dcsimg
Linux Today: Linux News On Internet Time.




More on LinuxToday


Advisories, May 19, 2005

May 20, 2005, 04:45 (0 Talkback[s])

Debian GNU/Linux


Debian Security Advisory DSA 725-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
May 19th, 2005 http://www.debian.org/security/faq


Package : ppxp
Vulnerability : missing privilege release
Problem-Type : local
Debian-specific: no
CVE ID : CAN-2005-0392

Jens Steube discovered that ppxp, yet another PPP program, does not release root privileges when opening potentially user supplied log files. This can be tricked into opening a root shell.

For the stable distribution (woody) this problem has been fixed in version 0.2001080415-6woody1.

For the unstable distribution (sid) this problem has been fixed in version 0.2001080415-11.

We recommend that you upgrade your ppxp package.

Upgrade Instructions


wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody


Source archives:

http://security.debian.org/pool/updates/main/p/ppxp/ppxp_0.2001080415-6woody2.dsc
Size/MD5 checksum: 706 964d29fc5c29b87e0aa86d4166dcdfa5
http://security.debian.org/pool/updates/main/p/ppxp/ppxp_0.2001080415-6woody2.diff.gz
Size/MD5 checksum: 8253 3595338ba6d14102c827fecd776d4c11
http://security.debian.org/pool/updates/main/p/ppxp/ppxp_0.2001080415.orig.tar.gz
Size/MD5 checksum: 426444 35dc6007ee4eafa9685f5e1e695a1464

Alpha architecture:

http://security.debian.org/pool/updates/main/p/ppxp/ppxp_0.2001080415-6woody2_alpha.deb
Size/MD5 checksum: 264352 d4bd9bced5e4dc7fa17196a310b5e557
http://security.debian.org/pool/updates/main/p/ppxp/ppxp-dev_0.2001080415-6woody2_alpha.deb
Size/MD5 checksum: 57274 a4313923dbd89b22e9698d654b091a2c
http://security.debian.org/pool/updates/main/p/ppxp/ppxp-tcltk_0.2001080415-6woody2_alpha.deb
Size/MD5 checksum: 61554 1a1c1ce48b78c56fc30ac934d3d03415
http://security.debian.org/pool/updates/main/p/ppxp/ppxp-x11_0.2001080415-6woody2_alpha.deb
Size/MD5 checksum: 71538 5d5114a8c44791daabc9a83c68137bc9

ARM architecture:

http://security.debian.org/pool/updates/main/p/ppxp/ppxp_0.2001080415-6woody2_arm.deb
Size/MD5 checksum: 221798 6152fd047000bb95d4a190bb6379b0b3
http://security.debian.org/pool/updates/main/p/ppxp/ppxp-dev_0.2001080415-6woody2_arm.deb
Size/MD5 checksum: 48290 5f6df1deda8f29283e205fae5766a899
http://security.debian.org/pool/updates/main/p/ppxp/ppxp-tcltk_0.2001080415-6woody2_arm.deb
Size/MD5 checksum: 57450 df72503ab14df19a597892c56e3932d5
http://security.debian.org/pool/updates/main/p/ppxp/ppxp-x11_0.2001080415-6woody2_arm.deb
Size/MD5 checksum: 60872 27899fde9424dfac635db9769c004433

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/p/ppxp/ppxp_0.2001080415-6woody2_i386.deb
Size/MD5 checksum: 213140 89cb35820dd2f6d249acece5dbfd0fd9
http://security.debian.org/pool/updates/main/p/ppxp/ppxp-dev_0.2001080415-6woody2_i386.deb
Size/MD5 checksum: 46656 bb3d151b9171d4ee00399cebf58c16b7
http://security.debian.org/pool/updates/main/p/ppxp/ppxp-tcltk_0.2001080415-6woody2_i386.deb
Size/MD5 checksum: 56492 20bd9052ec7241fa8affa417c8ebe8ce
http://security.debian.org/pool/updates/main/p/ppxp/ppxp-x11_0.2001080415-6woody2_i386.deb
Size/MD5 checksum: 58488 90e34feabbd50fc3624986d0fbaea456

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/p/ppxp/ppxp_0.2001080415-6woody2_ia64.deb
Size/MD5 checksum: 301726 d5e978bc304639a6433469dddb2331a3
http://security.debian.org/pool/updates/main/p/ppxp/ppxp-dev_0.2001080415-6woody2_ia64.deb
Size/MD5 checksum: 56466 91ce31c7568cc0a90ff2db609a1c0df4
http://security.debian.org/pool/updates/main/p/ppxp/ppxp-tcltk_0.2001080415-6woody2_ia64.deb
Size/MD5 checksum: 66850 c719a6205191021e3e1666f089366c56
http://security.debian.org/pool/updates/main/p/ppxp/ppxp-x11_0.2001080415-6woody2_ia64.deb
Size/MD5 checksum: 82930 91f5054797b5e06aa93fc6979f84aec1

HP Precision architecture:

http://security.debian.org/pool/updates/main/p/ppxp/ppxp_0.2001080415-6woody2_hppa.deb
Size/MD5 checksum: 241370 b3dd820d17dcbebf08c0db6832ee2794
http://security.debian.org/pool/updates/main/p/ppxp/ppxp-dev_0.2001080415-6woody2_hppa.deb
Size/MD5 checksum: 52530 7ea0bb8a124915b23557462d84111fb0
http://security.debian.org/pool/updates/main/p/ppxp/ppxp-tcltk_0.2001080415-6woody2_hppa.deb
Size/MD5 checksum: 61200 440bf784087e2caeef6180fb68168962
http://security.debian.org/pool/updates/main/p/ppxp/ppxp-x11_0.2001080415-6woody2_hppa.deb
Size/MD5 checksum: 69298 3d444541b6f4638e1c08fc28bef20b75

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/p/ppxp/ppxp_0.2001080415-6woody2_m68k.deb
Size/MD5 checksum: 209544 f0367ccf232b1db80c9d9019700d3cd1
http://security.debian.org/pool/updates/main/p/ppxp/ppxp-dev_0.2001080415-6woody2_m68k.deb
Size/MD5 checksum: 47256 6c87bf5d43d195219abb26a086cb55da
http://security.debian.org/pool/updates/main/p/ppxp/ppxp-tcltk_0.2001080415-6woody2_m68k.deb
Size/MD5 checksum: 57572 5d4d73daad751f83543f142463ee2b81
http://security.debian.org/pool/updates/main/p/ppxp/ppxp-x11_0.2001080415-6woody2_m68k.deb
Size/MD5 checksum: 58838 70b368a6e2c88a2e6f8897f2af6bc746

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/p/ppxp/ppxp_0.2001080415-6woody2_mips.deb
Size/MD5 checksum: 242930 f1cdc78af11a5525234b5cb729711f85
http://security.debian.org/pool/updates/main/p/ppxp/ppxp-dev_0.2001080415-6woody2_mips.deb
Size/MD5 checksum: 52216 3c9bdb59cf4e363c7eafe55ad4c98c6d
http://security.debian.org/pool/updates/main/p/ppxp/ppxp-tcltk_0.2001080415-6woody2_mips.deb
Size/MD5 checksum: 58002 fad1852775b1ffe31378041d61aa0540
http://security.debian.org/pool/updates/main/p/ppxp/ppxp-x11_0.2001080415-6woody2_mips.deb
Size/MD5 checksum: 70490 b44d619f785d86a687dfc7e02fcbd17b

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/p/ppxp/ppxp_0.2001080415-6woody2_mipsel.deb
Size/MD5 checksum: 243254 3023af6b39db97c963f1d42136abddce
http://security.debian.org/pool/updates/main/p/ppxp/ppxp-dev_0.2001080415-6woody2_mipsel.deb
Size/MD5 checksum: 51134 ba2df4e6d00acfd4e34ed65a4b728539
http://security.debian.org/pool/updates/main/p/ppxp/ppxp-tcltk_0.2001080415-6woody2_mipsel.deb
Size/MD5 checksum: 57786 e5ee8bbbc654f5410737a5a25d4109f3
http://security.debian.org/pool/updates/main/p/ppxp/ppxp-x11_0.2001080415-6woody2_mipsel.deb
Size/MD5 checksum: 68876 6a84fc7283634162786adc8f10a4c4f1

PowerPC architecture:

http://security.debian.org/pool/updates/main/p/ppxp/ppxp_0.2001080415-6woody2_powerpc.deb
Size/MD5 checksum: 226996 fefaf9555d2bc59600bd3cba6df65e7c
http://security.debian.org/pool/updates/main/p/ppxp/ppxp-dev_0.2001080415-6woody2_powerpc.deb
Size/MD5 checksum: 50698 fa76f73bd51db1f27a95cf58aefb2899
http://security.debian.org/pool/updates/main/p/ppxp/ppxp-tcltk_0.2001080415-6woody2_powerpc.deb
Size/MD5 checksum: 58712 62ca9d4cb838da262a83285de145d620
http://security.debian.org/pool/updates/main/p/ppxp/ppxp-x11_0.2001080415-6woody2_powerpc.deb
Size/MD5 checksum: 63314 b51dcdc8bc0f6e6627819aa4ea91ffb3

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/p/ppxp/ppxp_0.2001080415-6woody2_s390.deb
Size/MD5 checksum: 223394 8fa85098c05da6035908cf3c00e371d8
http://security.debian.org/pool/updates/main/p/ppxp/ppxp-dev_0.2001080415-6woody2_s390.deb
Size/MD5 checksum: 48576 6f01949fb43e199475683be2c3f003e9
http://security.debian.org/pool/updates/main/p/ppxp/ppxp-tcltk_0.2001080415-6woody2_s390.deb
Size/MD5 checksum: 58740 8f9d6017ab0e0dcd110fe7e3a9a1f5b1
http://security.debian.org/pool/updates/main/p/ppxp/ppxp-x11_0.2001080415-6woody2_s390.deb
Size/MD5 checksum: 64706 d6a5b703a46e920e98b3bbff4f1a5d87

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/p/ppxp/ppxp_0.2001080415-6woody2_sparc.deb
Size/MD5 checksum: 228070 78c09baee8c1fcf19812cb5901a2e6b0
http://security.debian.org/pool/updates/main/p/ppxp/ppxp-dev_0.2001080415-6woody2_sparc.deb
Size/MD5 checksum: 49538 b113918f1a2aadfb2d3003d36d3ab825
http://security.debian.org/pool/updates/main/p/ppxp/ppxp-tcltk_0.2001080415-6woody2_sparc.deb
Size/MD5 checksum: 60172 b113214d78c36c80ff6ead9b1c6fdc86
http://security.debian.org/pool/updates/main/p/ppxp/ppxp-x11_0.2001080415-6woody2_sparc.deb
Size/MD5 checksum: 66830 ffb39d3d4daa3e6c9a0b1ff0ab5af9a8

These files will probably be moved into the stable distribution on its next update.


For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

Fedora Legacy


Fedora Legacy Update Advisory

Synopsis: Updated libtiff packages fix security issues
Advisory ID: FLSA:152815
Issue date: 2005-05-18
Product: Red Hat Linux, Fedora Core
Keywords: Bugfix
CVE Names: CAN-2004-0803 CAN-2004-0804 CAN-2004-0886 CAN-2004-1308 CAN-2004-1183



1. Topic:

Updated libtiff packages that fix various buffer and integer overflows are now available.

The libtiff package contains a library of functions for manipulating TIFF (Tagged Image File Format) image format files.

2. Relevant releases/architectures:

Red Hat Linux 7.3 - i386
Red Hat Linux 9 - i386
Fedora Core 1 - i386

3. Problem description:

During a source code audit, Chris Evans discovered a number of integer overflow bugs that affect libtiff. An attacker who has the ability to trick a user into opening a malicious TIFF file could cause the application linked to libtiff to crash or possibly execute arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the names CAN-2004-0886 and CAN-2004-0804 to these issues.

Additionally, a number of buffer overflow bugs that affect libtiff have been found. An attacker who has the ability to trick a user into opening a malicious TIFF file could cause the application linked to libtiff to crash or possibly execute arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name CAN-2004-0803 to this issue.

iDEFENSE has reported an integer overflow bug that affects libtiff. An attacker who has the ability to trick a user into opening a malicious TIFF file could cause the application linked to libtiff to crash or possibly execute arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name CAN-2004-1308 to this issue.

Dmitry V. Levin reported another integer overflow in the tiffdump utility. An atacker who has the ability to trick a user into opening a malicious TIFF file with tiffdump could possibly execute arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name CAN-2004-1183 to this issue.

All users are advised to upgrade to these updated packages, which contain backported fixes for these issues.

4. Solution:

Before applying this update, make sure all previously released errata relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory only contains the desired RPMs.

Please note that this update is also available via yum and apt. Many people find this an easier way to apply updates. To use yum issue:

yum update

or to use apt:

apt-get update; apt-get upgrade

This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. This assumes that you have yum or apt-get configured for obtaining Fedora Legacy content. Please visit http://www.fedoralegacy.org/docs for directions on how to configure yum and apt-get.

5. Bug IDs fixed:

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152815

6. RPMs required:

Red Hat Linux 7.3:
SRPM:
http://download.fedoralegacy.org/redhat/7.3/updates/SRPMS/libtiff-3.5.7-2.2.legacy.src.rpm

i386:
http://download.fedoralegacy.org/redhat/7.3/updates/i386/libtiff-3.5.7-2.2.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/libtiff-devel-3.5.7-2.2.legacy.i386.rpm

Red Hat Linux 9:

SRPM:
http://download.fedoralegacy.org/redhat/9/updates/SRPMS/libtiff-3.5.7-11.2.legacy.src.rpm

i386:
http://download.fedoralegacy.org/redhat/9/updates/i386/libtiff-3.5.7-11.2.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/libtiff-devel-3.5.7-11.2.legacy.i386.rpm

Fedora Core 1:

SRPM:
http://download.fedoralegacy.org/fedora/1/updates/SRPMS/libtiff-3.5.7-14.2.legacy.src.rpm

i386:
http://download.fedoralegacy.org/fedora/1/updates/i386/libtiff-3.5.7-14.2.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/libtiff-devel-3.5.7-14.2.legacy.i386.rpm

7. Verification:

SHA1 sum Package Name


524fd6c80901dbd665cfbf0b4ba1eea276a95cca redhat/7.3/updates/i386/libtiff-3.5.7-2.2.legacy.i386.rpm
3ced2ba5eac07c60515a41d73dbfb0df36cfc962 redhat/7.3/updates/i386/libtiff-devel-3.5.7-2.2.legacy.i386.rpm
864581d2f1d76fcc5d0540173338a84a7a3ffe80 redhat/7.3/updates/SRPMS/libtiff-3.5.7-2.2.legacy.src.rpm
a17298a3be3e3d6f7fce2108ac226ff8ef26ee39 redhat/9/updates/i386/libtiff-3.5.7-11.2.legacy.i386.rpm
b35700b8e8ee819565998a033f484ebd7e837646 redhat/9/updates/i386/libtiff-devel-3.5.7-11.2.legacy.i386.rpm
2024a97a377a37851d3a4be92403eaad0a7b1be2 redhat/9/updates/SRPMS/libtiff-3.5.7-11.2.legacy.src.rpm
8dd2d8035eaf4b0e41cc7ac68536b752387a1cc8 fedora/1/updates/i386/libtiff-3.5.7-14.2.legacy.i386.rpm
4475fb4f26ab358d1c9bf8b6e8da060eace1a8dd fedora/1/updates/i386/libtiff-devel-3.5.7-14.2.legacy.i386.rpm
f854a97125ca806b9a1c04c985f9939c6b6f7611 fedora/1/updates/SRPMS/libtiff-3.5.7-14.2.legacy.src.rpm

These packages are GPG signed by Fedora Legacy for security. Our key is available from http://www.fedoralegacy.org/about/security.php

You can verify each package with the following command:

rpm --checksig -v <filename>

If you only wish to verify that each package has not been corrupted or tampered with, examine only the sha1sum with the following command:

sha1sum <filename>

8. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0803
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0804
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0886
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1308
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1183

9. Contact:

The Fedora Legacy security contact is <secnotice@fedoralegacy.org>. More project details at http://www.fedoralegacy.org


Gentoo Linux


Gentoo Linux Security Advisory GLSA 200505-14

http://security.gentoo.org/


Severity: Normal
Title: Cheetah: Untrusted module search path
Date: May 19, 2005
Bugs: #92926
ID: 200505-14


Synopsis

Cheetah contains a vulnerability in the module importing code that can allow a local user to gain escalated privileges.

Background

Cheetah is a Python powered template engine and code generator.

Affected packages


     Package             /   Vulnerable   /                 Unaffected

  1  dev-python/cheetah     < 0.9.17-rc1                 >= 0.9.17-rc1

Description

Brian Bird discovered that Cheetah searches for modules in the world-writable /tmp directory.

Impact

A malicious local user could place a module containing arbitrary code in /tmp, which when imported would run with escalated privileges.

Workaround

There are no known workarounds at this time.

Resolution

All Cheetah users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=dev-python/cheetah-0.9.17-rc1"

References

[ 1 ] Secunia Advisory SA15386

http://secunia.com/advisories/15386/

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200505-14.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2005 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.0

Mandriva Linux


Mandriva Linux Security Update Advisory


Package name: cdrdao
Advisory ID: MDKSA-2005:089
Date: May 18th, 2005
Affected versions: 10.0, 10.1, 10.2, Corporate 3.0


Problem Description:

The cdrdao package contains two vulnerabilities; the first allows local users to read arbitrary files via the show-data command and the second allows local users to overwrite arbitrary files via a symlink attack on the ~/.cdrdao configuration file. This can also lead to elevated privileges (a root shell) due to cdrdao being installed suid root.

The provided packages have been patched to correct these issues.


References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0137
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0138


Updated Packages:

Mandrakelinux 10.0:
1b7ae1dad185d083ed25987ccce21ad0 10.0/RPMS/cdrdao-1.1.8-2.2.100mdk.i586.rpm
87a92365c35931b3023188da4089c482 10.0/RPMS/cdrdao-gcdmaster-1.1.8-2.2.100mdk.i586.rpm
0fd4754121b926a84fae47bf1e4c6133 10.0/SRPMS/cdrdao-1.1.8-2.2.100mdk.src.rpm

Mandrakelinux 10.0/AMD64:
cea5f48ae2bcc67e161da98e41b55134 amd64/10.0/RPMS/cdrdao-1.1.8-2.2.100mdk.amd64.rpm
c8b85327b50ebb68e3fab34476b1b3cb amd64/10.0/RPMS/cdrdao-gcdmaster-1.1.8-2.2.100mdk.amd64.rpm
0fd4754121b926a84fae47bf1e4c6133 amd64/10.0/SRPMS/cdrdao-1.1.8-2.2.100mdk.src.rpm

Mandrakelinux 10.1:
61ab4f7af380c2b46acac4dcfa1f893a 10.1/RPMS/cdrdao-1.1.9-6.1.101mdk.i586.rpm
9c8463a1c170c1b189e0dd9a68be07d9 10.1/RPMS/cdrdao-gcdmaster-1.1.9-6.1.101mdk.i586.rpm
050a81b90551f9ef454904e55a160a9d 10.1/SRPMS/cdrdao-1.1.9-6.1.101mdk.src.rpm

Mandrakelinux 10.1/X86_64:
a2424f9595ddcb10aca667a35523ae20 x86_64/10.1/RPMS/cdrdao-1.1.9-6.1.101mdk.x86_64.rpm
ce08ea93c55311d7585dcf72d62add3a x86_64/10.1/RPMS/cdrdao-gcdmaster-1.1.9-6.1.101mdk.x86_64.rpm
050a81b90551f9ef454904e55a160a9d x86_64/10.1/SRPMS/cdrdao-1.1.9-6.1.101mdk.src.rpm

Mandrakelinux 10.2:
b073077b108528d1ceed5681acf46f8c 10.2/RPMS/cdrdao-1.1.9-7.1.102mdk.i586.rpm
0077a3948564abc01ab2dc935268b443 10.2/RPMS/cdrdao-gcdmaster-1.1.9-7.1.102mdk.i586.rpm
cb1265c4a12964fa5fbf42a7fb2361df 10.2/SRPMS/cdrdao-1.1.9-7.1.102mdk.src.rpm

Mandrakelinux 10.2/X86_64:
0f3eeec0e097087dd4b15dc89ccea21f x86_64/10.2/RPMS/cdrdao-1.1.9-7.1.102mdk.x86_64.rpm
c573c4ff16b3b0c9bf68467d5cfc347b x86_64/10.2/RPMS/cdrdao-gcdmaster-1.1.9-7.1.102mdk.x86_64.rpm
cb1265c4a12964fa5fbf42a7fb2361df x86_64/10.2/SRPMS/cdrdao-1.1.9-7.1.102mdk.src.rpm

Corporate 3.0:
406191468856946e82d195204855a05f corporate/3.0/RPMS/cdrdao-1.1.8-2.2.C30mdk.i586.rpm
768b911c0d220197ad43f351b91e1c9c corporate/3.0/RPMS/cdrdao-gcdmaster-1.1.8-2.2.C30mdk.i586.rpm
70d8a7e69f725875da71507ebc7c2447 corporate/3.0/SRPMS/cdrdao-1.1.8-2.2.C30mdk.src.rpm

Corporate 3.0/X86_64:
e97c0cd16db006ebc56e7b339c4eccc9 x86_64/corporate/3.0/RPMS/cdrdao-1.1.8-2.2.C30mdk.x86_64.rpm
e1f6f75a51182be5155dc204abbbf188 x86_64/corporate/3.0/RPMS/cdrdao-gcdmaster-1.1.8-2.2.C30mdk.x86_64.rpm
70d8a7e69f725875da71507ebc7c2447 x86_64/corporate/3.0/SRPMS/cdrdao-1.1.8-2.2.C30mdk.src.rpm


To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com


Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com>


Mandriva Linux Security Update Advisory


Package name: nasm
Advisory ID: MDKSA-2005:090
Date: May 18th, 2005
Affected versions: 10.0, 10.1, 10.2, Corporate 3.0, Corporate Server 2.1


Problem Description:

A buffer overflow in nasm was discovered by Josh Bressers. If an attacker could trick a user into assembling a malicious source file, they could use this vulnerability to execute arbitrary code with the privileges of the user running nasm.

The provided packages have been patched to correct these issues.


References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1194


Updated Packages:

Mandrakelinux 10.0:
6058fd99b081bb34f72eaca22979eacb 10.0/RPMS/nasm-0.98.38-1.2.100mdk.i586.rpm
9e1cad7299252e849dde88c1c8f9fcd5 10.0/RPMS/nasm-doc-0.98.38-1.2.100mdk.i586.rpm
7b37557a44164b32b5c5d708af18420a 10.0/RPMS/nasm-rdoff-0.98.38-1.2.100mdk.i586.rpm
047468f3437190d6134a91aa319c9dce 10.0/SRPMS/nasm-0.98.38-1.2.100mdk.src.rpm

Mandrakelinux 10.0/AMD64:
c0f6efb802cdf9016db4b0b460aced96 amd64/10.0/RPMS/nasm-0.98.38-1.2.100mdk.amd64.rpm
1c2d6870472752e7f71e1359f93971d6 amd64/10.0/RPMS/nasm-doc-0.98.38-1.2.100mdk.amd64.rpm
5850c8cbc5e793537edef9297f75ca3b amd64/10.0/RPMS/nasm-rdoff-0.98.38-1.2.100mdk.amd64.rpm
047468f3437190d6134a91aa319c9dce amd64/10.0/SRPMS/nasm-0.98.38-1.2.100mdk.src.rpm

Mandrakelinux 10.1:
c86682079a58d5f51afb8c46c3575f88 10.1/RPMS/nasm-0.98.38-1.2.101mdk.i586.rpm
5a8d878475c169dd3e5688d1df154204 10.1/RPMS/nasm-doc-0.98.38-1.2.101mdk.i586.rpm
2ac418c945c704be110ad96f7aac207a 10.1/RPMS/nasm-rdoff-0.98.38-1.2.101mdk.i586.rpm
23154a4d32e90290972ffcdf4b45e866 10.1/SRPMS/nasm-0.98.38-1.2.101mdk.src.rpm

Mandrakelinux 10.1/X86_64:
3db75236d3004b80e44da6b9090520ef x86_64/10.1/RPMS/nasm-0.98.38-1.2.101mdk.x86_64.rpm
b885ec5762f765353386cdb9944f6fc5 x86_64/10.1/RPMS/nasm-doc-0.98.38-1.2.101mdk.x86_64.rpm
431065cf6d8c3ee4986b67478fbcd307 x86_64/10.1/RPMS/nasm-rdoff-0.98.38-1.2.101mdk.x86_64.rpm
23154a4d32e90290972ffcdf4b45e866 x86_64/10.1/SRPMS/nasm-0.98.38-1.2.101mdk.src.rpm

Mandrakelinux 10.2:
3e12f2c986a50d29be3966c1676b22f4 10.2/RPMS/nasm-0.98.39-1.1.102mdk.i586.rpm
fe9c6840f54221f6c87f75671eff25f4 10.2/RPMS/nasm-doc-0.98.39-1.1.102mdk.i586.rpm
ce78396659e932bcfba9af13d5578031 10.2/RPMS/nasm-rdoff-0.98.39-1.1.102mdk.i586.rpm
8cbae58b2b3c81dfc7871e3b677ab3ee 10.2/SRPMS/nasm-0.98.39-1.1.102mdk.src.rpm

Mandrakelinux 10.2/X86_64:
dbf950bdee101ba5f24304bf1ef34d9b x86_64/10.2/RPMS/nasm-0.98.39-1.1.102mdk.x86_64.rpm
9c1b968a37952f4d71ab70566b27f64d x86_64/10.2/RPMS/nasm-doc-0.98.39-1.1.102mdk.x86_64.rpm
f478ee8d4a130f548d70a26b43d2bd0d x86_64/10.2/RPMS/nasm-rdoff-0.98.39-1.1.102mdk.x86_64.rpm
8cbae58b2b3c81dfc7871e3b677ab3ee x86_64/10.2/SRPMS/nasm-0.98.39-1.1.102mdk.src.rpm

Corporate Server 2.1:
a5915798665b6cb487ed46b26d413843 corporate/2.1/RPMS/nasm-0.98.34-1.1.C21mdk.i586.rpm
8920f14ae40608d4e009d0de1de38fc4 corporate/2.1/RPMS/nasm-doc-0.98.34-1.1.C21mdk.i586.rpm
64b92b3d16471838fe539a2231cc9b40 corporate/2.1/RPMS/nasm-rdoff-0.98.34-1.1.C21mdk.i586.rpm
a500a5886b349219698a63c19e4a25cc corporate/2.1/SRPMS/nasm-0.98.34-1.1.C21mdk.src.rpm

Corporate Server 2.1/X86_64:
0701d377fbb6d201844d2b4c7c5c1ff4 x86_64/corporate/2.1/RPMS/nasm-0.98.34-1.1.C21mdk.x86_64.rpm
7ca4b424a692a30a0a7563ef7b519fb6 x86_64/corporate/2.1/RPMS/nasm-doc-0.98.34-1.1.C21mdk.x86_64.rpm
e487b2c74bae0220d9274dc0df607113 x86_64/corporate/2.1/RPMS/nasm-rdoff-0.98.34-1.1.C21mdk.x86_64.rpm
a500a5886b349219698a63c19e4a25cc x86_64/corporate/2.1/SRPMS/nasm-0.98.34-1.1.C21mdk.src.rpm

Corporate 3.0:
6e92be4ee34c886f0bae3eb57742be21 corporate/3.0/RPMS/nasm-0.98.38-1.2.C30mdk.i586.rpm
52dd3cd6c00348a03e0556203d23d315 corporate/3.0/RPMS/nasm-doc-0.98.38-1.2.C30mdk.i586.rpm
982eccac3a54313ba123eaef3f86ea90 corporate/3.0/RPMS/nasm-rdoff-0.98.38-1.2.C30mdk.i586.rpm
fa2f1dd8e465108d2a0c18fef812e2d0 corporate/3.0/SRPMS/nasm-0.98.38-1.2.C30mdk.src.rpm

Corporate 3.0/X86_64:
3ab1744c68d83be84b7adf44aa1868b3 x86_64/corporate/3.0/RPMS/nasm-0.98.38-1.2.C30mdk.x86_64.rpm
7e516d61646ab1fcb9493b8bfd5b0943 x86_64/corporate/3.0/RPMS/nasm-doc-0.98.38-1.2.C30mdk.x86_64.rpm
809e67872145f7b42156e78bd22cbabf x86_64/corporate/3.0/RPMS/nasm-rdoff-0.98.38-1.2.C30mdk.x86_64.rpm
fa2f1dd8e465108d2a0c18fef812e2d0 x86_64/corporate/3.0/SRPMS/nasm-0.98.38-1.2.C30mdk.src.rpm


To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com


Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com>


Mandriva Linux Security Update Advisory


Package name: bzip2
Advisory ID: MDKSA-2005:091
Date: May 18th, 2005
Affected versions: 10.0, 10.1, 10.2, Corporate 3.0, Corporate Server 2.1


Problem Description:

A race condition in the file permission restore code of bunzip2 was discovered by Imran Ghory. While a user was decompressing a file, a local attacker with write permissions to the directory containing the compressed file could replace the target file with a hard link which would cause bunzip2 to restore the file permissions of the original file to the hard link target. This could be exploited to gain read or write access to files of other users (CAN-2005-0953).

A vulnerability was found where specially crafted bzip2 archives would cause an infinite loop in the decompressor, resulting in an indefinitively large output file (also known as a "decompression bomb"). This could be exploited to cause a Denial of Service attack on the host computer due to disk space exhaustion (CAN-2005-1260).

The provided packages have been patched to correct these issues.


References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0953
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1260


Updated Packages:

Mandrakelinux 10.0:
4b2bb8d970b222f3d941181c97ac90b4 10.0/RPMS/bzip2-1.0.2-17.1.100mdk.i586.rpm
668e3c51aba91c2593a8acff74d44454 10.0/RPMS/libbzip2_1-1.0.2-17.1.100mdk.i586.rpm
94f02cd14f2600f9bb2feafa3bb9d86e 10.0/RPMS/libbzip2_1-devel-1.0.2-17.1.100mdk.i586.rpm
c22b1d64b5479d4924612a96d20f7944 10.0/SRPMS/bzip2-1.0.2-17.1.100mdk.src.rpm

Mandrakelinux 10.0/AMD64:
cb22383be6cb4a2f32170a1c6b5aa0cf amd64/10.0/RPMS/bzip2-1.0.2-17.1.100mdk.amd64.rpm
923353937d7dd11490f769a23012d229 amd64/10.0/RPMS/lib64bzip2_1-1.0.2-17.1.100mdk.amd64.rpm
796494bd8a1731f1b970421a6c1657ee amd64/10.0/RPMS/lib64bzip2_1-devel-1.0.2-17.1.100mdk.amd64.rpm
c22b1d64b5479d4924612a96d20f7944 amd64/10.0/SRPMS/bzip2-1.0.2-17.1.100mdk.src.rpm

Mandrakelinux 10.1:
c712f5670311f97e101fe2d0a8ed8c2b 10.1/RPMS/bzip2-1.0.2-20.1.101mdk.i586.rpm
3b7a755b9faf46953f8030eab2b9a5f0 10.1/RPMS/libbzip2_1-1.0.2-20.1.101mdk.i586.rpm
70428efe689e2e0e6e88ee0f1c930475 10.1/RPMS/libbzip2_1-devel-1.0.2-20.1.101mdk.i586.rpm
19be2dba061d76a9b79f7376077e238f 10.1/SRPMS/bzip2-1.0.2-20.1.101mdk.src.rpm

Mandrakelinux 10.1/X86_64:
02b04af8089d801bf139dfdc5fbe61e3 x86_64/10.1/RPMS/bzip2-1.0.2-20.1.101mdk.x86_64.rpm
8c835acc2c2dc823b94e332340502245 x86_64/10.1/RPMS/lib64bzip2_1-1.0.2-20.1.101mdk.x86_64.rpm
92a783e1d9dea6c00324b6ed12d74635 x86_64/10.1/RPMS/lib64bzip2_1-devel-1.0.2-20.1.101mdk.x86_64.rpm
19be2dba061d76a9b79f7376077e238f x86_64/10.1/SRPMS/bzip2-1.0.2-20.1.101mdk.src.rpm

Mandrakelinux 10.2:
64e8f1fb474606a4bfbeb2adee7cabf6 10.2/RPMS/bzip2-1.0.2-20.1.102mdk.i586.rpm
53fe82aefa0ff6aeff8ce0b5a7649b5c 10.2/RPMS/libbzip2_1-1.0.2-20.1.102mdk.i586.rpm
9d420447e67a42f77e22c28d55bf611a 10.2/RPMS/libbzip2_1-devel-1.0.2-20.1.102mdk.i586.rpm
bc16ae3ec7865dc9e8d382f22d296cb2 10.2/SRPMS/bzip2-1.0.2-20.1.102mdk.src.rpm

Mandrakelinux 10.2/X86_64:
d87a3bc804e9c716a17b44d2144255a7 x86_64/10.2/RPMS/bzip2-1.0.2-20.1.102mdk.x86_64.rpm
6f0841e3c59c302819abd300e37a4b4f x86_64/10.2/RPMS/lib64bzip2_1-1.0.2-20.1.102mdk.x86_64.rpm
31a163ba5a620dc925279e0cd2b988b4 x86_64/10.2/RPMS/lib64bzip2_1-devel-1.0.2-20.1.102mdk.x86_64.rpm
bc16ae3ec7865dc9e8d382f22d296cb2 x86_64/10.2/SRPMS/bzip2-1.0.2-20.1.102mdk.src.rpm

Corporate Server 2.1:
297004f1d8a720780325382271f94164 corporate/2.1/RPMS/bzip2-1.0.2-10.1.C21mdk.i586.rpm
2e9376a5ebaeef7ab611c31377962636 corporate/2.1/RPMS/libbzip2_1-1.0.2-10.1.C21mdk.i586.rpm
54747fe92a6779b85ac84286c398bb14 corporate/2.1/RPMS/libbzip2_1-devel-1.0.2-10.1.C21mdk.i586.rpm
2220cf9a3e6842172f98c01909e3f77e corporate/2.1/SRPMS/bzip2-1.0.2-10.1.C21mdk.src.rpm

Corporate Server 2.1/X86_64:
cfaf6fd095f0d7434e80d8a4f0156255 x86_64/corporate/2.1/RPMS/bzip2-1.0.2-10.1.C21mdk.x86_64.rpm
efddfee91fe70c73d3162cd4f2ab2581 x86_64/corporate/2.1/RPMS/libbzip2_1-1.0.2-10.1.C21mdk.x86_64.rpm
a41917f3e9a008c625b90481c9357aff x86_64/corporate/2.1/RPMS/libbzip2_1-devel-1.0.2-10.1.C21mdk.x86_64.rpm
2220cf9a3e6842172f98c01909e3f77e x86_64/corporate/2.1/SRPMS/bzip2-1.0.2-10.1.C21mdk.src.rpm

Corporate 3.0:
b01aca9e32f1b7beadf1dede32fe8726 corporate/3.0/RPMS/bzip2-1.0.2-17.1.C30mdk.i586.rpm
01fb59c1b265d341bd1182ef833186e3 corporate/3.0/RPMS/libbzip2_1-1.0.2-17.1.C30mdk.i586.rpm
7555509f257ddbef15e4f09e4bc3fda5 corporate/3.0/RPMS/libbzip2_1-devel-1.0.2-17.1.C30mdk.i586.rpm
361836a8f0bcdbd18cc376df549f1d2b corporate/3.0/SRPMS/bzip2-1.0.2-17.1.C30mdk.src.rpm

Corporate 3.0/X86_64:
b06a4e4af363c43e1e24e45e156f6282 x86_64/corporate/3.0/RPMS/bzip2-1.0.2-17.1.C30mdk.x86_64.rpm
7c075c3748cba9471e9d13ce4ae8b4c2 x86_64/corporate/3.0/RPMS/lib64bzip2_1-1.0.2-17.1.C30mdk.x86_64.rpm
d15c9f810a0b1ec7e153154304b8dc53 x86_64/corporate/3.0/RPMS/lib64bzip2_1-devel-1.0.2-17.1.C30mdk.x86_64.rpm
361836a8f0bcdbd18cc376df549f1d2b x86_64/corporate/3.0/SRPMS/bzip2-1.0.2-17.1.C30mdk.src.rpm


To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com


Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com>


Mandriva Linux Security Update Advisory


Package name: gzip
Advisory ID: MDKSA-2005:092
Date: May 18th, 2005
Affected versions: 10.0, 10.1, 10.2, Corporate 3.0, Corporate Server 2.1


Problem Description:

Several vulnerabilities have been discovered in the gzip package:

Zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script. (CAN-2005-0758)

A race condition in gzip 1.2.4, 1.3.3, and earlier when decompressing a gzip file allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete. (CAN-2005-0988)

A directory traversal vulnerability via "gunzip -N" in gzip 1.2.4 through 1.3.5 allows remote attackers to write to arbitrary directories via a .. (dot dot) in the original filename within a compressed file. (CAN-2005-1228)

Updated packages are patched to address these issues.


References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0758
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0988
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1228


Updated Packages:

Mandrakelinux 10.0:
747eb53b876e9dd0544d58d8cafd436d 10.0/RPMS/gzip-1.2.4a-13.2.100mdk.i586.rpm
6b8b1c839de2659bdbf3ef7b2d084c49 10.0/SRPMS/gzip-1.2.4a-13.2.100mdk.src.rpm

Mandrakelinux 10.0/AMD64:
55b145f3a6211d3214e4ac84a9f3d2db amd64/10.0/RPMS/gzip-1.2.4a-13.2.100mdk.amd64.rpm
6b8b1c839de2659bdbf3ef7b2d084c49 amd64/10.0/SRPMS/gzip-1.2.4a-13.2.100mdk.src.rpm

Mandrakelinux 10.1:
f52a97a5a011807be418d9813e8be8a7 10.1/RPMS/gzip-1.2.4a-13.2.101mdk.i586.rpm
50b48751f7f56fafc86ae58c39473b19 10.1/SRPMS/gzip-1.2.4a-13.2.101mdk.src.rpm

Mandrakelinux 10.1/X86_64:
6f68527ab34b108cd142f7612f01624b x86_64/10.1/RPMS/gzip-1.2.4a-13.2.101mdk.x86_64.rpm
50b48751f7f56fafc86ae58c39473b19 x86_64/10.1/SRPMS/gzip-1.2.4a-13.2.101mdk.src.rpm

Mandrakelinux 10.2:
2e4b095f517150b0c3fd8f06e8b02b54 10.2/RPMS/gzip-1.2.4a-14.1.102mdk.i586.rpm
d9a2c5788a582dc194e4726b68708e75 10.2/SRPMS/gzip-1.2.4a-14.1.102mdk.src.rpm

Mandrakelinux 10.2/X86_64:
819a41d23efc8ad2c26cd9786178a52c x86_64/10.2/RPMS/gzip-1.2.4a-14.1.102mdk.x86_64.rpm
d9a2c5788a582dc194e4726b68708e75 x86_64/10.2/SRPMS/gzip-1.2.4a-14.1.102mdk.src.rpm

Corporate Server 2.1:
531d8990f2c080218daaafd80fa324d4 corporate/2.1/RPMS/gzip-1.2.4a-11.4.C21mdk.i586.rpm
255e4af1676fa7db7ebb6f9997bee3ef corporate/2.1/SRPMS/gzip-1.2.4a-11.4.C21mdk.src.rpm

Corporate Server 2.1/X86_64:
7094630fcd81e61eb6402d25b4afa2dd x86_64/corporate/2.1/RPMS/gzip-1.2.4a-11.4.C21mdk.x86_64.rpm
255e4af1676fa7db7ebb6f9997bee3ef x86_64/corporate/2.1/SRPMS/gzip-1.2.4a-11.4.C21mdk.src.rpm

Corporate 3.0:
4d73819ec9c73150407ab0a6739e797b corporate/3.0/RPMS/gzip-1.2.4a-13.2.C30mdk.i586.rpm
2d3852158ecc68f805ce3e63d3e0c563 corporate/3.0/SRPMS/gzip-1.2.4a-13.2.C30mdk.src.rpm

Corporate 3.0/X86_64:
502e80bad0a21a86c06f85836c9e9579 x86_64/corporate/3.0/RPMS/gzip-1.2.4a-13.2.C30mdk.x86_64.rpm
2d3852158ecc68f805ce3e63d3e0c563 x86_64/corporate/3.0/SRPMS/gzip-1.2.4a-13.2.C30mdk.src.rpm


To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com


Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com>

Red Hat Linux


Red Hat Security Advisory

Synopsis: Low: evolution security update
Advisory ID: RHSA-2005:238-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-238.html
Issue date: 2005-05-19
Updated on: 2005-05-19
Product: Red Hat Enterprise Linux
CVE Names: CAN-2005-0102


1. Summary:

Updated evolution packages that fix various bugs are now available.

This update has been rated as having low security impact by the Red Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64

3. Problem description:

Evolution is the GNOME collection of personal information management (PIM) tools. Evolution includes a mailer, calendar, contact manager, and communication facility. The tools which make up Evolution are tightly integrated with one another and act as a seamless personal information management tool.

A bug was found in Evolution's helper program camel-lock-helper. This bug could allow a local attacker to gain root privileges if camel-lock-helper has been built to execute with elevated privileges. The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name CAN-2005-0102 to this issue. On Red Hat Enterprise Linux, camel-lock-helper is not built to execute with elevated privileges by default. Please note however that if users have rebuilt Evolution from the source RPM, as the root user, camel-lock-helper may be given elevated privileges.

Additionally, these updated packages address the following issues:

  • If evolution ran during a GNOME session, the evolution-wombat process did not exit when the user logged out of the desktop.
  • For folders marked for Offline Synchronization: if a user moved a message from a Local Folder to an IMAP folder while in Offline mode, the message was not present in either folder after returning to Online mode.

This update fixes this problem. Email messages that have been lost this way may still be present in the following path:

~/evolution/&lt;NAME_OF_MAIL_STORE&gt;/
&lt;path-to-folder-via-subfolder-directories&gt;/
&lt;temporary-uid-of-message&gt;

If this bug has affected you it may be possible to recover data by examining the contents of this directory.

All users of evolution should upgrade to these updated packages, which resolve these issues.

4. Solution:

Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system:

http://www.redhat.com/docs/manuals/enterprise/

5. RPMs required:

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/evolution-1.4.5-14.src.rpm 00ca55085916b5be09835fc2fdd8f115 evolution-1.4.5-14.src.rpm

i386:
c16eac86838d8fa7a244a5946f2b48ad evolution-1.4.5-14.i386.rpm
381646f69a1f9005d2437eb565bc9fea evolution-devel-1.4.5-14.i386.rpm

ia64:
5a5988450fa8474d12a2907ba2ffd0d5 evolution-1.4.5-14.ia64.rpm
cb572702db3115e1302751cdfd421cfe evolution-devel-1.4.5-14.ia64.rpm

ppc:
27164ca33b130009bbc1666d386d5063 evolution-1.4.5-14.ppc.rpm
2709252c915bd4d4eec045d27bca1f43 evolution-devel-1.4.5-14.ppc.rpm

s390:
804000f88b5019f7947575316272ad3c evolution-1.4.5-14.s390.rpm
68ff7ce189ace01df821534d532e2aff evolution-devel-1.4.5-14.s390.rpm

s390x:
eb3758e2fb713493c51b0175de6cf038 evolution-1.4.5-14.s390x.rpm
a7d5d6a7e1150aed4aaf3970080e0d15 evolution-devel-1.4.5-14.s390x.rpm

x86_64:
3cb477f8d7f834e2cdbdfdc97b4acb33 evolution-1.4.5-14.x86_64.rpm
7e19acc7c0720c8c08fd1a111fb2b774 evolution-devel-1.4.5-14.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/evolution-1.4.5-14.src.rpm 00ca55085916b5be09835fc2fdd8f115 evolution-1.4.5-14.src.rpm

i386:
c16eac86838d8fa7a244a5946f2b48ad evolution-1.4.5-14.i386.rpm
381646f69a1f9005d2437eb565bc9fea evolution-devel-1.4.5-14.i386.rpm

x86_64:
3cb477f8d7f834e2cdbdfdc97b4acb33 evolution-1.4.5-14.x86_64.rpm
7e19acc7c0720c8c08fd1a111fb2b774 evolution-devel-1.4.5-14.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/evolution-1.4.5-14.src.rpm 00ca55085916b5be09835fc2fdd8f115 evolution-1.4.5-14.src.rpm

i386:
c16eac86838d8fa7a244a5946f2b48ad evolution-1.4.5-14.i386.rpm
381646f69a1f9005d2437eb565bc9fea evolution-devel-1.4.5-14.i386.rpm

ia64:
5a5988450fa8474d12a2907ba2ffd0d5 evolution-1.4.5-14.ia64.rpm
cb572702db3115e1302751cdfd421cfe evolution-devel-1.4.5-14.ia64.rpm

x86_64:
3cb477f8d7f834e2cdbdfdc97b4acb33 evolution-1.4.5-14.x86_64.rpm
7e19acc7c0720c8c08fd1a111fb2b774 evolution-devel-1.4.5-14.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/evolution-1.4.5-14.src.rpm 00ca55085916b5be09835fc2fdd8f115 evolution-1.4.5-14.src.rpm

i386:
c16eac86838d8fa7a244a5946f2b48ad evolution-1.4.5-14.i386.rpm
381646f69a1f9005d2437eb565bc9fea evolution-devel-1.4.5-14.i386.rpm

ia64:
5a5988450fa8474d12a2907ba2ffd0d5 evolution-1.4.5-14.ia64.rpm
cb572702db3115e1302751cdfd421cfe evolution-devel-1.4.5-14.ia64.rpm

x86_64:
3cb477f8d7f834e2cdbdfdc97b4acb33 evolution-1.4.5-14.x86_64.rpm
7e19acc7c0720c8c08fd1a111fb2b774 evolution-devel-1.4.5-14.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package

6. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0102

7. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact/

Copyright 2005 Red Hat, Inc.

Ubuntu Linux


Ubuntu Security Notice USN-130-1 May 19, 2005
tiff vulnerability
CAN-2005-1544

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)
Ubuntu 5.04 (Hoary Hedgehog)

The following packages are affected:

libtiff4

The problem can be corrected by upgrading the affected package to version 3.6.1-1.1ubuntu1.3 (for Ubuntu 4.10), or 3.6.1-5ubuntu0.1 (for Ubuntu 5.04). After a standard system upgrade you need to restart your CUPS server with

sudo /etc/init.d/cupsys restart

to effect the necessary changes.

Details follow:

Tavis Ormandy discovered a buffer overflow in the TIFF library. A malicious image with an invalid "bits per sample" number could be constructed which, when decoded, would have resulted in execution of arbitrary code with the privileges of the process using the library.

Since this library is used in many applications like "ghostscript" and the "CUPS" printing system, this vulnerability may lead to remotely induced privilege escalation.

Updated packages for Ubuntu 4.10 (Warty Warthog):

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.6.1-1.1ubuntu1.3.diff.gz
Size/MD5: 23204 9ac3ca3fba6f2dfee338a6ead67dd861
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.6.1-1.1ubuntu1.3.dsc
Size/MD5: 646 dd500c399e6e27e8fccc0a2217b81e24
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_3.6.1.orig.tar.gz
Size/MD5: 848760 bd252167a20ac7910ab3bd2b3ee9e955

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-tools_3.6.1-1.1ubuntu1.3_amd64.deb
Size/MD5: 172882 44812e9c564e534afaf120298a05649d
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-dev_3.6.1-1.1ubuntu1.3_amd64.deb
Size/MD5: 458464 45c8e715cfd6d0d10a8f7755d444e8b2
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4_3.6.1-1.1ubuntu1.3_amd64.deb
Size/MD5: 111528 c3e7f1e32d02fb2f43dcd7eba004f410

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/universe/t/tiff/libtiff-tools_3.6.1-1.1ubuntu1.3_i386.deb
Size/MD5: 157242 89a8e234340550fbb7b51b0665f57b07
http://security.ubuntu.com/ubuntu/pool/main/t/tiff/libtiff4-d