---

Home Security

Advisories, July 20, 2005

By

Fedora Core

Fedora Update Notification
FEDORA-2005-557
2005-07-20

Product : Fedora Core 4
Name : mysql
Version : 4.1.12
Release : 2.FC4.1
Summary : MySQL client programs and shared library.

Description :
MySQL is a multi-user, multi-threaded SQL database server. MySQL is
a client/server implementation consisting of a server daemon
(mysqld) and many different client programs and libraries. This
package contains the MySQL client programs, the client shared
library, and generic MySQL files.

Update Information:

Update to MySQL 4.1.12 (includes a low-impact security fix, see
bz#158689). Repair some issues in openssl support.
Re-enable the old ISAM table type.

  • Tue Jul 12 2005 Tom Lane <tgl@redhat.com> 4.1.12-2.FC4.1
    • Update to MySQL 4.1.12 (includes a fix for bz#158688,
      bz#158689)
    • Extend mysql-test-ssl.patch to solve rpl_openssl test failure
      (bz#155850)
    • Update mysql-lock-ssl.patch to match the upstream committed
      version
    • Add –with-isam to re-enable the old ISAM table type, per
      bz#159262
    • Add dependency on openssl-devel per bz#159569
    • Remove manual.txt, as upstream decided not to ship it anymore;
      it was redundant with the mysql.info file anyway.
    • Fix buffer overflow newly exposed in isam code; it’s the same
      issue previously found in myisam, and not very exciting, but I’m
      tired of seeing build warnings.
  • Mon May 9 2005 Tom Lane <tgl@redhat.com> 4.1.11-4
    • Include proper locking for OpenSSL in the server, per
      bz#155850
  • Mon Apr 25 2005 Tom Lane <tgl@redhat.com> 4.1.11-3
    • Enable openssl tests during build, per bz#155850
    • Might as well turn on –disable-dependency-tracking

This update can be downloaded from:

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/

774460107972d53004a6a2008caebc72
SRPMS/mysql-4.1.12-2.FC4.1.src.rpm
e45f42d42cf30b5b78a2d549f0e25847
ppc/mysql-4.1.12-2.FC4.1.ppc.rpm
98c3ccc6b9fddc04e939e533773ec789
ppc/mysql-server-4.1.12-2.FC4.1.ppc.rpm
cd0089e82da75b84e7db807d1d61dc4d
ppc/mysql-devel-4.1.12-2.FC4.1.ppc.rpm
1ab9651bdc3f25ce5d8608b6e52e296c
ppc/mysql-bench-4.1.12-2.FC4.1.ppc.rpm
f13f7b728be053fae4306a5fb3da9b77
ppc/debug/mysql-debuginfo-4.1.12-2.FC4.1.ppc.rpm
d7579b55ca0523ee093562ca80be3647
ppc/mysql-4.1.12-2.FC4.1.ppc64.rpm
657bb78043fdb9fbc4ab51d9153f147b
x86_64/mysql-4.1.12-2.FC4.1.x86_64.rpm
c522150d70660d88a0c3ab44a2cfa4ba
x86_64/mysql-server-4.1.12-2.FC4.1.x86_64.rpm
cb21a91f82c0b39d227c0aaa4d498f53
x86_64/mysql-devel-4.1.12-2.FC4.1.x86_64.rpm
0187d563d0cdecec49375c9b39e5c116
x86_64/mysql-bench-4.1.12-2.FC4.1.x86_64.rpm
85d8d44fc23c0c3960dc825937fa02e2
x86_64/debug/mysql-debuginfo-4.1.12-2.FC4.1.x86_64.rpm
97de47bd2c66fc9e213f9484d04db852
x86_64/mysql-4.1.12-2.FC4.1.i386.rpm
97de47bd2c66fc9e213f9484d04db852
i386/mysql-4.1.12-2.FC4.1.i386.rpm
3999316e1bea7bc0b832447a59870b98
i386/mysql-server-4.1.12-2.FC4.1.i386.rpm
1137e6778dc99f56df1c8c0eb462338b
i386/mysql-devel-4.1.12-2.FC4.1.i386.rpm
657113d7ec9d26971f064035ab410a7b
i386/mysql-bench-4.1.12-2.FC4.1.i386.rpm
f7c8443e9d551b7fc2651c98195a24e1
i386/debug/mysql-debuginfo-4.1.12-2.FC4.1.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the ‘up2date’ command.

Fedora Update Notification
FEDORA-2005-603
2005-07-20

Product : Fedora Core 3
Name : firefox
Version : 1.0.6
Release : 1.1.fc3
Summary : Mozilla Firefox Web browser.

Description :
Mozilla Firefox is an open-source web browser, designed for
standards compliance, performance and portability.

Update Information:

Mozilla Firefox is an open source Web browser.

A bug was found in the way Firefox handled synthetic events. It
is possible that Web content could generate events such as
keystrokes or mouse clicks that could be used to steal data or
execute malicious JavaScript code. The Common Vulnerabilities and
Exposures project (cve.mitre.org/) has assigned the name
CAN-2005-2260 to this issue.

A bug was found in the way Firefox executed Javascript in XBL
controls. It is possible for a malicious webpage to leverage this
vulnerability to execute other JavaScript based attacks even when
JavaScript is disabled. (CAN-2005-2261)

A bug was found in the way Firefox set an image as the desktop
wallpaper. If a user chooses the “Set As Wallpaper…” context menu
item on a specially crafted image, it is possible for an attacker
to execute arbitrary code on a victim’s machine.
(CAN-2005-2262)

A bug was found in the way Firefox installed its extensions. If
a user can be tricked into visiting a malicious webpage, it may be
possible to obtain sensitive information such as cookies or
passwords. (CAN-2005-2263)

A bug was found in the way Firefox handled the _search target.
It is possible for a malicious website to inject JavaScript into an
already open webpage. (CAN-2005-2264)

A bug was found in the way Firefox handled certain Javascript
functions. It is possible for a malicious web page to crash the
browser by executing malformed Javascript code. (CAN-2005-2265)

A bug was found in the way Firefox handled multiple frame
domains. It is possible for a frame as part of a malicious web site
to inject content into a frame that belongs to another domain. This
issue was previously fixed as CAN-2004-0718 but was accidentally
disabled. (CAN-2005-1937)

A bug was found in the way Firefox handled child frames. It is
possible for a malicious framed page to steal sensitive information
from its parent page. (CAN-2005-2266)

A bug was found in the way Firefox opened URLs from media
players. If a media player opens a URL that is JavaScript,
JavaScript is executed with access to the currently open webpage.
(CAN-2005-2267)

A design flaw was found in the way Firefox displayed alerts and
prompts. Alerts and prompts were given the generic title
[JavaScript Application] which prevented a user from knowing which
site created them. (CAN-2005-2268)

A bug was found in the way Firefox handled DOM node names. It is
possible for a malicious site to overwrite a DOM node name,
allowing certain privileged chrome actions to execute the malicious
JavaScript. (CAN-2005-2269)

A bug was found in the way Firefox cloned base objects. It is
possible for Web content to navigate up the prototype chain to gain
access to privileged chrome objects. (CAN-2005-2270)

Users of Firefox are advised to upgrade to this updated package
that contains Firefox version 1.0.6 and is not vulnerable to these
issues.

  • Wed Jul 20 2005 Christopher Aillon <caillon@redhat.com>
    0:1.0.6-1.1.fc3

    • Update to 1.0.6
  • Mon Jul 18 2005 Christopher Aillon <caillon@redhat.com>
    0:1.0.6-0.1.fc3

    • 1.0.6 Candidate Release
  • Sun May 15 2005 Christopher Aillon <caillon@redhat.com>
    • Re-enable jsd now that there are venkman versions that work
      with Firefox

This update can be downloaded from:

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

af02171d12225714c15c60f04c20e2f9
SRPMS/firefox-1.0.6-1.1.fc3.src.rpm
ef8cb22e843e9c462b070913124eb55d
x86_64/firefox-1.0.6-1.1.fc3.x86_64.rpm
54fbfd492a9d044b64166a226cef75ca
x86_64/debug/firefox-debuginfo-1.0.6-1.1.fc3.x86_64.rpm
0b8019d7294f3be8d1647cf7d571ae14
i386/firefox-1.0.6-1.1.fc3.i386.rpm
8f0c85f49676902e4f0be8f90aa52712
i386/debug/firefox-debuginfo-1.0.6-1.1.fc3.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the ‘up2date’ command.

Fedora Update Notification
FEDORA-2005-604
2005-07-20

Product : Fedora Core 3
Name : thunderbird
Version : 1.0.6
Release : 1.1.fc3
Summary : Mozilla Thunderbird mail/newsgroup client

Description :
Mozilla Thunderbird is a standalone mail and newsgroup client.

Update Information:

Mozilla Thunderbird is a standalone mail and newsgroup
client.

A bug was found in the way Thunderbird handled anonymous
functions during regular expression string replacement. It is
possible for a malicious HTML mail to capture a random block of
client memory. The Common Vulnerabilities and Exposures project has
assigned this bug the name CAN-2005-0989.

A bug was found in the way Thunderbird validated several
XPInstall related JavaScript objects. A malicious HTML mail could
pass other objects to the XPInstall objects, resulting in the
JavaScript interpreter jumping to arbitrary locations in memory.
(CAN-2005-1159)

A bug was found in the way the Thunderbird privileged UI code
handled DOM nodes from the content window. An HTML message could
install malicious JavaScript code or steal data when a user
performs commonplace actions such as clicking a link or opening the
context menu. (CAN-2005-1160)

A bug was found in the way Thunderbird executed JavaScript code.
JavaScript executed from HTML mail should run with a restricted
access level, preventing dangerous actions. It is possible that a
malicious HTML mail could execute JavaScript code with elevated
privileges, allowing access to protected data and functions.
(CAN-2005-1532)

A bug was found in the way Thunderbird executed Javascript in
XBL controls. It is possible for a malicious HTML mail to leverage
this vulnerability to execute other JavaScript based attacks even
when JavaScript is disabled. (CAN-2005-2261)

A bug was found in the way Thunderbird handled certain
Javascript functions. It is possible for a malicious HTML mail to
crash the client by executing malformed Javascript code.
(CAN-2005-2265)

A bug was found in the way Thunderbird handled child frames. It
is possible for a malicious framed HTML mail to steal sensitive
information from its parent frame. (CAN-2005-2266)

A bug was found in the way Thunderbird handled DOM node names.
It is possible for a malicious HTML mail to overwrite a DOM node
name, allowing certain privileged chrome actions to execute the
malicious JavaScript. (CAN-2005-2269)

A bug was found in the way Thunderbird cloned base objects. It
is possible for HTML content to navigate up the prototype chain to
gain access to privileged chrome objects. (CAN-2005-2270)

Users of Thunderbird are advised to upgrade to this updated
package that contains Thunderbird version 1.0.6 and is not
vulnerable to these issues.

  • Wed Jul 20 2005 Christopher Aillon <caillon@redhat.com>
    1.0.6-1.1.fc3

    • Update to 1.0.6
  • Mon Jul 18 2005 Christopher Aillon <caillon@redhat.com>
    1.0.6-0.1.fc3

    • 1.0.6 Release Candidate

This update can be downloaded from:

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

e060dd6ce427541531cc40c28a678643
SRPMS/thunderbird-1.0.6-1.1.fc3.src.rpm
617b9df6931ff067e896d29399849df0
x86_64/thunderbird-1.0.6-1.1.fc3.x86_64.rpm
8bcb33b02ad164e499e4109dc6909caa
x86_64/debug/thunderbird-debuginfo-1.0.6-1.1.fc3.x86_64.rpm
2781375f4ff5c6280692d573787f5064
i386/thunderbird-1.0.6-1.1.fc3.i386.rpm
774d64ba857b9c430c3ae87471bc68f6
i386/debug/thunderbird-debuginfo-1.0.6-1.1.fc3.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the ‘up2date’ command.

Fedora Update Notification
FEDORA-2005-605
2005-07-20

Product : Fedora Core 4
Name : firefox
Version : 1.0.6
Release : 1.1.fc4
Summary : Mozilla Firefox Web browser.

Description :
Mozilla Firefox is an open-source web browser, designed for
standards compliance, performance and portability.

Update Information:

Mozilla Firefox is an open source Web browser.

A bug was found in the way Firefox handled synthetic events. It
is possible that Web content could generate events such as
keystrokes or mouse clicks that could be used to steal data or
execute malicious JavaScript code. The Common Vulnerabilities and
Exposures project (cve.mitre.org/) has assigned the name
CAN-2005-2260 to this issue.

A bug was found in the way Firefox executed Javascript in XBL
controls. It is possible for a malicious webpage to leverage this
vulnerability to execute other JavaScript based attacks even when
JavaScript is disabled. (CAN-2005-2261)

A bug was found in the way Firefox set an image as the desktop
wallpaper. If a user chooses the “Set As Wallpaper…” context menu
item on a specially crafted image, it is possible for an attacker
to execute arbitrary code on a victim’s machine.
(CAN-2005-2262)

A bug was found in the way Firefox installed its extensions. If
a user can be tricked into visiting a malicious webpage, it may be
possible to obtain sensitive information such as cookies or
passwords. (CAN-2005-2263)

A bug was found in the way Firefox handled the _search target.
It is possible for a malicious website to inject JavaScript into an
already open webpage. (CAN-2005-2264)

A bug was found in the way Firefox handled certain Javascript
functions. It is possible for a malicious web page to crash the
browser by executing malformed Javascript code. (CAN-2005-2265)

A bug was found in the way Firefox handled multiple frame
domains. It is possible for a frame as part of a malicious web site
to inject content into a frame that belongs to another domain. This
issue was previously fixed as CAN-2004-0718 but was accidentally
disabled. (CAN-2005-1937)

A bug was found in the way Firefox handled child frames. It is
possible for a malicious framed page to steal sensitive information
from its parent page. (CAN-2005-2266)

A bug was found in the way Firefox opened URLs from media
players. If a media player opens a URL that is JavaScript,
JavaScript is executed with access to the currently open webpage.
(CAN-2005-2267)

A design flaw was found in the way Firefox displayed alerts and
prompts. Alerts and prompts were given the generic title
[JavaScript Application] which prevented a user from knowing which
site created them. (CAN-2005-2268)

A bug was found in the way Firefox handled DOM node names. It is
possible for a malicious site to overwrite a DOM node name,
allowing certain privileged chrome actions to execute the malicious
JavaScript. (CAN-2005-2269)

A bug was found in the way Firefox cloned base objects. It is
possible for Web content to navigate up the prototype chain to gain
access to privileged chrome objects. (CAN-2005-2270)

Users of Firefox are advised to upgrade to this updated package
that contains Firefox version 1.0.6 and is not vulnerable to these
issues.

  • Wed Jul 20 2005 Christopher Aillon <caillon@redhat.com>
    0:1.0.6-1.1.fc4

    • Update to 1.0.6
  • Mon Jul 18 2005 Christopher Aillon <caillon@redhat.com>
    0:1.0.6-0.1.fc4

    • 1.0.6 Release Candidate

This update can be downloaded from:

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/

ff916b514b9af918d03c5c3fc84b7d27
SRPMS/firefox-1.0.6-1.1.fc4.src.rpm
9facc82245e82e7eb55ed5efb9928bfd
ppc/firefox-1.0.6-1.1.fc4.ppc.rpm
2ec89c34a5f8f407039d6062a55c5aa7
ppc/debug/firefox-debuginfo-1.0.6-1.1.fc4.ppc.rpm
6ddc89c3fba24903f5304bc08e8a3163
x86_64/firefox-1.0.6-1.1.fc4.x86_64.rpm
d2f45bece85710236ed59f25b68f3a56
x86_64/debug/firefox-debuginfo-1.0.6-1.1.fc4.x86_64.rpm
5e71924a825cdcf578af4362c431adbf
i386/firefox-1.0.6-1.1.fc4.i386.rpm
23816e60313ff356c93b52045ab12ecb
i386/debug/firefox-debuginfo-1.0.6-1.1.fc4.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the ‘up2date’ command.

Fedora Update Notification
FEDORA-2005-606
2005-07-20

Product : Fedora Core 4
Name : thunderbird
Version : 1.0.6
Release : 1.1.fc4
Summary : Mozilla Thunderbird mail/newsgroup client

Description :
Mozilla Thunderbird is a standalone mail and newsgroup client.

Update Information:

Mozilla Thunderbird is a standalone mail and newsgroup
client.

A bug was found in the way Thunderbird handled anonymous
functions during regular expression string replacement. It is
possible for a malicious HTML mail to capture a random block of
client memory. The Common Vulnerabilities and Exposures project has
assigned this bug the name CAN-2005-0989.

A bug was found in the way Thunderbird validated several
XPInstall related JavaScript objects. A malicious HTML mail could
pass other objects to the XPInstall objects, resulting in the
JavaScript interpreter jumping to arbitrary locations in memory.
(CAN-2005-1159)

A bug was found in the way the Thunderbird privileged UI code
handled DOM nodes from the content window. An HTML message could
install malicious JavaScript code or steal data when a user
performs commonplace actions such as clicking a link or opening the
context menu. (CAN-2005-1160)

A bug was found in the way Thunderbird executed JavaScript code.
JavaScript executed from HTML mail should run with a restricted
access level, preventing dangerous actions. It is possible that a
malicious HTML mail could execute JavaScript code with elevated
privileges, allowing access to protected data and functions.
(CAN-2005-1532)

A bug was found in the way Thunderbird executed Javascript in
XBL controls. It is possible for a malicious HTML mail to leverage
this vulnerability to execute other JavaScript based attacks even
when JavaScript is disabled. (CAN-2005-2261)

A bug was found in the way Thunderbird handled certain
Javascript functions. It is possible for a malicious HTML mail to
crash the client by executing malformed Javascript code.
(CAN-2005-2265)

A bug was found in the way Thunderbird handled child frames. It
is possible for a malicious framed HTML mail to steal sensitive
information from its parent frame. (CAN-2005-2266)

A bug was found in the way Thunderbird handled DOM node names.
It is possible for a malicious HTML mail to overwrite a DOM node
name, allowing certain privileged chrome actions to execute the
malicious JavaScript. (CAN-2005-2269)

A bug was found in the way Thunderbird cloned base objects. It
is possible for HTML content to navigate up the prototype chain to
gain access to privileged chrome objects. (CAN-2005-2270)

Users of Thunderbird are advised to upgrade to this updated
package that contains Thunderbird version 1.0.6 and is not
vulnerable to these issues.

  • Wed Jul 20 2005 Christopher Aillon <caillon@redhat.com>
    1.0.6-1.1.fc4

    • Update to 1.0.6
  • Mon Jul 18 2005 Christopher Aillon <caillon@redhat.com>
    1.0.6-0.1.fc4

    • 1.0.6 Release Candidate

This update can be downloaded from:

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/

51f614a0a887ffb58ce6bbf4f4eb7431
SRPMS/thunderbird-1.0.6-1.1.fc4.src.rpm
fc206b1fd0dccb15da66b2fe3b272175
ppc/thunderbird-1.0.6-1.1.fc4.ppc.rpm
0b94083b2f2415f84069e30c20742ec1
ppc/debug/thunderbird-debuginfo-1.0.6-1.1.fc4.ppc.rpm
38da7902f6e1bcfc45ef688e04a770e8
x86_64/thunderbird-1.0.6-1.1.fc4.x86_64.rpm
1a6bbee24e0559176e19ba1218d91e02
x86_64/debug/thunderbird-debuginfo-1.0.6-1.1.fc4.x86_64.rpm
f858562b2d77180acb6d40022fe1c3cd
i386/thunderbird-1.0.6-1.1.fc4.i386.rpm
90cba454ded9c8d4e049262abdea64d2
i386/debug/thunderbird-debuginfo-1.0.6-1.1.fc4.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the ‘up2date’ command.

Gentoo Linux Security Advisory GLSA 200507-18

http://security.gentoo.org/

Severity: Low
Title: MediaWiki: Cross-site scripting vulnerability
Date: July 20, 2005
Bugs: #99132
ID: 200507-18

Synopsis

MediaWiki is vulnerable to a cross-site scripting attack that
could allow arbitrary JavaScript code execution.

Background

MediaWiki is a collaborative editing software, used by big
projects like Wikipedia.

Affected packages

     Package             /  Vulnerable  /                   Unaffected

  1  www-apps/mediawiki       < 1.4.7                         >= 1.4.7

Description

MediaWiki fails to escape a parameter in the page move template
correctly.

Impact

By enticing a user to visit a specially crafted URL, a remote
attacker could exploit this vulnerability to inject malicious
JavaScript code that will be executed in a user’s browser session
in the context of the vulnerable site.

Workaround

There is no known workaround at this time.

Resolution

All MediaWiki users should upgrade to the latest available
version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=www-apps/mediawiki-1.4.7"

References

[ 1 ] MediaWiki 1.4.7 Release Notes

http://sourceforge.net/project/shownotes.php?release_id=342530

Availability

This GLSA and any updates to it are available for viewing at the
Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200507-18.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or
alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2005 Gentoo Foundation, Inc; referenced text belongs
to its owner(s).

The contents of this document are licensed under the Creative
Commons – Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.0

Mandriva Linux

Mandriva Linux Security Update Advisory

Package name: cpio
Advisory ID: MDKSA-2005:116-1
Date: July 19th, 2005
Original Advisory Date: July 11th, 2005
Affected versions: 10.0, 10.1, 10.2, Corporate 3.0, Corporate
Server 2.1, Multi Network Firewall 2.0

Problem Description:

A race condition has been found in cpio 2.6 and earlier which
allows local users to modify permissions of arbitrary files via a
hard link attack on a file while it is being decompressed, whose
permissions are changed by cpio after the decompression is complete
(CAN-2005-1111).

A vulnerability has been discovered in cpio that allows a
malicious cpio file to extract to an arbitrary directory of the
attackers choice. cpio will extract to the path specified in the
cpio file, this path can be absolute (CAN-2005-1229).

Update:

The previous packages had a problem upgrading due to an
unresolved issue with tar and rmt. These packages correct the
problem.

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1111

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1229

Updated Packages:

Mandrakelinux 10.0:
5e09657806ea7779182c7e5a49c22be8
10.0/RPMS/cpio-2.5-4.2.100mdk.i586.rpm
 407b3cef16e5d7153c3af0a685df7109
10.0/SRPMS/cpio-2.5-4.2.100mdk.src.rpm

Mandrakelinux 10.0/AMD64:
4a1947f3c7fc27f0b6cc0d9bdf97cfd8
amd64/10.0/RPMS/cpio-2.5-4.2.100mdk.amd64.rpm
 407b3cef16e5d7153c3af0a685df7109
amd64/10.0/SRPMS/cpio-2.5-4.2.100mdk.src.rpm

Mandrakelinux 10.1:
c808f5a1689a006e9049e1d8a37ede70
10.1/RPMS/cpio-2.5-4.3.101mdk.i586.rpm
 907e5f404afe7cdd649f8aeaa8444914
10.1/SRPMS/cpio-2.5-4.3.101mdk.src.rpm

Mandrakelinux 10.1/X86_64:
71ab78c534f9552ad081c625e92afb45
x86_64/10.1/RPMS/cpio-2.5-4.3.101mdk.x86_64.rpm
 907e5f404afe7cdd649f8aeaa8444914
x86_64/10.1/SRPMS/cpio-2.5-4.3.101mdk.src.rpm

Mandrakelinux 10.2:
9db16a5fa7bfc85aa7bb2d199ab5d825
10.2/RPMS/cpio-2.6-3.1.102mdk.i586.rpm
 131667db822df5a4cec71e24cdc51b69
10.2/SRPMS/cpio-2.6-3.1.102mdk.src.rpm

Mandrakelinux 10.2/X86_64:
4d5b31e9bdd5d1c81fc61ec3a863f7ff
x86_64/10.2/RPMS/cpio-2.6-3.1.102mdk.x86_64.rpm
 131667db822df5a4cec71e24cdc51b69
x86_64/10.2/SRPMS/cpio-2.6-3.1.102mdk.src.rpm

Multi Network Firewall 2.0:
25c062c9ad406ac7f68f9339d4c5694a
mnf/2.0/RPMS/cpio-2.5-4.2.M20mdk.i586.rpm
 06317e96fc89042c8869f1d2a5030705
mnf/2.0/SRPMS/cpio-2.5-4.2.M20mdk.src.rpm

Corporate Server 2.1:
fe2a5bdd208f9ce6fcf87b90a87dbbdf
corporate/2.1/RPMS/cpio-2.5-4.2.C21mdk.i586.rpm
 950d0f7e96d109e965fb9d6d8f500813
corporate/2.1/SRPMS/cpio-2.5-4.2.C21mdk.src.rpm

Corporate Server 2.1/X86_64:
826500d3531ce8aff99afaf97eb8a8a7
x86_64/corporate/2.1/RPMS/cpio-2.5-4.2.C21mdk.x86_64.rpm
 950d0f7e96d109e965fb9d6d8f500813
x86_64/corporate/2.1/SRPMS/cpio-2.5-4.2.C21mdk.src.rpm

Corporate 3.0:
44667c0001e9da72f56c109f9f451c22
corporate/3.0/RPMS/cpio-2.5-4.2.C30mdk.i586.rpm
 a7beddf04ef0e065dad9af2387393c22
corporate/3.0/SRPMS/cpio-2.5-4.2.C30mdk.src.rpm

Corporate 3.0/X86_64:
94803dd8ac6d1a1fc5436c04f097b4a1
x86_64/corporate/3.0/RPMS/cpio-2.5-4.2.C30mdk.x86_64.rpm
 a7beddf04ef0e065dad9af2387393c22
x86_64/corporate/3.0/SRPMS/cpio-2.5-4.2.C30mdk.src.rpm

To upgrade automatically use MandrakeUpdate or urpmi. The
verification of md5 checksums and GPG signatures is performed
automatically for you.

All packages are signed by Mandriva for security. You can obtain
the GPG public key of the Mandriva Security Team by executing:

gpg –recv-keys –keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>

Mandriva Linux Security Update Advisory

Package name: kdelibs
Advisory ID: MDKSA-2005:122
Date: July 20th, 2005
Affected versions: 10.1, 10.2, Corporate 3.0

Problem Description:

The Kate and Kwrite programs create a file backup before saving
a modified file. These backup files are created with default system
permissions, even if the original file had more strict permissions
set.

The updated packages have been patched to address this
issue.

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1920

http://www.kde.org/info/security/advisory-20050718-1.txt

Updated Packages:

Mandrakelinux 10.1:
a0f1efe07bb5841847108cc0daf12217
10.1/RPMS/kdelibs-common-3.2.3-106.2.101mdk.i586.rpm
 f7862670574e110f1f1c057e3469fc7a
10.1/RPMS/libkdecore4-3.2.3-106.2.101mdk.i586.rpm
 237a0ae8464e3bfd53c92f5c0de55393
10.1/RPMS/libkdecore4-devel-3.2.3-106.2.101mdk.i586.rpm
 e8a3cf31cbead94c2cae9b0354b8519b
10.1/SRPMS/kdelibs-3.2.3-106.2.101mdk.src.rpm

Mandrakelinux 10.1/X86_64:
58459812a658d852c9e687dc1f9b4330
x86_64/10.1/RPMS/kdelibs-common-3.2.3-106.2.101mdk.x86_64.rpm
 5d6bfa6646edbc3ad2eca04ad9fdc327
x86_64/10.1/RPMS/lib64kdecore4-3.2.3-106.2.101mdk.x86_64.rpm
 504c65d12c4688b4cd37309e6d989062
x86_64/10.1/RPMS/lib64kdecore4-devel-3.2.3-106.2.101mdk.x86_64.rpm

 f7862670574e110f1f1c057e3469fc7a
x86_64/10.1/RPMS/libkdecore4-3.2.3-106.2.101mdk.i586.rpm
 237a0ae8464e3bfd53c92f5c0de55393
x86_64/10.1/RPMS/libkdecore4-devel-3.2.3-106.2.101mdk.i586.rpm
 e8a3cf31cbead94c2cae9b0354b8519b
x86_64/10.1/SRPMS/kdelibs-3.2.3-106.2.101mdk.src.rpm

Mandrakelinux 10.2:
b87de63cf909821c607ad96a9fe4d214
10.2/RPMS/kdelibs-common-3.3.2-124.2.102mdk.i586.rpm
 afd0981056261c82daf24cd8225b12d6
10.2/RPMS/libkdecore4-3.3.2-124.2.102mdk.i586.rpm
 8102a00c4778222972484fa92a3f125e
10.2/RPMS/libkdecore4-devel-3.3.2-124.2.102mdk.i586.rpm
 0574a1270ad44837e35afb7c15f7d1c0
10.2/SRPMS/kdelibs-3.3.2-124.2.102mdk.src.rpm

Mandrakelinux 10.2/X86_64:
4d55b8d9aa6108bc94a8d1151136d01d
x86_64/10.2/RPMS/kdelibs-common-3.3.2-124.2.102mdk.x86_64.rpm
 0576c9fe5bc43927f3cea421e7d2301a
x86_64/10.2/RPMS/lib64kdecore4-3.3.2-124.2.102mdk.x86_64.rpm
 c65120ab7eaab75027d8e39e0f434b65
x86_64/10.2/RPMS/lib64kdecore4-devel-3.3.2-124.2.102mdk.x86_64.rpm

 afd0981056261c82daf24cd8225b12d6
x86_64/10.2/RPMS/libkdecore4-3.3.2-124.2.102mdk.i586.rpm
 8102a00c4778222972484fa92a3f125e
x86_64/10.2/RPMS/libkdecore4-devel-3.3.2-124.2.102mdk.i586.rpm
 0574a1270ad44837e35afb7c15f7d1c0
x86_64/10.2/SRPMS/kdelibs-3.3.2-124.2.102mdk.src.rpm

Corporate 3.0:
e45c3989a48dc0ec233aab73bbeeb8b0
corporate/3.0/RPMS/kdelibs-common-3.2-36.14.C30mdk.i586.rpm
 c0b72328b43a17d765554c1dddaa7602
corporate/3.0/RPMS/libkdecore4-3.2-36.14.C30mdk.i586.rpm
 8f53a7b7cfd1ffd2d16e47f54a8b21e9
corporate/3.0/RPMS/libkdecore4-devel-3.2-36.14.C30mdk.i586.rpm
 def69e2c45825276eceae1ad9a3e34cd
corporate/3.0/SRPMS/kdelibs-3.2-36.14.C30mdk.src.rpm

Corporate 3.0/X86_64:
5d7c3a0ee26395542ce0560c29c9872d
x86_64/corporate/3.0/RPMS/kdelibs-common-3.2-36.14.C30mdk.x86_64.rpm

 b37a1651ba33fdb2bb6e8bbd1c15b0be
x86_64/corporate/3.0/RPMS/lib64kdecore4-3.2-36.14.C30mdk.x86_64.rpm

 32cee9a6d31ff7e57ebad83ab3c292ef
x86_64/corporate/3.0/RPMS/lib64kdecore4-devel-3.2-36.14.C30mdk.x86_64.rpm

 c0b72328b43a17d765554c1dddaa7602
x86_64/corporate/3.0/RPMS/libkdecore4-3.2-36.14.C30mdk.i586.rpm
 def69e2c45825276eceae1ad9a3e34cd
x86_64/corporate/3.0/SRPMS/kdelibs-3.2-36.14.C30mdk.src.rpm

To upgrade automatically use MandrakeUpdate or urpmi. The
verification of md5 checksums and GPG signatures is performed
automatically for you.

All packages are signed by Mandriva for security. You can obtain
the GPG public key of the Mandriva Security Team by executing:

gpg –recv-keys –keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>

Mandriva Linux Security Update Advisory

Package name: shorewall
Advisory ID: MDKSA-2005:123
Date: July 20th, 2005
Affected versions: 10.0, 10.1, 10.2, Corporate 3.0, Multi Network
Firewall 2.0

Problem Description:

A vulnerability was discovered in all versions of shorewall
where a client accepted by MAC address filtering is able to bypass
any other rule. If MACLIST_TTL is set to a value greater than 0 or
MACLIST_DISPOSITION is set to ACCEPT in shorewall.conf, and a
client is positively identified through its MAC address, it
bypasses all other policies and rules in place, gaining access to
all open services on the firewall.

Shorewall 2.0.17 is provided which fixes this issue.

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2317

http://shorewall.net/News.htm#20050717

Updated Packages:

Mandrakelinux 10.0:
c79cc264cd137ff9b43453ad118f86d8
10.0/RPMS/shorewall-2.0.17-1.1.100mdk.noarch.rpm
 2dc01e35a2f4e9c06978b89a0c500fd7
10.0/RPMS/shorewall-doc-2.0.17-1.1.100mdk.noarch.rpm
 ecbadb7b380e1fe28446e42459f8f866
10.0/SRPMS/shorewall-2.0.17-1.1.100mdk.src.rpm

Mandrakelinux 10.0/AMD64:
382209c91385b210f98af3757eb57ca0
amd64/10.0/RPMS/shorewall-2.0.17-1.1.100mdk.noarch.rpm
 867db86742b343bfe793d90e5ca3bb25
amd64/10.0/RPMS/shorewall-doc-2.0.17-1.1.100mdk.noarch.rpm
 ecbadb7b380e1fe28446e42459f8f866
amd64/10.0/SRPMS/shorewall-2.0.17-1.1.100mdk.src.rpm

Mandrakelinux 10.1:
52c9528635ecb77dd2926ff034e3da49
10.1/RPMS/shorewall-2.0.17-1.1.101mdk.noarch.rpm
 2bd3af575e109773eb9e4a22b961f14f
10.1/RPMS/shorewall-doc-2.0.17-1.1.101mdk.noarch.rpm
 af84aa6c42f562ba53663d9ba5d103d5
10.1/SRPMS/shorewall-2.0.17-1.1.101mdk.src.rpm

Mandrakelinux 10.1/X86_64:
ffe670f9812013f46f7c7ac3c62e7457
x86_64/10.1/RPMS/shorewall-2.0.17-1.1.101mdk.noarch.rpm
 26871efc7e8d853d033f02258f849d95
x86_64/10.1/RPMS/shorewall-doc-2.0.17-1.1.101mdk.noarch.rpm
 af84aa6c42f562ba53663d9ba5d103d5
x86_64/10.1/SRPMS/shorewall-2.0.17-1.1.101mdk.src.rpm

Mandrakelinux 10.2:
68358bdb82da0346d962639b8e34bd3b
10.2/RPMS/shorewall-2.0.17-1.1.102mdk.noarch.rpm
 82cc68acf5f6433a376cd655af383bf5
10.2/RPMS/shorewall-doc-2.0.17-1.1.102mdk.noarch.rpm
 616436e7fee5da63d8a23e690c6f4592
10.2/SRPMS/shorewall-2.0.17-1.1.102mdk.src.rpm

Mandrakelinux 10.2/X86_64:
8491649c643b10489a66c00a16e4bbd7
x86_64/10.2/RPMS/shorewall-2.0.17-1.1.102mdk.noarch.rpm
 e4c204d6c6d1a8c24ecdf2bdb5a41e56
x86_64/10.2/RPMS/shorewall-doc-2.0.17-1.1.102mdk.noarch.rpm
 616436e7fee5da63d8a23e690c6f4592
x86_64/10.2/SRPMS/shorewall-2.0.17-1.1.102mdk.src.rpm

Multi Network Firewall 2.0:
27d2a34beb323bc074793ce1c040c26a
mnf/2.0/RPMS/shorewall-2.0.17-1.1.M20mdk.noarch.rpm
 6c5984b6bbe0cc07e368a197abfa6a12
mnf/2.0/RPMS/shorewall-doc-2.0.17-1.1.M20mdk.noarch.rpm
 1dad701e2f3ef45a082dbca1662af127
mnf/2.0/SRPMS/shorewall-2.0.17-1.1.M20mdk.src.rpm

Corporate 3.0:
d40a41fe04b08d36e56c77586d19f5f0
corporate/3.0/RPMS/shorewall-2.0.17-1.1.C30mdk.noarch.rpm
 dea5d0cd79767a5275ab60540b8e1958
corporate/3.0/RPMS/shorewall-doc-2.0.17-1.1.C30mdk.noarch.rpm
 60fa0503a50cc1e13e624e1f4b8d0504
corporate/3.0/SRPMS/shorewall-2.0.17-1.1.C30mdk.src.rpm

Corporate 3.0/X86_64:
f851108f517370ff74b13a7837728257
x86_64/corporate/3.0/RPMS/shorewall-2.0.17-1.1.C30mdk.noarch.rpm

 611704186851b67d28cdf27c8995d90d
x86_64/corporate/3.0/RPMS/shorewall-doc-2.0.17-1.1.C30mdk.noarch.rpm

 60fa0503a50cc1e13e624e1f4b8d0504
x86_64/corporate/3.0/SRPMS/shorewall-2.0.17-1.1.C30mdk.src.rpm

To upgrade automatically use MandrakeUpdate or urpmi. The
verification of md5 checksums and GPG signatures is performed
automatically for you.

All packages are signed by Mandriva for security. You can obtain
the GPG public key of the Mandriva Security Team by executing:

gpg –recv-keys –keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>

Slackware Linux

[slackware-security] dnsmasq (SSA:2005-201-01)

New dnsmasq packages are available for Slackware 10.0, 10.1, and
-current to fix security issues. An off-by-one overflow
vulnerability may allow a DHCP client to create a denial of service
condition. Additional code was also added to detect and defeat
attempts to poison the DNS cache.

More details about these issues may be found in the Common
Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0876

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0877

Here are the details from the Slackware 10.1 ChangeLog:
+————————–+
patches/packages/dnsmasq-2.22-i486-1.tgz: Upgraded to dnsmasq-2.22.
This fixes an off-by-one overflow vulnerability may allow a DHCP
client to create a denial of service condition. Additional code was
also added to detect and defeat attempts to poison the DNS
cache.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0876

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0877
(* Security fix *)
+————————–+

Where to find the new packages:

Updated package for Slackware 10.0:

ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/dnsmasq-2.22-i486-1.tgz

Updated package for Slackware 10.1:

ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/dnsmasq-2.22-i486-1.tgz

Updated package for Slackware -current:

ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/dnsmasq-2.22-i486-1.tgz

MD5 signatures:

Slackware 10.0 package:
9716a39a464c0121b88a3a717a65b7a3 dnsmasq-2.22-i486-1.tgz

Slackware 10.1 package:
21f99c7ed9bbee044fb839f4a9214b8c dnsmasq-2.22-i486-1.tgz

Slackware -current package:
e37624bee39e7e5da2f8790973e89e07 dnsmasq-2.22-i486-1.tgz

Installation instructions:

Upgrade the package as root:
# upgradepkg dnsmasq-2.22-i486-1.tgz

+—–+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

[slackware-security] emacs movemail POP utility
(SSA:2005-201-02)

New emacs packages are available for Slackware 10.1 and -current
to a security issue with the movemail utility for retrieving mail
from a POP mail server. If used to connect to a malicious POP
server, it is possible for the server to cause the execution of
arbitrary code as the user running emacs.

Here are the details from the Slackware 10.1 ChangeLog:
+————————–+
patches/packages/emacs-21.4a-i486-1.tgz: Upgraded to emacs-21.4a.
This fixes a vulnerability in the movemail utility when connecting
to a malicious POP server that may allow the execution of arbitrary
code as the user running emacs.
(* Security fix *)
+————————–+

Where to find the new packages:

Updated packages for Slackware 10.1:

ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/emacs-21.4a-i486-1.tgz


ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/emacs-info-21.4a-noarch-1.tgz


ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/emacs-leim-21.4-noarch-1.tgz


ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/emacs-lisp-21.4a-noarch-1.tgz


ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/emacs-misc-21.4a-noarch-1.tgz


ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/emacs-nox-21.4a-i486-1.tgz

Updated packages for Slackware -current:

ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/e/emacs-21.4a-i486-1.tgz


ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/e/emacs-info-21.4a-noarch-1.tgz


ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/e/emacs-leim-21.4-noarch-1.tgz


ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/e/emacs-lisp-21.4a-noarch-1.tgz


ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/e/emacs-misc-21.4a-noarch-1.tgz


ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/e/emacs-nox-21.4a-i486-1.tgz

MD5 signatures:

Slackware 10.1 packages:
7bb30482651e5e4558eea0b66b55d1de emacs-21.4a-i486-1.tgz
45b0fb651c6c7b9deacb55efe582b4b5 emacs-info-21.4a-noarch-1.tgz
5d0152fa95027215b14ece0f8fbf8a37 emacs-leim-21.4-noarch-1.tgz
5bd976633a33dad36161eba7e92bec61 emacs-lisp-21.4a-noarch-1.tgz
2763fe68ed8c833ed95ec4c95aacc562 emacs-misc-21.4a-noarch-1.tgz
195df428e1a10c50da88129002c9e2f9 emacs-nox-21.4a-i486-1.tgz

Slackware -current packages:
44986e6ca1e02d971f43e3d0f118dde3 emacs-21.4a-i486-1.tgz
100643203d73d54df78c58eef8596e4b emacs-info-21.4a-noarch-1.tgz
70effd3b113d795d8532022139269f77 emacs-leim-21.4-noarch-1.tgz
2bcec4297285f30124e2a61f85a27440 emacs-lisp-21.4a-noarch-1.tgz
48ebc0d4e581d5deb15159a4d34c060d emacs-misc-21.4a-noarch-1.tgz
04fb5ed4b1da572063b2a991d8c54edf emacs-nox-21.4a-i486-1.tgz

Installation instructions:

Upgrade the packages as root:
# upgradepkg emacs-21.4a-i486-1.tgz emacs-info-21.4a-noarch-1.tgz
emacs-leim-21.4-noarch-1.tgz emacs-lisp-21.4a-noarch-1.tgz
emacs-misc-21.4a-noarch-1.tgz emacs-nox-21.4a-i486-1.tgz

+—–+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis

Must Read

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

Our Brands

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.