LBA-Linux Security Advisory
Subject: Updated kernel package for LBA-Linux R1
Advisory ID: LBASA-2004:19
Date: Monday, July 26, 2004
Product: LBA-Linux R1
Problem description:
This security update fixes two problems:
1.
There is a remotely exploitable bug in all Linux kernel 2.6 series
due to using incorrect variable type. Vulnerability is connected to
netfilter subsystem and may cause DoS. It’s disclosed only when
using iptables with rules matching TCP options (i.e. –tcp-option).
There is no difference what action is taking up by matching rule.
The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name
CAN-2004-0626 to this issue.
2.
During an audit of the Linux kernel, SUSE discovered a flaw in the
Linux kernel that inappropriately allows an unprivileged user to
change the group ID of a file to his/her own group ID. The Common
Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name
CAN-2004-0497 to this issue.
Updated packages:
LBA-Linux R1:
i386:
ftp://ftp.sot.com/lba-linux_r1/apt/RPMS.updates/kernel-2.6.3-2.1.253.lba.4.i586.rpm
ftp://ftp.sot.com/lba-linux_r1/apt/RPMS.updates/kernel-2.6.3-2.1.253.lba.4.i686.rpm
ftp://ftp.sot.com/lba-linux_r1/apt/RPMS.updates/kernel-doc-2.6.3-2.1.253.lba.4.i386.rpm
ftp://ftp.sot.com/lba-linux_r1/apt/RPMS.updates/kernel-smp-2.6.3-2.1.253.lba.4.i586.rpm
ftp://ftp.sot.com/lba-linux_r1/apt/RPMS.updates/kernel-smp-2.6.3-2.1.253.lba.4.i686.rpm
ftp://ftp.sot.com/lba-linux_r1/apt/RPMS.updates/kernel-source-2.6.3-2.1.253.lba.4.i386.rpm
Upgrading your system:
To apply this security update to your LBA-Linux system, run the
Updater tool from the LBA-Linux root desktop:
- Log in to your LBA-Linux desktop as the root user.
- Click on the penguin icon at the lower left of the display, and
select the menu item SYSTEM TOOLS>UPDATER. - Click on the item named kernel to highlight it.
- Click on the PACKAGE menu in the menu bar, and select the
UPGRADE action. - Confirm the upgrade by clicking the APPLY button in Updater’s
main toolbar.
References:
http://www.securityfocus.com/archive/1/367615
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0626
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0497
Copyright(c) 2001-2004 SOT
LBA-Linux Security Advisory
Subject: Updated php package for LBA-Linux R1
Advisory ID: LBASA-2004:20
Date: Monday, July 26, 2004
Product: LBA-Linux R1
Problem description:
This security update fixes two problems:
CAN-2004-0594
The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up
to 5.0.0RC3, under certain conditions such as when register_globals
is enabled, allows remote attackers to execute arbitrary code by
triggering a memory_limit abort during execution of the
zend_hash_init function and overwriting a HashTable destructor
pointer before the initialization of key data structures is
complete.
CAN-2004-0595
The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to
5.0.0RC3, does not filter null (_SA_F1_) characters within tag
names when restricting input to allowed tags, which allows
dangerous tags to be processed by web browsers such as Internet
Explorer and Safari, which ignore null characters and facilitate
the exploitation of cross-site scripting (XSS) vulnerabilities.
Updated packages:
LBA-Linux R1:
i386:
ftp://ftp.sot.com/lba-linux_r1/apt/RPMS.updates/php-4.3.4-10.lba.2.i386.rpm
ftp://ftp.sot.com/lba-linux_r1/apt/RPMS.updates/php-devel-4.3.4-10.lba.2.i386.rpm
ftp://ftp.sot.com/lba-linux_r1/apt/RPMS.updates/php-domxml-4.3.4-10.lba.2.i386.rpm
ftp://ftp.sot.com/lba-linux_r1/apt/RPMS.updates/php-ldap-4.3.4-10.lba.2.i386.rpm
ftp://ftp.sot.com/lba-linux_r1/apt/RPMS.updates/php-mysql-4.3.4-10.lba.2.i386.rpm
ftp://ftp.sot.com/lba-linux_r1/apt/RPMS.updates/php-odbc-4.3.4-10.lba.2.i386.rpm
ftp://ftp.sot.com/lba-linux_r1/apt/RPMS.updates/php-pear-4.3.4-10.lba.2.i386.rpm
ftp://ftp.sot.com/lba-linux_r1/apt/RPMS.updates/php-pgsql-4.3.4-10.lba.2.i386.rpm
ftp://ftp.sot.com/lba-linux_r1/apt/RPMS.updates/php-snmp-4.3.4-10.lba.2.i386.rpm
ftp://ftp.sot.com/lba-linux_r1/apt/RPMS.updates/php-xmlrpc-4.3.4-10.lba.2.i386.rpm
Upgrading your system:
To apply this security update to your LBA-Linux system, run the
Updater tool from the LBA-Linux root desktop:
- Log in to your LBA-Linux desktop as the root user.
- Click on the penguin icon at the lower left of the display, and
select the menu item SYSTEM TOOLS>UPDATER. - Click on the item named php to highlight it.
- Click on the PACKAGE menu in the menu bar, and select the
UPGRADE action. - Confirm the upgrade by clicking the APPLY button in Updater’s
main toolbar.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0594
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0595
Copyright(c) 2001-2004 SOT