Advisories, September 5, 2006

Debian GNU/Linux

Debian Security Advisory DSA 1169-1 security@debian.org
http://www.debian.org/security/
Martin Schulze
September 5th, 2006 http://www.debian.org/security/faq

Package : mysql-dfsg-4.1
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE IDs : CVE-2006-4226 CVE-2006-4380
BugTraq ID : 19559

Several local vulnerabilities have been discovered in the MySQL
database server. The Common Vulnerabilities and Exposures project
identifies the following problems:

CVE-2006-4226

Michal Prokopiuk discovered that remote authenticated users are
permitted to create and access a database if the lowercase spelling
is the same as one they have been granted access to.

CVE-2006-4380

Beat Vontobel discovered that certain queries replicated to a
slave could crash the client and thus terminate the
replication.

For the stable distribution (sarge) these problems have been
fixed in version 4.1.11a-4sarge7. Version 4.0 is not affected by
these problems.

For the unstable distribution (sid) these problems have been
fixed in version 5.0.24-3. The replication problem only exists in
version 4.1.

We recommend that you upgrade your mysql-server-4.1 package.

Upgrade Instructions

wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given at the end of this advisory:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.1 alias sarge

Source archives:

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-dfsg-4.1_4.1.11a-4sarge7.dsc

Size/MD5 checksum: 1029
f78ce0ba986d5447bb8f97615a256d34
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-dfsg-4.1_4.1.11a-4sarge7.diff.gz

Size/MD5 checksum: 171446
886a2834418b0dbf73f0a24601d6614b
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-dfsg-4.1_4.1.11a.orig.tar.gz

Size/MD5 checksum: 15771855
3c0582606a8903e758c2014c2481c7c3

Architecture independent components:

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-common-4.1_4.1.11a-4sarge7_all.deb

Size/MD5 checksum: 36734
693a8ef06aa29be6cad675de2a6a7f58

Alpha architecture:

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge7_alpha.deb

Size/MD5 checksum: 1591008
095cb0959a26aa12ba1098ec1527f2f6
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge7_alpha.deb

Size/MD5 checksum: 7965692
2b360e6ce8675de52bf8ac0388b67e88
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge7_alpha.deb

Size/MD5 checksum: 1001216
935a4004111792c92283169faaf27a2b
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge7_alpha.deb

Size/MD5 checksum: 17487402
37fd9a23880da7f6c9d01f582de30b2a

AMD64 architecture:

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge7_amd64.deb

Size/MD5 checksum: 1452264
613001b313f49f98b3642fdbb1cefd47
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge7_amd64.deb

Size/MD5 checksum: 5552006
e07c66d2d0775fabe1873b63326f91ce
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge7_amd64.deb

Size/MD5 checksum: 849788
d2ac22320d4990db02c7ef669801f8a9
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge7_amd64.deb

Size/MD5 checksum: 14711714
ff7e791223a16ea3db62bebb61199991

ARM architecture:

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge7_arm.deb

Size/MD5 checksum: 1389010
e78ef65cabee94c4bb980ddba4858101
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge7_arm.deb

Size/MD5 checksum: 5559036
05d9e88ab7b202066bde6412faa5610e
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge7_arm.deb

Size/MD5 checksum: 837066
2ce1305c8ec4cc9f13180b9643060b5e
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge7_arm.deb

Size/MD5 checksum: 14558032
394408c010fecbd7dd56c189a707c9dc

HP Precision architecture:

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge7_hppa.deb

Size/MD5 checksum: 1551436
2140033cb49600177d143589a4d5f5e5
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge7_hppa.deb

Size/MD5 checksum: 6250450
2ac95caa193ffe8da3ee5a1f3666a6e9
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge7_hppa.deb

Size/MD5 checksum: 910286
4ea3496ccfcaf43267ac696d82a5b241
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge7_hppa.deb

Size/MD5 checksum: 15791676
0100c389eed339cc92adf996903d325e

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge7_i386.deb

Size/MD5 checksum: 1418264
58cb49aa03d8635c6d89fc7a7a4bfeed
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge7_i386.deb

Size/MD5 checksum: 5644334
4d28d754a1b1806a9c884d50507e9bbe
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge7_i386.deb

Size/MD5 checksum: 830950
7591a44d9a2a5113d81724af061553c7
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge7_i386.deb

Size/MD5 checksum: 14558420
5118b4d564821315737f5c36cd76da2a

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge7_ia64.deb

Size/MD5 checksum: 1713606
6947d7391e6eda458e11af75136facec
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge7_ia64.deb

Size/MD5 checksum: 7782698
617e920c805eb801485d9407abea748c
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge7_ia64.deb

Size/MD5 checksum: 1050822
036df024dd1fc33786cc39665e874ca8
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge7_ia64.deb

Size/MD5 checksum: 18476104
1ad4add7db75445e9ba57b5675df117a

Motorola 680×0 architecture:

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge7_m68k.deb

Size/MD5 checksum: 1398210
dc9e4c11345095e4fb8d09633e2d3cc1
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge7_m68k.deb

Size/MD5 checksum: 5284390
58ceec50857da346c543371d1a7c2cb1
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge7_m68k.deb

Size/MD5 checksum: 804080
e8901755fad09fbacff320e695640998
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge7_m68k.deb

Size/MD5 checksum: 14072066
3f2688ab0826890c0ce7c96010059d9d

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge7_mips.deb

Size/MD5 checksum: 1479186
0ee29d53649f758a92cd30d34c76ee44
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge7_mips.deb

Size/MD5 checksum: 6053370
325e30177b30512ddfc21b3a29c9ef35
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge7_mips.deb

Size/MD5 checksum: 904744
822028a9dc30c8184fb39e7d3702b584
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge7_mips.deb

Size/MD5 checksum: 15410530
2350cc94b072a7370335920f2b71c00c

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge7_mipsel.deb

Size/MD5 checksum: 1446606
bddf2675d1c6d4612124add24decfb04
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge7_mipsel.deb

Size/MD5 checksum: 5971626
0a9612cf1b841d18528494266e456466
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge7_mipsel.deb

Size/MD5 checksum: 890406
ce87ddbff8e3ccf21ee50b1f1b5ea6af
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge7_mipsel.deb

Size/MD5 checksum: 15105788
e55f9025ab01276e6b56674d3788fc21

PowerPC architecture:

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge7_powerpc.deb

Size/MD5 checksum: 1477098
e6e5c35fd56e9c8fb300dbc2c27ce367
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge7_powerpc.deb

Size/MD5 checksum: 6027864
c60d3023d5a353b6f65bd1e0b9eb3acc
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge7_powerpc.deb

Size/MD5 checksum: 907698
197e9976c06dcf131d5ce4a84782ff18
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge7_powerpc.deb

Size/MD5 checksum: 15403250
7294d99a4b1184c27943064d7ea8a2a3

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge7_s390.deb

Size/MD5 checksum: 1538810
7c0ef4dd57c055eb2776e479ccccc30d
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge7_s390.deb

Size/MD5 checksum: 5461924
44b8f22c760e7897986d1ad51a1f43fd
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge7_s390.deb

Size/MD5 checksum: 884554
7a677766c77b2853e5b9732a1c13abc4
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge7_s390.deb

Size/MD5 checksum: 15055448
8577cf00fc82d39b576a6d5f03c9ed10

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge7_sparc.deb

Size/MD5 checksum: 1460740
6b26255d617fef7d78f32ace3d2820ef
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge7_sparc.deb

Size/MD5 checksum: 6208326
e609ca26560489ded95cc1099b76a04c
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge7_sparc.deb

Size/MD5 checksum: 868486
a44ad9b7c9ded79533b610bd0ac36672
http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge7_sparc.deb

Size/MD5 checksum: 15392204
2d2de1308dc7ef64dfbf8f47ffe1d2e9

These files will probably be moved into the stable distribution
on its next update.

For apt-get: deb http://security.debian.org/
stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security
dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org

Package info: `apt-cache show <pkg>’ and http://packages.debian.org/<pkg>

Gentoo Linux

Gentoo Linux Security Advisory [UPDATE] GLSA 200509-09:02

http://security.gentoo.org/

Severity: High
Title: Py2Play: Remote execution of arbitrary Python code
Date: September 17, 2005
Updated: September 05, 2006
Bugs: #103524
ID: 200509-09:02

Update

The previous versions of Py2Play contain several vulnerabilities
and had been masked in the Portage Tree. This is fixed in version
0.1.8 and version 0.1.9 has been introduced into Portage.

The updated sections appear below.

Affected packages

     Package             /  Vulnerable  /                   Unaffected

  1  dev-python/py2play      <= 0.1.7                         >= 0.1.8

Resolution

All py2play users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=dev-python/py2play-0.1.8"

Availability

This GLSA and any updates to it are available for viewing at the
Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200509-09.xml

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or
alternatively, you may file a bug at http://bugs.gentoo.org.

License

The contents of this document are licensed under the Creative
Commons – Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5

rPath Linux

rPath Security Advisory: 2006-0163-1
Published: 2006-09-05
Products: rPath Linux 1
Rating: Major
Exposure Level Classification:

Remote Deterministic Unauthorized Access Updated Versions:

openssl=/conary.rpath.com@rpl:devel//1/0.9.7f-10.3-1
openssl-scripts=/conary.rpath.com@rpl:devel//1/0.9.7f-10.3-1

References:

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339

https://issues.rpath.com/browse/RPL-616

http://www.openssl.org/news/secadv_20060905.txt

http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html

Description:

Previous versions of the openssl package are vulnerable to a
remote unauthorized access attack when RSA keys with exponent 3 are
used for authentication. While this version of the openssl package
resolves that vulnerability, it is generally recommended not to use
RSA keys with exponent 3 for authentication because multiple
implementations contain this vulnerability. RSA keys with exponent
3 are not in common use.

Ubuntu

Ubuntu Security Notice USN-339-1 September 05, 2006
openssl vulnerability
CVE-2006-4339

A security issue affects the following Ubuntu releases:

Ubuntu 5.04
Ubuntu 5.10
Ubuntu 6.06 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 5.04:
libssl0.9.7 0.9.7e-3ubuntu0.3

Ubuntu 5.10:
libssl0.9.7 0.9.7g-1ubuntu1.2

Ubuntu 6.06 LTS:
libssl0.9.8 0.9.8a-7ubuntu0.1

After a standard system upgrade you need to reboot your computer
to effect the necessary changes.

Details follow:

Philip Mackenzie, Marius Schilder, Jason Waddle and Ben Laurie
of Google Security discovered that the OpenSSL library did not
sufficiently check the padding of PKCS #1 v1.5 signatures if the
exponent of the public key is 3 (which is widely used for CAs).
This could be exploited to forge signatures without the need of the
secret key.

Updated packages for Ubuntu 5.04:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.7e-3ubuntu0.3.diff.gz

Size/MD5: 29738
8ff4b43003645c9cc0340b7aeaa0e943
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.7e-3ubuntu0.3.dsc

Size/MD5: 645
f1d90d6945db3f52eb9e523cd2257cb3
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.7e.orig.tar.gz

Size/MD5: 3043231
a8777164bca38d84e5eb2b1535223474

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libcrypto0.9.7-udeb_0.9.7e-3ubuntu0.3_amd64.udeb

Size/MD5: 495170
6ecb42d8f16500657a823c246d90f721
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.7e-3ubuntu0.3_amd64.deb

Size/MD5: 2693394
8554202ca8540221956438754ce83daa
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl0.9.7_0.9.7e-3ubuntu0.3_amd64.deb

Size/MD5: 769732
1924597de3a34f244d50812ce47e839f
http://security.ubuntu.com/ubuntu/pool/main/o/openssl/openssl_0.9.7e-3ubuntu0.3_amd64.deb

Size/MD5: 903646
0da1a7985ac40c27bffd43effcdeb306