dcsimg
Linux Today: Linux News On Internet Time.




More on LinuxToday


Advisories, August 8, 2006

Aug 09, 2006, 03:45 (0 Talkback[s])

Debian GNU/Linux


Debian Security Advisory DSA 1145-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
August 8th, 2006 http://www.debian.org/security/faq


Package : freeradius
Vulnerability : several
Problem-Type : remote
Debian-specific: no
CVE ID : CVE-2005-4745 CVE-2005-4746

Several remote vulnerabilities have been discovered in freeradius, a high-performance RADIUS server, which may lead to SQL injection or denial of service. The Common Vulnerabilities and Exposures project identifies the following problems:

CVE-2005-4745

An SQL injection vulnerability has been discovered in the rlm_sqlcounter module.

CVE-2006-4746

Multiple buffer overflows have been discovered, allowing denial of service.

For the stable distribution (sarge) these problems have been fixed in version 1.0.2-4sarge3.

For the unstable distribution (sid) these problems have been fixed in version 1.0.5-1.

We recommend that you upgrade your freeradius packages.

Upgrade Instructions


wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 3.1 alias sarge


Source archives:

    http://security.debian.org/pool/updates/main/f/freeradius/freeradius_1.0.2-4sarge3.dsc
      Size/MD5 checksum: 897 9da78722cf4e8de073f21a0c4a4a5a52
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius_1.0.2-4sarge3.diff.gz
      Size/MD5 checksum: 17220 e510f92d9152f41801312941409d35ce
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius_1.0.2.orig.tar.gz
      Size/MD5 checksum: 1931715 422a004f2354b2a7364f5b683891a26a

Architecture independent components:

    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-dialupadmin_1.0.2-4sarge3_all.deb
      Size/MD5 checksum: 111760 02a048b89f5d5bb78f07439de08975b1

Alpha architecture:

    http://security.debian.org/pool/updates/main/f/freeradius/freeradius_1.0.2-4sarge3_alpha.deb
      Size/MD5 checksum: 2234974 d9208f084edcc999b51b20753ee976cd
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-iodbc_1.0.2-4sarge3_alpha.deb
      Size/MD5 checksum: 54254 fc4b23c830ae96c9f83280095d74ac90
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-krb5_1.0.2-4sarge3_alpha.deb
      Size/MD5 checksum: 55078 23212bf61a381bfbfa00a48f96ff6053
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-ldap_1.0.2-4sarge3_alpha.deb
      Size/MD5 checksum: 107548 8aaaa457b450ec1c8916340587fef3b1
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-mysql_1.0.2-4sarge3_alpha.deb
      Size/MD5 checksum: 56028 26cd188ec8106a1bc1d66ab048460a79

AMD64 architecture:

    http://security.debian.org/pool/updates/main/f/freeradius/freeradius_1.0.2-4sarge3_amd64.deb
      Size/MD5 checksum: 1961222 cbb024edb0d5238f989173d89d09d2f4
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-iodbc_1.0.2-4sarge3_amd64.deb
      Size/MD5 checksum: 53108 c35f1f84ae1d8ea8c577378055392f28
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-krb5_1.0.2-4sarge3_amd64.deb
      Size/MD5 checksum: 53862 00e2095e1f39ae72a5609dd76910034c
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-ldap_1.0.2-4sarge3_amd64.deb
      Size/MD5 checksum: 99668 5203b88057bbc3de03ecd87755281036
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-mysql_1.0.2-4sarge3_amd64.deb
      Size/MD5 checksum: 54836 6fd3e759651ea3fe0478547642f4259f

ARM architecture:

    http://security.debian.org/pool/updates/main/f/freeradius/freeradius_1.0.2-4sarge3_arm.deb
      Size/MD5 checksum: 2034340 4fb67c48357f16d7be78b4fbe12587fa
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-iodbc_1.0.2-4sarge3_arm.deb
      Size/MD5 checksum: 51272 2cea05c9dc2706070f58040212b4e799
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-krb5_1.0.2-4sarge3_arm.deb
      Size/MD5 checksum: 52688 be9cb442fb0f6a90edfe70792217c725
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-ldap_1.0.2-4sarge3_arm.deb
      Size/MD5 checksum: 96464 9fc105b04bd9ac80c04c75711711f62d
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-mysql_1.0.2-4sarge3_arm.deb
      Size/MD5 checksum: 53274 4de175712a085a38a02bcff9fbe1cfbd

Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/f/freeradius/freeradius_1.0.2-4sarge3_i386.deb
      Size/MD5 checksum: 2032516 249932930c67845be5d844cfabbdf431
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-iodbc_1.0.2-4sarge3_i386.deb
      Size/MD5 checksum: 51558 a24eff84d5b737755c2a910d01c8adfe
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-krb5_1.0.2-4sarge3_i386.deb
      Size/MD5 checksum: 52666 22e5ab99d223ce4a89706a503e6843a6
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-ldap_1.0.2-4sarge3_i386.deb
      Size/MD5 checksum: 97628 1c4716d249dd1d78cd0938b2319cc64c
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-mysql_1.0.2-4sarge3_i386.deb
      Size/MD5 checksum: 53400 06cd4c6ad0444000cc3334b89aa74335

Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/f/freeradius/freeradius_1.0.2-4sarge3_ia64.deb
      Size/MD5 checksum: 2375540 5de9567eaf7e05d715bbcb3c3aec9daa
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-iodbc_1.0.2-4sarge3_ia64.deb
      Size/MD5 checksum: 54054 1cc25baa1f9ded198bd39d553dc4de2b
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-krb5_1.0.2-4sarge3_ia64.deb
      Size/MD5 checksum: 55240 29860799cd60b08be56a87e5adb9907a
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-ldap_1.0.2-4sarge3_ia64.deb
      Size/MD5 checksum: 112916 e58adaf4600db74d26a398a2883b8c33
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-mysql_1.0.2-4sarge3_ia64.deb
      Size/MD5 checksum: 56120 b673bda54099c764f299f2ed5b66f539

HP Precision architecture:

    http://security.debian.org/pool/updates/main/f/freeradius/freeradius_1.0.2-4sarge3_hppa.deb
      Size/MD5 checksum: 2039380 5d798c11b6a85057b9890f79a5021263
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-iodbc_1.0.2-4sarge3_hppa.deb
      Size/MD5 checksum: 54678 57567692624381166e5cf986a2a44fc1
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-krb5_1.0.2-4sarge3_hppa.deb
      Size/MD5 checksum: 56104 f89a83d37fd8c67ebba7f7f4a2443846
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-ldap_1.0.2-4sarge3_hppa.deb
      Size/MD5 checksum: 105536 1e2cd25a9acabe755edc90883d91d5b3
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-mysql_1.0.2-4sarge3_hppa.deb
      Size/MD5 checksum: 56442 674d4f0818c00e37c51b76ac04c68e18

Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/f/freeradius/freeradius_1.0.2-4sarge3_m68k.deb
      Size/MD5 checksum: 2017794 d7896b5846dfba3e235760c63b1e9f3b
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-iodbc_1.0.2-4sarge3_m68k.deb
      Size/MD5 checksum: 53036 fe09b63d1277f04758f4f57459f9f677
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-krb5_1.0.2-4sarge3_m68k.deb
      Size/MD5 checksum: 54028 28ed1c4fc7a7e256d3aba575794f6692
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-ldap_1.0.2-4sarge3_m68k.deb
      Size/MD5 checksum: 95270 df56d263433e5fad7f26d06fcd94f734
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-mysql_1.0.2-4sarge3_m68k.deb
      Size/MD5 checksum: 54884 40cf80c983717753b090d5a8067b7710

Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/f/freeradius/freeradius_1.0.2-4sarge3_mips.deb
      Size/MD5 checksum: 2135704 c4b7ae0e080900534351c35d81d26184
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-iodbc_1.0.2-4sarge3_mips.deb
      Size/MD5 checksum: 53292 a0edac9c731434e8103709ebdc8b7ace
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-krb5_1.0.2-4sarge3_mips.deb
      Size/MD5 checksum: 53758 d7d6aa5dbf5495a84d0e91561cfd7d65
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-ldap_1.0.2-4sarge3_mips.deb
      Size/MD5 checksum: 98086 eb9bd1ae3273fc85247689d2df492c07
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-mysql_1.0.2-4sarge3_mips.deb
      Size/MD5 checksum: 55236 bbd094a242c864772cbb03b96944100d

Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/f/freeradius/freeradius_1.0.2-4sarge3_mipsel.deb
      Size/MD5 checksum: 2102720 b939f831e6c7034b2c79fb4c901fd747
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-iodbc_1.0.2-4sarge3_mipsel.deb
      Size/MD5 checksum: 52156 f48edaa7cfba5f3064eaee9e59076b2f
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-krb5_1.0.2-4sarge3_mipsel.deb
      Size/MD5 checksum: 52488 775b45cef3ce1022e8634bba4238b5ee
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-ldap_1.0.2-4sarge3_mipsel.deb
      Size/MD5 checksum: 96592 93366948c99a4f7b9d98444fd803c412
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-mysql_1.0.2-4sarge3_mipsel.deb
      Size/MD5 checksum: 54040 9ccca0196e836b164d6e1836d2fe323b

PowerPC architecture:

    http://security.debian.org/pool/updates/main/f/freeradius/freeradius_1.0.2-4sarge3_powerpc.deb
      Size/MD5 checksum: 2330454 994519f38a5e70cb3ccb32493e5f8a3a
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-iodbc_1.0.2-4sarge3_powerpc.deb
      Size/MD5 checksum: 58904 89f9e6de1d19aad2ad8643c4f350dbf4
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-krb5_1.0.2-4sarge3_powerpc.deb
      Size/MD5 checksum: 60094 8670e82842a529a33232db8baf3aa64f
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-ldap_1.0.2-4sarge3_powerpc.deb
      Size/MD5 checksum: 108932 ea331982f02062fb48f5d0b131985487
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-mysql_1.0.2-4sarge3_powerpc.deb
      Size/MD5 checksum: 61324 6b6a2716ff73561f0b976a3acda17e2e

IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/f/freeradius/freeradius_1.0.2-4sarge3_s390.deb
      Size/MD5 checksum: 2581992 24c1f9195295e5e2f0712eaac726402a
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-iodbc_1.0.2-4sarge3_s390.deb
      Size/MD5 checksum: 65738 127d6d9af2c170a7636c050c687194c8
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-krb5_1.0.2-4sarge3_s390.deb
      Size/MD5 checksum: 66498 27fd6c961e29f61c0ed212ee9d42a8c2
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-ldap_1.0.2-4sarge3_s390.deb
      Size/MD5 checksum: 122844 6a5a9d8a348d221d8a5a841a246a8438
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-mysql_1.0.2-4sarge3_s390.deb
      Size/MD5 checksum: 68156 b3ed41eb64c3be68a8db5fda4dc0517e

Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/f/freeradius/freeradius_1.0.2-4sarge3_sparc.deb
      Size/MD5 checksum: 2080760 3c4d953fa31e51a989ab3c398c673516
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-iodbc_1.0.2-4sarge3_sparc.deb
      Size/MD5 checksum: 52984 690d493600ec99123f98c01f4363bb2b
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-krb5_1.0.2-4sarge3_sparc.deb
      Size/MD5 checksum: 54074 e87f1fae9eab78e0445ac260e01ce002
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-ldap_1.0.2-4sarge3_sparc.deb
      Size/MD5 checksum: 98984 c9a0260f3f7610909ad11f46263e3a7e
    http://security.debian.org/pool/updates/main/f/freeradius/freeradius-mysql_1.0.2-4sarge3_sparc.deb
      Size/MD5 checksum: 54958 5778e8d3c14371b38248da1ced0b4442

These files will probably be moved into the stable distribution on its next update.


For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

Gentoo Linux


Gentoo Linux Security Advisory [ERRATA UPDATE] GLSA 200608-08:02

http://security.gentoo.org/


Severity: High
Title: GnuPG: Integer overflow vulnerability
Date: August 05, 2006
Updated: August 08, 2006
Bugs: #142248
ID: 200608-08:02


Errata

The Resolution proposed in the original version of this Security Advisory did not correctly address the issue for users who also have GnuPG 1.9 installed.

The corrected sections appear below.

Resolution

All GnuPG users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose "=app-crypt/gnupg-1.4*"

References

[ 1 ] CVE-2006-3746

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3746

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200608-08.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5


Gentoo Linux Security Advisory GLSA 200608-13

http://security.gentoo.org/


Severity: High
Title: ClamAV: Heap buffer overflow
Date: August 08, 2006
Bugs: #143093
ID: 200608-13


Synopsis

ClamAV is vulnerable to a heap-based buffer overflow resulting in a Denial of Service and potentially remote execution of arbitrary code.

Background

ClamAV is a GPL virus scanner.

Affected packages


     Package               /  Vulnerable  /                 Unaffected

  1  app-antivirus/clamav      < 0.88.4                      >= 0.88.4

Description

Damian Put has discovered a boundary error in the pefromupx() function used by the UPX extraction module, which unpacks PE Windows executable files. Both the "clamscan" command-line utility and the "clamd" daemon are affected.

Impact

By sending a malicious attachment to a mail server running ClamAV, a remote attacker can cause a Denial of Service and potentially the execution of arbitrary code with the permissions of the user running ClamAV.

Workaround

There is no known workaround at this time.

Resolution

All ClamAV users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=app-antivirus/clamav-0.88.4"

References

[ 1 ] ClamAV security advisory

http://www.clamav.net/security/0.88.4.html

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200608-13.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5


Gentoo Linux Security Advisory GLSA 200608-14

http://security.gentoo.org/


Severity: Normal
Title: DUMB: Heap buffer overflow
Date: August 08, 2006
Bugs: #142387
ID: 200608-14


Synopsis

A heap-based buffer overflow in DUMB could result in the execution of arbitrary code.

Background

DUMB (Dynamic Universal Music Bibliotheque) is an IT, XM, S3M and MOD player library.

Affected packages


     Package          /  Vulnerable  /                      Unaffected

  1  media-libs/dumb     < 0.9.3-r1                        >= 0.9.3-r1

Description

Luigi Auriemma found a heap-based buffer overflow in the it_read_envelope function which reads the envelope values for volume, pan and pitch of the instruments referenced in a ".it" (Impulse Tracker) file with a large number of nodes.

Impact

By enticing a user to load a malicious ".it" (Impulse Tracker) file, an attacker may execute arbitrary code with the rights of the user running the application that uses a vulnerable DUMB library.

Workaround

There is no known workaround at this time.

Resolution

All users of DUMB should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=media-libs/dumb-0.9.3-r1"

References

[ 1 ] CVE-2006-3668

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3668

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200608-14.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2006 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5

Red Hat Linux


Red Hat Security Advisory

Synopsis: Important: krb5 security update
Advisory ID: RHSA-2006:0612-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0612.html
Issue date: 2006-08-08
Updated on: 2006-08-08
Product: Red Hat Enterprise Linux
Keywords: setuid
CVE Names: CVE-2006-3083


1. Summary:

Updated krb5 packages are now available for Red Hat Enterprise Linux 4 to correct a privilege escalation security flaw.

This update has been rated as having important security impact by the Red Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Problem description:

Kerberos is a network authentication system which allows clients and servers to authenticate to each other through use of symmetric encryption and a trusted third party, the KDC.

A flaw was found where some bundled Kerberos-aware applications would fail to check the result of the setuid() call. On Linux 2.6 kernels, the setuid() call can fail if certain user limits are hit. A local attacker could manipulate their environment in such a way to get the applications to continue to run as root, potentially leading to an escalation of privileges. (CVE-2006-3083).

Users are advised to update to these erratum packages which contain a backported fix to correct this issue.

4. Solution:

Before applying this update, make sure all previously released errata relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/):

197818 - CVE-2006-3083 krb5 multiple unsafe setuid usage

6. RPMs required:

Red Hat Enterprise Linux AS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/krb5-1.3.4-33.src.rpm
cea37ecb1360d88c2fdc83f5419babc1 krb5-1.3.4-33.src.rpm

i386:
7a3e83832f13a55c39a1ccc079a5c556 krb5-debuginfo-1.3.4-33.i386.rpm
77b0759d3fcc4545c27f34d4e300cc16
krb5-devel-1.3.4-33.i386.rpm
7650a2f59eb97b17b141804e28f09d44 krb5-libs-1.3.4-33.i386.rpm
f3daae1ee3b0631b863635c375afe72a
krb5-server-1.3.4-33.i386.rpm
f6a4726c5d77d16ea2f0713c92f10bae krb5-workstation-1.3.4-33.i386.rpm

ia64:
7a3e83832f13a55c39a1ccc079a5c556 krb5-debuginfo-1.3.4-33.i386.rpm
e4d6ec50ae455203023d5e55b0cca4da
krb5-debuginfo-1.3.4-33.ia64.rpm
5dc4a77a4b3c4492afa7f74e83d9f5d0 krb5-devel-1.3.4-33.ia64.rpm
7650a2f59eb97b17b141804e28f09d44
krb5-libs-1.3.4-33.i386.rpm
b15d34edd402823f6b5d1d1d0f013d8d krb5-libs-1.3.4-33.ia64.rpm
ce76f409b19d6824f5d1fdda67c323ef
krb5-server-1.3.4-33.ia64.rpm
4ad475560c2723d011b6cf0faf8eca86 krb5-workstation-1.3.4-33.ia64.rpm

ppc:
c1739675331b5f8d819eac90ad29c222 krb5-debuginfo-1.3.4-33.ppc.rpm
379c91cb057181e02cdfd6092d3f746c
krb5-debuginfo-1.3.4-33.ppc64.rpm
2f5cceda4ec3dcb5a0fca0829055f512 krb5-devel-1.3.4-33.ppc.rpm
de6fdc9b22ed426ba7542018e9174adb
krb5-libs-1.3.4-33.ppc.rpm
8759e9dd51c3614a5259db73e57a26a3 krb5-libs-1.3.4-33.ppc64.rpm
55ebf269ef488d8a281ee28fcb450383
krb5-server-1.3.4-33.ppc.rpm
4015802b89b7d6b92023a3da7787e30d krb5-workstation-1.3.4-33.ppc.rpm

s390:
e4a005da7af0377354f69308b9a9acef krb5-debuginfo-1.3.4-33.s390.rpm
55995e2d6b79c58dbb85ec2af716fe78
krb5-devel-1.3.4-33.s390.rpm
811ab87d0c59091d4a0de6e748086d5e krb5-libs-1.3.4-33.s390.rpm
3ec54f81728a0a9ae22afcb2855ed732
krb5-server-1.3.4-33.s390.rpm
fe5ee4916e5aa24d499a1f8992d1036d krb5-workstation-1.3.4-33.s390.rpm

s390x:
e4a005da7af0377354f69308b9a9acef krb5-debuginfo-1.3.4-33.s390.rpm
43c2b4a0cf29aca1247d0c1d6ba4e24a
krb5-debuginfo-1.3.4-33.s390x.rpm
4883f400df4d8123c70604a430f92647 krb5-devel-1.3.4-33.s390x.rpm
811ab87d0c59091d4a0de6e748086d5e
krb5-libs-1.3.4-33.s390.rpm
1e13d025a766bc5ab50ebe3062586ef9 krb5-libs-1.3.4-33.s390x.rpm
7f3303ba3883bf0c5135cd39ed02122c
krb5-server-1.3.4-33.s390x.rpm
1441e757a4e8e58ca29e7270a86d28ef krb5-workstation-1.3.4-33.s390x.rpm

x86_64:
7a3e83832f13a55c39a1ccc079a5c556 krb5-debuginfo-1.3.4-33.i386.rpm
ae306e728d14d34e3cf20aa9b979dcd9
krb5-debuginfo-1.3.4-33.x86_64.rpm
feada102b3dd0995e10f63e7c53ccf65 krb5-devel-1.3.4-33.x86_64.rpm
7650a2f59eb97b17b141804e28f09d44
krb5-libs-1.3.4-33.i386.rpm
368e23d9adef4244a67b2e1951d2b74b krb5-libs-1.3.4-33.x86_64.rpm
e0d823bbf3a2cd51b3e918ab8d669355
krb5-server-1.3.4-33.x86_64.rpm
e1b4250df40a8d392f011b2c89f79966 krb5-workstation-1.3.4-33.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/krb5-1.3.4-33.src.rpm
cea37ecb1360d88c2fdc83f5419babc1 krb5-1.3.4-33.src.rpm

i386:
7a3e83832f13a55c39a1ccc079a5c556 krb5-debuginfo-1.3.4-33.i386.rpm
77b0759d3fcc4545c27f34d4e300cc16
krb5-devel-1.3.4-33.i386.rpm
7650a2f59eb97b17b141804e28f09d44 krb5-libs-1.3.4-33.i386.rpm
f3daae1ee3b0631b863635c375afe72a
krb5-server-1.3.4-33.i386.rpm
f6a4726c5d77d16ea2f0713c92f10bae krb5-workstation-1.3.4-33.i386.rpm

x86_64:
7a3e83832f13a55c39a1ccc079a5c556 krb5-debuginfo-1.3.4-33.i386.rpm
ae306e728d14d34e3cf20aa9b979dcd9
krb5-debuginfo-1.3.4-33.x86_64.rpm
feada102b3dd0995e10f63e7c53ccf65 krb5-devel-1.3.4-33.x86_64.rpm
7650a2f59eb97b17b141804e28f09d44
krb5-libs-1.3.4-33.i386.rpm
368e23d9adef4244a67b2e1951d2b74b krb5-libs-1.3.4-33.x86_64.rpm
e0d823bbf3a2cd51b3e918ab8d669355
krb5-server-1.3.4-33.x86_64.rpm
e1b4250df40a8d392f011b2c89f79966 krb5-workstation-1.3.4-33.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/krb5-1.3.4-33.src.rpm
cea37ecb1360d88c2fdc83f5419babc1 krb5-1.3.4-33.src.rpm

i386:
7a3e83832f13a55c39a1ccc079a5c556 krb5-debuginfo-1.3.4-33.i386.rpm
77b0759d3fcc4545c27f34d4e300cc16
krb5-devel-1.3.4-33.i386.rpm
7650a2f59eb97b17b141804e28f09d44 krb5-libs-1.3.4-33.i386.rpm
f3daae1ee3b0631b863635c375afe72a
krb5-server-1.3.4-33.i386.rpm
f6a4726c5d77d16ea2f0713c92f10bae krb5-workstation-1.3.4-33.i386.rpm

ia64:
7a3e83832f13a55c39a1ccc079a5c556 krb5-debuginfo-1.3.4-33.i386.rpm
e4d6ec50ae455203023d5e55b0cca4da
krb5-debuginfo-1.3.4-33.ia64.rpm
5dc4a77a4b3c4492afa7f74e83d9f5d0 krb5-devel-1.3.4-33.ia64.rpm
7650a2f59eb97b17b141804e28f09d44
krb5-libs-1.3.4-33.i386.rpm
b15d34edd402823f6b5d1d1d0f013d8d krb5-libs-1.3.4-33.ia64.rpm
ce76f409b19d6824f5d1fdda67c323ef
krb5-server-1.3.4-33.ia64.rpm
4ad475560c2723d011b6cf0faf8eca86 krb5-workstation-1.3.4-33.ia64.rpm

x86_64:
7a3e83832f13a55c39a1ccc079a5c556 krb5-debuginfo-1.3.4-33.i386.rpm
ae306e728d14d34e3cf20aa9b979dcd9
krb5-debuginfo-1.3.4-33.x86_64.rpm
feada102b3dd0995e10f63e7c53ccf65 krb5-devel-1.3.4-33.x86_64.rpm
7650a2f59eb97b17b141804e28f09d44
krb5-libs-1.3.4-33.i386.rpm
368e23d9adef4244a67b2e1951d2b74b krb5-libs-1.3.4-33.x86_64.rpm
e0d823bbf3a2cd51b3e918ab8d669355
krb5-server-1.3.4-33.x86_64.rpm
e1b4250df40a8d392f011b2c89f79966 krb5-workstation-1.3.4-33.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/krb5-1.3.4-33.src.rpm
cea37ecb1360d88c2fdc83f5419babc1 krb5-1.3.4-33.src.rpm

i386:
7a3e83832f13a55c39a1ccc079a5c556 krb5-debuginfo-1.3.4-33.i386.rpm
77b0759d3fcc4545c27f34d4e300cc16
krb5-devel-1.3.4-33.i386.rpm
7650a2f59eb97b17b141804e28f09d44 krb5-libs-1.3.4-33.i386.rpm
f3daae1ee3b0631b863635c375afe72a
krb5-server-1.3.4-33.i386.rpm
f6a4726c5d77d16ea2f0713c92f10bae krb5-workstation-1.3.4-33.i386.rpm

ia64:
7a3e83832f13a55c39a1ccc079a5c556 krb5-debuginfo-1.3.4-33.i386.rpm
e4d6ec50ae455203023d5e55b0cca4da
krb5-debuginfo-1.3.4-33.ia64.rpm
5dc4a77a4b3c4492afa7f74e83d9f5d0 krb5-devel-1.3.4-33.ia64.rpm
7650a2f59eb97b17b141804e28f09d44
krb5-libs-1.3.4-33.i386.rpm
b15d34edd402823f6b5d1d1d0f013d8d krb5-libs-1.3.4-33.ia64.rpm
ce76f409b19d6824f5d1fdda67c323ef
krb5-server-1.3.4-33.ia64.rpm
4ad475560c2723d011b6cf0faf8eca86 krb5-workstation-1.3.4-33.ia64.rpm

x86_64:
7a3e83832f13a55c39a1ccc079a5c556 krb5-debuginfo-1.3.4-33.i386.rpm
ae306e728d14d34e3cf20aa9b979dcd9
krb5-debuginfo-1.3.4-33.x86_64.rpm
feada102b3dd0995e10f63e7c53ccf65 krb5-devel-1.3.4-33.x86_64.rpm
7650a2f59eb97b17b141804e28f09d44
krb5-libs-1.3.4-33.i386.rpm
368e23d9adef4244a67b2e1951d2b74b krb5-libs-1.3.4-33.x86_64.rpm
e0d823bbf3a2cd51b3e918ab8d669355
krb5-server-1.3.4-33.x86_64.rpm
e1b4250df40a8d392f011b2c89f79966 krb5-workstation-1.3.4-33.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3083
http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact/

Copyright 2006 Red Hat, Inc.


Red Hat Security Advisory

Synopsis: Important: apache security update
Advisory ID: RHSA-2006:0618-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0618.html
Issue date: 2006-08-08
Updated on: 2006-08-08
Product: Red Hat Enterprise Linux
CVE Names: CVE-2006-3918


1. Summary:

Updated Apache httpd packages that correct a security issue are now available for Red Hat Enterprise Linux 2.1.

This update has been rated as having important security impact by the Red Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386

3. Problem description:

The Apache HTTP Server is a popular Web server available for free.

A bug was found in Apache where an invalid Expect header sent to the server was returned to the user in an unescaped error message. This could allow an attacker to perform a cross-site scripting attack if a victim was tricked into connecting to a site and sending a carefully crafted Expect header. (CVE-2006-3918)

While a web browser cannot be forced to send an arbitrary Expect header by a third-party attacker, it was recently discovered that certain versions of the Flash plugin can manipulate request headers. If users running such versions can be persuaded to load a web page with a malicious Flash applet, a cross-site scripting attack against the server may be possible.

Users of Apache should upgrade to these updated packages, which contain a backported patch to correct this issue.

4. Solution:

Before applying this update, make sure all previously released errata relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/):

200738 - CVE-2006-3918 Expect header XSS

6. RPMs required:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/apache-1.3.27-11.ent.src.rpm
6195921625144194e4483f3f31a31025 apache-1.3.27-11.ent.src.rpm

i386:
3139ab4d1534b2dc8467a4dea8ea7004 apache-1.3.27-11.ent.i386.rpm
5a2c1a85a3fc5db0b29f59269788a4a6
apache-devel-1.3.27-11.ent.i386.rpm
921105306fd10ce908c60d6cd9a88298 apache-manual-1.3.27-11.ent.i386.rpm

ia64:
4e05401ab82413c501bf83e65bfd91cb apache-1.3.27-11.ent.ia64.rpm
1c71728d8382407c71331b2bc7c938b7
apache-devel-1.3.27-11.ent.ia64.rpm
8f7177083aeb3997af5b92bc5f63013f apache-manual-1.3.27-11.ent.ia64.rpm

Red Hat Linux Advanced Workstation 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/apache-1.3.27-11.ent.src.rpm
6195921625144194e4483f3f31a31025 apache-1.3.27-11.ent.src.rpm

ia64:
4e05401ab82413c501bf83e65bfd91cb apache-1.3.27-11.ent.ia64.rpm
1c71728d8382407c71331b2bc7c938b7
apache-devel-1.3.27-11.ent.ia64.rpm
8f7177083aeb3997af5b92bc5f63013f apache-manual-1.3.27-11.ent.ia64.rpm

Red Hat Enterprise Linux ES version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/apache-1.3.27-11.ent.src.rpm
6195921625144194e4483f3f31a31025 apache-1.3.27-11.ent.src.rpm

i386:
3139ab4d1534b2dc8467a4dea8ea7004 apache-1.3.27-11.ent.i386.rpm
5a2c1a85a3fc5db0b29f59269788a4a6
apache-devel-1.3.27-11.ent.i386.rpm
921105306fd10ce908c60d6cd9a88298 apache-manual-1.3.27-11.ent.i386.rpm

Red Hat Enterprise Linux WS version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/apache-1.3.27-11.ent.src.rpm
6195921625144194e4483f3f31a31025 apache-1.3.27-11.ent.src.rpm

i386:
3139ab4d1534b2dc8467a4dea8ea7004 apache-1.3.27-11.ent.i386.rpm
5a2c1a85a3fc5db0b29f59269788a4a6
apache-devel-1.3.27-11.ent.i386.rpm
921105306fd10ce908c60d6cd9a88298 apache-manual-1.3.27-11.ent.i386.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3918
http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact/

Copyright 2006 Red Hat, Inc.