---

Home Security

Security Digest: February 11, 2005

By

Debian GNU/Linux

Debian Security Advisory DSA 674-2 security@debian.org
http://www.debian.org/security/
Martin Schulze
February 11th, 2005 http://www.debian.org/security/faq

Package : mailman
Vulnerability : cross-site scripting, directory traversal
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2004-1177 CAN-2005-0202

Due to an error the last mailman update was slightly broken and
had to be corrected. This advisory only updates the packages
updated with DSA 674-1. For completeness below is the original
advisory text:

Two security related problems have been discovered in mailman,
web-based GNU mailing list manager. The Common Vulnerabilities and
Exposures project identifies the following problems:

CAN-2004-1177

Florian Weimer discovered a cross-site scripting vulnerability
in mailman’s automatically generated error messages. An attacker
could craft an URL containing JavaScript (or other content embedded
into HTML) which triggered a mailman error page that would include
the malicious code verbatim.

CAN-2005-0202

Several listmasters have noticed unauthorised access to archives
of private lists and the list configuration itself, including the
users passwords. Administrators are advised to check the webserver
logfiles for requests that contain “/…../” and the path to the
archives or cofiguration. This does only seem to affect
installations running on web servers that do not strip slashes,
such as Apache 1.3.

For the stable distribution (woody) these problems have been
fixed in version 2.0.11-1woody10.

For the unstable distribution (sid) these problems have been
fixed in version 2.1.5-6.

We recommend that you upgrade your mailman package.

Upgrade Instructions

wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody

Source archives:


http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody10.dsc

Size/MD5 checksum: 597 c7e3f5a32db792af2488ff13cba53720

http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody10.diff.gz

Size/MD5 checksum: 33044 d625c726829feb6102efb091e078dbdd

http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11.orig.tar.gz

Size/MD5 checksum: 415129 915264cb1ac8d7b78ea9eff3ba38ee04

Alpha architecture:


http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody10_alpha.deb

Size/MD5 checksum: 461582 32f108831ba8991d938aee69b0ca0f90

ARM architecture:


http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody10_arm.deb

Size/MD5 checksum: 459196 a973d1b322b55775bcfd63a6608980c8

Intel IA-32 architecture:


http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody10_i386.deb

Size/MD5 checksum: 452300 b7aba555e2a33a9d0c3e3008a389dec3

Intel IA-64 architecture:


http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody10_ia64.deb

Size/MD5 checksum: 462146 31897c13cdd4da90fecb33b0c33c7b45

HP Precision architecture:


http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody10_hppa.deb

Size/MD5 checksum: 459838 d5c3fb3798e78cb095e2bea6756a5fd9

Motorola 680×0 architecture:


http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody10_m68k.deb

Size/MD5 checksum: 459310 af3f277e83956802571f67fd3b7df3ef

Big endian MIPS architecture:


http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody10_mips.deb

Size/MD5 checksum: 459868 96fc0135d38524536a8a170be412ff61

Little endian MIPS architecture:


http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody10_mipsel.deb

Size/MD5 checksum: 460102 7ba1e8201b9c2f71ab5e2634ae8fa3de

PowerPC architecture:


http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody10_powerpc.deb

Size/MD5 checksum: 460144 9a83971b30446b0528593f7245b4ab9d

IBM S/390 architecture:


http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody10_s390.deb

Size/MD5 checksum: 460150 a4335348dc0f4a768b8a3c9aebf627c4

Sun Sparc architecture:


http://security.debian.org/pool/updates/main/m/mailman/mailman_2.0.11-1woody10_sparc.deb

Size/MD5 checksum: 464862 000501b72a1afd45f28ba7bb12724b0d

These files will probably be moved into the stable distribution
on its next update.

Debian Security Advisory DSA 676-1 security@debian.org
http://www.debian.org/security/
Martin Schulze
February 11th, 2005 http://www.debian.org/security/faq

Package : xpcd
Vulnerability : buffer overflow
Problem-Type : local
Debian-specific: no
CVE ID : CAN-2005-0074

Erik Sjölund discovered a buffer overflow in pcdsvgaview,
an SVGA PhotoCD viewer. xpcd-svga is part of xpcd and uses svgalib
to display graphics on the Linux console for which root permissions
are required. A malicious user could overflow a fixed-size buffer
and may cause the program to execute arbitrary code with elevated
privileges.

For the stable distribution (woody) this problem has been fixed
in version 2.08-8woody3.

For the unstable distribution (sid) this problem will be fixed
soon.

We recommend that you upgrade your xpcd-svga package
immediately.

Upgrade Instructions

wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody

Source archives:


http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody3.dsc

Size/MD5 checksum: 706 b1e7b8aeafd929cd31f9403b6534c86b

http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody3.diff.gz

Size/MD5 checksum: 14837 e67ca4ae6f6c0cc09033e195ad188825

http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08.orig.tar.gz

Size/MD5 checksum: 103104 59bf5b8d0466ecb3c58ed1fffcdf499e

Alpha architecture:


http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody3_alpha.deb

Size/MD5 checksum: 81170 17302a158ec404cf6b7961b8434cec33

http://security.debian.org/pool/updates/main/x/xpcd/xpcd-gimp_2.08-8woody3_alpha.deb

Size/MD5 checksum: 13494 a0a1cec324c9c5fb202e18f33ee5fa59

ARM architecture:


http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody3_arm.deb

Size/MD5 checksum: 68116 7219d4fbdf1602941a2e17bb136ab348

http://security.debian.org/pool/updates/main/x/xpcd/xpcd-gimp_2.08-8woody3_arm.deb

Size/MD5 checksum: 11954 c47772b3c30cfc26be6f7c53450225bc

Intel IA-32 architecture:


http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody3_i386.deb

Size/MD5 checksum: 64336 33d7f7a4ddf29576e4a37b89c3feb8eb

http://security.debian.org/pool/updates/main/x/xpcd/xpcd-gimp_2.08-8woody3_i386.deb

Size/MD5 checksum: 11840 3234d80da9074230309b8ac5e3e5e0c3

http://security.debian.org/pool/updates/main/x/xpcd/xpcd-svga_2.08-8woody3_i386.deb

Size/MD5 checksum: 20964 9aba7400f6af8a22c90ff3cb69a44431

Intel IA-64 architecture:


http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody3_ia64.deb

Size/MD5 checksum: 97850 88da140c9f83d0f56768e80e08923b82

http://security.debian.org/pool/updates/main/x/xpcd/xpcd-gimp_2.08-8woody3_ia64.deb

Size/MD5 checksum: 15450 9333d80f7e16cf885b5138291969d3fb

HP Precision architecture:


http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody3_hppa.deb

Size/MD5 checksum: 73434 e479d36155807d7b0b19cf62e40ade42

http://security.debian.org/pool/updates/main/x/xpcd/xpcd-gimp_2.08-8woody3_hppa.deb

Size/MD5 checksum: 12944 cb8feab07d3cb23488f3487192d2f82d

Motorola 680×0 architecture:


http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody3_m68k.deb

Size/MD5 checksum: 62778 262bc4fa9f4a76c727aa7ae3be63dd02

http://security.debian.org/pool/updates/main/x/xpcd/xpcd-gimp_2.08-8woody3_m68k.deb

Size/MD5 checksum: 11630 0240c6672a38049666b7383e9eb5b193

Big endian MIPS architecture:


http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody3_mips.deb

Size/MD5 checksum: 73636 75f8f7d42cdbfd51e505c89516a7966a

http://security.debian.org/pool/updates/main/x/xpcd/xpcd-gimp_2.08-8woody3_mips.deb

Size/MD5 checksum: 12736 f69a68c9c81edb75524945ee2e80b4d7

Little endian MIPS architecture:


http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody3_mipsel.deb

Size/MD5 checksum: 73338 50c143655e01f6b5f347520ceab3eb52

http://security.debian.org/pool/updates/main/x/xpcd/xpcd-gimp_2.08-8woody3_mipsel.deb

Size/MD5 checksum: 12710 26ef7c3f8c34638695ec779a68112d26

PowerPC architecture:


http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody3_powerpc.deb

Size/MD5 checksum: 68606 93640415d6d425b966399df9a1a9d703

http://security.debian.org/pool/updates/main/x/xpcd/xpcd-gimp_2.08-8woody3_powerpc.deb

Size/MD5 checksum: 12040 19f723b6df1e32dbc5f57affba9ba773

IBM S/390 architecture:


http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody3_s390.deb

Size/MD5 checksum: 69770 97d7acf4119d481466e656d3889da854

http://security.debian.org/pool/updates/main/x/xpcd/xpcd-gimp_2.08-8woody3_s390.deb

Size/MD5 checksum: 12636 d30e6ca31aa772884d92c245cc88bd35

Sun Sparc architecture:


http://security.debian.org/pool/updates/main/x/xpcd/xpcd_2.08-8woody3_sparc.deb

Size/MD5 checksum: 72888 3b961c03a13520a27d3d87f45d8bf19f

http://security.debian.org/pool/updates/main/x/xpcd/xpcd-gimp_2.08-8woody3_sparc.deb

Size/MD5 checksum: 11918 b5d3f11a60c394b60eee9d42bae4af70

These files will probably be moved into the stable distribution
on its next update.

For apt-get: deb http://security.debian.org/
stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security
dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>’ and http://packages.debian.org/<pkg>

Debian Security Advisory DSA 677-1 security@debian.org
http://www.debian.org/security/
Martin Schulze
February 11th, 2005 http://www.debian.org/security/faq

Package : sympa
Vulnerability : buffer overflow
Problem-Type : local
Debian-specific: no
CVE ID : CAN-2005-0073

Erik Sjölund discovered that a support script of sympa, a
mailing list manager, is running setuid sympa and vulnerable to a
buffer overflow. This could potentially lead to the execution of
arbitrary code under the sympa user id.

For the stable distribution (woody) this problem has been fixed
in version 3.3.3-3woody2.

For the unstable distribution (sid) this problem will be fixed
soon.

We recommend that you upgrade your sympa package.

Upgrade Instructions

wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody

Source archives:


http://security.debian.org/pool/updates/main/s/sympa/sympa_3.3.3-3woody2.dsc

Size/MD5 checksum: 601 757b8a0b0b6dde6e1b4626768e98aaaf

http://security.debian.org/pool/updates/main/s/sympa/sympa_3.3.3-3woody2.diff.gz

Size/MD5 checksum: 44518 1bcea87b271163637a68aae20e1e14f9

http://security.debian.org/pool/updates/main/s/sympa/sympa_3.3.3.orig.tar.gz

Size/MD5 checksum: 1457710 59776560bfb6c124c5a25129127383be

Architecture independent components:


http://security.debian.org/pool/updates/main/s/sympa/wwsympa_3.3.3-3woody2_all.deb

Size/MD5 checksum: 349648 0933a74b3e7b529bc3ccfff1e44fd310

Alpha architecture:


http://security.debian.org/pool/updates/main/s/sympa/sympa_3.3.3-3woody2_alpha.deb

Size/MD5 checksum: 636122 bcf354d30dd2bda45baeebb512ac84f2

ARM architecture:


http://security.debian.org/pool/updates/main/s/sympa/sympa_3.3.3-3woody2_arm.deb

Size/MD5 checksum: 634994 3936100bb555bc3f0c67cc4476138d46

Intel IA-32 architecture:


http://security.debian.org/pool/updates/main/s/sympa/sympa_3.3.3-3woody2_i386.deb

Size/MD5 checksum: 634982 bb63c09723a848b727d95994d9804ee9

Intel IA-64 architecture:


http://security.debian.org/pool/updates/main/s/sympa/sympa_3.3.3-3woody2_ia64.deb

Size/MD5 checksum: 637714 2f88784e6c5a9cffdb5a75c56e08ec6d

HP Precision architecture:


http://security.debian.org/pool/updates/main/s/sympa/sympa_3.3.3-3woody2_hppa.deb

Size/MD5 checksum: 635516 9808c2d9c7e812141c6bb21c63694903

Motorola 680×0 architecture:


http://security.debian.org/pool/updates/main/s/sympa/sympa_3.3.3-3woody2_m68k.deb

Size/MD5 checksum: 635186 0fa581c1fc424991e18079e09dec910d

Big endian MIPS architecture:


http://security.debian.org/pool/updates/main/s/sympa/sympa_3.3.3-3woody2_mips.deb

Size/MD5 checksum: 634980 b7cba06ff5e119967c0568392797d78c

Little endian MIPS architecture:


http://security.debian.org/pool/updates/main/s/sympa/sympa_3.3.3-3woody2_mipsel.deb

Size/MD5 checksum: 635016 fbf75e6f39246a03007e0627b35ea8b0

PowerPC architecture:


http://security.debian.org/pool/updates/main/s/sympa/sympa_3.3.3-3woody2_powerpc.deb

Size/MD5 checksum: 634678 061911261f49ddd13918c1af45d2738b

IBM S/390 architecture:


http://security.debian.org/pool/updates/main/s/sympa/sympa_3.3.3-3woody2_s390.deb

Size/MD5 checksum: 635834 f127573347d01e3cd5daedb6235462b5

Sun Sparc architecture:


http://security.debian.org/pool/updates/main/s/sympa/sympa_3.3.3-3woody2_sparc.deb

Size/MD5 checksum: 639518 c86008d13499edddeaf9f5f5daf5a667

These files will probably be moved into the stable distribution
on its next update.

Debian Security Advisory DSA 678-1 security@debian.org
http://www.debian.org/security/
Martin Schulze
February 11th, 2005 http://www.debian.org/security/faq

Package : netkit-rwho
Vulnerability : missing input validation
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2004-1180

“Vlad902” discovered a vulnerability in the rwhod program that
can be used to crash the listening process. The broadcasting one is
unaffected. This vulnerability only affects little endian
architectures (i.e. on Debian: alpha, arm, alpha, ia64, i386,
mipsel and s390).

For the stable distribution (woody) this problem has been fixed
in version 0.17-4woody2.

For the unstable distribution (sid) this problem has been fixed
in version 0.17-8.

We recommend that you upgrade your rwhod package.

Upgrade Instructions

wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody

Source archives:


http://security.debian.org/pool/updates/main/n/netkit-rwho/netkit-rwho_0.17-4woody2.dsc

Size/MD5 checksum: 573 232cc3d400360adf91f477ae6e4df1db

http://security.debian.org/pool/updates/main/n/netkit-rwho/netkit-rwho_0.17-4woody2.diff.gz

Size/MD5 checksum: 10970 67909ae8e428409b9d66e59d053df76d

http://security.debian.org/pool/updates/main/n/netkit-rwho/netkit-rwho_0.17.orig.tar.gz

Size/MD5 checksum: 20610 0f71620d45d472f89134ba0d74242e75

Alpha architecture:


http://security.debian.org/pool/updates/main/n/netkit-rwho/rwho_0.17-4woody2_alpha.deb

Size/MD5 checksum: 15600 9209b79116d4da8e61c042daa60d8571

http://security.debian.org/pool/updates/main/n/netkit-rwho/rwhod_0.17-4woody2_alpha.deb

Size/MD5 checksum: 19020 20244ee92243cbf7a73fbf63ef4669df

ARM architecture:


http://security.debian.org/pool/updates/main/n/netkit-rwho/rwho_0.17-4woody2_arm.deb

Size/MD5 checksum: 13096 eced290e15edb12ddec5c0f4bc2f873c

http://security.debian.org/pool/updates/main/n/netkit-rwho/rwhod_0.17-4woody2_arm.deb

Size/MD5 checksum: 17464 98c7f887ab745f562d4dcb12bf42bbbf

Intel IA-32 architecture:


http://security.debian.org/pool/updates/main/n/netkit-rwho/rwho_0.17-4woody2_i386.deb

Size/MD5 checksum: 12692 04e8597017f17b8357aabfd12171ebfe

http://security.debian.org/pool/updates/main/n/netkit-rwho/rwhod_0.17-4woody2_i386.deb

Size/MD5 checksum: 17364 d510fe20152828ede22d85c9e8b7eeb8

Intel IA-64 architecture:


http://security.debian.org/pool/updates/main/n/netkit-rwho/rwho_0.17-4woody2_ia64.deb

Size/MD5 checksum: 15946 3e478d1bb74472c6cd967e7890e5d624

http://security.debian.org/pool/updates/main/n/netkit-rwho/rwhod_0.17-4woody2_ia64.deb

Size/MD5 checksum: 20658 4f3f5a38d76c868ea028e20df6a58abf

HP Precision architecture:


http://security.debian.org/pool/updates/main/n/netkit-rwho/rwho_0.17-4woody2_hppa.deb

Size/MD5 checksum: 13906 5890c7723b8aad599e8605e122934a93

http://security.debian.org/pool/updates/main/n/netkit-rwho/rwhod_0.17-4woody2_hppa.deb

Size/MD5 checksum: 18066 4c9fc358830c8ad2885779f02c246b66

Motorola 680×0 architecture:


http://security.debian.org/pool/updates/main/n/netkit-rwho/rwho_0.17-4woody2_m68k.deb

Size/MD5 checksum: 12654 f600ddc3d01ee478115438c751c0836f

http://security.debian.org/pool/updates/main/n/netkit-rwho/rwhod_0.17-4woody2_m68k.deb

Size/MD5 checksum: 17100 d47344fcf36586bf35ba8552b924e7e9

Big endian MIPS architecture:


http://security.debian.org/pool/updates/main/n/netkit-rwho/rwho_0.17-4woody2_mips.deb

Size/MD5 checksum: 13218 05ce9334de62e64a6031d0a397b52b8e

http://security.debian.org/pool/updates/main/n/netkit-rwho/rwhod_0.17-4woody2_mips.deb

Size/MD5 checksum: 17120 5c7e1752201621b82154d8107e466fe0

Little endian MIPS architecture:


http://security.debian.org/pool/updates/main/n/netkit-rwho/rwho_0.17-4woody2_mipsel.deb

Size/MD5 checksum: 13266 58bdafa0f3727901bea58b5337078dc6

http://security.debian.org/pool/updates/main/n/netkit-rwho/rwhod_0.17-4woody2_mipsel.deb

Size/MD5 checksum: 17446 d2a3eb4211c8b7beaa502a489a08037c

PowerPC architecture:


http://security.debian.org/pool/updates/main/n/netkit-rwho/rwho_0.17-4woody2_powerpc.deb

Size/MD5 checksum: 13030 e472eb81db77c5e50b5756ce58c92795

http://security.debian.org/pool/updates/main/n/netkit-rwho/rwhod_0.17-4woody2_powerpc.deb

Size/MD5 checksum: 17122 fc8bb02bcc162a54076405e1cbe7b0d0

IBM S/390 architecture:


http://security.debian.org/pool/updates/main/n/netkit-rwho/rwho_0.17-4woody2_s390.deb

Size/MD5 checksum: 13414 9f2dea228f0c0ed3452d26e11366a47f

http://security.debian.org/pool/updates/main/n/netkit-rwho/rwhod_0.17-4woody2_s390.deb

Size/MD5 checksum: 17842 00320623fa238648f89a6fde1a03eefc

Sun Sparc architecture:


http://security.debian.org/pool/updates/main/n/netkit-rwho/rwho_0.17-4woody2_sparc.deb

Size/MD5 checksum: 16062 d8b71eb71a33f4b45132a91731ab1d6e

http://security.debian.org/pool/updates/main/n/netkit-rwho/rwhod_0.17-4woody2_sparc.deb

Size/MD5 checksum: 19818 9b1462f4fbf007255f380ce632bf868c

These files will probably be moved into the stable distribution
on its next update.

For apt-get: deb http://security.debian.org/
stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security
dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org

Package info: `apt-cache show <pkg>’ and http://packages.debian.org/<pkg>

Fedora Legacy

Fedora Legacy Update Advisory

Synopsis: Updated gpdf package fixes security issues
Advisory ID: FLSA:2353
Issue date: 2005-02-10
Product: Fedora Core
Keywords: Bugfix
Cross references: https://bugzilla.fedora.us/show_bug.cgi?id=2353

CVE Names: CAN-2004-0888 CAN-2004-1125 CAN-2005-0064

1. Topic:

An updated gpdf package that fixes a number of integer overflow
security flaws is now available.

GPdf is a viewer for Portable Document Format (PDF) files for
GNOME.

2. Relevant releases/architectures:

Fedora Core 1 – i386

3. Problem description:

During a source code audit, Chris Evans and others discovered a
number of integer overflow bugs that affected all versions of xpdf.
These issues also affect gpdf as it is based on xpdf source code.
An attacker could construct a carefully crafted PDF file that could
cause gpdf to crash or possibly execute arbitrary code when opened.
The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name
CAN-2004-0888 to this issue.

A buffer overflow flaw was found in the Gfx::doImage function of
Xpdf. This flaw also affects gpdf as it is based on xpdf source
code. An attacker could construct a carefully crafted PDF file that
could cause gpdf to crash or possibly execute arbitrary code when
opened. The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name
CAN-2004-1125 to this issue.

A buffer overflow flaw was found when processing the /Encrypt
/Length tag. An attacker could construct a carefully crafted PDF
file that could cause gpdf to crash or possibly execute arbitrary
code when opened. The Common Vulnerabilities and Exposures project
(cve.mitre.org/) has assigned
the name CAN-2005-0064 to this issue.

Users of gpdf are advised to upgrade to this errata package,
which contains backported patches correcting these issues.

4. Solution:

Before applying this update, make sure all previously released
errata relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade.
Only those RPMs which are currently installed will be updated.
Those RPMs which are not installed but included in the list will
not be updated. Note that you can also use wildcards (*.rpm) if
your current directory only contains the desired RPMs.

Please note that this update is also available via yum and apt.
Many people find this an easier way to apply updates. To use yum
issue:

yum update

or to use apt:

apt-get update; apt-get upgrade

This will start an interactive process that will result in the
appropriate RPMs being upgraded on your system. This assumes that
you have yum or apt-get configured for obtaining Fedora Legacy
content. Please visit http://www
fedoralegacy.org/docs for directions on how to configure yum and
apt-get.

5. Bug IDs fixed:

http://bugzilla.fedora.us – bug
#2353 – xpdf buffer overflows apply to gpdf

6. RPMs required:

Fedora Core 1:

SRPM:

http://download.fedoralegacy.org/fedora/1/updates/SRPMS/gpdf-0.110-1.4.legacy.src.rpm

i386:

http://download.fedoralegacy.org/fedora/1/updates/i386/gpdf-0.110-1.4.legacy.i386.rpm

7. Verification:

SHA1 sum Package Name

63438a137ac33d1355bc6b8065fef0a03dde7e68
fedora/1/updates/i386/gpdf-0.110-1.4.legacy.i386.rpm
19c4e9fd40a135b4ad782c228990edcdc38dad04
fedora/1/updates/SRPMS/gpdf-0.110-1.4.legacy.src.rpm

These packages are GPG signed by Fedora Legacy for security. Our
key is available from http://www.fedoralegacy
org/about/security.php

You can verify each package with the following command:

rpm –checksig -v <filename>

If you only wish to verify that each package has not been
corrupted or tampered with, examine only the sha1sum with the
following command:

sha1sum <filename>

8. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0888

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1125

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0064


http://www.idefense.com/application/poi/display?id=186&type=vulnerabilities

9. Contact:

The Fedora Legacy security contact is <secnotice@fedoralegacy.org>.
More project details at http://www.fedoralegacy.org

Fedora Legacy Update Advisory

Synopsis: Updated iptables packages resolve security issues
Advisory ID: FLSA:2252
Issue date: 2005-02-10
Product: Red Hat Linux, Fedora Core
Keywords: Bugfix
Cross references: https://bugzilla.fedora.us/show_bug.cgi?id=2252

CVE Names: CAN-2004-0986

1. Topic:

Updated iptables packages that correct a security problem are
now available.

The iptables utility controls the network packet filtering code
in the Linux kernel.

2. Relevant releases/architectures:

Red Hat Linux 7.3 – i386
Red Hat Linux 9 – i386
Fedora Core 1 – i386

3. Problem description:

Under certain conditions, iptables did not properly load the
required modules at system startup, which caused the firewall rules
to fail to load and protect the system from remote attackers. The
Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name
CAN-2004-0986 to this issue.

Users of iptables are advised to upgrade to these errata
packages, which contain backported patches correcting these
issues.

4. Solution:

Before applying this update, make sure all previously released
errata relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade.
Only those RPMs which are currently installed will be updated.
Those RPMs which are not installed but included in the list will
not be updated. Note that you can also use wildcards (*.rpm) if
your current directory only contains the desired RPMs.

Please note that this update is also available via yum and apt.
Many people find this an easier way to apply updates. To use yum
issue:

yum update

or to use apt:

apt-get update; apt-get upgrade

This will start an interactive process that will result in the
appropriate RPMs being upgraded on your system. This assumes that
you have yum or apt-get configured for obtaining Fedora Legacy
content. Please visit http://www
fedoralegacy.org/docs for directions on how to configure yum and
apt-get.

5. Bug IDs fixed:

http://bugzilla.fedora.us – bug
#2252 – iptables May Fail to Automatically Load Some Modules

6. RPMs required:

Red Hat Linux 7.3:

SRPM:

http://download.fedoralegacy.org/redhat/7.3/updates/SRPMS/iptables-1.2.8-8.73.1.legacy.src.rpm

i386:

http://download.fedoralegacy.org/redhat/7.3/updates/i386/iptables-1.2.8-8.73.1.legacy.i386.rpm


http://download.fedoralegacy.org/redhat/7.3/updates/i386/iptables-ipv6-1.2.8-8.73.1.legacy.i386.rpm

Red Hat Linux 9:

SRPM:

http://download.fedoralegacy.org/redhat/9/updates/SRPMS/iptables-1.2.8-8.90.1.legacy.src.rpm

i386:

http://download.fedoralegacy.org/redhat/9/updates/i386/iptables-1.2.8-8.90.1.legacy.i386.rpm


http://download.fedoralegacy.org/redhat/9/updates/i386/iptables-ipv6-1.2.8-8.90.1.legacy.i386.rpm

Fedora Core 1:

SRPM:

http://download.fedoralegacy.org/redhat/9/updates/SRPMS/iptables-1.2.9-1.0.1.legacy.src.rpm

i386:

http://download.fedoralegacy.org/redhat/9/updates/i386/iptables-1.2.9-1.0.1.legacy.i386.rpm


http://download.fedoralegacy.org/redhat/9/updates/i386/iptables-devel-1.2.9-1.0.1.legacy.i386.rpm


http://download.fedoralegacy.org/redhat/9/updates/i386/iptables-ipv6-1.2.9-1.0.1.legacy.i386.rpm

7. Verification:

SHA1 sum Package Name

83895bb3697fc2c0a6442a12a481e5670a4c4e36
redhat/7.3/updates/i386/iptables-1.2.8-8.73.1.legacy.i386.rpm
a4fbd94e3307c8f6915e9cdf23b98069e7c9e44c
redhat/7.3/updates/i386/iptables-ipv6-1.2.8-8.73.1.legacy.i386.rpm

d0630819c5a33d60976b5b3c0ed5b7e67bbfc1f6
redhat/7.3/updates/SRPMS/iptables-1.2.8-8.73.1.legacy.src.rpm
1bf551072cb97cb4dfcec90530dbe5f71d3eb4b0
redhat/9/updates/i386/iptables-1.2.8-8.90.1.legacy.i386.rpm
e80b93d0c4161576a2707253b25240a2330f7d43
redhat/9/updates/i386/iptables-ipv6-1.2.8-8.90.1.legacy.i386.rpm

5a7849fa4cc500bf6bc0d8320080fb6ba23d9e32
redhat/9/updates/SRPMS/iptables-1.2.8-8.90.1.legacy.src.rpm
87484b5ab4fed7ddaeea720d5303e7f9eca88d16
fedora/1/updates/i386/iptables-1.2.9-1.0.1.legacy.i386.rpm
6aa4eab81a36ddbbd00d4bde0280dd673dfd5324
fedora/1/updates/i386/iptables-devel-1.2.9-1.0.1.legacy.i386.rpm

4d545e88fbec8ff2371a4ed9c5bc494400db6d63
fedora/1/updates/i386/iptables-ipv6-1.2.9-1.0.1.legacy.i386.rpm
7ded8f4994d1a0017d804969318d8d0a6fa5053c
fedora/1/updates/SRPMS/iptables-1.2.9-1.0.1.legacy.src.rpm

These packages are GPG signed by Fedora Legacy for security. Our
key is available from http://www.fedoralegacy
org/about/security.php

You can verify each package with the following command:

rpm –checksig -v <filename>

If you only wish to verify that each package has not been
corrupted or tampered with, examine only the sha1sum with the
following command:

sha1sum <filename>

8. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0986

9. Contact:

The Fedora Legacy security contact is <secnotice@fedoralegacy.org>.
More project details at http://www.fedoralegacy.org

Fedora Legacy Update Advisory

Synopsis: Updated Xpdf package fixes security issues
Advisory ID: FLSA:2352
Issue date: 2005-02-10
Product: Red Hat Linux, Fedora Core
Keywords: Bugfix
Cross references: https://bugzilla.fedora.us/show_bug.cgi?id=2352

CVE Names: CAN-2004-0888 CAN-2004-1125 CAN-2005-0064

1. Topic:

Updated Xpdf packages that fix several security issues are now
available.

Xpdf is an X Window System based viewer for Portable Document
Format (PDF) files.

2. Relevant releases/architectures:

Red Hat Linux 7.3 – i386
Red Hat Linux 9 – i386
Fedora Core 1 – i386

3. Problem description:

During a source code audit, Chris Evans and others discovered a
number of integer overflow bugs that affected all versions of xpdf.
An attacker could construct a carefully crafted PDF file that could
cause xpdf to crash or possibly execute arbitrary code when opened.
The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name
CAN-2004-0888 to this issue.

A buffer overflow flaw was found in the Gfx::doImage function of
Xpdf. An attacker could construct a carefully crafted PDF file that
could cause Xpdf to crash or possibly execute arbitrary code when
opened. The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name
CAN-2004-1125 to this issue.

A buffer overflow flaw was found when processing the /Encrypt
/Length tag. An attacker could construct a carefully crafted PDF
file that could cause Xpdf to crash or possibly execute arbitrary
code when opened. The Common Vulnerabilities and Exposures project
(cve.mitre.org/) has assigned
the name CAN-2005-0064 to this issue.

Users of xpdf are advised to upgrade to these errata packages,
which contain backported patches correcting these issues.

4. Solution:

Before applying this update, make sure all previously released
errata relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade.
Only those RPMs which are currently installed will be updated.
Those RPMs which are not installed but included in the list will
not be updated. Note that you can also use wildcards (*.rpm) if
your current directory only contains the desired RPMs.

Please note that this update is also available via yum and apt.
Many people find this an easier way to apply updates. To use yum
issue:

yum update

or to use apt:

apt-get update; apt-get upgrade

This will start an interactive process that will result in the
appropriate RPMs being upgraded on your system. This assumes that
you have yum or apt-get configured for obtaining Fedora Legacy
content. Please visit http://www
fedoralegacy.org/docs for directions on how to configure yum and
apt-get.

5. Bug IDs fixed:

http://bugzilla.fedora.us – bug
#2352 – xpdf 3.00 Buffer overflow

6. RPMs required:

Red Hat Linux 7.3:

SRPM:

http://download.fedoralegacy.org/redhat/7.3/updates/SRPMS/xpdf-1.00-7.4.legacy.src.rpm

i386:

http://download.fedoralegacy.org/redhat/7.3/updates/i386/xpdf-1.00-7.4.legacy.i386.rpm


http://download.fedoralegacy.org/redhat/7.3/updates/i386/xpdf-chinese-simplified-1.00-7.4.legacy.i386.rpm


http://download.fedoralegacy.org/redhat/7.3/updates/i386/xpdf-chinese-traditional-1.00-7.4.legacy.i386.rpm


http://download.fedoralegacy.org/redhat/7.3/updates/i386/xpdf-japanese-1.00-7.4.legacy.i386.rpm


http://download.fedoralegacy.org/redhat/7.3/updates/i386/xpdf-korean-1.00-7.4.legacy.i386.rpm

Red Hat Linux 9:

SRPM:

http://download.fedoralegacy.org/redhat/9/updates/SRPMS/xpdf-2.01-11.3.legacy.src.rpm

i386:

http://download.fedoralegacy.org/redhat/9/updates/i386/xpdf-2.01-11.3.legacy.i386.rpm


http://download.fedoralegacy.org/redhat/9/updates/i386/xpdf-chinese-simplified-2.01-11.3.legacy.i386.rpm


http://download.fedoralegacy.org/redhat/9/updates/i386/xpdf-chinese-traditional-2.01-11.3.legacy.i386.rpm


http://download.fedoralegacy.org/redhat/9/updates/i386/xpdf-japanese-2.01-11.3.legacy.i386.rpm


http://download.fedoralegacy.org/redhat/9/updates/i386/xpdf-korean-2.01-11.3.legacy.i386.rpm

Fedora Core 1:

SRPM:

http://download.fedoralegacy.org/fedora/1/updates/SRPMS/xpdf-2.03-1.3.legacy.src.rpm

i386:

http://download.fedoralegacy.org/fedora/1/updates/i386/xpdf-2.03-1.3.legacy.i386.rpm

7. Verification:

SHA1 sum Package Name

423ffbb749b7ee88eeb10e6a859eeb0bf065e14f
redhat/7.3/updates/i386/xpdf-1.00-7.4.legacy.i386.rpm
c73127114f7369b5b7dc47f888bd751aff93126e
redhat/7.3/updates/i386/xpdf-chinese-simplified-1.00-7.4.legacy.i386.rpm

fc92215a4b5767adc4fc97dbdab273116ba4d633
redhat/7.3/updates/i386/xpdf-chinese-traditional-1.00-7.4.legacy.i386.rpm

f723ea683d914c4a07715a06aa986f91617bd4ea
redhat/7.3/updates/i386/xpdf-japanese-1.00-7.4.legacy.i386.rpm
81c63ff5b9f1fc0e6a9a384407a46bd699f33feb
redhat/7.3/updates/i386/xpdf-korean-1.00-7.4.legacy.i386.rpm
e4a7aabeaaac53c1773f2cee640ec1052cffb820
redhat/7.3/updates/SRPMS/xpdf-1.00-7.4.legacy.src.rpm
67e76b9214471447bf79ea1b5b191b16122ba2c0
redhat/9/updates/i386/xpdf-2.01-11.3.legacy.i386.rpm
7c6d5c6374dd7e5c952d37ead71071500ac9fda3
redhat/9/updates/i386/xpdf-chinese-simplified-2.01-11.3.legacy.i386.rpm

e351ec803bc2e7c27aa4677dcd57ad9f4772c492
redhat/9/updates/i386/xpdf-chinese-traditional-2.01-11.3.legacy.i386.rpm

fcde9f1758de64bd50e5ef003cf344c63264b940
redhat/9/updates/i386/xpdf-japanese-2.01-11.3.legacy.i386.rpm
a5e48c1ef2bca6e59b4c27f442078231d6dd68c2
redhat/9/updates/i386/xpdf-korean-2.01-11.3.legacy.i386.rpm
118304e7529774f84fd2a7ac23c4220fe5f92a52
redhat/9/updates/SRPMS/xpdf-2.01-11.3.legacy.src.rpm
604172c53feadba2f6049a41e214dd61ec24fd95
fedora/1/updates/i386/xpdf-2.03-1.3.legacy.i386.rpm
93454fd7f71a3fe88bcc89593312c6120e7168fc
fedora/1/updates/SRPMS/xpdf-2.03-1.3.legacy.src.rpm

These packages are GPG signed by Fedora Legacy for security. Our
key is available from http://www.fedoralegacy
org/about/security.php

You can verify each package with the following command:

rpm –checksig -v <filename>

If you only wish to verify that each package has not been
corrupted or tampered with, examine only the sha1sum with the
following command:

sha1sum <filename>

8. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0888

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1125

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0064


http://www.idefense.com/application/poi/display?id=186&type=vulnerabilities

9. Contact:

The Fedora Legacy security contact is <secnotice@fedoralegacy.org>.
More project details at http://www.fedoralegacy.org

Fedora Legacy Update Advisory

Synopsis: Updated gaim package resolves security issues
Advisory ID: FLSA:2188
Issue date: 2005-02-10
Product: Red Hat Linux, Fedora Core
Keywords: Bugfix
Cross references: https://bugzilla.fedora.us/show_bug.cgi?id=2188

CVE Names: CAN-2004-0891

1. Topic:

An updated gaim package that fixes security issues and various
bugs is now avaliable.

The gaim application is a multi-protocol instant messaging
client.

2. Relevant releases/architectures:

Red Hat Linux 7.3 – i386
Red Hat Linux 9 – i386
Fedora Core 1 – i386

3. Problem description:

A buffer overflow has been discovered in the MSN protocol
handler. When receiving unexpected sequence of MSNSLP messages, it
is possible that an attacker could cause an internal buffer
overflow, leading to a crash or possible code execution. The Common
Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name
CAN-2004-0891 to this issue.

This updated gaim package also fixes multiple user interface,
protocol, and error handling problems, including an ICQ
communication encoding issue.

Users of gaim are advised to upgrade to this updated package
which contains gaim version 1.0.2 and is not vulnerable to these
issues.

4. Solution:

Before applying this update, make sure all previously released
errata relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade.
Only those RPMs which are currently installed will be updated.
Those RPMs which are not installed but included in the list will
not be updated. Note that you can also use wildcards (*.rpm) if
your current directory only contains the desired RPMs.

Please note that this update is also available via yum and apt.
Many people find this an easier way to apply updates. To use yum
issue:

yum update

or to use apt:

apt-get update; apt-get upgrade

This will start an interactive process that will result in the
appropriate RPMs being upgraded on your system. This assumes that
you have yum or apt-get configured for obtaining Fedora Legacy
content. Please visit http://www
fedoralegacy.org/docs for directions on how to configure yum and
apt-get.

5. Bug IDs fixed:

http://bugzilla.fedora.us – bug
#2188 – gaim MSN protocol buffer overflow.

6. RPMs required:

Red Hat Linux 7.3:

SRPM:

http://download.fedoralegacy.org/redhat/7.3/updates/SRPMS/gaim-1.0.2-0.FC0.73.0.legacy.src.rpm

i386:

http://download.fedoralegacy.org/redhat/7.3/updates/i386/gaim-1.0.2-0.FC0.73.0.legacy.i386.rpm

Red Hat Linux 9:

SRPM:

http://download.fedoralegacy.org/redhat/9/updates/SRPMS/gaim-1.0.2-0.FC0.90.0.legacy.src.rpm

i386:

http://download.fedoralegacy.org/redhat/9/updates/i386/gaim-1.0.2-0.FC0.90.0.legacy.i386.rpm

Fedora Core 1:

SRPM:

http://download.fedoralegacy.org/redhat/9/updates/SRPMS/gaim-1.0.2-0.FC1.0.legacy.src.rpm

i386:

http://download.fedoralegacy.org/redhat/9/updates/i386/gaim-1.0.2-0.FC1.0.legacy.i386.rpm

7. Verification:

SHA1 sum Package Name

a174d3f8283b608124a7d1061d951d3f44eaf5df
redhat/7.3/updates/i386/gaim-1.0.2-0.FC0.73.0.legacy.i386.rpm
b16668fdeddf34c3534065ab971b511774c346a8
redhat/7.3/updates/SRPMS/gaim-1.0.2-0.FC0.73.0.legacy.src.rpm
4b1ebfc27b5b05868f5737064f16711d72904565
redhat/9/updates/i386/gaim-1.0.2-0.FC0.90.0.legacy.i386.rpm
23dc361672ef204e40dcdba7f5c3a395200625f4
redhat/9/updates/SRPMS/gaim-1.0.2-0.FC0.90.0.legacy.src.rpm
78e9993c468e49abf30779c99a9436046fcce426
fedora/1/updates/i386/gaim-1.0.2-0.FC1.0.legacy.i386.rpm
bed1c8a428c099d51086ddc4acf90571f3a04a98
fedora/1/updates/SRPMS/gaim-1.0.2-0.FC1.0.legacy.src.rpm

These packages are GPG signed by Fedora Legacy for security. Our
key is available from http://www.fedoralegacy
org/about/security.php

You can verify each package with the following command:

rpm –checksig -v <filename>

If you only wish to verify that each package has not been
corrupted or tampered with, examine only the sha1sum with the
following command:

sha1sum <filename>

8. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0891

9. Contact:

The Fedora Legacy security contact is <secnotice@fedoralegacy.org>.
More project details at http://www.fedoralegacy.org

Gentoo Linux

Gentoo Linux Security Advisory GLSA 200502

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis

Must Read

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

Our Brands

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.