Fedora Core
Fedora Update Notification
FEDORA-2005-001
2005-01-06
Product : Fedora Core 2
Name : exim
Version : 4.43
Release : 1.FC2.1
Summary : The exim mail transfer agent
Description :
Exim is a mail transport agent (MTA) developed at the University of
Cambridge for use on Unix systems connected to the Internet. In
style it is similar to Smail 3, but its facilities are more
extensive, and in particular it has options for verifying incoming
sender and recipient addresses, for refusing mail from specified
hosts, networks, or senders, and for controlling mail relaying.
Exim is in production use at quite a few sites, some of which move
hundreds of thousands of messages per day.
Exiscan is compiled in to allow inbuilt scanning capability.
See
http://duncanthrax.net/exiscan-acl/
Update Information:
This erratum fixes two relatively minor security issues which
were discovered in Exim in the last few weeks. The Common
Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the names
CAN-2005-0021 and CAN-2005-0022 to these, respectively.
- The function host_aton() can overflow a buffer if it is
presented with an illegal IPv6 address that has more than 8
components. - The second report described a buffer overflow in the function
spa_base64_to_bits(), which is part of the code for SPA
authentication. This code originated in the Samba project. The
overflow can be exploited only if you are using SPA
authentication.
- Tue Jan 04 2005 David Woodhouse <[email protected]> 4.43-1.FC2.1
- Fix buffer overflows (CAN-2005-0021, CAN-2005-0022)
- Demonstrate SASL auth configuration in default config file
- Enable TLS and provide certificate if necessary
- Don’t reject all GB2312 charset mail by default
- Thu Oct 07 2004 Thomas Woerner <[email protected]> 4.43-1
- new version 4.43 with sasl support
- new exiscan-acl-4.43-28
- new config.samples and FAQ-html (added publication date)
- new BuildRequires for cyrus-sasl-devel openldap-devel
openssl-devel and PreReq for cyrus-sasl openldap openssl
- Mon Sep 13 2004 Thomas Woerner <[email protected]> 4.42-2
- update to sa-exim-4.1: fixes spamassassin’s new score=3D string
(#131796)
- update to sa-exim-4.1: fixes spamassassin’s new score=3D string
- Fri Aug 27 2004 Thomas Woerner <[email protected]> 4.42-1
- new version 4.42
- Mon Aug 02 2004 Thomas Woerner <[email protected]> 4.41-1
- new version 4.41
- Fri Jul 02 2004 Thomas Woerner <[email protected]> 4.34-3
- added pre-definition of local_delivery using Cyrus-IMAP
(#122912) - added BuildRequires for pam-devel (#124555)
- fixed format string bugs (#125117)
- fixed sa-exim code placed wrong in spec file (#127102)
- extended postun with alternatives call
- added pre-definition of local_delivery using Cyrus-IMAP
- Tue Jun 15 2004 Elliot Lee <[email protected]>
- rebuilt
- Wed May 12 2004 David Woodhouse <[email protected]> 4.34-1
- Update to Exim 4.34, exiscan-acl 4.34-21
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/
c962c75145017206cde8c67fd7a56eb7
SRPMS/exim-4.43-1.FC2.1.src.rpm
a533e222f4ff2beb0536daf177def1b8
x86_64/exim-4.43-1.FC2.1.x86_64.rpm
c0639fcca5b8bbca2e753155a2c34532
x86_64/exim-mon-4.43-1.FC2.1.x86_64.rpm
7fe11efcfb57bf044d0bf2f09c53f6f2
x86_64/exim-doc-4.43-1.FC2.1.x86_64.rpm
b28149b3e7e2fed0dee72e30ad39a52b
x86_64/exim-sa-4.43-1.FC2.1.x86_64.rpm
283a93d612b65e2a514ba6fc8131677d
x86_64/debug/exim-debuginfo-4.43-1.FC2.1.x86_64.rpm
f2d1181933fa6f6b34cd1ae71bee16a4
i386/exim-4.43-1.FC2.1.i386.rpm
628be45b2a947f7579c4dd068ac45bf1
i386/exim-mon-4.43-1.FC2.1.i386.rpm
16f125efa84916c076586c01ba6d4e8c
i386/exim-doc-4.43-1.FC2.1.i386.rpm
c94d60d7d71b6dffe3a06967c45ce79f
i386/exim-sa-4.43-1.FC2.1.i386.rpm
e7233593925bf8a0003a9ca7c74c2bdd
i386/debug/exim-debuginfo-4.43-1.FC2.1.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the ‘up2date’ command.
Fedora Update Notification
FEDORA-2005-001
2005-01-06
Product : Fedora Core 3
Name : exim
Version : 4.43
Release : 1.FC3.1
Summary : The exim mail transfer agent
Description :
Exim is a mail transport agent (MTA) developed at the University of
Cambridge for use on Unix systems connected to the Internet. In
style it is similar to Smail 3, but its facilities are more
extensive, and in particular it has options for verifying incoming
sender and recipient addresses, for refusing mail from specified
hosts, networks, or senders, and for controlling mail relaying.
Exim is in production use at quite a few sites, some of which move
hundreds of thousands of messages per day.
Exiscan is compiled in to allow inbuilt scanning capability.
See
http://duncanthrax.net/exiscan-acl/
Update Information:
This erratum fixes two relatively minor security issues which
were discovered in Exim in the last few weeks. The Common
Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the names
CAN-2005-0021 and CAN-2005-0022 to these, respectively.
- The function host_aton() can overflow a buffer if it is
presented with an illegal IPv6 address that has more than 8
components. - The second report described a buffer overflow in the function
spa_base64_to_bits(), which is part of the code for SPA
authentication. This code originated in the Samba project. The
overflow can be exploited only if you are using SPA
authentication.
- Tue Jan 04 2005 David Woodhouse <[email protected]> 4.43-1.FC3.1
- Fix buffer overflows (CAN-2005-0021, CAN-2005-0022)
- Demonstrate SASL auth configuration in default config file
- Enable TLS and provide certificate if necessary
- Don’t reject all GB2312 charset mail by default
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/
f4cafadca104a85ff5f31cbf5ca4c4f1
SRPMS/exim-4.43-1.FC3.1.src.rpm
3412f5b4cf40ad504dbaf2b7e2fffa62
x86_64/exim-4.43-1.FC3.1.x86_64.rpm
1446c41e65cfd6f15ae60b969ab3d20c
x86_64/exim-mon-4.43-1.FC3.1.x86_64.rpm
e71be8446d9e4d250ca40a41c2d7b49a
x86_64/exim-doc-4.43-1.FC3.1.x86_64.rpm
1d515c5be494e657333549f72f4621e2
x86_64/exim-sa-4.43-1.FC3.1.x86_64.rpm
bcd320d0c2f88911a3ccc02b95cb2843
x86_64/debug/exim-debuginfo-4.43-1.FC3.1.x86_64.rpm
7c2205113fe3285a76b797748845548b
i386/exim-4.43-1.FC3.1.i386.rpm
8227e5701319639057b951bc45bbecf8
i386/exim-mon-4.43-1.FC3.1.i386.rpm
3b7e2741f4208757e92ab2d228b1fe8a
i386/exim-doc-4.43-1.FC3.1.i386.rpm
4e5cbfea028184d6710443a3c0e79c29
i386/exim-sa-4.43-1.FC3.1.i386.rpm
9c2c6e5d633104ca71bf80b062e9f0a2
i386/debug/exim-debuginfo-4.43-1.FC3.1.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the ‘up2date’ command.
Updates for the PowerPC architecture are also available from the
yum repository at the following address:
ftp://ftp.uk.linux.org/pub/people/dwmw2/fc3-updates-ppc/
Fedora Update Notification
FEDORA-2004-584
2005-01-06
Product : Fedora Core 2
Name : tetex
Version : 2.0.2
Release : 14FC2.1
Summary : The TeX text formatting system.
Description :
TeTeX is an implementation of TeX for Linux or UNIX systems. TeX
takes a text file and a set of formatting commands as input and
creates a typesetter-independent .dvi (DeVice Independent) file as
output. Usually, TeX is used in conjunction with a higher level
formatting package like LaTeX or PlainTeX, since TeX by itself is
not very user-friendly.
Install tetex if you want to use the TeX text formatting system.
If you are installing tetex, you will also need to install
tetex-afm (a PostScript(TM) font converter for TeX), tetex-dvips
(for converting .dvi files to PostScript format for printing on
PostScript printers), tetex-latex (a higher level formatting
package which provides an easier-to-use interface for TeX), and
tetex-xdvi (for previewing .dvi files in X). Unless you are an
expert at using TeX, you should also install the tetex-doc package,
which includes the documentation for TeX.
Update Information:
The updated tetex package fixes a buffer overflow which allows
attackers to cause the internal xpdf library used by applications
in tetex to crash, and possibly to execute arbitrary code. The
Common Vulnerabilities and Exposures projects (cve.mitre.org/) has assigned the name
CAN-2004-1125 to this issue.
- Tue Nov 09 2004 Jindrich Novy <[email protected]> 2.0.2-14FC2.1
- Fix CAN-2004-1125 xpdf overflows.
- Tue Nov 09 2004 Jindrich Novy <[email protected]> 2.0.2-14FC2
- Add xpdf overflow security patch (CESA-2004-007)
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/
14bcf3cb94172a8fec405166e904f477
SRPMS/tetex-2.0.2-14FC2.1.src.rpm
cf4249542063afad9a64849fa6a5c3b8
x86_64/tetex-2.0.2-14FC2.1.x86_64.rpm
64b36e00a314bfe8e832708364c449ec
x86_64/tetex-latex-2.0.2-14FC2.1.x86_64.rpm
662f8c9f9c36e8a2ac646ec4a662b358
x86_64/tetex-xdvi-2.0.2-14FC2.1.x86_64.rpm
56ae4a2055677d35a08df45aa203dedc
x86_64/tetex-dvips-2.0.2-14FC2.1.x86_64.rpm
3b08fda494d8db9b182b267c5fac65fc
x86_64/tetex-afm-2.0.2-14FC2.1.x86_64.rpm
60b41eb32432ae86eb161e6acbd21312
x86_64/tetex-fonts-2.0.2-14FC2.1.x86_64.rpm
681d654ae8d1487ddc63d2ac664125fc
x86_64/tetex-doc-2.0.2-14FC2.1.x86_64.rpm
00f7a420bd92d74d7ce6727dbd75e3a2
x86_64/debug/tetex-debuginfo-2.0.2-14FC2.1.x86_64.rpm
dc2bd2ee63df05de037bd49d253c4def
i386/tetex-2.0.2-14FC2.1.i386.rpm
e3159dfd0e43c77b9af20a5bec5b8f2e
i386/tetex-latex-2.0.2-14FC2.1.i386.rpm
f23a92930c01795278a1adf6376970a5
i386/tetex-xdvi-2.0.2-14FC2.1.i386.rpm
c8de010d4e7ab324a834bbaedfa7fc7f
i386/tetex-dvips-2.0.2-14FC2.1.i386.rpm
eb9d19121ac9eb703691dc2273593109
i386/tetex-afm-2.0.2-14FC2.1.i386.rpm
b3cc536693c014a3d3e0b8dea88486bd
i386/tetex-fonts-2.0.2-14FC2.1.i386.rpm
f6f5895547d91f495fc84c434ae766d0
i386/tetex-doc-2.0.2-14FC2.1.i386.rpm
28d7cde3b110ea601322898d100f1d91
i386/debug/tetex-debuginfo-2.0.2-14FC2.1.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the ‘up2date’ command.
Fedora Update Notification
FEDORA-2004-585
2005-01-06
Product : Fedora Core 3
Name : tetex
Version : 2.0.2
Release : 21.2
Summary : The TeX text formatting system.
Description :
TeTeX is an implementation of TeX for Linux or UNIX systems. TeX
takes a text file and a set of formatting commands as input and
creates a typesetter-independent .dvi (DeVice Independent) file as
output. Usually, TeX is used in conjunction with a higher level
formatting package like LaTeX or PlainTeX, since TeX by itself is
not very user-friendly.
Install tetex if you want to use the TeX text formatting system.
If you are installing tetex, you will also need to install
tetex-afm (a PostScript(TM) font converter for TeX), tetex-dvips
(for converting .dvi files to PostScript format for printing on
PostScript printers), tetex-latex (a higher level formatting
package which provides an easier-to-use interface for TeX), and
tetex-xdvi (for previewing .dvi files in X). Unless you are an
expert at using TeX, you should also install the tetex-doc package,
which includes the documentation for TeX.
Update Information:
The updated tetex package fixes a buffer overflow which allows
attackers to cause the internal xpdf library used by applications
in tetex to crash, and possibly to execute arbitrary code. The
Common Vulnerabilities and Exposures projects (cve.mitre.org/) has assigned the name
CAN-2004-1125 to this issue.
- Mon Dec 27 2004 Jindrich Novy <[email protected]> 2.0.2-21.2
- Fix CAN-2004-1125 xpdf overflow
- Tue Nov 02 2004 Jindrich Novy <[email protected]> 2.0.2-21.1
- Add xpdf overflow security patch (CESA-2004-007)
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/
eeffe10a8d42f6269f2e7a9225b76108
SRPMS/tetex-2.0.2-21.2.src.rpm
2e3fe2e80094656b2a571b424f3bc002
x86_64/tetex-2.0.2-21.2.x86_64.rpm
e8fac4727a41f4cd97442e2e84fcc188
x86_64/tetex-latex-2.0.2-21.2.x86_64.rpm
94c4217e1b73293706b45880fbc72e39
x86_64/tetex-xdvi-2.0.2-21.2.x86_64.rpm
aef9eb3e2c213e6512b6c63c767893e0
x86_64/tetex-dvips-2.0.2-21.2.x86_64.rpm
b978a97c56edd0f8473646553912292f
x86_64/tetex-afm-2.0.2-21.2.x86_64.rpm
a350d6ebb4130fc67584f9dcb9aa8b34
x86_64/tetex-fonts-2.0.2-21.2.x86_64.rpm
a6435f2dadbce2192226bf1d6c751f7b
x86_64/tetex-doc-2.0.2-21.2.x86_64.rpm
94442d1626174498758f2f7999c31b1d
x86_64/debug/tetex-debuginfo-2.0.2-21.2.x86_64.rpm
e47da926c1a225d73724786e1d708989 i386/tetex-2.0.2-21.2.i386.rpm
774fa2bd414a297a92101000d5f3a980
i386/tetex-latex-2.0.2-21.2.i386.rpm
83e020d800b3d6faee79f4955c148083
i386/tetex-xdvi-2.0.2-21.2.i386.rpm
c4e3699330d79b05b99ffedb22ee6f2a
i386/tetex-dvips-2.0.2-21.2.i386.rpm
50fd2ac5818c548f7749e73b11f86b6b
i386/tetex-afm-2.0.2-21.2.i386.rpm
584b54a8d6c2241b49b9b7e38e7c0268
i386/tetex-fonts-2.0.2-21.2.i386.rpm
d151205d1990b1a09641e279e7f10aa3
i386/tetex-doc-2.0.2-21.2.i386.rpm
58f207404845c4de68c7ce0658d606e8
i386/debug/tetex-debuginfo-2.0.2-21.2.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the ‘up2date’ command.
Debian GNU/Linux
Debian Security Advisory DSA 627-1 [email protected]
http://www.debian.org/security/
Martin Schulze
January 6th, 2005 http://www.debian.org/security/faq
Package : namazu2
Vulnerability : unsanitised input
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2004-1318
A cross-site scripting vulnerability has been discovered in
namazu2, a full text search engine. An attacker could prepare
specially crafted input that would not be sanitised by namazu2 and
hence displayed verbatim for the victim.
For the stable distribution (woody) this problem has been fixed
in version 2.0.10-1woody3.
For the unstable distribution (sid) this problem has been fixed
in version 2.0.14-1.
We recommend that you upgrade your namazu2 package.
Upgrade Instructions
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.0 alias woody
Source archives:
http://security.debian.org/pool/updates/main/n/namazu2/namazu2_2.0.10-1woody3.dsc
Size/MD5 checksum: 729 55d9af5c2d7acce5eb762335e51da150
http://security.debian.org/pool/updates/main/n/namazu2/namazu2_2.0.10-1woody3.diff.gz
Size/MD5 checksum: 10026 c47888f62795d22e2e82c2078e75583e
http://security.debian.org/pool/updates/main/n/namazu2/namazu2_2.0.10.orig.tar.gz
Size/MD5 checksum: 833838 85892f930e5ef694f39469f136f484b4
Architecture independent components:
http://security.debian.org/pool/updates/main/n/namazu2/namazu2-common_2.0.10-1woody3_all.deb
Size/MD5 checksum: 57566 2619b0261f7c78f567c5b57bc7134709
http://security.debian.org/pool/updates/main/n/namazu2/namazu2-index-tools_2.0.10-1woody3_all.deb
Size/MD5 checksum: 78724 0caddc9af184cdd666f3cb8e4b86a38d
Alpha architecture:
http://security.debian.org/pool/updates/main/n/namazu2/libnmz3_2.0.10-1woody3_alpha.deb
Size/MD5 checksum: 116832 4729657782021cc31cd560b8e5d7eb41
http://security.debian.org/pool/updates/main/n/namazu2/libnmz3-dev_2.0.10-1woody3_alpha.deb
Size/MD5 checksum: 144424 a15b70d1f03ff9861e533230790718f1
http://security.debian.org/pool/updates/main/n/namazu2/namazu2_2.0.10-1woody3_alpha.deb
Size/MD5 checksum: 282454 59f32b2d66a1350f373647d1f66569f6
ARM architecture:
http://security.debian.org/pool/updates/main/n/namazu2/libnmz3_2.0.10-1woody3_arm.deb
Size/MD5 checksum: 105864 09deb2f4befbcf66c28ec9cdd4284b94
http://security.debian.org/pool/updates/main/n/namazu2/libnmz3-dev_2.0.10-1woody3_arm.deb
Size/MD5 checksum: 124170 5c6ff41c3591f8da3fda507b7cfb1d15
http://security.debian.org/pool/updates/main/n/namazu2/namazu2_2.0.10-1woody3_arm.deb
Size/MD5 checksum: 264236 1914b11a284327e358d25f7f45522c4b
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/n/namazu2/libnmz3_2.0.10-1woody3_i386.deb
Size/MD5 checksum: 103678 7eb33aebb6d18620f39bca6b39491f5c
http://security.debian.org/pool/updates/main/n/namazu2/libnmz3-dev_2.0.10-1woody3_i386.deb
Size/MD5 checksum: 117564 be97133d3c04355444fedafaf08b8d72
http://security.debian.org/pool/updates/main/n/namazu2/namazu2_2.0.10-1woody3_i386.deb
Size/MD5 checksum: 254140 fcd5ae7c0cbd72a3fe79efb23545d8d6
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/n/namazu2/libnmz3_2.0.10-1woody3_ia64.deb
Size/MD5 checksum: 132674 54adcfa851a138b9f5f1ae96cb7e51c3
http://security.debian.org/pool/updates/main/n/namazu2/libnmz3-dev_2.0.10-1woody3_ia64.deb
Size/MD5 checksum: 150578 26c7c95f53e6dc9905e84f59103cfa24
http://security.debian.org/pool/updates/main/n/namazu2/namazu2_2.0.10-1woody3_ia64.deb
Size/MD5 checksum: 296226 55d76574ec6153ce8b0ac3c0ccb47d1f
HP Precision architecture:
http://security.debian.org/pool/updates/main/n/namazu2/libnmz3_2.0.10-1woody3_hppa.deb
Size/MD5 checksum: 112816 155828c8655c08ea416827df8459ea43
http://security.debian.org/pool/updates/main/n/namazu2/libnmz3-dev_2.0.10-1woody3_hppa.deb
Size/MD5 checksum: 133528 af9255851e8a929e47825967bd014bbf
http://security.debian.org/pool/updates/main/n/namazu2/namazu2_2.0.10-1woody3_hppa.deb
Size/MD5 checksum: 274078 aea2d08e925a2812a9eea146cc218385
Motorola 680×0 architecture:
http://security.debian.org/pool/updates/main/n/namazu2/libnmz3_2.0.10-1woody3_m68k.deb
Size/MD5 checksum: 100310 f7725c1c8fe62804a0fe39640ae9115b
http://security.debian.org/pool/updates/main/n/namazu2/libnmz3-dev_2.0.10-1woody3_m68k.deb
Size/MD5 checksum: 112702 f386f191a54c984b4267e358ab4be654
http://security.debian.org/pool/updates/main/n/namazu2/namazu2_2.0.10-1woody3_m68k.deb
Size/MD5 checksum: 261686 4b4a86ae53e1fdc86eb00d8cb16ed014
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/n/namazu2/libnmz3_2.0.10-1woody3_mips.deb
Size/MD5 checksum: 105814 b7c1fd14d53989ea2c90731b3f959799
http://security.debian.org/pool/updates/main/n/namazu2/libnmz3-dev_2.0.10-1woody3_mips.deb
Size/MD5 checksum: 131316 51889c3007f3ee41dea8fd7a3c3ec274
http://security.debian.org/pool/updates/main/n/namazu2/namazu2_2.0.10-1woody3_mips.deb
Size/MD5 checksum: 271730 c2477168d829487189dd6d8b1ce6ff67
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/n/namazu2/libnmz3_2.0.10-1woody3_mipsel.deb
Size/MD5 checksum: 106256 668f8ba923e5d08d5c87a4a5f74740a7
http://security.debian.org/pool/updates/main/n/namazu2/libnmz3-dev_2.0.10-1woody3_mipsel.deb
Size/MD5 checksum: 131404 9f3061b682909c5c5913e699adba864f
http://security.debian.org/pool/updates/main/n/namazu2/namazu2_2.0.10-1woody3_mipsel.deb
Size/MD5 checksum: 271884 a971c52803427dd47275884f7ba3f0d7
PowerPC architecture:
http://security.debian.org/pool/updates/main/n/namazu2/libnmz3_2.0.10-1woody3_powerpc.deb
Size/MD5 checksum: 108332 c07f0b023e9f181b967d3e7df0de14d3
http://security.debian.org/pool/updates/main/n/namazu2/libnmz3-dev_2.0.10-1woody3_powerpc.deb
Size/MD5 checksum: 130170 76acd402967c90fbc70f8ae896a4d04f
http://security.debian.org/pool/updates/main/n/namazu2/namazu2_2.0.10-1woody3_powerpc.deb
Size/MD5 checksum: 268662 76cab38114df6c859268dff7c88e19c7
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/n/namazu2/libnmz3_2.0.10-1woody3_s390.deb
Size/MD5 checksum: 105502 db1d1c167293cbf66903e6dd02723c39
http://security.debian.org/pool/updates/main/n/namazu2/libnmz3-dev_2.0.10-1woody3_s390.deb
Size/MD5 checksum: 119206 384c7333574c8215efa3ccb5e6d38f28
http://security.debian.org/pool/updates/main/n/namazu2/namazu2_2.0.10-1woody3_s390.deb
Size/MD5 checksum: 267478 d7916aaa85f57b5ce58233b8ea1ca723
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/n/namazu2/libnmz3_2.0.10-1woody3_sparc.deb
Size/MD5 checksum: 109758 5f5895fa7dc160572f03554e67511673
http://security.debian.org/pool/updates/main/n/namazu2/libnmz3-dev_2.0.10-1woody3_sparc.deb
Size/MD5 checksum: 124550 a6865ee432d9456e6f441f97e5630905
http://security.debian.org/pool/updates/main/n/namazu2/namazu2_2.0.10-1woody3_sparc.deb
Size/MD5 checksum: 266456 61629bca08f4d73a00998fe3071757d8
These files will probably be moved into the stable distribution
on its next update.
Debian Security Advisory DSA 628-1 [email protected]
http://www.debian.org/security/
Martin Schulze January 6th, 2005 http://www.debian.org/security/faq
Package : imlib2
Vulnerability : integer overflows
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2004-1026
Pavel Kankovsky discovered that several overflows found in the
libXpm library were also present in imlib and imlib2, imaging
libraries for X11. An attacker could create a carefully crafted
image file in such a way that it could cause an application linked
with imlib or imlib2 to execute arbitrary code when the file was
opened by a victim. The Common Vulnerabilities and Exposures
project identifies the following problems:
CAN-2004-1025
Multiple heap-based buffer overflows. No such code is present in
imlib2.
CAN-2004-1026
Multiple integer overflows in the imlib library.
For the stable distribution (woody) these problems have been
fixed in version 1.0.5-2woody2.
For the unstable distribution (sid) these problems will be fixed
soon.
We recommend that you upgrade your imlib2 packages.
Upgrade Instructions
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.0 alias woody
Source archives:
http://security.debian.org/pool/updates/main/i/imlib2/imlib2_1.0.5-2woody2.dsc
Size/MD5 checksum: 733 6f6e8508b5b630a86f9efcfecde7def4
http://security.debian.org/pool/updates/main/i/imlib2/imlib2_1.0.5-2woody2.diff.gz
Size/MD5 checksum: 24428 a564f25fde0c5b0cabcc09d5b5159535
http://security.debian.org/pool/updates/main/i/imlib2/imlib2_1.0.5.orig.tar.gz
Size/MD5 checksum: 688261 3b1a80c95ff2a4cfb3bce49e27d94461
Alpha architecture:
http://security.debian.org/pool/updates/main/i/imlib2/libimlib2_1.0.5-2woody2_alpha.deb
Size/MD5 checksum: 191216 5fb5991f4fb1239e5f1cd0c1a7d969bf
http://security.debian.org/pool/updates/main/i/imlib2/libimlib2-dev_1.0.5-2woody2_alpha.deb
Size/MD5 checksum: 483026 cdf1447ba093954a4d99bec1d04aecb9
ARM architecture:
http://security.debian.org/pool/updates/main/i/imlib2/libimlib2_1.0.5-2woody2_arm.deb
Size/MD5 checksum: 165194 2c7d609e7f2777a118be441b7379ec49
http://security.debian.org/pool/updates/main/i/imlib2/libimlib2-dev_1.0.5-2woody2_arm.deb
Size/MD5 checksum: 440948 601854f35385592e7c3daeda7c6e946b
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/i/imlib2/libimlib2_1.0.5-2woody2_i386.deb
Size/MD5 checksum: 149446 51b598088378311845699e97e480f88d
http://security.debian.org/pool/updates/main/i/imlib2/libimlib2-dev_1.0.5-2woody2_i386.deb
Size/MD5 checksum: 403528 ffbb69fee4cf35317c63813e86153173
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/i/imlib2/libimlib2_1.0.5-2woody2_ia64.deb
Size/MD5 checksum: 246832 aefd120663f3d66136a295fb2834ebc4
http://security.debian.org/pool/updates/main/i/imlib2/libimlib2-dev_1.0.5-2woody2_ia64.deb
Size/MD5 checksum: 508434 06f35a685680b023cd403c35b7ae423f
HP Precision architecture:
http://security.debian.org/pool/updates/main/i/imlib2/libimlib2_1.0.5-2woody2_hppa.deb
Size/MD5 checksum: 193598 f5d1aa5591f46bf7cc0a4991ebf17b57
http://security.debian.org/pool/updates/main/i/imlib2/libimlib2-dev_1.0.5-2woody2_hppa.deb
Size/MD5 checksum: 467452 1692700274cf6db934c3e8eada86e0ca
Motorola 680×0 architecture:
http://security.debian.org/pool/updates/main/i/imlib2/libimlib2_1.0.5-2woody2_m68k.deb
Size/MD5 checksum: 149362 b7b490352539282cb496fe0033f1510c
http://security.debian.org/pool/updates/main/i/imlib2/libimlib2-dev_1.0.5-2woody2_m68k.deb
Size/MD5 checksum: 402692 2d2848f5df47b51e6731e63d2e3f4a61
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/i/imlib2/libimlib2_1.0.5-2woody2_mips.deb
Size/MD5 checksum: 158132 8fa35f404b87dc55a85b9f864c60dd3b
http://security.debian.org/pool/updates/main/i/imlib2/libimlib2-dev_1.0.5-2woody2_mips.deb
Size/MD5 checksum: 447340 d7260c65edee790294ca5abe78ed8ea9
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/i/imlib2/libimlib2_1.0.5-2woody2_mipsel.deb
Size/MD5 checksum: 157308 ca665733cf4f1bba438d4e8c1dc2b2d3
http://security.debian.org/pool/updates/main/i/imlib2/libimlib2-dev_1.0.5-2woody2_mipsel.deb
Size/MD5 checksum: 439724 910d1d3f6d92c33229046a07780e52d1
PowerPC architecture:
http://security.debian.org/pool/updates/main/i/imlib2/libimlib2_1.0.5-2woody2_powerpc.deb
Size/MD5 checksum: 168694 cd8efd37e1b4c99790676b7859f7d655
http://security.debian.org/pool/updates/main/i/imlib2/libimlib2-dev_1.0.5-2woody2_powerpc.deb
Size/MD5 checksum: 443648 f0cd41775ea1e80875e4109662408e52
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/i/imlib2/libimlib2_1.0.5-2woody2_s390.deb
Size/MD5 checksum: 169030 8200d4599577df133a9a944786e958e7
http://security.debian.org/pool/updates/main/i/imlib2/libimlib2-dev_1.0.5-2woody2_s390.deb
Size/MD5 checksum: 421472 f7fc3deb38b061fb5e6bd1f448dea617
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/i/imlib2/libimlib2_1.0.5-2woody2_sparc.deb
Size/MD5 checksum: 166290 96777c27912c44e1ca40089cca0a5453
http://security.debian.org/pool/updates/main/i/imlib2/libimlib2-dev_1.0.5-2woody2_sparc.deb
Size/MD5 checksum: 434848 edc14a5c15cab67eaa1b7cf50ae28450
These files will probably be moved into the stable distribution
on its next update.
For apt-get: deb http://security.debian.org/
stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security
dists/stable/updates/main
Mailing list: [email protected]
Package info: `apt-cache show <pkg>’ and http://packages.debian.org/<pkg>
Gentoo Linux
Gentoo Linux Security Advisory GLSA 200501-10
Severity: Normal
Title: Vilistextum: Buffer overflow vulnerability
Date: January 06, 2005
Bugs: #74694
ID: 200501-10
Synopsis
Vilistextum is vulnerable to a buffer overflow that allows an
attacker to execute arbitrary code through the use of a malicious
webpage.
Background
Vilistextum is an HTML to text converter.
Affected packages
Package / Vulnerable / Unaffected
1 app-text/vilistextum < 2.6.7 >= 2.6.7
Description
Ariel Berkman discovered that Vilistextum unsafely reads data
into an array without checking the length. This code vulnerability
may lead to a buffer overflow.
Impact
A remote attacker could craft a malicious webpage which, when
converted, would result in the execution of arbitrary code with the
rights of the user running Vilistextum.
Workaround
There is no known workaround at this time.
Resolution
All Vilistextum users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/vilistextum-2.6.7"
References
[ 1 ] Original Advisory
http://tigger.uic.edu/~jlongs2/holes/vilistextum.txt
[ 2 ] CAN-2004-1299
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1299
Availability
This GLSA and any updates to it are available for viewing at the
Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200501-10.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
[email protected] or
alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2005 Gentoo Foundation, Inc; referenced text belongs
to its owner(s).
The contents of this document are licensed under the Creative
Commons – Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.0
Gentoo Linux Security Advisory GLSA 200501-09
Severity: Normal
Title: xzgv: Multiple overflows
Date: January 06, 2005
Bugs: #74069
ID: 200501-09
Synopsis
xzgv contains multiple overflows that may lead to the execution
of arbitrary code.
Background
xzgv is a picture viewer for X, with a thumbnail-based file
selector.
Affected packages
Package / Vulnerable / Unaffected
1 media-gfx/xzgv <= 0.8 >= 0.8-r1
Description
Multiple overflows have been found in the image processing code
of xzgv, including an integer overflow in the PRF parsing code
(CAN-2004-0994).
Impact
An attacker could entice a user to open or browse a
specially-crafted image file, potentially resulting in the
execution of arbitrary code with the rights of the user running
xzgv.
Workaround
There is no known workaround at this time.
Resolution
All xzgv users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=media-gfx/xzgv-0.8-r1"
References
[ 1 ] CAN-2004-0994
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0994
[ 2 ] iDEFENSE Advisory
http://www.idefense.com/application/poi/display?id=160&type=vulnerabilities&flashstatus=true
Availability
This GLSA and any updates to it are available for viewing at the
Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200501-09.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
[email protected] or
alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2005 Gentoo Foundation, Inc; referenced text belongs
to its owner(s).
The contents of this document are licensed under the Creative
Commons – Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.0
Gentoo Linux Security Advisory GLSA 200501-08
Severity: Normal
Title: phpGroupWare: Various vulnerabilities
Date: January 06, 2005
Bugs: #74487
ID: 200501-08
Synopsis
Multiple vulnerabilities have been discovered in phpGroupWare
that could lead to information disclosure or remote compromise.
Background
phpGroupWare is a web-based suite of group applications
including a calendar, todo-list, addressbook, email, wiki, news
headlines, and a file manager.
Affected packages
Package / Vulnerable / Unaffected
1 www-apps/phpgroupware < 0.9.16.004 >= 0.9.16.004
Description
Several flaws were discovered in phpGroupWare making it
vulnerable to cross-site scripting attacks, SQL injection, and full
path disclosure.
Impact
These vulnerabilities could allow an attacker to perform
cross-site scripting attacks, execute SQL queries, and disclose the
full path of the web directory.
Workaround
There is no known workaround at this time.
Resolution
All phpGroupWare users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-apps/phpgroupware-0.9.16.004"
References
[ 1 ] BugTraq Advisory
http://www.securityfocus.com/archive/1/384492
Availability
This GLSA and any updates to it are available for viewing at the
Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200501-08.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
[email protected] or
alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2005 Gentoo Foundation, Inc; referenced text belongs
to its owner(s).
The contents of this document are licensed under the Creative
Commons – Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.0
Gentoo Linux Security Advisory GLSA 200501-07
Severity: Normal
Title: xine-lib: Multiple overflows
Date: January 06, 2005
Bugs: #74475
ID: 200501-07
Synopsis
xine-lib contains multiple overflows potentially allowing
execution of arbitrary code.
Background
xine-lib is a multimedia library which can be utilized to create
multimedia frontends.
Affected packages
Package / Vulnerable / Unaffected
1 media-libs/xine-lib < 1_rc8-r1 >= 1_rc8-r1
*>= 1_rc6-r1
Description
Ariel Berkman discovered that xine-lib reads specific input data
into an array without checking the input size in demux_aiff.c,
making it vulnerable to a buffer overflow (CAN-2004-1300) .
iDefense discovered that the PNA_TAG handling code in
pnm_get_chunk() does not check if the input size is larger than the
buffer size (CAN-2004-1187). iDefense also discovered that in this
same function, a negative value could be given to an unsigned
variable that specifies the read length of input data
(CAN-2004-1188).
Impact
A remote attacker could craft a malicious movie or convince a
targeted user to connect to a malicious PNM server, which could
result in the execution of arbitrary code with the rights of the
user running any xine-lib frontend.
Workaround
There is no known workaround at this time.
Resolution
All xine-lib users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose media-libs/xine-lib
References
[ 1 ] CAN-2004-1187
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1187
[ 2 ] CAN-2004-1188
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1188
[ 3 ] CAN-2004-1300
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1300
[ 4 ] iDefense Advisory
http://www.idefense.com/application/poi/display?id=176&type=vulnerabilities
[ 5 ] iDefense Advisory
http://www.idefense.com/application/poi/display?id=177&type=vulnerabilities
[ 6 ] Ariel Berkman Advisory
http://tigger.uic.edu/~jlongs2/holes/xine-lib.txt
Availability
This GLSA and any updates to it are available for viewing at the
Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200501-07.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
[email protected] or
alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2005 Gentoo Foundation, Inc; referenced text belongs
to its owner(s).
The contents of this document are licensed under the Creative
Commons – Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.0
Gentoo Linux Security Advisory GLSA 200501-06
Severity: Normal
Title: tiff: New overflows in image decoding
Date: January 05, 2005
Bugs: #75213
ID: 200501-06
Synopsis
An integer overflow has been found in the TIFF library image
decoding routines and the tiffdump utility, potentially allowing
arbitrary code execution.
Background
The TIFF library contains encoding and decoding routines for the
Tag Image File Format. It is called by numerous programs, including
GNOME and KDE applications, to interpret TIFF images.
Affected packages
Package / Vulnerable / Unaffected
1 media-libs/tiff < 3.7.1-r1 >= 3.7.1-r1
Description
infamous41md found a potential integer overflow in the directory
entry count routines of the TIFF library (CAN-2004-1308). Dmitry V.
Levin found another similar issue in the tiffdump utility
(CAN-2004-1183).
Impact
A remote attacker could entice a user to view a carefully
crafted TIFF image file, which would potentially lead to execution
of arbitrary code with the rights of the user viewing the image.
This affects any program that makes use of the TIFF library,
including many web browsers or mail readers.
Workaround
There is no known workaround at this time.
Resolution
All TIFF library users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=media-libs/tiff-3.7.1-r1"
References
[ 1 ] CAN-2004-1183
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1183
[ 2 ] CAN-2004-1308
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1308
[ 3 ] iDEFENSE Advisory
http://www.idefense.com/application/poi/display?id=174&type=vulnerabilities
Availability
This GLSA and any updates to it are available for viewing at the
Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200501-06.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
[email protected] or
alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2005 Gentoo Foundation, Inc; referenced text belongs
to its owner(s).
The contents of this document are licensed under the Creative
Commons – Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.0
Gentoo Linux Security Advisory GLSA 200501-05
Severity: High
Title: mit-krb5: Heap overflow in libkadm5srv
Date: January 05, 2005
Bugs: #75143
ID: 200501-05
Synopsis
The MIT Kerberos 5 administration library (libkadm5srv) contains
a heap overflow that could lead to execution of arbitrary code.
Background
MIT krb5 is the free implementation of the Kerberos network
authentication protocol by the Massachusetts Institute of
Technology.
Affected packages
Package / Vulnerable / Unaffected
1 app-crypt/mit-krb5 < 1.3.6 >= 1.3.6
Description
The MIT Kerberos 5 administration library libkadm5srv contains a
heap overflow in the code handling password changing.
Impact
Under specific circumstances an attacker could execute arbitary
code with the permissions of the user running mit-krb5, which could
be the root user.
Workaround
There is no known workaround at this time.
Resolution
All mit-krb5 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-crypt/mit-krb5-1.3.6"
References
[ 1 ] CAN 2004-1189
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1189
Availability
This GLSA and any updates to it are available for viewing at the
Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200501-05.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
[email protected] or
alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2005 Gentoo Foundation, Inc; referenced text belongs
to its owner(s).
The contents of this document are licensed under the Creative
Commons – Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.0
Mandrakelinux
Mandrakelinux Security Update Advisory
Package name: libtiff
Advisory ID: MDKSA-2005:001
Date: January 6th, 2005
Affected versions: 10.0, 10.1, 9.2, Corporate Server 2.1, Multi
Network Firewall 8.2
Problem Description:
Several vulnerabilities have been discovered in the libtiff
package:
iDefense reported the possibility of remote exploitation of an
integer overflow in libtiff that may allow for the execution of
arbitrary code.
The overflow occurs in the parsing of TIFF files set with the
STRIPOFFSETS flag.
iDefense also reported a heap-based buffer overflow
vulnerability within the LibTIFF package could allow attackers to
execute arbitrary code. (CAN-2004-1308)
The vulnerability specifically exists due to insufficient
validation of user-supplied data when calculating the size of a
directory entry.
The updated packages a
re patched to protect against these vulnerabilities.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1183
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1308
Updated Packages:
Mandrakelinux 10.0: