Home Security

Advisories: October 12, 2005

By

October 13, 2005

Debian GNU/Linux

Debian Security Advisory DSA 863-1 security@debian.org
http://www.debian.org/security/
Martin Schulze
October 12th, 2005 http://www.debian.org/security/faq

Package : xine-lib
Vulnerability : format string vulnerability
Problem type : remote
Debian-specific: no
CVE ID : CAN-2005-2967
Debian Bug : 332919

Ulf Hörnhammar from the Debian Security Audit Project
discovered a format string vulnerability in the CDDB processing
component of xine-lib, the xine video/media player library, that
could lead to the execution of arbitrary code caused by a malicious
CDDB entry.

For the old stable distribution (woody) this problem has been
fixed in version 0.9.8-2woody4.

For the stable distribution (sarge) this problem has been fixed
in version 1.0.1-1sarge1.

For the unstable distribution (sid) this problem will be fixed
soon.

We recommend that you upgrade your libxine0 and libxine1
packages.

Upgrade Instructions

wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody

Source archives:

http://security.debian.org/pool/updates/main/x/xine-lib/xine-lib_0.9.8-2woody4.dsc

Size/MD5 checksum: 760
84aebc3ee4340cb3fa349e42d3aea4cd
http://security.debian.org/pool/updates/main/x/xine-lib/xine-lib_0.9.8-2woody4.diff.gz

Size/MD5 checksum: 1597
46ad3714f12ecf6f7d7b2b636d4bf235
http://security.debian.org/pool/updates/main/x/xine-lib/xine-lib_0.9.8.orig.tar.gz

Size/MD5 checksum: 1766178
d8fc9b30e15b50af8ab7552bbda7aeda

Alpha architecture:

http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody4_alpha.deb

Size/MD5 checksum: 260872
3bebc687e6c44bc82e50db6c2d2cd3b8
http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody4_alpha.deb

Size/MD5 checksum: 815976
7bb3fb084e92abd99744c9acf6ac22da

ARM architecture:

http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody4_arm.deb

Size/MD5 checksum: 302882
31ee75176734f2e5c6043a26adc9902f
http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody4_arm.deb

Size/MD5 checksum: 671170
cb8b14723c24239887a429bedf61e242

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody4_i386.deb

Size/MD5 checksum: 260622
7159cbfeb050fb5fe4351dfea84c4bad
http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody4_i386.deb

Size/MD5 checksum: 807814
dfd99f47c92f915d6c5df50c23850381

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody4_ia64.deb

Size/MD5 checksum: 260752
eb801bd263f4dbb40c225e466ae67e2b
http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody4_ia64.deb

Size/MD5 checksum: 953236
b60a296e34ea59571815ff5f275f2f2e

HP Precision architecture:

http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody4_hppa.deb

Size/MD5 checksum: 260908
d0bda23bf754d3ef07800ef73d98fef9
http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody4_hppa.deb

Size/MD5 checksum: 846538
1911d208c69f6cab880942e44164a535

Motorola 680×0 architecture:

http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody4_m68k.deb

Size/MD5 checksum: 292614
c771ddacc9e613908ab38d8bd6479817
http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody4_m68k.deb

Size/MD5 checksum: 617486
1c45b44979c1c9eb216e3208e2116dc0

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody4_mips.deb

Size/MD5 checksum: 299614
c674f7052bc3348c57bdfac79287e531
http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody4_mips.deb

Size/MD5 checksum: 652744
a8a7821f6d02019accc465aa46324a40

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody4_mipsel.deb

Size/MD5 checksum: 299490
c08ae028419b54e8a25736f7e66b4467
http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody4_mipsel.deb

Size/MD5 checksum: 654564
cd4c710e0e864d4d997dad6dae9b1efc

PowerPC architecture:

http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody4_powerpc.deb

Size/MD5 checksum: 261186
8c3d8bd4467ef65ecb61b6b4b1ff03da
http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody4_powerpc.deb

Size/MD5 checksum: 742266
3e1460d9cc957d625e9ff44377ae6f26

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody4_s390.deb

Size/MD5 checksum: 302292
7216573fea366f8fef931e72b5a54282
http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody4_s390.deb

Size/MD5 checksum: 662612
f9e46c22eef8996b6347f49949df0541

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody4_sparc.deb

Size/MD5 checksum: 261010
11123abda55e4697196811214665e73a
http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody4_sparc.deb

Size/MD5 checksum: 807562
cd819a0831e1118fd1b5742f19e385f2

Debian GNU/Linux 3.1 alias sarge

Source archives:

http://security.debian.org/pool/updates/main/x/xine-lib/xine-lib_1.0.1-1sarge1.dsc

Size/MD5 checksum: 1059
8b0c1be9a18fcc5bb8924c59459aaa09
http://security.debian.org/pool/updates/main/x/xine-lib/xine-lib_1.0.1-1sarge1.diff.gz

Size/MD5 checksum: 1830
ccd0e6defc6b1a7ffef940c2093ff171
http://security.debian.org/pool/updates/main/x/xine-lib/xine-lib_1.0.1.orig.tar.gz

Size/MD5 checksum: 7774954
9be804b337c6c3a2e202c5a7237cb0f8

Alpha architecture:

http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge1_alpha.deb

Size/MD5 checksum: 107494
575f2882115ac55692df0bc0f0afd315
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge1_alpha.deb

Size/MD5 checksum: 4829040
ca32cccc95f84e96ee7c4168d2fd240b

AMD64 architecture:

http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge1_amd64.deb

Size/MD5 checksum: 107494
bdffd0330ec645316870ac0daad7547f
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge1_amd64.deb

Size/MD5 checksum: 3932956
06514728c23a35b3cbf80770266d6fa8

ARM architecture:

http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge1_arm.deb

Size/MD5 checksum: 107542
b163252c35280ed6861106ca0b31b49f
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge1_arm.deb

Size/MD5 checksum: 3877978
a4dcdf3af236e9ee7457bd5c1cf79898

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge1_i386.deb

Size/MD5 checksum: 107552
a7a8a1012ba9351263fb520a013d7b9a
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge1_i386.deb

Size/MD5 checksum: 4204476
ad45e280a9cf6d2155f48391590fed24

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge1_ia64.deb

Size/MD5 checksum: 107496
50173acc27cbb4d4231fbde021a485e9
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge1_ia64.deb

Size/MD5 checksum: 5620168
d2b697a37ad542af4949a198cdc5a996

HP Precision architecture:

http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge1_hppa.deb

Size/MD5 checksum: 107518
f584f23d0a4a31f90286e6b4cea346dc
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge1_hppa.deb

Size/MD5 checksum: 3598516
fabdcfc0f8fa78f33e27ff1ad2950887

Motorola 680×0 architecture:

http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge1_m68k.deb

Size/MD5 checksum: 107560
52729206ab986c979ef9a8a9e9d1285f
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge1_m68k.deb

Size/MD5 checksum: 3174806
878892556bc2fc96ffdaa31002f34558

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge1_mips.deb

Size/MD5 checksum: 107512
1b54724fbf216190fc666e5ec13c14f0
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge1_mips.deb

Size/MD5 checksum: 4066338
e5a49aa6c8133e77cca04f6fa0501cea

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge1_mipsel.deb

Size/MD5 checksum: 107508
f9bca3c42c901726b2fe664c57228814
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge1_mipsel.deb

Size/MD5 checksum: 4125184
1d1bfd60a742587670570e1e5400a295

PowerPC architecture:

http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge1_powerpc.deb

Size/MD5 checksum: 107532
31fbdf1bb08bcf5cef34a70f0d7ee506
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge1_powerpc.deb

Size/MD5 checksum: 4305114
d6e1e70500f51682bc68b67b7eef4622

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge1_s390.deb

Size/MD5 checksum: 107504
aaed81dcb09b593632bd6815621a4b51
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge1_s390.deb

Size/MD5 checksum: 3880418
5c47a59bb53c0664c6fc2ba9def72baf

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_1.0.1-1sarge1_sparc.deb

Size/MD5 checksum: 107522
fb52f99a95b795fa86c5d83374ead004
http://security.debian.org/pool/updates/main/x/xine-lib/libxine1_1.0.1-1sarge1_sparc.deb

Size/MD5 checksum: 4360130
d0492e0848553956a8cf5e0a027e6963

These files will probably be moved into the stable distribution
on its next update.

For apt-get: deb http://security.debian.org/
stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security
dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org

Package info: `apt-cache show <pkg>’ and http://packages.debian.org/<pkg>

Mandriva Linux

Mandriva Linux Security Update Advisory

Package name: squirrelmail
Advisory ID: MDKSA-2005:178
Date: October 11th, 2005
Affected versions: Corporate 3.0

Problem Description:

A cross-site scripting (XSS) vulnerability in add.php in Address
Add Plugin 1.9 and 2.0 for Squirrelmail allows remote attackers to
inject arbitrary web script or HTML via the IMG tag.

The updated packages have an updated Address Add plugin to
correct this problem.

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3128

Updated Packages:

Corporate 3.0:
2341c318bfbd7734dc8b79034069885b
corporate/3.0/RPMS/squirrelmail-1.4.2-11.2.C30mdk.noarch.rpm
944a7c659d7dd2ceef0c4eef2876628e
corporate/3.0/RPMS/squirrelmail-poutils-1.4.2-11.2.C30mdk.noarch.rpm

edf57fba5bb134453ba7dbe8d18339f5
corporate/3.0/SRPMS/squirrelmail-1.4.2-11.2.C30mdk.src.rpm

Corporate 3.0/X86_64:
ef69fe51a0b58e202cbcec5e9cfcee83
x86_64/corporate/3.0/RPMS/squirrelmail-1.4.2-11.2.C30mdk.noarch.rpm

54244c96e2f1a1c27f074fbe6ed4ea85
x86_64/corporate/3.0/RPMS/squirrelmail-poutils-1.4.2-11.2.C30mdk.noarch.rpm

edf57fba5bb134453ba7dbe8d18339f5
x86_64/corporate/3.0/SRPMS/squirrelmail-1.4.2-11.2.C30mdk.src.rpm

To upgrade automatically use MandrakeUpdate or urpmi. The
verification of md5 checksums and GPG signatures is performed
automatically for you.

All packages are signed by Mandriva for security. You can obtain
the GPG public key of the Mandriva Security Team by executing:

gpg –recv-keys –keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>

Mandriva Linux Security Update Advisory

Package name: openssl
Advisory ID: MDKSA-2005:179
Date: October 11th, 2005
Affected versions: 10.1, 10.2, 2006.0, Corporate 3.0, Corporate
Server 2.1, Multi Network Firewall 2.0

Problem Description:

Yutaka Oiwa discovered vulnerability potentially affects
applications that use the SSL/TLS server implementation provided by
OpenSSL.

Such applications are affected if they use the option
SSL_OP_MSIE_SSLV2_RSA_PADDING. This option is implied by use of
SSL_OP_ALL, which is intended to work around various bugs in
thirdparty software that might prevent interoperability. The
SSL_OP_MSIE_SSLV2_RSA_PADDING option disables a verification step
in the SSL 2.0 server supposed to prevent active protocol-version
rollback attacks. With this verification step disabled, an attacker
acting as a “man in the middle” can force a client and a server to
negotiate the SSL 2.0 protocol even if these parties both support
SSL 3.0 or TLS 1.0. The SSL 2.0 protocol is known to have severe
cryptographic weaknesses and is supported as a fallback only.
(CAN-2005-2969)

The current default algorithm for creating “message digests”
(electronic signatures) for certificates created by openssl is MD5.
However, this algorithm is not deemed secure any more, and some
practical attacks have been demonstrated which could allow an
attacker to forge certificates with a valid certification authority
signature even if he does not know the secret CA signing key.

To address this issue, openssl has been changed to use SHA-1 by
default. This is a more appropriate default algorithm for the
majority of use cases. If you still want to use MD5 as default, you
can revert this change by changing the two instances of “default_md
= sha1” to “default_md = md5” in /usr/{lib,lib64}/ssl/openssl.cnf.
(CAN-2005-2946)

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2946

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2969

Updated Packages:

Mandrivalinux 10.1:
2fa715275a4a918b15eb02e402b755bc
10.1/RPMS/libopenssl0.9.7-0.9.7d-1.3.101mdk.i586.rpm
1912f9be0eccc4b2903616ac2c0d5103
10.1/RPMS/libopenssl0.9.7-devel-0.9.7d-1.3.101mdk.i586.rpm
4d51641d38b5e0e8c6be5fcc211ffa3b
10.1/RPMS/libopenssl0.9.7-static-devel-0.9.7d-1.3.101mdk.i586.rpm

6e40220d7461ad8e711aa2ee5a772b1f
10.1/RPMS/openssl-0.9.7d-1.3.101mdk.i586.rpm
abb721aa2ccf15e555c4f84981366022
10.1/SRPMS/openssl-0.9.7d-1.3.101mdk.src.rpm

Mandrivalinux 10.1/X86_64:
5b820a306004c31fcac518aec78bfea3
x86_64/10.1/RPMS/lib64openssl0.9.7-0.9.7d-1.3.101mdk.x86_64.rpm
4b506c7086fd330fde0fe724a5bd865c
x86_64/10.1/RPMS/lib64openssl0.9.7-devel-0.9.7d-1.3.101mdk.x86_64.rpm

9fb820e394e6da5db74a60d7062a6c23
x86_64/10.1/RPMS/lib64openssl0.9.7-static-devel-0.9.7d-1.3.101mdk.x86_64.rpm

f113ec9a24627d354eaa37db78784d31
x86_64/10.1/RPMS/openssl-0.9.7d-1.3.101mdk.x86_64.rpm
abb721aa2ccf15e555c4f84981366022
x86_64/10.1/SRPMS/openssl-0.9.7d-1.3.101mdk.src.rpm

Mandrivalinux 10.2:
7448f1bd46305af8ca09c794828bc14d
10.2/RPMS/libopenssl0.9.7-0.9.7e-5.2.102mdk.i586.rpm
dd17f238c7c4eeb93f330794d28fef20
10.2/RPMS/libopenssl0.9.7-devel-0.9.7e-5.2.102mdk.i586.rpm
4d6b82c86b3b7430273e9f7804b448f3
10.2/RPMS/libopenssl0.9.7-static-devel-0.9.7e-5.2.102mdk.i586.rpm

ec6b0d749ed3f7c8b2ee48cea5c104f5
10.2/RPMS/openssl-0.9.7e-5.2.102mdk.i586.rpm
14554b0fff0abfe1da54b8f9c68c8a75
10.2/SRPMS/openssl-0.9.7e-5.2.102mdk.src.rpm

Mandrivalinux 10.2/X86_64:
a34fa268399bce8d59b185df255f1d19
x86_64/10.2/RPMS/lib64openssl0.9.7-0.9.7e-5.2.102mdk.x86_64.rpm
3f403f1c36d53bb35174c04badbea2d9
x86_64/10.2/RPMS/lib64openssl0.9.7-devel-0.9.7e-5.2.102mdk.x86_64.rpm

68d2a4a298fd37719343c4ade853e22d
x86_64/10.2/RPMS/lib64openssl0.9.7-static-devel-0.9.7e-5.2.102mdk.x86_64.rpm

8b53d1949aa30ca813f27c5dd3bb1062
x86_64/10.2/RPMS/openssl-0.9.7e-5.2.102mdk.x86_64.rpm
14554b0fff0abfe1da54b8f9c68c8a75
x86_64/10.2/SRPMS/openssl-0.9.7e-5.2.102mdk.src.rpm

Mandrivalinux 2006.0:
bc7f3ba61af3334757c65e1682eb0065
2006.0/RPMS/libopenssl0.9.7-0.9.7g-2.1.20060mdk.i586.rpm
a15b20362dd7437ff974642af0756d79
2006.0/RPMS/libopenssl0.9.7-devel-0.9.7g-2.1.20060mdk.i586.rpm
65bab77540badadc2152d7803d13c63f
2006.0/RPMS/libopenssl0.9.7-static-devel-0.9.7g-2.1.20060mdk.i586.rpm

d06fa459cf871d890bf3a4ff22b85cd7
2006.0/RPMS/openssl-0.9.7g-2.1.20060mdk.i586.rpm
fc0ed1a9eab0dfdb3f35c3cdb46004e8
2006.0/SRPMS/openssl-0.9.7g-2.1.20060mdk.src.rpm

Mandrivalinux 2006.0/X86_64:
3b54d300cf1b6889d764e36660d3542d
x86_64/2006.0/RPMS/lib64openssl0.9.7-0.9.7g-2.1.20060mdk.x86_64.rpm

aa8e520156a9d878ed43179dfcc5210f
x86_64/2006.0/RPMS/lib64openssl0.9.7-devel-0.9.7g-2.1.20060mdk.x86_64.rpm

8bece33914331ad81e9e88dfef1b4319
x86_64/2006.0/RPMS/lib64openssl0.9.7-static-devel-0.9.7g-2.1.20060mdk.x86_64.rpm

4a654cfa16e31f450493e59de0cb372c
x86_64/2006.0/RPMS/openssl-0.9.7g-2.1.20060mdk.x86_64.rpm
fc0ed1a9eab0dfdb3f35c3cdb46004e8
x86_64/2006.0/SRPMS/openssl-0.9.7g-2.1.20060mdk.src.rpm

Multi Network Firewall 2.0:
60451a13eb787c55a9463322b6bdb419
mnf/2.0/RPMS/libopenssl0.9.7-0.9.7c-3.3.M20mdk.i586.rpm
3a5dae5ff129437461180df9a8dd5b0b
mnf/2.0/RPMS/openssl-0.9.7c-3.3.M20mdk.i586.rpm
c89dcc035040ed512ab2823b978b5205
mnf/2.0/SRPMS/openssl-0.9.7c-3.3.M20mdk.src.rpm

Corporate Server 2.1:
7ce23e8906c2001f93afdbdb544a5659
corporate/2.1/RPMS/libopenssl0-0.9.6i-1.10.C21mdk.i586.rpm
26e569e8dd0598bd5f55d1a954989e7b
corporate/2.1/RPMS/libopenssl0-devel-0.9.6i-1.10.C21mdk.i586.rpm

c54a45b3cf589095382c1399f0435353
corporate/2.1/RPMS/libopenssl0-static-devel-0.9.6i-1.10.C21mdk.i586.rpm

bc5ff8f4e044678c40b5bae08b263216
corporate/2.1/RPMS/openssl-0.9.6i-1.10.C21mdk.i586.rpm
6fa6d2e82bffdf044663ccd40b14bba3
corporate/2.1/SRPMS/openssl-0.9.6i-1.10.C21mdk.src.rpm

Corporate Server 2.1/X86_64:
4b85f119fb4908f785ee5e4cd6f81312
x86_64/corporate/2.1/RPMS/libopenssl0-0.9.6i-1.10.C21mdk.x86_64.rpm

d366f2f72a511fbb4887de0d17303339
x86_64/corporate/2.1/RPMS/libopenssl0-devel-0.9.6i-1.10.C21mdk.x86_64.rpm

b3a4d7295c802dc5a486022bffe8f8aa
x86_64/corporate/2.1/RPMS/libopenssl0-static-devel-0.9.6i-1.10.C21mdk.x86_64.rpm

cd0e605ae88e746d8124f550ff26c723
x86_64/corporate/2.1/RPMS/openssl-0.9.6i-1.10.C21mdk.x86_64.rpm
6fa6d2e82bffdf044663ccd40b14bba3
x86_64/corporate/2.1/SRPMS/openssl-0.9.6i-1.10.C21mdk.src.rpm

Corporate 3.0:
e77b2aeadf368cac390fda472f96f76d
corporate/3.0/RPMS/libopenssl0.9.7-0.9.7c-3.3.C30mdk.i586.rpm
e3e077097643c9247b0e866c0ea08c9d
corporate/3.0/RPMS/libopenssl0.9.7-devel-0.9.7c-3.3.C30mdk.i586.rpm

eb61ee6a8464a43e951102fa5a9df4b0
corporate/3.0/RPMS/libopenssl0.9.7-static-devel-0.9.7c-3.3.C30mdk.i586.rpm

fa6ce3b5dc685d567040061676d047ba
corporate/3.0/RPMS/openssl-0.9.7c-3.3.C30mdk.i586.rpm
502e04472212778c866211c6179f4127
corporate/3.0/SRPMS/openssl-0.9.7c-3.3.C30mdk.src.rpm

Corporate 3.0/X86_64:
bdc1b94ef64f4c0c02948d8ec08184b1
x86_64/corporate/3.0/RPMS/lib64openssl0.9.7-0.9.7c-3.3.C30mdk.x86_64.rpm

f2b65309719e499eb1a9d9f857c51921
x86_64/corporate/3.0/RPMS/lib64openssl0.9.7-devel-0.9.7c-3.3.C30mdk.x86_64.rpm

48e9d2cd78e4a44a4bd61542a47f2d5b
x86_64/corporate/3.0/RPMS/lib64openssl0.9.7-static-devel-0.9.7c-3.3.C30mdk.x86_64.rpm

3aef366b6921b180f304ae1a8c10ba78
x86_64/corporate/3.0/RPMS/openssl-0.9.7c-3.3.C30mdk.x86_64.rpm
502e04472212778c866211c6179f4127
x86_64/corporate/3.0/SRPMS/openssl-0.9.7c-3.3.C30mdk.src.rpm

To upgrade automatically use MandrakeUpdate or urpmi. The
verification of md5 checksums and GPG signatures is performed
automatically for you.

All packages are signed by Mandriva for security. You can obtain
the GPG public key of the Mandriva Security Team by executing:

gpg –recv-keys –keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>

Mandriva Linux Security Update Advisory

Package name: xine-lib
Advisory ID: MDKSA-2005:180
Date: October 11th, 2005
Affected versions: 10.1, 10.2, 2006.0, Corporate 3.0

Problem Description:

When playing an Audio CD, a xine-lib based media application
contacts a CDDB server to retrieve metadata like the title and
artist’s name. During processing of this data, a response from the
server, which is located in memory on the stack, is passed to the
fprintf() function as a format string. An attacker can set up a
malicious CDDB server and trick the client into using this server
instead of the preconfigured one. Alternatively, any user and
therefore the attacker can modify entries in the official CDDB
server. Using this format string vulnerability, attacker-chosen
data can be written to an attacker-chosen memory location. This
allows the attacker to alter the control flow and to execute
malicious code with the permissions of the user running the
application.

This problem was reported by Ulf Harnhammar from the Debian
Security Audit Project.

The updated packages have been patched to correct this
problem.

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2967

http://xinehq.de/index.php/security/XSA-2005-1

Updated Packages:

Mandrivalinux 10.1:
3f07ca856ac1574af04fbe1b27ee965e
10.1/RPMS/libxine1-1-0.rc5.9.3.101mdk.i586.rpm
023408c3ee89298c373a3a6927a3061e
10.1/RPMS/libxine1-devel-1-0.rc5.9.3.101mdk.i586.rpm
f15dbebfea2af1a970b7d2efd9294553
10.1/RPMS/xine-aa-1-0.rc5.9.3.101mdk.i586.rpm
964bf0c612fdd2ad9f4d3f0189db4c5d
10.1/RPMS/xine-arts-1-0.rc5.9.3.101mdk.i586.rpm
942189b2e906e9318bb729841499714c
10.1/RPMS/xine-dxr3-1-0.rc5.9.3.101mdk.i586.rpm
d87d3f48cf4378de0cd66a763df69a22
10.1/RPMS/xine-esd-1-0.rc5.9.3.101mdk.i586.rpm
f015327c624aa069668a8faddc7989da
10.1/RPMS/xine-flac-1-0.rc5.9.3.101mdk.i586.rpm
fe16081d5be8ae716f139e7cc7971738
10.1/RPMS/xine-gnomevfs-1-0.rc5.9.3.101mdk.i586.rpm
b595c492e3d38c394a05bef235a8b50e
10.1/RPMS/xine-plugins-1-0.rc5.9.3.101mdk.i586.rpm
ae824a8ad57afa4af74d14ac36aec48f
10.1/SRPMS/xine-lib-1-0.rc5.9.3.101mdk.src.rpm

Mandrivalinux 10.1/X86_64:
c56c742c25b4e7ef55363bc433ada6b6
x86_64/10.1/RPMS/lib64xine1-1-0.rc5.9.3.101mdk.x86_64.rpm
8174e6c20c36883482a8c92ac7a32dd4
x86_64/10.1/RPMS/lib64xine1-devel-1-0.rc5.9.3.101mdk.x86_64.rpm
3f07ca856ac1574af04fbe1b27ee965e
x86_64/10.1/RPMS/libxine1-1-0.rc5.9.3.101mdk.i586.rpm
c4b594b75216ec745901c2bc910aa854
x86_64/10.1/RPMS/xine-aa-1-0.rc5.9.3.101mdk.x86_64.rpm
0aa452c0c36a9a7eae6bc8276c585133
x86_64/10.1/RPMS/xine-arts-1-0.rc5.9.3.101mdk.x86_64.rpm
bf3e6970c3b37d80eee58be3804aaef1
x86_64/10.1/RPMS/xine-dxr3-1-0.rc5.9.3.101mdk.x86_64.rpm
419d4acc74bd3368f4ad7e841b71583f
x86_64/10.1/RPMS/xine-esd-1-0.rc5.9.3.101mdk.x86_64.rpm
a934d38fc6bc894afcd51fc443c5387a
x86_64/10.1/RPMS/xine-flac-1-0.rc5.9.3.101mdk.x86_64.rpm
c71f58dd79bbd7a67ade68f9f0c47537
x86_64/10.1/RPMS/xine-gnomevfs-1-0.rc5.9.3.101mdk.x86_64.rpm
9d2dbdaf3887b90af8f6f275956fba25
x86_64/10.1/RPMS/xine-plugins-1-0.rc5.9.3.101mdk.x86_64.rpm
ae824a8ad57afa4af74d14ac36aec48f
x86_64/10.1/SRPMS/xine-lib-1-0.rc5.9.3.101mdk.src.rpm

Mandrivalinux 10.2:
b59bd74be8211752b1f8b14eaaeb4caf
10.2/RPMS/libxine1-1.0-8.2.102mdk.i586.rpm
7df88b45784d86b120232238e80c2ae9
10.2/RPMS/libxine1-devel-1.0-8.2.102mdk.i586.rpm
22f9a1ef543d6e6b8b409e995c05f549
10.2/RPMS/xine-aa-1.0-8.2.102mdk.i586.rpm
6b288c5aec71967bb93031d1d6781f18
10.2/RPMS/xine-arts-1.0-8.2.102mdk.i586.rpm
e94fbd981fa69cdf4205f73620d65d58
10.2/RPMS/xine-dxr3-1.0-8.2.102mdk.i586.rpm
4ac7f54e7442efeac8a8f27ea94cce31
10.2/RPMS/xine-esd-1.0-8.2.102mdk.i586.rpm
93fb8780846b76c53743f74113c5d789
10.2/RPMS/xine-flac-1.0-8.2.102mdk.i586.rpm
79cf02e9f22be6638927dec066926b5d
10.2/RPMS/xine-gnomevfs-1.0-8.2.102mdk.i586.rpm
fb9103583e2eb19ad301d6a3042fad86
10.2/RPMS/xine-plugins-1.0-8.2.102mdk.i586.rpm
bd90a1fe71bd91383caf9ea5d87e2abc
10.2/RPMS/xine-polyp-1.0-8.2.102mdk.i586.rpm
4067888181bc7c025901b054ec7c8fd6
10.2/RPMS/xine-smb-1.0-8.2.102mdk.i586.rpm
3d1f4d92c41f977edf895388f4784337
10.2/SRPMS/xine-lib-1.0-8.2.102mdk.src.rpm

Mandrivalinux 10.2/X86_64:
772e4a1a0aac6006474768a0601545a3
x86_64/10.2/RPMS/lib64xine1-1.0-8.2.102mdk.x86_64.rpm
c72a8b14fbe656c62f8368fbc9449931
x86_64/10.2/RPMS/lib64xine1-devel-1.0-8.2.102mdk.x86_64.rpm
f6123a88fc6b3c7edd68dccbc75efc8d
x86_64/10.2/RPMS/xine-aa-1.0-8.2.102mdk.x86_64.rpm
9768022de3f23e61649671a76de6d4a3
x86_64/10.2/RPMS/xine-arts-1.0-8.2.102mdk.x86_64.rpm
6636acc15686f32d827c367ae0e0af83
x86_64/10.2/RPMS/xine-dxr3-1.0-8.2.102mdk.x86_64.rpm
bd80ab843edcb769edbe95bee307848e
x86_64/10.2/RPMS/xine-esd-1.0-8.2.102mdk.x86_64.rpm
70c16130252aca43d5cac5d30d258dbc
x86_64/10.2/RPMS/xine-flac-1.0-8.2.102mdk.x86_64.rpm
19546fbd231735cdb52488c78bb3138c
x86_64/10.2/RPMS/xine-gnomevfs-1.0-8.2.102mdk.x86_64.rpm
e14f01a64d3080fc35ee3f7280ae9336
x86_64/10.2/RPMS/xine-plugins-1.0-8.2.102mdk.x86_64.rpm
8281c290d3e926279706b049dd4247da
x86_64/10.2/RPMS/xine-polyp-1.0-8.2.102mdk.x86_64.rpm
46f8be45f38977aa67731c5da830c43b
x86_64/10.2/RPMS/xine-smb-1.0-8.2.102mdk.x86_64.rpm
3d1f4d92c41f977edf895388f4784337
x86_64/10.2/SRPMS/xine-lib-1.0-8.2.102mdk.src.rpm

Mandrivalinux 2006.0:
ad0dd01a46c84cb5ce8a28ce5710da28
2006.0/RPMS/libxine1-1.1.0-8.1.20060mdk.i586.rpm
b63c878314d9d393a43082f1940fd063
2006.0/RPMS/libxine1-devel-1.1.0-8.1.20060mdk.i586.rpm
77404b4ea4908b51843f26b4face7a21
2006.0/RPMS/xine-aa-1.1.0-8.1.20060mdk.i586.rpm
efec9d133963c8c8d1d052ea8d1a811d
2006.0/RPMS/xine-arts-1.1.0-8.1.20060mdk.i586.rpm
bb1f5e764c4cc933659ebe7ba2c61d88
2006.0/RPMS/xine-dxr3-1.1.0-8.1.20060mdk.i586.rpm
b74cffa6e5683afb50ed015555b2afe8
2006.0/RPMS/xine-esd-1.1.0-8.1.20060mdk.i586.rpm
f8c48d2fc87e8f562754ce36dcf7f74a
2006.0/RPMS/xine-flac-1.1.0-8.1.20060mdk.i586.rpm
b8f365ce839aa783637edd4687f89a64
2006.0/RPMS/xine-gnomevfs-1.1.0-8.1.20060mdk.i586.rpm
2fed4fcf4867293705de055f0b2095d3
2006.0/RPMS/xine-image-1.1.0-8.1.20060mdk.i586.rpm
7ee9724ef73423691f4c2622824d50e3
2006.0/RPMS/xine-plugins-1.1.0-8.1.20060mdk.i586.rpm
732ac66a4b4a8356c8afbfc6770ac6ac
2006.0/RPMS/xine-polyp-1.1.0-8.1.20060mdk.i586.rpm
f4afb35e994c48af37529481df73df9c
2006.0/RPMS/xine-smb-1.1.0-8.1.20060mdk.i586.rpm
f8551a36e839b1c284f157d042395477
2006.0/SRPMS/xine-lib-1.1.0-8.1.20060mdk.src.rpm

Mandrivalinux 2006.0/X86_64:
c9e6b7176514f797a6b4d444d630783e
x86_64/2006.0/RPMS/lib64xine1-1.1.0-8.1.20060mdk.x86_64.rpm
9997e0b3a7712a94c98964d2a387d010
x86_64/2006.0/RPMS/lib64xine1-devel-1.1.0-8.1.20060mdk.x86_64.rpm

8c32b4302fe882f057cc307ef546356e
x86_64/2006.0/RPMS/xine-aa-1.1.0-8.1.20060mdk.x86_64.rpm
a18e2771a126b49d93d588d7ff57f22d
x86_64/2006.0/RPMS/xine-arts-1.1.0-8.1.20060mdk.x86_64.rpm
188e16a6da35e64d77ef1007f770959e
x86_64/2006.0/RPMS/xine-dxr3-1.1.0-8.1.20060mdk.x86_64.rpm
cd4045af591254a68d48dbceb5885bc5
x86_64/2006.0/RPMS/xine-esd-1.1.0-8.1.20060mdk.x86_64.rpm
40c947de3d1df3e33a0f4c26f096b0c8
x86_64/2006.0/RPMS/xine-flac-1.1.0-8.1.20060mdk.x86_64.rpm
cdd6293c4edc8751989f605eb4bb3f45
x86_64/2006.0/RPMS/xine-gnomevfs-1.1.0-8.1.20060mdk.x86_64.rpm
249af817e4dac7f580ef1d9614ec66da
x86_64/2006.0/RPMS/xine-image-1.1.0-8.1.20060mdk.x86_64.rpm
4161debdffeaf757be1d97a28e9d7c02
x86_64/2006.0/RPMS/xine-plugins-1.1.0-8.1.20060mdk.x86_64.rpm
6c5c31192529ddca8794de618f4ce0f4
x86_64/2006.0/RPMS/xine-polyp-1.1.0-8.1.20060mdk.x86_64.rpm
eb1a6c7e8297098dff9d2896f83f2f2f
x86_64/2006.0/RPMS/xine-smb-1.1.0-8.1.20060mdk.x86_64.rpm
f8551a36e839b1c284f157d042395477
x86_64/2006.0/SRPMS/xine-lib-1.1.0-8.1.20060mdk.src.rpm

Corporate 3.0:
e93f0caab04c2752c07faaff0f97922f
corporate/3.0/RPMS/libxine1-1-0.rc3.6.5.C30mdk.i586.rpm
b7cc7339b05df194eac9ef7a17878271
corporate/3.0/RPMS/xine-arts-1-0.rc3.6.5.C30mdk.i586.rpm
0e2cfe89dd82835669dcff0780923982
corporate/3.0/RPMS/xine-plugins-1-0.rc3.6.5.C30mdk.i586.rpm
8658f0c1e16ef59142cbe2c685043b26
corporate/3.0/SRPMS/xine-lib-1-0.rc3.6.5.C30mdk.src.rpm

Corporate 3.0/X86_64:
f43b406288771a962829e7b9686c2eba
x86_64/corporate/3.0/RPMS/lib64xine1-1-0.rc3.6.5.C30mdk.x86_64.rpm

aa294b88759a08022052f0bdff44ad6a
x86_64/corporate/3.0/RPMS/xine-arts-1-0.rc3.6.5.C30mdk.x86_64.rpm

27247dc4bb05cef5bfbe97631b12de2e
x86_64/corporate/3.0/RPMS/xine-plugins-1-0.rc3.6.5.C30mdk.x86_64.rpm

8658f0c1e16ef59142cbe2c685043b26
x86_64/corporate/3.0/SRPMS/xine-lib-1-0.rc3.6.5.C30mdk.src.rpm

To upgrade automatically use MandrakeUpdate or urpmi. The
verification of md5 checksums and GPG signatures is performed
automatically for you.

All packages are signed by Mandriva for security. You can obtain
the GPG public key of the Mandriva Security Team by executing:

gpg –recv-keys –keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>

Mandriva Linux Security Update Advisory

Package name: squid
Advisory ID: MDKSA-2005:181
Date: October 11th, 2005
Affected versions: 10.1, 10.2, 2006.0, Corporate 3.0, Corporate
Server 2.1, Multi Network Firewall 2.0

Problem Description:

Squid 2.5.9, while performing NTLM authentication, does not
properly handle certain request sequences, which allows attackers
to cause a denial of service (daemon restart).

The updated packages have been patched to address these
issues.

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2917

Updated Packages:

Mandrivalinux 10.1:
2159ad83fce0c0e07abec59e859173df
10.1/RPMS/squid-2.5.STABLE9-1.4.101mdk.i586.rpm
c068938f3b353ac957c2781fdf3a668b
10.1/SRPMS/squid-2.5.STABLE9-1.4.101mdk.src.rpm

Mandrivalinux 10.1/X86_64:
5d348dff4c6af7f6fadb7a082949a625
x86_64/10.1/RPMS/squid-2.5.STABLE9-1.4.101mdk.x86_64.rpm
c068938f3b353ac957c2781fdf3a668b
x86_64/10.1/SRPMS/squid-2.5.STABLE9-1.4.101mdk.src.rpm

Mandrivalinux 10.2:
c720af4bcd25b1601a78a288207dcbef
10.2/RPMS/squid-2.5.STABLE9-1.4.102mdk.i586.rpm
05710a48508987ad1a3f8610befb3545
10.2/SRPMS/squid-2.5.STABLE9-1.4.102mdk.src.rpm

Mandrivalinux 10.2/X86_64:
6652fcb5d9cb565d66e687ae8cd4621b
x86_64/10.2/RPMS/squid-2.5.STABLE9-1.4.102mdk.x86_64.rpm
05710a48508987ad1a3f8610befb3545
x86_64/10.2/SRPMS/squid-2.5.STABLE9-1.4.102mdk.src.rpm

Mandrivalinux 2006.0:
b1f84290d8148feeb4243d8662842f1e
2006.0/RPMS/squid-2.5.STABLE10-10.1.20060mdk.i586.rpm
6c1db02fae65e9202b26ecbeb06600f3
2006.0/RPMS/squid-cachemgr-2.5.STABLE10-10.1.20060mdk.i586.rpm
66e697ada09d6727c0b1cce0b535519a
2006.0/SRPMS/squid-2.5.STABLE10-10.1.20060mdk.src.rpm

Mandrivalinux 2006.0/X86_64:
f8d2a35075a4515961707d52a4e54795
x86_64/2006.0/RPMS/squid-2.5.STABLE10-10.1.20060mdk.x86_64.rpm
7f21b2f3e03ee10535b6e6204bd90f66
x86_64/2006.0/RPMS/squid-cachemgr-2.5.STABLE10-10.1.20060mdk.x86_64.rpm

66e697ada09d6727c0b1cce0b535519a
x86_64/2006.0/SRPMS/squid-2.5.STABLE10-10.1.20060mdk.src.rpm

Multi Network Firewall 2.0:
d50ee470ba3e48c31c1d9d182ceb94f4
mnf/2.0/RPMS/squid-2.5.STABLE9-1.4.M20mdk.i586.rpm
28c692f3fe6e26ec18e6f9c5df90247a
mnf/2.0/SRPMS/squid-2.5.STABLE9-1.4.M20mdk.src.rpm

Corporate Server 2.1:
28f055d1dac940a09bf8d75739640e47
corporate/2.1/RPMS/squid-2.4.STABLE7-2.9.C21mdk.i586.rpm
1f673b3a7aad68b685463b96b8569157
corporate/2.1/SRPMS/squid-2.4.STABLE7-2.9.C21mdk.src.rpm

Corporate Server 2.1/X86_64:
d5d6450ca3c426b16a9c36b9b4030f6c
x86_64/corporate/2.1/RPMS/squid-2.4.STABLE7-2.9.C21mdk.x86_64.rpm

1f673b3a7aad68b685463b96b8569157
x86_64/corporate/2.1/SRPMS/squid-2.4.STABLE7-2.9.C21mdk.src.rpm

Corporate 3.0:
5877b6bf476c146d95b78dc62908721a
corporate/3.0/RPMS/squid-2.5.STABLE9-1.4.C30mdk.i586.rpm
9ab3c4c41fb8bd2bdeb84f753e270bda
corporate/3.0/SRPMS/squid-2.5.STABLE9-1.4.C30mdk.src.rpm

Corporate 3.0/X86_64:
0d71ddfef090edb5ed2d0166a688b7a4
x86_64/corporate/3.0/RPMS/squid-2.5.STABLE9-1.4.C30mdk.x86_64.rpm

9ab3c4c41fb8bd2bdeb84f753e270bda
x86_64/corporate/3.0/SRPMS/squid-2.5.STABLE9-1.4.C30mdk.src.rpm

To upgrade automatically use MandrakeUpdate or urpmi. The
verification of md5 checksums and GPG signatures is performed
automatically for you.

All packages are signed by Mandriva for security. You can obtain
the GPG public key of the Mandriva Security Team by executing:

gpg –recv-keys –keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>

Ubuntu Linux

Ubuntu Security Notice USN-202-1 October 12, 2005
koffice vulnerability
CAN-2005-2971

A security issue affects the following Ubuntu releases:

Ubuntu 5.04 (Hoary Hedgehog)

The following packages are affected:

koffice-libs
kword

The problem can be corrected by upgrading the affected package
to version 1:1.3.5-2ubuntu1.1. After a standard system upgrade you
need to restart all KOffice applications to effect the necessary
changes.

Details follow:

Chris Evans discovered a buffer overflow in the RTF import
module of KOffice. By tricking a user into opening a
specially-crafted RTF file, an attacker could exploit this to
execute arbitrary code with the privileges of the AbiWord user.

Source archives:

http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/koffice_1.3.5-2ubuntu1.1.diff.gz

Size/MD5: 8816
85d465e2669a24b0019233221a0e15fd
http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/koffice_1.3.5-2ubuntu1.1.dsc

Size/MD5: 999
2eaa86d2bee10bad8d0b34ed2e60d336
http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/koffice_1.3.5.orig.tar.gz

Size/MD5: 13154501
2c9b45ecbf16a8c5d16ce9d2f51c2571

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/kivio-data_1.3.5-2ubuntu1.1_all.deb

Size/MD5: 615280
b84003db4ad4625b7266b479eaf1d50c
http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/koffice-data_1.3.5-2ubuntu1.1_all.deb

Size/MD5: 684630
3275891bff107e56d00e13687eea0e22
http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/koffice-doc-html_1.3.5-2ubuntu1.1_all.deb

Size/MD5: 305362
3edd7173b3597eec1b25a5308b509328
http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/koffice_1.3.5-2ubuntu1.1_all.deb

Size/MD5: 13502
77d6fdda1ad2093ab9e0b45fcf5c8046

amd64 architecture (Athlon64, Opteron, EM64T Xeon)