Debian GNU/Linux
Debian Security Advisory DSA 978-1 [email protected]
http://www.debian.org/security/
Martin Schulze
February 17th, 2006 http://www.debian.org/security/faq
Package : gnupg
Vulnerability : programming error
Problem type : local
Debian-specific: no
CVE ID : CVE-2006-0455
Tavis Ormandy noticed that gnupg, the GNU privacy guard – a free
PGP replacement, verifies external signatures of files successfully
even though they don’t contain a signature at all.
For the old stable distribution (woody) this problem has been
fixed in version 1.0.6-4woody4.
For the stable distribution (sarge) this problem has been fixed
in version 1.4.1-1sarge1.
For the unstable distribution (sid) this problem will be fixed
soon.
We recommend that you upgrade your gnupg package.
Upgrade Instructions
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.0 alias woody
Source archives:
http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody4.dsc
Size/MD5 checksum: 577
ed66e73f6d4947d73533619b1d9cc102
http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody4.diff.gz
Size/MD5 checksum: 5846
ffefbd4c2409630d69ead0ed9f7d1aad
http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6.orig.tar.gz
Size/MD5 checksum: 1941676
7c319a9e5e70ad9bc3bf0d7b5008a508
Alpha architecture:
http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody4_alpha.deb
Size/MD5 checksum: 1150586
a3b16d87b786fb6fc633b616dcf51c6c
ARM architecture:
http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody4_arm.deb
Size/MD5 checksum: 987020
931ef6e661881caad9e28dd17a55f73d
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody4_i386.deb
Size/MD5 checksum: 966300
d93be18eff2a14c035aad34eb6b32882
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody4_ia64.deb
Size/MD5 checksum: 1271674
1e8cdda5551ca1683bb5dff815be4341
HP Precision architecture:
http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody4_hppa.deb
Size/MD5 checksum: 1059236
260b2b7f7bde738ea69c757e331a5a7d
Motorola 680×0 architecture:
http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody4_m68k.deb
Size/MD5 checksum: 942322
a318666f20474e6690461105919fc5d4
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody4_mips.deb
Size/MD5 checksum: 1035740
1798dc8a392f3f1e72f4033d4c41ca1a
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody4_mipsel.deb
Size/MD5 checksum: 1036234
ef52bb449a4a7950d5afff4451ad6be1
PowerPC architecture:
http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody4_powerpc.deb
Size/MD5 checksum: 1009544
800ef9aa2fa1bc397c8c12d327192de4
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody4_s390.deb
Size/MD5 checksum: 1002048
fc850b1b0730fc35bb3e52fcb2d102c4
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody4_sparc.deb
Size/MD5 checksum: 1003660
c37b8fd31899e090da693dd9ffb54c5d
Debian GNU/Linux 3.1 alias sarge
Source archives:
http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1sarge1.dsc
Size/MD5 checksum: 678
a5540607baf77d1feb04a49186bbb95c
http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1sarge1.diff.gz
Size/MD5 checksum: 17526
eec60aded8b0304f654b37653c63721c
http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1.orig.tar.gz
Size/MD5 checksum: 4059170
1cc77c6943baaa711222e954bbd785e5
Alpha architecture:
http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1sarge1_alpha.deb
Size/MD5 checksum: 2155420
f827b1ee9f31bdfca5f121bef50debef
AMD64 architecture:
http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1sarge1_amd64.deb
Size/MD5 checksum: 1962898
4ecee788f9743005d120cbb7bcfce928
ARM architecture:
http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1sarge1_arm.deb
Size/MD5 checksum: 1898868
adf7853ea42fbc8d2678f074160e6710
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1sarge1_i386.deb
Size/MD5 checksum: 1908084
26e6e3722c9a5a7b30292eca151b08d8
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1sarge1_ia64.deb
Size/MD5 checksum: 2324110
e7164b71e25f2cea09718ac964b3f424
HP Precision architecture:
http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1sarge1_hppa.deb
Size/MD5 checksum: 2003646
80c1b741472cd70c53f567bd9c5f5ed3
Motorola 680×0 architecture:
http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1sarge1_m68k.deb
Size/MD5 checksum: 1810732
434cf6faf160d205ea0fba25fb703a56
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1sarge1_mips.deb
Size/MD5 checksum: 2000286
abc14aa9e9c952469bc5d7eb4d9b41e5
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1sarge1_mipsel.deb
Size/MD5 checksum: 2007030
1edd20f18c6688be523c7b7c3c1a893e
PowerPC architecture:
http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1sarge1_powerpc.deb
Size/MD5 checksum: 1957304
4e62251e74578e39cc9e80f200a64d58
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1sarge1_s390.deb
Size/MD5 checksum: 1966486
d15b86e9b8ba05df24f97f5f15389eb5
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1sarge1_sparc.deb
Size/MD5 checksum: 1896628
20dde71104fcd8ce457fded1d2b3f444
These files will probably be moved into the stable distribution
on its next update.
Debian Security Advisory DSA 979-1 [email protected]
http://www.debian.org/security/
Martin Schulze
February 17th, 2006 http://www.debian.org/security/faq
Package : pdfkit.framework
Vulnerability : several
Problem type : local (remote)
Debian-specific: no
Derek Noonburg has fixed several potential vulnerabilities in
xpdf, the Portable Document Format (PDF) suite, which are also
present in pdfkit.framework, the GNUstep framework for rendering
PDF content.
The old stable distribution (woody) does not contain
pdfkit.framework packages.
For the stable distribution (sarge) these problems have been
fixed in version 0.8-2sarge3.
The unstable distribution (sid) is not affected by these
problems.
We recommend that you upgrade your pdfkit.framework package.
Upgrade Instructions
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
Source archives:
http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge3.dsc
Size/MD5 checksum: 725
de9c519b3fa8840bcd17cbd9cb9b736d
http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge3.diff.gz
Size/MD5 checksum: 6910
ca4032bfa6f3920c7ce30f10b204d414
http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8.orig.tar.gz
Size/MD5 checksum: 1780533
7676643ff78a0602c10bfb97fe0bd448
Alpha architecture:
Size/MD5 checksum: 1822264
ee7b33692e20c9036d7659fd42c3c19a
AMD64 architecture:
Size/MD5 checksum: 1797060
a013cec8d2f979ce457804cec5279ad7
ARM architecture:
http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge3_arm.deb
Size/MD5 checksum: 1756444
68fa644e60388efa71484d5659db43c8
Intel IA-32 architecture:
Size/MD5 checksum: 1750746
5d9d3190e9631865b6576cc064c123fc
Intel IA-64 architecture:
Size/MD5 checksum: 1981562
2516d48b571ddbb587d9e9e5ce3e00da
HP Precision architecture:
Size/MD5 checksum: 1862848
349dac672d42915e2a5778cbf78c62bd
Motorola 680×0 architecture:
Size/MD5 checksum: 1786208
6b9617a7449efce9eee6b65e0160e504
Big endian MIPS architecture:
Size/MD5 checksum: 1769510
f45ab741024d90bf8887217c9addfa00
Little endian MIPS architecture:
Size/MD5 checksum: 1755142
ef20414216a3fc828ac5686bd9bf28a2
PowerPC architecture:
Size/MD5 checksum: 1771308
47dbcb9f76c750924441f8f5edc2d900
IBM S/390 architecture:
Size/MD5 checksum: 1805244
76ec3454cbfa1a588ede6ed4f0a7758d
Sun Sparc architecture:
Size/MD5 checksum: 1780426
695eb2cc6075f70c00d73b1ed7ecc491
These files will probably be moved into the stable distribution
on its next update.
For apt-get: deb http://security.debian.org/
stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security
dists/stable/updates/main
Mailing list: [email protected]
Package info: `apt-cache show <pkg>’ and http://packages.debian.org/<pkg>
Fedora Core
Fedora Update Notification
FEDORA-2006-116
2006-02-17
Product : Fedora Core 4
Name : gnupg
Version : 1.4.2.1
Release : 1
Summary : A GNU utility for secure communication and data
storage.
Description :
GnuPG (GNU Privacy Guard) is a GNU utility for encrypting data and
creating digital signatures. GnuPG has advanced key management
capabilities and is compliant with the proposed OpenPGP Internet
standard described in RFC2440. Since
GnuPG doesn’t use any patented algorithm, it is not compatible with
any version of PGP2 (PGP2.x uses only IDEA for symmetric-key
encryption, which is patented worldwide).
Update Information:
The GNU Privacy Guard provides encryption and signing for
messages and arbitrary files, and implements the OpenPGP standard
as described by IETF RFC2440.
Version 1.4.2 of GnuPG would in some cases erroneously exit with
status 0 (signalling no errors) if it was invoked to check a
signature but found no signature to check. This should be corrected
in version 1.4.2.1.
- Wed Feb 15 2006 Nalin Dahyabhai <[email protected]> –
1.4.2.1-1- update to 1.4.2.1 (fixes CVE-2006-0455)
- Fri Feb 10 2006 Jesse Keating <[email protected]> –
1.4.2-3.2.1- bump again for double-long bug on ppc(64)
- Tue Feb 7 2006 Jesse Keating <[email protected]> –
1.4.2-3.2- rebuilt for new gcc4.1 snapshot and glibc changes
- Fri Dec 9 2005 Jesse Keating <[email protected]>
- rebuilt
- Tue Aug 9 2005 Nalin Dahyabhai <[email protected]> 1.4.2-3
- don’t override libexecdir any more; we don’t need to
(#165462)
- don’t override libexecdir any more; we don’t need to
- Thu Aug 4 2005 Nalin Dahyabhai <[email protected]> 1.4.2-2
- pull in David Shaw’s fix for key generation in batch mode
- Fri Jul 29 2005 Nalin Dahyabhai <[email protected]>
- change %post to check if the info files are there before
attempting to add or remove them from the info index (#91641)
- change %post to check if the info files are there before
- Wed Jul 27 2005 Nalin Dahyabhai <[email protected]>
1.4.2-1- update to 1.4.2
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
a1a4ce41efd41cb8ade2b4413072fb4c00e8b9e3
SRPMS/gnupg-1.4.2.1-1.src.rpm
1be912b956a9c001a8a24a4cadbaee4351710bfb
ppc/gnupg-1.4.2.1-1.ppc.rpm
644518c6e8d05280b091d12fe9c9e541666cc47a
ppc/debug/gnupg-debuginfo-1.4.2.1-1.ppc.rpm
5dd455f66408bb0b1a5080077595f45e14848fd7
x86_64/gnupg-1.4.2.1-1.x86_64.rpm
f1d7b3d77fa9f6bdae07a10a5edcf9b15c777934
x86_64/debug/gnupg-debuginfo-1.4.2.1-1.x86_64.rpm
601f36c75b78f96fe1d921edde19343997b3827e
i386/gnupg-1.4.2.1-1.i386.rpm
e10f5c5707b4ba7ba65da4fdc08013af111fbedc
i386/debug/gnupg-debuginfo-1.4.2.1-1.i386.rpm
This update can be installed with the ‘yum’ update program. Use
‘yum update package-name’ at the command line. For more
information, refer to ‘Managing Software with yum,’ available at
http://fedora.redhat.com/docs/yum/.
Fedora Legacy
Fedora Legacy Update Advisory
Synopsis: Updated squid package fixes security issues
Advisory ID: FLSA:152809
Issue date: 2006-02-18
Product: Red Hat Linux, Fedora Core
Keywords: Bugfix
CVE Names: CVE-2004-0541 CVE-2004-0832 CVE-2004-0918 CVE-2005-0094
CVE-2005-0095 CVE-2005-0096 CVE-2005-0097 CVE-2005-0173
CVE-2005-0174 CVE-2005-0175 CVE-2005-0194 CVE-2005-0211
CVE-2005-0241 CVE-2005-0446 CVE-2005-0626 CVE-2005-0718
CVE-2005-1345 CVE-1999-0710 CVE-2005-1519 CVE-2004-2479
CVE-2005-2794 CVE-2005-2796 CVE-2005-2917
1. Topic:
An updated Squid package that fixes several security issues is
now available.
Squid is a full-featured Web proxy cache.
2. Relevant releases/architectures:
Red Hat Linux 7.3 – i386
Red Hat Linux 9 – i386
Fedora Core 1 – i386
Fedora Core 2 – i386
3. Problem description:
A buffer overflow was found within the NTLM authentication
helper routine. If Squid is configured to use the NTLM
authentication helper, a remote attacker could potentially execute
arbitrary code by sending a lengthy password. The Common
Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name
CVE-2004-0541 to this issue.
An out of bounds memory read bug was found within the NTLM
authentication helper routine. If Squid is configured to use the
NTLM authentication helper, a remote attacker could send a
carefully crafted NTLM authentication packet and cause Squid to
crash. The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name
CVE-2004-0832 to this issue.
iDEFENSE reported a flaw in the squid SNMP module. This flaw
could allow an attacker who has the ability to send arbitrary
packets to the SNMP port to restart the server, causing it to drop
all open connections. The Common Vulnerabilities and Exposures
project (cve.mitre.org/) has
assigned the name CVE-2004-0918 to this issue.
A buffer overflow flaw was found in the Gopher relay parser.
This bug could allow a remote Gopher server to crash the Squid
proxy that reads data from it. Although Gopher servers are now
quite rare, a malicious web page (for example) could redirect or
contain a frame pointing to an attacker’s malicious gopher server.
The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name
CVE-2005-0094 to this issue.
An integer overflow flaw was found in the WCCP message parser.
It is possible to crash the Squid server if an attacker is able to
send a malformed WCCP message with a spoofed source address
matching Squid’s “home router”. The Common Vulnerabilities and
Exposures project (cve.mitre.org/) has assigned the name
CVE-2005-0095 to this issue.
A memory leak was found in the NTLM fakeauth_auth helper. It is
possible that an attacker could place the Squid server under high
load, causing the NTML fakeauth_auth helper to consume a large
amount of memory, resulting in a denial of service. The Common
Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name
CVE-2005-0096 to this issue.
A NULL pointer de-reference bug was found in the NTLM
fakeauth_auth helper. It is possible for an attacker to send a
malformed NTLM type 3 message, causing the Squid server to crash.
The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name
CVE-2005-0097 to this issue.
A username validation bug was found in squid_ldap_auth. It is
possible for a username to be padded with spaces, which could allow
a user to bypass explicit access control rules or confuse
accounting. The Common Vulnerabilities and Exposures project
(cve.mitre.org/) has assigned
the name CVE-2005-0173 to this issue.
The way Squid handles HTTP responses was found to need
strengthening. It is possible that a malicious web server could
send a series of HTTP responses in such a way that the Squid cache
could be poisoned, presenting users with incorrect webpages. The
Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the names
CVE-2005-0174 and CVE-2005-0175 to these issues.
When processing the configuration file, Squid parses empty
Access Control Lists (ACLs) and proxy_auth ACLs without defined
auth schemes in a way that effectively removes arguments, which
could allow remote attackers to bypass intended ACLs. The Common
Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name
CVE-2005-0194 to this issue.
A buffer overflow bug was found in the WCCP message parser. It
is possible that an attacker could send a malformed WCCP message
which could crash the Squid server or execute arbitrary code. The
Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name
CVE-2005-0211 to this issue.
A bug was found in the way Squid handled oversized HTTP response
headers. It is possible that a malicious web server could send a
specially crafted HTTP header which could cause the Squid cache to
be poisoned, presenting users with incorrect webpages. The Common
Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name
CVE-2005-0241 to this issue.
A bug was found in the way Squid handles FQDN lookups. It was
possible to crash the Squid server by sending a carefully crafted
DNS response to an FQDN lookup. The Common Vulnerabilities and
Exposures project (cve.mitre.org/) has assigned the name
CVE-2005-0446 to this issue.
A race condition bug was found in the way Squid handles the now
obsolete Set-Cookie header. It is possible that Squid can leak
Set-Cookie header information to other clients connecting to Squid.
The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name
CVE-2005-0626 to this issue.
A bug was found in the way Squid handles PUT and POST requests.
It is possible for an authorised remote user to cause a failed PUT
or POST request which can cause Squid to crash. The Common
Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name
CVE-2005-0718 to this issue.
A bug was found in the way Squid processes errors in the access
control list. It is possible that an error in the access control
list could give users more access than intended. The Common
Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name
CVE-2005-1345 to this issue.
A bug was found in the way Squid handles access to the
cachemgr.cgi script. It is possible for an authorised remote user
to bypass access control lists with this flaw. The Common
Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name
CVE-1999-0710 to this issue.
A bug was found in the way Squid handles DNS replies. If the
port Squid uses for DNS requests is not protected by a firewall it
is possible for a remote attacker to spoof DNS replies, possibly
redirecting a user to spoofed or malicious content. The Common
Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name
CVE-2005-1519 to this issue.
A bug was found in the way Squid displays error messages. A
remote attacker could submit a request containing an invalid
hostname which would result in Squid displaying a previously used
error message. The Common Vulnerabilities and Exposures project
(cve.mitre.org/) has assigned
the name CVE-2004-2479 to this issue.
Two denial of service bugs were found in the way Squid handles
malformed requests. A remote attacker could submit a specially
crafted request to Squid that would cause the server to crash. The
Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the names
CVE-2005-2794 and CVE-2005-2796 to these issues.
A bug was found in the way Squid handles certain request
sequences while performing NTLM authentication. It is possible for
an attacker to cause Squid to crash. The Common Vulnerabilities and
Exposures project (cve.mitre.org/) has assigned the name
CVE-2005-2917 to this issue.
Users of Squid should upgrade to this updated package, which
contains backported patches, and is not vulnerable to these
issues.
4. Solution:
Before applying this update, make sure all previously released
errata relevant to your system have been applied.
To update all RPMs for your particular architecture, run:
rpm -Fvh [filenames]
where [filenames] is a list of the RPMs you wish to upgrade.
Only those RPMs which are currently installed will be updated.
Those RPMs which are not installed but included in the list will
not be updated. Note that you can also use wildcards (*.rpm) if
your current directory only contains the desired RPMs.
Please note that this update is also available via yum and apt.
Many people find this an easier way to apply updates. To use yum
issue:
yum update
or to use apt:
apt-get update; apt-get upgrade
This will start an interactive process that will result in the
appropriate RPMs being upgraded on your system. This assumes that
you have yum or apt-get configured for obtaining Fedora Legacy
content. Please visit http://www.fedoralegacy.org/docs
for directions on how to configure yum and apt-get.
5. Bug IDs fixed:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=152809
6. RPMs required:
Red Hat Linux 7.3:
SRPM:
http://download.fedoralegacy.org/redhat/7.3/updates/SRPMS/squid-2.4.STABLE7-0.73.3.legacy.src.rpm
i386:
http://download.fedoralegacy.org/redhat/7.3/updates/i386/squid-2.4.STABLE7-0.73.3.legacy.i386.rpm
Red Hat Linux 9:
SRPM:
http://download.fedoralegacy.org/redhat/9/updates/SRPMS/squid-2.5.STABLE1-9.10.legacy.src.rpm
i386:
http://download.fedoralegacy.org/redhat/9/updates/i386/squid-2.5.STABLE1-9.10.legacy.i386.rpm
Fedora Core 1:
SRPM:
http://download.fedoralegacy.org/fedora/1/updates/SRPMS/squid-2.5.STABLE3-2.fc1.6.legacy.src.rpm
i386:
http://download.fedoralegacy.org/fedora/1/updates/i386/squid-2.5.STABLE3-2.fc1.6.legacy.i386.rpm
Fedora Core 2:
SRPM:
http://download.fedoralegacy.org/fedora/2/updates/SRPMS/squid-2.5.STABLE9-1.FC2.4.legacy.src.rpm
i386:
http://download.fedoralegacy.org/fedora/2/updates/i386/squid-2.5.STABLE9-1.FC2.4.legacy.i386.rpm
7. Verification:
SHA1 sum Package Name
5db383926b0358e7b1a74cd0c84d3c253fae82a6
redhat/7.3/updates/i386/squid-2.4.STABLE7-0.73.3.legacy.i386.rpm
8d2b75252ee52b9fe943d4478960e30508bae4ea
redhat/7.3/updates/SRPMS/squid-2.4.STABLE7-0.73.3.legacy.src.rpm
d90f37a598d6789876d85fc41297fb6d6957711d
redhat/9/updates/i386/squid-2.5.STABLE1-9.10.legacy.i386.rpm
c6f5927ebca3000a5d9cb2d52912e9ea989ee8eb
redhat/9/updates/SRPMS/squid-2.5.STABLE1-9.10.legacy.src.rpm
4e1d0e1546e50f3f694617ce641b31230b3989ad
fedora/1/updates/i386/squid-2.5.STABLE3-2.fc1.6.legacy.i386.rpm
03e318f01302e6305d368349ea778ac9f104839d
fedora/1/updates/SRPMS/squid-2.5.STABLE3-2.fc1.6.legacy.src.rpm
9eb87b9c886d2c72d6ecefa3f70e016d65de9574
fedora/2/updates/i386/squid-2.5.STABLE9-1.FC2.4.legacy.i386.rpm
6aab32f2cb1e01196722d2ee6e980dc3915d788b
fedora/2/updates/SRPMS/squid-2.5.STABLE9-1.FC2.4.legacy.src.rpm
These packages are GPG signed by Fedora Legacy for security. Our
key is available from http://www.fedoralegacy.org/about/security.php
You can verify each package with the following command:
rpm –checksig -v <filename>
If you only wish to verify that each package has not been
corrupted or tampered with, examine only the sha1sum with the
following command:
sha1sum <filename>
8. References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0541
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0832
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0918
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0094
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0095
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0096
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0097
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0173
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0174
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0175
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0194
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0211
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0241
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0446
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0626
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0718
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1345
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0710
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1519
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2479
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2794
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2796
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2917
9. Contact:
The Fedora Legacy security contact is <[email protected]>.
More project details at http://www.fedoralegacy.org
Fedora Legacy Update Advisory
Synopsis: Updated openssh packages fix security issues
Advisory ID: FLSA:168935
Issue date: 2006-02-18
Product: Red Hat Linux, Fedora Core
Keywords: Bugfix
CVE Names: CVE-2004-2069 CVE-2006-0225
1. Topic:
Updated openssh packages that fix security issues are now
available.
OpenSSH is OpenBSD’s SSH (Secure SHell) protocol implementation.
SSH replaces rlogin and rsh, and provides secure encrypted
communications between two untrusted hosts over an insecure
network. X11 connections and arbitrary TCP/IP ports can also be
forwarded over a secure channel. Public key authentication can be
used for “passwordless” access to servers.
2. Relevant releases/architectures:
Red Hat Linux 7.3 – i386
Red Hat Linux 9 – i386
Fedora Core 1 – i386
Fedora Core 2 – i386
Fedora Core 3 – i386, x86_64
3. Problem description:
A bug was found in the way the OpenSSH server handled the
MaxStartups and LoginGraceTime configuration variables. A malicious
user could connect to the SSH daemon in such a way that it would
prevent additional logins from occuring until the malicious
connections are closed. The Common Vulnerabilities and Exposures
project (cve.mitre.org/) has
assigned the name CVE-2004-2069 to this issue.
The scp command was found to expose filenames twice to shell
expansion. A malicious user could execute arbitrary commands by
using specially crafted filenames containing shell metacharacters
or spaces. The Common Vulnerabilities and Exposures project
(cve.mitre.org/) has assigned
the name CVE-2006-0225 to this issue.
Users of openssh should upgrade to these updated packages, which
contain backported patches to resolve these issues.
4. Solution:
Before applying this update, make sure all previously released
errata relevant to your system have been applied.
To update all RPMs for your particular architecture, run:
rpm -Fvh [filenames]
where [filenames] is a list of the RPMs you wish to upgrade.
Only those RPMs which are currently installed will be updated.
Those RPMs which are not installed but included in the list will
not be updated. Note that you can also use wildcards (*.rpm) if
your current directory only contains the desired RPMs.
Please note that this update is also available via yum and apt.
Many people find this an easier way to apply updates. To use yum
issue:
yum update
or to use apt:
apt-get update; apt-get upgrade
This will start an interactive process that will result in the
appropriate RPMs being upgraded on your system. This assumes that
you have yum or apt-get configured for obtaining Fedora Legacy
content. Please visit http://www.fedoralegacy.org/docs
for directions on how to configure yum and apt-get.
5. Bug IDs fixed:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168935
6. RPMs required:
Red Hat Linux 7.3:
SRPM:
http://download.fedoralegacy.org/redhat/7.3/updates/SRPMS/openssh-3.1p1-14.3.legacy.src.rpm
i386:
http://download.fedoralegacy.org/redhat/7.3/updates/i386/openssh-3.1p1-14.3.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/openssh-askpass-3.1p1-14.3.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/openssh-clients-3.1p1-14.3.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/openssh-server-3.1p1-14.3.legacy.i386.rpm
Red Hat Linux 9:
SRPM:
http://download.fedoralegacy.org/redhat/9/updates/SRPMS/openssh-3.5p1-11.4.legacy.src.rpm
i386:
http://download.fedoralegacy.org/redhat/9/updates/i386/openssh-3.5p1-11.4.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/openssh-askpass-3.5p1-11.4.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/openssh-clients-3.5p1-11.4.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/openssh-server-3.5p1-11.4.legacy.i386.rpm
Fedora Core 1:
SRPM:
http://download.fedoralegacy.org/fedora/1/updates/SRPMS/openssh-3.6.1p2-19.4.legacy.src.rpm
i386:
http://download.fedoralegacy.org/fedora/1/updates/i386/openssh-3.6.1p2-19.4.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/openssh-askpass-3.6.1p2-19.4.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/openssh-clients-3.6.1p2-19.4.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/openssh-server-3.6.1p2-19.4.legacy.i386.rpm
Fedora Core 2:
SRPM:
http://download.fedoralegacy.org/fedora/2/updates/SRPMS/openssh-3.6.1p2-34.4.legacy.src.rpm
i386:
http://download.fedoralegacy.org/fedora/2/updates/i386/openssh-3.6.1p2-34.4.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/2/updates/i386/openssh-askpass-3.6.1p2-34.4.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/2/updates/i386/openssh-clients-3.6.1p2-34.4.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/2/updates/i386/openssh-server-3.6.1p2-34.4.legacy.i386.rpm
Fedora Core 3:
SRPM:
http://download.fedoralegacy.org/fedora/3/updates/SRPMS/openssh-3.9p1-8.0.4.legacy.src.rpm
i386:
http://download.fedoralegacy.org/fedora/3/updates/i386/openssh-3.9p1-8.0.4.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/i386/openssh-askpass-3.9p1-8.0.4.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/i386/openssh-clients-3.9p1-8.0.4.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/i386/openssh-server-3.9p1-8.0.4.legacy.i386.rpm
x86_64:
http://download.fedoralegacy.org/fedora/3/updates/x86_64/openssh-3.9p1-8.0.4.legacy.x86_64.rpm
7. Verification:
SHA1 sum Package Name
5c732eac2396d1dbc767c6706b936177b04e3ba9
redhat/7.3/updates/i386/openssh-3.1p1-14.3.legacy.i386.rpm
ac522209cbabd3638e8ca2b08bdf5453c1d9a8d4
redhat/7.3/updates/i386/openssh-askpass-3.1p1-14.3.legacy.i386.rpm
a79e45b1fd78f517a2dfb846e1814aeff35ab86d
redhat/7.3/updates/i386/openssh-askpass-gnome-3.1p1-14.3.legacy.i386.rpm
daa5d5518e33835ef47f41f3bb379d9659e2bc3f
redhat/7.3/updates/i386/openssh-clients-3.1p1-14.3.legacy.i386.rpm
28d3e3a66e6c786db875c5ea8d629b6abcc7fe5b
redhat/7.3/updates/i386/openssh-server-3.1p1-14.3.legacy.i386.rpm
d838db35baa90040dec9df7459af4682f8976b7a
redhat/7.3/updates/SRPMS/openssh-3.1p1-14.3.legacy.src.rpm
2e4da4da715512dccb420fc67f3bb24dae2d9a40
redhat/9/updates/i386/openssh-3.5p1-11.4.legacy.i386.rpm
af36bd2aa23d16986072cf15c6906add540f8b8a
redhat/9/updates/i386/openssh-askpass-3.5p1-11.4.legacy.i386.rpm
0cc2cf34bde4b876944c8f19c1cd58d9f4503757
redhat/9/updates/i386/openssh-askpass-gnome-3.5p1-11.4.legacy.i386.rpm
f0e967606a821ec50f6d0af708935a9f04b52d11
redhat/9/updates/i386/openssh-clients-3.5p1-11.4.legacy.i386.rpm
d49d40f814c95319dff11a49f8bb66dcdd3f808c
redhat/9/updates/i386/openssh-server-3.5p1-11.4.legacy.i386.rpm
38544ce3e39dbebcb15ce213f4aff9bf3edb93a7
redhat/9/updates/SRPMS/openssh-3.5p1-11.4.legacy.src.rpm
c962909e215becff41ab14353a0b1ef3f5a499fd
fedora/1/updates/i386/openssh-3.6.1p2-19.4.legacy.i386.rpm
61ca655031b498ba8c66a97f0792c4f9dbd0f795
fedora/1/updates/i386/openssh-askpass-3.6.1p2-19.4.legacy.i386.rpm
0201fe8254733f85cde19e17911015c38ae6f8fa
fedora/1/updates/i386/openssh-askpass-gnome-3.6.1p2-19.4.legacy.i386.rpm
3818241e59db35fe61773f7e59d9d83fafd4b16a
fedora/1/updates/i386/openssh-clients-3.6.1p2-19.4.legacy.i386.rpm
202bec4605eaf6054433a170a6432a3d449862cb
fedora/1/updates/i386/openssh-server-3.6.1p2-19.4.legacy.i386.rpm
e5b385dbba09ec63225c2eb25e22827d0e6fd789
fedora/1/updates/SRPMS/openssh-3.6.1p2-19.4.legacy.src.rpm
ca85182633a97ce1bb8c3bcb683d44242881703f
fedora/2/updates/i386/openssh-3.6.1p2-34.4.legacy.i386.rpm
f49c8368fe790df101b671a368f0ff47fdc0fad3
fedora/2/updates/i386/openssh-askpass-3.6.1p2-34.4.legacy.i386.rpm
281fe61d517ebff0a297cd4c6342c398debcd33f
fedora/2/updates/i386/openssh-askpass-gnome-3.6.1p2-34.4.legacy.i386.rpm
d25c9ca4c55732cc3368587cfd6b4b7629c52ee8
fedora/2/updates/i386/openssh-clients-3.6.1p2-34.4.legacy.i386.rpm
ec570330a25c600803dd2f88ff140726a66d3c7e
fedora/2/updates/i386/openssh-server-3.6.1p2-34.4.legacy.i386.rpm
4bf28b7a7d7a9fad922b6a1e96a0433320cab26e
fedora/2/updates/SRPMS/openssh-3.6.1p2-34.4.legacy.src.rpm
75001fc461867ff3b5f608423de99b5c0d9705e6
fedora/3/updates/i386/openssh-3.9p1-8.0.4.legacy.i386.rpm
e4a4bfc7866e2ace0c9b0a0a3b4598e9594fd6ae
fedora/3/updates/i386/openssh-askpass-3.9p1-8.0.4.legacy.i386.rpm
4df1fe9ad8bfcdee35dcddbc9fb124e513718275
fedora/3/updates/i386/openssh-askpass-gnome-3.9p1-8.0.4.legacy.i386.rpm
f53b372fcab1724ac8a073aebc9b04718439c894
fedora/3/updates/i386/openssh-clients-3.9p1-8.0.4.legacy.i386.rpm
8b800276ec20d03452cf1e39883315baa9c7a7df
fedora/3/updates/i386/openssh-server-3.9p1-8.0.4.legacy.i386.rpm
61a70c9f0cf6c152fb7f48c5857b5e002dc0527a
fedora/3/updates/x86_64/openssh-3.9p1-8.0.4.legacy.x86_64.rpm
b8e38615db4f431c1e87204a0ecaefbabde2479b
fedora/3/updates/x86_64/openssh-askpass-3.9p1-8.0.4.legacy.x86_64.rpm
5cd606345fb8b3ba1f7c1d6f005d18c50d0886bd
fedora/3/updates/x86_64/openssh-askpass-gnome-3.9p1-8.0.4.legacy.x86_64.rpm
db5f2a76871dc0e6987702a492ad84252a5211c4
fedora/3/updates/x86_64/openssh-clients-3.9p1-8.0.4.legacy.x86_64.rpm
18f578efebdc634ee6ab363064f9ac8d81fa5cf0
fedora/3/updates/x86_64/openssh-server-3.9p1-8.0.4.legacy.x86_64.rpm
8dc6ca866a0a5d0e2c01f4b898bbaa798399fa40
fedora/3/updates/SRPMS/openssh-3.9p1-8.0.4.legacy.src.rpm
These packages are GPG signed by Fedora Legacy for security. Our
key is available from http://www.fedoralegacy.org/about/security.php
You can verify each package with the following command:
rpm –checksig -v <filename>
If you only wish to verify that each package has not been
corrupted or tampered with, examine only the sha1sum with the
following command:
sha1sum <filename>
8. References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2069
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0225
9. Contact:
The Fedora Legacy security contact is <[email protected]>.
More project details at http://www.fedoralegacy.org
Fedora Legacy Update Advisory
Synopsis: Updated Apache httpd packages fix security issues
Advisory ID: FLSA:175406
Issue date: 2006-02-18
Product: Red Hat Linux, Fedora Core
Keywords: Bugfix
CVE Names: CVE-2005-2970 CVE-2005-3352 CVE-2005-3357
1. Topic:
Updated Apache httpd packages that correct three security issues
are now available.
The Apache HTTP Server is a popular and freely-available Web
server.
2. Relevant releases/architectures:
Red Hat Linux 7.3 – i386
Red Hat Linux 9 – i386
Fedora Core 1 – i386
Fedora Core 2 – i386
Fedora Core 3 – i386, x86_64
3. Problem description:
A memory leak in the worker MPM could allow remote attackers to
cause a denial of service (memory consumption) via aborted
connections, which prevents the memory for the transaction pool
from being reused for other connections. The Common Vulnerabilities
and Exposures project assigned the name CVE-2005-2970 to this
issue. This vulnerability only affects users who are using the
non-default worker MPM.
A flaw in mod_imap when using the Referer directive with image
maps was discovered. With certain site configurations, a remote
attacker could perform a cross-site scripting attack if a victim
can be forced to visit a malicious URL using certain web browsers.
(CVE-2005-3352)
A NULL pointer dereference flaw in mod_ssl was discovered
affecting server configurations where an SSL virtual host is
configured with access control and a custom 400 error document. A
remote attacker could send a carefully crafted request to trigger
this issue which would lead to a crash. This crash would only be a
denial of service if using the non-default worker MPM.
(CVE-2005-3357)
Users of httpd should update to these erratum packages which
contain backported patches to correct these issues.
4. Solution:
Before applying this update, make sure all previously released
errata relevant to your system have been applied.
To update all RPMs for your particular architecture, run:
rpm -Fvh [filenames]
where [filenames] is a list of the RPMs you wish to upgrade.
Only those RPMs which are currently installed will be updated.
Those RPMs which are not installed but included in the list will
not be updated. Note that you can also use wildcards (*.rpm) if
your current directory only contains the desired RPMs.
Please note that this update is also available via yum and apt.
Many people find this an easier way to apply updates. To use yum
issue:
yum update
or to use apt:
apt-get update; apt-get upgrade
This will start an interactive process that will result in the
appropriate RPMs being upgraded on your system. This assumes that
you have yum or apt-get configured for obtaining Fedora Legacy
content. Please visit http://www.fedoralegacy.org/docs
for directions on how to configure yum and apt-get.
5. Bug IDs fixed:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=175406
6. RPMs required:
Red Hat Linux 7.3:
SRPM:
http://download.fedoralegacy.org/redhat/7.3/updates/SRPMS/apache-1.3.27-9.legacy.src.rpm
i386:
http://download.fedoralegacy.org/redhat/7.3/updates/i386/apache-1.3.27-9.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/apache-devel-1.3.27-9.legacy.i3