---

Security Digest: January 25, 2005

Conectiva Linux


CONECTIVA LINUX SECURITY ANNOUNCEMENT


PACKAGE : xpdf
SUMMARY : Fixes for xpdf vulnerabilities
DATE : 2005-01-25 13:50:00
ID : CLA-2005:921
RELEVANT RELEASES : 9, 10


DESCRIPTION
xpdf[1] is a viewer for Portable Document Format (PDF) files, whose
code was used by many other projects, like gpdf, cups and
tetex.

iDefense noticed[2] other two issues[3,4] in the xpdf code where
two buffer overflows could lead to remote code execution
vulnerabilities.

SOLUTION
It is recommended that all xpdf, gpdf, cups and/or tetex users
upgrade their packages.

REFERENCES
1.http://www.foolabs.com/xpdf
2.http://http://www.idefense.com/application/poi/display?id=172&type=vulnerabilities

3.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1125

4.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0064

UPDATED PACKAGES

ftp://atualizacoes.conectiva.com.br/10/SRPMS/cups-1.1.20-62425U10_8cl.src.rpm


ftp://atualizacoes.conectiva.com.br/10/SRPMS/gpdf-0.131-56565U10_3cl.src.rpm


ftp://atualizacoes.conectiva.com.br/10/SRPMS/xpdf-3.00-48231U10_3cl.src.rpm


ftp://atualizacoes.conectiva.com.br/10/SRPMS/tetex-2.0.2-47988U10_2cl.src.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/cups-1.1.20-62425U10_8cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/cups-devel-1.1.20-62425U10_8cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/cups-devel-static-1.1.20-62425U10_8cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/cups-doc-1.1.20-62425U10_8cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/cups-foomatic-1.1.20-62425U10_8cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/cups-libs-1.1.20-62425U10_8cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/cups-netatalk-1.1.20-62425U10_8cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/cups-netware-1.1.20-62425U10_8cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/cups-ppd-1.1.20-62425U10_8cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/cups-serial-1.1.20-62425U10_8cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-am-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-ar-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-az-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-be-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-bn-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-ca-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-cs-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-cy-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-da-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-de-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-el-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-en_CA-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-en_GB-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-eo-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-es-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-eu-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-fa-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-fi-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-fr-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-ga-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-gl-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-he-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-hi-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-hr-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-hu-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-id-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-is-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-it-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-ja-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-kn-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-ko-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-lt-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-lv-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-mk-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-ml-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-mn-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-ms-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-nl-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-nn-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-no-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-pa-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-pl-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-pt-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-pt_BR-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-ro-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-ru-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-sk-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-sl-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-sq-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-sr-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-sv-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-ta-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-th-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-tr-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-uk-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-vi-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-wa-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-zh_CN-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/gpdf-i18n-zh_TW-0.131-56565U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/xpdf-3.00-48231U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/xpdf-progs-3.00-48231U10_3cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/tetex-2.0.2-47988U10_2cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/tetex-afm-2.0.2-47988U10_2cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/tetex-devel-2.0.2-47988U10_2cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/tetex-doc-2.0.2-47988U10_2cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/tetex-dvilj-2.0.2-47988U10_2cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/tetex-dvips-2.0.2-47988U10_2cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/tetex-latex-2.0.2-47988U10_2cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/10/RPMS/tetex-xdvi-2.0.2-47988U10_2cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/9/SRPMS/cups-1.1.18-29091U90_7cl.src.rpm


ftp://atualizacoes.conectiva.com.br/9/SRPMS/xpdf-2.01-22930U90_4cl.src.rpm


ftp://atualizacoes.conectiva.com.br/9/RPMS/cups-1.1.18-29091U90_7cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/9/RPMS/cups-devel-1.1.18-29091U90_7cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/9/RPMS/cups-devel-static-1.1.18-29091U90_7cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/9/RPMS/cups-doc-1.1.18-29091U90_7cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/9/RPMS/cups-libs-1.1.18-29091U90_7cl.i386.rpm


ftp://atualizacoes.conectiva.com.br/9/RPMS/xpdf-2.01-22930U90_4cl.i386.rpm

ADDITIONAL INSTRUCTIONS
The apt tool can be used to perform RPM packages upgrades:

  • run: apt-get update
  • after that, execute: apt-get upgrade

Detailed instructions regarding the use of apt and upgrade
examples can be found at http://distro.conectiva.com.br/atualizacoes/#apt?idioma=en


All packages are signed with Conectiva’s GPG key. The key and
instructions on how to import it can be found at
http://distro.conectiva.com.br/seguranca/chave/?idioma=en
Instructions on how to check the signatures of the RPM packages can
be found at http://distro.conectiva.com.br/seguranca/politica/?idioma=en


All our advisories and generic update instructions can be viewed at
http://distro.conectiva.com.br/atualizacoes/?idioma=en


Copyright (c) 2004 Conectiva Inc.
http://www.conectiva.com

Debian GNU/Linux


Debian Security Advisory DSA 656-1 security@debian.org
http://www.debian.org/security/
Martin Schulze
January 25th, 2005 http://www.debian.org/security/faq


Package : vdr
Vulnerability : insecure file access
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2005-0071

Javier Fernãndez-Sanguino Peña from the Debian
Security Audit Team has discovered that the vdr daemon which is
used for video disk recorders for DVB cards can overwrite arbitrary
files.

For the stable distribution (woody) this problem has been fixed
in version 1.0.0-1woody2.

For the unstable distribution (sid) this problem has been fixed
in version 1.2.6-6.

We recommend that you upgrade your vdr package.

Upgrade Instructions


wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody


Source archives:


http://security.debian.org/pool/updates/main/v/vdr/vdr_1.0.0-1woody2.dsc

Size/MD5 checksum: 580 b948b3b68a18e5f909dd9479a9841f8a

http://security.debian.org/pool/updates/main/v/vdr/vdr_1.0.0-1woody2.tar.gz

Size/MD5 checksum: 431964 3e2a7e792b21258a56bfb54ff7aee702

Intel IA-32 architecture:


http://security.debian.org/pool/updates/main/v/vdr/vdr_1.0.0-1woody2_i386.deb

Size/MD5 checksum: 68802 a881e0f34fdf75cbb9444221412f29e3

http://security.debian.org/pool/updates/main/v/vdr/vdr-daemon_1.0.0-1woody2_i386.deb

Size/MD5 checksum: 151954 a43a1eba9ed48ca81f4953cc2bb17236

http://security.debian.org/pool/updates/main/v/vdr/vdr-kbd_1.0.0-1woody2_i386.deb

Size/MD5 checksum: 152562 37f7d263a57337e6a5087944e15e9f46

http://security.debian.org/pool/updates/main/v/vdr/vdr-lirc_1.0.0-1woody2_i386.deb

Size/MD5 checksum: 153020 1b08452b0cb57abe74024521fbca4c32

http://security.debian.org/pool/updates/main/v/vdr/vdr-rcu_1.0.0-1woody2_i386.deb

Size/MD5 checksum: 154642 b0f7570129a1cd8c0594258750207cba

These files will probably be moved into the stable distribution
on its next update.



Debian Security Advisory DSA 658-1 security@debian.org
http://www.debian.org/security/
Martin Schulze
January 25th, 2005 http://www.debian.org/security/faq


Package : libdbi-perl
Vulnerability : insecure temporary file
Problem-Type : local
Debian-specific: no
CVE ID : CAN-2005-0077

Javier Fernãndez-Sanguino Peña from the Debian
Security Audit Project discovered that the DBI library, the Perl5
database interface, creates a tmporary PID file in an insecure
manner. This can be exploited by a malicious user to overwrite
arbitrary files owned by the person executing the parts of the
library.

For the stable distribution (woody) this problem has been fixed
in version 1.21-2woody2.

For the unstable distribution (sid) this problem has been fixed
in version 1.46-6.

We recommend that you upgrade your libdbi-perl package.

Upgrade Instructions


wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody


Source archives:


http://security.debian.org/pool/updates/main/libd/libdbi-perl/libdbi-perl_1.21-2woody2.dsc

Size/MD5 checksum: 587 778cd2081c6c996e962e5ccd6100b1e8

http://security.debian.org/pool/updates/main/libd/libdbi-perl/libdbi-perl_1.21-2woody2.diff.gz

Size/MD5 checksum: 12117 b96cca05e51fcab8c6ca55c00644d3fd

http://security.debian.org/pool/updates/main/libd/libdbi-perl/libdbi-perl_1.21.orig.tar.gz

Size/MD5 checksum: 208384 c781eee2559de5e4a72e28a8120cb1d9

Alpha architecture:


http://security.debian.org/pool/updates/main/libd/libdbi-perl/libdbi-perl_1.21-2woody2_alpha.deb

Size/MD5 checksum: 345058 014d047dbb24fd94d1a1437244644cd8

ARM architecture:


http://security.debian.org/pool/updates/main/libd/libdbi-perl/libdbi-perl_1.21-2woody2_arm.deb

Size/MD5 checksum: 342540 896f3fe01eb1702df395c8f4ea3b6877

Intel IA-32 architecture:


http://security.debian.org/pool/updates/main/libd/libdbi-perl/libdbi-perl_1.21-2woody2_i386.deb

Size/MD5 checksum: 337802 82348c4c37c6636b85b5fa18d5e00f66

Intel IA-64 architecture:


http://security.debian.org/pool/updates/main/libd/libdbi-perl/libdbi-perl_1.21-2woody2_ia64.deb

Size/MD5 checksum: 356854 b800c42bcdbd3fef74ab630f1a066682

HP Precision architecture:


http://security.debian.org/pool/updates/main/libd/libdbi-perl/libdbi-perl_1.21-2woody2_hppa.deb

Size/MD5 checksum: 345808 5cebb7436af6e22050de51ea895a62ed

Motorola 680×0 architecture:


http://security.debian.org/pool/updates/main/libd/libdbi-perl/libdbi-perl_1.21-2woody2_m68k.deb

Size/MD5 checksum: 338592 202c8161fcdb618b6fbe236499d560af

Big endian MIPS architecture:


http://security.debian.org/pool/updates/main/libd/libdbi-perl/libdbi-perl_1.21-2woody2_mips.deb

Size/MD5 checksum: 338102 3689ef5cf728e7108206cd9140f682bc

Little endian MIPS architecture:


http://security.debian.org/pool/updates/main/libd/libdbi-perl/libdbi-perl_1.21-2woody2_mipsel.deb

Size/MD5 checksum: 338494 bd6f8206898feb05d613f06e30b78e5b

PowerPC architecture:


http://security.debian.org/pool/updates/main/libd/libdbi-perl/libdbi-perl_1.21-2woody2_powerpc.deb

Size/MD5 checksum: 342782 dd2b2637b3c15d472c5053c586a99e1d

IBM S/390 architecture:


http://security.debian.org/pool/updates/main/libd/libdbi-perl/libdbi-perl_1.21-2woody2_s390.deb

Size/MD5 checksum: 340908 274999cd7e3758367fef5f39fa44e888

Sun Sparc architecture:


http://security.debian.org/pool/updates/main/libd/libdbi-perl/libdbi-perl_1.21-2woody2_sparc.deb

Size/MD5 checksum: 344732 5bf3bb91f4a0de5af59d6a2a7d70cecf

These files will probably be moved into the stable distribution
on its next update.



Debian Security Advisory DSA 657-1 security@debian.org
http://www.debian.org/security/
Martin Schulze
January 25th, 2005 http://www.debian.org/security/faq


Package : xine-lib
Vulnerability : buffer overflow
Problem-Type : local (remote)
Debian-specific: no
CVE ID : CAN-2004-1379
BugTraq ID : 11205

A heap overflow has been discovered in the DVD subpicture
decoder of xine-lib. An attacker could cause arbitrary code to be
executed on the victims host by supplying a malicious MPEG. By
tricking users to view a malicious network stream, this is remotely
exploitable.

For the stable distribution (woody) this problem has been fixed
in version 0.9.8-2woody2.

For the unstable distribution (sid) this problem has been fixed
in version 1-rc6a-1.

We recommend that you upgrade your libxine packages.

Upgrade Instructions


wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody


Source archives:


http://security.debian.org/pool/updates/main/x/xine-lib/xine-lib_0.9.8-2woody3.dsc

Size/MD5 checksum: 760 fdead2b906645e98cd98482da245f9fe

http://security.debian.org/pool/updates/main/x/xine-lib/xine-lib_0.9.8-2woody3.diff.gz

Size/MD5 checksum: 1432 d1228b2ea29024dc31d7e73716e430b8

http://security.debian.org/pool/updates/main/x/xine-lib/xine-lib_0.9.8.orig.tar.gz

Size/MD5 checksum: 1766178 d8fc9b30e15b50af8ab7552bbda7aeda

Alpha architecture:


http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody3_alpha.deb

Size/MD5 checksum: 260790 35b1fcb3d630159bffba57cd03ee7198

http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody3_alpha.deb

Size/MD5 checksum: 815898 5b969f8b91cd217a62fbe1206e0dae22

ARM architecture:


http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody3_arm.deb

Size/MD5 checksum: 302736 503e7f984fcdc022730ae84bda3d7893

http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody3_arm.deb

Size/MD5 checksum: 671030 3ca1bdc2e19e8547593ec227457bf934

Intel IA-32 architecture:


http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody3_i386.deb

Size/MD5 checksum: 261202 4fa616c95b299f01eb6c4d3984696a97

http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody3_i386.deb

Size/MD5 checksum: 807774 2880560bd06ebf751184bd8cb0345974

Intel IA-64 architecture:


http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody3_ia64.deb

Size/MD5 checksum: 260670 474f66c0a7ffdd1f1728ca22a05556f3

http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody3_ia64.deb

Size/MD5 checksum: 953146 001f5e510918a2b1cb52e2d560094224

HP Precision architecture:


http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody3_hppa.deb

Size/MD5 checksum: 260840 af3ab8871f26ec99c2e5a4c67821415c

http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody3_hppa.deb

Size/MD5 checksum: 846422 cf09d101cec9e33e4074e6d9e5e7868a

Motorola 680×0 architecture:


http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody3_m68k.deb

Size/MD5 checksum: 292502 ba71fa3ee20e67e92e4ecfab2028f12b

http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody3_m68k.deb

Size/MD5 checksum: 617432 68fd34079a32e9881f095c7ccc458822

Big endian MIPS architecture:


http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody3_mips.deb

Size/MD5 checksum: 299528 feca6217a5df51fe46d1e5185a36c0f4

http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody3_mips.deb

Size/MD5 checksum: 652674 80f688f5856c786f2432619491ac5b56

Little endian MIPS architecture:


http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody3_mipsel.deb

Size/MD5 checksum: 299564 5c2165f1adad2172acfddb42b2be92d1

http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody3_mipsel.deb

Size/MD5 checksum: 654450 4937401c8ea1d16ebfabf83b9321cc4e

PowerPC architecture:


http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody3_powerpc.deb

Size/MD5 checksum: 261054 9345084069863c90f69d17d4cd55e31d

http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody3_powerpc.deb

Size/MD5 checksum: 742158 7fd5ef486125947c8418ca95b803df8f

IBM S/390 architecture:


http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody3_s390.deb

Size/MD5 checksum: 302236 c539ecfcf4a0dfd19b4637fc93f558b9

http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody3_s390.deb

Size/MD5 checksum: 662496 2d6aede160abfc88f5cf5e7f2e19014a

Sun Sparc architecture:


http://security.debian.org/pool/updates/main/x/xine-lib/libxine-dev_0.9.8-2woody3_sparc.deb

Size/MD5 checksum: 260942 db51371b3aad43f02fead312971c8150

http://security.debian.org/pool/updates/main/x/xine-lib/libxine0_0.9.8-2woody3_sparc.deb

Size/MD5 checksum: 807478 2f4c13dab590a77d3f57aa923617bc8c

These files will probably be moved into the stable distribution
on its next update.



Debian Security Advisory DSA 655-1 security@debian.org
http://www.debian.org/security/
Martin Schulze
January 25th, 2005 http://www.debian.org/security/faq


Package : zhcon
Vulnerability : missing privilege release
Problem-Type : local
Debian-specific: no
CVE ID : CAN-2005-0072

Erik Sjalund discovered that zhcon, a fast console CJK system
using the Linux framebuffer, accesses a user-controlled
configuration file with elevated privileges. Thus, it is possible
to read arbitrary files.

For the stable distribution (woody) this problem has been fixed
in version 0.2-4woody3.

For the unstable distribution (sid) this problem will be fixed
soon.

We recommend that you upgrade your zhcon package.

Upgrade Instructions


wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody


Source archives:


http://security.debian.org/pool/updates/main/z/zhcon/zhcon_0.2-4woody3.dsc

Size/MD5 checksum: 571 cef550eb0e12c8841fb19dec63b57c18

http://security.debian.org/pool/updates/main/z/zhcon/zhcon_0.2-4woody3.diff.gz

Size/MD5 checksum: 18162 5757142ee30a5d3e990180a44bfbf8cd

http://security.debian.org/pool/updates/main/z/zhcon/zhcon_0.2.orig.tar.gz

Size/MD5 checksum: 4727022 7a15d08e903c0d40f1f659b23185c4c0

Alpha architecture:


http://security.debian.org/pool/updates/main/z/zhcon/zhcon_0.2-4woody3_alpha.deb

Size/MD5 checksum: 4577314 574567f7d5ff0c730d7c8403da284d62

ARM architecture:


http://security.debian.org/pool/updates/main/z/zhcon/zhcon_0.2-4woody3_arm.deb

Size/MD5 checksum: 4566364 e9cc7274596bd612b85b832945d4fedc

Intel IA-32 architecture:


http://security.debian.org/pool/updates/main/z/zhcon/zhcon_0.2-4woody3_i386.deb

Size/MD5 checksum: 4549436 adcaa080b69de7c3d7de5d5c58bd2ee6

Intel IA-64 architecture:


http://security.debian.org/pool/updates/main/z/zhcon/zhcon_0.2-4woody3_ia64.deb

Size/MD5 checksum: 4594976 ff8e34b0df2d5548918698972ae71ac4

HP Precision architecture:


http://security.debian.org/pool/updates/main/z/zhcon/zhcon_0.2-4woody3_hppa.deb

Size/MD5 checksum: 4590474 68576eb8887b9bda98afc3548704d491

Motorola 680×0 architecture:


http://security.debian.org/pool/updates/main/z/zhcon/zhcon_0.2-4woody3_m68k.deb

Size/MD5 checksum: 4545894 419dcce4d28053e9527888f064dd9a9d

Big endian MIPS architecture:


http://security.debian.org/pool/updates/main/z/zhcon/zhcon_0.2-4woody3_mips.deb

Size/MD5 checksum: 4557002 70955d5fd0205214a4add453ebda3c9c

Little endian MIPS architecture:


http://security.debian.org/pool/updates/main/z/zhcon/zhcon_0.2-4woody3_mipsel.deb

Size/MD5 checksum: 4555974 81e127f1ebecb1519ccc08472909a6cc

PowerPC architecture:


http://security.debian.org/pool/updates/main/z/zhcon/zhcon_0.2-4woody3_powerpc.deb

Size/MD5 checksum: 4548730 7d99eb0b961e83cf9067355c39ba656b

IBM S/390 architecture:


http://security.debian.org/pool/updates/main/z/zhcon/zhcon_0.2-4woody3_s390.deb

Size/MD5 checksum: 4544774 172e282c5c27a5d12a2e3b709b7e89c2

Sun Sparc architecture:


http://security.debian.org/pool/updates/main/z/zhcon/zhcon_0.2-4woody3_sparc.deb

Size/MD5 checksum: 4546018 f6d5b53efb642de658498c091884ff7e

These files will probably be moved into the stable distribution
on its next update.


For apt-get: deb http://security.debian.org/
stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security
dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org

Package info: `apt-cache show <pkg>’ and http://packages.debian.org/<pkg>

Gentoo Linux


Gentoo Linux Security Advisory GLSA 200501-35


http://security.gentoo.org/


Severity: High
Title: Evolution: Integer overflow in camel-lock-helper
Date: January 24, 2005
Bugs: #79183
ID: 200501-35


Synopsis

An overflow in the camel-lock-helper application can be
exploited by an attacker to execute arbitrary code with elevated
privileges.

Background

Evolution is a GNOME groupware application similar to Microsoft
Outlook.

Affected packages


     Package                /  Vulnerable  /                Unaffected

  1  mail-client/evolution      <= 2.0.2                   >= 2.0.2-r1

Description

Max Vozeler discovered an integer overflow in the
camel-lock-helper application, which is installed as setgid mail by
default.

Impact

A local attacker could exploit this vulnerability to execute
malicious code with the privileges of the ‘mail’ group. A remote
attacker could also setup a malicious POP server to execute
arbitrary code when an Evolution user connects to it.

Workaround

There is no known workaround at this time.

Resolution

All Evolution users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose
    # ">=mail-client/evolution-2.0.2-r1"

References

[ 1 ] CAN-2005-0102

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0102

Availability

This GLSA and any updates to it are available for viewing at the
Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200501-35.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or
alternatively, you may file a bug at http://bugs.gentoo.org.

License

Copyright 2005 Gentoo Foundation, Inc; referenced text belongs
to its owner(s).

The contents of this document are licensed under the Creative
Commons – Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.0


Mandrakelinux

Mandrakelinux Security Update Advisory


Package name: squid
Advisory ID: MDKSA-2005:014
Date: January 24th, 2005
Affected versions: 10.0, 10.1, 9.2, Corporate Server 2.1, Corporate
Server 3.0


Problem Description:

“infamous41md” discovered two vulnerabilities in the squid proxy
cache server. The first is a buffer overflow in the Gopher response
parser which leads to memory corruption and would usually crash
squid (CAN-2005-0094). The second is an integer overflow in the
receiver of WCCP (Web Cache Communication Protocol) messages. An
attacker could send a specially crafted UDP datagram that would
cause squid to crash (CAN-2005-0095).

The updated packages have been patched to prevent these
problems.


References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0094

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0095

http://www.squid-cache.org/Advisories/SQUID-2005_1.txt

http://www.squid-cache.org/Advisories/SQUID-2005_2.txt


Updated Packages:

Mandrakelinux 10.0:
829a39d43e630ea5723714a6914fb714
10.0/RPMS/squid-2.5.STABLE4-2.3.100mdk.i586.rpm
c2cb0554ab7225eef74bef946ffe359d
10.0/SRPMS/squid-2.5.STABLE4-2.3.100mdk.src.rpm

Mandrakelinux 10.0/AMD64:
01d6b3dfa7dc5dd5cf1a95c14492f18c
amd64/10.0/RPMS/squid-2.5.STABLE4-2.3.100mdk.amd64.rpm
c2cb0554ab7225eef74bef946ffe359d
amd64/10.0/SRPMS/squid-2.5.STABLE4-2.3.100mdk.src.rpm

Mandrakelinux 10.1:
59493538203620d5bcaabaa23d601446
10.1/RPMS/squid-2.5.STABLE6-2.2.101mdk.i586.rpm
e54c318ee8ec23a28f7ab799e7caad33
10.1/SRPMS/squid-2.5.STABLE6-2.2.101mdk.src.rpm

Mandrakelinux 10.1/X86_64:
f11e4cc06bcface8d67e8505eaa96723
x86_64/10.1/RPMS/squid-2.5.STABLE6-2.2.101mdk.x86_64.rpm
e54c318ee8ec23a28f7ab799e7caad33
x86_64/10.1/SRPMS/squid-2.5.STABLE6-2.2.101mdk.src.rpm

Corporate Server 2.1:
a42ac4049889e5b7123be68f65784f79
corporate/2.1/RPMS/squid-2.4.STABLE7-2.3.C21mdk.i586.rpm
dfc6cc283c301c3f4495e3a8f7ddcd63
corporate/2.1/SRPMS/squid-2.4.STABLE7-2.3.C21mdk.src.rpm

Corporate Server 2.1/x86_64:
903517606084ab4d37e2a52506eed1a5
x86_64/corporate/2.1/RPMS/squid-2.4.STABLE7-2.3.C21mdk.x86_64.rpm

dfc6cc283c301c3f4495e3a8f7ddcd63
x86_64/corporate/2.1/SRPMS/squid-2.4.STABLE7-2.3.C21mdk.src.rpm

Corporate Server 3.0:
c3567af5bc3b38291199904d81165879
corporate/3.0/RPMS/squid-2.5.STABLE4-2.3.C30mdk.i586.rpm
89d53797c271b1897f775d75c4bb4b9e
corporate/3.0/SRPMS/squid-2.5.STABLE4-2.3.C30mdk.src.rpm

Mandrakelinux 9.2:
b200e4cd5136b605665675c22a07f8f6
9.2/RPMS/squid-2.5.STABLE3-3.5.92mdk.i586.rpm
3ad2ffec1411fae0708f4f3e00505fa3
9.2/SRPMS/squid-2.5.STABLE3-3.5.92mdk.src.rpm

Mandrakelinux 9.2/AMD64:
e3eff312ad7b514582575f076f26e5fb
amd64/9.2/RPMS/squid-2.5.STABLE3-3.5.92mdk.amd64.rpm
3ad2ffec1411fae0708f4f3e00505fa3
amd64/9.2/SRPMS/squid-2.5.STABLE3-3.5.92mdk.src.rpm


To upgrade automatically use MandrakeUpdate or urpmi. The
verification of md5 checksums and GPG signatures is performed
automatically for you.

All packages are signed by Mandrakesoft for security. You can
obtain the GPG public key of the Mandrakelinux Security Team by
executing:

gpg –recv-keys –keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandrakelinux at:

http://www.mandrakesoft.com/security/advisories

If you want to report vulnerabilities, please contact

security_linux-mandrake.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team
<security linux-mandrake.com>


Mandrakelinux Security Update Advisory


Package name: mailman
Advisory ID: MDKSA-2005:015
Date: January 24th, 2005
Affected versions: 10.0, 10.1, Corporate Server 2.1, Corporate
Server 3.0


Problem Description:

Florian Weimer discovered a vulnerability in Mailman, which can
be exploited by malicious people to conduct cross-site scripting
attacks.

Input is not properly sanitised by “scripts/driver” when
returning error pages. This can be exploited to execute arbitrary
HTML or script code in a user’s browser session in context of a
vulnerable site by tricking a user into visiting a malicious web
site or follow a specially crafted link. (CAN-2004-1177).


References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1177


Updated Packages:

Mandrakelinux 10.0:
ae373070860eb1c736fcf66fd2c55d96
10.0/RPMS/mailman-2.1.4-2.2.100mdk.i586.rpm
fec2dfd480fc02b17ccff70dd99b4db7
10.0/SRPMS/mailman-2.1.4-2.2.100mdk.src.rpm

Mandrakelinux 10.0/AMD64:
e8b98f2b51d9f11b87bc0a0391d44099
amd64/10.0/RPMS/mailman-2.1.4-2.2.100mdk.amd64.rpm
fec2dfd480fc02b17ccff70dd99b4db7
amd64/10.0/SRPMS/mailman-2.1.4-2.2.100mdk.src.rpm

Mandrakelinux 10.1:
8dd23a3f24902dfd6c79bf86607652fb
10.1/RPMS/mailman-2.1.5-7.2.101mdk.i586.rpm
60d219904e0b21f46b6d2867d6f180bb
10.1/SRPMS/mailman-2.1.5-7.2.101mdk.src.rpm

Mandrakelinux 10.1/X86_64:
0f6eef6e7475e333a44b6dbead106f64
x86_64/10.1/RPMS/mailman-2.1.5-7.2.101mdk.x86_64.rpm
60d219904e0b21f46b6d2867d6f180bb
x86_64/10.1/SRPMS/mailman-2.1.5-7.2.101mdk.src.rpm

Corporate Server 2.1:
6dcfa5a401a8e7fc76a539a62374e18f
corporate/2.1/RPMS/mailman-2.0.14-1.2.C21mdk.i586.rpm
ceef33d5629e03e18760f8c001956664
corporate/2.1/SRPMS/mailman-2.0.14-1.2.C21mdk.src.rpm

Corporate Server 2.1/x86_64:
0205dc5fd874578803b487dd58baad5e
x86_64/corporate/2.1/RPMS/mailman-2.0.14-1.2.C21mdk.x86_64.rpm
ceef33d5629e03e18760f8c001956664
x86_64/corporate/2.1/SRPMS/mailman-2.0.14-1.2.C21mdk.src.rpm

Corporate Server 3.0:
6ba4581b2060d821d0d95b780fc80f16
corporate/3.0/RPMS/mailman-2.1.4-2.2.C30mdk.i586.rpm
cfaf275a70905bede0d23767dbe1be25
corporate/3.0/SRPMS/mailman-2.1.4-2.2.C30mdk.src.rpm


To upgrade automatically use MandrakeUpdate or urpmi. The
verification of md5 checksums and GPG signatures is performed
automatically for you.

All packages are signed by Mandrakesoft for security. You can
obtain the GPG public key of the Mandrakelinux Security Team by
executing:

gpg –recv-keys –keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandrakelinux at:

http://www.mandrakesoft.com/security/advisories

If you want to report vulnerabilities, please contact

security_linux-mandrake.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team
<security linux-mandrake.com>


Ubuntu Linux


Ubuntu Security Notice USN-70-1 January 25, 2005
libdbi-perl vulnerabilities
CAN-2005-0077


A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)

The following packages are affected:

libdbi-perl

The problem can be corrected by upgrading the affected package
to version 1.42-3ubuntu0.1. In general, a standard system upgrade
is sufficient to effect the necessary changes.

Details follow:

Javier Fernãndez-Sanguino Peña from the Debian
Security Audit Project discovered that the module DBI::ProxyServer
in Perl’s DBI library created a PID file in an insecure manner.
This could allow a symbolic link attack to create or overwrite
arbitrary files with the privileges of the user invoking a program
using this module (like ‘dbiproxy’).

Now the module does not create a such a PID file by default.

Source archives:


http://security.ubuntu.com/ubuntu/pool/main/libd/libdbi-perl/libdbi-perl_1.42-3ubuntu0.1.diff.gz

Size/MD5: 13840 0ea63225d70126bd2492516466a2209d

http://security.ubuntu.com/ubuntu/pool/main/libd/libdbi-perl/libdbi-perl_1.42-3ubuntu0.1.dsc

Size/MD5: 608 f6a5286d0a38572cd3ff944669ecf457

http://security.ubuntu.com/ubuntu/pool/main/libd/libdbi-perl/libdbi-perl_1.42.orig.tar.gz

Size/MD5: 348167 ca8c8a1a4797d98121b41c1d0a5b3b7c

amd64 architecture (Athlon64, Opteron, EM64T Xeon)


http://security.ubuntu.com/ubuntu/pool/main/libd/libdbi-perl/libdbi-perl_1.42-3ubuntu0.1_amd64.deb

Size/MD5: 575324 487ed69858f7a4d6b0bc4810ea9b99ec

i386 architecture (x86 compatible Intel/AMD)


http://security.ubuntu.com/ubuntu/pool/main/libd/libdbi-perl/libdbi-perl_1.42-3ubuntu0.1_i386.deb

Size/MD5: 573900 eb99ce7af5c6c89bdc969210107807ae

powerpc architecture (Apple Macintosh G3/G4/G5)


http://security.ubuntu.com/ubuntu/pool/main/libd/libdbi-perl/libdbi-perl_1.42-3ubuntu0.1_powerpc.deb

Size/MD5: 577426 58c6f55a93ba0081a0737d16449a0dc8


Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis