openSUSE Security Announce
Threads by month
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2000 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1999 -----
- December
- November
- October
- September
- August
October 2001
- 3 participants
- 6 discussions
-----BEGIN PGP SIGNED MESSAGE-----
______________________________________________________________________________
SuSE Security Announcement
Package: uucp
Announcement-ID: SuSE-SA:2001:38
Date: Wednesday, October 31th, 2001 15.06 MEST
Affected SuSE versions: 6.3, 6.4, 7.0, 7.1, 7.2, 7.3
Vulnerability Type: local privilege escalations (probably root)
Severity (1-10): 5
SuSE default package: no
Other affected systems: all liunx-like systems using this version
of uucp
Content of this advisory:
1) security vulnerability resolved: uucp
problem description, discussion, solution and upgrade information
2) pending vulnerabilities, solutions, workarounds
3) standard appendix (further information)
______________________________________________________________________________
1) problem description, brief discussion, solution, upgrade information
UUCP is a well known tool suite for copying data between unix-like
systems. Zen-Parse reported that the higher privileges of uux (UID
uucp) aren't dropped if long options instead of normal (short) options
are used. An attacker could exploit this hole, by specifying a malicious
configuration file to execute and/or access arbitrary data with the
privilege of user uucp.
As a temporary fix, you could either uninstall uucp from your system,
if not needed:
- rpm -e uucp
or remove the set[ug]id bit
- chmod ug-s /usr/bin/uux
Please, don't forget to add the permissions settings accordingly to
your /etc/permissions.local file.
Download the update package from locations described below and install
the package with the command `rpm -Uhv file.rpm'. The md5sum for each
file is in the line below. You can verify the integrity of the rpm
files using the command
`rpm --checksig --nogpg file.rpm',
independently from the md5 signatures below.
i386 Intel Platform:
SuSE-7.3
ftp://ftp.suse.com/pub/suse/i386/update/7.3/n2/uucp-1.06.1-333.i386.rpm
aec2eff9ec839494416563a39e72e57d
SuSE-7.2
ftp://ftp.suse.com/pub/suse/i386/update/7.2/n2/uucp-1.06.1-334.i386.rpm
7a217616d5fb2a5b97378d1ae11157db
SuSE-7.1
ftp://ftp.suse.com/pub/suse/i386/update/7.1/n2/uucp-1.06.1-334.i386.rpm
bcb88eac8dfa4116c7f70b9d1ac1b483
SuSE-7.0
ftp://ftp.suse.com/pub/suse/i386/update/7.0/n1/uucp-1.06.1-333.i386.rpm
d9863b92f8d4e8edf7815b7b6b4bcca1
SuSE-6.4
ftp://ftp.suse.com/pub/suse/i386/update/6.4/n1/uucp-1.06.1-333.i386.rpm
8a484013119b91cd51f20de850ca9104
SuSE-6.3
ftp://ftp.suse.com/pub/suse/i386/update/6.3/n1/uucp-1.06.1-333.i386.rpm
2c4f73d6edf52d55ef279ed9e1b1456f
Sparc Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/sparc/update/7.1/n2/uucp-1.06.1-228.sparc.rpm
4ac19a1bbbdc07719ed91f6ae13d95b3
SuSE-7.0
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/n1/uucp-1.06.1-228.sparc.rpm
112361714c8515a9a5e6142e7ade70c8
AXP Alpha Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/axp/update/7.1/n2/uucp-1.06.1-227.alpha.rpm
1dca3f2767ba8be87b03932258ee6c2c
SuSE-7.0
ftp://ftp.suse.com/pub/suse/axp/update/7.0/n1/uucp-1.06.1-227.alpha.rpm
d54fa66ef530df2ac25fa133a5d8d67b
SuSE-6.4
ftp://ftp.suse.com/pub/suse/axp/update/6.4/n1/uucp-1.06.1-227.alpha.rpm
d13335ad5561f59b2ad53424a977184c
SuSE-6.3
ftp://ftp.suse.com/pub/suse/axp/update/6.3/n1/uucp-1.06.1-227.alpha.rpm
456e11eb134f30b6056014d76351c31c
PPC Power PC Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/n2/uucp-1.06.1-225.ppc.rpm
d586b5fc6551da4ddebf646e686d957c
SuSE-7.0
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/n1/uucp-1.06.1-225.ppc.rpm
2eda36d95758053066f552cd6284c53a
SuSE-6.4
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/n1/uucp-1.06.1-225.ppc.rpm
1157d1b6ebfcc36d425957a27bfa7c85
______________________________________________________________________________
2) Pending vulnerabilities in SuSE Distributions and Workarounds:
- openssh
After stabilizing the openssh package, updates for the distributions
6.4-7.2 are currently being prepared. The update packages fix a security
problem related to the recently discovered problems with source ip
based access restrictions in a user's ~/.ssh/authorized_keys2 file.
The packages will appear shortly on our ftp servers. Please note that
packages for the distributions 6.3 and up including 7.0 containing
cryptographic software are located on the German ftp server ftp.suse.de,
all other packages can be found on ftp.suse.com at the usual location.
We will issue a dedicated Security announcement for the openssh package.
______________________________________________________________________________
3) standard appendix:
SuSE runs two security mailing lists to which any interested party may
subscribe:
suse-security(a)suse.com
- general/linux/SuSE security discussion.
All SuSE security announcements are sent to this list.
To subscribe, send an email to
<suse-security-subscribe(a)suse.com>.
suse-security-announce(a)suse.com
- SuSE's announce-only mailing list.
Only SuSE's security annoucements are sent to this list.
To subscribe, send an email to
<suse-security-announce-subscribe(a)suse.com>.
For general information or the frequently asked questions (faq)
send mail to:
<suse-security-info(a)suse.com> or
<suse-security-faq(a)suse.com> respectively.
===============================================
SuSE's security contact is <security(a)suse.com>.
===============================================
______________________________________________________________________________
The information in this advisory may be distributed or reproduced,
provided that the advisory is not modified in any way.
SuSE GmbH makes no warranties of any kind whatsoever with respect
to the information contained in this security advisory.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
iQEVAwUBO+ASz3ey5gA9JdPZAQGtCgf9FtRZ3n+VH3ZtfoI8lu6k7qkedqqa0Igb
Utkko7jBCuD5GTvFpUtH3n2mm8kH++Z2DiSSgacj0OQJXl+pcdUtpSHnEYrtYiIy
RZXIE92uMVf6HIYXCdOsAyhsEytB1P23dyW1fK1wBPF3AJXc/l5++gG/rwAB+W3r
VY/JM2FVzTpAb3FsCUv3bwPy4/LMaJefqTErPkF7/MxclBX7AMnvbqxqqN8/1l1M
JRUcONwRnM3rYRvqby9/bYTrKCvpX/wNE6Gl/SXqkYGMAs1qTMJK069Oozk7Rr3d
GiVs/dTlhCFsSdlSB2XOsUFj8GwgCm4qWLRINOUdFCX2eyL8DrgUEw==
=bY/S
-----END PGP SIGNATURE-----
Bye,
Thomas
--
Thomas Biege, SuSE GmbH, Schanzaeckerstr. 10, 90443 Nuernberg
E@mail: thomas(a)suse.de Function: Security Support & Auditing
"lynx -source http://www.suse.de/~thomas/contact/thomas.asc | pgp -fka"
Key fingerprint = 51 AD B9 C7 34 FC F2 54 01 4A 1C D4 66 64 09 84
1
0
-----BEGIN PGP SIGNED MESSAGE-----
______________________________________________________________________________
SuSE Security Announcement
Package: squid
Announcement-ID: SuSE-SA:2001:037
Date: Tuesday, Oct 30th 2001 12:30 MEST
Affected SuSE versions: 6.3, 6.4, 7.0, 7.1, 7.2, 7.3
Vulnerability Type: remote denial of service
Severity (1-10): 4
SuSE default package: no
Other affected systems: Systems running the squid proxy server
Content of this advisory:
1) security vulnerability resolved: squid
problem description, discussion, solution and upgrade information
2) pending vulnerabilities, solutions, workarounds
3) standard appendix (further information)
______________________________________________________________________________
1) problem description, brief discussion, solution, upgrade information
The squid proxy server can be crashed with a malformed request, resulting
in a denial of service attack. After the crash, the squid proxy must be
restarted. The weakness can only be triggered from an address that
is allowed to send requests, as configured in the squid configuration
file.
An upgrade to a fixed version of the squid package is the only reasonable
countermeasure against the bug. Please download the package for your
distribution, verify its integrity according to section 3) of this
SuSE Security announcement, then apply the update using the command
rpm -Uhv <package.rpm>
where <package.rpm> is the filename of the package that you downloaded.
NOTE:
SuSE Linux distributions come with two different squid packages: One
development package and one stable package. The respective package
for your installation can be found using the command
rpm -qa|grep squid
Please download and update only the package that is installed on your
system as determined by the version of the package installed.
Both packages for your distribution are listed below.
SPECIAL INSTALL INSTRUCTIONS:
The squid proxy has to be restarted in order for the fix to become
effective. Use the command
rcsquid restart
after successful installation of the upgrade to do this. Please note
that the start of the squid daemon can use several seconds so that
the daemon refuses to accept connections during that time.
i386 Intel Platform:
SuSE-7.3
ftp://ftp.suse.com/pub/suse/i386/update/7.3/n2/squid-2.3.STABLE4-132.i386.r…
f36c9784ca566b2cf54f75396e512ff6
ftp://ftp.suse.com/pub/suse/i386/update/7.3/n2/squid-beta-2.4.STABLE2-33.i3…
3f49f2edbda920c97c0833752f82a451
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.3/zq1/squid-2.3.STABLE4-132.src.r…
5f6432889116c0adba9a3d485690477b
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.3/zq1/squid-beta-2.4.STABLE2-33.s…
0d13b2e11000515d48b9813d7e015a11
SuSE-7.2
ftp://ftp.suse.com/pub/suse/i386/update/7.2/n2/squid-2.3.STABLE4-131.i386.r…
8f73f7b4ae29cd57ad476845737cca76
SuSE-7.2
ftp://ftp.suse.com/pub/suse/i386/update/7.2/n2/squid-beta-2.4.STABLE1-85.i3…
408c3d5b79ff05078e0ed1ca2a7c7835
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.2/zq1/squid-2.3.STABLE4-131.src.r…
87200955fd04b95b53121c91daf08508
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.2/zq1/squid-beta-2.4.STABLE1-85.s…
ac991ef42ffd20242b62a79b4f9a8298
SuSE-7.1
ftp://ftp.suse.com/pub/suse/i386/update/7.1/n2/squid2-2.2.STABLE5-203.i386.…
d88eb53e568e282e399e63247dd21f17
SuSE-7.1
ftp://ftp.suse.com/pub/suse/i386/update/7.1/n2/squid23-2.3.STABLE4-57.i386.…
ed15547d3d898de69705206865bc5e3d
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.1/zq1/squid2-2.2.STABLE5-203.src.…
6e96b682734434243216955801ca3966
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.1/zq1/squid23-2.3.STABLE4-57.src.…
286132a8a084117c13ecd20963e4e026
SuSE-7.0
ftp://ftp.suse.com/pub/suse/i386/update/7.0/n1/squid2-2.2.STABLE5-203.i386.…
cc05027b083f96f5ecb8d74ee5af48c3
SuSE-7.0
ftp://ftp.suse.com/pub/suse/i386/update/7.0/n1/squid23-2.3.STABLE4-57.i386.…
27812ca7b960ca891d14056f8e50d93d
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.0/zq1/squid2-2.2.STABLE5-203.src.…
3821655bdf3a93b1b3607c786e31e4b5
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.0/zq1/squid23-2.3.STABLE4-57.src.…
20a5cd54b491baa98ef062e59222043a
SuSE-6.4
ftp://ftp.suse.com/pub/suse/i386/update/6.4/n1/squid2-2.2.STABLE5-203.i386.…
6241edb66ce49d7c0c99e4d4eee5f62d
SuSE-6.4
ftp://ftp.suse.com/pub/suse/i386/update/6.4/n1/squid23-2.3.STABLE4-57.i386.…
73e2338db1a51b0f2c3fd06c692b9433
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.4/zq1/squid2-2.2.STABLE5-203.src.…
cca2eac81e9da884b68547a10753e3aa
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.4/zq1/squid23-2.3.STABLE4-57.src.…
41b0f0f3d3ba588a69d4d3bdbbaa67f0
SuSE-6.3
ftp://ftp.suse.com/pub/suse/i386/update/6.3/n1/squid-1.NOVM.22-0.i386.rpm
287c56b9f60ebc6f0592ebd82aaafdbd
SuSE-6.3
ftp://ftp.suse.com/pub/suse/i386/update/6.3/n1/squid2-2.2.STABLE5-25.i386.r…
7ebcf1942316bc7dd9ccc81aa02d22a6
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.3/zq1/squid-1.NOVM.22-0.src.rpm
96b7d50fa8548c4a62602d9a6c30ee15
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.3/zq1/squid2-2.2.STABLE5-25.src.r…
ec16fdc160c4bab2447903843de38e96
Sparc Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/sparc/update/7.1/n2/squid2-2.2.STABLE5-199.spar…
32c7b23fae7195f85bc641076020f525
SuSE-7.1
ftp://ftp.suse.com/pub/suse/sparc/update/7.1/n2/squid23-2.3.STABLE4-52.spar…
58ef46972e17b4c18934705ad1e119fc
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.1/zq1/squid2-2.2.STABLE5-199.src…
fdd0149a27a9ce2dc62b6cd3d36bf5d9
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.1/zq1/squid23-2.3.STABLE4-52.src…
ae95420b0cabfcec6ea8e45cafbec98a
SuSE-7.0
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/n1/squid2-2.2.STABLE5-200.spar…
7ea9ebf4033748dc2926681f91b757a2
SuSE-7.0
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/n1/squid23-2.3.STABLE4-53.spar…
f5182a0ee681e1038ce9a27a5669dc78
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/zq1/squid2-2.2.STABLE5-200.src…
2df8efacd6309d282ddf1a9fd85f5b0d
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/zq1/squid23-2.3.STABLE4-53.src…
7283004306500f6af0945a127eb7cb10
AXP Alpha Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/axp/update/7.1/n2/squid2-2.2.STABLE5-211.alpha.…
5731678da53fefafd8b598b4bdd0b1c5
SuSE-7.1
ftp://ftp.suse.com/pub/suse/axp/update/7.1/n2/squid23-2.3.STABLE4-59.alpha.…
131ddb39a0642abd01ac7758b1ee1659
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/7.1/zq1/squid2-2.2.STABLE5-211.src.r…
2a455ab029dfa08d93b8f0882d27f3c0
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/7.1/zq1/squid23-2.3.STABLE4-59.src.r…
af85f07cc967e2c0afd58c15757901b9
SuSE-7.0
ftp://ftp.suse.com/pub/suse/axp/update/7.0/n1/squid2-2.2.STABLE5-211.alpha.…
6c8717d3ecc33f36fda8b9126f5aa9c4
SuSE-7.0
ftp://ftp.suse.com/pub/suse/axp/update/7.0/n1/squid23-2.3.STABLE4-59.alpha.…
f601abe230336f0aff1e2dd794905746
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/7.0/zq1/squid2-2.2.STABLE5-211.src.r…
0c286031c7261283c51ecc7b181f5c5a
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/7.0/zq1/squid23-2.3.STABLE4-59.src.r…
c13de698610cfbe85c9db43c0b46c33a
SuSE-6.4
ftp://ftp.suse.com/pub/suse/axp/update/6.4/n1/squid2-2.2.STABLE5-211.alpha.…
72ed52eb121cf09af0085eade83c31e9
SuSE-6.4
ftp://ftp.suse.com/pub/suse/axp/update/6.4/n1/squid23-2.3.STABLE4-59.alpha.…
d00639d8014cadfaaf0f877600fc265b
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.4/zq1/squid2-2.2.STABLE5-211.src.r…
9654093482932c0c5b6e19641c12e515
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.4/zq1/squid23-2.3.STABLE4-59.src.r…
93956c1d356b14d1c0ce4f6176b6bc82
SuSE-6.3
ftp://ftp.suse.com/pub/suse/axp/update/6.3/n1/squid-1.NOVM.22-0.alpha.rpm
963dab91fe801b0db5b8bc1290c510ac
SuSE-6.3
ftp://ftp.suse.com/pub/suse/axp/update/6.3/n1/squid2-2.2.STABLE5-24.alpha.r…
0a2cc791d49c12e43318166b18fbf4c9
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.3/zq1/squid-1.NOVM.22-0.src.rpm
d4bed546b971e980e013a19524dfe0a6
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.3/zq1/squid2-2.2.STABLE5-24.src.rpm
1911f50775e228ba85801afe14b4127c
PPC Power PC Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/n2/squid2-2.2.STABLE5-191.ppc.rpm
8570b7b727184e65e06bbc94952dd1c1
SuSE-7.1
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/n2/squid23-2.3.STABLE4-59.ppc.rpm
06b6a7d709dd647f877cd2c49c8a25b0
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/zq1/squid2-2.2.STABLE5-191.src.r…
01f3d3f73ff7f707aaa5915904f04816
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/zq1/squid23-2.3.STABLE4-59.src.r…
e3d908e3f6f4d29e5fe6b47ee63efe71
SuSE-7.0
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/n1/squid2-2.2.STABLE5-191.ppc.rpm
080ede69d095009d348d66575d737ded
SuSE-7.0
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/n1/squid23-2.3.STABLE4-59.ppc.rpm
815f6081346eea1883e269c5349687b9
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/zq1/squid2-2.2.STABLE5-191.src.r…
67036c2982d2e353a5063b4f173bd994
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/zq1/squid23-2.3.STABLE4-59.src.r…
d69897df473cf8added443549fe90614
SuSE-6.4
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/n1/squid2-2.2.STABLE5-191.ppc.rpm
059e627ca63f48176d310321bd1d6715
SuSE-6.4
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/n1/squid23-2.3.STABLE4-59.ppc.rpm
f90c456e8d7ba561f585f388ead58f3e
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/zq1/squid2-2.2.STABLE5-191.src.r…
31db9a010dcbcfe98e966042cd3aac0f
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/zq1/squid23-2.3.STABLE4-59.src.r…
80b5f2f0325aaeeeee413f9fedc9eacb
______________________________________________________________________________
2) Pending vulnerabilities in SuSE Distributions and Workarounds:
- openssh
After stabilizing the openssh package, updates for the distributions
6.4-7.2 are currently being prepared. The update packages fix a security
problem related to the recently discovered problems with source ip
based access restrictions in a user's ~/.ssh/authorized_keys2 file.
The packages will appear shortly on our ftp servers. Please note that
packages for the distributions 6.3 and up including 7.0 containing
cryptographic software are located on the German ftp server ftp.suse.de,
all other packages can be found on ftp.suse.com at the usual location.
We will issue a dedicated Security announcement for the openssh package.
______________________________________________________________________________
3) standard appendix: authenticity verification, additional information
- Package authenticity verification:
SuSE update packages are available on many mirror ftp servers all over
the world. While this service is being considered valuable and important
to the free and open source software community, many users wish to be
sure about the origin of the package and its content before installing
the package. There are two verification methods that can be used
independently from each other to prove the authenticity of a downloaded
file or rpm package:
1) md5sums as provided in the (cryptographically signed) announcement.
2) using the internal gpg signatures of the rpm package.
1) execute the command
md5sum <name-of-the-file.rpm>
after you downloaded the file from a SuSE ftp server or its mirrors.
Then, compare the resulting md5sum with the one that is listed in the
announcement. Since the announcement containing the checksums is
cryptographically signed (usually using the key security(a)suse.de)
the checksums show proof of the authenticity of the package.
We disrecommend to subscribe to security lists which cause the
email message containing the announcement to be modified so that
the signature does not match after transport through the mailing
list software.
Downsides: You must be able to verify the authenticity of the
announcement in the first place. If RPM packages are being rebuilt
and a new version of a package is published on the ftp server, all
md5 sums for the files are useless.
2) rpm package signatures provide an easy way to verify the authenticity
of an rpm package. Use the command
rpm -v --checksig <file.rpm>
to verify the signature of the package, where <file.rpm> is the
filename of the rpm package that you have downloaded. Of course,
package authenticity verification can only target an uninstalled rpm
package file.
Prerequisites:
a) gpg is installed
b) The package is signed using a certain key. The public part of this
key must be installed by the gpg program in the directory
~/.gnupg/ under the user's home directory who performs the
signature verification (usually root). You can import the key
that is used by SuSE in rpm packages for SuSE Linux by saving
this announcement to a file ("announcement.txt") and
running the command (do "su -" to be root):
gpg --batch; gpg < announcement.txt | gpg --import
SuSE Linux distributions version 7.1 and thereafter install the
key "build(a)suse.de" upon installation or upgrade, provided that
the package gpg is installed. The file containing the public key
is placed at the toplevel directory of the first CD (pubring.gpg)
and at ftp://ftp.suse.com/pub/suse/pubring.gpg-build.suse.de .
- SuSE runs two security mailing lists to which any interested party may
subscribe:
suse-security(a)suse.com
- general/linux/SuSE security discussion.
All SuSE security announcements are sent to this list.
To subscribe, send an email to
<suse-security-subscribe(a)suse.com>.
suse-security-announce(a)suse.com
- SuSE's announce-only mailing list.
Only SuSE's security annoucements are sent to this list.
To subscribe, send an email to
<suse-security-announce-subscribe(a)suse.com>.
For general information or the frequently asked questions (faq)
send mail to:
<suse-security-info(a)suse.com> or
<suse-security-faq(a)suse.com> respectively.
===================================================
SuSE's security contact is <security(a)suse.com>.
The <security(a)suse.com> public key is listed below.
===================================================
______________________________________________________________________________
The information in this advisory may be distributed or reproduced,
provided that the advisory is not modified in any way. In particular,
it is desired that the cleartext signature shows proof of the
authenticity of the text.
SuSE GmbH makes no warranties of any kind whatsoever with respect
to the information contained in this security advisory.
Type Bits/KeyID Date User ID
pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security(a)suse.de>
pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build(a)suse.de>
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA
BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz
JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh
1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U
P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+
cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg
VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b
yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7
tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ
xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63
Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo
choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI
BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u
v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+
x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0
Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq
MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2
saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o
L0oixF12CpkBogQ57vSBEQQAk/GN+ftr7+DBlSoixDDpfRnUk+jApGEt8hCnrnjV
nPs/9Cr33+CXLQbILOO7Y5oiPbJdHh45t4E0fKyLVzDerCRFB1swz/mNDxT26DLy
sdBV5fwNHTPhxa67goAZVrehQPqJEckkIpYriOaYcKpF3n5fQIZMEfMaHEElQhcX
ML8AoJVXDkJYh7vI8EUB8ZURNLZMEECNA/sH0MCnb4Q6ZcRyeZ3+1PHP8hP73b6T
epRdLZhaylwVF/iu7uIn62ZUL4//NTOCDY7V63qg4iba/fUbOsWtEnGaiE7mQuAl
sSWvRspwRA9/g9rdVf3/JdLJrLmKBTheyG+PSJE3W7cAE4ZWafGxIRCwXhmj3TQn
Jn2euqylHRubEQP/aL53NZK0kBdvrKgff6O8Of6tqoss8Dkk55I7QVFSp+My1Dn+
mngQKFejTAgtyo/WmR3wPjQ9HoT2lRiYI2lTRYT4uMdHuwVC3b4DqAKmoy375FER
wHkrMVyKBJslv8QtbAWw5A1CAUseaHo+91wmYJ4/4p6YUahqbG/tZyhbxfq0KFN1
U0UgUGFja2FnZSBTaWduaW5nIEtleSA8YnVpbGRAc3VzZS5kZT6IXAQTEQIAHAUC
Oe70gQUJA8JnAAQLCgMEAxUDAgMWAgECF4AACgkQqE7a6JyACspfLACffAYA+NM8
NBhyRyH+nTX58CNjwLIAoIx9fj52BJe0xY7WbKoXs1+72b2AiEYEEBECAAYFAjpw
XlIACgkQnkDjEAAKq6TczgCgi+ddhWb7+FWcfeE6WwPZccqAHowAnjjtRyGwHLQH
r5OTFAYTXi2Wv6jNiQEVAwUQOnBgb3ey5gA9JdPZAQE1pwf/QJ+b34lFBNVUJ7fk
/xGJJREt7V12iSafaRzGuH8xWvIz1bb+VARxnnt16FDQ1cDNjoEhCEmcW83Vxp6i
JXE9PE8wVA/Yue/bon5JS7J69+UiQ2eq2pudfwljp52lYVM53jgPYEz0q/v3091n
lZ8CYkAkN9JDS1lV1gEzJ7J0+POngDpU+lDQT2EC6VKaxeWK8pNt6UFDwICRDQxK
nlOoiDvTrdWT7QdJZ4sPv8Qotdw9+tKNbWQ2DqdIRxyTdw9xDfAtcj6mXeQr7852
Lwem1gSKVnEYHZ9g1FTJqVOutY8KhpUc9RfOCRv8XuIxrs4KSbfSF0s8qIRCQelx
ufg9AbkCDQQ57vSSEAgAhJHQTejMX+Vr6g1pHDEcusJ63fQ2CfFFE5iE9okH9O7U
VCiSfb9CV38dmeHdPCEEjDUWquFYEnvj3WICMtH249t1Ymuf4Du3yRKQ9oXdn/qT
Jzlrx9qzjiG3mH7ocwHOgUIwCrZoEdBEVE2n0zPVm+hddwjWWTWXw6pxQz+i9dsN
89xexRV5M9O0bNwCLaNWX2GXeLAkqTK/9EuZy6x2yLxi6du9YYUAXkZpqBhCjtiU
XpRoFCdglMznbcAyCk9C2wqb2j/D1Z2BeSBaGCSFkR6pRLebnE17LWcu72Iy+r0z
+JecbPiyDpDZj4apn7IC81aNFGi7fNITsHODbwwjiwADBgf/YPvVdzkc8OC7ztac
EWCanwylKvxCdKzTDA+DfES6WUYShyiVJvZzRy25LJ5WcK20kzOS6Qv1OrIXiz/p
dGy1aKtJZrAnFEsofpmOj8VoqyyFgp/yAGQBp12+mXek7SCZRhuqalDfEMRiWEJ6
J5dLkyShyRDWyPbFh0HXE7QTHN+IKKxxQqNQXL6Z3NSxS61p+5n6BseiDUI39xxk
KTFwFrkgUIc5Gs2Or2lhaWvGwSfoCmwbsklszZt6xbU+R0SjFqTvjPWx6eHfqbmN
C9WMDdTjGrXDDKXFp2aYlokfN6It9vsbVlGNlOwHt/JjGoPMxW6Xqj0FLA7/Vewg
CdXW64hMBBgRAgAMBQI57vSSBQkDwmcAAAoJEKhO2uicgArKSyIAmwUHf/vtKQfc
mVg4asR7U6XQl0bAAJ4pO22B5U8UH6IYl2LBCXFqw5+5fA==
=rVRn
- -----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
iQEVAwUBO96LF3ey5gA9JdPZAQFlqwf/YderpUXkQgPJtsLnEzHNmjTMm6E5rCEP
R6iBGPPga1BwV9/23FHtbXalc1Gkqa9RPcBJ58mkxcbzaLHacAZZmnHj7jv2VocE
edg9HcOdhjAiPA5KSePczFOb7+f51Y9aLTFn+5wfEAP0eMOmGvqvn0YnOCEl9vu5
6A1QbLhMIsc1ATTOCo9bWAJPeIVpU34HRXg1ojYqf+HObLDdAfZAKbKxxQ8ZkDR/
i/qI1x5A0OER1NJhhTs4nLvJPCIpuHajZhOnjQU0yqy25JlUHYcCvMpj7VOyQUR9
JZngqFLi/KDiQiZ2vIBy0kItFJ6iv5pq9rf5jYw45nQMSak/mbRcLg==
=elKB
-----END PGP SIGNATURE-----
1
0
-----BEGIN PGP SIGNED MESSAGE-----
______________________________________________________________________________
SuSE Security Announcement
Package: kernel
Announcement-ID: SuSE-SA:2001:036
Date: Friday, Oct 26th 2001 18:00 MEST
Affected SuSE versions: 6.3, 6.4, 7.0, 7.1, 7.2, 7.3
Vulnerability Type: local privilege escalation
Severity (1-10): 8
SuSE default package: yes
Other affected systems: all Linux systems, all kernel versions
Content of this advisory:
1) security vulnerability resolved: kernel
problem description, discussion, solution and upgrade information
2) pending vulnerabilities, solutions, workarounds
3) standard appendix (further information)
______________________________________________________________________________
1) The Problem, Workaround, Recommended solution, Instructions, Notes,
Verification
The Problem:
The SuSE Linux kernel is a standard kernel, enhanced with a set of
additional drivers and other improvements, to suit the end-user's
demand for a great variety of drivers for all kind of hardware.
Two security related problems have been found in both the 2.2 and
2.4 series kernels:
1) A recursive symlink structure can cause the kernel to consume excessive
CPU time, causing the machine to halt for an arbitrary amount of time.
2) ptrace(2), the system call used to trace processes as done by the
strace(1) command, must not be given permissions to trace setuid or
setgid programs (processes with a different effective uid or gid than
the caller's uid/gid). A race condition in the ptrace() kernel code
was the reason for the kernel update in May 2001. The flaw fixed with
this kernel update is based on the assumption that the calling process
is allowed to trace a running process. The fix consists of disallowing
a ptrace() system call for all setuid/setgid binaries, regardless
of the capabilities of the calling process.
Bug 1) can lead to a local DoS.
Bug 2) can allow a local attacker to gain root privileges.
Workarounds:
It is possible to work around bug 2) by removing the setuid bit from the
programs newgrp, su, su1, sudo and possibly more programs in the system
that will start another program with different pivileges.
In order to completely solve the security problems, it is recommended to
update the kernel to a newer version as described below.
Recommended solution:
We have provided update kernels for our supported distributions
6.3, 6.4, 7.0, 7.1, 7.2 and the freshly released 7.3. Currently,
only kernel update packages for the Intel i386 distributions are
available. The update should be performed with special care in order
to make sure that the system will properly boot after the package
update.
Step-By-Step Installation Instructions:
The kernel of a Linux system is the most critical component with respect
to stability, reliability and security. By consequence, an update of that
component requires some care and full attention to succeed.
The following paragraphs will guide you through the installation
process in a step-by-step fashion. The character sequence "****"
marks the beginning of a new paragraph. In some cases, you decide
if the paragraph is needed for you or not. Please read through all
of the steps down to the end. All of the commands that need to be
executed are required to be run as the superuser (root). Each step
relies on the steps before to complete successfully.
**** Step 1: Determine the needed kernel version
SuSE-6.3, 6.4 and 7.0 are built for kernels of version 2.2, 7.1 and
up are also ready for a 2.4 kernel. You should use the same major kernel
version for the update as you are using already.
Determine the kernel version that is running on your system with the
command
uname -r
If your running kernel is version 2.2.x, you should use a 2.2.19 kernel
to update, if you use a 2.4 series kernel, use a 2.4 kernel to update
SuSE-7.3 users: See Step 3!).
Cross-version updates _may_ work in your installation but are dis-
recommended in order to preserve a properly running system.
**** Step 2: Determine the needed kernel type
After you have determined which version to install, you must select the
type of kernel rpm package to install. There are four types offered:
k_i386 a kernel that runs on i386 processors.
k_smp the kernel for computers with more than one CPU
k_psmp for dual Pentium-I processor computers
k_deflt the default kernel for most systems, includes support
for APM (laptops).
You can use the command
rpm -qf `awk -F= '/image/{print $2}' < /etc/lilo.conf`
to find the name of the kernel RPM package that is installed on
your system. In the case of inconclusive results, pick one from the
four choices above: k_deflt works on most systems, k_smp is for
multi processor computers.
Step 1 and 2 will lead you to one of these possiblities:
2.2-default 2.2-smp 2.2-psmp 2.2-i386
2.4-default 2.4-smp 2.4-psmp 2.4-i386
**** Step 3: SuSE-7.3 special: Download
If you have a SuSE-7.3 system, continue to read this paragraph,
otherwise jump to Step 4.
SuSE Linux 7.3 comes with a kernel version 2.4.10. We have made
a set of patched kernels of this particular version to seamlessly
fit into a 7.3 installation. SuSE Linux releases before 7.3 should
receive a 2.4.7 kernel update - we provide both versions for the update.
It should be possible though to run both 2.4 kernels on all 2.4 based
systems.
Please download your kernel rpm from the location
ftp://ftp.suse.com/pub/suse/i386/update/7.3/kernel/2.4.10-20011026/
After downloading the rpm package, you might want to verify the
authenticity of the rpm package according to Section 3 of this and every
SuSE Security announcement.
Then go to Step 5, omitting Step 4.
**** Step 4: Download your kernel rpm
Your kernel rpm package is available for download from
ftp://ftp.suse.com/pub/suse/i386/update/<dist>/kernel/
where <dist> is the release version of your distribution.
If you need to download a 2.4 series kernel, enter the directory
called 2.4.7-20011026/ and download the kernel rpm type that you
have selected in Step 2.
If you need to download a 2.2 series kernel, enter the directory
called 2.2.19-20011026/ and download the kernel rpm type that you
have selected in Step 2.
An example: For a SuSE-7.2 distribution installed on an SMP system
that is running a 2.4 series kernel, you should download the file
ftp://ftp.suse.com/pub/suse/i386/update/7.2/kernel/2.4.7-20011026/k_smp-2.4…
After downloading the rpm package, you might want to verify the
authenticity of the rpm package according to Section 3 of this
SuSE Security announcement at the bottom of this message.
**** Step 5: SuSE-6.3 special: Installing your kernel rpm package
If you have a SuSE-6.3 system, continue to read this paragraph,
otherwise jump to Step 6.
In SuSE Linux version 6.3, the kernel and the kernel modules are
packaged in two different packages. This will change with the success
of this update: Both kernel images and kernel modules will be contained
in the same package. For the update to succeed, you will have to either
remove the existing kernel package from your system using the command
rpm -e `rpm -qf /boot/vmlinuz`
or two kernel rpm packages will be installed on your system.
**** Step 6: Installing your kernel rpm package
Install the rpm package that you have downloaded in Steps 3 or 4 with
the command
rpm -Uhv --nodeps --force <K_FILE.RPM>
where <K_FILE.RPM> is the name of the rpm package that you downloaded.
Notice: After performing this step, your system will likely not be
able to boot if the following steps have not been fully applied.
**** Step 7: aic7xxx
If you use an Adaptec aic7xxx SCSI host adapter, continue to read
this paragraph, otherwise jump to Step 8.
The new kernel comes with two versions for the Adaptec aic7xxx driver.
If you have such a card, you should see the driver listed in the
output from the command
lsmod
or you should see the adapter in the output of the command
lspci
The new driver is known to work reliably. However, if you encounter
any problems with CDROM drives or other removeable devices (CD-RW
drives, tapes, etc) after this kernel upgrade, then you should try to
use the old driver which is called aic7xxx_old instead of aic7xxx.
If you decide to make this change, then the steps 10 and 11 are
mandatory for the update to succeed, regardless if you get back to
this paragraph after your first reboot or not.
To use the old driver, please use your favourite editor to edit
the file /etc/rc.config. Change aic7xxx into aic7xxx_old at the line
that starts with INITRD_MODULES. You should find it near the top of the
file. Do not forget to save your changes. Then go to Steps 10 and 11.
If you want to use the new driver, then do not change anything.
**** Step 8: LVM
If you use LVM, then continue to read this paragraph,
otherwise jump to Step 9.
If you use LVM (Logical Volume Manager) in your installation of SuSE
Linux before and including SuSE-7.1, then you need the updated lvm
package from the
/pub/suse/i386/update/<dist>/kernel/2.2.19-20011026/
directory for your distribution as well. The package contains the
userspace utilities to manage the Logical Volume Manager driver.
An update package is needed because the LVM data format/structure on
disk has changed with the new version of the LVM kernel driver.
Install the package as usual using the command
rpm -Uhv lvm-0.9.1_beta4-12.i386.rpm
Be sure you have downloaded the package for the explicit version
of your SuSE Linux Installation. The package names are identical
for all distribution versions.
With this kernel upgrade, the lvm driver is configured as a module,
it is _not_ compiled into the kernel image any more. Therefore, you
should use your favourite editor and edit /etc/rc.config. In this
file, the variable INITRD_MODULES must contain the word "lvm-mod".
Example: you have an NCR scsi hostadapter and use lvm and reiserfs.
The line in /etc/rc.config should look like
INITRD_MODULES="sym53c8xx lvm-mod"
Be careful about the double quotes!
WARNING: After the first boot with the new kernel you will not be able
to downgrade to older versions of LVM any more.
**** Step 9: reiserfs
If you use reiserfs, then continue to read this paragraph,
otherwise jump to Step 10.
If you use reiserfs (find out via "grep reiserfs /proc/mounts"), then
make sure that the variable INITRD_MODULES from /etc/rc.config contains
the word "reiserfs", like in the example in Step 8.
**** Step 10: configuring and creating the initrd
Upon kernel boot (after lilo runs), the kernel needs to use the
drivers for the device (disk/raid) where the root filesystem
is located in order to access it for mounting. If this driver is
not compiled into the kernel, it is supplied as a kernel module
that must be loaded _before_ the root filesystem is mounted. This
is done using a ramdisk that is loaded along with the kernel by lilo
(which is subject to the next Step).
The modules that will be packed into this initial ramdisk (initrd)
must be listed in the variable INITRD_MODULES in the file
/etc/rc.config . This ramdisk, called "initrd", must be generated
using the command
mk_initrd
If the driver for the device containing your root device is not
compiled directly into the kernel, then your system will most likely
not boot any more. If you have followed the above steps, you should be
safe. Special care should be taken with scsi hostadapters, logical volume
manager (lvm) and reiserfs.
**** Step 11: lilo
lilo is responsible for loading the kernel image and the initrd
ramdisk image into the system and for transferring control of the
system to the kernel. Therefore, a proper installation of the
bootloader (by calling the program lilo) is essential for the
system to boot (!).
Manually changed settings in /etc/lilo.conf require the admin to make
sure that /boot/vmlinuz is listed in the first "image" line in that
file. Verify that the line starting with initrd= is set to
initrd=/boot/initrd
Execute
lilo
and you should see your label(s) in an output like
Added linux *
Every other output should be considered an error and requires
attention. If your system managed to reboot before the upgrade, you
should not see any additional output from lilo at this stage.
**** Step 12: SuSE-7.0 special
If you have a SuSE Linux 7.0 distribution, then continue to read this
paragraph, otherwise jump to Step 13.
If you have performed the kernel upgrade as described in the last kernel
SuSE Security announcement SuSE-SA:2001:18 and if you have performed
the upgrade of the glibc as described in Step 8 of SuSE-SA:2001:18, then
you are done and you should go to Step 13. Otherwise, please read
SuSE-SA:2001:18 (from
http://www.suse.de/de/support/security/2001_018_kernel_txt.txt) and
return to the Step 13 in this announcement.
**** Step 13: reboot
If all of the steps above have been successfully applied to your
system, then the new kernel including the kernel modules and the
initrd should be ready to boot. The system needs to be rebooted for
the changes to become active. Please make sure that all steps are
complete, then reboot using the command
shutdown -r now
or
init 6
______________________________________________________________________________
2) Pending vulnerabilities in SuSE Distributions and Workarounds:
- openssh
After stabilizing the openssh package, updates for the distributions
6.4-7.2 are currently being prepared. The update packages fix a security
problem related to the recently discovered problems with source ip
based access restrictions in a user's ~/.ssh/authorized_keys2 file.
The packages will appear shortly on our ftp servers. Please note that
packages for the distributions 6.3 and up including 7.0 containing
cryptographic software are located on the German ftp server ftp.suse.de,
all other packages can be found on ftp.suse.com at the usual location.
- squid
A squid server can be brought to a crash upon receipt of certain
requests. The attacker must have request access to the running squid
proxy to be able to take advantage of this weakness. The only effect
of an attack is the Denial of Service (DoS). After an attack, the
squid proxy must be restarted.
Update packages are available on our ftp server that eliminate the
problem. The security announcement for this issue will follow soon.
______________________________________________________________________________
3) standard appendix: authenticity verification, additional information
- Package authenticity verification:
SuSE update packages are available on many mirror ftp servers all over
the world. While this service is being considered valuable and important
to the free and open source software community, many users wish to be
sure about the origin of the package and its content before installing
the package. There are two verification methods that can be used
independently from each other to prove the authenticity of a downloaded
file or rpm package:
1) md5sums as provided in the (cryptographically signed) announcement.
2) using the internal gpg signatures of the rpm package.
1) execute the command
md5sum <name-of-the-file.rpm>
after you downloaded the file from a SuSE ftp server or its mirrors.
Then, compare the resulting md5sum with the one that is listed in the
announcement. Since the announcement containing the checksums is
cryptographically signed (usually using the key security(a)suse.de)
the checksums show proof of the authenticity of the package.
We disrecommend to subscribe to security lists which cause the
email message containing the announcement to be modified so that
the signature does not match after transport through the mailing
list software.
Downsides: You must be able to verify the authenticity of the
announcement in the first place. If RPM packages are being rebuilt
and a new version of a package is published on the ftp server, all
md5 sums for the files are useless.
2) rpm package signatures provide an easy way to verify the authenticity
of an rpm package. Use the command
rpm -v --checksig <file.rpm>
to verify the signature of the package, where <file.rpm> is the
filename of the rpm package that you have downloaded. Of course,
package authenticity verification can only target an uninstalled rpm
package file.
Prerequisites:
a) gpg is installed
b) The package is signed using a certain key. The public part of this
key must be installed by the gpg program in the directory
~/.gnupg/ under the user's home directory who performs the
signature verification (usually root). You can import the key
that is used by SuSE in rpm packages for SuSE Linux by saving
this announcement to a file ("announcement.txt") and
running the command (do "su -" to be root):
gpg --batch; gpg < announcement.txt | gpg --import
SuSE Linux distributions version 7.1 and thereafter install the
key "build(a)suse.de" upon installation or upgrade, provided that
the package gpg is installed. The file containing the public key
is placed at the toplevel directory of the first CD (pubring.gpg)
and at ftp://ftp.suse.com/pub/suse/pubring.gpg-build.suse.de .
- SuSE runs two security mailing lists to which any interested party may
subscribe:
suse-security(a)suse.com
- general/linux/SuSE security discussion.
All SuSE security announcements are sent to this list.
To subscribe, send an email to
<suse-security-subscribe(a)suse.com>.
suse-security-announce(a)suse.com
- SuSE's announce-only mailing list.
Only SuSE's security annoucements are sent to this list.
To subscribe, send an email to
<suse-security-announce-subscribe(a)suse.com>.
For general information or the frequently asked questions (faq)
send mail to:
<suse-security-info(a)suse.com> or
<suse-security-faq(a)suse.com> respectively.
===================================================
SuSE's security contact is <security(a)suse.com>.
The <security(a)suse.com> public key is listed below.
===================================================
______________________________________________________________________________
The information in this advisory may be distributed or reproduced,
provided that the advisory is not modified in any way. In particular,
it is desired that the cleartext signature shows proof of the
authenticity of the text.
SuSE GmbH makes no warranties of any kind whatsoever with respect
to the information contained in this security advisory.
Type Bits/KeyID Date User ID
pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security(a)suse.de>
pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build(a)suse.de>
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA
BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz
JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh
1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U
P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+
cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg
VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b
yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7
tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ
xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63
Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo
choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI
BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u
v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+
x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0
Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq
MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2
saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o
L0oixF12CpkBogQ57vSBEQQAk/GN+ftr7+DBlSoixDDpfRnUk+jApGEt8hCnrnjV
nPs/9Cr33+CXLQbILOO7Y5oiPbJdHh45t4E0fKyLVzDerCRFB1swz/mNDxT26DLy
sdBV5fwNHTPhxa67goAZVrehQPqJEckkIpYriOaYcKpF3n5fQIZMEfMaHEElQhcX
ML8AoJVXDkJYh7vI8EUB8ZURNLZMEECNA/sH0MCnb4Q6ZcRyeZ3+1PHP8hP73b6T
epRdLZhaylwVF/iu7uIn62ZUL4//NTOCDY7V63qg4iba/fUbOsWtEnGaiE7mQuAl
sSWvRspwRA9/g9rdVf3/JdLJrLmKBTheyG+PSJE3W7cAE4ZWafGxIRCwXhmj3TQn
Jn2euqylHRubEQP/aL53NZK0kBdvrKgff6O8Of6tqoss8Dkk55I7QVFSp+My1Dn+
mngQKFejTAgtyo/WmR3wPjQ9HoT2lRiYI2lTRYT4uMdHuwVC3b4DqAKmoy375FER
wHkrMVyKBJslv8QtbAWw5A1CAUseaHo+91wmYJ4/4p6YUahqbG/tZyhbxfq0KFN1
U0UgUGFja2FnZSBTaWduaW5nIEtleSA8YnVpbGRAc3VzZS5kZT6IXAQTEQIAHAUC
Oe70gQUJA8JnAAQLCgMEAxUDAgMWAgECF4AACgkQqE7a6JyACspfLACffAYA+NM8
NBhyRyH+nTX58CNjwLIAoIx9fj52BJe0xY7WbKoXs1+72b2AiEYEEBECAAYFAjpw
XlIACgkQnkDjEAAKq6TczgCgi+ddhWb7+FWcfeE6WwPZccqAHowAnjjtRyGwHLQH
r5OTFAYTXi2Wv6jNiQEVAwUQOnBgb3ey5gA9JdPZAQE1pwf/QJ+b34lFBNVUJ7fk
/xGJJREt7V12iSafaRzGuH8xWvIz1bb+VARxnnt16FDQ1cDNjoEhCEmcW83Vxp6i
JXE9PE8wVA/Yue/bon5JS7J69+UiQ2eq2pudfwljp52lYVM53jgPYEz0q/v3091n
lZ8CYkAkN9JDS1lV1gEzJ7J0+POngDpU+lDQT2EC6VKaxeWK8pNt6UFDwICRDQxK
nlOoiDvTrdWT7QdJZ4sPv8Qotdw9+tKNbWQ2DqdIRxyTdw9xDfAtcj6mXeQr7852
Lwem1gSKVnEYHZ9g1FTJqVOutY8KhpUc9RfOCRv8XuIxrs4KSbfSF0s8qIRCQelx
ufg9AbkCDQQ57vSSEAgAhJHQTejMX+Vr6g1pHDEcusJ63fQ2CfFFE5iE9okH9O7U
VCiSfb9CV38dmeHdPCEEjDUWquFYEnvj3WICMtH249t1Ymuf4Du3yRKQ9oXdn/qT
Jzlrx9qzjiG3mH7ocwHOgUIwCrZoEdBEVE2n0zPVm+hddwjWWTWXw6pxQz+i9dsN
89xexRV5M9O0bNwCLaNWX2GXeLAkqTK/9EuZy6x2yLxi6du9YYUAXkZpqBhCjtiU
XpRoFCdglMznbcAyCk9C2wqb2j/D1Z2BeSBaGCSFkR6pRLebnE17LWcu72Iy+r0z
+JecbPiyDpDZj4apn7IC81aNFGi7fNITsHODbwwjiwADBgf/YPvVdzkc8OC7ztac
EWCanwylKvxCdKzTDA+DfES6WUYShyiVJvZzRy25LJ5WcK20kzOS6Qv1OrIXiz/p
dGy1aKtJZrAnFEsofpmOj8VoqyyFgp/yAGQBp12+mXek7SCZRhuqalDfEMRiWEJ6
J5dLkyShyRDWyPbFh0HXE7QTHN+IKKxxQqNQXL6Z3NSxS61p+5n6BseiDUI39xxk
KTFwFrkgUIc5Gs2Or2lhaWvGwSfoCmwbsklszZt6xbU+R0SjFqTvjPWx6eHfqbmN
C9WMDdTjGrXDDKXFp2aYlokfN6It9vsbVlGNlOwHt/JjGoPMxW6Xqj0FLA7/Vewg
CdXW64hMBBgRAgAMBQI57vSSBQkDwmcAAAoJEKhO2uicgArKSyIAmwUHf/vtKQfc
mVg4asR7U6XQl0bAAJ4pO22B5U8UH6IYl2LBCXFqw5+5fA==
=rVRn
- -----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
iQEVAwUBO9mMI3ey5gA9JdPZAQGH8Qf9Fw4zJCYTXHQxQrfEVV2abEoCaPL+K6U2
p4GlZyZs9Ggt0kXQWPrRgLzsgQB97upJBgbNfJ5xV9mYbCyLbkP4uZ/e/8CGnsca
/qTf+cOkW/DLFCsPa2utbdFm5BhXlrrKyohlCRIHIab1fSQoy0GKhRHq2jTTdmkO
h48uwo9g2DWJJ8t00lQR2h3Z9Pd0PvZpWiceQktcmy2NAEnhCa4o+wyQctTJwiez
s9bO1DfK3MN5cgJjO63+n/zLXRMwfAIXqr+/HB4ggs1VOf7lvmonlwVfI171YkDF
bmiWx6grq2vfqOtSOJZRtvwKxm8t/ayJFEaRHg2mqIWD+TmFVSY8uw==
=xhBs
-----END PGP SIGNATURE-----
1
0
-----BEGIN PGP SIGNED MESSAGE-----
______________________________________________________________________________
SuSE Security Announcement
Package: htdig
Announcement-ID: SuSE-SA:2001:035
Date: Wednesday, October 24th 2001 09:30 MEST
Affected SuSE versions: 6.3, 6.4, 7.0, 7.1, 7.2, 7.3
Vulnerability Type: local privilege escalation, remote DoS
Severity (1-10): 3
SuSE default package: no
Other affected systems: all linux-like operating-systems running
htdig's htsearch via CGI
Content of this advisory:
1) security vulnerability resolved: htsearch
problem description, discussion, solution and upgrade information
2) pending vulnerabilities, solutions, workarounds
3) standard appendix (further information)
______________________________________________________________________________
1) problem description, brief discussion, solution, upgrade information
ht://Dig is a powerfull indexing and information gathering tool for the
web. ht://Dig's search engine htsearch could be run by a http server
as CGI program or standalone as commandline tool.
Due to insufficient checking of the running environment it is possible
to use commandline options via CGI. An remote attacker could use the -c
option to specify /dev/zero as an alternate config file to causes a
denial of service for some minutes.
To read files with the privilege of the http server by abusing the -c
option an attacker needs write access to the server running htsearch.
A temporary fix or workaround does not exist; we recommend to update
your system with the new RPM from our FTP server.
Please download the update package for your distribution and verify its
integrity by the methods listed in section 3) of this announcement.
Then, install the package using the command "rpm -Uhv file.rpm" to apply
the update.
i386 Intel Platform:
SuSE-7.3
ftp://ftp.suse.com/pub/suse/i386/update/7.3/n1/htdig-3.1.5-304.i386.rpm
543b0668bbbe3c35a7b7f4aab523a497
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.3/zq1/htdig-3.1.5-304.src.rpm
553ca93fb20eaa4a0d9dcf140d2a1cc3
SuSE-7.2
ftp://ftp.suse.com/pub/suse/i386/update/7.2/n1/htdig-3.1.5-304.i386.rpm
70f7263f6b03d67858e14b6caf7716a3
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.2/zq1/htdig-3.1.5-304.src.rpm
8853a7c1094450642d0c8eafcd7db612
SuSE-7.1
ftp://ftp.suse.com/pub/suse/i386/update/7.1/n1/htdig-3.1.5-304.i386.rpm
934907ab6b8c1394446d3272122b6ba4
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.1/zq1/htdig-3.1.5-304.src.rpm
04b7f1552aa7c2c31dd796e5db5db610
SuSE-7.0
ftp://ftp.suse.com/pub/suse/i386/update/7.0/n2/htdig-3.1.5-304.i386.rpm
5eb6e0f2cd8c92f9d27c983cfa61c0cd
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.0/zq1/htdig-3.1.5-304.src.rpm
33b6e71c0cba4b2e9faa0426f1a9c27c
SuSE-6.4
ftp://ftp.suse.com/pub/suse/i386/update/6.4/n2/htdig-3.1.5-304.i386.rpm
e65d6a8f096762617ea1b271b1ec1582
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.4/zq1/htdig-3.1.5-304.src.rpm
ced955e563db7c4e422659228adbef58
SuSE-6.3
ftp://ftp.suse.com/pub/suse/i386/update/6.3/n2/htdig-3.1.5-304.i386.rpm
b2cd121f8f71064f79fb9d5d969b3d21
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.3/zq1/htdig-3.1.5-304.src.rpm
3910e17d54392f755325960d1c2a9a13
Sparc Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/sparc/update/7.1/n1/htdig-3.1.5-212.sparc.rpm
1a4e2643d776360178eea8d1d23f4fab
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.1/zq1/htdig-3.1.5-212.src.rpm
66535cba934ecfce550ad60cadccad4d
SuSE-7.0
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/n2/htdig-3.1.5-212.sparc.rpm
72ea40099742b87151146d3159b46d9f
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/zq1/htdig-3.1.5-212.src.rpm
3de8701655664c84fb3a2c98ec857fca
AXP Alpha Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/axp/update/7.1/n1/htdig-3.1.5-177.alpha.rpm
23233fc040bbb7b7b8e9386e974257e9
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/7.1/zq1/htdig-3.1.5-177.src.rpm
d7362ba99853fe56eb57b5ab71c1b11e
SuSE-7.0
ftp://ftp.suse.com/pub/suse/axp/update/7.0/n2/htdig-3.1.5-177.alpha.rpm
5549cf04c28bd2436f259c22fabd23f3
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/7.0/zq1/htdig-3.1.5-177.src.rpm
ef269335b80344c7e4c9167865c432e4
SuSE-6.4
ftp://ftp.suse.com/pub/suse/axp/update/6.4/n2/htdig-3.1.5-177.alpha.rpm
5ff4ae9cb1845b0d416fe4fee2caf26a
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.4/zq1/htdig-3.1.5-177.src.rpm
ec966adf8722dcf0eefe94356a1b4d9e
SuSE-6.3
ftp://ftp.suse.com/pub/suse/axp/update/6.3/n2/htdig-3.1.5-177.alpha.rpm
ec84394421f9480d13746f8c5ba7416c
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.3/zq1/htdig-3.1.5-177.src.rpm
1f11551d794bcc08f3574af57c6fc2e3
PPC PowerPC Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/n1/htdig-3.1.5-209.ppc.rpm
bb84003b547a0e80133da198de07c1cf
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/zq1/htdig-3.1.5-209.src.rpm
93ad965154d8fe1b24ae15d0881966c8
SuSE-7.0
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/n2/htdig-3.1.5-208.ppc.rpm
dbf2f686bc1bfaf4a59721157afdafb1
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/zq1/htdig-3.1.5-208.src.rpm
70d360499c0bc89e2d90bcf2454e0867
SuSE-6.4
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/n2/htdig-3.1.5-208.ppc.rpm
e9613bc7f5b28240f0aeece14059d976
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/zq1/htdig-3.1.5-208.src.rpm
d4fb3b096ceb3b5cc7d42924a0952863
______________________________________________________________________________
2) Pending vulnerabilities in SuSE Distributions and Workarounds:
- Linux kernel
Security bugs have been found in both the 2.2 and 2.4 kernel series
of all currently supported SuSE Linux distributions (6.3-7.3), including
the freshly appeared SuSE-7.3. These bugs allow a local attacker to gain
root privileges, but there is no remote attack as of now.
As a temporary workaround, it is possible for experienced users of
linux-like systems to disable all setuid bits from all files in the
installed system using a find command with a -exec option.
We are currently in the process of testing the update kernels of both
2.2 (2.2.19) and 2.4 (2.4.13) series to make sure that these update
kernels will have the same level of stability and robustness as expected
from SuSE linux systems. The official kernel rpm packages will be
announced in a SuSE Security announcement during the second half of
this week. In the meanwhile, the directory
ftp://ftp.suse.com/pub/people/mantel/next/ contains the preliminary
update packages for testing (2.2.19 packages will be available shortly).
Please proceed with the update as described in
http://www.suse.de/de/support/security/2001_018_kernel_txt.txt
and report any problems that you may find to feedback(a)suse.de.
- openssh
After stabilizing the openssh package, updates for the distributions
6.4-7.2 are currently being prepared. The update packages fix a security
problem related to the recently discovered problems with source ip
based access restrictions in a user's ~/.ssh/authorized_keys2 file.
The packages will appear shortly on our ftp servers. Please note that
packages for the distributions 6.3 and up including 7.0 containing
cryptographic software are located on the German ftp server ftp.suse.de,
all other packages can be found on ftp.suse.com at the usual location.
Please continue to watch the suse-security-announce mailing list for
new security announcements.
______________________________________________________________________________
3) standard appendix: authenticity verification, additional information
- Package authenticity verification:
SuSE update packages are available on many mirror ftp servers all over
the world. While this service is being considered valuable and important
to the free and open source software community, many users wish to be
sure about the origin of the package and its content before installing
the package. There are two verification methods that can be used
independently from each other to prove the authenticity of a downloaded
file or rpm package:
1) md5sums as provided in the (cryptographically signed) announcement.
2) using the internal gpg signatures of the rpm package.
1) execute the command
md5sum <name-of-the-file.rpm>
after you downloaded the file from a SuSE ftp server or its mirrors.
Then, compare the resulting md5sum with the one that is listed in the
announcement. Since the announcement containing the checksums is
cryptographically signed (usually using the key security(a)suse.de)
the checksums show proof of the authenticity of the package.
We advise against subscribing to lists which cause the
email message containing the announcement to be modified so that
the signature does not match after transport through the mailing
list software.
Downsides: You must be able to verify the authenticity of the
announcement in the first place. If RPM packages are being rebuilt
and a new version of a package is published on the ftp server, all
md5 sums for the files are useless.
2) rpm package signatures provide an easy way to verify the authenticity
of an rpm package. Use the command
rpm -v --checksig <file.rpm>
to verify the signature of the package, where <file.rpm> is the
filename of the rpm package that you have downloaded. Of course,
package authenticity verification can only target an uninstalled rpm
package file.
Prerequisites:
a) gpg is installed
b) The package is signed using a certain key. The public part of this
key must be installed by the gpg program in the directory
~/.gnupg/ under the user's home directory who performs the
signature verification (usually root). You can import the key
that is used by SuSE in rpm packages for SuSE Linux by saving
this announcement to a file ("announcement.txt") and
running the command (do "su -" to be root):
gpg --batch; gpg < announcement.txt | gpg --import
SuSE Linux distributions version 7.1 and thereafter install the
key "build(a)suse.de" upon installation or upgrade, provided that
the package gpg is installed. The file containing the public key
is placed at the toplevel directory of the first CD (pubring.gpg)
and at ftp://ftp.suse.com/pub/suse/pubring.gpg-build.suse.de .
- SuSE runs two security mailing lists to which any interested party may
subscribe:
suse-security(a)suse.com
- general/linux/SuSE security discussion.
All SuSE security announcements are sent to this list.
To subscribe, send an email to
<suse-security-subscribe(a)suse.com>.
suse-security-announce(a)suse.com
- SuSE's announce-only mailing list.
Only SuSE's security annoucements are sent to this list.
To subscribe, send an email to
<suse-security-announce-subscribe(a)suse.com>.
For general information or the frequently asked questions (faq)
send mail to:
<suse-security-info(a)suse.com> or
<suse-security-faq(a)suse.com> respectively.
===================================================
SuSE's security contact is <security(a)suse.com>.
The <security(a)suse.com> public key is listed below.
===================================================
______________________________________________________________________________
The information in this advisory may be distributed or reproduced,
provided that the advisory is not modified in any way. In particular,
it is desired that the cleartext signature shows proof of the
authenticity of the text.
SuSE GmbH makes no warranties of any kind whatsoever with respect
to the information contained in this security advisory.
Type Bits/KeyID Date User ID
pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security(a)suse.de>
pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build(a)suse.de>
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA
BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz
JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh
1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U
P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+
cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg
VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b
yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7
tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ
xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63
Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo
choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI
BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u
v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+
x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0
Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq
MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2
saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o
L0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU
F7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GZkBogQ57vSBEQQAk/GN+ftr
7+DBlSoixDDpfRnUk+jApGEt8hCnrnjVnPs/9Cr33+CXLQbILOO7Y5oiPbJdHh45
t4E0fKyLVzDerCRFB1swz/mNDxT26DLysdBV5fwNHTPhxa67goAZVrehQPqJEckk
IpYriOaYcKpF3n5fQIZMEfMaHEElQhcXML8AoJVXDkJYh7vI8EUB8ZURNLZMEECN
A/sH0MCnb4Q6ZcRyeZ3+1PHP8hP73b6TepRdLZhaylwVF/iu7uIn62ZUL4//NTOC
DY7V63qg4iba/fUbOsWtEnGaiE7mQuAlsSWvRspwRA9/g9rdVf3/JdLJrLmKBThe
yG+PSJE3W7cAE4ZWafGxIRCwXhmj3TQnJn2euqylHRubEQP/aL53NZK0kBdvrKgf
f6O8Of6tqoss8Dkk55I7QVFSp+My1Dn+mngQKFejTAgtyo/WmR3wPjQ9HoT2lRiY
I2lTRYT4uMdHuwVC3b4DqAKmoy375FERwHkrMVyKBJslv8QtbAWw5A1CAUseaHo+
91wmYJ4/4p6YUahqbG/tZyhbxfq0KFN1U0UgUGFja2FnZSBTaWduaW5nIEtleSA8
YnVpbGRAc3VzZS5kZT6IXAQTEQIAHAUCOe70gQUJA8JnAAQLCgMEAxUDAgMWAgEC
F4AACgkQqE7a6JyACspfLACffAYA+NM8NBhyRyH+nTX58CNjwLIAoIx9fj52BJe0
xY7WbKoXs1+72b2AiEYEEBECAAYFAjpwXlIACgkQnkDjEAAKq6TczgCgi+ddhWb7
+FWcfeE6WwPZccqAHowAnjjtRyGwHLQHr5OTFAYTXi2Wv6jNiQEVAwUQOnBgb3ey
5gA9JdPZAQE1pwf/QJ+b34lFBNVUJ7fk/xGJJREt7V12iSafaRzGuH8xWvIz1bb+
VARxnnt16FDQ1cDNjoEhCEmcW83Vxp6iJXE9PE8wVA/Yue/bon5JS7J69+UiQ2eq
2pudfwljp52lYVM53jgPYEz0q/v3091nlZ8CYkAkN9JDS1lV1gEzJ7J0+POngDpU
+lDQT2EC6VKaxeWK8pNt6UFDwICRDQxKnlOoiDvTrdWT7QdJZ4sPv8Qotdw9+tKN
bWQ2DqdIRxyTdw9xDfAtcj6mXeQr7852Lwem1gSKVnEYHZ9g1FTJqVOutY8KhpUc
9RfOCRv8XuIxrs4KSbfSF0s8qIRCQelxufg9AbkCDQQ57vSSEAgAhJHQTejMX+Vr
6g1pHDEcusJ63fQ2CfFFE5iE9okH9O7UVCiSfb9CV38dmeHdPCEEjDUWquFYEnvj
3WICMtH249t1Ymuf4Du3yRKQ9oXdn/qTJzlrx9qzjiG3mH7ocwHOgUIwCrZoEdBE
VE2n0zPVm+hddwjWWTWXw6pxQz+i9dsN89xexRV5M9O0bNwCLaNWX2GXeLAkqTK/
9EuZy6x2yLxi6du9YYUAXkZpqBhCjtiUXpRoFCdglMznbcAyCk9C2wqb2j/D1Z2B
eSBaGCSFkR6pRLebnE17LWcu72Iy+r0z+JecbPiyDpDZj4apn7IC81aNFGi7fNIT
sHODbwwjiwADBgf/YPvVdzkc8OC7ztacEWCanwylKvxCdKzTDA+DfES6WUYShyiV
JvZzRy25LJ5WcK20kzOS6Qv1OrIXiz/pdGy1aKtJZrAnFEsofpmOj8VoqyyFgp/y
AGQBp12+mXek7SCZRhuqalDfEMRiWEJ6J5dLkyShyRDWyPbFh0HXE7QTHN+IKKxx
QqNQXL6Z3NSxS61p+5n6BseiDUI39xxkKTFwFrkgUIc5Gs2Or2lhaWvGwSfoCmwb
sklszZt6xbU+R0SjFqTvjPWx6eHfqbmNC9WMDdTjGrXDDKXFp2aYlokfN6It9vsb
VlGNlOwHt/JjGoPMxW6Xqj0FLA7/VewgCdXW64hMBBgRAgAMBQI57vSSBQkDwmcA
AAoJEKhO2uicgArKSyIAmwUHf/vtKQfcmVg4asR7U6XQl0bAAJ4pO22B5U8UH6IY
l2LBCXFqw5+5fA==
=Jnnf
- -----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
iQEVAwUBO9aUuHey5gA9JdPZAQGQFwf+POKl6JgY4wDKqXwjnEFhP3Z41bOAyOo4
rvlInEHsikNSppBLqxlhME9v6Xm7AvMO/mNam6sXkLH6L6ZTq+pRlLCnleXZl6rD
D9JIaS2G4ehOuaPJtadGxgS7cucti+NZmCxzRZueYqmQgz/TBLqW8qb+81J2PW/g
kDDRLZM81FhspTSQreUPPzm+z6tm6L3y6hw3cZ1nfKplghDyDEeZrG1LjXatse9U
xcvEEkFAo4MZkl1cbrvlcGImc2oXhQtjuRl32f4WDK3HwQLx74Z+ah6cPV/qa6Td
eFnrBFcw22Hqx7FH/+1vtjO1kHgvWWigp9BlBJaG/PFQNTYfJ/H5MQ==
=hfON
-----END PGP SIGNATURE-----
Bye,
Thomas
--
Thomas Biege, SuSE GmbH, Schanzaeckerstr. 10, 90443 Nuernberg
E@mail: thomas(a)suse.de Function: Security Support & Auditing
"lynx -source http://www.suse.de/~thomas/contact/thomas.asc | pgp -fka"
Key fingerprint = 51 AD B9 C7 34 FC F2 54 01 4A 1C D4 66 64 09 84
1
0
23 Oct '01
-----BEGIN PGP SIGNED MESSAGE-----
______________________________________________________________________________
SuSE Security Announcement
Package: shadow/login
Announcement-ID: SuSE-SA:2001:034
Date: Tuesday, Oct 23rd 2001 18:00 MEST
Affected SuSE versions: 6.3, 6.4, 7.0, 7.1, 7.2, 7.3
Vulnerability Type: local privilege escalation
Severity (1-10): 2
SuSE default package: yes
Other affected systems: most linux systems, common problem on
linux-like systems.
Content of this advisory:
1) security vulnerability resolved: shadow/login
problem description, discussion, solution and upgrade information
2) pending vulnerabilities, solutions, workarounds
3) standard appendix (further information)
______________________________________________________________________________
1) problem description, brief discussion, solution, upgrade information
Multiple Linux vendors have issued security announcements about failures
of the /bin/login program to properly initialize the privileges of an
authenticated user if the PAM module pam_limits is enabled.
The bug has been categorized as a sequence bug, and is located in the
code of the login program itself: A call to getpwnam(3) returns a pointer
to a struct passwd, and the data is being used. Then, a call to PAM
routines cause getpwnam(3) to be called again, but beyond the programmer's
control or knowledge. The pointer as returned by the first getpwnam(3)
remains the same, but the data may be different. By consequence, the
data is in an undefined state. The error appears with the pam_limits
PAM module only because other PAM modules do not call getpwnam(3).
SuSE developers did not succeed in reproducing the error on SuSE Linux
installations since SuSE distributions do not come with the standard
login implementation from the util-linux collection. Instead, a version
maintained by Thorsten Kukuk <kukuk(a)suse.de> is used. This login
implementation may cause wrong group IDs to be set in very rare cases.
The harm of this bug is therefore considerably small on SuSE Linux.
However, we provide fixed rpm packages that remedy the problem. Since
the bug is not limited to the login program but to all programs that
authenticate users, more security announcements in this field are to
be expected. The Linux vendors cooperate to share the workload that
results from the audit of these programs.
To install the updates, please download the update package for your
distribution and use the command 'rpm -Uhv file.rpm' to apply the update.
Please run "SuSEconfig" after performing the package update to make sure
that the permissions of your files are configured as the security
settings of your installation define. Alternatively, if you have disabled
SuSEconfig, check for the permissions of the files /usr/bin/chage,
/usr/bin/chfn, /usr/bin/chsh, /usr/bin/expiry, /usr/bin/gpasswd and
/usr/bin/passwd to suit your needs. Setting these executeables to 4755
owned by root enables their functionality, removing the setuid bit
(chmod -s) disables it.
i386 Intel Platform:
SuSE-7.3
ftp://ftp.suse.com/pub/suse/i386/update/7.3/a1/shadow-20000902-144.i386.rpm
9380496a4a248aeac73d7136de381348
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.3/zq1/shadow-20000902-144.src.rpm
b595cea811bb92aa895974aee2fd5968
SuSE-7.2
ftp://ftp.suse.com/pub/suse/i386/update/7.2/a1/shadow-20000902-145.i386.rpm
18e33d4b728b49403c2679c560b52f06
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.2/zq1/shadow-20000902-145.src.rpm
0d9fb9cec79cdd4671306658a103fc6b
SuSE-7.1
ftp://ftp.suse.com/pub/suse/i386/update/7.1/a1/shadow-20000902-145.i386.rpm
a5b2177d66048f988249e0acbc9648bf
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.1/zq1/shadow-20000902-145.src.rpm
4525572bf268b73004774a25d7f5de2a
SuSE-7.0
ftp://ftp.suse.com/pub/suse/i386/update/7.0/a1/shadow-19990827-170.i386.rpm
2be3765b08ce9d94abbd4932dbe3f39b
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.0/zq1/shadow-19990827-170.src.rpm
97935450371dde96cb92134ab8596b85
SuSE-6.4
ftp://ftp.suse.com/pub/suse/i386/update/6.4/a1/shadow-19990827-145.i386.rpm
c6d07aa8662e00d501f9fbb9d57f71bb
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.4/zq1/shadow-19990827-145.src.rpm
79d9e99e67fcd23d64508eafe5070b36
SuSE-6.3
ftp://ftp.suse.com/pub/suse/i386/update/6.3/a1/shadow-19990827-145.i386.rpm
82c4466697251685c5f1fa733c0ad4e2
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.3/zq1/shadow-19990827-145.src.rpm
bac32336670e134146af62886e3d477e
Sparc Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/sparc/update/7.1/a1/shadow-20000902-92.sparc.rpm
3e63326bd5dd2dd3e9d8175b6db918e0
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.1/zq1/shadow-20000902-92.src.rpm
c95b2761cc4d9b417394a550d43716ca
SuSE-7.0
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/a1/shadow-19990827-2.sparc.rpm
5ce1d42bb0e5a6677666390b9980de5d
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/zq1/shadow-19990827-2.src.rpm
622dc8e8c6d6bf90f09d79b144a20533
AXP Alpha Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/axp/update/7.1/a1/shadow-20000902-88.alpha.rpm
ed882226bcb5241e105fb0f6466bf476
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/7.1/zq1/shadow-20000902-88.src.rpm
b70743683ca521d66be357b90baff035
SuSE-7.0
ftp://ftp.suse.com/pub/suse/axp/update/7.0/a1/shadow-19990827-74.alpha.rpm
778ebfcaacc9087e6c781f6a10a68a75
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/7.0/zq1/shadow-19990827-74.src.rpm
68d957bf5d0cc942e12501056d05f0bd
SuSE-6.4
ftp://ftp.suse.com/pub/suse/axp/update/6.4/a1/shadow-19990827-74.alpha.rpm
e7646c335fa009506535412daf344480
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.4/zq1/shadow-19990827-74.src.rpm
3d748914265b37b15b42687e5ff87945
SuSE-6.3
ftp://ftp.suse.com/pub/suse/axp/update/6.3/a1/shadow-19990827-74.alpha.rpm
c1cb80bb6d7a15a445550c739ced029b
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.3/zq1/shadow-19990827-74.src.rpm
0b05d59fffc9ff8bd1cb922df7a84fac
PPC Power PC Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/a1/shadow-20000902-61.ppc.rpm
a1dbc8bb966db28469fabe583d157bed
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/zq1/shadow-20000902-61.src.rpm
2b2f0fbcb842149cb095fff125f54279
SuSE-7.0
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/a1/shadow-19990827-182.ppc.rpm
d55986fc84158f06dcbfea0c7812037f
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/zq1/shadow-19990827-182.src.rpm
dc84f0301b4a4daeae1fb6465f0d16c1
SuSE-6.4
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/a1/shadow-19990827-182.ppc.rpm
3d7e644c70e6d98944ff623b24bbfde0
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/zq1/shadow-19990827-182.src.rpm
646985dc82d9845832db6863fba9442d
______________________________________________________________________________
2) Pending vulnerabilities in SuSE Distributions and Workarounds:
- Linux kernel
Security bugs have been found in both the 2.2 and 2.4 kernel series
of all currently supported SuSE Linux distributions (6.3-7.3), including
the freshly appeared SuSE-7.3. These bugs allow a local attacker to gain
root privileges, but there is no remote attack as of now.
As a temporary workaround, it is possible for experienced users of
linux-like systems to disable all setuid bits from all files in the
installed system using a find command with a -exec option.
We are currently in the process of testing the update kernels of both
2.2 (2.2.19) and 2.4 (2.4.13) series to make sure that these update
kernels will have the same level of stability and robustness as expected
from SuSE linux systems. The official kernel rpm packages will be
announced in a SuSE Security announcement during the second half of
this week. In the meanwhile, the directory
ftp://ftp.suse.com/pub/people/mantel/next/ contains the preliminary
update packages for testing (2.2.19 packages will be available shortly).
Please proceed with the update as described in
http://www.suse.de/de/support/security/2001_018_kernel_txt.txt
and report any problems that you may find to feedback(a)suse.de.
- openssh
After stabilizing the openssh package, updates for the distributions
6.4-7.2 are currently being prepared. The update packages fix a security
problem related to the recently discovered problems with source ip
based access restrictions in a user's ~/.ssh/authorized_keys2 file.
The packages will appear shortly on our ftp servers. Please note that
packages for the distributions 6.3 and up including 7.0 containing
cryptographic software are located on the German ftp server ftp.suse.de,
all other packages can be found on ftp.suse.com at the usual location.
- htdig (ht://Dig)
htdig, a powerful indexing and information gathering tool for a webserver,
has been found vulnerable to a weakness where commandline options can
be passed on to the cgi program as a result of weak runtime environment
checking. The security announcement by Thomas Biege is waiting for the
update packages to reach the ftp-server (currently transferring).
Please continue to watch the suse-security-announce mailing list for
new security announcements.
______________________________________________________________________________
3) standard appendix: authenticity verification, additional information
- Package authenticity verification:
SuSE update packages are available on many mirror ftp servers all over
the world. While this service is being considered valuable and important
to the free and open source software community, many users wish to be
sure about the origin of the package and its content before installing
the package. There are two verification methods that can be used
independently from each other to prove the authenticity of a downloaded
file or rpm package:
1) md5sums as provided in the (cryptographically signed) announcement.
2) using the internal gpg signatures of the rpm package.
1) execute the command
md5sum <name-of-the-file.rpm>
after you downloaded the file from a SuSE ftp server or its mirrors.
Then, compare the resulting md5sum with the one that is listed in the
announcement. Since the announcement containing the checksums is
cryptographically signed (usually using the key security(a)suse.de)
the checksums show proof of the authenticity of the package.
We disrecommend to subscribe to security lists which cause the
email message containing the announcement to be modified so that
the signature does not match after transport through the mailing
list software.
Downsides: You must be able to verify the authenticity of the
announcement in the first place. If RPM packages are being rebuilt
and a new version of a package is published on the ftp server, all
md5 sums for the files are useless.
2) rpm package signatures provide an easy way to verify the authenticity
of an rpm package. Use the command
rpm -v --checksig <file.rpm>
to verify the signature of the package, where <file.rpm> is the
filename of the rpm package that you have downloaded. Of course,
package authenticity verification can only target an uninstalled rpm
package file.
Prerequisites:
a) gpg is installed
b) The package is signed using a certain key. The public part of this
key must be installed by the gpg program in the directory
~/.gnupg/ under the user's home directory who performs the
signature verification (usually root). You can import the key
that is used by SuSE in rpm packages for SuSE Linux by saving
this announcement to a file ("announcement.txt") and
running the command (do "su -" to be root):
gpg --batch; gpg < announcement.txt | gpg --import
SuSE Linux distributions version 7.1 and thereafter install the
key "build(a)suse.de" upon installation or upgrade, provided that
the package gpg is installed. The file containing the public key
is placed at the toplevel directory of the first CD (pubring.gpg)
and at ftp://ftp.suse.com/pub/suse/pubring.gpg-build.suse.de .
- SuSE runs two security mailing lists to which any interested party may
subscribe:
suse-security(a)suse.com
- general/linux/SuSE security discussion.
All SuSE security announcements are sent to this list.
To subscribe, send an email to
<suse-security-subscribe(a)suse.com>.
suse-security-announce(a)suse.com
- SuSE's announce-only mailing list.
Only SuSE's security annoucements are sent to this list.
To subscribe, send an email to
<suse-security-announce-subscribe(a)suse.com>.
For general information or the frequently asked questions (faq)
send mail to:
<suse-security-info(a)suse.com> or
<suse-security-faq(a)suse.com> respectively.
===================================================
SuSE's security contact is <security(a)suse.com>.
The <security(a)suse.com> public key is listed below.
===================================================
______________________________________________________________________________
The information in this advisory may be distributed or reproduced,
provided that the advisory is not modified in any way. In particular,
it is desired that the cleartext signature shows proof of the
authenticity of the text.
SuSE GmbH makes no warranties of any kind whatsoever with respect
to the information contained in this security advisory.
Type Bits/KeyID Date User ID
pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security(a)suse.de>
pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build(a)suse.de>
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA
BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz
JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh
1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U
P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+
cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg
VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b
yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7
tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ
xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63
Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo
choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI
BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u
v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+
x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0
Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq
MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2
saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o
L0oixF12CpkBogQ57vSBEQQAk/GN+ftr7+DBlSoixDDpfRnUk+jApGEt8hCnrnjV
nPs/9Cr33+CXLQbILOO7Y5oiPbJdHh45t4E0fKyLVzDerCRFB1swz/mNDxT26DLy
sdBV5fwNHTPhxa67goAZVrehQPqJEckkIpYriOaYcKpF3n5fQIZMEfMaHEElQhcX
ML8AoJVXDkJYh7vI8EUB8ZURNLZMEECNA/sH0MCnb4Q6ZcRyeZ3+1PHP8hP73b6T
epRdLZhaylwVF/iu7uIn62ZUL4//NTOCDY7V63qg4iba/fUbOsWtEnGaiE7mQuAl
sSWvRspwRA9/g9rdVf3/JdLJrLmKBTheyG+PSJE3W7cAE4ZWafGxIRCwXhmj3TQn
Jn2euqylHRubEQP/aL53NZK0kBdvrKgff6O8Of6tqoss8Dkk55I7QVFSp+My1Dn+
mngQKFejTAgtyo/WmR3wPjQ9HoT2lRiYI2lTRYT4uMdHuwVC3b4DqAKmoy375FER
wHkrMVyKBJslv8QtbAWw5A1CAUseaHo+91wmYJ4/4p6YUahqbG/tZyhbxfq0KFN1
U0UgUGFja2FnZSBTaWduaW5nIEtleSA8YnVpbGRAc3VzZS5kZT6IXAQTEQIAHAUC
Oe70gQUJA8JnAAQLCgMEAxUDAgMWAgECF4AACgkQqE7a6JyACspfLACffAYA+NM8
NBhyRyH+nTX58CNjwLIAoIx9fj52BJe0xY7WbKoXs1+72b2AiEYEEBECAAYFAjpw
XlIACgkQnkDjEAAKq6TczgCgi+ddhWb7+FWcfeE6WwPZccqAHowAnjjtRyGwHLQH
r5OTFAYTXi2Wv6jNiQEVAwUQOnBgb3ey5gA9JdPZAQE1pwf/QJ+b34lFBNVUJ7fk
/xGJJREt7V12iSafaRzGuH8xWvIz1bb+VARxnnt16FDQ1cDNjoEhCEmcW83Vxp6i
JXE9PE8wVA/Yue/bon5JS7J69+UiQ2eq2pudfwljp52lYVM53jgPYEz0q/v3091n
lZ8CYkAkN9JDS1lV1gEzJ7J0+POngDpU+lDQT2EC6VKaxeWK8pNt6UFDwICRDQxK
nlOoiDvTrdWT7QdJZ4sPv8Qotdw9+tKNbWQ2DqdIRxyTdw9xDfAtcj6mXeQr7852
Lwem1gSKVnEYHZ9g1FTJqVOutY8KhpUc9RfOCRv8XuIxrs4KSbfSF0s8qIRCQelx
ufg9AbkCDQQ57vSSEAgAhJHQTejMX+Vr6g1pHDEcusJ63fQ2CfFFE5iE9okH9O7U
VCiSfb9CV38dmeHdPCEEjDUWquFYEnvj3WICMtH249t1Ymuf4Du3yRKQ9oXdn/qT
Jzlrx9qzjiG3mH7ocwHOgUIwCrZoEdBEVE2n0zPVm+hddwjWWTWXw6pxQz+i9dsN
89xexRV5M9O0bNwCLaNWX2GXeLAkqTK/9EuZy6x2yLxi6du9YYUAXkZpqBhCjtiU
XpRoFCdglMznbcAyCk9C2wqb2j/D1Z2BeSBaGCSFkR6pRLebnE17LWcu72Iy+r0z
+JecbPiyDpDZj4apn7IC81aNFGi7fNITsHODbwwjiwADBgf/YPvVdzkc8OC7ztac
EWCanwylKvxCdKzTDA+DfES6WUYShyiVJvZzRy25LJ5WcK20kzOS6Qv1OrIXiz/p
dGy1aKtJZrAnFEsofpmOj8VoqyyFgp/yAGQBp12+mXek7SCZRhuqalDfEMRiWEJ6
J5dLkyShyRDWyPbFh0HXE7QTHN+IKKxxQqNQXL6Z3NSxS61p+5n6BseiDUI39xxk
KTFwFrkgUIc5Gs2Or2lhaWvGwSfoCmwbsklszZt6xbU+R0SjFqTvjPWx6eHfqbmN
C9WMDdTjGrXDDKXFp2aYlokfN6It9vsbVlGNlOwHt/JjGoPMxW6Xqj0FLA7/Vewg
CdXW64hMBBgRAgAMBQI57vSSBQkDwmcAAAoJEKhO2uicgArKSyIAmwUHf/vtKQfc
mVg4asR7U6XQl0bAAJ4pO22B5U8UH6IYl2LBCXFqw5+5fA==
=rVRn
- -----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
iQEVAwUBO9WaOXey5gA9JdPZAQFRVgf/Q7zvHx1SKSCitzYdZQooGzusMXsKYAK7
9SKLql13Bzv0DKSMAUfhjbyjQ/jN9DSMLzFNUT4k1AYoN6rxcHEpGvGq+dvBI1ka
uDuuO0gMOofsQYHbCK3jxMpCpmPv2i5DUKmTr3JTQ4CL+4a/AiwmoGJjv3S39YFN
OEe2B3b0rU/3rv04HSR70SNtzNd7hyrLnJu/f9FkaNTJbq+AIsz76uXHBhg2xfuo
Niq6DaozXvJh9eg/0NgsxtXYgQk1XIUHrWgSdChq4n2NbTI/ZOJB1Jwsd8819OLy
dKE4vIP+Ou3u8RqIP/pjf21REqqhezPtSavpLX6+36OyzaskmyG11w==
=k7ul
-----END PGP SIGNATURE-----
1
0
-----BEGIN PGP SIGNED MESSAGE-----
______________________________________________________________________________
SuSE Security Announcement
Package: lprold
Announcement-ID: SuSE-SA:2001:033
Date: Wed Oct 10 11:03:12 GMT 2001
Affected SuSE versions: [6.1, 6.2,] 6.3, 6.4, 7.0, 7.1, 7.2
Vulnerability Type: bufferoverflow/local privilege escalation
Severity (1-10): 6
SuSE default package: yes
Other affected systems: Other Linux distributions, *BSD
Content of this advisory:
1) security vulnerability resolved: Several problems in lprold
problem description, discussion, solution and upgrade information
2) pending vulnerabilities, solutions, workarounds
3) standard appendix (further information)
______________________________________________________________________________
1) problem description, brief discussion, solution, upgrade information
ISS X-Force reported an overflow in BSD's lineprinter daemon shipped with
the lprold package in SuSE Linux. Due to missing bounds checks in the
lockfile processing function, internal buffers may overflow. Bounds checks
have been added to fix that problem.
Additionally the SuSE Security Team uncovered other security releated bugs
in lpd while analyzing lpd source after receiving the X-Force advisory.
These bugs allows users on machines listed in /etc/hosts.lpd or
/etc/hosts.equiv to chown any file on the system running lpd to any user.
In order to trigger any of the fixed bugs (including the overflow) the
attackers machine must be listed in one of these two access-files and the
attacker usually needs root on these machines due to the privileged-port
requirement.
Please download the packages and verify them as described in section 3.
After successful authentication you can update your packages with
the command `rpm -Uhv file.rpm'.
As root invoke the command "/etc/rc.d/lpd stop" to shutdown the old lpd
daemon and "/etc/rc.d/lpd start" afterwards to start the patched daemon.
i386 Intel Platform:
SuSE-7.2
ftp://ftp.suse.com/pub/suse/i386/update/7.2/n1/lprold-3.0.48-272.i386.rpm
23b8251411a557563cb314102f405d31
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.2/zq1/lprold-3.0.48-272.src.rpm
ff590e05f2a7c85e9d234bd32d12b13a
SuSE-7.1
ftp://ftp.suse.com/pub/suse/i386/update/7.1/n1/lprold-3.0.48-275.i386.rpm
b6efc424262ec9aaa39ac84f230b3df2
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.1/zq1/lprold-3.0.48-275.src.rpm
5a95de121c7520bf33620dddbfdda611
SuSE-7.0
ftp://ftp.suse.com/pub/suse/i386/update/7.0/n1/lprold-3.0.48-275.i386.rpm
10792a921880048970f40470f1b94330
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.0/zq1/lprold-3.0.48-275.src.rpm
094b06515dfd865c6dffedf70de5e6cc
SuSE-6.4
ftp://ftp.suse.com/pub/suse/i386/update/6.4/n1/lprold-3.0.48-275.i386.rpm
da1b920d23694a807f91c74301b47ced
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.4/zq1/lprold-3.0.48-275.src.rpm
c2c45f04a2d44e374689346f488e8c52
SuSE-6.3
ftp://ftp.suse.com/pub/suse/i386/update/6.3/n1/lprold-3.0.48-275.i386.rpm
8f7c5538e878f197de1e6dacdb6a8479
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.3/zq1/lprold-3.0.48-275.src.rpm
d13f74f6449ee40b98b2ed0e42e9d2ec
Sparc Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/sparc/update/7.1/n1/lprold-3.0.48-216.sparc.rpm
78a947db44bc4a41cb33eee1b931b99e
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.1/zq1/lprold-3.0.48-216.src.rpm
2c873632eaa6f01efb45cba3f1308cd3
SuSE-7.0
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/n1/lprold-3.0.48-216.sparc.rpm
45320846ee6143fdfc27a7d578f630bd
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/zq1/lprold-3.0.48-216.src.rpm
1be6f31b6924f81fb965b0dce053f6cb
AXP Alpha Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/axp/update/7.1/n1/lprold-3.0.48-215.alpha.rpm
94af7565e8920cdce6e1e7c51f562fba
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/7.1/zq1/lprold-3.0.48-215.src.rpm
0757d322145ef6c2179c8e31b1169cd2
SuSE-7.0
ftp://ftp.suse.com/pub/suse/axp/update/7.0/n1/lprold-3.0.48-215.alpha.rpm
3c6a2b2b21fcc1b94974aca6c5930e98
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/7.0/zq1/lprold-3.0.48-215.src.rpm
0222dec4d0287b9f1f267b86e8e8a4dd
SuSE-6.4
ftp://ftp.suse.com/pub/suse/axp/update/6.4/n1/lprold-3.0.48-215.alpha.rpm
f4c618b43a95bd94ed679c1c2119a7aa
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.4/zq1/lprold-3.0.48-215.src.rpm
0430ec91e7515d79326ed16f492ea60e
SuSE-6.3
ftp://ftp.suse.com/pub/suse/axp/update/6.3/n1/lprold-3.0.48-215.alpha.rpm
68a8b9a26e17ed5183b8385be349c6a9
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.3/zq1/lprold-3.0.48-215.src.rpm
582d925d8328f79bc566dddcc62f763b
Power PC Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/n1/lprold-3.0.48-200.ppc.rpm
3c16c1975b8f9dae3ccfb67dd5f462db
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/zq1/lprold-3.0.48-200.src.rpm
37b0d3534e39273e158eba42f75f8e31
SuSE-7.0
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/n1/lprold-3.0.48-200.ppc.rpm
d0e5a115d8991e711ef75fc8b06e1d97
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/zq1/lprold-3.0.48-200.src.rpm
e4d589e9225365b103b502a26d0fd73f
SuSE-6.4
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/n1/lprold-3.0.48-200.ppc.rpm
f8e7557f995388564f98e9bae4708e4e
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/zq1/lprold-3.0.48-200.src.rpm
78a647beeaf5a5541cb15aa6435ba65e
______________________________________________________________________________
2) Pending vulnerabilities in SuSE Distributions and Workarounds:
- sftp/openssh:
Our last announcement SuSE-SA:2001:032 about WindowMaker claimed
that the openssh packages on SuSE distributions do not contain the
sftp-server as described by Peter W <peterw(a)usa.net> on the bugtraq
mailing list. This is wrong: The program is indeed included on all
recent openssh packages of SuSE Linux distributions, starting with
SuSE Linux 6.4 where the openssh package appeared first.
We will provide fixes for the distributions 6.4 through 7.2 as soon as
possible on our ftp server (ftp.suse.de for 6.4-7.0, ftp.suse.com for
7.1 and newer) and announce these fixes in the section 2) of an
upcoming security announcement.
Please note that this error has been corrected shortly before the
release of the upcoming SuSE Linux 7.3 which will arrive in the stores
by the end of this week.
We apologize for this error (Roman Drahtmueller, SuSE Security).
- squid
Malformed requests on the client side can cause the squid proxy server
to die, resulting in a denial of service attack that can be launched
from the internal network if squid is used at the edge of an internal
network to proxy requests to the internet.
We are in the process of testing the update packages that are
available on the ftp server shortly. SuSE Security will issue a
dedicated announcement for this issue shortly.
- devfs/kernel
SuSE Linux ships the userspace utilities for the use of the devfs
filesystem in the linux kernel, but neither the utilities nor the
filesystem interface for device files itself have been used in SuSE
Linux up to date. The decision to not actively use devfsd in the
distribution framework is based on security considerations.
For these reasons, SuSE products are not susceptible to the lately
found security problems in the devfs implementation.
______________________________________________________________________________
3) standard appendix: authenticity verification, additional information
- Package authenticity verification:
SuSE update packages are available on many mirror ftp servers all over
the world. While this service is being considered valuable and important
to the free and open source software community, many users wish to be
sure about the origin of the package and its content before installing
the package. There are two verification methods that can be used
independently from each other to prove the authenticity of a downloaded
file or rpm package:
1) md5sums as provided in the (cryptographically signed) announcement.
2) using the internal gpg signatures of the rpm package.
1) execute the command
md5sum <name-of-the-file.rpm>
after you downloaded the file from a SuSE ftp server or its mirrors.
Then, compare the resulting md5sum with the one that is listed in the
announcement. Since the announcement containing the checksums is
cryptographically signed (usually using the key security(a)suse.de)
the checksums show proof of the authenticity of the package.
We disrecommend to subscribe to security lists which cause the
email message containing the announcement to be modified so that
the signature does not match after transport through the mailing
list software.
Downsides: You must be able to verify the authenticity of the
announcement in the first place. If RPM packages are being rebuilt
and a new version of a package is published on the ftp server, all
md5 sums for the files are useless.
2) rpm package signatures provide an easy way to verify the authenticity
of an rpm package. Use the command
rpm -v --checksig <file.rpm>
to verify the signature of the package, where <file.rpm> is the
filename of the rpm package that you have downloaded. Of course,
package authenticity verification can only target an uninstalled rpm
package file.
Prerequisites:
a) gpg is installed
b) The package is signed using a certain key. The public part of this
key must be installed by the gpg program in the directory
~/.gnupg/ under the user's home directory who performs the
signature verification (usually root). You can import the key
that is used by SuSE in rpm packages for SuSE Linux by saving
this announcement to a file ("announcement.txt") and
running the command (do "su -" to be root):
gpg --batch; gpg < announcement.txt | gpg --import
SuSE Linux distributions version 7.1 and thereafter install the
key "build(a)suse.de" upon installation or upgrade, provided that
the package gpg is installed. The file containing the public key
is placed at the toplevel directory of the first CD (pubring.gpg)
and at ftp://ftp.suse.com/pub/suse/pubring.gpg-build.suse.de .
- SuSE runs two security mailing lists to which any interested party may
subscribe:
suse-security(a)suse.com
- general/linux/SuSE security discussion.
All SuSE security announcements are sent to this list.
To subscribe, send an email to
<suse-security-subscribe(a)suse.com>.
suse-security-announce(a)suse.com
- SuSE's announce-only mailing list.
Only SuSE's security annoucements are sent to this list.
To subscribe, send an email to
<suse-security-announce-subscribe(a)suse.com>.
For general information or the frequently asked questions (faq)
send mail to:
<suse-security-info(a)suse.com> or
<suse-security-faq(a)suse.com> respectively.
===================================================
SuSE's security contact is <security(a)suse.com>.
The <security(a)suse.com> public key is listed below.
===================================================
______________________________________________________________________________
The information in this advisory may be distributed or reproduced,
provided that the advisory is not modified in any way. In particular,
it is desired that the cleartext signature shows proof of the
authenticity of the text.
SuSE GmbH makes no warranties of any kind whatsoever with respect
to the information contained in this security advisory.
Type Bits/KeyID Date User ID
pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security(a)suse.de>
pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build(a)suse.de>
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA
BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz
JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh
1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U
P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+
cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg
VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b
yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7
tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ
xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63
Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo
choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI
BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u
v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+
x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0
Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq
MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2
saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o
L0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU
F7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GZkBogQ57vSBEQQAk/GN+ftr
7+DBlSoixDDpfRnUk+jApGEt8hCnrnjVnPs/9Cr33+CXLQbILOO7Y5oiPbJdHh45
t4E0fKyLVzDerCRFB1swz/mNDxT26DLysdBV5fwNHTPhxa67goAZVrehQPqJEckk
IpYriOaYcKpF3n5fQIZMEfMaHEElQhcXML8AoJVXDkJYh7vI8EUB8ZURNLZMEECN
A/sH0MCnb4Q6ZcRyeZ3+1PHP8hP73b6TepRdLZhaylwVF/iu7uIn62ZUL4//NTOC
DY7V63qg4iba/fUbOsWtEnGaiE7mQuAlsSWvRspwRA9/g9rdVf3/JdLJrLmKBThe
yG+PSJE3W7cAE4ZWafGxIRCwXhmj3TQnJn2euqylHRubEQP/aL53NZK0kBdvrKgf
f6O8Of6tqoss8Dkk55I7QVFSp+My1Dn+mngQKFejTAgtyo/WmR3wPjQ9HoT2lRiY
I2lTRYT4uMdHuwVC3b4DqAKmoy375FERwHkrMVyKBJslv8QtbAWw5A1CAUseaHo+
91wmYJ4/4p6YUahqbG/tZyhbxfq0KFN1U0UgUGFja2FnZSBTaWduaW5nIEtleSA8
YnVpbGRAc3VzZS5kZT6IXAQTEQIAHAUCOe70gQUJA8JnAAQLCgMEAxUDAgMWAgEC
F4AACgkQqE7a6JyACspfLACffAYA+NM8NBhyRyH+nTX58CNjwLIAoIx9fj52BJe0
xY7WbKoXs1+72b2AiEYEEBECAAYFAjpwXlIACgkQnkDjEAAKq6TczgCgi+ddhWb7
+FWcfeE6WwPZccqAHowAnjjtRyGwHLQHr5OTFAYTXi2Wv6jNiQEVAwUQOnBgb3ey
5gA9JdPZAQE1pwf/QJ+b34lFBNVUJ7fk/xGJJREt7V12iSafaRzGuH8xWvIz1bb+
VARxnnt16FDQ1cDNjoEhCEmcW83Vxp6iJXE9PE8wVA/Yue/bon5JS7J69+UiQ2eq
2pudfwljp52lYVM53jgPYEz0q/v3091nlZ8CYkAkN9JDS1lV1gEzJ7J0+POngDpU
+lDQT2EC6VKaxeWK8pNt6UFDwICRDQxKnlOoiDvTrdWT7QdJZ4sPv8Qotdw9+tKN
bWQ2DqdIRxyTdw9xDfAtcj6mXeQr7852Lwem1gSKVnEYHZ9g1FTJqVOutY8KhpUc
9RfOCRv8XuIxrs4KSbfSF0s8qIRCQelxufg9AbkCDQQ57vSSEAgAhJHQTejMX+Vr
6g1pHDEcusJ63fQ2CfFFE5iE9okH9O7UVCiSfb9CV38dmeHdPCEEjDUWquFYEnvj
3WICMtH249t1Ymuf4Du3yRKQ9oXdn/qTJzlrx9qzjiG3mH7ocwHOgUIwCrZoEdBE
VE2n0zPVm+hddwjWWTWXw6pxQz+i9dsN89xexRV5M9O0bNwCLaNWX2GXeLAkqTK/
9EuZy6x2yLxi6du9YYUAXkZpqBhCjtiUXpRoFCdglMznbcAyCk9C2wqb2j/D1Z2B
eSBaGCSFkR6pRLebnE17LWcu72Iy+r0z+JecbPiyDpDZj4apn7IC81aNFGi7fNIT
sHODbwwjiwADBgf/YPvVdzkc8OC7ztacEWCanwylKvxCdKzTDA+DfES6WUYShyiV
JvZzRy25LJ5WcK20kzOS6Qv1OrIXiz/pdGy1aKtJZrAnFEsofpmOj8VoqyyFgp/y
AGQBp12+mXek7SCZRhuqalDfEMRiWEJ6J5dLkyShyRDWyPbFh0HXE7QTHN+IKKxx
QqNQXL6Z3NSxS61p+5n6BseiDUI39xxkKTFwFrkgUIc5Gs2Or2lhaWvGwSfoCmwb
sklszZt6xbU+R0SjFqTvjPWx6eHfqbmNC9WMDdTjGrXDDKXFp2aYlokfN6It9vsb
VlGNlOwHt/JjGoPMxW6Xqj0FLA7/VewgCdXW64hMBBgRAgAMBQI57vSSBQkDwmcA
AAoJEKhO2uicgArKSyIAmwUHf/vtKQfcmVg4asR7U6XQl0bAAJ4pO22B5U8UH6IY
l2LBCXFqw5+5fA==
=Jnnf
- -----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
iQEVAwUBO8RjQney5gA9JdPZAQEjQgf/Yde5k2vp9OrhOOPej9TRsHqrnxv+5aPt
+45DjrDbcaNT2Yxv6ctOoyqt0g79oLjvFctwCqPd13tiGiwlMRdGFcX4gpA8+KPk
4snyEnlYPAjAHLtpY2/Y77L6DjLH5609CpCjv1Es+kVq6DM7wARXOo98sPenLLd4
BTQAlbgIC45ZvULafHpD4Rk1713vzfme9+ukLCfWAUj+cVv5gyjEJSXgqw9qxuU5
Rw+oilh+ll3z/772xdHnz3Vu5cP/NLaZRCsqllAXeNZ8nBOPt/D1XWha5hDlB9LC
19aVcVxinqkYrXQncOaXTgUTcJ9nZGbDx+KETzSOzbOwR1GD4Kbesw==
=9pNW
-----END PGP SIGNATURE-----
--
~
~ perl self.pl
~ $_='print"\$_=\47$_\47;eval"';eval
~ krahmer(a)suse.de - SuSE Security Team
~
1
0