Home Security

Advisories, April 11, 2006

By

April 12, 2006

Mandriva Linux

Mandriva Linux Security Advisory MDKSA-2006:069
http://www.mandriva.com/security/

Package : openvpn
Date : April 10, 2006
Affected: 2006.0, Multi Network Firewall 2.0

Problem Description:

A vulnerability in OpenVPN 2.0 through 2.0.5 allows a malicious
server to execute arbitrary code on the client by using setenv with
the LD_PRELOAD environment variable.

Updated packages have been patched to correct this issue by
removing setenv support.

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1629

Updated Packages:

Mandriva Linux 2006.0:
699824d9aa9e42bf579165599268efbb
2006.0/RPMS/openvpn-2.0.1-2.2.20060mdk.i586.rpm
38bb27a8f28546fe9cdf06213a172868
2006.0/SRPMS/openvpn-2.0.1-2.2.20060mdk.src.rpm

Mandriva Linux 2006.0/X86_64:
4e8a99c3997f8ecd7e41aee1594a02dc
x86_64/2006.0/RPMS/openvpn-2.0.1-2.2.20060mdk.x86_64.rpm
38bb27a8f28546fe9cdf06213a172868
x86_64/2006.0/SRPMS/openvpn-2.0.1-2.2.20060mdk.src.rpm

Multi Network Firewall 2.0:
04b0406ea806da8e1f941910b0f19659
mnf/2.0/RPMS/openvpn-2.0.1-0.3.M20mdk.i586.rpm
825a02efe56ddc34fcdc49784c50b1e1
mnf/2.0/SRPMS/openvpn-2.0.1-0.3.M20mdk.src.rpm

To upgrade automatically use MandrivaUpdate or urpmi. The
verification of md5 checksums and GPG signatures is performed
automatically for you.

All packages are signed by Mandriva for security. You can obtain
the GPG public key of the Mandriva Security Team by executing:

gpg –recv-keys –keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>

Mandriva Linux Security Advisory MDKSA-2006:070
http://www.mandriva.com/security/

Package : sash
Date : April 10, 2006
Affected: 10.2, 2006.0, Corporate 3.0, Multi Network Firewall
2.0

Problem Description:

Tavis Ormandy of the Gentoo Security Project discovered a
vulnerability in zlib where a certain data stream would cause zlib
to corrupt a data structure, resulting in the linked application to
dump core (CVE-2005-2096).

Markus Oberhumber discovered additional ways that a
specially-crafted compressed stream could trigger an overflow. An
attacker could create such a stream that would cause a linked
application to crash if opened by a user (CVE-2005-1849).

Both of these issues have previously been fixed in zlib, but
sash links statically against zlib and is thus also affected by
these issues. New sash packages are available that link against the
updated zlib packages.

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1849

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2096

Updated Packages:

Mandriva Linux 10.2:
290e5d895235afaaa1548d4898c5cde8
10.2/RPMS/sash-3.7-3.1.102mdk.i586.rpm
6cb36fc925f8793ef0f22a1d0adacb24
10.2/SRPMS/sash-3.7-3.1.102mdk.src.rpm

Mandriva Linux 10.2/X86_64:
4088008711f30343c6ddbd45dd4429f0
x86_64/10.2/RPMS/sash-3.7-3.1.102mdk.x86_64.rpm
6cb36fc925f8793ef0f22a1d0adacb24
x86_64/10.2/SRPMS/sash-3.7-3.1.102mdk.src.rpm

Mandriva Linux 2006.0:
6a8ef8036ca25661d6e1e18e826b7cf7
2006.0/RPMS/sash-3.7-3.1.20060mdk.i586.rpm
ebfdd661247a673a536d14b57bd1494f
2006.0/SRPMS/sash-3.7-3.1.20060mdk.src.rpm

Mandriva Linux 2006.0/X86_64:
f3ace9f835ba2bcf3358404ec3b35863
x86_64/2006.0/RPMS/sash-3.7-3.1.20060mdk.x86_64.rpm
ebfdd661247a673a536d14b57bd1494f
x86_64/2006.0/SRPMS/sash-3.7-3.1.20060mdk.src.rpm

Corporate 3.0:
76d84869521a8231bde684d29c909f77
corporate/3.0/RPMS/sash-3.6-5.1.C30mdk.i586.rpm
5a52429713ca8dabda8fe0462eedbf41
corporate/3.0/SRPMS/sash-3.6-5.1.C30mdk.src.rpm

Corporate 3.0/X86_64:
5fdfa411aaa588d14e3f92d877b31e0b
x86_64/corporate/3.0/RPMS/sash-3.6-5.1.C30mdk.x86_64.rpm
5a52429713ca8dabda8fe0462eedbf41
x86_64/corporate/3.0/SRPMS/sash-3.6-5.1.C30mdk.src.rpm

Multi Network Firewall 2.0:
b1d67ff8736048c8687708ff614d995b
mnf/2.0/RPMS/sash-3.6-5.1.M20mdk.i586.rpm
df79ea5562d8e2d45f98ead903f1b4c7
mnf/2.0/SRPMS/sash-3.6-5.1.M20mdk.src.rpm

To upgrade automatically use MandrivaUpdate or urpmi. The
verification of md5 checksums and GPG signatures is performed
automatically for you.

All packages are signed by Mandriva for security. You can obtain
the GPG public key of the Mandriva Security Team by executing:

gpg –recv-keys –keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>

Mandriva Linux Security Advisory MDKSA-2006:071
http://www.mandriva.com/security/

Package : xscreensaver
Date : April 11, 2006
Affected: Corporate 3.0

Problem Description:

Rdesktop, with xscreensaver < 4.18, does not release the
keyboard focus when xscreensaver starts, which causes the password
to be entered into the active window when the user unlocks the
screen.

Updated xscreensaver packages have been patched to correct this
issue.

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2655

Updated Packages:

Corporate 3.0:
7fca69b43dc054e02d1e635558a2871f
corporate/3.0/RPMS/xscreensaver-4.14-4.1.C30mdk.i586.rpm
fcf51ed223e82ab32136b0ab40348300
corporate/3.0/RPMS/xscreensaver-extrusion-4.14-4.1.C30mdk.i586.rpm

edfeccdb0f1406af612d97a7e0ee5a62
corporate/3.0/RPMS/xscreensaver-gl-4.14-4.1.C30mdk.i586.rpm
d6c61c9ea67ee99f619c9abaa96ec133
corporate/3.0/SRPMS/xscreensaver-4.14-4.1.C30mdk.src.rpm

Corporate 3.0/X86_64:
a03034b99a097249c616935bc5e9706c
x86_64/corporate/3.0/RPMS/xscreensaver-4.14-4.1.C30mdk.x86_64.rpm

ca12d4e28f3db44a9018dbc19b8243e9
x86_64/corporate/3.0/RPMS/xscreensaver-extrusion-4.14-4.1.C30mdk.x86_64.rpm

1d7534873b19a4497e7f577c03585460
x86_64/corporate/3.0/RPMS/xscreensaver-gl-4.14-4.1.C30mdk.x86_64.rpm

d6c61c9ea67ee99f619c9abaa96ec133
x86_64/corporate/3.0/SRPMS/xscreensaver-4.14-4.1.C30mdk.src.rpm

To upgrade automatically use MandrivaUpdate or urpmi. The
verification of md5 checksums and GPG signatures is performed
automatically for you.

All packages are signed by Mandriva for security. You can obtain
the GPG public key of the Mandriva Security Team by executing:

gpg –recv-keys –keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>

Ubuntu Linux

Ubuntu Security Notice USN-269-1 April 11, 2006
xscreensaver vulnerability
CVE-2004-2655

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)
Ubuntu 5.04 (Hoary Hedgehog)

The following packages are affected:

xscreensaver
xscreensaver-gl
xscreensaver-gnome
xscreensaver-nognome

The problem can be corrected by upgrading the affected package
to version 4.16-1ubuntu3.1 (for Ubuntu 4.10), or 4.16-1ubuntu11.1
(for Ubuntu 5.04). After a standard system upgrade you need to
restart your session to effect the necessary changes.

Details follow:

In some cases, xscreensaver did not properly grab the keyboard
when reading the password for unlocking the screen, so that the
password was typed into the currently active application
window.

The only known vulnerable case was when xscreensaver activated
while an rdesktop session was currently active.

Updated packages for Ubuntu 4.10:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver_4.16-1ubuntu3.1.diff.gz

Size/MD5: 529361
213c8f135c4571b7a7166f6dd9ad8c23
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver_4.16-1ubuntu3.1.dsc

Size/MD5: 826
f0d1078ed40504e6127c7f89eca383ae
http://security.ubuntu.com/ubuntu/pool/main/x/xscreensaver/xscreensaver_4.16.orig.tar.gz

Size/MD5: 4211337
e715ca402fc1218a078d65b7e7922082

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/universe/x/xscreensaver/xscreensaver-gnome_4.16-1ubuntu3.1_all.deb

Size/MD5: 2206
0b2607875557fe48ede97a5c587d478c
http://security.ubuntu.com/ubuntu/pool/universe/x/xscreensaver/xscreensaver-nognome_4.16-1ubuntu3.1_all.deb

Size/MD5: 2210
62f2fc29169656b5bebd7df95dbab5b5

amd64 architecture (Athlon64, Opteron, EM64T Xeon)