---

Advisories, October 6, 2005

Debian GNU/Linux


Debian Security Advisory DSA 845-1 [email protected]
http://www.debian.org/security/
Martin Schulze
October 6th, 2005 http://www.debian.org/security/faq


Package : mason
Vulnerability : programming error
Problem type : remote
Debian-specific: yes
CVE ID : CAN-2005-3118
Debian Bug : 222384

Christoph Martin noticed that upon configuration mason, which
interactively creates a Linux packet filtering firewall, does not
install the init script to actually load the firewall during system
boot. This will leave the machine without a firewall after a
reboot.

For the old stable distribution (woody) this problem has been
fixed in version 0.13.0.92-2woody1.

For the stable distribution (sarge) this problem has been fixed
in version 1.0.0-2.2.

For the unstable distribution (sid) this problem has been fixed
in version 1.0.0-3.

We recommend that you upgrade your mason package.

Upgrade Instructions


wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody


Source archives:

    http://security.debian.org/pool/updates/main/m/mason/mason_0.13.0.92-2woody1.dsc

      Size/MD5 checksum: 541
ecb992ca78a35ca58a14eeab6cf4f15c
    http://security.debian.org/pool/updates/main/m/mason/mason_0.13.0.92-2woody1.diff.gz

      Size/MD5 checksum: 3659
222ab145878984b9e181eea0046b6526
    http://security.debian.org/pool/updates/main/m/mason/mason_0.13.0.92.orig.tar.gz

      Size/MD5 checksum: 218789
e1de238f5adc99bdbd519c92513f96b4

Architecture independent components:

    http://security.debian.org/pool/updates/main/m/mason/mason_0.13.0.92-2woody1_all.deb

      Size/MD5 checksum: 184824
e32b3597c9bbf77624e205a6c4a8fdd2

Debian GNU/Linux 3.1 alias sarge


Source archives:

    http://security.debian.org/pool/updates/main/m/mason/mason_1.0.0-2.2.dsc

      Size/MD5 checksum: 593
e899d7d2eeee90bdf85b37053613e0b4
    http://security.debian.org/pool/updates/main/m/mason/mason_1.0.0-2.2.diff.gz

      Size/MD5 checksum: 47013
0a8b604f753b008eaf3a5f2cca030023
    http://security.debian.org/pool/updates/main/m/mason/mason_1.0.0.orig.tar.gz

      Size/MD5 checksum: 506940
62785d59e03df309fed8abe97e479af0

Architecture independent components:

    http://security.debian.org/pool/updates/main/m/mason/mason_1.0.0-2.2_all.deb

      Size/MD5 checksum: 423220
cc8e8f0ed22d2efdbb0e9d0e4cd61d8e

These files will probably be moved into the stable distribution
on its next update.


For apt-get: deb http://security.debian.org/
stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security
dists/stable/updates/main
Mailing list: [email protected]

Package info: `apt-cache show <pkg>’ and http://packages.debian.org/<pkg>

Gentoo Linux


Gentoo Linux Security Advisory GLSA 200510-05


http://security.gentoo.org/


Severity: Normal
Title: Ruby: Security bypass vulnerability
Date: October 06, 2005
Bugs: #106996
ID: 200510-05


Synopsis

Ruby is vulnerable to a security bypass of the safe level
mechanism.

Background

Ruby is an interpreted scripting language for quick and easy
object-oriented programming. Ruby supports the safe execution of
untrusted code using a safe level and taint flag mechanism.

Affected packages


     Package        /  Vulnerable  /                        Unaffected

  1  dev-lang/ruby       < 1.8.3                              >= 1.8.3

Description

Dr. Yutaka Oiwa discovered that Ruby fails to properly enforce
safe level protections.

Impact

An attacker could exploit this vulnerability to execute
arbitrary code beyond the restrictions specified in each safe
level.

Workaround

There is no known workaround at this time.

Resolution

All Ruby users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=dev-lang/ruby-1.8.3"

References

[ 1 ] CAN-2005-2337

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2337

[ 2 ] Ruby release announcement

http://www.ruby-lang.org/en/20051003.html

Availability

This GLSA and any updates to it are available for viewing at the
Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200510-05.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
[email protected] or
alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2005 Gentoo Foundation, Inc; referenced text belongs
to its owner(s).

The contents of this document are licensed under the Creative
Commons – Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.0


Gentoo Linux Security Advisory GLSA 200510-06


http://security.gentoo.org/


Severity: Normal
Title: Dia: Arbitrary code execution through SVG import
Date: October 06, 2005
Bugs: #107916
ID: 200510-06


Synopsis

Improperly sanitised data in Dia allows remote attackers to
execute arbitrary code.

Background

Dia is a gtk+ based diagram creation program released under the
GPL license.

Affected packages


     Package         /  Vulnerable  /                       Unaffected

  1  app-office/dia      < 0.94-r3                          >= 0.94-r3

Description

Joxean Koret discovered that the SVG import plugin in Dia fails
to properly sanitise data read from an SVG file.

Impact

An attacker could create a specially crafted SVG file, which,
when imported into Dia, could lead to the execution of arbitrary
code.

Workaround

There is no known workaround at this time.

Resolution

All Dia users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=app-office/dia-0.94-r3"

References

[ 1 ] CAN-2005-2966

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2966

Availability

This GLSA and any updates to it are available for viewing at the
Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200510-06.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
[email protected] or
alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2005 Gentoo Foundation, Inc; referenced text belongs
to its owner(s).

The contents of this document are licensed under the Creative
Commons – Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.0

Ubuntu Linux


Ubuntu Security Notice USN-194-1 October 06, 2005
texinfo vulnerability
CAN-2005-3011


A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)
Ubuntu 5.04 (Hoary Hedgehog)

The following packages are affected:

texinfo

The problem can be corrected by upgrading the affected package
to version 4.6-1ubuntu1.1 (for Ubuntu 4.10), or 4.7-2.2ubuntu1.1
(for Ubuntu 5.04). In general, a standard system upgrade is
sufficient to effect the necessary changes.

Details follow:

Frank Lichtenheld discovered that the “texindex” program created
temporary files in an insecure manner. This could allow a symlink
attack to create or overwrite arbitrary files with the privileges
of the user running texindex.

Updated packages for Ubuntu 4.10 (Warty Warthog):

Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/t/texinfo/texinfo_4.6-1ubuntu1.1.diff.gz

      Size/MD5: 125053
f97e652490198d27c6e29af9951cdc71
    http://security.ubuntu.com/ubuntu/pool/main/t/texinfo/texinfo_4.6-1ubuntu1.1.dsc

      Size/MD5: 625
f669384d1ae30bae7c70063d9a65d31e
    http://security.ubuntu.com/ubuntu/pool/main/t/texinfo/texinfo_4.6.orig.tar.gz

      Size/MD5: 1892091
5730c8c0c7484494cca7a7e2d7459c64

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/t/texinfo/info_4.6-1ubuntu1.1_amd64.deb

      Size/MD5: 280644
31eb0286bda40317d0e33553bf1dde59
    http://security.ubuntu.com/ubuntu/pool/main/t/texinfo/texinfo_4.6-1ubuntu1.1_amd64.deb

      Size/MD5: 875828
b1c85f8b941d67dac908f8d8c4edf483

i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/t/texinfo/info_4.6-1ubuntu1.1_i386.deb

      Size/MD5: 265932
7296ff8a26d8b7c720ffe7b28347e82f
    http://security.ubuntu.com/ubuntu/pool/main/t/texinfo/texinfo_4.6-1ubuntu1.1_i386.deb

      Size/MD5: 858092
7e52b8db866cbbe2352217a03bc39b14

powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/t/texinfo/info_4.6-1ubuntu1.1_powerpc.deb

      Size/MD5: 279674
3ac6bc00d8742c696f7793aadc264ba1
    http://security.ubuntu.com/ubuntu/pool/main/t/texinfo/texinfo_4.6-1ubuntu1.1_powerpc.deb

      Size/MD5: 868758
f49ff63604c06a5077ce06f2ca64382b

Updated packages for Ubuntu 5.04 (Hoary Hedgehog):

Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/t/texinfo/texinfo_4.7-2.2ubuntu1.1.diff.gz

      Size/MD5: 10615
b2a3812bcfe8f069e888170c2eaf73f8
    http://security.ubuntu.com/ubuntu/pool/main/t/texinfo/texinfo_4.7-2.2ubuntu1.1.dsc

      Size/MD5: 628
cee74cea6cd661b85c0f1038fa5fd0e3
    http://security.ubuntu.com/ubuntu/pool/main/t/texinfo/texinfo_4.7.orig.tar.gz

      Size/MD5: 1979183
72a57e378efb9898c9e41ca839554dae

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/t/texinfo/info_4.7-2.2ubuntu1.1_amd64.deb

      Size/MD5: 191328
273d9d321578a301f46a7bd0712c54e6
    http://security.ubuntu.com/ubuntu/pool/main/t/texinfo/texinfo_4.7-2.2ubuntu1.1_amd64.deb

      Size/MD5: 488278
8da6138a72e9261433dc8d8d90e1b725

i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/t/texinfo/info_4.7-2.2ubuntu1.1_i386.deb

      Size/MD5: 177586
8c60d776b23d9ba81ee600805c38dbb5
    http://security.ubuntu.com/ubuntu/pool/main/t/texinfo/texinfo_4.7-2.2ubuntu1.1_i386.deb

      Size/MD5: 470502
82ebb862c685c13ced8a55c5ad0a6515

powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/t/texinfo/info_4.7-2.2ubuntu1.1_powerpc.deb

      Size/MD5: 190400
983de1de47c40a3f90e549ab875ba99b
    http://security.ubuntu.com/ubuntu/pool/main/t/texinfo/texinfo_4.7-2.2ubuntu1.1_powerpc.deb

      Size/MD5: 483932
38e2d37a8d0ae17bd492e556e4d42dd0