is this announcement =
landie@pepino:~ > rpm -qa | grep dhcp
dhcpcd-1.3.19pl9-16
or is that a diff package
On Wed, 22 May 2002 18:55:07 +0200 (CEST)
Thomas Biege
-----BEGIN PGP SIGNED MESSAGE-----
_______________________________________________ _______________________________
SuSE Security Announcement
Package: dhcp/dhcp-server Announcement-ID: SuSE-SA:2002:019 Date: Wednesday, May 22th 2002 13:30 MEST Affected products: 7.2, 7.3, 8.0 SuSE Linux Database Server SuSE eMail Server III SuSE Linux Enterprise Server for S/390 SuSE Linux Connectivity Server SuSE Linux Enterprise Server 7 Vulnerability Type: remote command execution Severity (1-10): 4 SuSE default package: no Other affected systems: all systems using ISC DHCP server 3.x
Content of this advisory: 1) security vulnerability resolved: format string bug in dynamic DNS code problem description, discussion, solution and upgrade information 2) pending vulnerabilities, solutions, workarounds 3) standard appendix (further information)
_______________________________________________ _______________________________
1) problem description, brief discussion, solution, upgrade information
The "Dynamic Host Configuration Protocol" (DHCP) server from the Internet Software Consortium allows hosts on a TCP/IP network to request and be assigned IP addresses, and also to discover information about the network to which they are attached.
A remote exploitable format string vulnerability was found in the logging routines of the dynamic DNS code of dhcpd. This vulnerability allows an attacker, usually within the LAN served by the DHCP server, to get remote root access to the host running dhcpd.
The dhcp/dhcp-server package is not installed by default nor is the dynamic DNS feature enabled by default. As temporary workaround the dynamic DNS feature could be disabled via dhcpd's config file with the following lines: ddns-update-style none; ddns-updates off; After updating the package or modifying the config file you have to run: rcdhcpd restart as root to restart all instances of running dhcpd processes.
Please download the update package for your distribution and verify its integrity by the methods listed in section 3) of this announcement. Then, install the package using the command "rpm -Fhv file.rpm" to apply the update. Our maintenance customers are being notified individually. The packages are being offered to install from the maintenance web.
i386 Intel Platform:
SuSE-8.0 ftp://ftp.suse.com/pub/suse/i386/update/8.0/n2/dhcp-server-3.0.1rc6-8.i386.rpm 754569c059f5f2c4f71397f6c6498f53 source rpm: ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/dhcp-3.0.1rc6-8.src.rpm 82ab4455ae86a932a746778ca0cf06f1
SuSE-7.3 ftp://ftp.suse.com/pub/suse/i386/update/7.3/n2/dhcp-3.0rc12-47.i386.rpm 58bdf5e4e0622ba280fad0d649a36bdd source rpm: ftp://ftp.suse.com/pub/suse/i386/update/7.3/zq1/dhcp-3.0rc12-47.src.rpm 20abdc3bad4810971aa4cc959c133a9e
SuSE-7.2 ftp://ftp.suse.com/pub/suse/i386/update/7.2/n2/dhcp-3.0rc4-27.i386.rpm 826ffc2524ad6a6b3b746e3c5e0e5413 source rpm: ftp://ftp.suse.com/pub/suse/i386/update/7.2/zq1/dhcp-3.0rc4-27.src.rpm 7bfd527698beef5a83e60577e7e02cfb
Sparc Platform:
SuSE-7.3 ftp://ftp.suse.com/pub/suse/sparc/update/7.3/n2/dhcp-3.0rc12-22.sparc.rpm 15ec49d27e7f8b61ec22616484e43996 source rpm: ftp://ftp.suse.com/pub/suse/sparc/update/7.3/zq1/dhcp-3.0rc12-22.src.rpm 1e3f0ee6da5684a49b31908f0e6ac9dd
PPC Power PC Platform:
SuSE-7.3 ftp://ftp.suse.com/pub/suse/ppc/update/7.3/n2/dhcp-3.0rc12-32.ppc.rpm 76914c072100dff6fdf781ed81f7afeb source rpm: ftp://ftp.suse.com/pub/suse/ppc/update/7.3/zq1/dhcp-3.0rc12-32.src.rpm 9ac78f35a529c24315f11184555c7f81
_______________________________________________ _______________________________
2) Pending vulnerabilities in SuSE Distributions and Workarounds:
- tcpdump/libpcap Various security and non-security related bugs were found in the code of tcpdump and libpcap. New RPMs are currently being build.
_______________________________________________ _______________________________
3) standard appendix: authenticity verification, additional information
- Package authenticity verification:
SuSE update packages are available on many mirror ftp servers all over the world. While this service is being considered valuable and important to the free and open source software community, many users wish to be sure about the origin of the package and its content before installing the package. There are two verification methods that can be used independently from each other to prove the authenticity of a downloaded file or rpm package: 1) md5sums as provided in the (cryptographically signed) announcement. 2) using the internal gpg signatures of the rpm package.
1) execute the command md5sum
after you downloaded the file from a SuSE ftp server or its mirrors. Then, compare the resulting md5sum with the one that is listed in the announcement. Since the announcement containing the checksums is cryptographically signed (usually using the key security@suse.de), the checksums show proof of the authenticity of the package. We disrecommend to subscribe to security lists which cause the email message containing the announcement to be modified so that the signature does not match after transport through the mailing list software. Downsides: You must be able to verify the authenticity of the announcement in the first place. If RPM packages are being rebuilt and a new version of a package is published on the ftp server, all md5 sums for the files are useless. 2) rpm package signatures provide an easy way to verify the authenticity of an rpm package. Use the command rpm -v --checksig
to verify the signature of the package, where is the filename of the rpm package that you have downloaded. Of course, package authenticity verification can only target an uninstalled rpm package file. Prerequisites: a) gpg is installed b) The package is signed using a certain key. The public part of this key must be installed by the gpg program in the directory~/.gnupg/ under the user's home directory who performs the signature verification (usually root). You can import the key that is used by SuSE in rpm packages for SuSE Linux by saving this announcement to a file ("announcement.txt") and running the command (do "su -" to be root): gpg --batch; gpg < announcement.txt | gpg --import SuSE Linux distributions version 7.1 and thereafter install the key "build@suse.de" upon installation or upgrade, provided that the package gpg is installed. The file containing the public key is placed at the toplevel directory of the first CD (pubring.gpg) and at ftp://ftp.suse.com/pub/suse/pubring.gpg-build.suse.de . - SuSE runs two security mailing lists to which any interested party may subscribe:
suse-security@suse.com - general/linux/SuSE security discussion. All SuSE security announcements are sent to this list. To subscribe, send an email to
. suse-security-announce@suse.com - SuSE's announce-only mailing list. Only SuSE's security annoucements are sent to this list. To subscribe, send an email to
. For general information or the frequently asked questions (faq) send mail to:
or respectively. =========================================== ========================== SuSE's security contact is
or . The public key is listed below.===================================== ================================ _______________________________________________ _______________________________ The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, it is desired that the cleartext signature shows proof of the authenticity of the text. SuSE Linux AG makes no warranties of any kind whatsoever with respect to the information contained in this security advisory.
Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team
pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org
mQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCkYS3 yEKeueNWc+z/0Kvff 4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP+Y0 PFPboMvKx0FXl/A0d M+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR8xo cQSVCFxcwvwCglVcO QliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U8c/ yE/vdvpN6lF0tmFrK XBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0ScZq ITuZC4CWxJa9GynBE D3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEhELB eGaPdNCcmfZ66rKUd G5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtBUVK n4zLUOf6aeBAoV6NM CC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOoAqa jLfvkURHAeSsxXIoE myW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1nKFv F+rQoU3VTRSBQYWNr YWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohcBBM RAgAcBQI57vSBBQkD wmcABAsKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyl8sAJ9 8BgD40zw0GHJHIf6d NfnwI2PAsgCgjH1+PnYEl7TFjtZsqhezX7vZvYCIRgQQEQI ABgUCOnBeUgAKCRCe QOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lxyoAejACeOO1 HIbActAevk5MUBhNe LZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWnB/9An5vfiUU E1VQnt+T/EYklES3t XXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDVwM2OgSEISZx bzdXGnqIlcT08TzBU D9i579uifklLsnr35SJDZ6ram51/CWOnnaVhUzneOA9gTPS r+/fT3WeVnwJiQCQ3 0kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF5Yryk23pQUP AgJENDEqeU6iIO9Ot 1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3D3EN8C1yPqZ d5CvvznYvB6bWBIpW cRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGuzgpJt9IXSzy ohEJB6XG5+D0BiF0E ExECAB0FAjxqqTQFCQoAgrMFCwcKAwQDFQMCAxYCAQIXgAA KCRCoTtronIAKyp1f AJ9dR7saz2KPNwD3U+fy/0BDKXrYGACfbJ8fQcJqCBQxeHv t9yMPDVq0B0W5Ag0E Oe70khAIAISR0E3ozF/la+oNaRwxHLrCet30NgnxRROYhPa JB/Tu1FQokn2/Qld/ HZnh3TwhBIw1FqrhWBJ7491iAjLR9uPbdWJrn+A7t8kSkPa F3Z/6kyc5a8fas44h t5h+6HMBzoFCMAq2aBHQRFRNp9Mz1ZvoXXcI1lk1l8OqcUM /ovXbDfPcXsUVeTPT tGzcAi2jVl9hl3iwJKkyv/RLmcusdsi8YunbvWGFAF5Gaag YQo7YlF6UaBQnYJTM 523AMgpPQtsKm9o/w9WdgXkgWhgkhZEeqUS3m5xNey1nLu9 iMvq9M/iXnGz4sg6Q 2Y+GqZ+yAvNWjRRou3zSE7Bzg28MI4sAAwYH/2D71Xc5HPD gu87WnBFgmp8MpSr8 QnSs0wwPg3xEullGEocolSb2c0ctuSyeVnCttJMzkukL9Tq yF4s/6XRstWirSWaw JxRLKH6Zjo/FaKsshYKf8gBkAaddvpl3pO0gmUYbqmpQ3xD EYlhCeieXS5MkockQ 1sj2xYdB1xO0ExzfiCiscUKjUFy+mdzUsUutafuZ+gbHog1 CN/ccZCkxcBa5IFCH ORrNjq9pYWlrxsEn6ApsG7JJbM2besW1PkdEoxak74z1sen h36m5jQvVjA3U4xq1 wwylxadmmJaJHzeiLfb7G1ZRjZTsB7fyYxqDzMVul6o9BSw O/1XsIAnV1uuITAQY EQIADAUCOe70kgUJA8JnAAAKCRCoTtronIAKyksiAJsFB3/ 77SkH3JlYOGrEe1Ol 0JdGwACeKTttgeVPFB+iGJdiwQlxasOfuXyITAQYEQIADAU CPGqpWQUJCgCCxwAK CRCoTtronIAKyofBAKCSZM2UFyta/fe9WgITK9I5hbxxtQC fX+0ar2CZmSknn3co SPihn1+OBNyZAQ0DNuEtBAAAAQgAoCRcd7SVZEFcumffyEw fLTcXQjhKzOahzxpo omuF+HIyU4AGq+SU8sTZ/1SsjhdzzrSAfv1lETACA+3SmLr 5KV40Us1w0UC64cwt A46xowVq1vMlH2Lib+V/qr3b1hE67nMHjysECVx9Ob4gFuK NoR2eqnAaJvjnAT8J/LoUC20EdCHUqn6v+M9t/WZgC+WNR8 cq69uDy3YQhDP/nIan6fm2uf2kSV9A7ZxE GrwsWl/WX5Q/sQqMWaU6r4az98X3z90/cN+eJJ3vwtA+rm+ nxEvyev+jaLuOQBDf ebh/XA4FZ35xmi+spdiVeJH4F/ubaGlmj7+wDOF3suYAPSX T2QAFEbQlU3VTRSBT ZWN1cml0eSBUZWFtIDxzZWN1cml0eUBzdXNlLmRlPokBFQM FEDbhLUfkWLKHsco8 RQEBVw4H/1vIdiOLX/7hdzYaG9crQVIk3QwaB5eBbjvLEMv uCZHiY2COUg5QdmPQ 8SlWNZ6k4nu1BLcv2g/pymPUWP9fG4tuSnlUJDrWGm3nhyh AC9iudP2u1YQY37Gb B6NPVaZiYMnEb4QYFcqv5c/r2ghSXUTYk7etd6SW6WCOpEq izhx1cqDKNZnsI/1X 11pFcO2N7rc6byDBJ1T+cK+F1Ehan9XBt/shryJmv04nli5 CXQMEbiqYYMOu8iaA 8AWRgXPCWqhyGhcVD3LRhUJXjUOdH4ZiHCXaoF3zVPxpeGK EQY8iBrDeDyB3wHmj qY9WCX6cmogGQRgYG6yJqDalLqrDOdmJARUDBRA24S0Ed7L mAD0l09kBAW04B/4p WH3f1vQn3i6/+SmDjGzUu2GWGq6Fsdwo2hVM2ym6CILeow/ K9JfhdwGvY8LRxWRL hn09j2IJ9P7H1Yz3qDf10AX6V7YILHtchKT1dcngCkTLmDg C4rs1iAAl3f089sRG BafGPGKv2DQjHfR1LfRtbf0P7c09Tkej1MP8HtQMW9hPkBY eXcwbCjdrVGFOzqx+ AvvJDdT6a+oyRMTFlvmZ83UV5pgoyimgjhWnM1V4bFBYjPr tWMkdXJSUXbR6Q7Pi RZWCzGRzwbaxqpl3rK/YTCphOLwEMB27B4/fcqtBzgoMOia ZA0M5fFoo54KgRIh0 zinsSx2OrWgvSiLEXXYKiEYEEBECAAYFAjseYcMACgkQnkD jEAAKq6ROVACgjhDM/3KM+iFjs5QXsnd4oFPOnbkAnjYGa1 J3em+bmV2aiCdYXdOuGn4ZiQCVAwUQN7c7 whaQN/7O/JIVAQEB+QP/cYblSAmPXxSFiaHWB+MiUNw8B6o zBLK0QcMQ2YcL6+Vl D+nSZP20+Ja2nfiKjnibCv5ss83yXoHkYk2Rsa8foz6Y7tH wuPiccvqnIC/c9Cvz dbIsdxpfsi0qWPfvX/jLMpXqqnPjdIZErgxpwujas1n9016 PuXA8K3MJwVjCqSKI RgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA 1iSYcbhtgvx9ByLPI DgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE==LRKC - -----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP SIGNATURE----- Version: 2.6.3in Charset: noconv
iQEVAwUBPOvMjXey5gA9JdPZAQF70Qf9EovJ5FK0nGSa9uM VcoCiCvhRwdfFSCBe HNx1LgX9Q+bHEo9dPjqYxyNxN4HTGwWMbVyix/lQ2CDUOzx f0gxp+30R1E++RUdC sOCXwiPTkrcuMhOhwq3j7D2YUoxkpXpK17Eq+ZxHB6Z89mJ EFPrkVuSriLdl07a4 6xAEH3koek3QFi18IX6JAzaQtG5A8qPfFRdE6mBrNk3a0zW H9mBzUUeYw+a4gaF3 497vfBdu/cffxVqyLBCqZlnUM6gs9YzBpbDNz3T3uNqQ1cj hl91b92x0MFatqiEj Nn3lTXXPklob6S9JoaONvvw3diQ31F2gor+sZNTRv/6q9zN Uv3IUdA===KL4d -----END PGP SIGNATURE-----
Bye, Thomas -- Thomas Biege
SuSE Linux AG,Deutschherrnstr. 15-19,90429 Nuernberg Function: Security Support & Auditing"lynx -source http://www.suse.de/~thomas/contact/thomas.asc | pgp -fka" Key fingerprint = 51 AD B9 C7 34 FC F2 54 01 4A 1C D4 66 64 09 83 -- Trete durch die Form ein, und trete aus der Form heraus. -- To unsubscribe, e-mail: suse-security-announce-unsubscribe@suse.com For additional commands, e-mail: suse-security-announce-help@suse.com