Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


Top White Papers

  • Corporate e-Learning technology has a long and diverse pedigree. As far back as the 1980s, companies were adopting computer-based training to supplement...
    Download

  • A global data storage provider whose business is booming needed a best-in-class data center to serve as the backbone of its technical operations going...
    Download

More on LinuxToday


Advisories, June 5, 2006

Jun 06, 2006, 04:45 (0 Talkback[s])

Slackware Linux

[slackware-security] mysql (SSA:2006-155-01)

New mysql packages are available for Slackware 9.1, 10.0, 10.1, 10.2 and -current to fix security issues.

The MySQL packages shipped with Slackware 9.1, 10.0, and 10.1 may possibly leak sensitive information found in uninitialized memory to authenticated users. This is fixed in the new packages, and was already patched in Slackware 10.2 and -current. Since the vulnerabilities require a valid login and/or access to the database server, the risk is moderate. Slackware does not provide network access to a MySQL database by default.

More details about the issues may be found in the Common Vulnerabilities and Exposures (CVE) database. Fixes that affect Slackware 9.1, 10.0, and 10.1:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1516
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1517

The MySQL packages in Slackware 10.2 and -current have been upgraded to MySQL 4.1.20 (Slackware 10.2) and MySQL 5.0.22 (Slackware -current) to fix an SQL injection vulnerability.

For more details, see the MySQL 4.1.20 release announcement here:
http://lists.mysql.com/announce/364
And the MySQL 5.0.22 release announcement here:
http://lists.mysql.com/announce/365
The CVE entry for this issue can be found here:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2753

Here are the details from the Slackware 10.1 ChangeLog:
+--------------------------+
patches/packages/mysql-4.0.27-i486-1_slack10.1.tgz:
Upgraded to mysql-4.0.27.
This fixes some minor security issues with possible information leakage. Note that the information leakage bugs require that the attacker have access to an account on the database. Also note that by default, Slackware's rc.mysqld script does not allow access to the database through the outside network (it uses the --skip-networking option). If you've enabled network access to MySQL, it is a good idea to filter the port (3306) to prevent access from unauthorized machines. For more details, see the MySQL 4.0.27 release announcement here:
http://lists.mysql.com/announce/359
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1516
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1517
(* Security fix *)
+--------------------------+

Here are the details from the Slackware 10.2 ChangeLog:
+--------------------------+
patches/packages/mysql-4.1.20-i486-1_slack10.2.tgz:
Upgraded to mysql-4.1.20. This fixes an SQL injection vulnerability. For more details, see the MySQL 4.1.20 release announcement here:
http://lists.mysql.com/announce/364
The CVE entry for this issue will be found here:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2753 +--------------------------+

Where to find the new packages:

HINT: Getting slow download speeds from ftp ftp.slackware.com?
Give slackware.osuosl.org/ a try. This is another primary FTP site for Slackware that can be considerably faster than downloading from ftp.slackware.com/.

Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating additional FTP and rsync hosting to the Slackware project! :-)

Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.

Updated package for Slackware 9.1:
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/mysql-4.0.27-i486-1_slack9.1.tgz

Updated package for Slackware 10.0:
ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/mysql-4.0.27-i486-1_slack10.0.tgz

Updated package for Slackware 10.1:
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/mysql-4.0.27-i486-1_slack10.1.tgz

Updated package for Slackware 10.2:
ftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/mysql-4.1.20-i486-1_slack10.2.tgz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/ap/mysql-5.0.22-i486-1.tgz

MD5 signatures:

Slackware 9.1 package:
eea73f16715c07de52701b67f037e7ab mysql-4.0.27-i486-1_slack9.1.tgz

Slackware 10.0 package:
6afab2cdd09adf4b4f822db6c74b167e mysql-4.0.27-i486-1_slack10.0.tgz

Slackware 10.1 package:
cbe2044d3b75606de6f3796d607e7c0a mysql-4.0.27-i486-1_slack10.1.tgz

Slackware 10.2 package:
249bc3f4610cbedf8b0a6fc64c28c53f mysql-4.1.20-i486-1_slack10.2.tgz

Slackware -current package:
af1829c54b901bc01fcd269f27580b21 mysql-5.0.22-i486-1.tgz

Installation instructions:

Upgrade the package as root:
# upgradepkg mysql-4.1.20-i486-1_slack10.2.tgz

Then, restart the database server:
# sh /etc/rc.d/rc.mysqld restart

+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

[slackware-security] firefox/thunderbird/seamonkey (SSA:2006-155-02)

New Firefox and Thunderbird packages are available for Slackware 10.2 and -current to fix security issues. In addition, a new Seamonkey package is available for Slackware -current to fix similar issues.

More details about the issues may be found here:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird
http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey

Here are the details from the Slackware 10.2 ChangeLog:
+--------------------------+
patches/packages/mozilla-firefox-1.5.0.4-i686-1.tgz:
Upgraded to firefox-1.5.0.4.
This upgrade fixes several possible security bugs.
For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
(* Security fix *)
patches/packages/mozilla-thunderbird-1.5.0.4-i686-1.tgz:
Upgraded to thunderbird-1.5.0.4.
This upgrade fixes several possible security bugs.
For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird
(* Security fix *)
+--------------------------+

Where to find the new packages:

HINT: Getting slow download speeds from ftp ftp.slackware.com?
Give slackware.osuosl.org/ a try. This is another primary FTP site for Slackware that can be considerably faster than downloading from ftp.slackware.com/.

Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating additional FTP and rsync hosting to the Slackware project! :-)

Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.

Updated packages for Slackware 10.2:
ftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/mozilla-firefox-1.5.0.4-i686-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/mozilla-thunderbird-1.5.0.4-i686-1.tgz

Updated packages for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/mozilla-firefox-1.5.0.4-i686-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/mozilla-thunderbird-1.5.0.4-i686-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/seamonkey-1.0.2-i486-1.tgz

MD5 signatures:

Slackware 10.2 packages:
1667241a69911f4919016f9e6cb17097 mozilla-firefox-1.5.0.4-i686-1.tgz
ffa2cad209260311bcbff709e77497e9 mozilla-thunderbird-1.5.0.4-i686-1.tgz

Slackware -current packages:
887c9bcba15a5f5285157f0caf9c35e2 mozilla-firefox-1.5.0.4-i686-1.tgz
37ae894879612b0123b132e1ac4f2b42 mozilla-thunderbird-1.5.0.4-i686-1.tgz
22d654319fc13528a92f0efcdc2490fb seamonkey-1.0.2-i486-1.tgz

Installation instructions:

Upgrade the packages as root:
# upgradepkg mozilla-firefox-1.5.0.4-i686-1.tgz mozilla-thunderbird-1.5.0.4-i686-1.tgz

And for Slackware -current:
# upgradepkg seamonkey-1.0.2-i486-1.tgz

+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

Trustix Secure Linux


Trustix Secure Linux Security Advisory #2006-0032

Package names: kernel, postgresql
Summary: Multiple vulnerabilities
Date: 2006-06-05
Affected versions: Trustix Secure Linux 2.2< Trustix Secure Linux 3.0 Trustix Operating System - Enterprise Server 2


Package description:
kernel
The kernel package contains the Linux kernel (vmlinuz), the core of your Trustix Secure Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc.

postgresql
PostgreSQL is an advanced Object-Relational database management system (DBMS) that supports almost all SQL constructs (including transactions, subselects and user-defined types and functions). The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DBMS server. These PostgreSQL client programs are programs that directly manipulate the internal structure of PostgreSQL databases on a PostgreSQL server. These client programs can be located on the same machine with the PostgreSQL server, or may be on a remote machine which accesses a PostgreSQL server over a network connection. This package contains the docs in HTML for the whole package, as well as command-line utilities for managing PostgreSQL databases on a PostgreSQL server.

Problem description:
kernel < TSL 3.0 >

  • New Upstream.
  • SECURITY Fix: Pavel Kankovsky discovered that the getsockopt() function, when called with an SO_ORIGINAL_DST argument, does not properly clear the returned structure, so that a random piece of kernel memory is exposed to the user. This could potentially reveal sensitive data like passwords or encryption keys.

The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name CVE-2006-1343 to this issue.

postgresql < TSL 3.0 > < TSL 2.2 > < TSEL 2 >

  • New Upstream.
  • SECURITY Fix: Akio Ishida and Yasuo Ohgaki have reported vulnerabilities in PostgreSQL, which potentially can be exploited by malicious people to conduct SQL injection attacks.
  • The first issue is due to an input validation error when handling a parameter containing invalidly-encoded multibyte characters, which could be exploited by malicious people to bypass standard string-escaping methods and conduct SQL injection attacks via a supposedly secure script.
  • The second issue is due to an error when escaping ASCII single quote "'" characters and operating in multibyte encodings that allow using the "0x5c" ASCII code (backslash) as the trailing byte of a multibyte character, which could be exploited by attackers to inject arbitrary SQL queries.

The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the names CVE-2006-2313 and CVE-2006-2314 to these issues.

Action:
We recommend that all systems with this package installed be upgraded. Please note that if you do not need the functionality provided by this package, you may want to remove it from your system.

Location:
All Trustix Secure Linux updates are available from <URI:http://http.trustix.org/pub/trustix/updates/> <URI:ftp://ftp.trustix.org/pub/trustix/updates/>

About Trustix Secure Linux:
Trustix Secure Linux is a small Linux distribution for servers. With focus on security and stability, the system is painlessly kept safe and up to date from day one using swup, the automated software updater.

Automatic updates:
Users of the SWUP tool can enjoy having updates automatically installed using 'swup --upgrade'.

Questions?
Check out our mailing lists:
<URI:http://www.trustix.org/support/>

Verification:
This advisory along with all Trustix packages are signed with the TSL sign key.
This key is available from:
<URI:http://www.trustix.org/TSL-SIGN-KEY>

The advisory itself is available from the errata pages at
<URI:http://www.trustix.org/errata/trustix-2.2/> and
<URI:http://www.trustix.org/errata/trustix-3.0/>
or directly at
<URI:http://www.trustix.org/errata/2006/0032/>

MD5sums of the packages:


121d183196f68f2cf0103f3633bb20c6 3.0/rpms/kernel-2.6.16.19-1tr.i586.rpm
9ed54909e98391d7b186a82faf51bd60 3.0/rpms/kernel-doc-2.6.16.19-1tr.i586.rpm
9d4639a8e76244bbe32418e09a714173 3.0/rpms/kernel-headers-2.6.16.19-1tr.i586.rpm
fc5fbb21717f9aae313837d25f30a1e2 3.0/rpms/kernel-smp-2.6.16.19-1tr.i586.rpm
7b05468af17a0f85c0f00491acba4b29 3.0/rpms/kernel-smp-headers-2.6.16.19-1tr.i586.rpm
91ee589decd8b3a59ed3d2bcdb92679e 3.0/rpms/kernel-source-2.6.16.19-1tr.i586.rpm
c4cb02088d94c56a1b651f35a282af38 3.0/rpms/kernel-utils-2.6.16.19-1tr.i586.rpm
e17cebe683877da8bf30eb623dc253b9 3.0/rpms/postgresql-8.0.8-1tr.i586.rpm
950f2cb976a8ff0dd2c6d70256133d9c 3.0/rpms/postgresql-contrib-8.0.8-1tr.i586.rpm
a50d9d2df08b4e7ac72c6478a2a43618 3.0/rpms/postgresql-devel-8.0.8-1tr.i586.rpm
7d2cc5c1426db73d740e87dd93b4e760 3.0/rpms/postgresql-docs-8.0.8-1tr.i586.rpm
227dade49aeb6e0abe404ef576a4f583 3.0/rpms/postgresql-libs-8.0.8-1tr.i586.rpm
b4036f0a5450324187ed2f60523a40ee 3.0/rpms/postgresql-plperl-8.0.8-1tr.i586.rpm
dba05d0337f9e58669fd32fbf649cc0d 3.0/rpms/postgresql-python-8.0.8-1tr.i586.rpm
137ddd05f7dab3132621a8692dc7972d 3.0/rpms/postgresql-server-8.0.8-1tr.i586.rpm
b26364b4ce735d71a8270546abe120f3 3.0/rpms/postgresql-test-8.0.8-1tr.i586.rpm
0b1e0479135bed99d63897eacd2a78f0 2.2/rpms/postgresql-8.0.8-1tr.i586.rpm
843397887082044cde3a5854a65f392e 2.2/rpms/postgresql-contrib-8.0.8-1tr.i586.rpm
74e6e516a27734fa9547abe30d78b26c 2.2/rpms/postgresql-devel-8.0.8-1tr.i586.rpm
6b63e60bdc3617150a3f579dd660d20e 2.2/rpms/postgresql-docs-8.0.8-1tr.i586.rpm
2abc3b93aea9a0f83484e44b5cb0b50e 2.2/rpms/postgresql-libs-8.0.8-1tr.i586.rpm
49d10191fca0468cf1c05125e5b9b9fb 2.2/rpms/postgresql-plperl-8.0.8-1tr.i586.rpm
efe2ca04380d377e4c5a5b76e6e469ad 2.2/rpms/postgresql-python-8.0.8-1tr.i586.rpm
a9a537c752b145d160859ba950666562 2.2/rpms/postgresql-server-8.0.8-1tr.i586.rpm
7a434f65a08759a9d834cd28e86e14ca 2.2/rpms/postgresql-test-8.0.8-1tr.i586.rpm