openSUSE Security Announce
Threads by month
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2000 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1999 -----
- December
- November
- October
- September
- August
November 2002
- 4 participants
- 6 discussions
-----BEGIN PGP SIGNED MESSAGE-----
______________________________________________________________________________
SuSE Security Announcement
Package: pine
Announcement-ID: SuSE-SA:2002:046
Date: Monday, Nov 25th 2002 10:30 MEST
Affected products: 7.1, 7.2, 7.3, 8.0, 8.1
SuSE Linux Database Server
SuSE eMail Server 3.1
SuSE eMail Server III
SuSE Firewall Adminhost VPN
SuSE Linux Admin-CD for Firewall
SuSE Firewall on CD 2 - VPN
SuSE Firewall on CD 2
SuSE Linux Enterprise Server for S/390
SuSE Linux Connectivity Server
SuSE Linux Enterprise Server 7 for IA32
SuSE Linux Office Server
Vulnerability Type: remote denial-of-service
Severity (1-10): 4
SuSE default package: yes (7.1 - 8.0)
no (8.1)
Cross References: none
Content of this advisory:
1) security vulnerability resolved:
- heap buffer overflow while parsing mail address
problem description, discussion, solution and upgrade information
2) pending vulnerabilities, solutions, workarounds:
- sparc distribution
- WindowMaker
3) standard appendix (further information)
______________________________________________________________________________
1) problem description, brief discussion, solution, upgrade information
Pine, Program for Internet News and Email, is a well known and widely
used eMail client.
While parsing and escaping characters of eMail addresses pine does not
allocate enough memory for storing the escaped mailbox part of an
address. This results in a buffer overflow on the heap that will make
pine crash. The offending eMail can just be deleted manually or by using
another mail user agent.
A possible temporary workaround is to filter the respective header
lines by a mail delivery agent (such as procmail).
Please download the update package for your distribution and verify its
integrity by the methods listed in section 3) of this announcement.
Then, install the package using the command "rpm -Fhv file.rpm" to apply
the update.
Our maintenance customers are being notified individually. The packages
are being offered to install from the maintenance web.
Intel i386 Platform:
SuSE-8.1:
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/pine-4.44-224.i586.rpm
8c32d5571d7488e31f693a884dedb81e
patch rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/pine-4.44-224.i586.pat…
467b8b318958b0ead3f30fa7b1f5a9a0
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/pine-4.44-224.src.rpm
9b1ff436719cf9752cda3ddd711e80a7
SuSE-8.0:
ftp://ftp.suse.com/pub/suse/i386/update/8.0/n1/pine-4.44-222.i386.rpm
01d9e82164a5ce4037b84be1b2ed4228
patch rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.0/n1/pine-4.44-222.i386.patch.rpm
162c4265909af7805f7aeaf3e12e8763
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/pine-4.44-222.src.rpm
d724e02b1ea3783e5bfb01ae9728d7cf
SuSE-7.3:
ftp://ftp.suse.com/pub/suse/i386/update/7.3/n1/pine-4.33-266.i386.rpm
140c58adf7d0b2113d5bbbbb20de67e2
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/7.3/zq1/pine-4.33-266.src.rpm
100c86e88ce357b0efacf7dfe2ab592c
SuSE-7.2:
ftp://ftp.suse.com/pub/suse/i386/update/7.2/n1/pine-4.33-266.i386.rpm
bd44232250b3def07cab81064dad11f2
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/7.2/zq1/pine-4.33-266.src.rpm
e28daa1f2d66135fcf5951c9b2dc19be
SuSE-7.1:
ftp://ftp.suse.com/pub/suse/i386/update/7.1/n1/pine-4.33-263.i386.rpm
9bdd3394336a786b0711b8e98ab4a268
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/7.1/zq1/pine-4.33-263.src.rpm
630478b751a24e86c52fe645be9365c4
Sparc Platform:
SuSE-7.3:
ftp://ftp.suse.com/pub/suse/sparc/update/7.3/n1/pine-4.33-97.sparc.rpm
5187b311c27f043178a12ae186d228a6
source rpm(s):
ftp://ftp.suse.com/pub/suse/sparc/update/7.3/zq1/pine-4.33-97.src.rpm
9616303edadfd899785f3ac12d2dc02a
AXP Alpha Platform:
SuSE-7.1:
ftp://ftp.suse.com/pub/suse/axp/update/7.1/n1/pine-4.33-85.alpha.rpm
f5155d79236e3ec15c463f586f731c17
source rpm(s):
ftp://ftp.suse.com/pub/suse/axp/update/7.1/zq1/pine-4.33-85.src.rpm
75365b21b97c8a2f722d95491f62d305
PPC Power PC Platform:
SuSE-7.3:
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/n1/pine-4.33-143.ppc.rpm
98955d956701d7c6c3e0522468377044
source rpm(s):
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/zq1/pine-4.33-143.src.rpm
d4cdfbf180711ae6e9bab31b87cbb3bd
SuSE-7.1:
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/n1/pine-4.33-141.ppc.rpm
0b0512af4bdffc654bbd1774c2c8f8a9
source rpm(s):
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/zq1/pine-4.33-141.src.rpm
0ee371a8935abe58aa53221606960bbe
______________________________________________________________________________
2) Pending vulnerabilities in SuSE Distributions and Workarounds:
- sparc distribution
We have moved the update directories for the SuSE SPARC distributions
7.0 and 7.1 as well as the distribution directory for 7.1 to the
discontinued/ tree on ftp.suse.com. We urge all of the sparc users to
upgrade to the SuSE-7.3-sparc distribution, the latest in the row for
the sparc platform. Resource limitations keep us from timely providing
update packages for the older sparc distribution.
- WindowMaker
A bug was found in the image processing code of windowmaker.
It could allow attackers to execute arbitrary code as the user
running windowmaker by tricking the user into viewing special
crafted malicious image files. New packages are currently being
built and will be available soon.
______________________________________________________________________________
3) standard appendix: authenticity verification, additional information
- Package authenticity verification:
SuSE update packages are available on many mirror ftp servers all over
the world. While this service is being considered valuable and important
to the free and open source software community, many users wish to be
sure about the origin of the package and its content before installing
the package. There are two verification methods that can be used
independently from each other to prove the authenticity of a downloaded
file or rpm package:
1) md5sums as provided in the (cryptographically signed) announcement.
2) using the internal gpg signatures of the rpm package.
1) execute the command
md5sum <name-of-the-file.rpm>
after you downloaded the file from a SuSE ftp server or its mirrors.
Then, compare the resulting md5sum with the one that is listed in the
announcement. Since the announcement containing the checksums is
cryptographically signed (usually using the key security(a)suse.de)
the checksums show proof of the authenticity of the package.
We disrecommend to subscribe to security lists which cause the
email message containing the announcement to be modified so that
the signature does not match after transport through the mailing
list software.
Downsides: You must be able to verify the authenticity of the
announcement in the first place. If RPM packages are being rebuilt
and a new version of a package is published on the ftp server, all
md5 sums for the files are useless.
2) rpm package signatures provide an easy way to verify the authenticity
of an rpm package. Use the command
rpm -v --checksig <file.rpm>
to verify the signature of the package, where <file.rpm> is the
filename of the rpm package that you have downloaded. Of course,
package authenticity verification can only target an un-installed rpm
package file.
Prerequisites:
a) gpg is installed
b) The package is signed using a certain key. The public part of this
key must be installed by the gpg program in the directory
~/.gnupg/ under the user's home directory who performs the
signature verification (usually root). You can import the key
that is used by SuSE in rpm packages for SuSE Linux by saving
this announcement to a file ("announcement.txt") and
running the command (do "su -" to be root):
gpg --batch; gpg < announcement.txt | gpg --import
SuSE Linux distributions version 7.1 and thereafter install the
key "build(a)suse.de" upon installation or upgrade, provided that
the package gpg is installed. The file containing the public key
is placed at the top-level directory of the first CD (pubring.gpg)
and at ftp://ftp.suse.com/pub/suse/pubring.gpg-build.suse.de .
- SuSE runs two security mailing lists to which any interested party may
subscribe:
suse-security(a)suse.com
- general/linux/SuSE security discussion.
All SuSE security announcements are sent to this list.
To subscribe, send an email to
<suse-security-subscribe(a)suse.com>.
suse-security-announce(a)suse.com
- SuSE's announce-only mailing list.
Only SuSE's security announcements are sent to this list.
To subscribe, send an email to
<suse-security-announce-subscribe(a)suse.com>.
For general information or the frequently asked questions (faq)
send mail to:
<suse-security-info(a)suse.com> or
<suse-security-faq(a)suse.com> respectively.
=====================================================================
SuSE's security contact is <security(a)suse.com> or <security(a)suse.de>.
The <security(a)suse.de> public key is listed below.
=====================================================================
______________________________________________________________________________
The information in this advisory may be distributed or reproduced,
provided that the advisory is not modified in any way. In particular,
it is desired that the clear-text signature shows proof of the
authenticity of the text.
SuSE Linux AG makes no warranties of any kind whatsoever with respect
to the information contained in this security advisory.
Type Bits/KeyID Date User ID
pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security(a)suse.de>
pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build(a)suse.de>
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
mQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCkYS3yEKeueNWc+z/0Kvff
4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP+Y0PFPboMvKx0FXl/A0d
M+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR8xocQSVCFxcwvwCglVcO
QliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U8c/yE/vdvpN6lF0tmFrK
XBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0ScZqITuZC4CWxJa9GynBE
D3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEhELBeGaPdNCcmfZ66rKUd
G5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtBUVKn4zLUOf6aeBAoV6NM
CC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOoAqajLfvkURHAeSsxXIoE
myW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1nKFvF+rQoU3VTRSBQYWNr
YWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohcBBMRAgAcBQI57vSBBQkD
wmcABAsKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyl8sAJ98BgD40zw0GHJHIf6d
NfnwI2PAsgCgjH1+PnYEl7TFjtZsqhezX7vZvYCIRgQQEQIABgUCOnBeUgAKCRCe
QOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lxyoAejACeOO1HIbActAevk5MUBhNe
LZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWnB/9An5vfiUUE1VQnt+T/EYklES3t
XXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDVwM2OgSEISZxbzdXGnqIlcT08TzBU
D9i579uifklLsnr35SJDZ6ram51/CWOnnaVhUzneOA9gTPSr+/fT3WeVnwJiQCQ3
0kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF5Yryk23pQUPAgJENDEqeU6iIO9Ot
1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3D3EN8C1yPqZd5CvvznYvB6bWBIpW
cRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGuzgpJt9IXSzyohEJB6XG5+D0BiF0E
ExECAB0FAjxqqTQFCQoAgrMFCwcKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyp1f
AJ9dR7saz2KPNwD3U+fy/0BDKXrYGACfbJ8fQcJqCBQxeHvt9yMPDVq0B0W5Ag0E
Oe70khAIAISR0E3ozF/la+oNaRwxHLrCet30NgnxRROYhPaJB/Tu1FQokn2/Qld/
HZnh3TwhBIw1FqrhWBJ7491iAjLR9uPbdWJrn+A7t8kSkPaF3Z/6kyc5a8fas44h
t5h+6HMBzoFCMAq2aBHQRFRNp9Mz1ZvoXXcI1lk1l8OqcUM/ovXbDfPcXsUVeTPT
tGzcAi2jVl9hl3iwJKkyv/RLmcusdsi8YunbvWGFAF5GaagYQo7YlF6UaBQnYJTM
523AMgpPQtsKm9o/w9WdgXkgWhgkhZEeqUS3m5xNey1nLu9iMvq9M/iXnGz4sg6Q
2Y+GqZ+yAvNWjRRou3zSE7Bzg28MI4sAAwYH/2D71Xc5HPDgu87WnBFgmp8MpSr8
QnSs0wwPg3xEullGEocolSb2c0ctuSyeVnCttJMzkukL9TqyF4s/6XRstWirSWaw
JxRLKH6Zjo/FaKsshYKf8gBkAaddvpl3pO0gmUYbqmpQ3xDEYlhCeieXS5MkockQ
1sj2xYdB1xO0ExzfiCiscUKjUFy+mdzUsUutafuZ+gbHog1CN/ccZCkxcBa5IFCH
ORrNjq9pYWlrxsEn6ApsG7JJbM2besW1PkdEoxak74z1senh36m5jQvVjA3U4xq1
wwylxadmmJaJHzeiLfb7G1ZRjZTsB7fyYxqDzMVul6o9BSwO/1XsIAnV1uuITAQY
EQIADAUCOe70kgUJA8JnAAAKCRCoTtronIAKyksiAJsFB3/77SkH3JlYOGrEe1Ol
0JdGwACeKTttgeVPFB+iGJdiwQlxasOfuXyITAQYEQIADAUCPGqpWQUJCgCCxwAK
CRCoTtronIAKyofBAKCSZM2UFyta/fe9WgITK9I5hbxxtQCfX+0ar2CZmSknn3co
SPihn1+OBNyZAQ0DNuEtBAAAAQgAoCRcd7SVZEFcumffyEwfLTcXQjhKzOahzxpo
omuF+HIyU4AGq+SU8sTZ/1SsjhdzzrSAfv1lETACA+3SmLr5KV40Us1w0UC64cwt
A46xowVq1vMlH2Lib+V/qr3b1hE67nMHjysECVx9Ob4gFuKNoR2eqnAaJvjnAT8J
/LoUC20EdCHUqn6v+M9t/WZgC+WNR8cq69uDy3YQhDP/nIan6fm2uf2kSV9A7ZxE
GrwsWl/WX5Q/sQqMWaU6r4az98X3z90/cN+eJJ3vwtA+rm+nxEvyev+jaLuOQBDf
ebh/XA4FZ35xmi+spdiVeJH4F/ubaGlmj7+wDOF3suYAPSXT2QAFEbQlU3VTRSBT
ZWN1cml0eSBUZWFtIDxzZWN1cml0eUBzdXNlLmRlPokBFQMFEDbhLUfkWLKHsco8
RQEBVw4H/1vIdiOLX/7hdzYaG9crQVIk3QwaB5eBbjvLEMvuCZHiY2COUg5QdmPQ
8SlWNZ6k4nu1BLcv2g/pymPUWP9fG4tuSnlUJDrWGm3nhyhAC9iudP2u1YQY37Gb
B6NPVaZiYMnEb4QYFcqv5c/r2ghSXUTYk7etd6SW6WCOpEqizhx1cqDKNZnsI/1X
11pFcO2N7rc6byDBJ1T+cK+F1Ehan9XBt/shryJmv04nli5CXQMEbiqYYMOu8iaA
8AWRgXPCWqhyGhcVD3LRhUJXjUOdH4ZiHCXaoF3zVPxpeGKEQY8iBrDeDyB3wHmj
qY9WCX6cmogGQRgYG6yJqDalLqrDOdmJARUDBRA24S0Ed7LmAD0l09kBAW04B/4p
WH3f1vQn3i6/+SmDjGzUu2GWGq6Fsdwo2hVM2ym6CILeow/K9JfhdwGvY8LRxWRL
hn09j2IJ9P7H1Yz3qDf10AX6V7YILHtchKT1dcngCkTLmDgC4rs1iAAl3f089sRG
BafGPGKv2DQjHfR1LfRtbf0P7c09Tkej1MP8HtQMW9hPkBYeXcwbCjdrVGFOzqx+
AvvJDdT6a+oyRMTFlvmZ83UV5pgoyimgjhWnM1V4bFBYjPrtWMkdXJSUXbR6Q7Pi
RZWCzGRzwbaxqpl3rK/YTCphOLwEMB27B4/fcqtBzgoMOiaZA0M5fFoo54KgRIh0
zinsSx2OrWgvSiLEXXYKiEYEEBECAAYFAjseYcMACgkQnkDjEAAKq6ROVACgjhDM
/3KM+iFjs5QXsnd4oFPOnbkAnjYGa1J3em+bmV2aiCdYXdOuGn4ZiQCVAwUQN7c7
whaQN/7O/JIVAQEB+QP/cYblSAmPXxSFiaHWB+MiUNw8B6ozBLK0QcMQ2YcL6+Vl
D+nSZP20+Ja2nfiKjnibCv5ss83yXoHkYk2Rsa8foz6Y7tHwuPiccvqnIC/c9Cvz
dbIsdxpfsi0qWPfvX/jLMpXqqnPjdIZErgxpwujas1n9016PuXA8K3MJwVjCqSKI
RgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA1iSYcbhtgvx9ByLPI
DgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE=
=LRKC
- -----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
iQEVAwUBPeIANHey5gA9JdPZAQHKlwf9EPQPcv2iqlHKQPGMeVqgKUsvA/psvxPF
JHfwcZe64VvyL8o3Q/ERp2gWhBhfqI/yELMW+2nnILXEwPntZwL1P2/+BewecUFm
XhOsKSdKQdaw77qyhJL+RAMf83nhZS5xRv5ckPfTgLAIIiigonQPCwq/8j5ciGmi
XsEnr/aQKlaULqEEaUMyNvBuE155jIX4EDgK5WqrbJWhFuVdR4M5RqstGQx7OQ3U
qltnex/G1BJ4eZPA33PW0BQEGgGFdlGHjcf6IB2A0ZTVqtUTI/F2SaFFJHBpeXBp
Q+YLq/Tp0SNCGj9M5a0JN1qY1yGJxIvVscWv4Ta1z09kSBcgrDR8Ww==
=ltD3
-----END PGP SIGNATURE-----
Bye,
Thomas
--
Thomas Biege <thomas(a)suse.de>
SuSE Linux AG,Deutschherrnstr. 15-19,90429 Nuernberg
Function: Security Support & Auditing
"lynx -source http://www.suse.de/~thomas/contact/thomas.asc | pgp -fka"
Key fingerprint = 51 AD B9 C7 34 FC F2 54 01 4A 1C D4 66 64 09 83
--
Over thinking, Over analyzing, seperates the body from the mind.
- Maynard James Keenan
1
0
-----BEGIN PGP SIGNED MESSAGE-----
______________________________________________________________________________
SuSE Security Announcement
Package: samba
Announcement-ID: SuSE-SA:2002:045
Date: Wednesday, November 20th 2002 16:00 MET
Affected products: 7.2, 7.3, 8.0, 8.1
SuSE Linux Database Server,
SuSE eMail Server III, 3.1
SuSE Linux Enterprise Server 7+8,
SuSE Linux Firewall on CD/Admin host
SuSE Linux Connectivity Server
SuSE Linux Office Server
Vulnerability Type: possible remote code execution
Severity (1-10): 7
SuSE default package: no
Cross References: http://www.samba.org/
Content of this advisory:
1) security vulnerability resolved: samba
problem description, discussion, solution and upgrade information
2) pending vulnerabilities, solutions, workarounds
3) standard appendix (further information)
______________________________________________________________________________
1) problem description, brief discussion, solution, upgrade information
Samba developer Steve Langasek found a security problem in samba, the
widely known free implementation of the SMB protocol.
The error consists of a buffer overflow in a commonly used routine
that accepts user input and may write up to 127 bytes past the end of
the buffer allocated with static length, leaving enough room for
an exploit. The resulting vulnerability can be exploited locally
in applications using the pam_smbpass Pluggable Authentication Module
(PAM). It may be possible to exploit this vulnerability remotely,
causing the running smbd to crash or even to execute arbitrary code.
The samba package is installed by default only on the SuSE Linux
Enterprise Server. SuSE Linux products do not have the samba and
samba-client packages installed by default.
The samba packages in SuSE Linux version 7.1 and before are not affected
by this vulnerability.
For the bug to be exploited, your system has to be running the smbd
samba server, or an administrator must have (manually) changed the
configuration of the PAM authentification subsystem to enable the use
of the pam_smbpass module. The samba server process(es) are not activated
automatically after installation (of the package).
The samba subsystem on SuSE products is split into two different
subpackages: samba and smbclnt up to and including SuSE Linux 7.2, on
SuSE Linux 7.3 and newer the package names are samba and samba-client.
To completely remove the vulnerability, you should update all of the
installed packages.
We wish to express our gratitude to the samba development team and
in particular to Steve Langasek and Volker Lendecke who provided the
patches and communicated them to the vendors. Please know that the
samba team will release the new version 2.2.7 of the samba software to
address the security fix at the same time as this announcement gets
published. More information about samba (and the security fix) is
available at http://www.samba.org.
Please download the update package for your distribution and verify its
integrity by the methods listed in section 3) of this announcement.
Then, install the package using the command "rpm -Fhv file.rpm" to apply
the update.
Our maintenance customers are being notified individually. The packages
are being offered to install from the maintenance web.
SPECIAL INSTALL INSTRUCTIONS:
==============================
After successfully installing the update packages, you should restart
the samba server process(es) to make the changes in the system effective.
If you do not have a samba server running on your system, no further
action is required. If you have a samba server running, please run the
following command as root:
rcsmb restart # SuSE Linux, all versions
rcnmb restart # only on SuSE Linux 8.1
Intel i386 Platform:
SuSE-8.1:
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/samba-2.2.5-124.i586.r…
f0a94ef6cc49165d4dace59caaf359d7
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/samba-client-2.2.5-124…
f694fb4aaabffa98b6a76941cb2c0eaf
patch rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/samba-2.2.5-124.i586.p…
af43bc1d5dc1b097389933f34ca5a625
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/samba-client-2.2.5-124…
bff278f9366df7efe72fa880c4f7618f
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/samba-2.2.5-124.src.rpm
674adb466663259c2117852b9525a29a
SuSE-8.0:
ftp://ftp.suse.com/pub/suse/i386/update/8.0/n2/samba-2.2.3a-165.i386.rpm
8c7edd09c5acfc269467ecbcdcdfc21c
ftp://ftp.suse.com/pub/suse/i386/update/8.0/n1/samba-client-2.2.3a-165.i386…
bfc08a1d64f0d85670041c7046d1e775
patch rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.0/n2/samba-2.2.3a-165.i386.patch.…
7d08c2c07137d9da0b3d1a301295a084
ftp://ftp.suse.com/pub/suse/i386/update/8.0/n1/samba-client-2.2.3a-165.i386…
887230d4ed61bec496dff73c50fa3de0
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/samba-2.2.3a-165.src.rpm
b208c4d5bcceb7f9cc18df75b7831d2d
SuSE-7.3:
ftp://ftp.suse.com/pub/suse/i386/update/7.3/n2/samba-2.2.1a-206.i386.rpm
dc4232333a0babbb257cff346609625f
ftp://ftp.suse.com/pub/suse/i386/update/7.3/n1/samba-client-2.2.1a-206.i386…
163a565a5a0b0320eae6ba1d0ebdfb27
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/7.3/zq1/samba-2.2.1a-206.src.rpm
6086e3bb296a320c28fced9068c931fc
SuSE-7.2:
ftp://ftp.suse.com/pub/suse/i386/update/7.2/n2/samba-2.2.0a-45.i386.rpm
184b17987ca99325782f4c7f9e04b6a6
ftp://ftp.suse.com/pub/suse/i386/update/7.2/n1/smbclnt-2.2.0a-45.i386.rpm
b9926ade015ccaf271088da246814abb
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/7.2/zq1/samba-2.2.0a-45.src.rpm
384ec49b0b8a81d8ecf7c84ef0fa2689
Sparc Platform:
SuSE-7.3:
ftp://ftp.suse.com/pub/suse/sparc/update/7.3/n2/samba-2.2.1a-69.sparc.rpm
61b72787bc8e0b333662962a60bce0c2
ftp://ftp.suse.com/pub/suse/sparc/update/7.3/n1/samba-client-2.2.1a-69.spar…
6acd0ffd218d721d7c10b17e1194738d
source rpm(s):
ftp://ftp.suse.com/pub/suse/sparc/update/7.3/zq1/samba-2.2.1a-69.src.rpm
77f57a3277bb1a270ae79bc94ee28345
PPC Power PC Platform:
SuSE-7.3:
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/n2/samba-2.2.1a-141.ppc.rpm
d127afabc7d5b764289f9b65ad4c4cd1
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/n1/samba-client-2.2.1a-141.ppc.r…
894132f3b5041a54ec871d67eef072e5
source rpm(s):
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/zq1/samba-2.2.1a-141.src.rpm
ccff812fdddd3af9d62a399f63e0405e
______________________________________________________________________________
2) Pending vulnerabilities in SuSE Distributions and Workarounds:
- 7.0 update trees
We will move the SuSE Linux 7.0 update tree structure to the
/pub/suse/discontinued/ tree shortly, following the announcement about
discontinued products on Tue, 29 Oct 2002.
______________________________________________________________________________
3) standard appendix: authenticity verification, additional information
- Package authenticity verification:
SuSE update packages are available on many mirror ftp servers all over
the world. While this service is being considered valuable and important
to the free and open source software community, many users wish to be
sure about the origin of the package and its content before installing
the package. There are two verification methods that can be used
independently from each other to prove the authenticity of a downloaded
file or rpm package:
1) md5sums as provided in the (cryptographically signed) announcement.
2) using the internal gpg signatures of the rpm package.
1) execute the command
md5sum <name-of-the-file.rpm>
after you downloaded the file from a SuSE ftp server or its mirrors.
Then, compare the resulting md5sum with the one that is listed in the
announcement. Since the announcement containing the checksums is
cryptographically signed (usually using the key security(a)suse.de)
the checksums show proof of the authenticity of the package.
We disrecommend to subscribe to security lists which cause the
email message containing the announcement to be modified so that
the signature does not match after transport through the mailing
list software.
Downsides: You must be able to verify the authenticity of the
announcement in the first place. If RPM packages are being rebuilt
and a new version of a package is published on the ftp server, all
md5 sums for the files are useless.
2) rpm package signatures provide an easy way to verify the authenticity
of an rpm package. Use the command
rpm -v --checksig <file.rpm>
to verify the signature of the package, where <file.rpm> is the
filename of the rpm package that you have downloaded. Of course,
package authenticity verification can only target an un-installed rpm
package file.
Prerequisites:
a) gpg is installed
b) The package is signed using a certain key. The public part of this
key must be installed by the gpg program in the directory
~/.gnupg/ under the user's home directory who performs the
signature verification (usually root). You can import the key
that is used by SuSE in rpm packages for SuSE Linux by saving
this announcement to a file ("announcement.txt") and
running the command (do "su -" to be root):
gpg --batch; gpg < announcement.txt | gpg --import
SuSE Linux distributions version 7.1 and thereafter install the
key "build(a)suse.de" upon installation or upgrade, provided that
the package gpg is installed. The file containing the public key
is placed at the top-level directory of the first CD (pubring.gpg)
and at ftp://ftp.suse.com/pub/suse/pubring.gpg-build.suse.de .
- SuSE runs two security mailing lists to which any interested party may
subscribe:
suse-security(a)suse.com
- general/linux/SuSE security discussion.
All SuSE security announcements are sent to this list.
To subscribe, send an email to
<suse-security-subscribe(a)suse.com>.
suse-security-announce(a)suse.com
- SuSE's announce-only mailing list.
Only SuSE's security announcements are sent to this list.
To subscribe, send an email to
<suse-security-announce-subscribe(a)suse.com>.
For general information or the frequently asked questions (faq)
send mail to:
<suse-security-info(a)suse.com> or
<suse-security-faq(a)suse.com> respectively.
=====================================================================
SuSE's security contact is <security(a)suse.com> or <security(a)suse.de>.
The <security(a)suse.de> public key is listed below.
=====================================================================
______________________________________________________________________________
The information in this advisory may be distributed or reproduced,
provided that the advisory is not modified in any way. In particular,
it is desired that the clear-text signature shows proof of the
authenticity of the text.
SuSE Linux AG makes no warranties of any kind whatsoever with respect
to the information contained in this security advisory.
Type Bits/KeyID Date User ID
pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security(a)suse.de>
pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build(a)suse.de>
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
mQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCkYS3yEKeueNWc+z/0Kvff
4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP+Y0PFPboMvKx0FXl/A0d
M+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR8xocQSVCFxcwvwCglVcO
QliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U8c/yE/vdvpN6lF0tmFrK
XBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0ScZqITuZC4CWxJa9GynBE
D3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEhELBeGaPdNCcmfZ66rKUd
G5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtBUVKn4zLUOf6aeBAoV6NM
CC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOoAqajLfvkURHAeSsxXIoE
myW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1nKFvF+rQoU3VTRSBQYWNr
YWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohcBBMRAgAcBQI57vSBBQkD
wmcABAsKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyl8sAJ98BgD40zw0GHJHIf6d
NfnwI2PAsgCgjH1+PnYEl7TFjtZsqhezX7vZvYCIRgQQEQIABgUCOnBeUgAKCRCe
QOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lxyoAejACeOO1HIbActAevk5MUBhNe
LZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWnB/9An5vfiUUE1VQnt+T/EYklES3t
XXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDVwM2OgSEISZxbzdXGnqIlcT08TzBU
D9i579uifklLsnr35SJDZ6ram51/CWOnnaVhUzneOA9gTPSr+/fT3WeVnwJiQCQ3
0kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF5Yryk23pQUPAgJENDEqeU6iIO9Ot
1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3D3EN8C1yPqZd5CvvznYvB6bWBIpW
cRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGuzgpJt9IXSzyohEJB6XG5+D0BiF0E
ExECAB0FAjxqqTQFCQoAgrMFCwcKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyp1f
AJ9dR7saz2KPNwD3U+fy/0BDKXrYGACfbJ8fQcJqCBQxeHvt9yMPDVq0B0W5Ag0E
Oe70khAIAISR0E3ozF/la+oNaRwxHLrCet30NgnxRROYhPaJB/Tu1FQokn2/Qld/
HZnh3TwhBIw1FqrhWBJ7491iAjLR9uPbdWJrn+A7t8kSkPaF3Z/6kyc5a8fas44h
t5h+6HMBzoFCMAq2aBHQRFRNp9Mz1ZvoXXcI1lk1l8OqcUM/ovXbDfPcXsUVeTPT
tGzcAi2jVl9hl3iwJKkyv/RLmcusdsi8YunbvWGFAF5GaagYQo7YlF6UaBQnYJTM
523AMgpPQtsKm9o/w9WdgXkgWhgkhZEeqUS3m5xNey1nLu9iMvq9M/iXnGz4sg6Q
2Y+GqZ+yAvNWjRRou3zSE7Bzg28MI4sAAwYH/2D71Xc5HPDgu87WnBFgmp8MpSr8
QnSs0wwPg3xEullGEocolSb2c0ctuSyeVnCttJMzkukL9TqyF4s/6XRstWirSWaw
JxRLKH6Zjo/FaKsshYKf8gBkAaddvpl3pO0gmUYbqmpQ3xDEYlhCeieXS5MkockQ
1sj2xYdB1xO0ExzfiCiscUKjUFy+mdzUsUutafuZ+gbHog1CN/ccZCkxcBa5IFCH
ORrNjq9pYWlrxsEn6ApsG7JJbM2besW1PkdEoxak74z1senh36m5jQvVjA3U4xq1
wwylxadmmJaJHzeiLfb7G1ZRjZTsB7fyYxqDzMVul6o9BSwO/1XsIAnV1uuITAQY
EQIADAUCOe70kgUJA8JnAAAKCRCoTtronIAKyksiAJsFB3/77SkH3JlYOGrEe1Ol
0JdGwACeKTttgeVPFB+iGJdiwQlxasOfuXyITAQYEQIADAUCPGqpWQUJCgCCxwAK
CRCoTtronIAKyofBAKCSZM2UFyta/fe9WgITK9I5hbxxtQCfX+0ar2CZmSknn3co
SPihn1+OBNyZAQ0DNuEtBAAAAQgAoCRcd7SVZEFcumffyEwfLTcXQjhKzOahzxpo
omuF+HIyU4AGq+SU8sTZ/1SsjhdzzrSAfv1lETACA+3SmLr5KV40Us1w0UC64cwt
A46xowVq1vMlH2Lib+V/qr3b1hE67nMHjysECVx9Ob4gFuKNoR2eqnAaJvjnAT8J
/LoUC20EdCHUqn6v+M9t/WZgC+WNR8cq69uDy3YQhDP/nIan6fm2uf2kSV9A7ZxE
GrwsWl/WX5Q/sQqMWaU6r4az98X3z90/cN+eJJ3vwtA+rm+nxEvyev+jaLuOQBDf
ebh/XA4FZ35xmi+spdiVeJH4F/ubaGlmj7+wDOF3suYAPSXT2QAFEbQlU3VTRSBT
ZWN1cml0eSBUZWFtIDxzZWN1cml0eUBzdXNlLmRlPokBFQMFEDbhLUfkWLKHsco8
RQEBVw4H/1vIdiOLX/7hdzYaG9crQVIk3QwaB5eBbjvLEMvuCZHiY2COUg5QdmPQ
8SlWNZ6k4nu1BLcv2g/pymPUWP9fG4tuSnlUJDrWGm3nhyhAC9iudP2u1YQY37Gb
B6NPVaZiYMnEb4QYFcqv5c/r2ghSXUTYk7etd6SW6WCOpEqizhx1cqDKNZnsI/1X
11pFcO2N7rc6byDBJ1T+cK+F1Ehan9XBt/shryJmv04nli5CXQMEbiqYYMOu8iaA
8AWRgXPCWqhyGhcVD3LRhUJXjUOdH4ZiHCXaoF3zVPxpeGKEQY8iBrDeDyB3wHmj
qY9WCX6cmogGQRgYG6yJqDalLqrDOdmJARUDBRA24S0Ed7LmAD0l09kBAW04B/4p
WH3f1vQn3i6/+SmDjGzUu2GWGq6Fsdwo2hVM2ym6CILeow/K9JfhdwGvY8LRxWRL
hn09j2IJ9P7H1Yz3qDf10AX6V7YILHtchKT1dcngCkTLmDgC4rs1iAAl3f089sRG
BafGPGKv2DQjHfR1LfRtbf0P7c09Tkej1MP8HtQMW9hPkBYeXcwbCjdrVGFOzqx+
AvvJDdT6a+oyRMTFlvmZ83UV5pgoyimgjhWnM1V4bFBYjPrtWMkdXJSUXbR6Q7Pi
RZWCzGRzwbaxqpl3rK/YTCphOLwEMB27B4/fcqtBzgoMOiaZA0M5fFoo54KgRIh0
zinsSx2OrWgvSiLEXXYKiEYEEBECAAYFAjseYcMACgkQnkDjEAAKq6ROVACgjhDM
/3KM+iFjs5QXsnd4oFPOnbkAnjYGa1J3em+bmV2aiCdYXdOuGn4ZiQCVAwUQN7c7
whaQN/7O/JIVAQEB+QP/cYblSAmPXxSFiaHWB+MiUNw8B6ozBLK0QcMQ2YcL6+Vl
D+nSZP20+Ja2nfiKjnibCv5ss83yXoHkYk2Rsa8foz6Y7tHwuPiccvqnIC/c9Cvz
dbIsdxpfsi0qWPfvX/jLMpXqqnPjdIZErgxpwujas1n9016PuXA8K3MJwVjCqSKI
RgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA1iSYcbhtgvx9ByLPI
DgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE=
=LRKC
- -----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
iQEVAwUBPdvAOHey5gA9JdPZAQFBcwf6A+8lmCVrRiCgRW/SH+pzBMJ2+p8iywDd
BhChCR0ekyrNcxwMRut1vFVRbt0iSzD3Kl43dAPOrTcvypkoBnxW4+/l1mD7/fqH
WsF22vwhV/8u33tYFN7wsUxpBHzBSq3CguJF4XP5BpNCkvJvrLh5f5QDgonUoO+P
2z0sYNgSARxEKgniyp8YSm6UmC63ijzDhLb/JuDxNu/8652Xx35pptdOtBiriB9C
yGKgJoy97co96oQrzS9ZRKjSGBfE5g6Q8/nAyDuCFpPOiIvDaLlkcab0u2Boawe+
GuCM6QwB7xmb6ElCehtCGxn9v6gE86hNFCOVrjIOhKgOrlY0V8h21w==
=MrgG
-----END PGP SIGNATURE-----
1
0
SuSE Security Announcement: Multiple vulnerabilities in BIND8 (SuSE-SA:2002:044)
by Olaf Kirch 14 Nov '02
by Olaf Kirch 14 Nov '02
14 Nov '02
-----BEGIN PGP SIGNED MESSAGE-----
______________________________________________________________________________
SuSE Security Announcement
Package: bind8
Announcement-ID: SuSE-SA:2002:044
Date: Wed Nov 13 17:00:00 CET 2002
Affected products: (7.0), 7.1, 7.2, 7.3, 8.0, 8.1,
SuSE Linux Database Server
SuSE eMail Server III, 3.1
SuSE Firewall
SuSE Linux Enterprise Server for S/390
SuSE Linux Connectivity Server
SuSE Linux Enterprise Server 7
SuSE Linux Office Server
Vulnerability Type: remote command execution
Severity (1-10): 8
SuSE default package: yes
Cross References: CVE CAN-2002-1219,
CAN-2002-1220, CAN-2002-1221,
http://www.isc.org/products/BIND/bind-security.html
http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469
Content of this advisory:
1) security vulnerability resolved: Remote command execution
in bind8 name server.
problem description, discussion, solution and upgrade information
2) pending vulnerabilities, solutions, workarounds: BIND4, reports
of trojanized tcpdump/libpcap
3) standard appendix (further information)
______________________________________________________________________________
1) problem description, brief discussion, solution, upgrade information
The security research company ISS (Internet Security Services)
has discovered several vulnerabilities in the BIND8 name server,
including a remotely exploitable buffer overflow.
Circumstancial evidence suggests that the Internet Software
Consortium (maintainer of BIND) has been made aware of these issues
in mid-October. Distributors of Open Source operating systems,
including SuSE, were notified of these vulnerabilities via CERT
approximately 12 hours before the release of the advisories by ISS
and ISC on Tue, Nov 12. This notification did not include any details
that allowed us to identify the vulnerable code, much less prepare
a fix. Mails to ISC went unanswered for 36 hours.
The SuSE security team regrets that the Internet Software Consortium
has withheld vital information from the Internet community for so long,
putting the majority of BIND users at risk. We would like to express
our concern that the approach chosen by ISC and ISS is likely to
erode trust in the security community if it becomes a model for dealing
with security issues.
We apologize to SuSE customers for not being able to provide timely
fixes for this problem.
The advisories by ISS and ISC mention the following problems
in detail:
1. There is a buffer overflow in the way named handles
SIG records. This buffer overflow can be exploited to
obtain access to the victim host under the account
the named process is running with.
In order to exploit this problem, the attacker must
control an existing DNS domain, and must be allowed
to perform a recursive query.
The impact of this vulnerability is serious.
In all SuSE products, named is configured to run as user "named"
by default, so a potential attacker or virus/worm does not get
immediate root access. However, this is merely an additional
obstacle the attacker faces. It may be possible for the attacker
to exploit other, unpatched local vulnerabilities such as the
recently announced traceroute hole to obtain root privilege. It
may also be possible for an attacker to obtain increased privilege
by manipulating the DNS zones served by the victim BIND server.
We recommend to upgrade to the provided packages. If this is
not possible, we recommend to restrict recursive requests as a
workaround. This can be done by adding a statement such as the
following to /etc/named.conf:
options {
... existing options ...
# Restrict recursive queries to 192.168.1.*,
# except 192.168.1.254.
# Order does matter.
allow-recursion {
!192.168.1.254;
192.168.1/24;
};
};
Alternatively, you can add "recursion no;" to the options
section to turn off recursion completely.
2. There are several Denial Of Service problems in BIND8
that allow remote attackers to terminate the name server
process.
At least one of these vulnerabilities seems to be exploitable
even when the attacker is not allowed to perform recursive
queries, so that the workaround suggested above is not
effective against this bug.
Both vulnerabilities are addressed by this update, using patches
originating from ISC.
Due to the severity of this issue, we will provide update packages
for SuSE Linux 7.0, even though support for this product has officially
been discontinued.
Please download the update package for your distribution and verify its
integrity by the methods listed in section 3) of this announcement.
Then, install the packages using the command "rpm -Fhv file.rpm" to apply
the update. After updating, make sure to restart the name server
process by issuing the following command as root:
rcnamed restart
Our maintenance customers are being notified individually. The packages
are being offered to install from the maintenance web.
Intel i386 Platform:
SuSE-8.1:
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/bind8-8.2.4-260.i586.r…
e1c07d8c1dd74374cc37e7fa692c9de1
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/bindutil-8.2.4-260.i58…
b41734970bf88aa7b5d3debbf834b78d
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/bind8-devel-8.2.4-260.…
f7236e5e621725e100dbd204e2692a66
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/bind8-8.2.4-260.src.rpm
02154fbdc935a2900d70ce6a16e96543
SuSE-8.0:
ftp://ftp.suse.com/pub/suse/i386/update/8.0/n2/bind8-8.2.4-260.i386.rpm
07bc10c5c348c560084edb3c289459c9
ftp://ftp.suse.com/pub/suse/i386/update/8.0/n1/bindutil-8.2.4-260.i386.rpm
4db27e9ad4ae038d81422a0c5b9a34d0
ftp://ftp.suse.com/pub/suse/i386/update/8.0/n4/bind8-devel-8.2.4-260.i386.r…
a1b3958e0fbaed30ddecbf7753007dbf
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/bind8-8.2.4-260.src.rpm
0b66ae2b5c462f041625919fed7ab089
SuSE-7.3:
ftp://ftp.suse.com/pub/suse/i386/update/7.3/n2/bind8-8.2.4-261.i386.rpm
fe0654b3de751533874b08a860afea5e
ftp://ftp.suse.com/pub/suse/i386/update/7.3/n1/bindutil-8.2.4-261.i386.rpm
043a8c1c0bb2cc23308a614dc7bdc0fe
ftp://ftp.suse.com/pub/suse/i386/update/7.3/n2/bind8-devel-8.2.4-261.i386.r…
59aca78f5aacb3ff7ecbc252eb760956
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/7.3/zq1/bind8-8.2.4-261.src.rpm
355add6397435262c597ad662e3df119
SuSE-7.2:
ftp://ftp.suse.com/pub/suse/i386/update/7.2/n2/bind8-8.2.3-200.i386.rpm
1072a9fe708150bc14c70a72ca42dfd3
ftp://ftp.suse.com/pub/suse/i386/update/7.2/n1/bindutil-8.2.3-200.i386.rpm
0713d9b200db862110493233bc1d8321
ftp://ftp.suse.com/pub/suse/i386/update/7.2/n2/bind8-devel-8.2.3-200.i386.r…
c681a91b38104cf47de4f4d454136a8a
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/7.2/zq1/bind8-8.2.3-200.src.rpm
8f51737bc0c84b7be08fe3bb1d4012b4
SuSE-7.1:
ftp://ftp.suse.com/pub/suse/i386/update/7.1/n2/bind8-8.2.3-200.i386.rpm
f2c14f81038d7ba952def27981b4599c
ftp://ftp.suse.com/pub/suse/i386/update/7.1/n1/bindutil-8.2.3-200.i386.rpm
961a5403a41e8031c054a081ebf92ba5
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/7.1/zq1/bind8-8.2.3-200.src.rpm
7f3c9b95591fb22f00dc0b22cdd5fcf1
SuSE-7.0:
ftp://ftp.suse.com/pub/suse/i386/update/7.0/n1/bind8-8.2.3-200.i386.rpm
0a6b9e23cefa5cd9f06660571ebf85ff
ftp://ftp.suse.com/pub/suse/i386/update/7.0/n1/bindutil-8.2.3-200.i386.rpm
3a6e0e81c2d8b05ee01a2a0b9c26e9a4
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/7.0/zq1/bind8-8.2.3-200.src.rpm
1c2cb2e531fe2834de84b22ad714de68
Sparc Platform:
SuSE-7.3:
ftp://ftp.suse.com/pub/suse/sparc/update/7.3/n2/bind8-8.2.4-128.sparc.rpm
c08454b933ed2365d9d2ab1322803af6
ftp://ftp.suse.com/pub/suse/sparc/update/7.3/n1/bindutil-8.2.4-128.sparc.rpm
47e063be85fadfa2e5d0fce1746a34b5
ftp://ftp.suse.com/pub/suse/sparc/update/7.3/n2/bind8-devel-8.2.4-128.sparc…
46a97b033cca0a01dcb39ef90275ce46
source rpm(s):
ftp://ftp.suse.com/pub/suse/sparc/update/7.3/zq1/bind8-8.2.4-128.src.rpm
827a7f56273c7a25ac40ffba728e9150
AXP Alpha Platform:
SuSE-7.1:
ftp://ftp.suse.com/pub/suse/axp/update/7.1/n2/bind8-8.2.3-139.alpha.rpm
77f39990fabacb545657236a60fecbe0
ftp://ftp.suse.com/pub/suse/axp/update/7.1/n1/bindutil-8.2.3-139.alpha.rpm
33bf9f28a7c9105c84216906694c7b7c
source rpm(s):
ftp://ftp.suse.com/pub/suse/axp/update/7.1/zq1/bind8-8.2.3-139.src.rpm
df347649fc98de695837a88452814ee6
SuSE-7.0:
ftp://ftp.suse.com/pub/suse/axp/update/7.0/n1/bind8-8.2.3-139.alpha.rpm
23f307cda6a0eefb3d9f1a0439950bdd
ftp://ftp.suse.com/pub/suse/axp/update/7.0/n1/bindutil-8.2.3-139.alpha.rpm
0789b49749d93ddd79192506cda00f7a
source rpm(s):
ftp://ftp.suse.com/pub/suse/axp/update/7.0/zq1/bind8-8.2.3-139.src.rpm
356306a7f2c079e2726b3aa8da496e9b
PPC Power PC Platform:
SuSE-7.3:
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/n2/bind8-8.2.4-200.ppc.rpm
4cbeb4719625f8735ec03c27e1b27b85
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/n1/bindutil-8.2.4-200.ppc.rpm
37fca302d72c819e713f8038d730a527
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/n2/bind8-devel-8.2.4-200.ppc.rpm
f0f5cb7b808789606448a4d472c71400
source rpm(s):
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/zq1/bind8-8.2.4-200.src.rpm
5c810e6f144d0f2875bb06d2331f50d8
SuSE-7.1:
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/n2/bind8-8.2.3-121.ppc.rpm
47fcc451954f03a915b57b500bd56c57
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/n1/bindutil-8.2.3-121.ppc.rpm
2c0de3b64d5c3d62cb840a534911ef31
source rpm(s):
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/zq1/bind8-8.2.3-121.src.rpm
235e142413ec35bcbdb86168b04b7a78
SuSE-7.0:
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/n1/bind8-8.2.3-121.ppc.rpm
44dc01f6b4fae1dfd87874db6d42e8d9
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/n1/bindutil-8.2.3-121.ppc.rpm
d46f45bef0f12c3c5b071443ac9e7f13
source rpm(s):
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/zq1/bind8-8.2.3-121.src.rpm
1bac32496ae66d4b0e35bc34d4e500ff
______________________________________________________________________________
2) Pending vulnerabilities in SuSE Distributions and Workarounds:
BIND4
In addition to the vulnerabilities in BIND8 discussed above, ISS
report several vulnerabilities in BIND4. As stated previously,
SuSE has discontinued support for BIND4 and recommends that
users upgrade to BIND8 as soon as possible.
Trojaned libpcap/tcpdump
There have been reports that the source packages of tcpdump and
libpcap available from several FTP servers have been modified to
include a trojan. We have checked our source packages for this
and found them to be clean.
______________________________________________________________________________
3) standard appendix: authenticity verification, additional information
- Package authenticity verification:
SuSE update packages are available on many mirror ftp servers all over
the world. While this service is being considered valuable and important
to the free and open source software community, many users wish to be
sure about the origin of the package and its content before installing
the package. There are two verification methods that can be used
independently from each other to prove the authenticity of a downloaded
file or rpm package:
1) md5sums as provided in the (cryptographically signed) announcement.
2) using the internal gpg signatures of the rpm package.
1) execute the command
md5sum <name-of-the-file.rpm>
after you downloaded the file from a SuSE ftp server or its mirrors.
Then, compare the resulting md5sum with the one that is listed in the
announcement. Since the announcement containing the checksums is
cryptographically signed (usually using the key security(a)suse.de)
the checksums show proof of the authenticity of the package.
We disrecommend to subscribe to security lists which cause the
email message containing the announcement to be modified so that
the signature does not match after transport through the mailing
list software.
Downsides: You must be able to verify the authenticity of the
announcement in the first place. If RPM packages are being rebuilt
and a new version of a package is published on the ftp server, all
md5 sums for the files are useless.
2) rpm package signatures provide an easy way to verify the authenticity
of an rpm package. Use the command
rpm -v --checksig <file.rpm>
to verify the signature of the package, where <file.rpm> is the
filename of the rpm package that you have downloaded. Of course,
package authenticity verification can only target an un-installed rpm
package file.
Prerequisites:
a) gpg is installed
b) The package is signed using a certain key. The public part of this
key must be installed by the gpg program in the directory
~/.gnupg/ under the user's home directory who performs the
signature verification (usually root). You can import the key
that is used by SuSE in rpm packages for SuSE Linux by saving
this announcement to a file ("announcement.txt") and
running the command (do "su -" to be root):
gpg --batch; gpg < announcement.txt | gpg --import
SuSE Linux distributions version 7.1 and thereafter install the
key "build(a)suse.de" upon installation or upgrade, provided that
the package gpg is installed. The file containing the public key
is placed at the top-level directory of the first CD (pubring.gpg)
and at ftp://ftp.suse.com/pub/suse/pubring.gpg-build.suse.de .
- SuSE runs two security mailing lists to which any interested party may
subscribe:
suse-security(a)suse.com
- general/linux/SuSE security discussion.
All SuSE security announcements are sent to this list.
To subscribe, send an email to
<suse-security-subscribe(a)suse.com>.
suse-security-announce(a)suse.com
- SuSE's announce-only mailing list.
Only SuSE's security announcements are sent to this list.
To subscribe, send an email to
<suse-security-announce-subscribe(a)suse.com>.
For general information or the frequently asked questions (faq)
send mail to:
<suse-security-info(a)suse.com> or
<suse-security-faq(a)suse.com> respectively.
=====================================================================
SuSE's security contact is <security(a)suse.com> or <security(a)suse.de>.
The <security(a)suse.de> public key is listed below.
=====================================================================
______________________________________________________________________________
The information in this advisory may be distributed or reproduced,
provided that the advisory is not modified in any way. In particular,
it is desired that the clear-text signature shows proof of the
authenticity of the text.
SuSE Linux AG makes no warranties of any kind whatsoever with respect
to the information contained in this security advisory.
Type Bits/KeyID Date User ID
pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security(a)suse.de>
pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build(a)suse.de>
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
mQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCkYS3yEKeueNWc+z/0Kvff
4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP+Y0PFPboMvKx0FXl/A0d
M+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR8xocQSVCFxcwvwCglVcO
QliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U8c/yE/vdvpN6lF0tmFrK
XBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0ScZqITuZC4CWxJa9GynBE
D3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEhELBeGaPdNCcmfZ66rKUd
G5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtBUVKn4zLUOf6aeBAoV6NM
CC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOoAqajLfvkURHAeSsxXIoE
myW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1nKFvF+rQoU3VTRSBQYWNr
YWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohcBBMRAgAcBQI57vSBBQkD
wmcABAsKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyl8sAJ98BgD40zw0GHJHIf6d
NfnwI2PAsgCgjH1+PnYEl7TFjtZsqhezX7vZvYCIRgQQEQIABgUCOnBeUgAKCRCe
QOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lxyoAejACeOO1HIbActAevk5MUBhNe
LZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWnB/9An5vfiUUE1VQnt+T/EYklES3t
XXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDVwM2OgSEISZxbzdXGnqIlcT08TzBU
D9i579uifklLsnr35SJDZ6ram51/CWOnnaVhUzneOA9gTPSr+/fT3WeVnwJiQCQ3
0kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF5Yryk23pQUPAgJENDEqeU6iIO9Ot
1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3D3EN8C1yPqZd5CvvznYvB6bWBIpW
cRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGuzgpJt9IXSzyohEJB6XG5+D0BiF0E
ExECAB0FAjxqqTQFCQoAgrMFCwcKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyp1f
AJ9dR7saz2KPNwD3U+fy/0BDKXrYGACfbJ8fQcJqCBQxeHvt9yMPDVq0B0W5Ag0E
Oe70khAIAISR0E3ozF/la+oNaRwxHLrCet30NgnxRROYhPaJB/Tu1FQokn2/Qld/
HZnh3TwhBIw1FqrhWBJ7491iAjLR9uPbdWJrn+A7t8kSkPaF3Z/6kyc5a8fas44h
t5h+6HMBzoFCMAq2aBHQRFRNp9Mz1ZvoXXcI1lk1l8OqcUM/ovXbDfPcXsUVeTPT
tGzcAi2jVl9hl3iwJKkyv/RLmcusdsi8YunbvWGFAF5GaagYQo7YlF6UaBQnYJTM
523AMgpPQtsKm9o/w9WdgXkgWhgkhZEeqUS3m5xNey1nLu9iMvq9M/iXnGz4sg6Q
2Y+GqZ+yAvNWjRRou3zSE7Bzg28MI4sAAwYH/2D71Xc5HPDgu87WnBFgmp8MpSr8
QnSs0wwPg3xEullGEocolSb2c0ctuSyeVnCttJMzkukL9TqyF4s/6XRstWirSWaw
JxRLKH6Zjo/FaKsshYKf8gBkAaddvpl3pO0gmUYbqmpQ3xDEYlhCeieXS5MkockQ
1sj2xYdB1xO0ExzfiCiscUKjUFy+mdzUsUutafuZ+gbHog1CN/ccZCkxcBa5IFCH
ORrNjq9pYWlrxsEn6ApsG7JJbM2besW1PkdEoxak74z1senh36m5jQvVjA3U4xq1
wwylxadmmJaJHzeiLfb7G1ZRjZTsB7fyYxqDzMVul6o9BSwO/1XsIAnV1uuITAQY
EQIADAUCOe70kgUJA8JnAAAKCRCoTtronIAKyksiAJsFB3/77SkH3JlYOGrEe1Ol
0JdGwACeKTttgeVPFB+iGJdiwQlxasOfuXyITAQYEQIADAUCPGqpWQUJCgCCxwAK
CRCoTtronIAKyofBAKCSZM2UFyta/fe9WgITK9I5hbxxtQCfX+0ar2CZmSknn3co
SPihn1+OBNyZAQ0DNuEtBAAAAQgAoCRcd7SVZEFcumffyEwfLTcXQjhKzOahzxpo
omuF+HIyU4AGq+SU8sTZ/1SsjhdzzrSAfv1lETACA+3SmLr5KV40Us1w0UC64cwt
A46xowVq1vMlH2Lib+V/qr3b1hE67nMHjysECVx9Ob4gFuKNoR2eqnAaJvjnAT8J
/LoUC20EdCHUqn6v+M9t/WZgC+WNR8cq69uDy3YQhDP/nIan6fm2uf2kSV9A7ZxE
GrwsWl/WX5Q/sQqMWaU6r4az98X3z90/cN+eJJ3vwtA+rm+nxEvyev+jaLuOQBDf
ebh/XA4FZ35xmi+spdiVeJH4F/ubaGlmj7+wDOF3suYAPSXT2QAFEbQlU3VTRSBT
ZWN1cml0eSBUZWFtIDxzZWN1cml0eUBzdXNlLmRlPokBFQMFEDbhLUfkWLKHsco8
RQEBVw4H/1vIdiOLX/7hdzYaG9crQVIk3QwaB5eBbjvLEMvuCZHiY2COUg5QdmPQ
8SlWNZ6k4nu1BLcv2g/pymPUWP9fG4tuSnlUJDrWGm3nhyhAC9iudP2u1YQY37Gb
B6NPVaZiYMnEb4QYFcqv5c/r2ghSXUTYk7etd6SW6WCOpEqizhx1cqDKNZnsI/1X
11pFcO2N7rc6byDBJ1T+cK+F1Ehan9XBt/shryJmv04nli5CXQMEbiqYYMOu8iaA
8AWRgXPCWqhyGhcVD3LRhUJXjUOdH4ZiHCXaoF3zVPxpeGKEQY8iBrDeDyB3wHmj
qY9WCX6cmogGQRgYG6yJqDalLqrDOdmJARUDBRA24S0Ed7LmAD0l09kBAW04B/4p
WH3f1vQn3i6/+SmDjGzUu2GWGq6Fsdwo2hVM2ym6CILeow/K9JfhdwGvY8LRxWRL
hn09j2IJ9P7H1Yz3qDf10AX6V7YILHtchKT1dcngCkTLmDgC4rs1iAAl3f089sRG
BafGPGKv2DQjHfR1LfRtbf0P7c09Tkej1MP8HtQMW9hPkBYeXcwbCjdrVGFOzqx+
AvvJDdT6a+oyRMTFlvmZ83UV5pgoyimgjhWnM1V4bFBYjPrtWMkdXJSUXbR6Q7Pi
RZWCzGRzwbaxqpl3rK/YTCphOLwEMB27B4/fcqtBzgoMOiaZA0M5fFoo54KgRIh0
zinsSx2OrWgvSiLEXXYKiEYEEBECAAYFAjseYcMACgkQnkDjEAAKq6ROVACgjhDM
/3KM+iFjs5QXsnd4oFPOnbkAnjYGa1J3em+bmV2aiCdYXdOuGn4ZiQCVAwUQN7c7
whaQN/7O/JIVAQEB+QP/cYblSAmPXxSFiaHWB+MiUNw8B6ozBLK0QcMQ2YcL6+Vl
D+nSZP20+Ja2nfiKjnibCv5ss83yXoHkYk2Rsa8foz6Y7tHwuPiccvqnIC/c9Cvz
dbIsdxpfsi0qWPfvX/jLMpXqqnPjdIZErgxpwujas1n9016PuXA8K3MJwVjCqSKI
RgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA1iSYcbhtgvx9ByLPI
DgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE=
=LRKC
- -----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iQEVAwUBPdN4f3ey5gA9JdPZAQFYfgf/fBA6GtBHgChwqbfDmnbp0BQWrvnJKv97
4rwnnoF2HqsHRdR6d5W8xF4EOJaedzhotTFUDmy2CWUabWdpCgac79JSQ8iI+P8G
N/Uv4o5kloBuvahTk0GHDoG5HVLQCaPbLZUnAWxcYzu57oQ+HaGJTF49cVfZhVkD
KCGBwMgYwpWNUNQ3QcOl8liPqrNj6K512J4AivnjkCuXO0fsiXTuR7rPg7NgZzVn
BoXhyt0Hvvk1zkkMf4JMGATdl6V5t2sK3YBsKPWEnd0yB3vqNYs3LUH3ArctsUXP
c6DMP9p6++OJySP+Bb6Mg3h7JCbLqBMuuElppEbcApnE6JXFhGozBQ==
=GZ1Z
-----END PGP SIGNATURE-----
1
0
12 Nov '02
-----BEGIN PGP SIGNED MESSAGE-----
______________________________________________________________________________
SuSE Security Announcement
Package: traceroute-nanog/nkitb
Announcement-ID: SuSE-SA:2002:043
Date: Tuesday, Nov 12th 2002 09:30 MEST
Affected products: 7.0, 7.1, 7.2, 7.3, 8.0
SuSE eMail Server 3.1
SuSE eMail Server III
SuSE Firewall Adminhost VPN
SuSE Linux Admin-CD for Firewall
SuSE Firewall on CD 2 - VPN
SuSE Firewall on CD 2
SuSE Linux Connectivity Server
SuSE Linux Enterprise Server 7
SuSE Linux Office Server
Vulnerability Type: local root
Severity (1-10): 4
SuSE default package: yes
Cross References: none
Content of this advisory:
1) security vulnerability resolved: - dropping root after gaining
raw socket
- a few buffer overflows
2) pending vulnerabilities, solutions, workarounds:
- ypserv
- horde
- openssh
- wrong MD5 sums in advisory SuSE-SA:2002:041
3) standard appendix (further information)
______________________________________________________________________________
1) problem description, brief discussion, solution, upgrade information
Traceroute is a tool that can be used to track packets in a TCP/IP
network to determine it's route or to find out about not working
routers.
Traceroute-nanog requires root privilege to open a raw socket. It
does not relinquish these privileges after doing so. This allows
a malicious user to gain root access by exploiting a buffer
overflow at a later point.
For all products prior to 8.1, the traceroute package
contains the NANOG implementation. This package is installed by
default. Starting with 8.1, SuSE Linux contains a traceroute program
rewritten by Olaf Kirch that does not require root privileges anymore.
This version of traceroute is not vulnerable.
This is the first update for the traceroute package on the SuSE Linux
distributions 7.1 through 8.0. We have changed the version string in
the update packages to read "6.x" instead of the former "nanog_6.x" to
enable a clean comparison between version numbers. This change is
misleading in that it suggests that the package name has been changed.
Since only the version string is affected, the name of the package
remains the same.
As a workaround you can remove the setuid bit or just allow trusted
users to execute traceroute-nanog.
Become root and add the following line to /etc/permissions.local:
"/usr/sbin/traceroute root.trusted 4750"
This line will keep the setuid root bit for /usr/sbin/traceroute
and just allow users in group trusted to execute the binary.
To make the permission change and keep it permanent you have to
run chkstat(8):
"chkstat -set /etc/permissions.local"
Please download the update package for your distribution and verify its
integrity by the methods listed in section 3) of this announcement.
Then, install the package using the command "rpm -Fhv file.rpm" to apply
the update.
Our maintenance customers are being notified individually. The packages
are being offered to install from the maintenance web.
Missing packages are being built and tested and will be available for
download soon.
Intel i386 Platform:
SuSE-8.0:
ftp://ftp.suse.com/pub/suse/i386/update/8.0/n1/traceroute-6.1.1-0.i386.rpm
afe01bf0b151eca2f42fa5737c99bdc7
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/traceroute-6.1.1-0.src.rpm
ee35e7cf554daa37a3976f473d4192f1
SuSE-7.3:
ftp://ftp.suse.com/pub/suse/i386/update/7.3/n1/traceroute-6.1.1-0.i386.rpm
0ef0c0153532fcefdf776311503e590b
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/7.3/zq1/traceroute-6.1.1-0.src.rpm
15a9f3dba6339f0a0bb57ce17d2d9894
SuSE-7.2:
ftp://ftp.suse.com/pub/suse/i386/update/7.2/n1/traceroute-6.1.1-0.i386.rpm
3b9acb72a3208e3e4e92c0df8ab8d46f
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/7.2/zq1/traceroute-6.1.1-0.src.rpm
a6fd1c7dc3bea4d08ef1efdcbc30fff6
SuSE-7.1:
ftp://ftp.suse.com/pub/suse/i386/update/7.1/n1/traceroute-6.0-0.i386.rpm
1ac8de3a6e54451bae8e3068f2fbd1e9
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/7.1/zq1/traceroute-6.0-0.src.rpm
291036123b377184fdf0231d6878f57d
SuSE-7.0:
ftp://ftp.suse.com/pub/suse/i386/update/7.0/a1/nkitb-2002.11.6-0.i386.rpm
b1105bc6916a5fdbd54db63d52ec3d81
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/7.0/zq1/nkitb-2002.11.6-0.src.rpm
3061bd5e551995d62c96da133927a612
Sparc Platform:
SuSE-7.3:
ftp://ftp.suse.com/pub/suse/sparc/update/7.3/n1/traceroute-6.1.1-0.sparc.rpm
638b868bedab639292d740e60cd0b266
source rpm(s):
ftp://ftp.suse.com/pub/suse/sparc/update/7.3/zq1/traceroute-6.1.1-0.src.rpm
10a996ae6a2b4b739bca8f5e9d65e2da
AXP Alpha Platform:
SuSE-7.1:
ftp://ftp.suse.com/pub/suse/axp/update/7.1/n1/traceroute-6.0-0.alpha.rpm
f2d241cd2331bb3de3382b338fba50b8
source rpm(s):
ftp://ftp.suse.com/pub/suse/axp/update/7.1/zq1/traceroute-6.0-0.src.rpm
949737f63fe99b4476b9c325bdc966fc
SuSE-7.0:
ftp://ftp.suse.com/pub/suse/axp/update/7.0/a1/nkitb-2002.11.6-0.alpha.rpm
04a5746b70af2e99f8a31b86e16cb470
source rpm(s):
ftp://ftp.suse.com/pub/suse/axp/update/7.0/zq1/nkitb-2002.11.6-0.src.rpm
83abbae6c15ee25adc702047d41a6564
PPC Power PC Platform:
SuSE-7.3:
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/n1/traceroute-6.1.1-0.ppc.rpm
a00ed346efdc8992b6cf92b890dcc7db
source rpm(s):
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/zq1/traceroute-6.1.1-0.src.rpm
8bfd655104212afc745ea998f0fe6d84
SuSE-7.1:
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/n1/traceroute-6.0-0.ppc.rpm
0dc4fa991f1b6a2260af694b9b73ff1a
source rpm(s):
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/zq1/traceroute-6.0-0.src.rpm
9e60c951a66e635cab2aa46559f4aa4e
SuSE-7.0:
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/a1/nkitb-2002.11.6-0.ppc.rpm
eb7d62c5e6ae971a6a96d8a475b8d9fb
source rpm(s):
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/zq1/nkitb-2002.11.6-0.src.rpm
c4b5a31e58a91b5dbd0b6ba497e69046
______________________________________________________________________________
2) Pending vulnerabilities in SuSE Distributions and Workarounds:
- horde
There was a cross-site scripting vulnerability in horde.
Updated packages have been released for 7.3, 8.0 and 8.1.
- openssh
When the SSH daemon finds that a user's password has expired,
the user is forced to set a new password. While doing so, sshd
did not turn off the terminal echo, causing the password to
be visible on the screen as it was typed. We are in the process
of releasing updated package for 7.0 through 7.3. SuSE Linux 8.0
and 8.1 are not affected.
- ypserv
Thorsten Kukuk found a memory leak in ypserv that caused it to lose
small amounts of memory each time it processes certain malformed
requests. This could be used by an attacker to kill ypserv by repeating
this exercise until it runs out of memory.
We have released updated packages for 7.0 through 8.0. SuSE Linux 8.1
is not affected.
- wrong MD5 sums in advisory SuSE-SA:2002:041
Due to a mistake the SuSE Security Announcement SuSE-SA:2002:041
(perl-Mailtools) contains wrong MD5 sums.
A new version will be published on our security web sites soon.
______________________________________________________________________________
3) standard appendix: authenticity verification, additional information
- Package authenticity verification:
SuSE update packages are available on many mirror ftp servers all over
the world. While this service is being considered valuable and important
to the free and open source software community, many users wish to be
sure about the origin of the package and its content before installing
the package. There are two verification methods that can be used
independently from each other to prove the authenticity of a downloaded
file or rpm package:
1) md5sums as provided in the (cryptographically signed) announcement.
2) using the internal gpg signatures of the rpm package.
1) execute the command
md5sum <name-of-the-file.rpm>
after you downloaded the file from a SuSE ftp server or its mirrors.
Then, compare the resulting md5sum with the one that is listed in the
announcement. Since the announcement containing the checksums is
cryptographically signed (usually using the key security(a)suse.de)
the checksums show proof of the authenticity of the package.
We disrecommend to subscribe to security lists which cause the
email message containing the announcement to be modified so that
the signature does not match after transport through the mailing
list software.
Downsides: You must be able to verify the authenticity of the
announcement in the first place. If RPM packages are being rebuilt
and a new version of a package is published on the ftp server, all
md5 sums for the files are useless.
2) rpm package signatures provide an easy way to verify the authenticity
of an rpm package. Use the command
rpm -v --checksig <file.rpm>
to verify the signature of the package, where <file.rpm> is the
filename of the rpm package that you have downloaded. Of course,
package authenticity verification can only target an un-installed rpm
package file.
Prerequisites:
a) gpg is installed
b) The package is signed using a certain key. The public part of this
key must be installed by the gpg program in the directory
~/.gnupg/ under the user's home directory who performs the
signature verification (usually root). You can import the key
that is used by SuSE in rpm packages for SuSE Linux by saving
this announcement to a file ("announcement.txt") and
running the command (do "su -" to be root):
gpg --batch; gpg < announcement.txt | gpg --import
SuSE Linux distributions version 7.1 and thereafter install the
key "build(a)suse.de" upon installation or upgrade, provided that
the package gpg is installed. The file containing the public key
is placed at the top-level directory of the first CD (pubring.gpg)
and at ftp://ftp.suse.com/pub/suse/pubring.gpg-build.suse.de .
- SuSE runs two security mailing lists to which any interested party may
subscribe:
suse-security(a)suse.com
- general/linux/SuSE security discussion.
All SuSE security announcements are sent to this list.
To subscribe, send an email to
<suse-security-subscribe(a)suse.com>.
suse-security-announce(a)suse.com
- SuSE's announce-only mailing list.
Only SuSE's security announcements are sent to this list.
To subscribe, send an email to
<suse-security-announce-subscribe(a)suse.com>.
For general information or the frequently asked questions (faq)
send mail to:
<suse-security-info(a)suse.com> or
<suse-security-faq(a)suse.com> respectively.
=====================================================================
SuSE's security contact is <security(a)suse.com> or <security(a)suse.de>.
The <security(a)suse.de> public key is listed below.
=====================================================================
______________________________________________________________________________
The information in this advisory may be distributed or reproduced,
provided that the advisory is not modified in any way. In particular,
it is desired that the clear-text signature shows proof of the
authenticity of the text.
SuSE Linux AG makes no warranties of any kind whatsoever with respect
to the information contained in this security advisory.
Type Bits/KeyID Date User ID
pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security(a)suse.de>
pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build(a)suse.de>
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
mQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCkYS3yEKeueNWc+z/0Kvff
4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP+Y0PFPboMvKx0FXl/A0d
M+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR8xocQSVCFxcwvwCglVcO
QliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U8c/yE/vdvpN6lF0tmFrK
XBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0ScZqITuZC4CWxJa9GynBE
D3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEhELBeGaPdNCcmfZ66rKUd
G5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtBUVKn4zLUOf6aeBAoV6NM
CC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOoAqajLfvkURHAeSsxXIoE
myW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1nKFvF+rQoU3VTRSBQYWNr
YWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohcBBMRAgAcBQI57vSBBQkD
wmcABAsKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyl8sAJ98BgD40zw0GHJHIf6d
NfnwI2PAsgCgjH1+PnYEl7TFjtZsqhezX7vZvYCIRgQQEQIABgUCOnBeUgAKCRCe
QOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lxyoAejACeOO1HIbActAevk5MUBhNe
LZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWnB/9An5vfiUUE1VQnt+T/EYklES3t
XXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDVwM2OgSEISZxbzdXGnqIlcT08TzBU
D9i579uifklLsnr35SJDZ6ram51/CWOnnaVhUzneOA9gTPSr+/fT3WeVnwJiQCQ3
0kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF5Yryk23pQUPAgJENDEqeU6iIO9Ot
1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3D3EN8C1yPqZd5CvvznYvB6bWBIpW
cRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGuzgpJt9IXSzyohEJB6XG5+D0BiF0E
ExECAB0FAjxqqTQFCQoAgrMFCwcKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyp1f
AJ9dR7saz2KPNwD3U+fy/0BDKXrYGACfbJ8fQcJqCBQxeHvt9yMPDVq0B0W5Ag0E
Oe70khAIAISR0E3ozF/la+oNaRwxHLrCet30NgnxRROYhPaJB/Tu1FQokn2/Qld/
HZnh3TwhBIw1FqrhWBJ7491iAjLR9uPbdWJrn+A7t8kSkPaF3Z/6kyc5a8fas44h
t5h+6HMBzoFCMAq2aBHQRFRNp9Mz1ZvoXXcI1lk1l8OqcUM/ovXbDfPcXsUVeTPT
tGzcAi2jVl9hl3iwJKkyv/RLmcusdsi8YunbvWGFAF5GaagYQo7YlF6UaBQnYJTM
523AMgpPQtsKm9o/w9WdgXkgWhgkhZEeqUS3m5xNey1nLu9iMvq9M/iXnGz4sg6Q
2Y+GqZ+yAvNWjRRou3zSE7Bzg28MI4sAAwYH/2D71Xc5HPDgu87WnBFgmp8MpSr8
QnSs0wwPg3xEullGEocolSb2c0ctuSyeVnCttJMzkukL9TqyF4s/6XRstWirSWaw
JxRLKH6Zjo/FaKsshYKf8gBkAaddvpl3pO0gmUYbqmpQ3xDEYlhCeieXS5MkockQ
1sj2xYdB1xO0ExzfiCiscUKjUFy+mdzUsUutafuZ+gbHog1CN/ccZCkxcBa5IFCH
ORrNjq9pYWlrxsEn6ApsG7JJbM2besW1PkdEoxak74z1senh36m5jQvVjA3U4xq1
wwylxadmmJaJHzeiLfb7G1ZRjZTsB7fyYxqDzMVul6o9BSwO/1XsIAnV1uuITAQY
EQIADAUCOe70kgUJA8JnAAAKCRCoTtronIAKyksiAJsFB3/77SkH3JlYOGrEe1Ol
0JdGwACeKTttgeVPFB+iGJdiwQlxasOfuXyITAQYEQIADAUCPGqpWQUJCgCCxwAK
CRCoTtronIAKyofBAKCSZM2UFyta/fe9WgITK9I5hbxxtQCfX+0ar2CZmSknn3co
SPihn1+OBNyZAQ0DNuEtBAAAAQgAoCRcd7SVZEFcumffyEwfLTcXQjhKzOahzxpo
omuF+HIyU4AGq+SU8sTZ/1SsjhdzzrSAfv1lETACA+3SmLr5KV40Us1w0UC64cwt
A46xowVq1vMlH2Lib+V/qr3b1hE67nMHjysECVx9Ob4gFuKNoR2eqnAaJvjnAT8J
/LoUC20EdCHUqn6v+M9t/WZgC+WNR8cq69uDy3YQhDP/nIan6fm2uf2kSV9A7ZxE
GrwsWl/WX5Q/sQqMWaU6r4az98X3z90/cN+eJJ3vwtA+rm+nxEvyev+jaLuOQBDf
ebh/XA4FZ35xmi+spdiVeJH4F/ubaGlmj7+wDOF3suYAPSXT2QAFEbQlU3VTRSBT
ZWN1cml0eSBUZWFtIDxzZWN1cml0eUBzdXNlLmRlPokBFQMFEDbhLUfkWLKHsco8
RQEBVw4H/1vIdiOLX/7hdzYaG9crQVIk3QwaB5eBbjvLEMvuCZHiY2COUg5QdmPQ
8SlWNZ6k4nu1BLcv2g/pymPUWP9fG4tuSnlUJDrWGm3nhyhAC9iudP2u1YQY37Gb
B6NPVaZiYMnEb4QYFcqv5c/r2ghSXUTYk7etd6SW6WCOpEqizhx1cqDKNZnsI/1X
11pFcO2N7rc6byDBJ1T+cK+F1Ehan9XBt/shryJmv04nli5CXQMEbiqYYMOu8iaA
8AWRgXPCWqhyGhcVD3LRhUJXjUOdH4ZiHCXaoF3zVPxpeGKEQY8iBrDeDyB3wHmj
qY9WCX6cmogGQRgYG6yJqDalLqrDOdmJARUDBRA24S0Ed7LmAD0l09kBAW04B/4p
WH3f1vQn3i6/+SmDjGzUu2GWGq6Fsdwo2hVM2ym6CILeow/K9JfhdwGvY8LRxWRL
hn09j2IJ9P7H1Yz3qDf10AX6V7YILHtchKT1dcngCkTLmDgC4rs1iAAl3f089sRG
BafGPGKv2DQjHfR1LfRtbf0P7c09Tkej1MP8HtQMW9hPkBYeXcwbCjdrVGFOzqx+
AvvJDdT6a+oyRMTFlvmZ83UV5pgoyimgjhWnM1V4bFBYjPrtWMkdXJSUXbR6Q7Pi
RZWCzGRzwbaxqpl3rK/YTCphOLwEMB27B4/fcqtBzgoMOiaZA0M5fFoo54KgRIh0
zinsSx2OrWgvSiLEXXYKiEYEEBECAAYFAjseYcMACgkQnkDjEAAKq6ROVACgjhDM
/3KM+iFjs5QXsnd4oFPOnbkAnjYGa1J3em+bmV2aiCdYXdOuGn4ZiQCVAwUQN7c7
whaQN/7O/JIVAQEB+QP/cYblSAmPXxSFiaHWB+MiUNw8B6ozBLK0QcMQ2YcL6+Vl
D+nSZP20+Ja2nfiKjnibCv5ss83yXoHkYk2Rsa8foz6Y7tHwuPiccvqnIC/c9Cvz
dbIsdxpfsi0qWPfvX/jLMpXqqnPjdIZErgxpwujas1n9016PuXA8K3MJwVjCqSKI
RgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA1iSYcbhtgvx9ByLPI
DgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE=
=LRKC
- -----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
iQEVAwUBPdD1JHey5gA9JdPZAQFk9gf9G4vs4m1GH5VdDOBGnS6E/ElvnD+IgMRH
Im/TbR7CXisww90x254rs1keMRoZFPyb87loDhSPXe1wl9hCDWYiYRZk8YtkeKYw
PucnESkJvtzhIu8WeiJY4eENsRbk8776OKDSnYUbZ4XiWI5Dh4uJnRtZT6XF/tDQ
0cdi5JTMc8pmRSnxlzBSO8LxSF5/gS8MKNb2QPHCxGoLf+xn4Z+VpSxNOCXIRmhy
nCyEIUkUvtpuKN159KSyyBzQQbZcHsWXdNqoySWR+NVVzY6fmfWUYtqaGar3F0Nd
3QxiBPckpF5zook4cLIPBe0Hrtwvi11ZCTySwbTDIYaM4NEv2Ha7NQ==
=X5pd
-----END PGP SIGNATURE-----
Bye,
Thomas
--
Thomas Biege <thomas(a)suse.de>
SuSE Linux AG,Deutschherrnstr. 15-19,90429 Nuernberg
Function: Security Support & Auditing
"lynx -source http://www.suse.de/~thomas/contact/thomas.asc | pgp -fka"
Key fingerprint = 51 AD B9 C7 34 FC F2 54 01 4A 1C D4 66 64 09 83
--
Cold silence has a tendency to atrophy any sense of compassion
- Maynard James Keenan
1
0
SuSE Security Announcement: KDE lanbrowser vulnerability (SuSE-SA:2002:042)
by Olaf Kirch 12 Nov '02
by Olaf Kirch 12 Nov '02
12 Nov '02
-----BEGIN PGP SIGNED MESSAGE-----
______________________________________________________________________________
SuSE Security Announcement
Package: kdenetwork
Announcement-ID: SuSE-SA:2002:042
Date: Tue Nov 12 10:00:00 CET 2002
Affected products: 7.2, 7.3
SuSE eMail Server III, 3.1
SuSE Firewall on CD
SuSE Linux Connectivity Server
SuSE Linux Enterprise Server 7
SuSE Linux Office Server
Vulnerability Type: remote command execution
Severity (1-10): 6
SuSE default package: yes
Cross References: http://www.kde.org/info/security
Content of this advisory:
1) security vulnerability resolved: Remote command execution via
the lisa lanbrowser.
problem description, discussion, solution and upgrade information
2) pending vulnerabilities, solutions, workarounds: problem in
KDE rlogin:// URL handler
3) standard appendix (further information)
______________________________________________________________________________
1) problem description, brief discussion, solution, upgrade information
During a security review, the SuSE security team has found two
vulnerabilities in the KDE lanbrowsing service.
LISa is used to identify CIFS and other servers on the local
network, and consists of two main modules: "lisa", a network daemon,
and "reslisa", a restricted version of the lisa daemon. LISa can
be accessed in KDE using the URL type "lan://", and resLISa using
the URL type "rlan://".
LISA will obtain information on the local network by looking for
an existing LISA server on other local hosts, and if there is one,
it retrieves the list of servers from it. If there is no other LISA
server, it will scan the network itself.
SuSE Linux can be configured to run the lisa daemon at system boot
time. The daemon is not started by default, however.
The first vulnerability found is a buffer overflow in the lisa
daemon, and can be exploited by an attacker on the local network
to obtain root privilege on a machine running the lisa daemon.
It is not exploitable on a default installation of SuSE Linux,
because the lisa daemon is not started by default.
The second vulnerability is a buffer overflow in the lan:// URL
handler. It can possibly be exploited by remote attackers to gain
access to the victim user's account, for instance by causing the
user to follow a bad lan:// link in a HTML document.
This update provides fixes for SuSE Linux 7.2 and 7.3. Previous
updates already corrected the vulnerability in SuSE Linux 8.0,
and SuSE Linux 8.1 contains the fix already.
Please download the update package for your distribution and verify its
integrity by the methods listed in section 3) of this announcement.
Then, install the package using the command "rpm -Fhv file.rpm" to apply
the update.
Our maintenance customers are being notified individually. The packages
are being offered to install from the maintenance web.
Intel i386 Platform:
SuSE-7.3:
ftp://ftp.suse.com/pub/suse/i386/update/7.3/k2de1/kdenetwork-2.2.1-101.i386…
796ee745cea4f743ba4dc7314d0eab47
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/7.3/zq1/kdenetwork-2.2.1-101.src.rpm
bdbcc6e939e4fb2f67d92c4998550ebe
SuSE-7.2:
ftp://ftp.suse.com/pub/suse/i386/update/7.2/k2de1/kdenetwork-2.1.1-154.i386…
52168eb8a1f393d5b070e76a40e12040
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/7.2/zq1/kdenetwork-2.1.1-154.src.rpm
d46367f1c45e557a10854ef9efaa6184
Sparc Platform:
SuSE-7.3:
ftp://ftp.suse.com/pub/suse/sparc/update/7.3/k2de1/kdenetwork-2.2.1-50.spar…
0e7fb9026b8fbf8f023bccb6a1ffe9e3
source rpm(s):
ftp://ftp.suse.com/pub/suse/sparc/update/7.3/zq1/kdenetwork-2.2.1-50.src.rpm
c11e3cf176d02bf600d312e527ffa159
PPC Power PC Platform:
SuSE-7.3:
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/k2de1/kdenetwork-2.2.1-88.ppc.rpm
267805b2368f739ec195bec154b7e04c
source rpm(s):
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/zq1/kdenetwork-2.2.1-88.src.rpm
7f52f011e7b7535b0396fe5d00cf04a8
______________________________________________________________________________
2) Pending vulnerabilities in SuSE Distributions and Workarounds:
In KDE 2.x and KDE 3.x, there is a vulnerability in the handler for
rlogin:// URLs, which allows remote attackers to execute arbitrary
shell commands with the privileges of the victim user. A similar
vulnerability exists in KDE 2.x in the handler for telnet:// URLs.
The SuSE KDE team is in the process of preparing a kdelibs update
for SuSE Linux. In the interim, we recommend the to disable KDE
support for rlogin as a workaround. On KDE 3.0, execute the following
command as root:
rm /opt/kde3/share/services/rlogin.protocol
On KDE 2, execute these commands:
rm /opt/kde2/share/services/rlogin.protocol
rm /opt/kde2/share/services/telnet.protocol
______________________________________________________________________________
3) standard appendix: authenticity verification, additional information
- Package authenticity verification:
SuSE update packages are available on many mirror ftp servers all over
the world. While this service is being considered valuable and important
to the free and open source software community, many users wish to be
sure about the origin of the package and its content before installing
the package. There are two verification methods that can be used
independently from each other to prove the authenticity of a downloaded
file or rpm package:
1) md5sums as provided in the (cryptographically signed) announcement.
2) using the internal gpg signatures of the rpm package.
1) execute the command
md5sum <name-of-the-file.rpm>
after you downloaded the file from a SuSE ftp server or its mirrors.
Then, compare the resulting md5sum with the one that is listed in the
announcement. Since the announcement containing the checksums is
cryptographically signed (usually using the key security(a)suse.de)
the checksums show proof of the authenticity of the package.
We disrecommend to subscribe to security lists which cause the
email message containing the announcement to be modified so that
the signature does not match after transport through the mailing
list software.
Downsides: You must be able to verify the authenticity of the
announcement in the first place. If RPM packages are being rebuilt
and a new version of a package is published on the ftp server, all
md5 sums for the files are useless.
2) rpm package signatures provide an easy way to verify the authenticity
of an rpm package. Use the command
rpm -v --checksig <file.rpm>
to verify the signature of the package, where <file.rpm> is the
filename of the rpm package that you have downloaded. Of course,
package authenticity verification can only target an un-installed rpm
package file.
Prerequisites:
a) gpg is installed
b) The package is signed using a certain key. The public part of this
key must be installed by the gpg program in the directory
~/.gnupg/ under the user's home directory who performs the
signature verification (usually root). You can import the key
that is used by SuSE in rpm packages for SuSE Linux by saving
this announcement to a file ("announcement.txt") and
running the command (do "su -" to be root):
gpg --batch; gpg < announcement.txt | gpg --import
SuSE Linux distributions version 7.1 and thereafter install the
key "build(a)suse.de" upon installation or upgrade, provided that
the package gpg is installed. The file containing the public key
is placed at the top-level directory of the first CD (pubring.gpg)
and at ftp://ftp.suse.com/pub/suse/pubring.gpg-build.suse.de .
- SuSE runs two security mailing lists to which any interested party may
subscribe:
suse-security(a)suse.com
- general/linux/SuSE security discussion.
All SuSE security announcements are sent to this list.
To subscribe, send an email to
<suse-security-subscribe(a)suse.com>.
suse-security-announce(a)suse.com
- SuSE's announce-only mailing list.
Only SuSE's security announcements are sent to this list.
To subscribe, send an email to
<suse-security-announce-subscribe(a)suse.com>.
For general information or the frequently asked questions (faq)
send mail to:
<suse-security-info(a)suse.com> or
<suse-security-faq(a)suse.com> respectively.
=====================================================================
SuSE's security contact is <security(a)suse.com> or <security(a)suse.de>.
The <security(a)suse.de> public key is listed below.
=====================================================================
______________________________________________________________________________
The information in this advisory may be distributed or reproduced,
provided that the advisory is not modified in any way. In particular,
it is desired that the clear-text signature shows proof of the
authenticity of the text.
SuSE Linux AG makes no warranties of any kind whatsoever with respect
to the information contained in this security advisory.
Type Bits/KeyID Date User ID
pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security(a)suse.de>
pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build(a)suse.de>
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
mQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCkYS3yEKeueNWc+z/0Kvff
4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP+Y0PFPboMvKx0FXl/A0d
M+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR8xocQSVCFxcwvwCglVcO
QliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U8c/yE/vdvpN6lF0tmFrK
XBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0ScZqITuZC4CWxJa9GynBE
D3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEhELBeGaPdNCcmfZ66rKUd
G5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtBUVKn4zLUOf6aeBAoV6NM
CC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOoAqajLfvkURHAeSsxXIoE
myW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1nKFvF+rQoU3VTRSBQYWNr
YWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohcBBMRAgAcBQI57vSBBQkD
wmcABAsKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyl8sAJ98BgD40zw0GHJHIf6d
NfnwI2PAsgCgjH1+PnYEl7TFjtZsqhezX7vZvYCIRgQQEQIABgUCOnBeUgAKCRCe
QOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lxyoAejACeOO1HIbActAevk5MUBhNe
LZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWnB/9An5vfiUUE1VQnt+T/EYklES3t
XXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDVwM2OgSEISZxbzdXGnqIlcT08TzBU
D9i579uifklLsnr35SJDZ6ram51/CWOnnaVhUzneOA9gTPSr+/fT3WeVnwJiQCQ3
0kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF5Yryk23pQUPAgJENDEqeU6iIO9Ot
1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3D3EN8C1yPqZd5CvvznYvB6bWBIpW
cRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGuzgpJt9IXSzyohEJB6XG5+D0BiF0E
ExECAB0FAjxqqTQFCQoAgrMFCwcKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyp1f
AJ9dR7saz2KPNwD3U+fy/0BDKXrYGACfbJ8fQcJqCBQxeHvt9yMPDVq0B0W5Ag0E
Oe70khAIAISR0E3ozF/la+oNaRwxHLrCet30NgnxRROYhPaJB/Tu1FQokn2/Qld/
HZnh3TwhBIw1FqrhWBJ7491iAjLR9uPbdWJrn+A7t8kSkPaF3Z/6kyc5a8fas44h
t5h+6HMBzoFCMAq2aBHQRFRNp9Mz1ZvoXXcI1lk1l8OqcUM/ovXbDfPcXsUVeTPT
tGzcAi2jVl9hl3iwJKkyv/RLmcusdsi8YunbvWGFAF5GaagYQo7YlF6UaBQnYJTM
523AMgpPQtsKm9o/w9WdgXkgWhgkhZEeqUS3m5xNey1nLu9iMvq9M/iXnGz4sg6Q
2Y+GqZ+yAvNWjRRou3zSE7Bzg28MI4sAAwYH/2D71Xc5HPDgu87WnBFgmp8MpSr8
QnSs0wwPg3xEullGEocolSb2c0ctuSyeVnCttJMzkukL9TqyF4s/6XRstWirSWaw
JxRLKH6Zjo/FaKsshYKf8gBkAaddvpl3pO0gmUYbqmpQ3xDEYlhCeieXS5MkockQ
1sj2xYdB1xO0ExzfiCiscUKjUFy+mdzUsUutafuZ+gbHog1CN/ccZCkxcBa5IFCH
ORrNjq9pYWlrxsEn6ApsG7JJbM2besW1PkdEoxak74z1senh36m5jQvVjA3U4xq1
wwylxadmmJaJHzeiLfb7G1ZRjZTsB7fyYxqDzMVul6o9BSwO/1XsIAnV1uuITAQY
EQIADAUCOe70kgUJA8JnAAAKCRCoTtronIAKyksiAJsFB3/77SkH3JlYOGrEe1Ol
0JdGwACeKTttgeVPFB+iGJdiwQlxasOfuXyITAQYEQIADAUCPGqpWQUJCgCCxwAK
CRCoTtronIAKyofBAKCSZM2UFyta/fe9WgITK9I5hbxxtQCfX+0ar2CZmSknn3co
SPihn1+OBNyZAQ0DNuEtBAAAAQgAoCRcd7SVZEFcumffyEwfLTcXQjhKzOahzxpo
omuF+HIyU4AGq+SU8sTZ/1SsjhdzzrSAfv1lETACA+3SmLr5KV40Us1w0UC64cwt
A46xowVq1vMlH2Lib+V/qr3b1hE67nMHjysECVx9Ob4gFuKNoR2eqnAaJvjnAT8J
/LoUC20EdCHUqn6v+M9t/WZgC+WNR8cq69uDy3YQhDP/nIan6fm2uf2kSV9A7ZxE
GrwsWl/WX5Q/sQqMWaU6r4az98X3z90/cN+eJJ3vwtA+rm+nxEvyev+jaLuOQBDf
ebh/XA4FZ35xmi+spdiVeJH4F/ubaGlmj7+wDOF3suYAPSXT2QAFEbQlU3VTRSBT
ZWN1cml0eSBUZWFtIDxzZWN1cml0eUBzdXNlLmRlPokBFQMFEDbhLUfkWLKHsco8
RQEBVw4H/1vIdiOLX/7hdzYaG9crQVIk3QwaB5eBbjvLEMvuCZHiY2COUg5QdmPQ
8SlWNZ6k4nu1BLcv2g/pymPUWP9fG4tuSnlUJDrWGm3nhyhAC9iudP2u1YQY37Gb
B6NPVaZiYMnEb4QYFcqv5c/r2ghSXUTYk7etd6SW6WCOpEqizhx1cqDKNZnsI/1X
11pFcO2N7rc6byDBJ1T+cK+F1Ehan9XBt/shryJmv04nli5CXQMEbiqYYMOu8iaA
8AWRgXPCWqhyGhcVD3LRhUJXjUOdH4ZiHCXaoF3zVPxpeGKEQY8iBrDeDyB3wHmj
qY9WCX6cmogGQRgYG6yJqDalLqrDOdmJARUDBRA24S0Ed7LmAD0l09kBAW04B/4p
WH3f1vQn3i6/+SmDjGzUu2GWGq6Fsdwo2hVM2ym6CILeow/K9JfhdwGvY8LRxWRL
hn09j2IJ9P7H1Yz3qDf10AX6V7YILHtchKT1dcngCkTLmDgC4rs1iAAl3f089sRG
BafGPGKv2DQjHfR1LfRtbf0P7c09Tkej1MP8HtQMW9hPkBYeXcwbCjdrVGFOzqx+
AvvJDdT6a+oyRMTFlvmZ83UV5pgoyimgjhWnM1V4bFBYjPrtWMkdXJSUXbR6Q7Pi
RZWCzGRzwbaxqpl3rK/YTCphOLwEMB27B4/fcqtBzgoMOiaZA0M5fFoo54KgRIh0
zinsSx2OrWgvSiLEXXYKiEYEEBECAAYFAjseYcMACgkQnkDjEAAKq6ROVACgjhDM
/3KM+iFjs5QXsnd4oFPOnbkAnjYGa1J3em+bmV2aiCdYXdOuGn4ZiQCVAwUQN7c7
whaQN/7O/JIVAQEB+QP/cYblSAmPXxSFiaHWB+MiUNw8B6ozBLK0QcMQ2YcL6+Vl
D+nSZP20+Ja2nfiKjnibCv5ss83yXoHkYk2Rsa8foz6Y7tHwuPiccvqnIC/c9Cvz
dbIsdxpfsi0qWPfvX/jLMpXqqnPjdIZErgxpwujas1n9016PuXA8K3MJwVjCqSKI
RgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA1iSYcbhtgvx9ByLPI
DgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE=
=LRKC
- -----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iQEVAwUBPdDVSney5gA9JdPZAQF/ggf/Vd49SfSQCpT0r6KBy98fKRhEvCLX8uen
D8W61fooEGRX6YpDdq5czgrBX5B2p2c907ekbw8W4I/sARm9b/Hy5UkMVVenouPm
UsXA68s6MR9nkB1mZFhM8XJlQSN7bQj8OVnsZxkeTnPW9xybRpKW7anAzJNn04J6
48M880FWIHmCKtWmTf++sqQIFKQN7e4UWPCJWem2MgYWDNoDiF4gg4LVSi0iJYAW
hLK6tQ5j1Lf7bF4zib8XOzzgoEOV870+86OLLs9kqRnJ+yge6KccX1hKHsnLbOHS
Nvv6vN+qrpZWIgqP3iqd5yqqu/XSJYHs3+BWszgORnAabD7LPJjHxA==
=vHMR
-----END PGP SIGNATURE-----
1
0
05 Nov '02
-----BEGIN PGP SIGNED MESSAGE-----
______________________________________________________________________________
SuSE Security Announcement
Package: perl-MailTools
Announcement-ID: SuSE-SA:2002:041
Date: Tue Nov 5 11:30:00 CET 2002
Affected products: 7.1, 7.2, 7.3, 8.0, 8.1
SuSE eMail Server III, 3.1
Vulnerability Type: remote command execution
Severity (1-10): 6
SuSE default package: no
Cross References: -
Content of this advisory:
1) security vulnerability resolved: Remote command execution via
Mail::Mailer package.
problem description, discussion, solution and upgrade information
2) pending vulnerabilities, solutions, workarounds: -
3) standard appendix (further information)
______________________________________________________________________________
1) problem description, brief discussion, solution, upgrade information
The SuSE Security Team reviewed critical Perl modules, including the
Mail::Mailer package. This package contains a security hole which allows
remote attackers to execute arbitrary commands in certain circumstances.
This is due to the usage of mailx as default mailer which allows commands
to be embedded in the mail body.
Vulnerable to this attack are custom auto reply programs or spam filters
which use Mail::Mailer directly or indirectly.
Please download the update package for your distribution and verify its
integrity by the methods listed in section 3) of this announcement.
Then, install the package using the command "rpm -Fhv file.rpm" to apply
the update.
Our maintenance customers are being notified individually. The packages
are being offered to install from the maintenance web.
i386 Intel Platform:
SuSE-8.1
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/perl-MailTools-1.47-29…
d41d8cd98f00b204e9800998ecf8427e
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/perl-MailTools-1.47-29.…
d41d8cd98f00b204e9800998ecf8427e
SuSE-8.0
ftp://ftp.suse.com/pub/suse/i386/update/8.0/perl3/perl-MailTools-1.42-120.i…
d41d8cd98f00b204e9800998ecf8427e
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/perl-MailTools-1.42-120.src…
d41d8cd98f00b204e9800998ecf8427e
SuSE-7.3
ftp://ftp.suse.com/pub/suse/i386/update/7.3/perl2/perl-MailTools-1.1401-187…
d41d8cd98f00b204e9800998ecf8427e
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.3/zq1/perl-MailTools-1.1401-187.s…
d41d8cd98f00b204e9800998ecf8427e
SuSE-7.2
ftp://ftp.suse.com/pub/suse/i386/update/7.2/perl2/perl-MailTools-1.1401-187…
d41d8cd98f00b204e9800998ecf8427e
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.2/zq1/perl-MailTools-1.1401-187.s…
d41d8cd98f00b204e9800998ecf8427e
SuSE-7.1
ftp://ftp.suse.com/pub/suse/i386/update/7.1/perl2/perl-MailTools-1.1401-188…
d41d8cd98f00b204e9800998ecf8427e
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.1/zq1/perl-MailTools-1.1401-188.s…
d41d8cd98f00b204e9800998ecf8427e
Sparc Platform:
SuSE-7.3
ftp://ftp.suse.com/pub/suse/sparc/update/7.3/perl2/perl-MailTools-1.1401-65…
d41d8cd98f00b204e9800998ecf8427e
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.3/zq1/perl-MailTools-1.1401-65.s…
d41d8cd98f00b204e9800998ecf8427e
AXP Alpha Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/axp/update/7.1/perl2/perl-MailTools-1.1401-69.a…
d41d8cd98f00b204e9800998ecf8427e
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/7.1/zq1/perl-MailTools-1.1401-69.src…
d41d8cd98f00b204e9800998ecf8427e
PPC Power PC Platform:
SuSE-7.3
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/perl2/perl-MailTools-1.1401-110.…
d41d8cd98f00b204e9800998ecf8427e
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/7.3/zq1/perl-MailTools-1.1401-110.sr…
d41d8cd98f00b204e9800998ecf8427e
SuSE-7.1
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/perl2/perl-MailTools-1.1401-111.…
d41d8cd98f00b204e9800998ecf8427e
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/zq1/perl-MailTools-1.1401-111.sr…
d41d8cd98f00b204e9800998ecf8427e
______________________________________________________________________________
2) Pending vulnerabilities in SuSE Distributions and Workarounds:
There is no additional information this time.
______________________________________________________________________________
3) standard appendix: authenticity verification, additional information
- Package authenticity verification:
SuSE update packages are available on many mirror ftp servers all over
the world. While this service is being considered valuable and important
to the free and open source software community, many users wish to be
sure about the origin of the package and its content before installing
the package. There are two verification methods that can be used
independently from each other to prove the authenticity of a downloaded
file or rpm package:
1) md5sums as provided in the (cryptographically signed) announcement.
2) using the internal gpg signatures of the rpm package.
1) execute the command
md5sum <name-of-the-file.rpm>
after you downloaded the file from a SuSE ftp server or its mirrors.
Then, compare the resulting md5sum with the one that is listed in the
announcement. Since the announcement containing the checksums is
cryptographically signed (usually using the key security(a)suse.de)
the checksums show proof of the authenticity of the package.
We disrecommend to subscribe to security lists which cause the
email message containing the announcement to be modified so that
the signature does not match after transport through the mailing
list software.
Downsides: You must be able to verify the authenticity of the
announcement in the first place. If RPM packages are being rebuilt
and a new version of a package is published on the ftp server, all
md5 sums for the files are useless.
2) rpm package signatures provide an easy way to verify the authenticity
of an rpm package. Use the command
rpm -v --checksig <file.rpm>
to verify the signature of the package, where <file.rpm> is the
filename of the rpm package that you have downloaded. Of course,
package authenticity verification can only target an un-installed rpm
package file.
Prerequisites:
a) gpg is installed
b) The package is signed using a certain key. The public part of this
key must be installed by the gpg program in the directory
~/.gnupg/ under the user's home directory who performs the
signature verification (usually root). You can import the key
that is used by SuSE in rpm packages for SuSE Linux by saving
this announcement to a file ("announcement.txt") and
running the command (do "su -" to be root):
gpg --batch; gpg < announcement.txt | gpg --import
SuSE Linux distributions version 7.1 and thereafter install the
key "build(a)suse.de" upon installation or upgrade, provided that
the package gpg is installed. The file containing the public key
is placed at the top-level directory of the first CD (pubring.gpg)
and at ftp://ftp.suse.com/pub/suse/pubring.gpg-build.suse.de .
- SuSE runs two security mailing lists to which any interested party may
subscribe:
suse-security(a)suse.com
- general/linux/SuSE security discussion.
All SuSE security announcements are sent to this list.
To subscribe, send an email to
<suse-security-subscribe(a)suse.com>.
suse-security-announce(a)suse.com
- SuSE's announce-only mailing list.
Only SuSE's security announcements are sent to this list.
To subscribe, send an email to
<suse-security-announce-subscribe(a)suse.com>.
For general information or the frequently asked questions (faq)
send mail to:
<suse-security-info(a)suse.com> or
<suse-security-faq(a)suse.com> respectively.
=====================================================================
SuSE's security contact is <security(a)suse.com> or <security(a)suse.de>.
The <security(a)suse.de> public key is listed below.
=====================================================================
______________________________________________________________________________
The information in this advisory may be distributed or reproduced,
provided that the advisory is not modified in any way. In particular,
it is desired that the clear-text signature shows proof of the
authenticity of the text.
SuSE Linux AG makes no warranties of any kind whatsoever with respect
to the information contained in this security advisory.
Type Bits/KeyID Date User ID
pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security(a)suse.de>
pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build(a)suse.de>
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
mQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCkYS3yEKeueNWc+z/0Kvff
4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP+Y0PFPboMvKx0FXl/A0d
M+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR8xocQSVCFxcwvwCglVcO
QliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U8c/yE/vdvpN6lF0tmFrK
XBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0ScZqITuZC4CWxJa9GynBE
D3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEhELBeGaPdNCcmfZ66rKUd
G5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtBUVKn4zLUOf6aeBAoV6NM
CC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOoAqajLfvkURHAeSsxXIoE
myW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1nKFvF+rQoU3VTRSBQYWNr
YWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohcBBMRAgAcBQI57vSBBQkD
wmcABAsKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyl8sAJ98BgD40zw0GHJHIf6d
NfnwI2PAsgCgjH1+PnYEl7TFjtZsqhezX7vZvYCIRgQQEQIABgUCOnBeUgAKCRCe
QOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lxyoAejACeOO1HIbActAevk5MUBhNe
LZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWnB/9An5vfiUUE1VQnt+T/EYklES3t
XXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDVwM2OgSEISZxbzdXGnqIlcT08TzBU
D9i579uifklLsnr35SJDZ6ram51/CWOnnaVhUzneOA9gTPSr+/fT3WeVnwJiQCQ3
0kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF5Yryk23pQUPAgJENDEqeU6iIO9Ot
1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3D3EN8C1yPqZd5CvvznYvB6bWBIpW
cRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGuzgpJt9IXSzyohEJB6XG5+D0BiF0E
ExECAB0FAjxqqTQFCQoAgrMFCwcKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyp1f
AJ9dR7saz2KPNwD3U+fy/0BDKXrYGACfbJ8fQcJqCBQxeHvt9yMPDVq0B0W5Ag0E
Oe70khAIAISR0E3ozF/la+oNaRwxHLrCet30NgnxRROYhPaJB/Tu1FQokn2/Qld/
HZnh3TwhBIw1FqrhWBJ7491iAjLR9uPbdWJrn+A7t8kSkPaF3Z/6kyc5a8fas44h
t5h+6HMBzoFCMAq2aBHQRFRNp9Mz1ZvoXXcI1lk1l8OqcUM/ovXbDfPcXsUVeTPT
tGzcAi2jVl9hl3iwJKkyv/RLmcusdsi8YunbvWGFAF5GaagYQo7YlF6UaBQnYJTM
523AMgpPQtsKm9o/w9WdgXkgWhgkhZEeqUS3m5xNey1nLu9iMvq9M/iXnGz4sg6Q
2Y+GqZ+yAvNWjRRou3zSE7Bzg28MI4sAAwYH/2D71Xc5HPDgu87WnBFgmp8MpSr8
QnSs0wwPg3xEullGEocolSb2c0ctuSyeVnCttJMzkukL9TqyF4s/6XRstWirSWaw
JxRLKH6Zjo/FaKsshYKf8gBkAaddvpl3pO0gmUYbqmpQ3xDEYlhCeieXS5MkockQ
1sj2xYdB1xO0ExzfiCiscUKjUFy+mdzUsUutafuZ+gbHog1CN/ccZCkxcBa5IFCH
ORrNjq9pYWlrxsEn6ApsG7JJbM2besW1PkdEoxak74z1senh36m5jQvVjA3U4xq1
wwylxadmmJaJHzeiLfb7G1ZRjZTsB7fyYxqDzMVul6o9BSwO/1XsIAnV1uuITAQY
EQIADAUCOe70kgUJA8JnAAAKCRCoTtronIAKyksiAJsFB3/77SkH3JlYOGrEe1Ol
0JdGwACeKTttgeVPFB+iGJdiwQlxasOfuXyITAQYEQIADAUCPGqpWQUJCgCCxwAK
CRCoTtronIAKyofBAKCSZM2UFyta/fe9WgITK9I5hbxxtQCfX+0ar2CZmSknn3co
SPihn1+OBNyZAQ0DNuEtBAAAAQgAoCRcd7SVZEFcumffyEwfLTcXQjhKzOahzxpo
omuF+HIyU4AGq+SU8sTZ/1SsjhdzzrSAfv1lETACA+3SmLr5KV40Us1w0UC64cwt
A46xowVq1vMlH2Lib+V/qr3b1hE67nMHjysECVx9Ob4gFuKNoR2eqnAaJvjnAT8J
/LoUC20EdCHUqn6v+M9t/WZgC+WNR8cq69uDy3YQhDP/nIan6fm2uf2kSV9A7ZxE
GrwsWl/WX5Q/sQqMWaU6r4az98X3z90/cN+eJJ3vwtA+rm+nxEvyev+jaLuOQBDf
ebh/XA4FZ35xmi+spdiVeJH4F/ubaGlmj7+wDOF3suYAPSXT2QAFEbQlU3VTRSBT
ZWN1cml0eSBUZWFtIDxzZWN1cml0eUBzdXNlLmRlPokBFQMFEDbhLUfkWLKHsco8
RQEBVw4H/1vIdiOLX/7hdzYaG9crQVIk3QwaB5eBbjvLEMvuCZHiY2COUg5QdmPQ
8SlWNZ6k4nu1BLcv2g/pymPUWP9fG4tuSnlUJDrWGm3nhyhAC9iudP2u1YQY37Gb
B6NPVaZiYMnEb4QYFcqv5c/r2ghSXUTYk7etd6SW6WCOpEqizhx1cqDKNZnsI/1X
11pFcO2N7rc6byDBJ1T+cK+F1Ehan9XBt/shryJmv04nli5CXQMEbiqYYMOu8iaA
8AWRgXPCWqhyGhcVD3LRhUJXjUOdH4ZiHCXaoF3zVPxpeGKEQY8iBrDeDyB3wHmj
qY9WCX6cmogGQRgYG6yJqDalLqrDOdmJARUDBRA24S0Ed7LmAD0l09kBAW04B/4p
WH3f1vQn3i6/+SmDjGzUu2GWGq6Fsdwo2hVM2ym6CILeow/K9JfhdwGvY8LRxWRL
hn09j2IJ9P7H1Yz3qDf10AX6V7YILHtchKT1dcngCkTLmDgC4rs1iAAl3f089sRG
BafGPGKv2DQjHfR1LfRtbf0P7c09Tkej1MP8HtQMW9hPkBYeXcwbCjdrVGFOzqx+
AvvJDdT6a+oyRMTFlvmZ83UV5pgoyimgjhWnM1V4bFBYjPrtWMkdXJSUXbR6Q7Pi
RZWCzGRzwbaxqpl3rK/YTCphOLwEMB27B4/fcqtBzgoMOiaZA0M5fFoo54KgRIh0
zinsSx2OrWgvSiLEXXYKiEYEEBECAAYFAjseYcMACgkQnkDjEAAKq6ROVACgjhDM
/3KM+iFjs5QXsnd4oFPOnbkAnjYGa1J3em+bmV2aiCdYXdOuGn4ZiQCVAwUQN7c7
whaQN/7O/JIVAQEB+QP/cYblSAmPXxSFiaHWB+MiUNw8B6ozBLK0QcMQ2YcL6+Vl
D+nSZP20+Ja2nfiKjnibCv5ss83yXoHkYk2Rsa8foz6Y7tHwuPiccvqnIC/c9Cvz
dbIsdxpfsi0qWPfvX/jLMpXqqnPjdIZErgxpwujas1n9016PuXA8K3MJwVjCqSKI
RgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA1iSYcbhtgvx9ByLPI
DgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE=
=LRKC
- -----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
iQEVAwUBPcelXXey5gA9JdPZAQGIhAf/ZouJs+LaHJo3nAU9BvnwHAWbY4vdbDqO
Il9fPVu9UGaH03nnZdR/IxkBJHtvoUE33aBpWqW2q704h1o9p1jmxe6Us7AGSEq8
27MUPAodZMWzqVV1VrzcLzvRPU+/Ve8wfNhfzSx6/Jt0FF3syrxZ5P1NKtq3sJVj
ZObi5tp+UPdpNxXx85vrk4kpBc8MaO5zJ6ugpwNBfK2sUpJx2R/jqYXYjGlDEiBN
eRF/e+fHlVN2Tm2pAsg3tiuEEikKCP+3A5bDgX6705SGlu20T9VjfDCxN9VLzrwN
coULhgDqNh3Qhr+F9xfLKT42ZysEeysLDXj0TCfvGQoWQUntgOtO0w==
=Pwj8
-----END PGP SIGNATURE-----
--
~
~ perl self.pl
~ $_='print"\$_=\47$_\47;eval"';eval
~ krahmer(a)suse.de - SuSE Security Team
~
1
0