---

Advisories, September 21, 2005


Mandriva Linux Security Update Advisory


Package name: clamav
Advisory ID: MDKSA-2005:166
Date: September 20th, 2005
Affected versions: 10.1, 10.2, Corporate 3.0


Problem Description:

A vulnerability was discovered in ClamAV versions prior to 0.87.
A buffer overflow could occure when processing malformed UPX-packed
executables. As well, it could be sent into an infinite loop when
processing specially-crafted FSG-packed executables.

ClamAV version 0.87 is provided with this update which isn’t
vulnerable to these issues.


References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2919

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2920


Updated Packages:

Mandrakelinux 10.1:
9f85320efe6a337ae46db08b53e0eaba
10.1/RPMS/clamav-0.87-0.1.101mdk.i586.rpm
 083a4c5972e960c2a47e598c4626506b
10.1/RPMS/clamav-db-0.87-0.1.101mdk.i586.rpm
 c3f10bb7176e61dcded0cee084fd2d24
10.1/RPMS/clamav-milter-0.87-0.1.101mdk.i586.rpm
 990c343c993bf7bf44046e773faa9f84
10.1/RPMS/clamd-0.87-0.1.101mdk.i586.rpm
 6c67cc650a9808ac1bd95fc7a1d4017a
10.1/RPMS/libclamav1-0.87-0.1.101mdk.i586.rpm
 213a5145796b74cf65c983a482072455
10.1/RPMS/libclamav1-devel-0.87-0.1.101mdk.i586.rpm
 2d75e236b21dbe8000a7c4b1be93217b
10.1/SRPMS/clamav-0.87-0.1.101mdk.src.rpm

Mandrakelinux 10.1/X86_64:
ef22edfa1aa4502f08000e050de5d36f
x86_64/10.1/RPMS/clamav-0.87-0.1.101mdk.x86_64.rpm
 e33da1b6f6bcd366801a5e80eeb7c723
x86_64/10.1/RPMS/clamav-db-0.87-0.1.101mdk.x86_64.rpm
 04c621676e2832c400c0dda74a498d49
x86_64/10.1/RPMS/clamav-milter-0.87-0.1.101mdk.x86_64.rpm
 da9cc77846812a4b34cb8250157d50b1
x86_64/10.1/RPMS/clamd-0.87-0.1.101mdk.x86_64.rpm
 950f3adbe1fec12c9792f6c947b7cb76
x86_64/10.1/RPMS/lib64clamav1-0.87-0.1.101mdk.x86_64.rpm
 6e53ad5c6d61a9ee3356d919b6589026
x86_64/10.1/RPMS/lib64clamav1-devel-0.87-0.1.101mdk.x86_64.rpm
 2d75e236b21dbe8000a7c4b1be93217b
x86_64/10.1/SRPMS/clamav-0.87-0.1.101mdk.src.rpm

Mandrakelinux 10.2:
bc2e4234b78790c9b0c5a5efcb15ba98
10.2/RPMS/clamav-0.87-0.1.102mdk.i586.rpm
 0a99f74d25235e793a6fe05a56d79f7a
10.2/RPMS/clamav-db-0.87-0.1.102mdk.i586.rpm
 b7d275ba651524cc4e3ce5cfacb842e3
10.2/RPMS/clamav-milter-0.87-0.1.102mdk.i586.rpm
 c6862f992a927151d1c4c511cb874e0a
10.2/RPMS/clamd-0.87-0.1.102mdk.i586.rpm
 303aeaa4d2a5de29f3cc5b0cdc539ab3
10.2/RPMS/libclamav1-0.87-0.1.102mdk.i586.rpm
 bcef24beead553b0b7af6a0454365384
10.2/RPMS/libclamav1-devel-0.87-0.1.102mdk.i586.rpm
 96e1ce9dffda8199bf1b583bc2d51e60
10.2/SRPMS/clamav-0.87-0.1.102mdk.src.rpm

Mandrakelinux 10.2/X86_64:
fc09b5328e536f426f6edaac04453ca2
x86_64/10.2/RPMS/clamav-0.87-0.1.102mdk.x86_64.rpm
 f27bc62247ff84975019f8ed3d6ea5b1
x86_64/10.2/RPMS/clamav-db-0.87-0.1.102mdk.x86_64.rpm
 c9fb726280f84da9dd32e30542c29fcd
x86_64/10.2/RPMS/clamav-milter-0.87-0.1.102mdk.x86_64.rpm
 193644891c29c2973931c01a56e68d60
x86_64/10.2/RPMS/clamd-0.87-0.1.102mdk.x86_64.rpm
 9568649a618f654600d78b71027174c9
x86_64/10.2/RPMS/lib64clamav1-0.87-0.1.102mdk.x86_64.rpm
 6b54a7ac2e8d743e067bfdaa7638d90f
x86_64/10.2/RPMS/lib64clamav1-devel-0.87-0.1.102mdk.x86_64.rpm
 96e1ce9dffda8199bf1b583bc2d51e60
x86_64/10.2/SRPMS/clamav-0.87-0.1.102mdk.src.rpm

Corporate 3.0:
f86de5b6055236c9cd1ff173bc6c1d98
corporate/3.0/RPMS/clamav-0.87-0.1.C30mdk.i586.rpm
 07071df1c078079e4b7d55f5fa13c7c8
corporate/3.0/RPMS/clamav-db-0.87-0.1.C30mdk.i586.rpm
 c96f4eb3cfd2ffb9060961e39c109204
corporate/3.0/RPMS/clamav-milter-0.87-0.1.C30mdk.i586.rpm
 2445d80ee9c39b337da36554315b9ac1
corporate/3.0/RPMS/clamd-0.87-0.1.C30mdk.i586.rpm
 196a1254be8dce937e17d4b731c5ec19
corporate/3.0/RPMS/libclamav1-0.87-0.1.C30mdk.i586.rpm
 a40bfe3465fcdceec2c8d9bfd52ba2b0
corporate/3.0/RPMS/libclamav1-devel-0.87-0.1.C30mdk.i586.rpm
 3ff54d614c61c446d645f8a5c8458abb
corporate/3.0/SRPMS/clamav-0.87-0.1.C30mdk.src.rpm

Corporate 3.0/X86_64:
9d8b35a818da8a63bbbb6e435b9aeca7
x86_64/corporate/3.0/RPMS/clamav-0.87-0.1.C30mdk.x86_64.rpm
 b5e2a4dcbce2882b73c8a561574a4d24
x86_64/corporate/3.0/RPMS/clamav-db-0.87-0.1.C30mdk.x86_64.rpm
 cd2da84bd6fe14cfc7822acdbbfb51da
x86_64/corporate/3.0/RPMS/clamav-milter-0.87-0.1.C30mdk.x86_64.rpm

 cf5b819b5c911ece25afa929124bbbcf
x86_64/corporate/3.0/RPMS/clamd-0.87-0.1.C30mdk.x86_64.rpm
 7ba558d19e757c2a624e495055e0c218
x86_64/corporate/3.0/RPMS/lib64clamav1-0.87-0.1.C30mdk.x86_64.rpm

 ba046627c72dbe187eca48e5e1ae188c
x86_64/corporate/3.0/RPMS/lib64clamav1-devel-0.87-0.1.C30mdk.x86_64.rpm

 3ff54d614c61c446d645f8a5c8458abb
x86_64/corporate/3.0/SRPMS/clamav-0.87-0.1.C30mdk.src.rpm


To upgrade automatically use MandrakeUpdate or urpmi. The
verification of md5 checksums and GPG signatures is performed
automatically for you.

All packages are signed by Mandriva for security. You can obtain
the GPG public key of the Mandriva Security Team by executing:

gpg –recv-keys –keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com


Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>


Mandriva Linux Security Update Advisory


Package name: util-linux
Advisory ID: MDKSA-2005:167
Date: September 20th, 2005
Affected versions: 10.0, 10.1, 10.2, Corporate 3.0, Corporate
Server 2.1, Multi Network Firewall 2.0


Problem Description:

David Watson disovered that the umount utility, when using the
“-r” cpmmand, could remove some restrictive mount options such as
“nosuid”. IF /etc/fstab contained user-mountable removable devices
that specified nosuid, a local attacker could exploit this flaw to
execute arbitrary programs with root privileges by calling “umount
-r” on a removable device.

The updated packages have been patched to ensure that “-r” can
only be called by the root user.


References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2876


Updated Packages:

Mandrakelinux 10.0:
e28c42b0a18bf906ea339ffeb02d3320
10.0/RPMS/losetup-2.12-2.1.100mdk.i586.rpm
 6dd9d97f688ab7b872dba55b9c427935
10.0/RPMS/mount-2.12-2.1.100mdk.i586.rpm
 b23bbbec6f75fbe1f2137f1335f782f9
10.0/RPMS/util-linux-2.12-2.1.100mdk.i586.rpm
 0c84336fe4e647fe4b35686e6e938a8f
10.0/SRPMS/util-linux-2.12-2.1.100mdk.src.rpm

Mandrakelinux 10.0/AMD64:
1c972124af9eba5acc9691931e5629c8
amd64/10.0/RPMS/losetup-2.12-2.1.100mdk.amd64.rpm
 2a0367d603f4c8e893e7f0ec158132e5
amd64/10.0/RPMS/mount-2.12-2.1.100mdk.amd64.rpm
 4fe57def6145640a886feb35deb77a6d
amd64/10.0/RPMS/util-linux-2.12-2.1.100mdk.amd64.rpm
 0c84336fe4e647fe4b35686e6e938a8f
amd64/10.0/SRPMS/util-linux-2.12-2.1.100mdk.src.rpm

Mandrakelinux 10.1:
658b5ee36c137e2533397ac71aa86e0e
10.1/RPMS/losetup-2.12a-5.1.101mdk.i586.rpm
 b15ae4dbd367fcd46e38d418bb3d1a86
10.1/RPMS/mount-2.12a-5.1.101mdk.i586.rpm
 701b35a4588f4ce5879b651724f72a1d
10.1/RPMS/util-linux-2.12a-5.1.101mdk.i586.rpm
 f1bbf1462e0f0987ce110388bd2e8d48
10.1/SRPMS/util-linux-2.12a-5.1.101mdk.src.rpm

Mandrakelinux 10.1/X86_64:
fbd4672670283fd495a652d0338467d4
x86_64/10.1/RPMS/losetup-2.12a-5.1.101mdk.x86_64.rpm
 b1773a98c38538db35e2c4fd8aa5e100
x86_64/10.1/RPMS/mount-2.12a-5.1.101mdk.x86_64.rpm
 8a4e15cdaaa7efe10c7830a9cda27523
x86_64/10.1/RPMS/util-linux-2.12a-5.1.101mdk.x86_64.rpm
 f1bbf1462e0f0987ce110388bd2e8d48
x86_64/10.1/SRPMS/util-linux-2.12a-5.1.101mdk.src.rpm

Mandrakelinux 10.2:
8314ea4ec99e8e603fb2da6941aae1d9
10.2/RPMS/losetup-2.12a-12.1.102mdk.i586.rpm
 2a8a83e0e36295db943fc51a4aee863f
10.2/RPMS/mount-2.12a-12.1.102mdk.i586.rpm
 01a4abab8ec329a29cf2310d8ee006d9
10.2/RPMS/util-linux-2.12a-12.1.102mdk.i586.rpm
 2bedcdeed443ed6438f290dff54038b5
10.2/SRPMS/util-linux-2.12a-12.1.102mdk.src.rpm

Mandrakelinux 10.2/X86_64:
73e23481f84309a90b99394468885e20
x86_64/10.2/RPMS/losetup-2.12a-12.1.102mdk.x86_64.rpm
 8dc01cc71d8b32fbba41d1936c861534
x86_64/10.2/RPMS/mount-2.12a-12.1.102mdk.x86_64.rpm
 441ce68e9e3b07c807bb5486adde1903
x86_64/10.2/RPMS/util-linux-2.12a-12.1.102mdk.x86_64.rpm
 2bedcdeed443ed6438f290dff54038b5
x86_64/10.2/SRPMS/util-linux-2.12a-12.1.102mdk.src.rpm

Multi Network Firewall 2.0:
765b0e93637cce9d5b623a81bdc81e6e
mnf/2.0/RPMS/losetup-2.12-2.1.M20mdk.i586.rpm
 782d8a37c484ab76ae766dddcce2173e
mnf/2.0/RPMS/mount-2.12-2.1.M20mdk.i586.rpm
 d6f35d4ccdb1cb9dcd21218ca5d6da72
mnf/2.0/RPMS/util-linux-2.12-2.1.M20mdk.i586.rpm
 360a0c2f0e8d383b09a7eb44d1e654a2
mnf/2.0/SRPMS/util-linux-2.12-2.1.M20mdk.src.rpm

Corporate Server 2.1:
d560b7038ca8ae848b24414858fac1ef
corporate/2.1/RPMS/losetup-2.11u-5.1.C21mdk.i586.rpm
 81bf701d8b8129c0809c37205d4fbad0
corporate/2.1/RPMS/mount-2.11u-5.1.C21mdk.i586.rpm
 321463758b000a1e7348111f7bea2959
corporate/2.1/RPMS/util-linux-2.11u-5.1.C21mdk.i586.rpm
 b1d2f438863cd5c807548ec4209b0179
corporate/2.1/SRPMS/util-linux-2.11u-5.1.C21mdk.src.rpm

Corporate Server 2.1/X86_64:
141b7b38947d1fd2ef4088ba20e093f1
x86_64/corporate/2.1/RPMS/losetup-2.11u-5.1.C21mdk.x86_64.rpm
 ddb3ee3ebe56b399ff881806f9cd8832
x86_64/corporate/2.1/RPMS/mount-2.11u-5.1.C21mdk.x86_64.rpm
 a61050516b99231bca46507fa94aa5e8
x86_64/corporate/2.1/RPMS/util-linux-2.11u-5.1.C21mdk.x86_64.rpm

 b1d2f438863cd5c807548ec4209b0179
x86_64/corporate/2.1/SRPMS/util-linux-2.11u-5.1.C21mdk.src.rpm

Corporate 3.0:
bbcce593f1b51833383997590a13b834
corporate/3.0/RPMS/losetup-2.12-2.1.C30mdk.i586.rpm
 bb38ae724541d9c73ac64d382d4839e8
corporate/3.0/RPMS/mount-2.12-2.1.C30mdk.i586.rpm
 55420d5f1fa9c7cc7f6e42f61c0428fc
corporate/3.0/RPMS/util-linux-2.12-2.1.C30mdk.i586.rpm
 28f6b881c65662695c84ac100ea9d012
corporate/3.0/SRPMS/util-linux-2.12-2.1.C30mdk.src.rpm

Corporate 3.0/X86_64:
3d96c512a6eaf548bef73c7fc3db5012
x86_64/corporate/3.0/RPMS/losetup-2.12-2.1.C30mdk.x86_64.rpm
 21d37d4ebb7943cf412a3bb423808fc5
x86_64/corporate/3.0/RPMS/mount-2.12-2.1.C30mdk.x86_64.rpm
 75fa21eea372a790a6f1c3a8a120cb7e
x86_64/corporate/3.0/RPMS/util-linux-2.12-2.1.C30mdk.x86_64.rpm
 28f6b881c65662695c84ac100ea9d012
x86_64/corporate/3.0/SRPMS/util-linux-2.12-2.1.C30mdk.src.rpm


To upgrade automatically use MandrakeUpdate or urpmi. The
verification of md5 checksums and GPG signatures is performed
automatically for you.

All packages are signed by Mandriva for security. You can obtain
the GPG public key of the Mandriva Security Team by executing:

gpg –recv-keys –keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com


Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>


Mandriva Linux Security Update Advisory


Package name: masqmail
Advisory ID: MDKSA-2005:168
Date: September 20th, 2005
Affected versions: Multi Network Firewall 2.0


Problem Description:

Jens Steube discovered two vulnerabilities in masqmail:

When sending failed mail messages, the address was not properly
sanitized which could allow a local attacker to execute arbitrary
commands as the mail user (CAN-2005-2662).

When opening the log file, masqmail did not relinquish
privileges, which could allow a local attacker to overwrite
arbitrary files via a symlink attack (CAN-2005-2663).

The updated packages have been patched to address these
issues.


References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2662

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2663


Updated Packages:

Multi Network Firewall 2.0:
368d7259f0d1663f24ab0d96ef316520
mnf/2.0/RPMS/masqmail-0.2.18-3.1.M20mdk.i586.rpm
 53c6095a108ea52147909091b262517f
mnf/2.0/SRPMS/masqmail-0.2.18-3.1.M20mdk.src.rpm


To upgrade automatically use MandrakeUpdate or urpmi. The
verification of md5 checksums and GPG signatures is performed
automatically for you.

All packages are signed by Mandriva for security. You can obtain
the GPG public key of the Mandriva Security Team by executing:

gpg –recv-keys –keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com


Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>