[ Thanks to SOT Linux
Security Team for these advisories. ]
SOT Linux Security Advisory
| Subject: | Updated unzip package for SOT Linux 2003 |
| Advisory ID: | SLSA-2003:32 |
| Date: | Friday, August 15, 2003 |
| Product: | SOT Linux 2003 |
1. Problem description
The unzip utility is used for manipulating archives, which are
multiple files stored inside of a single file.
A vulnerabilitiy in unzip version 5.50 and earlier allows
attackers to overwrite arbitrary files during archive extraction by
placing invalid (non-printable) characters between two “.”
characters. These non-printable characters are filtered, resulting
in a “..” sequence. The Common Vulnerabilities and Exposures
project (cve.mitre.org/) has
assigned the name CAN-2003-0282 to this issue.
This erratum includes a patch ensuring that non-printable
characters do not make it possible for a malicious .zip file to
write to parent directories unless the “-:” command line parameter
is specified.
Users of unzip are advised to upgrade to these updated packages,
which are not vulnerable to this issue.
2. Updated packages
SOT Linux 2003 Desktop:
i386:
ftp://ftp.sot.com/updates/2003/Desktop/i386/unzip-5.50-2.i386.rpm
SRPMS:
ftp://ftp.sot.com/updates/2003/Desktop/SRPMS/unzip-5.50-2.src.rpm
SOT Linux 2003 Server:
i386:
ftp://ftp.sot.com/updates/2003/Server/i386/unzip-5.50-2.i386.rpm
SRPMS:
ftp://ftp.sot.com/updates/2003/Server/SRPMS/unzip-5.50-2.src.rpm
3. Upgrading package
Before applying this update, make sure all previously released
errata relevant to your system have been applied.
Use up2date to automatically upgrade the fixed packages.
If you want to upgrade manually, download the updated package
from the SOT Linux FTP site (use the links above) or from one of
our mirrors.
If you want to upgrade manually, download the updated package
from the SOT Linux FTP site (use the links above) or from one of
our mirrors. The list of mirrors can be obtained at www.sot.com/en/linux
Update the package with the following command: rpm -Uvh
<filename>
4. Verification
All packages are PGP signed by SOT for security.
You can verify each package with the following command: rpm
–checksig <filename>
If you wish to verify the integrity of the downloaded package,
run “md5sum <filename>” and compare the output with data
given below.
Package Name MD5 sum
/Desktop/i386/unzip-5.50-2.i386.rpm
914f127fdf500f5c6705975de7e133bf
/Desktop/SRPMS/unzip-5.50-2.src.rpm
bd58909ecb7fb184e7ffe59d93afcaf2
/Server/i386/unzip-5.50-2.i386.rpm
914f127fdf500f5c6705975de7e133bf
/Server/SRPMS/unzip-5.50-2.src.rpm bd58909ecb7fb184e7ffe59d93afcaf2
5. References
http://marc.theaimsgroup.com/?l=bugtraq&m=105259038503175
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0282
Copyright(c) 2001-2003 SOT
You can view other update advisories for SOT Linux 2003 at:
http://www.sot.com/en/linux/sa/
SOT Linux Security Advisory
| Subject: | Updated stunnel package for SOT Linux 2003 |
| Advisory ID: | SLSA-2003:33 |
| Date: | Friday, August 15, 2003 |
| Product: | SOT Linux 2003 |
1. Problem description
Stunnel is an SSL wrapper able to act as an SSL client or
server, enabling non-SSL aware applications and servers to utilize
SSL encryption.
Dan Boneh and David Brumley have successfully implemented an RSA
timing attack against OpenSSL-enabled SSL software, including
Stunnel. Their writeup is available at http://crypto.stanford.edu/~dabo/abstracts/ssl-timing.html
If you use an RSA key for an SSL server, a determined cracker
could eventually determine your key. This could be used to
impersonate your server via a man-in-the-middle attack, or to
decrypt all SSL connections between client and server that can be
sniffed/etc from the cracker’s location.
All users are urged to upgrade to these errata packages.
NOTE: After upgrading, any instances of stunnel configured to
run in daemon mode should be restarted, and any active network
connections that are NOTE: After upgrading, any instances of
stunnel configured to run in daemon mode should be restarted, and
any active network connections that are currently being serviced by
stunnel should be terminated and reestablished.
2. Updated packages
SOT Linux 2003 Desktop:
i386:
ftp://ftp.sot.com/updates/2003/Desktop/i386/stunnel-4.04-5.i386.rpm
SRPMS:
ftp://ftp.sot.com/updates/2003/Desktop/SRPMS/stunnel-4.04-5.src.rpm
SOT Linux 2003 Server:
i386:
ftp://ftp.sot.com/updates/2003/Server/i386/stunnel-4.04-5.i386.rpm
SRPMS:
ftp://ftp.sot.com/updates/2003/Server/SRPMS/stunnel-4.04-5.src.rpm
3. Upgrading package
Before applying this update, make sure all previously released
errata relevant to your system have been applied.
Use up2date to automatically upgrade the fixed packages.
If you want to upgrade manually, download the updated package
from the SOT Linux FTP site (use the links above) or from one of
our mirrors. The list of mirrors can be obtained at www.sot.com/en/linux
Update the package with the following command: rpm -Uvh
<filename>
4. Verification
All packages are PGP signed by SOT for security.
You can verify each package with the following command: rpm
–checksig <filename>
If you wish to verify the integrity of the downloaded package,
run “md5sum <filename>” and compare the output with data
given below.
Package Name MD5 sum
/Desktop/i386/stunnel-4.04-5.i386.rpm
6cab14f375ea2e03ae0a50c8c3e5fd3e
/Desktop/SRPMS/stunnel-4.04-5.src.rpm
737b6b5a6eddd9b3cd8a30b597d3507a
/Server/i386/stunnel-4.04-5.i386.rpm
6cab14f375ea2e03ae0a50c8c3e5fd3e
/Server/SRPMS/stunnel-4.04-5.src.rpm
737b6b5a6eddd9b3cd8a30b597d3507a
5. References
http://www.stunnel.org/patches/desc/blinding-4.x_bri.html
Copyright(c) 2001-2003 SOT
You can view other update advisories for SOT Linux 2003 at:
http://www.sot.com/en/linux/sa/