Debian GNU/Linux
Debian Security Advisory DSA 688-1 security@debian.org
http://www.debian.org/security/
Martin Schulze
February 23rd, 2005 http://www.debian.org/security/faq
Package : squid
Vulnerability : mising input sanitising
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2005-0446
Upstream developers have discovered several problems in squid,
the Internet object cache, the popular WWW proxy cache. A remote
attacker can cause squid to crash via certain DNS responses.
For the stable distribution (woody) these problems have been
fixed in version 2.4.6-2woody7.
For the unstable distribution (sid) these problems have been
fixed in version 2.5.8-3.
We recommend that you upgrade your squid package.
Upgrade Instructions
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.0 alias woody
Source archives:
http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody7.dsc
Size/MD5 checksum: 612 bc9dc33a502eb9e0b4293c9a0e2aef18
http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody7.diff.gz
Size/MD5 checksum: 236440 d1c8a57810656ee89295c82054824f8e
http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6.orig.tar.gz
Size/MD5 checksum: 1081920 59ce2c58da189626d77e27b9702ca228
Alpha architecture:
http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody7_alpha.deb
Size/MD5 checksum: 815502 5baa03bdbc5258c31a9c093fd567084c
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody7_alpha.deb
Size/MD5 checksum: 75622 5cfae27e8324a0ca0dfccb3dfbadcb1a
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody7_alpha.deb
Size/MD5 checksum: 60366 fde4ec72c5629fe0d7f38b873c27e620
ARM architecture:
http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody7_arm.deb
Size/MD5 checksum: 726008 61adcf77023bbaa37db5e9161acf4050
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody7_arm.deb
Size/MD5 checksum: 73382 5f3e398939e6a277ea015f9f3235eff1
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody7_arm.deb
Size/MD5 checksum: 58704 ad58694d9fb083e67809a98f71187dad
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody7_i386.deb
Size/MD5 checksum: 684338 577c9a8008c5ede1a4f16ef8520ed4c7
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody7_i386.deb
Size/MD5 checksum: 73884 203f95f882aa4ea3ba68076fdcf94cfe
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody7_i386.deb
Size/MD5 checksum: 58396 28dc7b3ad6406d51bf932600b85ece0b
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody7_ia64.deb
Size/MD5 checksum: 953954 d79a494213f89d9c021273c55fa14490
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody7_ia64.deb
Size/MD5 checksum: 79476 b227a17db6a5f115d99598210ed5d5f3
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody7_ia64.deb
Size/MD5 checksum: 63034 23204a45be54339b31e04e9358e357c6
HP Precision architecture:
http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody7_hppa.deb
Size/MD5 checksum: 779584 c37982b618205e53554cdbdedfed1729
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody7_hppa.deb
Size/MD5 checksum: 74828 d1f1807974aa091d258dda40f1a5e27a
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody7_hppa.deb
Size/MD5 checksum: 59842 38372550333e90fba53558ab8ed9eebc
Motorola 680×0 architecture:
http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody7_m68k.deb
Size/MD5 checksum: 666248 649f02e2b065d64a7059c08b3aa38bfc
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody7_m68k.deb
Size/MD5 checksum: 72730 cbbc04070becff9dbf07f8816a33a13c
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody7_m68k.deb
Size/MD5 checksum: 57938 c0410320db936951124d49f799e77057
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody7_mips.deb
Size/MD5 checksum: 765390 4f877c9010ee2ef13ba96b7105e3e19a
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody7_mips.deb
Size/MD5 checksum: 74354 9b425951580d0d782cf0622003673fba
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody7_mips.deb
Size/MD5 checksum: 58992 dd15f0bd3279f7012024121d60ecaeed
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody7_mipsel.deb
Size/MD5 checksum: 765608 2e798cbf5b623b7c2bf06a13aebbefc0
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody7_mipsel.deb
Size/MD5 checksum: 74478 6b9d563241173ef6f9baa4a0c6d73a69
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody7_mipsel.deb
Size/MD5 checksum: 59102 833e1a5808ff69aa664fd055d713a03c
PowerPC architecture:
http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody7_powerpc.deb
Size/MD5 checksum: 722756 32ce8c5e69389b970843ed0b82691894
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody7_powerpc.deb
Size/MD5 checksum: 73378 2661e53c7a134e96d8da81a3c3284bd1
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody7_powerpc.deb
Size/MD5 checksum: 58586 c8d689cd3c7c09b9d119ab2c502f7d39
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody7_s390.deb
Size/MD5 checksum: 712300 40f6212bc20c134923cf1048cfd5245b
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody7_s390.deb
Size/MD5 checksum: 73728 e696e11731b0ffe2a00d883bdc3d16cd
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody7_s390.deb
Size/MD5 checksum: 59156 653037fec730df2155e51aa4d2809ee3
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody7_sparc.deb
Size/MD5 checksum: 724706 3339a3b62ec6e672725c20f012759b4b
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody7_sparc.deb
Size/MD5 checksum: 76012 cda6d662b54f46a831d8566f6f8f095b
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody7_sparc.deb
Size/MD5 checksum: 61020 36640727d0e8c5e400de0c04630c961b
These files will probably be moved into the stable distribution
on its next update.
Debian Security Advisory DSA 689-1 security@debian.org
http://www.debian.org/security/
Martin Schulze
February 23rd, 2005 http://www.debian.org/security/faq
Package : libapache-mod-python
Vulnerability : missing input sanisiting
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2005-0088
Graham Dumpleton discovered a flaw which can affect anyone using
the publisher handle of the Apache Software Foundation’s
mod_python. The publisher handle lets you publish objects inside
modules to make them callable via URL. The flaw allows a carefully
crafted URL to obtain extra information that should not be visible
(information leak).
For the stable distribution (woody) this problem has been fixed
in version 2.7.8-0.0woody5.
For the unstable distribution (sid) this problem has been fixed
in version 2.7.10-4 of libapache-mod-python and in version 3.1.3-3
of libapache2-mod-python.
We recommend that you upgrade your libapache-mod-python
package.
Upgrade Instructions
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.0 alias woody
Source archives:
Size/MD5 checksum: 715 b0716ef2fca40600c41d77c45bcc4167
http://security.debian.org/pool/updates/main/liba/libapache-mod-python/libapache-mod-python_2.7.8-0.0woody5.diff.gz
Size/MD5 checksum: 8261 69110f0e179d5b6f93542233ca6014c4
http://security.debian.org/pool/updates/main/liba/libapache-mod-python/libapache-mod-python_2.7.8.orig.tar.gz
Size/MD5 checksum: 176639 4d5bee8317bfb45a3bb09f02b435e917
Alpha architecture:
Size/MD5 checksum: 120410 64e141ce045b242ce8372b0a2b4be1d7
ARM architecture:
Size/MD5 checksum: 118242 d5738e2ae1a50394ad6964c6fc698652
Intel IA-32 architecture:
Size/MD5 checksum: 117626 acc4d8975aff9f0df543ba7015781ac3
Intel IA-64 architecture:
Size/MD5 checksum: 131522 d7ad903ce69e71242e62ad37b7faa91a
HP Precision architecture:
Size/MD5 checksum: 120182 6bce263b5cb8b4f4812c56483aa50e37
Motorola 680×0 architecture:
Size/MD5 checksum: 118688 3bf883aeee5ad3918b8dc303269f4475
Big endian MIPS architecture:
Size/MD5 checksum: 117644 5221344e02f32234c1e889d6d66f6f5d
Little endian MIPS architecture:
Size/MD5 checksum: 117386 e3acec959d1bfbdfcc10a6faff7c83cf
PowerPC architecture:
Size/MD5 checksum: 118564 574476da068dc51a89d434506059483b
IBM S/390 architecture:
Size/MD5 checksum: 119368 a5bf1d308b8fd847af7c22a657316834
Sun Sparc architecture:
Size/MD5 checksum: 118498 841af8c2e626a24c182cee27d7e71a24
These files will probably be moved into the stable distribution
on its next update.
For apt-get: deb http://security.debian.org/
stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security
dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>’ and http://packages.debian.org/<pkg>
Gentoo Linux
Gentoo Linux Security Advisory GLSA 200502-29
Severity: Normal
Title: Cyrus IMAP Server: Multiple overflow vulnerabilities
Date: February 23, 2005
Bugs: #82404
ID: 200502-29
Synopsis
The Cyrus IMAP Server is affected by several overflow
vulnerabilities which could potentially lead to the remote
execution of arbitrary code.
Background
The Cyrus IMAP Server is an efficient, highly-scalable IMAP
e-mail server.
Affected packages
Package / Vulnerable / Unaffected
1 net-mail/cyrus-imapd < 2.2.12 >= 2.2.12
Description
Possible single byte overflows have been found in the imapd
annotate extension and mailbox handling code. Furthermore stack
buffer overflows have been found in fetchnews, the backend and
imapd.
Impact
An attacker, who could be an authenticated user or an admin of a
peering news server, could exploit these vulnerabilities to execute
arbitrary code with the rights of the user running the Cyrus IMAP
Server.
Workaround
There is no known workaround at this time.
Resolution
All Cyrus IMAP Server users should upgrade to the latest
version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-mail/cyrus-imapd-2.2.12"
References
[ 1 ] Cyrus IMAP Announcement
http://asg.web.cmu.edu/archive/message.php?mailbox=archive.info-cyrus&msg=33723
Availability
This GLSA and any updates to it are available for viewing at the
Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200502-29.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or
alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2005 Gentoo Foundation, Inc; referenced text belongs
to its owner(s).
The contents of this document are licensed under the Creative
Commons – Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.0
LBA-Linux
LBA-Linux Security Advisory
Subject: Updated perl package for LBA-Linux R2
Advisory ID: LBASA-2005:3
Date: Thursday, February 24, 2005
Product: LBA-Linux R2
Problem description:
CAN-2005-0155
The PerlIO implementation in Perl 5.8.0, when installed with setuid
support (sperl), allows local users to create arbitrary files via
the PERLIO_DEBUG variable.
CAN-2005-0156
Buffer overflow in the PerlIO implementation in Perl 5.8.0, when
installed with setuid support (sperl), allows local users to
execute arbitrary code by setting the PERLIO_DEBUG variable and
executing a Perl script whose full pathname contains a long
directory tree.
CAN-2004-0452
Race condition in the rmtree function in the File::Path module in
Perl 5.6.1 and 5.8.4 sets read/write permissions for the world,
which allows local users to delete arbitrary files and directories,
and possibly read files and directories, via a symlink attack.
CAN-2004-0976
Trustix developers discovered several insecure uses of temporary
files in many modules which could allow a local attacker to
overwrite files via symlink attacks.
Updated packages:
LBA-Linux R2:
i386:
ftp://ftp.sot.com/lba-linux_r2/apt/RPMS.updates/perl-5.8.3-6.lba.3.i386.rpm
ftp://ftp.sot.com/lba-linux_r2/apt/RPMS.updates/perl-suidperl-5.8.3-6.lba.3.i386.rpm
Upgrading your system:
To apply this security update to your LBA-Linux system, run the
Updater tool from the LBA-Linux root desktop:
- Log in to your LBA-Linux desktop as the root user.
- Click on the penguin icon at the lower left of the display, and
select the menu item SYSTEM TOOLS>UPDATER. - Click on the item named perl to highlight it.
- Click on the PACKAGE menu in the menu bar, and select the
UPGRADE action. - Confirm the upgrade by clicking the APPLY button in Updater’s
main toolbar.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0155
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0156
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0452
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0976
Copyright(c) 2001-2005 SOT
LBA-Linux Security Advisory
Subject: Updated vim package for LBA-Linux R2
Advisory ID: LBASA-2005:2
Date: Thursday, February 24, 2005
Product: LBA-Linux R2
Problem description:
CAN-2005-0069
The (1) tcltags or (2) vimspell.sh scripts in vim 6.3 allow local
users to overwrite or create arbitrary files via a symlink attack
on temporary files.
CAN-2004-1138
VIM before 6.3 and gVim before 6.3 allow local users to execute
arbitrary commands via a file containing a crafted modeline that is
executed when the file is viewed using options such as (1) termcap,
(2) printdevice, (3) titleold, (4) filetype, (5) syntax, (6)
backupext, (7) keymap, (8) patchmode, or (9) langmenu.
Updated packages:
LBA-Linux R2:
i386:
ftp://ftp.sot.com/lba-linux_r2/apt/RPMS.updates/vim-X11-6.2.294-1.lba.2.i386.rpm
ftp://ftp.sot.com/lba-linux_r2/apt/RPMS.updates/vim-common-6.2.294-1.lba.2.i386.rpm
ftp://ftp.sot.com/lba-linux_r2/apt/RPMS.updates/vim-enhanced-6.2.294-1.lba.2.i386.rpm
ftp://ftp.sot.com/lba-linux_r2/apt/RPMS.updates/vim-minimal-6.2.294-1.lba.2.i386.rpm
Upgrading your system:
To apply this security update to your LBA-Linux system, run the
Updater tool from the LBA-Linux root desktop:
- Log in to your LBA-Linux desktop as the root user.
- Click on the penguin icon at the lower left of the display, and
select the menu item SYSTEM TOOLS>UPDATER. - Click on the item named vim to highlight it.
- Click on the PACKAGE menu in the menu bar, and select the
UPGRADE action. - Confirm the upgrade by clicking the APPLY button in Updater’s
main toolbar.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0069
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1138
Copyright(c) 2001-2005 SOT
LBA-Linux Security Advisory
Subject: Updated cpio package for LBA-Linux R2
Advisory ID: LBASA-2004:1
Date: Thursday, February 24, 2005
Product: LBA-Linux R2
Problem description:
CAN-1999-1572
A vulnerability in cpio was discovered where cpio would create
world writable files when used in -o/–create mode and giving an
output file (with -O). This would allow any user to modify the
created cpio archive.
Updated packages:
LBA-Linux R2:
i386:
ftp://ftp.sot.com/lba-linux_r2/apt/RPMS.updates/cpio-2.5-6.lba.2.i386.rpm
Upgrading your system:
To apply this security update to your LBA-Linux system, run the
Updater tool from the LBA-Linux root desktop:
- Log in to your LBA-Linux desktop as the root user.
- Click on the penguin icon at the lower left of the display, and
select the menu item SYSTEM TOOLS>UPDATER. - Click on the item named cpio to highlight it.
- Click on the PACKAGE menu in the menu bar, and select the
UPGRADE action. - Confirm the upgrade by clicking the APPLY button in Updater’s
main toolbar.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1572
Copyright(c) 2001-2004 SOT