-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
______________________________________________________________________________
SUSE Security Summary Report
Announcement ID: SUSE-SR:2007:013
Date: Fri, 22 Jun 2007 16:00:00 +0000
Cross-References: CVE-2005-2177, CVE-2007-1262, CVE-2007-1804
CVE-2007-2052, CVE-2007-2445, CVE-2007-2500
CVE-2007-2524, CVE-2007-2589, CVE-2007-2756
Content of this advisory:
1) Solved Security Vulnerabilities:
- squirrelmail cross site scripting problems
- OpenOffice_org macro virus "BadBunny"
- Blackdown JDK/JRE
- gnash denial of service
- libpng denial of service
- python memory disclosure
- pulseaudio denial of service
- gd denial of service
- otrs cross site scripting problem
- net-snmp denial of service
2) Pending Vulnerabilities, Solutions, and Work-Arounds:
- Mozilla Firefox 2.0.0.4 update
- file security problems
- freetype2 problems
3) Authenticity Verification and Additional Information
______________________________________________________________________________
1) Solved Security Vulnerabilities
To avoid flooding mailing lists with SUSE Security Announcements for minor
issues, SUSE Security releases weekly summary reports for the low profile
vulnerability fixes. The SUSE Security Summary Reports do not list md5 sums
or download URLs like the SUSE Security Announcements that are released for
more severe vulnerabilities.
Fixed packages for the following incidents are already available on our FTP
server and via the YaST Online Update.
- squirrelmail cross site scripting problems
squirrelmail was updated to fix two cross-site-scripting
vulnerabilities that can be used by an attacker to read opened
emails (CVE-2007-1262) and to send email on behalf of the user
(CVE-2007-2589).
This problem was fixed for SUSE Linux 10.0, 10.1 and openSUSE 10.2.
- OpenOffice_org macro virus "BadBunny"
Since May this year a macro virus for OpenOffice_org is going
around. The code is mostly harmless and can be classified as a
proof-of-concept virus. OpenOffice_org does not execute macros in
a document per default, the user is asked to enable macros when
the document is opened. We encourage users not to enable macros
from untrusted sources. When you receive a document from a known
person via email, ask this person first before you open the document.
More information: http://secunia.com/virus_information/38489/sbbadbunny-a/
- Blackdown JDK/JRE
The Blackdown JDK/JRE suffers from the same problems as Sun JDK/JRE,
like for instance the current image decoding problems.
In the case of the Blackdown Java implementation there is no update
package or source-code available, therefore we can not provide
security updates. If possible switch to Sun's Java package.
Only SUSE Linux Enterprise Desktop 1.0 contains the Blackdown JDK.
- gnash denial of service
A denial of service problem was fixed in the free flash player gnash.
(CVE-2007-2500)
gnash is shipped only on openSUSE 10.2 and was fixed there.
- libpng denial of service
Applications using libpng can crash if libpng is ask to
process a grayscale image with a malformed (bad CRC) tRNS
chunk. (CVE-2007-2445)
This problem was fixed for all SUSE Linux based distributions.
- python memory disclosure
A off-by-one error in the PyLocale_strxfrm() function in python was
fixed which can lead to a memory information leak. (CVE-2007-2052)
This has been fixed for all SUSE Linux based products.
- pulseaudio denial of service
pulseaudio was updated to fix a denial-of-service bug that can be
triggered remotely. (CVE-2007-1804)
Only openSUSE 10.2 contains pulseaudio and is affected by this bug.
- gd denial of service
A denial-of-service bug in libgd that can occur while processing
crafted images was fixed. (CVE-2007-2756)
This problem has been fixed for all SUSE Linux based distributions.
- OTRS cross site scripting problem
A cross site scripting (XSS) vulnerability in OTRS was fixed.
(CVE-2007-2524).
- net-snmp denial of service
This update fixes a denial of service problem which could be
triggered by a packet containing a single byte. (CVE-2005-2177)
This problem only affected SUSE Linux 9.3 and 10.0 and was fixed
for these distributions.
______________________________________________________________________________
2) Pending Vulnerabilities, Solutions, and Work-Arounds
- Mozilla Firefox 2.0.0.4 update
The Mozilla Firefox 1.5.0.12 / 2.0.0.4 release fixes various
security issues.
We have released updates for all packages, except for SLE10. Once
this update is out, a full advisory will be released.
- file security problems
Additional file security problems were found. Updates have been
released for all distributions for all but SUSE Linux 10.1 and
SLE 10. Once updates for these distributions are released, a full
advisory will follow.
- freetype2 problems
TTF related security problems were fixed in the freetype2
packages. Packages for all distributions but SUSE Linux 10.1 and
SLE 10 have been released already.
Once the latter are released, a full advisory will follow.
______________________________________________________________________________
3) Authenticity Verification and Additional Information
- Announcement authenticity verification:
SUSE security announcements are published via mailing lists and on Web
sites. The authenticity and integrity of a SUSE security announcement is
guaranteed by a cryptographic signature in each announcement. All SUSE
security announcements are published with a valid signature.
To verify the signature of the announcement, save it as text into a file
and run the command
gpg --verify <file>
replacing <file> with the name of the file containing the announcement.
The output for a valid signature looks like:
gpg: Signature made <DATE> using RSA key ID 3D25D3D9
gpg: Good signature from "SuSE Security Team