE-2004-1058 CVE-2004-1073 CVE-2005-0124 CVE-2005-0400 CVE-2005-0815 CVE-2005-2458 CVE-2005-2709 CVE-2005-2973 CVE-2005-3180 CVE-2005-3275 CVE-2005-3806

1. Summary:

Updated kernel packages that fix a number of security issues as well as other bugs are now available for Red Hat Enterprise Linux 2.1 (32 bit architectures)

This security advisory has been rated as having important security impact by the Red Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386

3. Problem description:

The Linux kernel handles the basic functions of the operating system.

These new kernel packages contain fixes for the security issues described below:

a flaw in network IGMP processing that a allowed a remote user on the local network to cause a denial of service (disabling of multicast reports) if the system is running multicast applications (CVE-2002-2185, moderate)
a race condition that allowed local users to read the environment variables of another process (CVE-2004-1058, low)
a flaw in the open_exec function of execve that allowed a local user to read setuid ELF binaries that should otherwise be protected by standard permissions. (CVE-2004-1073, moderate). Red Hat originally reported this flaw as being fixed by RHSA-2004:504, but a patch for this issue was missing from that update.
a flaw in the coda module that allowed a local user to cause a denial of service (crash) or possibly gain privileges (CVE-2005-0124, moderate)
a potential leak of kernel data from ext2 file system handling (CVE-2005-0400, low)
flaws in ISO-9660 file system handling that allowed the mounting of an invalid image on a CD-ROM to cause a denial of service (crash) or potentially execute arbitrary code (CVE-2005-0815, moderate)
a flaw in gzip/zlib handling internal to the kernel that may allow a local user to cause a denial of service (crash) (CVE-2005-2458, low)
a flaw in procfs handling during unloading of modules that allowed a local user to cause a denial of service or potentially gain privileges (CVE-2005-2709, moderate)
a flaw in IPv6 network UDP port hash table lookups that allowed a local user to cause a denial of service (hang) (CVE-2005-2973, important)
a network buffer info leak using the orinoco driver that allowed a remote user to possibly view uninitialized data (CVE-2005-3180, important)
a flaw in IPv4 network TCP and UDP netfilter handling that allowed a local user to cause a denial of service (crash) (CVE-2005-3275, important)
a flaw in the IPv6 flowlabel code that allowed a local user to cause a denial of service (crash) (CVE-2005-3806, important)

The following bugs were also addressed:

Handle set_brk() errors in binfmt_elf/aout
Correct error handling in shmem_ioctl
Correct scsi error return
Fix netdump time keeping bug
Fix netdump link-down freeze
Fix FAT fs deadlock

All Red Hat Enterprise Linux 2.1 users are advised to upgrade their kernels to the packages associated with their machine architectures and configurations as listed in this erratum.

4. Solution:

Before applying this update, make sure all previously released errata relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/):

133115 - CVE-2004-1058 /proc/<PID>/cmdline information disclosure
137214 - netconsole freezes during printk() when output link not up
144155 - binfmt_aout DoS
146081 - CVE-2005-0124 Coverity: coda fs flaw
152401 - CVE-2005-0400 ext2 mkdir() directory entry random kernel memory leak
152407 - CVE-2005-0815 isofs range checking flaws
152553 - CVE-2004-1073 looks unfixed in RHEL2.1
165682 - CVE-2005-2458 gzip/zlib flaws
168926 - CVE-2005-2709 More sysctl flaws
170280 - CVE-2005-3180 orinoco driver information leakage
170777 - CVE-2005-2973 ipv6 infinite loop
171387 - CVE-2005-3275 NAT DoS
174085 - CVE-2005-3806 ipv6 DOS
174811 - CVE-2002-2185 IGMP DoS

6. RPMs required:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/kernel-2.4.9-e.68.src.rpm
31a7a8bf00a649471f351e4c8527793d kernel-2.4.9-e.68.src.rpm

i386:
65d2bb250a3647ca0042aeb1963a30b8 kernel-2.4.9-e.68.athlon.rpm
5df6d6315fab4e0bccc72f3e3b848e80 kernel-2.4.9-e.68.i686.rpm
b5161ec68ef49c692a791815f8addce1 kernel-BOOT-2.4.9-e.68.i386.rpm
6862bc8e59b6d764525a095492849e75 kernel-debug-2.4.9-e.68.i686.rpm
fd8225c7d253bc954042421e8190b79b kernel-doc-2.4.9-e.68.i386.rpm
a0d9c5c91191994d754c00e9422b052a kernel-enterprise-2.4.9-e.68.i686.rpm
9b34d912bded4d839a717acec5437776 kernel-headers-2.4.9-e.68.i386.rpm
e26872f9afdf55393554a7753717d58a kernel-smp-2.4.9-e.68.athlon.rpm
dce34945223d1b037aab1dbc2bc19a1f kernel-smp-2.4.9-e.68.i686.rpm
9fbcbe7084d697a330f502c4749be39a kernel-source-2.4.9-e.68.i386.rpm
5e067e3c643f50e4155f2b31e340c5ca kernel-summit-2.4.9-e.68.i686.rpm

Red Hat Enterprise Linux ES version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/kernel-2.4.9-e.68.src.rpm
31a7a8bf00a649471f351e4c8527793d kernel-2.4.9-e.68.src.rpm

i386:
65d2bb250a3647ca0042aeb1963a30b8 kernel-2.4.9-e.68.athlon.rpm
5df6d6315fab4e0bccc72f3e3b848e80 kernel-2.4.9-e.68.i686.rpm
b5161ec68ef49c692a791815f8addce1 kernel-BOOT-2.4.9-e.68.i386.rpm
6862bc8e59b6d764525a095492849e75 kernel-debug-2.4.9-e.68.i686.rpm
fd8225c7d253bc954042421e8190b79b kernel-doc-2.4.9-e.68.i386.rpm
9b34d912bded4d839a717acec5437776 kernel-headers-2.4.9-e.68.i386.rpm
e26872f9afdf55393554a7753717d58a kernel-smp-2.4.9-e.68.athlon.rpm
dce34945223d1b037aab1dbc2bc19a1f kernel-smp-2.4.9-e.68.i686.rpm
9fbcbe7084d697a330f502c4749be39a kernel-source-2.4.9-e.68.i386.rpm

Red Hat Enterprise Linux WS version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/kernel-2.4.9-e.68.src.rpm
31a7a8bf00a649471f351e4c8527793d kernel-2.4.9-e.68.src.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package

7. References:

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact/

Red Hat Security Advisory

Synopsis: Moderate: gd security update
Advisory ID: RHSA-2006:0194-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0194.html
Issue date: 2006-02-01
Updated on: 2006-02-01
Product: Red Hat Enterprise Linux
CVE Names: CVE-2004-0941

1. Summary:

Updated gd packages that fix several buffer overflow flaws are now available.

This update has been rated as having moderate security impact by the Red Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Problem description:

The gd package contains a graphics library used for the dynamic creation of images such as PNG and JPEG.

Several buffer overflow flaws were found in the way gd allocates memory. An attacker could create a carefully crafted image that could execute arbitrary code if opened by a victim using a program linked against the gd library. The Common Vulnerabilities and Exposures project (cve.mitre.org/) assigned the name CVE-2004-0941 to these issues.

Users of gd should upgrade to these updated packages, which contain a backported patch and is not vulnerable to these issues.

4. Solution:

Before applying this update, make sure all previously released errata relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/):

175413 - CVE-2004-0941 additional overflows in gd

6. RPMs required:

Red Hat Enterprise Linux AS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/gd-2.0.28-4.4E.1.src.rpm
0e1bd5cb5215e65a7120b82132ac6b9e gd-2.0.28-4.4E.1.src.rpm

i386:
884d6670cd82e39db34c684616dea78c gd-2.0.28-4.4E.1.i386.rpm
999a383add1284e00cc25185fae78008 gd-devel-2.0.28-4.4E.1.i386.rpm
df53c01e62afb6e14d5b8299b68836b0 gd-progs-2.0.28-4.4E.1.i386.rpm