---

Red Hat Linux Advisories: stunnel, EPIC, iproute, Pan


Red Hat Security Advisory

Synopsis: Updated stunnel packages available
Advisory ID: RHSA-2003:296-01
Issue date: 2003-11-24
Updated on: 2003-11-24
Product: Red Hat Linux
Keywords: stunnel signal
Cross references: RHSA-2003:297
Obsoletes: RHSA-2003:221
CVE Names: CAN-2002-1563 CAN-2003-0740

1. Topic:

Updated stunnel packages are now available for Red Hat Linux
7.1, 7.2, 7.3, and 8.0 systems. These updates address problems
stemming from improper use of non-reentrant functions in signal
handlers.

2. Relevant releases/architectures:

Red Hat Linux 7.1 – i386
Red Hat Linux 7.2 – i386, ia64
Red Hat Linux 7.3 – i386
Red Hat Linux 8.0 – i386

3. Problem description:

Stunnel is a wrapper for network connections. It can be used to
tunnel an unencrypted network connection over an encrypted
connection (encrypted using SSL or TLS) or to provide an encrypted
means of connecting to services that do not natively support
encryption.

A previous advisory provided updated packages to address
re-entrancy problems in stunnel’s signal-handling routines. These
updates did not address other bugs that were found by Steve Grubb,
and introduced an additional bug, which was fixed in stunnel
3.26.

All users should upgrade to these errata packages, which address
these issues by updating stunnel to version 3.26.

NOTE: After upgrading, any instances of stunnel configured to
run in daemon mode should be restarted, and any active network
connections that are currently being serviced by stunnel should be
terminated and reestablished.

4. Solution:

Before applying this update, make sure all previously released
errata relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade.
Only those RPMs which are currently installed will be updated.
Those RPMs which are not installed but included in the list will
not be updated. Note that you can also use wildcards (*.rpm) if
your current directory only contains the desired RPMs.

Please note that this update is also available via Red Hat
Network. Many people find this an easier way to apply updates. To
use Red Hat Network, launch the Red Hat Update Agent with the
following command:

up2date

This will start an interactive process that will result in the
appropriate RPMs being upgraded on your system.

If up2date fails to connect to Red Hat Network due to SSL
Certificate Errors, you need to install a version of the up2date
client with an updated certificate. The latest version of up2date
is available from the Red Hat FTP site and may also be downloaded
directly from the RHN website:

https://rhn.redhat.com/help/latest-up2date.pxt

5. RPMs required:

Red Hat Linux 7.1:

SRPMS:

ftp://updates.redhat.com/7.1/en/os/SRPMS/stunnel-3.26-1.7.1.src.rpm

i386:

ftp://updates.redhat.com/7.1/en/os/i386/stunnel-3.26-1.7.1.i386.rpm

Red Hat Linux 7.2:

SRPMS:

ftp://updates.redhat.com/7.2/en/os/SRPMS/stunnel-3.26-1.7.3.src.rpm

i386:

ftp://updates.redhat.com/7.2/en/os/i386/stunnel-3.26-1.7.3.i386.rpm

ia64:

ftp://updates.redhat.com/7.2/en/os/ia64/stunnel-3.26-1.7.3.ia64.rpm

Red Hat Linux 7.3:

SRPMS:

ftp://updates.redhat.com/7.3/en/os/SRPMS/stunnel-3.26-1.7.3.src.rpm

i386:

ftp://updates.redhat.com/7.3/en/os/i386/stunnel-3.26-1.7.3.i386.rpm

Red Hat Linux 8.0:

SRPMS:

ftp://updates.redhat.com/8.0/en/os/SRPMS/stunnel-3.26-1.8.0.src.rpm

i386:

ftp://updates.redhat.com/8.0/en/os/i386/stunnel-3.26-1.8.0.i386.rpm

6. Verification:

MD5 sum Package Name


cfd2b7c9519812d58a945d4b5e189fdd
7.1/en/os/SRPMS/stunnel-3.26-1.7.1.src.rpm
f05723a19a2990ce17ded0ce817890b5
7.1/en/os/i386/stunnel-3.26-1.7.1.i386.rpm
f1c75122248f440e96adff582de64520
7.2/en/os/SRPMS/stunnel-3.26-1.7.3.src.rpm
e307840b930fc50e4bb2b61a0578af5a
7.2/en/os/i386/stunnel-3.26-1.7.3.i386.rpm
cd223922c7a690d7dfcfdd2e49c49e24
7.2/en/os/ia64/stunnel-3.26-1.7.3.ia64.rpm
f1c75122248f440e96adff582de64520
7.3/en/os/SRPMS/stunnel-3.26-1.7.3.src.rpm
e307840b930fc50e4bb2b61a0578af5a
7.3/en/os/i386/stunnel-3.26-1.7.3.i386.rpm
071ab6a4091737a4292e631bd7490975
8.0/en/os/SRPMS/stunnel-3.26-1.8.0.src.rpm
d3718eebbd8b921de713c4914da22dec
8.0/en/os/i386/stunnel-3.26-1.8.0.i386.rpm

These packages are GPG signed by Red Hat for security. Our key
is available from https://www.redhat.com/security/keys.html

You can verify each package with the following command:

rpm –checksig -v <filename>

If you only wish to verify that each package has not been
corrupted or tampered with, examine only the md5sum with the
following command:

md5sum <filename>

7. References:


http://marc.theaimsgroup.com/?l=stunnel-users&m=105980139926784


http://marc.theaimsgroup.com/?l=stunnel-users&m=106221975232250

http://marc.theaimsgroup.com/?l=bugtraq&m=106260760211958

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1563

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0740

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More
contact details at https://www.redhat.com/solutions/security/news/contact.html

Copyright 2003 Red Hat, Inc.


Red Hat Security Advisory

Synopsis: Updated EPIC packages fix security vulnerability
Advisory ID: RHSA-2003:342-01
Issue date: 2003-11-17
Updated on: 2003-11-17
Product: Red Hat Linux
Keywords: irc epic4 ircii
Cross references:  
Obsoletes:  
CVE Names: CAN-2003-0328

1. Topic:

Updated EPIC packages which fix an exploitable buffer overflow
vulnerability are now available.

2. Relevant releases/architectures:

Red Hat Linux 7.3 – i386
Red Hat Linux 8.0 – i386
Red Hat Linux 9 – i386

3. Problem description:

EPIC (Enhanced Programmable ircII Client) is an advanced ircII
chat client designed to connect to Internet Relay Chat (IRC)
servers.

A bug in various versions of EPIC allows remote malicious IRC
servers to cause a denial of service (crash) and execute arbitrary
code via a CTCP request from a large nickname, which causes an
incorrect length calculation. The Common Vulnerabilities and
Exposures project (cve.mitre.org/) has assigned the name
CAN-2003-0328 to this issue.

Users of EPIC who may connect to untrusted servers are advised
to upgrade to the packages in this erratum which contain a
backported security fix to correct this issue.

4. Solution:

Before applying this update, make sure all previously released
errata relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade.
Only those RPMs which are currently installed will be updated.
Those RPMs which are not installed but included in the list will
not be updated. Note that you can also use wildcards (*.rpm) if
your current directory only contains the desired RPMs.

Please note that this update is also available via Red Hat
Network. Many people find this an easier way to apply updates. To
use Red Hat Network, launch the Red Hat Update Agent with the
following command:

up2date

This will start an interactive process that will result in the
appropriate RPMs being upgraded on your system.

If up2date fails to connect to Red Hat Network due to SSL
Certificate Errors, you need to install a version of the up2date
client with an updated certificate. The latest version of up2date
is available from the Red Hat FTP site and may also be downloaded
directly from the RHN website:

https://rhn.redhat.com/help/latest-up2date.pxt

5. RPMs required:

Red Hat Linux 7.3:

SRPMS:

ftp://updates.redhat.com/7.3/en/os/SRPMS/epic-1.0.1-15.7.x.src.rpm

i386:

ftp://updates.redhat.com/7.3/en/os/i386/epic-1.0.1-15.7.x.i386.rpm

Red Hat Linux 8.0:

SRPMS:

ftp://updates.redhat.com/8.0/en/os/SRPMS/epic-1.0.1-15.8.0.src.rpm

i386:

ftp://updates.redhat.com/8.0/en/os/i386/epic-1.0.1-15.8.0.i386.rpm

Red Hat Linux 9:

SRPMS:
ftp://updates.redhat.com/9/en/os/SRPMS/epic-1.0.1-15.9.src.rpm

i386:
ftp://updates.redhat.com/9/en/os/i386/epic-1.0.1-15.9.i386.rpm

6. Verification:

MD5 sum Package Name


080bb85c470e9c12a15edcd96300e087
7.3/en/os/SRPMS/epic-1.0.1-15.7.x.src.rpm
e8da45cb6a22eb4dc2935de1f5012478
7.3/en/os/i386/epic-1.0.1-15.7.x.i386.rpm
36d4a3832e7aad69fb209f23b4e0c4cd
8.0/en/os/SRPMS/epic-1.0.1-15.8.0.src.rpm
cbed1b9694f4205e32a96bf35147e49c
8.0/en/os/i386/epic-1.0.1-15.8.0.i386.rpm
f96a0bc7489d41049aa4c33641afbef1
9/en/os/SRPMS/epic-1.0.1-15.9.src.rpm
4e4525b6dafb7d2a8cb728317bf1253c
9/en/os/i386/epic-1.0.1-15.9.i386.rpm

These packages are GPG signed by Red Hat for security. Our key
is available from https://www.redhat.com/security/keys.html

You can verify each package with the following command:

rpm –checksig -v <filename>

If you only wish to verify that each package has not been
corrupted or tampered with, examine only the md5sum with the
following command:

md5sum <filename>

7. References:

ftp://ftp.prbh.org/pub/epic/patches/alloca_underrun-patch-1

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0328

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More
contact details at https://www.redhat.com/solutions/security/news/contact.html

Copyright 2003 Red Hat, Inc.


Red Hat Security Advisory

Synopsis: Updated iproute packages fix local security vulnerability
Advisory ID: RHSA-2003:316-01
Issue date: 2003-11-24
Updated on: 2003-11-24
Product: Red Hat Linux
Keywords: DoS
Cross references:  
Obsoletes:  
CVE Names: CAN-2003-0856

1. Topic:

Updated iproute packages that close a locally-exploitable denial
of service vulnerability are now available.

2. Relevant releases/architectures:

Red Hat Linux 7.1 – i386
Red Hat Linux 7.1 for iSeries (64 bit) – ppc
Red Hat Linux 7.1 for pSeries (64 bit) – ppc
Red Hat Linux 7.2 – i386, ia64
Red Hat Linux 7.3 – i386
Red Hat Linux 8.0 – i386
Red Hat Linux 9 – i386

3. Problem description:

The iproute package contains advanced IP routing and network
device configuration tools.

Herbert Xu reported that iproute can accept spoofed messages
sent on the kernel netlink interface by other users on the local
machine. This could lead to a local denial of service attack. The
Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name
CAN-2003-0856 to this issue.

Users of iproute should upgrade to these erratum packages, which
contain a patch that checks that netlink messages actually came
from the kernel.

4. Solution:

Before applying this update, make sure all previously released
errata relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade.
Only those RPMs which are currently installed will be updated.
Those RPMs which are not installed but included in the list will
not be updated. Note that you can also use wildcards (*.rpm) if
your current directory only contains the desired RPMs.

Please note that this update is also available via Red Hat
Network. Many people find this an easier way to apply updates. To
use Red Hat Network, launch the Red Hat Update Agent with the
following command:

up2date

This will start an interactive process that will result in the
appropriate RPMs being upgraded on your system.

If up2date fails to connect to Red Hat Network due to SSL
Certificate Errors, you need to install a version of the up2date
client with an updated certificate. The latest version of up2date
is available from the Red Hat FTP site and may also be downloaded
directly from the RHN website:

https://rhn.redhat.com/help/latest-up2date.pxt

5. RPMs required:

Red Hat Linux 7.1:

SRPMS:

ftp://updates.redhat.com/7.1/en/os/SRPMS/iproute-2.4.7-7.71.1.src.rpm


ftp://updates.redhat.com/7.1/en/os/SRPMS/iproute-2.4.7-7.71ppc.1.src.rpm

i386:

ftp://updates.redhat.com/7.1/en/os/i386/iproute-2.4.7-7.71.1.i386.rpm

Red Hat Linux 7.1 for iSeries (64 bit):

SRPMS:

ftp://updates.redhat.com/7.1/en/os/iSeries/SRPMS/iproute-2.4.7-7.71ppc.1.src.rpm

ppc:

ftp://updates.redhat.com/7.1/en/os/iSeries/ppc/iproute-2.4.7-7.71ppc.1.ppc.rpm

Red Hat Linux 7.1 for pSeries (64 bit):

SRPMS:

ftp://updates.redhat.com/7.1/en/os/pSeries/SRPMS/iproute-2.4.7-7.71ppc.1.src.rpm

ppc:

ftp://updates.redhat.com/7.1/en/os/pSeries/ppc/iproute-2.4.7-7.71ppc.1.ppc.rpm

Red Hat Linux 7.2:

SRPMS:

ftp://updates.redhat.com/7.2/en/os/SRPMS/iproute-2.4.7-7.72.1.src.rpm

i386:

ftp://updates.redhat.com/7.2/en/os/i386/iproute-2.4.7-7.72.1.i386.rpm

ia64:

ftp://updates.redhat.com/7.2/en/os/ia64/iproute-2.4.7-7.72.1.ia64.rpm

Red Hat Linux 7.3:

SRPMS:

ftp://updates.redhat.com/7.3/en/os/SRPMS/iproute-2.4.7-7.73.1.src.rpm

i386:

ftp://updates.redhat.com/7.3/en/os/i386/iproute-2.4.7-7.73.1.i386.rpm

Red Hat Linux 8.0:

SRPMS:

ftp://updates.redhat.com/8.0/en/os/SRPMS/iproute-2.4.7-7.80.1.src.rpm

i386:

ftp://updates.redhat.com/8.0/en/os/i386/iproute-2.4.7-7.80.1.i386.rpm

Red Hat Linux 9:

SRPMS:

ftp://updates.redhat.com/9/en/os/SRPMS/iproute-2.4.7-7.90.1.src.rpm

i386:

ftp://updates.redhat.com/9/en/os/i386/iproute-2.4.7-7.90.1.i386.rpm

6. Verification:

MD5 sum Package Name


2f1ea42cdf30113141f10538e2179beb
7.1/en/os/SRPMS/iproute-2.4.7-7.71.1.src.rpm
18b11d4c092ec8f32c90d6c46eff0e5e
7.1/en/os/i386/iproute-2.4.7-7.71.1.i386.rpm
d610fcf135659a40e1cace634e706aef
7.1/en/os/iSeries/SRPMS/iproute-2.4.7-7.71ppc.1.src.rpm
10517e763dc7e25a93664fce504e1d0a
7.1/en/os/iSeries/ppc/iproute-2.4.7-7.71ppc.1.ppc.rpm
d610fcf135659a40e1cace634e706aef
7.1/en/os/pSeries/SRPMS/iproute-2.4.7-7.71ppc.1.src.rpm
10517e763dc7e25a93664fce504e1d0a
7.1/en/os/pSeries/ppc/iproute-2.4.7-7.71ppc.1.ppc.rpm
3d7a9f23eb56e24012f0a2cfd4c4e403
7.2/en/os/SRPMS/iproute-2.4.7-7.72.1.src.rpm
90f4960d5e9013bfbe678ff4286bc17f
7.2/en/os/i386/iproute-2.4.7-7.72.1.i386.rpm
86f3216474f4effa7364b75da360b153
7.2/en/os/ia64/iproute-2.4.7-7.72.1.ia64.rpm
7e95bd6212c96d20b25a8c761dd2c749
7.3/en/os/SRPMS/iproute-2.4.7-7.73.1.src.rpm
e05fc87d3047905d89850dd705e2f641
7.3/en/os/i386/iproute-2.4.7-7.73.1.i386.rpm
22ca841ec539d36b14ba8f3b8c82f78c
8.0/en/os/SRPMS/iproute-2.4.7-7.80.1.src.rpm
f0075b7a8250003ff06d50bec81627a3
8.0/en/os/i386/iproute-2.4.7-7.80.1.i386.rpm
f373608f9f55848c2592c13e594319d3
9/en/os/SRPMS/iproute-2.4.7-7.90.1.src.rpm
ffaab09f8adbc38e67a009c5a7780b45
9/en/os/i386/iproute-2.4.7-7.90.1.i386.rpm

These packages are GPG signed by Red Hat for security. Our key
is available from https://www.redhat.com/security/keys.html

You can verify each package with the following command:

rpm –checksig -v <filename>

If you only wish to verify that each package has not been
corrupted or tampered with, examine only the md5sum with the
following command:

md5sum <filename>

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0856

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More
contact details at https://www.redhat.com/solutions/security/news/contact.html

Copyright 2003 Red Hat, Inc.


Red Hat Security Advisory

Synopsis: Updated Pan packages fix denial of service vulnerability
Advisory ID: RHSA-2003:311-01
Issue date: 2003-11-24
Updated on: 2003-11-24
Product: Red Hat Linux
Keywords: DoS
Cross references:  
Obsoletes:  
CVE Names: CAN-2003-0855

1. Topic:

Updated Pan packages that close a denial of service
vulnerability are now available.

2. Relevant releases/architectures:

Red Hat Linux 7.1 – i386
Red Hat Linux 7.2 – i386, ia64
Red Hat Linux 7.3 – i386
Red Hat Linux 8.0 – i386
Red Hat Linux 9 – i386

3. Problem description:

Pan is a Gnome/GTK+ newsreader.

A bug in Pan versions prior to 0.13.4 can cause Pan to crash
when parsing an article header containing a very long author email
address. This bug causes a crash (denial of service) but is not
further exploitable. The Common Vulnerabilities and Exposures
project (cve.mitre.org/) has
assigned the name CAN-2003-0855 to this issue.

Users of Pan are advised to upgrade to these erratum packages,
which contain a backported patch correcting this issue.

Red Hat would like to thank Kasper Dupont for alerting us to
this issue and to Charles Kerr for providing the patch.

4. Solution:

Before applying this update, make sure all previously released
errata relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade.
Only those RPMs which are currently installed will be updated.
Those RPMs which are not installed but included in the list will
not be updated. Note that you can also use wildcards (*.rpm) if
your current directory only contains the desired RPMs.

Please note that this update is also available via Red Hat
Network. Many people find this an easier way to apply updates. To
use Red Hat Network, launch the Red Hat Update Agent with the
following command:

up2date

This will start an interactive process that will result in the
appropriate RPMs being upgraded on your system.

If up2date fails to connect to Red Hat Network due to SSL
Certificate Errors, you need to install a version of the up2date
client with an updated certificate. The latest version of up2date
is available from the Red Hat FTP site and may also be downloaded
directly from the RHN website:

https://rhn.redhat.com/help/latest-up2date.pxt

5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla
for more info):

107519 – CAN-2003-0855 Pan crash on long email address

6. RPMs required:

Red Hat Linux 7.1:

SRPMS:
ftp://updates.redhat.com/7.1/en/os/SRPMS/pan-0.9.7-2.71.src.rpm

i386:
ftp://updates.redhat.com/7.1/en/os/i386/pan-0.9.7-2.71.i386.rpm

Red Hat Linux 7.2:

SRPMS:
ftp://updates.redhat.com/7.2/en/os/SRPMS/pan-0.11.4-1.src.rpm

i386:
ftp://updates.redhat.com/7.2/en/os/i386/pan-0.11.4-1.i386.rpm

ia64:
ftp://updates.redhat.com/7.2/en/os/ia64/pan-0.11.4-1.ia64.rpm

Red Hat Linux 7.3:

SRPMS:
ftp://updates.redhat.com/7.3/en/os/SRPMS/pan-0.11.4-1.src.rpm

i386:
ftp://updates.redhat.com/7.3/en/os/i386/pan-0.11.4-1.i386.rpm

Red Hat Linux 8.0:

SRPMS:
ftp://updates.redhat.com/8.0/en/os/SRPMS/pan-0.13.4-1.src.rpm

i386:
ftp://updates.redhat.com/8.0/en/os/i386/pan-0.13.4-1.i386.rpm

Red Hat Linux 9:

SRPMS:
ftp://updates.redhat.com/9/en/os/SRPMS/pan-0.14.2-1.9.src.rpm

i386:
ftp://updates.redhat.com/9/en/os/i386/pan-0.14.2-1.9.i386.rpm

7. Verification:

MD5 sum Package Name


f7ae5c253d3c673e940d080533ea0da2
7.1/en/os/SRPMS/pan-0.9.7-2.71.src.rpm
678e7f0f2ea996e3b8949b3bb607554b
7.1/en/os/i386/pan-0.9.7-2.71.i386.rpm
64d8752453a9e0437b4dd7bbb2c79504
7.2/en/os/SRPMS/pan-0.11.4-1.src.rpm
391d0c2e9eb7046f7b53496cc1ae0a4b
7.2/en/os/i386/pan-0.11.4-1.i386.rpm
9faccc8b01b90ca615e0c68f5b67b738
7.2/en/os/ia64/pan-0.11.4-1.ia64.rpm
64d8752453a9e0437b4dd7bbb2c79504
7.3/en/os/SRPMS/pan-0.11.4-1.src.rpm
391d0c2e9eb7046f7b53496cc1ae0a4b
7.3/en/os/i386/pan-0.11.4-1.i386.rpm
5e7a39ef2cc9782432e688719c83b078
8.0/en/os/SRPMS/pan-0.13.4-1.src.rpm
e3e3161bcb604f09b07b15c1b1fb817d
8.0/en/os/i386/pan-0.13.4-1.i386.rpm
d05d62893b42a03b570f8e60c2f3ef39
9/en/os/SRPMS/pan-0.14.2-1.9.src.rpm
7027ab2a49f4bb0aa4efa7415f0bd6cb
9/en/os/i386/pan-0.14.2-1.9.i386.rpm

These packages are GPG signed by Red Hat for security. Our key
is available from https://www.redhat.com/security/keys.html

You can verify each package with the following command:

rpm –checksig -v <filename>

If you only wish to verify that each package has not been
corrupted or tampered with, examine only the md5sum with the
following command:

md5sum <filename>

8. References:

http://bugzilla.gnome.org/show_bug.cgi?id=107025

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0855

9. Contact:

The Red Hat security contact is <secalert@redhat.com>. More
contact details at https://www.redhat.com/solutions/security/news/contact.html

Copyright 2003 Red Hat, Inc.

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis