Conectiva Linux
CONECTIVA LINUX SECURITY ANNOUNCEMENT
PACKAGE : twiki
SUMMARY : Fix for twiki remote vulnerability
DATE : 2005-01-14 10:51:00
ID : CLA-2005:918
RELEVANT RELEASES : 10
DESCRIPTION
TWiki[1] is a flexible, powerful, and easy to use enterprise
collaboration platform.
A vulnerability in twiki was found where a remote attacker could
exploit it to run arbitrary shell commands on the server. For
further information on this vulnerability, please, refer to the
authors’ announcement[2].
SOLUTION
It is recommended that all twiki users upgrade their packages.
REFERENCES
1.http://www.twiki.org/
2.http://twiki.org/cgi-bin/view/Codev/SecurityAlertExecuteCommandsWithSearch
UPDATED PACKAGES
ftp://atualizacoes.conectiva.com.br/10/SRPMS/twiki-20040507beta-61534U10_1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/twiki-20040507beta-61534U10_1cl.i386.rpm
ADDITIONAL INSTRUCTIONS
The apt tool can be used to perform RPM packages upgrades:
- run: apt-get update
- after that, execute: apt-get upgrade
Detailed instructions regarding the use of apt and upgrade
examples can be found at http://distro.conectiva.com.br/atualizacoes/#apt?idioma=en
All packages are signed with Conectiva’s GPG key. The key and
instructions on how to import it can be found at
http://distro.conectiva.com.br/seguranca/chave/?idioma=en
Instructions on how to check the signatures of the RPM packages can
be found at http://distro.conectiva.com.br/seguranca/politica/?idioma=en
All our advisories and generic update instructions can be viewed at
http://distro.conectiva.com.br/atualizacoes/?idioma=en
Copyright (c) 2004 Conectiva Inc.
http://www.conectiva.com
Debian GNU/Linux
Debian Security Advisory DSA 640-1 security@debian.org
http://www.debian.org/security/
Martin Schulze
January 17th, 2005 http://www.debian.org/security/faq
Package : gatos
Vulnerability : buffer overflow
Problem-Type : local
Debian-specific: no
CVE ID : CAN-2005-0016
Erik S. discovered a buffer overflow in xatitv, one of the
programs in the gatos package, that is used to display video with
certain ATI video cards. xatitv is installed setuid root in order
to gain direct access to the video hardware.
For the stable distribution (woody) this problem has been fixed
in version 0.0.5-6woody3.
For the unstable distribution (sid) this problem has been fixed
in version 0.0.5-15.
We recommend that you upgrade your gatos package.
Upgrade Instructions
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.0 alias woody
Source archives:
http://security.debian.org/pool/updates/main/g/gatos/gatos_0.0.5-6woody3.dsc
Size/MD5 checksum: 629 0005020205c97ebd6f2efdf146846c15
http://security.debian.org/pool/updates/main/g/gatos/gatos_0.0.5-6woody3.diff.gz
Size/MD5 checksum: 40976 34933c1e1da0fbb172ab919e23b68e02
http://security.debian.org/pool/updates/main/g/gatos/gatos_0.0.5.orig.tar.gz
Size/MD5 checksum: 483916 9c16631afc933bde6f5d5e1421efddb7
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/g/gatos/gatos_0.0.5-6woody3_i386.deb
Size/MD5 checksum: 148110 2d2e9c2ba2d429175cab205c6ce6860d
http://security.debian.org/pool/updates/main/g/gatos/libgatos-dev_0.0.5-6woody3_i386.deb
Size/MD5 checksum: 109748 4c1d0a17839934a2c818e314c5d7d3b2
http://security.debian.org/pool/updates/main/g/gatos/libgatos0_0.0.5-6woody3_i386.deb
Size/MD5 checksum: 75460 bc27c6c2ec12dab3b6b3e164ee8f05f2
These files will probably be moved into the stable distribution
on its next update.
Debian Security Advisory DSA 643-1 security@debian.org
http://www.debian.org/security/
Martin Schulze
January 18th, 2005 http://www.debian.org/security/faq
Package : queue
Vulnerability : buffer overflows
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2004-0555
“jaguar” of the Debian Security Audit Project has discovered
several buffer overflows in queue, a transparent load balancing
system.
For the stable distribution (woody) these problems have been
fixed in version 1.30.1-4woody2.
For the unstable distribution (sid) these problems have been
fixed in version 1.30.1-5.
We recommend that you upgrade your queue package.
Upgrade Instructions
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.0 alias woody
Source archives:
http://security.debian.org/pool/updates/main/q/queue/queue_1.30.1-4woody2.dsc
Size/MD5 checksum: 582 24c706e1af4baa9e8ac3dc02c8d72dce
http://security.debian.org/pool/updates/main/q/queue/queue_1.30.1-4woody2.diff.gz
Size/MD5 checksum: 42917 cb036472a17be964822cd1748dff9c5f
http://security.debian.org/pool/updates/main/q/queue/queue_1.30.1.orig.tar.gz
Size/MD5 checksum: 699770 82dd2a37f9c3d5f977afc0a990c9c648
Alpha architecture:
http://security.debian.org/pool/updates/main/q/queue/queue_1.30.1-4woody2_alpha.deb
Size/MD5 checksum: 134242 cf2f009836139723d0b9eeccf6497e89
ARM architecture:
http://security.debian.org/pool/updates/main/q/queue/queue_1.30.1-4woody2_arm.deb
Size/MD5 checksum: 112840 f2ee06cf9103664ae7dd631ff9cc5173
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/q/queue/queue_1.30.1-4woody2_i386.deb
Size/MD5 checksum: 108874 777f71c6cf3136e7143094f9ba4507f7
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/q/queue/queue_1.30.1-4woody2_ia64.deb
Size/MD5 checksum: 151766 caa6d74226f7ad6ebfbb50402b366693
HP Precision architecture:
http://security.debian.org/pool/updates/main/q/queue/queue_1.30.1-4woody2_hppa.deb
Size/MD5 checksum: 116304 145964aa0dfd6fe42f6a67104af370a5
Motorola 680×0 architecture:
http://security.debian.org/pool/updates/main/q/queue/queue_1.30.1-4woody2_m68k.deb
Size/MD5 checksum: 105868 d9035e0b49e56257444d1445b9f2b48a
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/q/queue/queue_1.30.1-4woody2_mips.deb
Size/MD5 checksum: 117588 1d67e473d49dcfc3e6b8c083976ee22a
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/q/queue/queue_1.30.1-4woody2_mipsel.deb
Size/MD5 checksum: 118012 721e4a42ae02098ff7acd6fbe60934c7
PowerPC architecture:
http://security.debian.org/pool/updates/main/q/queue/queue_1.30.1-4woody2_powerpc.deb
Size/MD5 checksum: 112670 a294d33370973324ef46a8beaf20880a
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/q/queue/queue_1.30.1-4woody2_s390.deb
Size/MD5 checksum: 112492 799fe37a8371ab10c4fb78298b054b8e
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/q/queue/queue_1.30.1-4woody2_sparc.deb
Size/MD5 checksum: 123792 6a6685be2847e8c50c71712b80b05c2c
These files will probably be moved into the stable distribution
on its next update.
Debian Security Advisory DSA 644-1 security@debian.org
http://www.debian.org/security/
Martin Schulze
January 18th, 2005 http://www.debian.org/security/faq
Package : chbg
Vulnerability : buffer overflow
Problem-Type : local
Debian-specific: no
CVE ID : CAN-2004-1264
Debian Bug : 285904
Danny Lungstrom discoverd a vulnerability in chbg, a tool to
change background pictures. A maliciously crafted
configuration/scenario file could overflow a buffer and lead to the
execution of arbitrary code on the victim’s machine.
For the stable distribution (woody) this problem has been fixed
in version 1.5-1woody1.
For the unstable distribution (sid) this problem has been fixed
in version 1.5-4.
We recommend that you upgrade your chbg package.
Upgrade Instructions
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.0 alias woody
Source archives:
http://security.debian.org/pool/updates/main/c/chbg/chbg_1.5-1woody1.dsc
Size/MD5 checksum: 600 3cb28b61fb97dca63f09a486dae5612f
http://security.debian.org/pool/updates/main/c/chbg/chbg_1.5-1woody1.diff.gz
Size/MD5 checksum: 3612 08098cf0fec406380e968186766de027
http://security.debian.org/pool/updates/main/c/chbg/chbg_1.5.orig.tar.gz
Size/MD5 checksum: 322878 4a158c94c25b359c86da1de9ef3e986b
Alpha architecture:
http://security.debian.org/pool/updates/main/c/chbg/chbg_1.5-1woody1_alpha.deb
Size/MD5 checksum: 294456 afd6ce377d43c0df909d955e04c328cd
ARM architecture:
http://security.debian.org/pool/updates/main/c/chbg/chbg_1.5-1woody1_arm.deb
Size/MD5 checksum: 247338 878c528ab81decd999503ad47557fc4a
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/c/chbg/chbg_1.5-1woody1_i386.deb
Size/MD5 checksum: 244862 d3a09b86dfc44164c541cda2eb66ce66
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/c/chbg/chbg_1.5-1woody1_ia64.deb
Size/MD5 checksum: 345228 e4b9ae6b9da9c34d5a930727bdfc1a44
HP Precision architecture:
Cannot be updated due to compiler error.
Motorola 680×0 architecture:
http://security.debian.org/pool/updates/main/c/chbg/chbg_1.5-1woody1_m68k.deb
Size/MD5 checksum: 222916 7dce4c0b3ae27f624ee472bd153d5c66
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/c/chbg/chbg_1.5-1woody1_mips.deb
Size/MD5 checksum: 249054 66402b53b158bfa0b2144b6b97b1d794
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/c/chbg/chbg_1.5-1woody1_mipsel.deb
Size/MD5 checksum: 247536 769f5074ad1f4b148191d0e196d01778
PowerPC architecture:
http://security.debian.org/pool/updates/main/c/chbg/chbg_1.5-1woody1_powerpc.deb
Size/MD5 checksum: 271272 f6b03b2a05de42ee203d7d9cbfe7c468
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/c/chbg/chbg_1.5-1woody1_s390.deb
Size/MD5 checksum: 239098 f20c7b0e36ecfc4540d3673f4ec477dd
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/c/chbg/chbg_1.5-1woody1_sparc.deb
Size/MD5 checksum: 263302 28df5318e314bbaf79493b485aa6cffa
These files will probably be moved into the stable distribution
on its next update.
Debian Security Advisory DSA 641-1 security@debian.org
http://www.debian.org/security/
Martin Schulze
January 17th, 2005 http://www.debian.org/security/faq
Package : playmidi
Vulnerability : buffer overflow
Problem-Type : local
Debian-specific: no
CVE ID : CAN-2005-0020
Erik Sjölund discovered that playmidi, a MIDI
player, contains a setuid root program with a buffer overflow that
can be exploited by a local attacker.
For the stable distribution (woody) this problem has been fixed
in version 2.4-4woody1.
For the unstable distribution (sid) this problem has been fixed
in version 2.4debian-3.
We recommend that you upgrade your playmidi package.
Upgrade Instructions
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.0 alias woody
Source archives:
http://security.debian.org/pool/updates/main/p/playmidi/playmidi_2.4-4woody1.dsc
Size/MD5 checksum: 660 27266405df049e3ad78449aa26359180
http://security.debian.org/pool/updates/main/p/playmidi/playmidi_2.4-4woody1.diff.gz
Size/MD5 checksum: 11116 5593e29fbf22ee00c6ea1d2cc4fccd9d
http://security.debian.org/pool/updates/main/p/playmidi/playmidi_2.4.orig.tar.gz
Size/MD5 checksum: 146742 04efb0826324bce1d93228c77d52f911
Alpha architecture:
http://security.debian.org/pool/updates/main/p/playmidi/playmidi_2.4-4woody1_alpha.deb
Size/MD5 checksum: 151852 60b96643f5810f39bf0f7c8344bad727
ARM architecture:
http://security.debian.org/pool/updates/main/p/playmidi/playmidi_2.4-4woody1_arm.deb
Size/MD5 checksum: 142944 6df41fcb7eadb971547306b81c3d04e0
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/p/playmidi/playmidi_2.4-4woody1_i386.deb
Size/MD5 checksum: 152556 07ed83461c1895ee6e473f72aef321c7
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/p/playmidi/playmidi_2.4-4woody1_ia64.deb
Size/MD5 checksum: 168568 91ca1e75e685edba1cd280e2b7b57aae
HP Precision architecture:
http://security.debian.org/pool/updates/main/p/playmidi/playmidi_2.4-4woody1_hppa.deb
Size/MD5 checksum: 147882 96433cebca7781212b33419726fd271e
Motorola 680×0 architecture:
http://security.debian.org/pool/updates/main/p/playmidi/playmidi_2.4-4woody1_m68k.deb
Size/MD5 checksum: 132748 ec499ea1a198151560d5e1050738465c
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/p/playmidi/playmidi_2.4-4woody1_mips.deb
Size/MD5 checksum: 144526 b8577f77664f10bc433140eccfa024d9
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/p/playmidi/playmidi_2.4-4woody1_mipsel.deb
Size/MD5 checksum: 143648 b2eac216eb51a3e75114662e0c3c3d05
PowerPC architecture:
http://security.debian.org/pool/updates/main/p/playmidi/playmidi_2.4-4woody1_powerpc.deb
Size/MD5 checksum: 143318 4e42843f540adea484c9b6513f7cc1ac
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/p/playmidi/playmidi_2.4-4woody1_s390.deb
Size/MD5 checksum: 141042 11ec7a55306c470ff9bb9c248e73d1e6
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/p/playmidi/playmidi_2.4-4woody1_sparc.deb
Size/MD5 checksum: 147806 698b5ab0d50fc0a77c0bb4921c5b77d5
These files will probably be moved into the stable distribution
on its next update.
Debian Security Advisory DSA 642-1 security@debian.org
http://www.debian.org/security/
Martin Schulze
January 17th, 2005 http://www.debian.org/security/faq
Package : gallery
Vulnerability : several
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2004-1106
BugTraq ID : 11602
Several vulnerabilities have been discovered in gallery, a
web-based photo album written in PHP4. The Common Vulnerabilities
and Exposures project identifies the following vulnerabilities:
CAN-2004-1106
Jim Paris discovered a cross site scripting vulnerability which
allows code to be inserted by using specially formed URLs.
CVE-NOMATCH
The upstream developers of gallery have fixed several cases of
possible variable injection that could trick gallery to unintended
actions, e.g. leaking database passwords.
For the stable distribution (woody) these problems have been
fixed in version 1.2.5-8woody3.
For the unstable distribution (sid) these problems have been
fixed in version 1.4.4-pl4-1.
We recommend that you upgrade your gallery package.
Upgrade Instructions
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.0 alias woody
Source archives:
http://security.debian.org/pool/updates/main/g/gallery/gallery_1.2.5-8woody3.dsc
Size/MD5 checksum: 573 f789c8198ba2b859cfb5cca31aaf6dcd
http://security.debian.org/pool/updates/main/g/gallery/gallery_1.2.5-8woody3.diff.gz
Size/MD5 checksum: 7908 6acd9ee257ddad8c2ffa568b5540e9fe
http://security.debian.org/pool/updates/main/g/gallery/gallery_1.2.5.orig.tar.gz
Size/MD5 checksum: 132099 1a32e57b36ca06d22475938e1e1b19f9
Architecture independent components:
http://security.debian.org/pool/updates/main/g/gallery/gallery_1.2.5-8woody3_all.deb
Size/MD5 checksum: 133126 3527d050800873dc990c1d002478aa7e
These files will probably be moved into the stable distribution
on its next update.
For apt-get: deb http://security.debian.org/
stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security
dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>’ and http://packages.debian.org/<pkg>
Gentoo Linux
Gentoo Linux Security Advisory GLSA 200501-25
Severity: Normal
Title: Squid: Multiple vulnerabilities
Date: January 16, 2005
Bugs: #77934, #77521
ID: 200501-25
Synopsis
Squid contains vulnerabilities in the the code handling NTLM (NT
Lan Manager), Gopher to HTML and WCCP (Web Cache Communication
Protocol) which could lead to denial of service and arbitrary code
execution.
Background
Squid is a full-featured Web proxy cache designed to run on Unix
systems. It supports proxying and caching of HTTP, FTP, and other
URLs, as well as SSL support, cache hierarchies, transparent
caching, access control lists and many other features.
Affected packages
Package / Vulnerable / Unaffected
1 www-proxy/squid < 2.5.7-r2 >= 2.5.7-r2
Description
Squid contains a vulnerability in the gopherToHTML function and
incorrectly checks the ‘number of caches’ field when parsing
WCCP_I_SEE_YOU messages. Furthermore the NTLM code contains two
errors. One is a memory leak in the fakeauth_auth helper and the
other is NULL pointer dereferencing error.
Impact
With the WCCP issue an attacker could cause denial of service by
sending a specially crafted UDP packet. With the Gopher issue an
attacker might be able to execute arbitrary code by enticing a user
to connect to a malicious Gopher server. The NTLM issues could lead
to denial of service by memory consumption or by crashing
Squid.
Workaround
There is no known workaround at this time.
Resolution
All Squid users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-proxy/squid-2.5.7-r2"
References
[ 1 ] Secunia Advisory SA13825
http://secunia.com/advisories/13825/
[ 2 ] Secunia Advisory SA13789
http://secunia.com/advisories/13789/
Availability
This GLSA and any updates to it are available for viewing at the
Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200501-25.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or
alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2005 Gentoo Foundation, Inc; referenced text belongs
to its owner(s).
The contents of this document are licensed under the Creative
Commons – Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.0
Mandrakelinux
Mandrakelinux Security Update Advisory
Package name: cups
Advisory ID: MDKSA-2005:008
Date: January 17th, 2005
Affected versions: 10.0, 10.1, 9.2, Corporate Server 2.1, Corporate
Server 3.0
Problem Description:
A buffer overflow was discovered in the ParseCommand function in
the hpgltops utility. An attacker with the ability to send
malicious HPGL files to a printer could possibly execute arbitrary
code as the “lp” user (CAN-2004-1267).
Vulnerabilities in the lppasswd utility were also discovered.
The program ignores write errors when modifying the CUPS passwd
file. A local user who is able to fill the associated file system
could corrupt the CUPS passwd file or prevent future use of
lppasswd (CAN-2004-1268 and CAN-2004-1269). As well, lppasswd does
not verify that the passwd.new file is different from STDERR, which
could allow a local user to control output to passwd.new via
certain user input that could trigger an error message
(CAN-2004-1270).
The updated packages have been patched to prevent these
problems.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1267
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1268
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1269
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1270
Updated Packages:
Mandrakelinux 10.0:
1e0251c77c7b2c9316bc521b0f82a53d
10.0/RPMS/cups-1.1.20-5.5.100mdk.i586.rpm
e77c1d4bff04dc3a1d609ecd1c8c9e0f
10.0/RPMS/cups-common-1.1.20-5.5.100mdk.i586.rpm
62aba65ac5bcdccfe758159b984b3994
10.0/RPMS/cups-serial-1.1.20-5.5.100mdk.i586.rpm
7afb5aea66db7227a6914267be740833
10.0/RPMS/libcups2-1.1.20-5.5.100mdk.i586.rpm
14f7b61865ee7a15f2e1564cc60f9672
10.0/RPMS/libcups2-devel-1.1.20-5.5.100mdk.i586.rpm
16e7119ecb214022e6ff1297eaad3d2d
10.0/SRPMS/cups-1.1.20-5.5.100mdk.src.rpm
Mandrakelinux 10.0/AMD64:
5ebeedb2d182f35cf22c31afff3c0972
amd64/10.0/RPMS/cups-1.1.20-5.5.100mdk.amd64.rpm
d84c55b9076c74373fa4dbb4e86432ef
amd64/10.0/RPMS/cups-common-1.1.20-5.5.100mdk.amd64.rpm
ec5098bd9300257fe5011fca0bd8ae68
amd64/10.0/RPMS/cups-serial-1.1.20-5.5.100mdk.amd64.rpm
d0d1aac0eacef95e804e16d0ef5b2c6b
amd64/10.0/RPMS/lib64cups2-1.1.20-5.5.100mdk.amd64.rpm
3c1ff21d12d84af2be6da34d4362f43c
amd64/10.0/RPMS/lib64cups2-devel-1.1.20-5.5.100mdk.amd64.rpm
16e7119ecb214022e6ff1297eaad3d2d
amd64/10.0/SRPMS/cups-1.1.20-5.5.100mdk.src.rpm
Mandrakelinux 10.1:
ece1d0df72d1dc15a09ed755172770ba
10.1/RPMS/cups-1.1.21-0.rc1.7.3.101mdk.i586.rpm
288a2795e3e329ff708f3f47373187a1
10.1/RPMS/cups-common-1.1.21-0.rc1.7.3.101mdk.i586.rpm
89901c1c9a8169c5d80f818599bd44b5
10.1/RPMS/cups-serial-1.1.21-0.rc1.7.3.101mdk.i586.rpm
6f8350dd4fb4937c17e362ef797dad96
10.1/RPMS/libcups2-1.1.21-0.rc1.7.3.101mdk.i586.rpm
5bc6dfa8bc58989678a962cfa1722688
10.1/RPMS/libcups2-devel-1.1.21-0.rc1.7.3.101mdk.i586.rpm
55d5adea7a47fc48a582dced0cba3bab
10.1/SRPMS/cups-1.1.21-0.rc1.7.3.101mdk.src.rpm
Mandrakelinux 10.1/X86_64:
ac22a09fe5c0d67121fb4584c1bd41dc
x86_64/10.1/RPMS/cups-1.1.21-0.rc1.7.3.101mdk.x86_64.rpm
a329cc52b9f6b6059a186f2b4758a430
x86_64/10.1/RPMS/cups-common-1.1.21-0.rc1.7.3.101mdk.x86_64.rpm
7b7bcd648c962069a534d3c7b3f416d2
x86_64/10.1/RPMS/cups-serial-1.1.21-0.rc1.7.3.101mdk.x86_64.rpm
fe88bf3a903767f50fe884c1006c72f1
x86_64/10.1/RPMS/lib64cups2-1.1.21-0.rc1.7.3.101mdk.x86_64.rpm
8f71509bfd63c3deb83d1f7e67104088
x86_64/10.1/RPMS/lib64cups2-devel-1.1.21-0.rc1.7.3.101mdk.x86_64.rpm
55d5adea7a47fc48a582dced0cba3bab
x86_64/10.1/SRPMS/cups-1.1.21-0.rc1.7.3.101mdk.src.rpm
Corporate Server 2.1:
c7acb7c1e2ad053308af52c9729bc903
corporate/2.1/RPMS/cups-1.1.18-2.7.C21mdk.i586.rpm
2a86e725464396da1a7d0d114ce97141
corporate/2.1/RPMS/cups-common-1.1.18-2.7.C21mdk.i586.rpm
812683730d90ceb10dfbd3bd96f4b23b
corporate/2.1/RPMS/cups-serial-1.1.18-2.7.C21mdk.i586.rpm
0112be232e1f7e075c8402431600b450
corporate/2.1/RPMS/libcups1-1.1.18-2.7.C21mdk.i586.rpm
1d51cc74a64648aaaaf94d8d0720d95f
corporate/2.1/RPMS/libcups1-devel-1.1.18-2.7.C21mdk.i586.rpm
45d74173e029fb4357b6fc150b5b0f96
corporate/2.1/SRPMS/cups-1.1.18-2.7.C21mdk.src.rpm
Corporate Server 2.1/x86_64:
83b787f50242cbf5576e1b5849e415a9
x86_64/corporate/2.1/RPMS/cups-1.1.18-2.7.C21mdk.x86_64.rpm
7aa9052837d945a572525f4280ba3163
x86_64/corporate/2.1/RPMS/cups-common-1.1.18-2.7.C21mdk.x86_64.rpm
96ff5d11e78b862a5d707cbc29d0022f
x86_64/corporate/2.1/RPMS/cups-serial-1.1.18-2.7.C21mdk.x86_64.rpm
59db51c58eb2dac956ec9a20e72cf968
x86_64/corporate/2.1/RPMS/libcups1-1.1.18-2.7.C21mdk.x86_64.rpm
dcfe2dba0c165618ec2c43c4a53550d9
x86_64/corporate/2.1/RPMS/libcups1-devel-1.1.18-2.7.C21mdk.x86_64.rpm
45d74173e029fb4357b6fc150b5b0f96
x86_64/corporate/2.1/SRPMS/cups-1.1.18-2.7.C21mdk.src.rpm
Corporate Server 3.0:
980ef8bdf2fb0edf8f43744c58ab9d02
corporate/3.0/RPMS/cups-1.1.20-5.5.C30mdk.i586.rpm
88e3806fed54ee27bb3454d39d41dbdf
corporate/3.0/RPMS/cups-common-1.1.20-5.5.C30mdk.i586.rpm
9e03b10d467e249a4784f22a57a48138
corporate/3.0/RPMS/cups-serial-1.1.20-5.5.C30mdk.i586.rpm
35c6c14219de93adfd5bd8b3c224d8bd
corporate/3.0/RPMS/libcups2-1.1.20-5.5.C30mdk.i586.rpm
98368e82f1b812c5fdbebd985df65198
corporate/3.0/RPMS/libcups2-devel-1.1.20-5.5.C30mdk.i586.rpm
9b3fdc543ef0aa6d1c593d2b810eee57
corporate/3.0/SRPMS/cups-1.1.20-5.5.C30mdk.src.rpm
Mandrakelinux 9.2:
d3883cb621525731fc167ff32b9f60b8
9.2/RPMS/cups-1.1.19-10.5.92mdk.i586.rpm
7774fbbce517ef94092452b0f6bf6348
9.2/RPMS/cups-common-1.1.19-10.5.92mdk.i586.rpm
b60260260061314180b239b47326b96b
9.2/RPMS/cups-serial-1.1.19-10.5.92mdk.i586.rpm
6a3cc8c852f46f3b3de385993d3c53bf
9.2/RPMS/libcups2-1.1.19-10.5.92mdk.i586.rpm
e53c2e66c366fac0ad470e5972170ac9
9.2/RPMS/libcups2-devel-1.1.19-10.5.92mdk.i586.rpm
811375f41b9f2c85e2bfa6f64a88a7e2
9.2/SRPMS/cups-1.1.19-10.5.92mdk.src.rpm
Mandrakelinux 9.2/AMD64:
d0d6cdc697cc7b200e5b2abd60121f10
amd64/9.2/RPMS/cups-1.1.19-10.5.92mdk.amd64.rpm
c528308bfd48852daecb0e7373c5f2bb
amd64/9.2/RPMS/cups-common-1.1.19-10.5.92mdk.amd64.rpm
99b41ab64d07eba6b75b294a2137c4a8
amd64/9.2/RPMS/cups-serial-1.1.19-10.5.92mdk.amd64.rpm
931920e3bf5e3aea34199e52f8bed860
amd64/9.2/RPMS/lib64cups2-1.1.19-10.5.92mdk.amd64.rpm
05acfa1a72f100c4607c8229784bb81d
amd64/9.2/RPMS/lib64cups2-devel-1.1.19-10.5.92mdk.amd64.rpm
811375f41b9f2c85e2bfa6f64a88a7e2
amd64/9.2/SRPMS/cups-1.1.19-10.5.92mdk.src.rpm
To upgrade automatically use MandrakeUpdate or urpmi. The
verification of md5 checksums and GPG signatures is performed
automatically for you.
All packages are signed by Mandrakesoft for security. You can
obtain the GPG public key of the Mandrakelinux Security Team by
executing:
gpg –recv-keys –keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandrakelinux at:
http://www.mandrakesoft.com/security/advisories
If you want to report vulnerabilities, please contact
security_linux-mandrake.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team
<security linux-mandrake.com>
SUSE Linux
SUSE Security Announcement
Package: php4, mod_php4
Announcement-ID: SUSE-SA:2005:002
Date: Monday, Jan 17th 2005 18:00 MEST
Affected products: 8.1, 8.2, 9.0, 9.1, 9.2 SUSE Linux Enterprise
Server 8, 9
Vulnerability Type: remote code execution
Severity (1-10): 7
SUSE default package: no Cross References: CAN-2004-1019
CAN-2004-1065 http://bugs.php.net/bug.php?id=25753
Content of this advisory:
- security vulnerability resolved:
- buffer overflows in PHP
- PHP source code disclosure problem description
- solution/workaround
- special instructions and notes
- package location and checksums
- pending vulnerabilities, solutions, workarounds:
- standard appendix (further information)
1) problem description, brief discussion
PHP is a well known, widely-used scripting language often used
within web server setups.
Stefan Esser and Marcus Boerger found several buffer overflow
problems in the unserializer functions of PHP (CAN-2004-1019) and
Ilia Alshanetsky (CAN-2004-1065) found one in the exif parser. Any
of them could allow remote attackers to execute arbitrary code as
the user running the PHP interpreter.
Additionally a bug where the server would disclose php
sourcecode under some circumstances has been fixed.
2) solution/workaround
There is no workaround known besides disabling PHP. Therefore we
recommend to install the updated packages.
3) special instructions and notes
If you use php as module within apache you have to restart the
server by executing the following command as root:
/usr/sbin/rcapache restart
or if you use the apache2 server
/usr/sbin/rcapache2 restart
4) package location and checksums
Download the update package for your distribution and verify its
integrity by the methods listed in section 3) of this announcement.
Then, install the package using the command “rpm -Fhv file.rpm” to
apply the update.
Our maintenance customers are being notified individually. The
packages are being offered for installation from the maintenance
web.
x86 Platform:
SUSE Linux 9.2:
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/php4-4.3.8-8.3.i586.rpm
e871c76bb7c0ba1fc34268e05ee54e94
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/apache2-mod_php4-4.3.8-8.3.i586.rpm
e9e0e5cbfa8805b6a5866cd91db1e715
patch rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/php4-4.3.8-8.3.i586.patch.rpm
7bc595dd946b7287c1b590283526500b
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/apache2-mod_php4-4.3.8-8.3.i586.patch.rpm
e72c58f0d9fbb9d7b0e23251f50b22c5
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/php4-4.3.8-8.3.src.rpm
e80aff98a2d6bdcb56bf6ed7e1731611
SUSE Linux 9.1:
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/php4-4.3.4-43.22.i586.rpm
01ddb36914f644c65165250b7c7689e8
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/apache2-mod_php4-4.3.4-43.22.i586.rpm
9a3db7a8dcc0e5d6b49911d25e755069
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/mod_php4-core-4.3.4-43.22.i586.rpm
c072a97d0081976292d4d5005019dccd
patch rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/php4-4.3.4-43.22.i586.patch.rpm
01853c982ea0c89faecfe3fb568313b6
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/apache2-mod_php4-4.3.4-43.22.i586.patch.rpm
dd64ede42cf3a31a99df2e90ebb597a1
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/mod_php4-core-4.3.4-43.22.i586.patch.rpm
d499fac997192f14e949398df2624a9d
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/php4-4.3.4-43.22.src.rpm
7f23c05761153fec8786c9261e60a49a
SUSE Linux 9.0:
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/mod_php4-4.3.3-183.i586.rpm
bbf8be6995d2590af1e2a5d12d101ba6
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/apache2-mod_php4-4.3.3-183.i586.rpm
d8c08e3e05104d0a291cc1b98111c3a1
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/mod_php4-core-4.3.3-183.i586.rpm
cb01290bc7c2b968eacea15114033ad4
patch rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/mod_php4-4.3.3-183.i586.patch.rpm
d69e6d3885258f06059f0c8cc4b3fc95
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/apache2-mod_php4-4.3.3-183.i586.patch.rpm
1d8029716edec5d69b9e9f54d2b311df
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/mod_php4-core-4.3.3-183.i586.patch.rpm
a9d2199cb9d2ddb904a723d0a6107300
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/mod_php4-4.3.3-183.src.rpm
59f6c6664cad5ded05ce4b22d856d496
SUSE Linux 8.2:
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/mod_php4-4.3.1-174.i586.rpm
5a477c5733f83b776f746bc3431d8207
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/apache2-mod_php4-4.3.1-174.i586.rpm
90eb5f5d40142d7d34a3b46c5ce87ac8
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/mod_php4-core-4.3.1-174.i586.rpm
f55cf3b586c8a921700e8ecfb8ad5941
patch rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/mod_php4-4.3.1-174.i586.patch.rpm
e6c583ddaa03bd85729c46d9ddfc75dd
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/apache2-mod_php4-4.3.1-174.i586.patch.rpm
3053986191c3dd2354b931ea31fc9208
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/mod_php4-core-4.3.1-174.i586.patch.rpm
7a8d67f1e02ea516f21df3ad69107b00
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/mod_php4-4.3.1-174.src.rpm
1d709df9d796d6f723590bc31afe9b18
SUSE Linux 8.1:
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/mod_php4-4.2.2-485.i586.rpm
f597d7af4c5c3eb3fa74ead654ac79e3
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/mod_php4-core-4.2.2-485.i586.rpm
136007f47679877b999eeee170bc0003
patch rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/mod_php4-4.2.2-485.i586.patch.rpm
07b674f1ec878bbb6ee68e6da52144d4
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/mod_php4-core-4.2.2-485.i586.patch.rpm
30c83209b3e7177f9ac34365f51f9c72
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/mod_php4-4.2.2-485.src.rpm
e6a23b4c8cbba800d002104da80fbc17
x86-64 Platform:
SUSE Linux 9.2:
ftp://ftp.suse.com/pub/suse/x86_64/update/9.2/rpm/x86_64/php4-4.3.8-8.3.x86_64.rpm
96c10340cd1e9dbd499ceb264ff6862b
ftp://ftp.suse.com/pub/suse/x86_64/update/9.2/rpm/x86_64/apache2-mod_php4-4.3.8-8.3.x86_64.rpm
0650c7390f4b341ad496030e6d7c7585
source rpm(s):
ftp://ftp.suse.com/pub/suse/x86_64/update/9.2/rpm/src/php4-4.3.8-8.3.src.rpm
e80aff98a2d6bdcb56bf6ed7e1731611
SUSE Linux 9.1:
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/php4-4.3.4-43.22.x86_64.rpm
d7b5bd55bd381bbf674ad9111e336741
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/apache2-mod_php4-4.3.4-43.22.x86_64.rpm
0b8d4a5de7c53fef7364ef2883269c95
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/mod_php4-core-4.3.4-43.22.x86_64.rpm
f973f7d09700571dca8221aaffa8a74b
patch rpm(s):
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/php4-4.3.4-43.22.x86_64.patch.rpm
cf568e895d1b4e79ba0a87c3ddfa68fe
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/apache2-mod_php4-4.3.4-43.22.x86_64.patch.rpm
d74c95e6d64ab16ebd8b0bfc1bfda08f
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/mod_php4-core-4.3.4-43.22.x86_64.patch.rpm
12c7794749389feaec02b707da12c4d4
source rpm(s):
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/php4-4.3.4-43.22.src.rpm
61ae620d5e5bb9c6ebb53c77fdd2f0ee
SUSE Linux 9.0:
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/mod_php4-4.3.3-183.x86_64.rpm
42ddc755c8a14eda9a2e7527e1c6ab83
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/apache2-mod_php4-4.3.3-183.x86_64.rpm
96cf0ad7d9dd5faed47a81619a3f11e9
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/mod_php4-core-4.3.3-183.x86_64.rpm
a4af66488b211562da363b342c80fabd
patch rpm(s):
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/mod_php4-4.3.3-183.x86_64.patch.rpm
564fc4425ba3d8c995836b61c93082f9
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/apache2-mod_php4-4.3.3-183.x86_64.patch.rpm
67580deaea8aed5c1f6af1c8fb5f7889
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/mod_php4-core-4.3.3-183.x86_64.patch.rpm
bfe305060c4ca74d88b8503996a953ae
source rpm(s):
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/mod_php4-4.3.3-183.src.rpm
e1f76b408a70416b1e80dd2fb8f6721a
5) Pending vulnerabilities in SUSE Distributions and
Workarounds:
Please read our weekly summary report for more information.
6) standard appendix: authenticity verification, additional
information
- Package authenticity verification:
SUSE update packages are available on many mirror ftp servers
all over the world. While this service is being considered valuable
and important to the free and open source software community, many
users wish to be sure about the origin of the package and its
content before installing the package. There are two verification
methods that can be used independently from each other to prove the
authenticity of a downloaded file or rpm package:- md5sums as provided in the (cryptographically signed)
announcement. - using the internal gpg signatures of the rpm package.
- execute the command md5sum <name-of-the-file.rpm> after
you downloaded the file from a SUSE ftp server or its mirrors.
Then, compare the resulting md5sum with the one that is listed in
the announcement. Since the announcement containing the checksums
is cryptographically signed (usually using the key security@suse.de), the checksums show
proof of the authenticity of the package. We recommend against
subscribing to security lists that cause the e-mail message
containing the announcement to be modified so that the signature
does not match after transport through the mailing list software.
Downsides: You must be able to verify the authenticity of the
announcement in the first place. If RPM packages are being rebuilt
and a new version of a package is published on the ftp server, all
md5 sums for the files are useless. - rpm package signatures provide an easy way to verify the
authenticity of an rpm package. Use the command rpm -v –checksig
<file.rpm> to verify the signature of the package, where
<file.rpm> is the file name of the rpm package that you have
downloaded. Of course, package authenticity verification can only
target an uninstalled rpm package file. Prerequisites:- gpg is installed
- The package is signed using a certain key. The public part of
this key must be installed by the gpg program in the directory
~/.gnupg/ under the user’s home directory who performs the
signature verification (usually root). You can import the key that
is used by SUSE in rpm packages for SUSE Linux by saving this
announcement to a file (“announcement.txt”) and running the command
(do “su -” to be root): gpg –batch; gpg < announcement.txt |
gpg –import SUSE Linux distributions version 7.1 and thereafter
install the key “build@suse.de”
upon installation or upgrade, provided that the package gpg is
installed. The file containing the public key is placed at the
top-level directory of the first CD (pubring.gpg) and at ftp://ftp.suse.com/pub/suse/pubring.gpg-build.suse.de
.
- md5sums as provided in the (cryptographically signed)
- SUSE runs two security mailing lists to which any interested
party may subscribe: - general/linux/SUSE security discussion. All SUSE security
announcements are sent to this list. To subscribe, send an email to - SUSE’s announce-only mailing list. Only SUSE’s security
announcements are sent to this list. To subscribe, send an email to<suse-security-announce-subscribe@suse.com>.
For general information or the frequently asked questions (faq)
send mail to:<suse-security-info@suse.com>
or <suse-security-faq@suse.com>
respectively.
SUSE’s security contact is <security@suse.com> or
<security@suse.de>.
The <security@suse.de>
public key is listed below.