December 2006 - openSUSE Security Announce

SUSE Security Announcement: Mozilla Firefox, Thunderbird (SUSE-SA:2006:080)
by Marcus Meissner 29 Dec '06

29 Dec '06

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Announcement Package: MozillaFirefox,MozillaThunderbird Announcement ID: SUSE-SA:2006:080 Date: Fri, 29 Dec 2006 15:00:00 +0000 Affected Products: Novell Linux Desktop 9 openSUSE 10.2 SUSE LINUX 10.1 SUSE LINUX 10.0 SUSE LINUX 9.3 SUSE SLED 10 SUSE SLES 10 Vulnerability Type: remote code execution Severity (1-10): 7 SUSE Default Package: yes Cross-References: CVE-2006-6497, CVE-2006-6498, CVE-2006-6499 CVE-2006-6500, CVE-2006-6501, CVE-2006-6502 CVE-2006-6503, CVE-2006-6504, CVE-2006-6505 CVE-2006-6506, CVE-2006-6507 Content of This Advisory: 1) Security Vulnerability Resolved: various security problem in Mozilla programs Problem Description 2) Solution or Work-Around 3) Special Instructions and Notes 4) Package Location and Checksums 5) Pending Vulnerabilities, Solutions, and Work-Arounds: See SUSE Security Summary Report. 6) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Problem Description and Brief Discussion This security update brings the current set of Mozilla security updates, with following versions: - Mozilla Firefox to version 1.5.0.9 for Novell Linux Desktop 9, SUSE Linux Enterprise 10 and SUSE Linux 9.3 up to 10.1. - Mozilla Firefox to version 2.0.0.1 for openSUSE 10.2. - Mozilla Thunderbird to version 1.5.0.9 for SUSE Linux 9.3 up to 10.1 and openSUSE 10.2. These updates were released on December 22nd but due to Christmas holidays got announced today. Updated Seamonkey packages will be released soon. More Details regarding the problems can be found on this page: http://www.mozilla.org/projects/security/known-vulnerabilities.html The updated packages includes fixes to the following security problems: CVE-2006-6497/MFSA-2006-68: Crashes with evidence of memory corruption were fixed in the layout engine. CVE-2006-6498/MFSA-2006-68: Crashes with evidence of memory corruption were fixed in the javascript engine. CVE-2006-6499/MFSA-2006-68: Crashes regarding floating point usage were fixed. CVE-2006-6500/MFSA-2006-69: This issue only affects Windows systems, Linux is not affected. CVE-2006-6501/MFSA-2006-70: A privilege escalation using a watch point was fixed. CVE-2006-6502/MFSA-2006-71: A LiveConnect crash finalizing JS objects was fixed. CVE-2006-6503/MFSA-2006-72: A XSS problem caused by setting img.src to javascript: URI was fixed. CVE-2006-6504/MFSA-2006-73: A Mozilla SVG Processing Remote Code Execution was fixed. CVE-2006-6505/MFSA-2006-74: Some Mail header processing heap overflows were fixed. CVE-2006-6506/MFSA-2006-75: The RSS Feed-preview referrer leak was fixed. CVE-2006-6507/MFSA-2006-76: A XSS problem using outer window's Function object was fixed. 2) Solution or Work-Around There is no known workaround, please install the update packages. 3) Special Instructions and Notes Please close and restart all running instances of Mozilla Firefox and Thunderbird after the update. 4) Package Location and Checksums The preferred method for installing security updates is to use the YaST Online Update (YOU) tool. YOU detects which updates are required and automatically performs the necessary steps to verify and install them. Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command rpm -Fhv <file.rpm> to apply the update, replacing <file.rpm> with the filename of the downloaded RPM package. x86 Platform: openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/MozillaFirefox-2.0.0.1-0.1… eea9f40b409823d691ad0e1b3daf5a82 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/MozillaFirefox-translation… dc5e760f067b2d1ea41be90c92517a5d ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/MozillaThunderbird-1.5.0.9… 0b3638d9bfccfca0cf149df1200e6c47 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/MozillaThunderbird-transla… d51cb9ff1cb3f5875cb4fa60b58f159b SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/MozillaFirefox-1.5.0.9-0.2… fa3a6d10cb1a6dd801668e8881424036 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/MozillaFirefox-translation… a40dc8d7e29aa8bb21ecb3c348e0cc05 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/MozillaThunderbird-1.5.0.9… 3bbfce9a8abf9394959348e449b35b95 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/MozillaThunderbird-transla… 869cac360c49cc15358b205923f2ee1d SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/MozillaFirefox-1.5.0.… f0b6bd1b56b874eb0003752cd112d6db ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/MozillaFirefox-transl… 1722380cad796cc29d15374f7c471f09 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/MozillaThunderbird-1.… 82d7d8847f363a9e46fc9d22aa44f0c8 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/MozillaFirefox-1.5.0.9… 06b3af42ed8f528a306650691558301f ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/MozillaFirefox-transla… be42160ef33ead2625b20043267c2ce2 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/MozillaThunderbird-1.5… 239aa22605bbd7c89a8489fb49c51f5d Power PC Platform: openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/MozillaFirefox-2.0.0.1-0.1.… c9611899a9bed84f006f8451dfcc44ae ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/MozillaFirefox-translations… e539db36e921505166e238a5aa853750 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/MozillaThunderbird-1.5.0.9-… 0d0b60cf410588c59003d04ab0ce0b33 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/MozillaThunderbird-translat… 0445e6652c8862691426ed623db2b362 SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/MozillaFirefox-1.5.0.9-0.2.… 3d399bf2bab2611809add386b63c085a ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/MozillaFirefox-translations… 4a0223d379107cc45ef13d59369914dd ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/MozillaThunderbird-1.5.0.9-… a795cd195043826ab0c9227251058905 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/MozillaThunderbird-translat… a2c70ba35f54ff5cf7970d05940f00ee SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/MozillaFirefox-1.5.0.9… 72520bda4b0156991ce85e34eeef90a9 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/MozillaFirefox-transla… 9d7f48fdce0092b7e00920ead4db56dc ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/MozillaThunderbird-1.5… aea7d9cfe7b9b95ddd0761bf4fce7fc1 x86-64 Platform: openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/MozillaFirefox-2.0.0.1-0… 941d4d0e8a4332e3d585b67347d3bfaf ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/MozillaFirefox-translati… 21cbeb89fcad730aecb715d92bdc9521 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/MozillaThunderbird-1.5.0… edc263e07b53d019e0d686c2134dddf5 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/MozillaThunderbird-trans… f4f8dedac060cbd33f4b480aacb05bef SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/MozillaThunderbird-1.5.0… 37f2af41fa077600d68df74547da4339 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/MozillaThunderbird-trans… 094c3157d83486a2fb10f0e3bb365a0a SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/MozillaThunderbird-… f78215541f3b1f1af4aeba8b7414e907 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/MozillaThunderbird-1… dff09a04cd253fdcf830f93aa10edf49 Sources: openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/MozillaFirefox-2.0.0.1-0.1.… 8bdf86d5275d649f546a22c63a4b8cfb ftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/MozillaThunderbird-1.5.0.9-… 223fff785e9e86fd5cbe0106ab1a5ddf SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/MozillaFirefox-1.5.0.9-0.2.… 38373d35abf94ec8c0a2008dd1b6fc0d ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/MozillaThunderbird-1.5.0.9-… 184a16b5b80bd056a9526873756b75a5 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/MozillaFirefox-1.5.0.9… 62ade9bd59c8da0e9b739e59a8247708 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/MozillaThunderbird-1.5… 2ec8f62cf812e2ea756e618c941fbdb5 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/MozillaFirefox-1.5.0.9-… c4444ff036405a4baa37c33b975941fa ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/MozillaThunderbird-1.5.… 14f7289ab7a5a2fcfd6cedf2acda628b Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web: Novell Linux Desktop 9 SUSE SLES 10 SUSE SLED 10 http://support.novell.com/techcenter/psdb/5f62b1276a8877510b3124f13b3c3b27.… ______________________________________________________________________________ 5) Pending Vulnerabilities, Solutions, and Work-Arounds: See SUSE Security Summary Report. ______________________________________________________________________________ 6) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify <file> replacing <file> with the name of the file where you saved the announcement. The output for a valid signature looks like: gpg: Signature made <DATE> using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team <security(a)suse.de>" where <DATE> is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with. There are two verification methods that can be used independently from each other to prove the authenticity of a downloaded file or RPM package: 1) Using the internal gpg signatures of the rpm package 2) MD5 checksums as provided in this announcement 1) The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig <file.rpm> to verify the signature of the package, replacing <file.rpm> with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build(a)suse.de with the key ID 9C800ACA. This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement. 2) If you need an alternative means of verification, use the md5sum command to verify the authenticity of the packages. Execute the command md5sum <filename.rpm> after you downloaded the file from a SUSE FTP server or its mirrors. Then compare the resulting md5sum with the one that is listed in the SUSE security announcement. Because the announcement containing the checksums is cryptographically signed (by security(a)suse.de) the checksums show proof of the authenticity of the package if the signature of the announcement is valid. Note that the md5 sums published in the SUSE Security Announcements are valid for the respective packages only. Newer versions of these packages cannot be verified. - SUSE runs two security mailing lists to which any interested party may subscribe: opensuse-security(a)opensuse.org - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to <opensuse-security+subscribe(a)opensuse.org>. suse-security-announce(a)suse.com - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to <suse-security-announce-subscribe(a)suse.com>. ===================================================================== SUSE's security contact is <security(a)suse.com> or <security(a)suse.de>. The <security(a)suse.de> public key is listed below. ===================================================================== ______________________________________________________________________________ The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text. SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security(a)suse.de> pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build(a)suse.de> - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.2 (GNU/Linux) mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh 1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+ cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7 tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63 Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+ x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0 Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2 saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o L0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU F7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS FQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW tp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It Klj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF AjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+ 3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk YS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP +Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR 8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U 8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S cZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh ELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB UVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo AqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n KFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi BBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro nIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg KL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx yoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn B/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV wM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh UzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF 5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3 D3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu zgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd 9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi a5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13 CNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp 271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE t5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG B/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw rbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt IJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL rWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H RKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa g8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA CspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO =ypVs - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBRZUaBHey5gA9JdPZAQKpeAgAm4waKLsVtJEE94qzAVescCq7YWv87g9u GPJyFBVQEX8GReBxul19z/cXQejqtXdF468a1CXwiITDdnn9DaHFI4g0qnx7auR1 qP37/4IlfokTYao7o6KL4R0liF4v40UtA1Cz867o43Y807An93ES3ow70fxsCpd+ SZcuujkJMBMBm3A+n2RpMUkkikVG8baDZvC4fK5RBU9Trj3LPTeNWa32JNRfXh36 P94enzR6fj/XglUlqh/c2UncKBxL4uUE7oqiOwnmM57Ds/PDsq3qF++YjYeLzYag gFWO+iP7npDiF+tIpd4MIKabV1BsC4lRP83x+NlDOu3deefSRrdeQg== =zNEl -----END PGP SIGNATURE-----

1 0

SUSE Security Announcement: Linux kernel (SUSE-SA:2006:079)
by Marcus Meissner 21 Dec '06

21 Dec '06

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Announcement Package: kernel Announcement ID: SUSE-SA:2006:079 Date: Thu, 21 Dec 2006 14:00:00 +0000 Affected Products: Novell Linux Desktop 9 Novell Linux POS 9 Open Enterprise Server SUSE LINUX 10.1 SUSE LINUX 10.0 SUSE LINUX 9.3 SUSE SLED 10 SUSE SLES 10 SUSE SLES 9 Vulnerability Type: remote denial of service local denial of service local privilege escalation Severity (1-10): 7 SUSE Default Package: yes Cross-References: CVE-2006-3741, CVE-2006-4145, CVE-2006-4538 CVE-2006-4572, CVE-2006-4623, CVE-2006-4813 CVE-2006-4997, CVE-2006-5173, CVE-2006-5174 CVE-2006-5619, CVE-2006-5648, CVE-2006-5649 CVE-2006-5751, CVE-2006-5757, CVE-2006-5823 CVE-2006-6053, CVE-2006-6054, CVE-2006-6056 CVE-2006-6060 Content of This Advisory: 1) Security Vulnerability Resolved: various kernel security problems Problem Description 2) Solution or Work-Around 3) Special Instructions and Notes 4) Package Location and Checksums 5) Pending Vulnerabilities, Solutions, and Work-Arounds: See SUSE Security Summary Report. 6) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Problem Description and Brief Discussion The Linux 2.6 kernel has been updated to fix various security issues. On SUSE Linux Enterprise Server 9 and SUSE Linux Enterprise 10 and their derived products this update also contains various bugfixes. - CVE-2006-4145: A bug within the UDF filesystem that caused machine hangs when truncating files on the filesystem was fixed. - CVE-2006-4623: A problem in DVB packet handling could be used to crash the machine when receiving DVB net packages is active. - CVE-2006-3741: A struct file leak was fixed in the perfmon(2) system call on the Itanium architecture. - CVE-2006-4538: A malformed ELF image can be used on the Itanium architecture to trigger a kernel crash (denial of service) when a local attacker can supply it to be started. - CVE-2006-4997: A problem in the ATM protocol handling clip_mkip function could be used by remote attackers to potentially crash the machine. - CVE-2006-5757/ CVE-2006-6060: A problem in the grow_buffers function could be used to crash or hang the machine using a corrupted filesystem. This affects filesystem types ISO9660 and NTFS. - CVE-2006-5173: On the i386 architecture the EFLAGS content was not correctly saved, which could be used by local attackers to crash other programs using the AC and NT flag or to escalate privileges by waiting for iopl privileges to be leaked. - CVE-2006-5174: On the S/390 architecture copy_from_user() could be used by local attackers to read kernel memory. - CVE-2006-5619: A problem in IPv6 flow label handling can be used by local attackers to hang the machine. - CVE-2006-5648: On the PowerPC architecture a syscall has been wired without the proper futex implementation that can be exploited by a local attacker to hang the machine. - CVE-2006-5649: On the PowerPC architecture the proper futex implementation was missing a fix for alignment check which could be used by a local attacker to crash the machine. - CVE-2006-5823: A problem in cramfs could be used to crash the machine during mounting a crafted cramfs image. This requires an attacker to supply such a crafted image and have a user mount it. - CVE-2006-6053: A problem in the ext3 filesystem could be used by attackers able to supply a crafted ext3 image to cause a denial of service or further data corruption if a user mounts this image. - CVE-2006-6054: A problem in the ext2 filesystem could be used by attackers supplying crafted ext2 images to users could crash the machine during mount. - CVE-2006-6056: Missing return code checking in the HFS could be used to crash machine when a user complicit attacker is able to supply a specially crafted HFS image. - CVE-2006-4572: Multiple unspecified vulnerabilities in netfilter for IPv6 code allow remote attackers to bypass intended restrictions via fragmentation attack vectors, aka (1) "ip6_tables protocol bypass bug" and (2) "ip6_tables extension header bypass bug". - CVE-2006-5751: An integer overflow in the networking bridge ioctl starting with Kernel 2.6.7 could be used by local attackers to overflow kernel memory buffers and potentially escalate privileges. - CVE-2006-4813: A information leak in __block_prepare_write was fixed, which could disclose private information of previously unlinked files. 2) Solution or Work-Around There is no known workaround, please install the update packages. 3) Special Instructions and Notes Reboot the machine after installing this update. 4) Package Location and Checksums The preferred method for installing security updates is to use the YaST Online Update (YOU) tool. YOU detects which updates are required and automatically performs the necessary steps to verify and install them. Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command rpm -Fhv <file.rpm> to apply the update, replacing <file.rpm> with the filename of the downloaded RPM package. x86 Platform: SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kernel-bigsmp-2.6.16.27-0.… 20362ce00889e9eac688faa59ad0f301 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kernel-debug-2.6.16.27-0.6… eb33b9f8581bc89d3a4a3feecf197ef5 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kernel-default-2.6.16.27-0… 1879d07a3b908ff8b87c507860070118 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kernel-kdump-2.6.16.27-0.6… 04f60041ee278134b38e7fd9e56ef102 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kernel-smp-2.6.16.27-0.6.i… bc1d9c70715b5dd3495558f175abd1bf ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kernel-source-2.6.16.27-0.… 720a9e6cbf2f3594a718db1d74b0e901 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kernel-syms-2.6.16.27-0.6.… fca30f1add27cb21d32eac318279f3f9 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kernel-um-2.6.16.27-0.6.i5… 1af0a0a78a6cf463b04f77b52e63b57c ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kernel-xen-2.6.16.27-0.6.i… 2f0499125c0aa167a2391e654c5b043b ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kernel-xenpae-2.6.16.27-0.… 3865d785615cf7dbbe7cae8dc5c2445e ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/kexec-tools-1.101-32.20.i5… c6a2bbd256a70b7cd2e4bb25f04b2771 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/mkinitrd-1.2-106.25.i586.r… 9a26035aa882c88c7dbda60bed64e729 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/multipath-tools-0.4.6-25.1… a4405ddbca3a81a15811a385760d135b ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/open-iscsi-0.5.545-9.16.i5… 738e1ad997da16145fa6392dff59dbd2 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/udev-085-30.16.i586.rpm e5ca4700bcbce7f4e247a04552554c52 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/Intel-536ep-4.69-14.8… 779716bea2ce468f73b5e7be2c36cf97 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/kernel-bigsmp-2.6.13-… b95098cd1879df7c3a0bdcbe1e206e64 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/kernel-bigsmp-nongpl-… 70cf8aaeca7af078edc0907d934cf16a ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/kernel-default-2.6.13… c0aee85951759f60f10031034a0710ea ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/kernel-default-nongpl… 5081580d742671f6a1c1654e682b0b3c ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/kernel-smp-2.6.13-15.… fcd605a287b8ab5af504f50f7a5cd04d ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/kernel-smp-nongpl-2.6… 5ccb28594c3bbfd3f0d55057321f0dd3 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/kernel-source-2.6.13-… 9e59562a1131efca6852d4679256236a ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/kernel-syms-2.6.13-15… 3fad95aae4eeba413f61304941171628 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/kernel-um-2.6.13-15.1… 05622beea615d8b312b4953b61b90021 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/kernel-um-nongpl-2.6.… 2a59f92c159da861adcb5f7e278a3e02 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/kernel-xen-2.6.13-15.… e630316df432d5523b00edd66a7cfcd6 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/kernel-xen-nongpl-2.6… 0894832e10d0b58235d2578e67cc928c ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/um-host-kernel-2.6.13… be464dab1cbc94dbb67ee7f84f8c9aa9 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/Intel-536ep-4.69-10.9.… 1d3ad978025b9d97bb7a90db61356da8 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kernel-bigsmp-2.6.11.4… f225c96f36550606ea68f4ac3bfe74dc ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kernel-bigsmp-nongpl-2… f35b5c66a2ba4437eec2b8b810eb5c6b ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kernel-default-2.6.11.… f444923fb3756410f2830dfa19b9774d ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kernel-default-nongpl-… 2e07056e10890ffbd50c59abb40befe1 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kernel-smp-2.6.11.4-21… 096868f28a76e95f1ebc9338b110a5f0 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kernel-smp-nongpl-2.6.… a84bf62f441f32f09884c07693c5aa18 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kernel-source-2.6.11.4… 3544a5b183926981b591f89626033781 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kernel-syms-2.6.11.4-2… d46db3e4da45262de1bf61c5b9e6a9a3 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kernel-um-2.6.11.4-21.… f7d32fd8d0d38f0b9ac1f0cf98ab1a1c ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kernel-um-nongpl-2.6.1… a862ec208be9e31dcff7dbf7c540d5a4 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kernel-xen-2.6.11.4-21… 5323a6c912bf2ea3aecfe01f1f25029f ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/kernel-xen-nongpl-2.6.… f6ec0b9626fed9f54919415fa5d262a5 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/ltmodem-8.31a10-7.9.i5… 116853b601518db7e3f081a38cd7e448 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/um-host-install-initrd… 4c566b558056292cbc8730c6a8275e19 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/um-host-kernel-2.6.11.… 8082e95baeadd7527787d7ef960fea3b Platform Independent: SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/noarch/kernel-docs-2.6.11.4… b010aa9454cc8b1631fc271148bfc99e Power PC Platform: SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/kernel-default-2.6.16.27-0.… f7cf4448592556658428a4d6c1f80a26 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/kernel-iseries64-2.6.16.27-… 00d04e7cfbc9b27dc5dca9dcd9c715d2 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/kernel-kdump-2.6.16.27-0.6.… 98faf70272be4b6abd887f4d04fc6284 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/kernel-ppc64-2.6.16.27-0.6.… 1411437f7005f90d7083d8fb5cad99ce ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/kernel-source-2.6.16.27-0.6… edbbb370525bfb9caefe22c563b73b7a ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/kernel-syms-2.6.16.27-0.6.p… d15067647e646c65245934dc21cf6d13 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/mkinitrd-1.2-106.25.ppc.rpm 5b244ec190ab5e8432d04b286fd595c3 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/multipath-tools-0.4.6-25.14… 2592ff0cebfee11a54163a86354e9c40 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/open-iscsi-0.5.545-9.16.ppc… 5c6faf58161ef7607c29eafb995698d9 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/udev-085-30.16.ppc.rpm 40b7b338af66872ba3ab5cf4b2f0e792 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/kernel-default-2.6.13-… 3f99986f3194d8a6b1dcfa9bc737387a ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/kernel-iseries64-2.6.1… 44273fe733fb0f6227fddcc3d93bf723 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/kernel-ppc64-2.6.13-15… 880f61aa27d2cf85f687b63536f9b76a ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/kernel-source-2.6.13-1… 78995147e37e08ce50e06d9f4b6bdd43 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/kernel-syms-2.6.13-15.… b38cf17b95ffefe1177c5e50b0fb7f5f x86-64 Platform: SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/kernel-debug-2.6.16.27-0… 36d4798029d37d58e04d4e088c857d05 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/kernel-default-2.6.16.27… 8f8d92d0d3bd28abab96593619f7e110 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/kernel-kdump-2.6.16.27-0… 422a4e7a8330bbefc616acf90cde155c ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/kernel-smp-2.6.16.27-0.6… b49a2612377a09dcda55bfc7b077559b ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/kernel-source-2.6.16.27-… 0da3b45f9e5c7f679fbb5633baaf0370 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/kernel-syms-2.6.16.27-0.… 78de774b4943c716f071e15843c061b7 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/kernel-xen-2.6.16.27-0.6… 3d68e95abd041b2131118b1cff963703 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/kexec-tools-1.101-32.20.… 50b692b9662c0308cd3fb83573a1d10c ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/mkinitrd-1.2-106.25.x86_… f48e546e789c3590e617484c38cab9ac ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/multipath-tools-0.4.6-25… 9cf969cf4bb76b77ae13ebc287908cc9 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/open-iscsi-0.5.545-9.16.… 42c6343b258e4363ccb510f429555857 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/udev-085-30.16.x86_64.rpm c28d409a7cb6edbc077e0edd5fccf91a SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/kernel-default-2.6.… 194e64a59862dcebba2b7e58818747b4 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/kernel-default-nong… 3fa5ca85656cb037a72a1d1855d38d7f ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/kernel-smp-2.6.13-1… ddb5c45b75d967a52ee39dbd71ffc52e ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/kernel-smp-nongpl-2… ca21f69550373f05fbff08b2c4505203 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/kernel-source-2.6.1… a1143a950fe7f50f5664f7a009a0b796 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/kernel-syms-2.6.13-… b6bf0d933792855235b6fe848328f05b ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/kernel-xen-2.6.13-1… be16a4f55e8e5b69f9677ed9ebee29e9 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/kernel-xen-nongpl-2… 0466ac6e4d01edaf3cd702859e4d0f0e SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/kernel-default-2.6.1… e3ccbf0a746cbc8f91a53864c7cc44f4 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/kernel-default-nongp… df750c05231346c502f54c23a60c67e2 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/kernel-smp-2.6.11.4-… 09e22d0a4b0826687ce68ba535b53d40 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/kernel-smp-nongpl-2.… 7163a5cc8545db178688d3d23817c375 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/kernel-source-2.6.11… 6457587a33198b4fcd04b3ed2c99b589 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/kernel-syms-2.6.11.4… 23a663cd7658a95e02b8fd46b8b3e810 Sources: SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-bigsmp-2.6.16.27-0.6… b35b46b9331de972842e5869a4944d3f ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-debug-2.6.16.27-0.6.… e657caa01e2c07019f8cc889777f11b7 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-default-2.6.16.27-0.… eebf35ce636a741f9bc47a2fa382ce76 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-iseries64-2.6.16.27-… d09b683ab819709aadf9ece6b3f3e707 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-kdump-2.6.16.27-0.6.… 617e45734469b9dd49cd44e1a9e024bc ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-ppc64-2.6.16.27-0.6.… 197bf280a2b992f24d1827c0d081d8e0 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-smp-2.6.16.27-0.6.no… 0d164685b97350f60bb13b2408b3e0f6 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-source-2.6.16.27-0.6… 948af0a9a23e466e00102d1412ca6aea ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-syms-2.6.16.27-0.6.s… 5ab46df57270adabab766f3f08f04f3f ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-um-2.6.16.27-0.6.nos… 8a8d3d518e01d9477d4bb11680239d3b ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-xen-2.6.16.27-0.6.no… ef135de71f6434a981bed66f01f3a606 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kernel-xenpae-2.6.16.27-0.6… d2145a8c27a2324e0a6bf048c27c8a7e ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/kexec-tools-1.101-32.20.src… 07a7cf8799deffdd0f5606ba4c6e6fe7 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/mkinitrd-1.2-106.25.src.rpm 8ac081406c2636d27412aa2c41d6cfe8 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/multipath-tools-0.4.6-25.14… 642fb05f65f4629b60b98d72a3333efe ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/open-iscsi-0.5.545-9.16.src… f52ea025e7ea1a9e131c13e5a6018775 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/udev-085-30.16.src.rpm cbd7aa05bc56bbbfed68ea4611ac16dc SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/Intel-536ep-4.69-14.8.… cea6899a95d45178d21168b6aa4dd922 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/kernel-bigsmp-2.6.13-1… 98260538fb3afb196a0fb1f52edc00c5 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/kernel-default-2.6.13-… f0a9e177557eb196adba8d19c6e06f4e ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/kernel-iseries64-2.6.1… bc5365eda00fd8db053b4dbe16e168c3 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/kernel-ppc64-2.6.13-15… 72c601464252532948d3ab8ea73b872a ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/kernel-smp-2.6.13-15.1… 9576c07ca12e6f50e86d0d063cd16df2 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/kernel-source-2.6.13-1… 47b3c7e171c000824e42aa594e7681d3 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/kernel-source-2.6.13-1… 003debda7e60a61eaf01f2798bb1fa65 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/kernel-syms-2.6.13-15.… 9cba4d63d45f4d4c908b137c5e069bb7 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/kernel-um-2.6.13-15.13… 2cfa5afc504eda54df8116c5ce42c23e ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/kernel-xen-2.6.13-15.1… 16c0f03172d069271f515dbeb24eb19b SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/Intel-536ep-4.69-10.9.s… f3f522d91ffba19568e1d0fe6142deb9 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/kernel-bigsmp-2.6.11.4-… 24fb636744affbe2f7c96a9140b2def1 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/kernel-default-2.6.11.4… a68261d68dec7866b7b3f2d3b9d6f1f0 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/kernel-docs-2.6.11.4-21… 4fa98524a2dbb11d5e8f38f161c79c94 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/kernel-smp-2.6.11.4-21.… 59936703da3fa4c3f06d709d91a4f05a ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/kernel-source-2.6.11.4-… a1862d7ee039c35b9dfd2bf61a3396e5 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/kernel-syms-2.6.11.4-21… a0caf67ace3014157e0c0bfcbd1143b6 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/kernel-um-2.6.11.4-21.1… c64e46fd270b095a1d57ac9cf1c895ed ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/kernel-xen-2.6.11.4-21.… 574b65b39dfe4f65fa7d18cdd1b8f2ba ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/ltmodem-8.31a10-7.9.src… ebe62382458daba958312b5cde956883 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/um-host-install-initrd-… 4ec6d9d84c4f7d606ef699fb3b2ddb23 Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web: Novell Linux Desktop 9 for x86 http://support.novell.com/techcenter/psdb/15107fb406dee9a6d661cedc4a7bd068.… Novell Linux Desktop 9 http://support.novell.com/techcenter/psdb/15107fb406dee9a6d661cedc4a7bd068.… http://support.novell.com/techcenter/psdb/06a879ef6bcde6c750e9ee4e43ccc446.… Novell Linux Desktop 9 for x86_64 http://support.novell.com/techcenter/psdb/06a879ef6bcde6c750e9ee4e43ccc446.… SUSE SLED 10 for AMD64 and Intel EM64T http://support.novell.com/techcenter/psdb/aa32c28c0e5ddf716b0e61d93331f86d.… SUSE SLES 10 http://support.novell.com/techcenter/psdb/aa32c28c0e5ddf716b0e61d93331f86d.… http://support.novell.com/techcenter/psdb/8d1bb2f1def9904433821604ff90783e.… http://support.novell.com/techcenter/psdb/dd622f88b5acaa6cb876b101236a952e.… http://support.novell.com/techcenter/psdb/87e2c4f32a1d32427f4f6a08a52ff58e.… http://support.novell.com/techcenter/psdb/9b70db20ae4e8d5034a104f1305d437c.… SUSE SLED 10 http://support.novell.com/techcenter/psdb/aa32c28c0e5ddf716b0e61d93331f86d.… http://support.novell.com/techcenter/psdb/9b70db20ae4e8d5034a104f1305d437c.… SUSE SLED 10 for x86 http://support.novell.com/techcenter/psdb/9b70db20ae4e8d5034a104f1305d437c.… SUSE CORE 9 for AMD64 and Intel EM64T http://support.novell.com/techcenter/psdb/8256ebb61cc00811a06c0fd252c18d5a.… SUSE CORE 9 for IBM zSeries 64bit http://support.novell.com/techcenter/psdb/dc588035c8569c0fba9c9e33685f698c.… SUSE CORE 9 for IBM S/390 31bit http://support.novell.com/techcenter/psdb/36b4bba8bf8a44877f22acb24254f105.… SUSE CORE 9 for IBM POWER http://support.novell.com/techcenter/psdb/f74c89856bd24e4e5b10b44a1b7fb438.… SUSE CORE 9 for Itanium Processor Family http://support.novell.com/techcenter/psdb/7ac58979c59cf50840e70f4bc277e4f8.… SUSE SLES 9 http://support.novell.com/techcenter/psdb/8256ebb61cc00811a06c0fd252c18d5a.… http://support.novell.com/techcenter/psdb/dc588035c8569c0fba9c9e33685f698c.… http://support.novell.com/techcenter/psdb/36b4bba8bf8a44877f22acb24254f105.… http://support.novell.com/techcenter/psdb/f74c89856bd24e4e5b10b44a1b7fb438.… http://support.novell.com/techcenter/psdb/7ac58979c59cf50840e70f4bc277e4f8.… http://support.novell.com/techcenter/psdb/4ea26fcc1ac12ca4ae3124c429ea7994.… Open Enterprise Server http://support.novell.com/techcenter/psdb/15107fb406dee9a6d661cedc4a7bd068.… http://support.novell.com/techcenter/psdb/d9aec765cc3bc34382a96bfc703b9ff2.… Novell Linux POS 9 http://support.novell.com/techcenter/psdb/4ea26fcc1ac12ca4ae3124c429ea7994.… http://support.novell.com/techcenter/psdb/d9aec765cc3bc34382a96bfc703b9ff2.… SUSE CORE 9 for x86 http://support.novell.com/techcenter/psdb/4ea26fcc1ac12ca4ae3124c429ea7994.… http://support.novell.com/techcenter/psdb/d9aec765cc3bc34382a96bfc703b9ff2.… ______________________________________________________________________________ 5) Pending Vulnerabilities, Solutions, and Work-Arounds: See SUSE Security Summary Report. ______________________________________________________________________________ 6) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify <file> replacing <file> with the name of the file where you saved the announcement. The output for a valid signature looks like: gpg: Signature made <DATE> using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team <security(a)suse.de>" where <DATE> is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with. There are two verification methods that can be used independently from each other to prove the authenticity of a downloaded file or RPM package: 1) Using the internal gpg signatures of the rpm package 2) MD5 checksums as provided in this announcement 1) The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig <file.rpm> to verify the signature of the package, replacing <file.rpm> with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build(a)suse.de with the key ID 9C800ACA. This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement. 2) If you need an alternative means of verification, use the md5sum command to verify the authenticity of the packages. Execute the command md5sum <filename.rpm> after you downloaded the file from a SUSE FTP server or its mirrors. Then compare the resulting md5sum with the one that is listed in the SUSE security announcement. Because the announcement containing the checksums is cryptographically signed (by security(a)suse.de) the checksums show proof of the authenticity of the package if the signature of the announcement is valid. Note that the md5 sums published in the SUSE Security Announcements are valid for the respective packages only. Newer versions of these packages cannot be verified. - SUSE runs two security mailing lists to which any interested party may subscribe: opensuse-security(a)opensuse.org - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to <opensuse-security+subscribe(a)opensuse.org>. suse-security-announce(a)suse.com - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to <suse-security-announce-subscribe(a)suse.com>. ===================================================================== SUSE's security contact is <security(a)suse.com> or <security(a)suse.de>. The <security(a)suse.de> public key is listed below. ===================================================================== ______________________________________________________________________________ The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text. SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security(a)suse.de> pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build(a)suse.de> - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.2 (GNU/Linux) mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh 1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+ cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7 tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63 Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+ x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0 Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2 saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o L0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU F7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS FQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW tp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It Klj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF AjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+ 3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk YS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP +Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR 8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U 8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S cZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh ELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB UVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo AqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n KFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi BBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro nIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg KL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx yoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn B/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV wM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh UzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF 5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3 D3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu zgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd 9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi a5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13 CNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp 271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE t5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG B/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw rbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt IJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL rWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H RKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa g8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA CspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO =ypVs - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBRYqESney5gA9JdPZAQLNsQf+PjfXteMrCIgsJUqPmLADG3dCNSa88QFh OICkFqglISmNDNSK6/cM94HlFAE+8HQChKvCdUNiwuK2YZ1yTylI6NTnIuGQDHOZ OTkWS4Afbor6s3KlsNPCuGvVTu4o1hZj/flYsvPF98nC22Kljllop/oyqJMFhWcK g8N0jGqiIqzuwCqOivpnAIt9Q37Z+q1NxRnNvz4TKs4rinCzp533zmf/kXUbM4p7 mppmJYmHWtvhVOLehfvZXCOS7CNp3FVhPBl80d1n4XObrmaqQoGUgsi/vAUueI3x 4ma8T/HyfgEXFSa2jGfdBUvFtGC/8FUCdwBbsohn5aAbb0HNsufMjw== =4I/U -----END PGP SIGNATURE-----

1 0

SUSE Security Summary Report SUSE-SR:2006:029
by Marcus Meissner 19 Dec '06

19 Dec '06

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Summary Report Announcement ID: SUSE-SR:2006:029 Date: Tue, 19 Dec 2006 15:00:00 +0000 Cross-References: CVE-2006-5864, CVE-2006-6105, CVE-2006-6120 CVE-2006-6142 Content of this advisory: 1) Solved Security Vulnerabilities: - koffice OLE import filter problem - squirrelmail XSS problem - evince code execution - novell-lum empty password - gdm format string problem 2) Pending Vulnerabilities, Solutions, and Work-Arounds: - current kernel update 3) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Solved Security Vulnerabilities To avoid flooding mailing lists with SUSE Security Announcements for minor issues, SUSE Security releases weekly summary reports for the low profile vulnerability fixes. The SUSE Security Summary Reports do not list md5 sums or download URLs like the SUSE Security Announcements that are released for more severe vulnerabilities. Fixed packages for the following incidents are already available on our FTP server and via the YaST Online Update. - koffice OLE import filter problem A security problem in the OLE import handling for PPT files of Koffice was fixed, where attackers with crafted documents could crash kpresenter and potentially execute code. (CVE-2006-6120) This has been fixed for all SUSE Linux based distributions containing koffice. - squirrelmail XSS problem Multiple cross site scripting bugs in squirrelmail have been fixed (CVE-2006-6142) - evince code execution The PDF and Postscript viewer evince could be exploited to execute code by supplying a specially crafted Postscript file that causes a buffer overflow when being rendered (CVE-2006-5864). All SUSE Linux products containing evince were affected by this problem. - novell-lum empty password A security problem was fixed in "novell-lum", the eDirectory based "Linux User Management". Under certain circumstances it was possible to login to the console without any password. (ssh is not affected, since it rejects empty passwords). This problem affects SUSE Linux Enterprise Desktop 10 and Open Enterprise Server 9. - gdm format string problem A format string bug in the program 'gdmchooser' could potentially be exploited to execute code under a different user id. (CVE-2006-6105) Since the desktop user has to enter this format string it is unlikely that this can be exploited. Only openSUSE 10.2 was affected by this problem, the code did not exist in this form in older distributions. ______________________________________________________________________________ 2) Pending Vulnerabilities, Solutions, and Work-Arounds - current kernel update We are currently preparing the next kernel update round of our 2.6 kernels, scheduled to be delivered before Christmas. There are no outstanding critical security problems, the release target is mostly rolling in local denial of service problems and other bugfixes. The update kernels for SUSE Linux 9.3 and 10.0 have been released already and will be included in the full advisory once all kernels have been released. ______________________________________________________________________________ 3) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify <file> replacing <file> with the name of the file containing the announcement. The output for a valid signature looks like: gpg: Signature made <DATE> using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team <security(a)suse.de>" where <DATE> is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and integrity of a package needs to be verified to ensure that it has not been tampered with. The internal RPM package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig <file.rpm> to verify the signature of the package, replacing <file.rpm> with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build(a)suse.de with the key ID 9C800ACA. This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and included at the end of this announcement. - SUSE runs two security mailing lists to which any interested party may subscribe: opensuse-security(a)opensuse.org - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to <opensuse-security+subscribe(a)opensuse.org>. suse-security-announce(a)suse.com - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to <suse-security-announce-subscribe(a)suse.com>. ===================================================================== SUSE's security contact is <security(a)suse.com> or <security(a)suse.de>. The <security(a)suse.de> public key is listed below. ===================================================================== ______________________________________________________________________________ The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text. SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security(a)suse.de> pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build(a)suse.de> - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.2 (GNU/Linux) mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh 1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+ cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7 tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63 Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+ x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0 Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2 saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o L0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU F7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS FQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW tp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It Klj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF AjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+ 3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk YS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP +Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR 8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U 8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S cZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh ELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB UVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo AqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n KFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi BBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro nIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg KL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx yoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn B/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV wM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh UzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF 5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3 D3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu zgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd 9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi a5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13 CNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp 271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE t5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG B/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw rbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt IJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL rWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H RKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa g8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA CspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO =ypVs - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBRYf1tney5gA9JdPZAQKmkggAlMI3dZVrP1ROor9nOX3SlXxhZVBmEoPX Erom8bCyqdUGn3YP0eq6IxAwHW7zAJz1vZu/Bx1IuiOjOX0wapo4wCWgeP1SZk8z VfyM39W4icbXM+Z2ktf81OFCKicWQm0E/V8JPgQ47XkflGHnbomaEM+E/xz350c5 +kT1E3ywjCE7cskDiv0pSMa08+26bWfnJk12I5J9iIA0ZaPq8GYXMRHTkO21duNW pFX+Lkp0VYX0Zly+CNU1+TXjKSax2cQGiKDcHFxxeCaCyCdyBpHTGSzQbvZ6IYmk WUrVYX3bEqzCzD3qqKk869ukNCMiLPHVf/bZd7qU/oyjnxaZgc8R+Q== =5OAy -----END PGP SIGNATURE-----

1 0

SUSE Security Announcement: clamav 0.88.7 (SUSE-SA:2006:078)
by Marcus Meissner 18 Dec '06

18 Dec '06

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Announcement Package: clamav Announcement ID: SUSE-SA:2006:078 Date: Mon, 18 Dec 2006 12:00:00 +0000 Affected Products: Novell Linux POS 9 Open Enterprise Server openSUSE 10.2 SUSE LINUX 10.1 SUSE LINUX 10.0 SUSE LINUX 9.3 SUSE SLES 10 SUSE SLES 9 Vulnerability Type: remote denial of service Severity (1-10): 6 SUSE Default Package: no Cross-References: CVE-2006-5874, CVE-2006-6406, CVE-2006-6481 Content of This Advisory: 1) Security Vulnerability Resolved: clamav 0.88.7 security update Problem Description 2) Solution or Work-Around 3) Special Instructions and Notes 4) Package Location and Checksums 5) Pending Vulnerabilities, Solutions, and Work-Arounds: See SUSE Security Summary Report. 6) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Problem Description and Brief Discussion The anti virus scan engine ClamAV has been updated to version 0.88.7 to fix various security problems: CVE-2006-5874: Clam AntiVirus (ClamAV) allows remote attackers to cause a denial of service (crash) via a malformed base64-encoded MIME attachment that triggers a null pointer dereference. CVE-2006-6481: Clam AntiVirus (ClamAV) 0.88.6 allowed remote attackers to cause a denial of service (stack overflow and application crash) by wrapping many layers of multipart/mixed content around a document, a different vulnerability than CVE-2006-5874 and CVE-2006-6406. CVE-2006-6406: Clam AntiVirus (ClamAV) 0.88.6 allowed remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file. 2) Solution or Work-Around There is no known workaround, please install the update packages. 3) Special Instructions and Notes None. 4) Package Location and Checksums The preferred method for installing security updates is to use the YaST Online Update (YOU) tool. YOU detects which updates are required and automatically performs the necessary steps to verify and install them. Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command rpm -Fhv <file.rpm> to apply the update, replacing <file.rpm> with the filename of the downloaded RPM package. x86 Platform: openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/clamav-0.88.7-1.1.i586.rpm 31ff4c80173352b7be840a668e99660f SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/clamav-0.88.7-1.2.i586.rpm 7010d42a842404deefa694b51bc1edf2 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/clamav-0.88.7-1.1.i58… 90f817d3807328756f0f2b4f69aeffe4 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/clamav-0.88.7-1.1.i586… 4e4bf1fdac1d07521c115eee4878a120 Power PC Platform: openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/clamav-0.88.7-1.1.ppc.rpm e97f82da161d797977de64eec6e56f88 SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/clamav-0.88.7-1.2.ppc.rpm 4f90832ce1d606a10933078cf44b4400 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/clamav-0.88.7-1.1.ppc.… 51fffc7036edcbd012b8836ff2e7a08c x86-64 Platform: openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/clamav-0.88.7-1.1.x86_64… 2b9e9c53855e579d62029255ce9c315f SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/clamav-0.88.7-1.2.x86_64… 099247a53aa4314993f182f68f74b06a SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/clamav-0.88.7-1.1.x… 18f02e5330a8bec20b0c845ce5a9d653 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/clamav-0.88.7-1.1.x8… 9244e87aab197f63f420dd356ef89b83 Sources: openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/clamav-0.88.7-1.1.src.rpm 69c2a992bc1243ba0b03cef1054caa67 SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/clamav-0.88.7-1.2.src.rpm 01f7d2e67b5d171337e9fb3141205a6d SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/clamav-0.88.7-1.1.src.… 84ec713db7da8c22943e14f34f68161c SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/clamav-0.88.7-1.1.src.r… 6ee8c0c87cb87db1f331cf46dc087a8c Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web: Open Enterprise Server Novell Linux POS 9 SUSE SLES 10 SUSE SLES 9 http://support.novell.com/techcenter/psdb/99ff98254c77739e0c421ee90228d262.… ______________________________________________________________________________ 5) Pending Vulnerabilities, Solutions, and Work-Arounds: See SUSE Security Summary Report. ______________________________________________________________________________ 6) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify <file> replacing <file> with the name of the file where you saved the announcement. The output for a valid signature looks like: gpg: Signature made <DATE> using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team <security(a)suse.de>" where <DATE> is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with. There are two verification methods that can be used independently from each other to prove the authenticity of a downloaded file or RPM package: 1) Using the internal gpg signatures of the rpm package 2) MD5 checksums as provided in this announcement 1) The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig <file.rpm> to verify the signature of the package, replacing <file.rpm> with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build(a)suse.de with the key ID 9C800ACA. This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement. 2) If you need an alternative means of verification, use the md5sum command to verify the authenticity of the packages. Execute the command md5sum <filename.rpm> after you downloaded the file from a SUSE FTP server or its mirrors. Then compare the resulting md5sum with the one that is listed in the SUSE security announcement. Because the announcement containing the checksums is cryptographically signed (by security(a)suse.de) the checksums show proof of the authenticity of the package if the signature of the announcement is valid. Note that the md5 sums published in the SUSE Security Announcements are valid for the respective packages only. Newer versions of these packages cannot be verified. - SUSE runs two security mailing lists to which any interested party may subscribe: opensuse-security(a)opensuse.org - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to <opensuse-security+subscribe(a)opensuse.org>. suse-security-announce(a)suse.com - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to <suse-security-announce-subscribe(a)suse.com>. ===================================================================== SUSE's security contact is <security(a)suse.com> or <security(a)suse.de>. The <security(a)suse.de> public key is listed below. ===================================================================== ______________________________________________________________________________ The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text. SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security(a)suse.de> pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build(a)suse.de> - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.2 (GNU/Linux) mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh 1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+ cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7 tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63 Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+ x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0 Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2 saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o L0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU F7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS FQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW tp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It Klj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF AjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+ 3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk YS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP +Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR 8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U 8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S cZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh ELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB UVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo AqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n KFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi BBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro nIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg KL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx yoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn B/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV wM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh UzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF 5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3 D3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu zgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd 9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi a5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13 CNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp 271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE t5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG B/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw rbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt IJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL rWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H RKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa g8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA CspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO =ypVs - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBRYZzVHey5gA9JdPZAQKjewf+J+36kDMgMP62l2SXVwFGdo/vpTv+KMCw 9c0a3qO5xsimhn3HusNsJg06e3HrWyuWGWLX5i3MAf34yxumevPoyqdryZM3UXSS tnXwSAZ74jCF70uMkA2mLrghFTqGLwWhbUBv0CO6OpovwF4mbt3kdc2YlUDcvE14 AuZhlTnb+RkRuWOlF+RY+Zjc1agPkjes1ckyGsE779DGhfMyNgO7/HO8IzZQNzXR VwI8/L7mSLo68GCbmuhcIW0Xf/x5uJkhjGk+NHn+AJRzauwL452EDxSo2toSDKqh vdKu6V56eEbPwLB3ngd3odkGVKkFdbnK3yVjcKBtMBZzDJWpFVnXkw== =8Yh8 -----END PGP SIGNATURE-----

1 0

SUSE Security Announcement: flash-player CRLF injection (SUSE-SA:2006:077)
by Marcus Meissner 14 Dec '06

14 Dec '06

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Announcement Package: flash-player Announcement ID: SUSE-SA:2006:077 Date: Thu, 14 Dec 2006 12:00:00 +0000 Affected Products: Novell Linux Desktop 9 openSUSE 10.2 SUSE LINUX 10.1 SUSE LINUX 10.0 SUSE LINUX 9.3 SUSE SLED 10 Vulnerability Type: HTTP header splitting Severity (1-10): 7 SUSE Default Package: yes Cross-References: CVE-2006-5330 Content of This Advisory: 1) Security Vulnerability Resolved: flash-player HTTP request CRLF injection problem Problem Description 2) Solution or Work-Around 3) Special Instructions and Notes 4) Package Location and Checksums 5) Pending Vulnerabilities, Solutions, and Work-Arounds: See SUSE Security Summary Report. 6) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Problem Description and Brief Discussion This security update brings the Adobe Flash Player to version 7.0.69. The update fixes the following security problem: CVE-2006-5330: CRLF injection vulnerabilities in Adobe Flash Player allows remote attackers to modify HTTP headers of client requests and conduct HTTP Request Splitting attacks via CRLF sequences in arguments to the ActionScript functions (1) XML.addRequestHeader and (2) XML.contentType. The flexibility of the attack varies depending on the type of web browser being used. 2) Solution or Work-Around There is no known workaround, please install the update packages. 3) Special Instructions and Notes Please close and restart all running instances of applications currently running flash applets after the update. 4) Package Location and Checksums The preferred method for installing security updates is to use the YaST Online Update (YOU) tool. YOU detects which updates are required and automatically performs the necessary steps to verify and install them. Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command rpm -Fhv <file.rpm> to apply the update, replacing <file.rpm> with the filename of the downloaded RPM package. x86 Platform: openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/flash-player-7.0.69.0-1.1.… 582b9df68410047288fdd679be14cc43 SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/flash-player-7.0.69.0-1.2.… 028b959cc57e8a158963722886961915 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/flash-player-7.0.69.0… 8a9ad6700dc9509ee4554d01c45c39cb SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/flash-player-7.0.69.0-… 66b36fc7384c7bffdbe1a1e38d6b65b8 Sources: openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/flash-player-7.0.69.0-1.1.s… 550f2dc5b50cd2d66ddf6c66cc2cf35a SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/flash-player-7.0.69.0-1.2.s… c684b5c2e4c4ad3bdd51ee50f59f2e36 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/flash-player-7.0.69.0-… eb5174d91333353daaf183e7a26b70d0 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/flash-player-7.0.69.0-1… 2f4ff5f9c0953790241512a76a13bdc8 Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web: Novell Linux Desktop 9 http://support.novell.com/techcenter/psdb/e0b1939107e149b2e2c750dae6331938.… SUSE SLED 10 http://support.novell.com/techcenter/psdb/e0b1939107e149b2e2c750dae6331938.… ______________________________________________________________________________ 5) Pending Vulnerabilities, Solutions, and Work-Arounds: See SUSE Security Summary Report. ______________________________________________________________________________ 6) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify <file> replacing <file> with the name of the file where you saved the announcement. The output for a valid signature looks like: gpg: Signature made <DATE> using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team <security(a)suse.de>" where <DATE> is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with. There are two verification methods that can be used independently from each other to prove the authenticity of a downloaded file or RPM package: 1) Using the internal gpg signatures of the rpm package 2) MD5 checksums as provided in this announcement 1) The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig <file.rpm> to verify the signature of the package, replacing <file.rpm> with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build(a)suse.de with the key ID 9C800ACA. This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement. 2) If you need an alternative means of verification, use the md5sum command to verify the authenticity of the packages. Execute the command md5sum <filename.rpm> after you downloaded the file from a SUSE FTP server or its mirrors. Then compare the resulting md5sum with the one that is listed in the SUSE security announcement. Because the announcement containing the checksums is cryptographically signed (by security(a)suse.de) the checksums show proof of the authenticity of the package if the signature of the announcement is valid. Note that the md5 sums published in the SUSE Security Announcements are valid for the respective packages only. Newer versions of these packages cannot be verified. - SUSE runs two security mailing lists to which any interested party may subscribe: opensuse-security(a)opensuse.org - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to <opensuse-security+subscribe(a)opensuse.org>. suse-security-announce(a)suse.com - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to <suse-security-announce-subscribe(a)suse.com>. ===================================================================== SUSE's security contact is <security(a)suse.com> or <security(a)suse.de>. The <security(a)suse.de> public key is listed below. ===================================================================== ______________________________________________________________________________ The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text. SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security(a)suse.de> pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build(a)suse.de> - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.2 (GNU/Linux) mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh 1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+ cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7 tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63 Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+ x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0 Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2 saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o L0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU F7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS FQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW tp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It Klj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF AjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+ 3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk YS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP +Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR 8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U 8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S cZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh ELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB UVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo AqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n KFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi BBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro nIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg KL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx yoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn B/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV wM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh UzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF 5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3 D3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu zgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd 9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi a5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13 CNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp 271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE t5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG B/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw rbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt IJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL rWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H RKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa g8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA CspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO =ypVs - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBRYE7lHey5gA9JdPZAQJgbQf/cTtW0MqZmGGE6Z4sIQNWx3VE3dlfHTkd iZKIXf/TURNNGhROg6p32CKkSC/HLQfINyk5LHG9P6ioiqzrsGReHoitRK8Gq2u0 WAbKvgyMlpERQhZ18NScUpXWRumPOGZFSmiWgi8v3ej6E1cEo23ZnztlIrUPDBx0 0aNi3WCXcbmYNCWcWq6Hs3vbHNc5IX4DsZaE9SC3oqoi0dDIOPwYMYEVt4Sg3JGX ZbEamgONNbxkJC31ZagpK4g8rhqAYyU5bqahWAgLQ04BemSMJSYq68gFYKOF6k3L y2srzLzvYmjwoYVZ53qx48DXc1etTM3V9uW8UvUK+eryspMyiS1AlA== =b08M -----END PGP SIGNATURE-----

1 0

SUSE Security Announcement: libgsf buffer overflows (SUSE-SA:2006:076)
by Marcus Meissner 14 Dec '06

14 Dec '06

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Announcement Package: libgsf Announcement ID: SUSE-SA:2006:076 Date: Thu, 14 Dec 2006 12:00:00 +0000 Affected Products: Novell Linux Desktop 9 Novell Linux POS 9 Open Enterprise Server SUSE LINUX 10.1 SUSE LINUX 10.0 SUSE LINUX 9.3 SuSE Linux Desktop 1.0 SUSE SLED 10 SUSE SLES 10 SUSE SLES 9 Vulnerability Type: remote code execution Severity (1-10): 8 SUSE Default Package: yes Cross-References: CVE-2006-4514 Content of This Advisory: 1) Security Vulnerability Resolved: libgsf buffer overflow Problem Description 2) Solution or Work-Around 3) Special Instructions and Notes 4) Package Location and Checksums 5) Pending Vulnerabilities, Solutions, and Work-Arounds: See SUSE Security Summary Report. 6) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Problem Description and Brief Discussion The libgsf library is used by various GNOME programs to handle for instance OLE2 data streams. Specially crafted OLE documents enabled attackers to use a heap buffer overflow for potentially executing code. This issue is tracked by the Mitre CVE ID CVE-2006-4514. 2) Solution or Work-Around There is no known workaround, please install the update packages. 3) Special Instructions and Notes Please close and restart applications using libgsf. 4) Package Location and Checksums The preferred method for installing security updates is to use the YaST Online Update (YOU) tool. YOU detects which updates are required and automatically performs the necessary steps to verify and install them. Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command rpm -Fhv <file.rpm> to apply the update, replacing <file.rpm> with the filename of the downloaded RPM package. x86 Platform: SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/libgsf-1.13.99-13.7.i586.r… 91b1e160b88a4da68781ca4391a0aa7b SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/libgsf-1.12.1-3.2.i58… 6b4e5b5ed0e564769a0bb3d0e288b8be SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/libgsf-1.11.1-4.2.i586… 48555a9c645cae527bdc5315251d662f Power PC Platform: SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/libgsf-1.13.99-13.7.ppc.rpm d8c05b0415c9e196c2d1a8cc42ac0402 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/libgsf-1.12.1-3.2.ppc.… 24e8d5c92f635db2ef3049339ba1754b x86-64 Platform: SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/libgsf-1.13.99-13.7.x86_… 6f8ebb0842088a321a15192480a5388d ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/libgsf-32bit-1.13.99-13.… bab0e91a620413c92e403bcfdd6d7147 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/libgsf-1.12.1-3.2.x… f9992beea6a3fe27204ebee475ba8234 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/libgsf-32bit-1.12.1… b1369a901898a1bfb9fd5ba643dd7291 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/libgsf-1.11.1-4.2.x8… 02e536160da1597a38153d1643de00b4 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/libgsf-32bit-9.3-7.1… abb66f3f4f3b3cd34382612805878466 Sources: SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/libgsf-1.13.99-13.7.src.rpm 0b386df6f643991c71d61dbf07d448fe SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/libgsf-1.12.1-3.2.src.… 455b6c354c40ac3157a158b8902238c2 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/libgsf-1.11.1-4.2.src.r… 7b6bb054f79babd4893be99c331eab2f Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web: Open Enterprise Server http://support.novell.com/techcenter/psdb/8925f151052752a744fcfe7924249f34.… Novell Linux POS 9 http://support.novell.com/techcenter/psdb/8925f151052752a744fcfe7924249f34.… Novell Linux Desktop 9 http://support.novell.com/techcenter/psdb/8925f151052752a744fcfe7924249f34.… SuSE Linux Desktop 1.0 http://support.novell.com/techcenter/psdb/8925f151052752a744fcfe7924249f34.… SUSE SLES 10 http://support.novell.com/techcenter/psdb/8925f151052752a744fcfe7924249f34.… SUSE SLED 10 http://support.novell.com/techcenter/psdb/8925f151052752a744fcfe7924249f34.… SUSE SLES 9 http://support.novell.com/techcenter/psdb/8925f151052752a744fcfe7924249f34.… ______________________________________________________________________________ 5) Pending Vulnerabilities, Solutions, and Work-Arounds: See SUSE Security Summary Report. ______________________________________________________________________________ 6) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify <file> replacing <file> with the name of the file where you saved the announcement. The output for a valid signature looks like: gpg: Signature made <DATE> using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team <security(a)suse.de>" where <DATE> is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with. There are two verification methods that can be used independently from each other to prove the authenticity of a downloaded file or RPM package: 1) Using the internal gpg signatures of the rpm package 2) MD5 checksums as provided in this announcement 1) The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig <file.rpm> to verify the signature of the package, replacing <file.rpm> with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build(a)suse.de with the key ID 9C800ACA. This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement. 2) If you need an alternative means of verification, use the md5sum command to verify the authenticity of the packages. Execute the command md5sum <filename.rpm> after you downloaded the file from a SUSE FTP server or its mirrors. Then compare the resulting md5sum with the one that is listed in the SUSE security announcement. Because the announcement containing the checksums is cryptographically signed (by security(a)suse.de) the checksums show proof of the authenticity of the package if the signature of the announcement is valid. Note that the md5 sums published in the SUSE Security Announcements are valid for the respective packages only. Newer versions of these packages cannot be verified. - SUSE runs two security mailing lists to which any interested party may subscribe: opensuse-security(a)opensuse.org - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to <opensuse-security+subscribe(a)opensuse.org>. suse-security-announce(a)suse.com - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to <suse-security-announce-subscribe(a)suse.com>. ===================================================================== SUSE's security contact is <security(a)suse.com> or <security(a)suse.de>. The <security(a)suse.de> public key is listed below. ===================================================================== ______________________________________________________________________________ The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text. SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security(a)suse.de> pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build(a)suse.de> - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.2 (GNU/Linux) mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh 1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+ cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7 tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63 Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+ x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0 Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2 saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o L0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU F7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS FQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW tp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It Klj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF AjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+ 3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk YS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP +Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR 8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U 8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S cZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh ELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB UVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo AqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n KFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi BBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro nIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg KL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx yoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn B/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV wM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh UzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF 5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3 D3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu zgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd 9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi a5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13 CNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp 271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE t5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG B/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw rbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt IJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL rWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H RKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa g8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA CspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO =ypVs - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBRYE7Nney5gA9JdPZAQJiLQf/Q1aAWNJ2vjpHDwllOKi2Yp2FOsE/A3n7 HDorM9lU7AYY2YHDEjXnYApA3K/RYYnQKxSMJyqD0FtutP9kTo+RpEQ1PnrvpbSQ n3JeSZ21nJS58dBfe9n67uqqtFe20R/6gOY6NxmyCAKqJFrxV5yg9AWwXk/s2D+A DUGRYArz0d+kcShr/fVrtPZ7y5Sb4JPN1TDL8jfGZXqjT42vW0IZvY7R8HaUHVuL mhUPyW1eVQCM0kLmO1ZNingo2usOMhcElebLw4WNDRBpd5EIjsRD5u4a8TWtkDPV LytCckHTVLw/LkSXgbn6sB+4E6fPzwTNPediQD9vtE/DTqxEguSaNw== =XZxZ -----END PGP SIGNATURE-----

1 0

SUSE Security Announcement: gpg (SUSE-SA:2006:075)
by Marcus Meissner 13 Dec '06

13 Dec '06

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Announcement Package: gpg,gpg2 Announcement ID: SUSE-SA:2006:075 Date: Wed, 13 Dec 2006 12:00:00 +0000 Affected Products: Novell Linux Desktop 9 Novell Linux POS 9 Open Enterprise Server openSUSE 10.2 SUSE LINUX 10.1 SUSE LINUX 10.0 SUSE LINUX 9.3 SuSE Linux Desktop 1.0 SuSE Linux Enterprise Server 8 SuSE Linux Openexchange Server 4 SUSE LINUX Retail Solution 8 SuSE Linux School Server SuSE Linux Standard Server 8 SUSE SLED 10 SUSE SLES 10 SUSE SLES 9 UnitedLinux 1.0 Vulnerability Type: remote code execution Severity (1-10): 8 SUSE Default Package: yes Cross-References: CVE-2006-6169, CVE-2006-6235 Content of This Advisory: 1) Security Vulnerability Resolved: two security problems in GPG Problem Description 2) Solution or Work-Around 3) Special Instructions and Notes 4) Package Location and Checksums 5) Pending Vulnerabilities, Solutions, and Work-Arounds: See SUSE Security Summary Report. 6) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Problem Description and Brief Discussion Two security problems were fixed in the GNU Privacy Guard (GPG). - Specially crafted files could overflow a buffer when gpg was used in interactive mode (CVE-2006-6169). - Specially crafted files could modify a function pointer and could potentially execute code this way. (CVE-2006-6235). Update for all SUSE Linux based products have been released. 2) Solution or Work-Around There is no known workaround, please install the update packages. 3) Special Instructions and Notes None. 4) Package Location and Checksums The preferred method for installing security updates is to use the YaST Online Update (YOU) tool. YOU detects which updates are required and automatically performs the necessary steps to verify and install them. Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command rpm -Fhv <file.rpm> to apply the update, replacing <file.rpm> with the filename of the downloaded RPM package. x86 Platform: openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/gpg-1.4.5-24.2.i586.rpm 0032014cef28fd9d575ca9d56886dc9a ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/gpg2-1.9.22-20.2.i586.rpm 8cdf17f4928497c703df0986012bd924 SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/gpg-1.4.2-23.12.i586.rpm 714ad111277495f85fb4d75c07a436e1 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/gpg2-1.9.18-17.13.i586.rpm df328ffaa0b0fa34e70932dd8eafd399 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/gpg-1.4.2-5.11.i586.r… bbdac2ac9cf42f2e0744f93c7a27bd64 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/gpg2-1.9.18-2.11.i586… 6b96bf0aa835b5c5a6d38f3fe9baa020 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/gpg-1.4.0-4.11.i586.rpm 1f188d6e98593753dbf0115758c60700 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/gpg2-1.9.14-6.13.i586.… 493bb161ab9a0ee7e8b687da49fc874f Power PC Platform: openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/gpg-1.4.5-24.2.ppc.rpm 8ba71e773c0ed4bfad10017d4f0ad769 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/gpg2-1.9.22-20.2.ppc.rpm 04e4aa189832a2834ac843d3d216b560 SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/gpg-1.4.2-23.12.ppc.rpm 87d3e2efab5fda6d0c0fb0228e8089eb ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/gpg2-1.9.18-17.13.ppc.rpm 9ecd1af3d67515388dc5f9c797d33fde SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/gpg-1.4.2-5.11.ppc.rpm 36dd086f17d69a2344387249f4f59828 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/gpg2-1.9.18-2.11.ppc.r… 0b0a3f42511f722f1113ceb2ddb1fe42 x86-64 Platform: openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/gpg-1.4.5-24.2.x86_64.rpm 178ec43c6b057b055e64fd8ce3b370f3 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/gpg2-1.9.22-20.2.x86_64.… a480e34bc72c13902b060774a8c93614 SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/gpg-1.4.2-23.12.x86_64.r… 424104d7e79aa13997a9cd5bf48daaed ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/gpg2-1.9.18-17.13.x86_64… f9813d58d65585d3216ce4a514288e60 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/gpg-1.4.2-5.11.x86_… 542621ad20461324061e95d757f062a9 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/gpg2-1.9.18-2.11.x8… 6e40568843721500e6e7a01e49478be5 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/gpg-1.4.0-4.11.x86_6… d0857cd1ef3d71961e866f56c565b32d ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/gpg2-1.9.14-6.13.x86… 20eb29a34cd71e5d1fa86bb53522a5ca Sources: openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/gpg-1.4.5-24.2.src.rpm 8b319a4138cc1ff4304dc45c369936c6 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/gpg2-1.9.22-20.2.src.rpm 6ea5c120e635118233a97c5877ca10c0 SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/gpg-1.4.2-23.12.src.rpm 551331ff3994d1e0a6a1c893f9d99c84 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/gpg2-1.9.18-17.13.src.rpm 4dcf00273942790ccc8945f1badb441d SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/gpg-1.4.2-5.11.src.rpm 47425c0af8df3d11100bc938db0d9141 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/gpg2-1.9.18-2.11.src.r… d76d488c78aa5c047f9d0d3a72bb1509 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/gpg-1.4.0-4.11.src.rpm 86c9afba71507f0d4f3f7e88fa599ea1 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/gpg2-1.9.14-6.13.src.rpm a911124ed914970d7c458caf03ddd709 Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web: UnitedLinux 1.0 SuSE Linux Openexchange Server 4 Open Enterprise Server Novell Linux POS 9 SuSE Linux Enterprise Server 8 SuSE Linux Standard Server 8 SuSE Linux School Server SUSE LINUX Retail Solution 8 SuSE Linux Desktop 1.0 SUSE SLES 9 http://support.novell.com/techcenter/psdb/440643b5b7f99c513f043f911ca9d906.… Novell Linux Desktop 9 SUSE SLES 10 SUSE SLED 10 http://support.novell.com/techcenter/psdb/440643b5b7f99c513f043f911ca9d906.… http://support.novell.com/techcenter/psdb/d29d6e06422f5a6d9e87580b666bbb83.… ______________________________________________________________________________ 5) Pending Vulnerabilities, Solutions, and Work-Arounds: See SUSE Security Summary Report. ______________________________________________________________________________ 6) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify <file> replacing <file> with the name of the file where you saved the announcement. The output for a valid signature looks like: gpg: Signature made <DATE> using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team <security(a)suse.de>" where <DATE> is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with. There are two verification methods that can be used independently from each other to prove the authenticity of a downloaded file or RPM package: 1) Using the internal gpg signatures of the rpm package 2) MD5 checksums as provided in this announcement 1) The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig <file.rpm> to verify the signature of the package, replacing <file.rpm> with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build(a)suse.de with the key ID 9C800ACA. This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement. 2) If you need an alternative means of verification, use the md5sum command to verify the authenticity of the packages. Execute the command md5sum <filename.rpm> after you downloaded the file from a SUSE FTP server or its mirrors. Then compare the resulting md5sum with the one that is listed in the SUSE security announcement. Because the announcement containing the checksums is cryptographically signed (by security(a)suse.de) the checksums show proof of the authenticity of the package if the signature of the announcement is valid. Note that the md5 sums published in the SUSE Security Announcements are valid for the respective packages only. Newer versions of these packages cannot be verified. - SUSE runs two security mailing lists to which any interested party may subscribe: opensuse-security(a)opensuse.org - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to <opensuse-security+subscribe(a)opensuse.org>. suse-security-announce(a)suse.com - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to <suse-security-announce-subscribe(a)suse.com>. ===================================================================== SUSE's security contact is <security(a)suse.com> or <security(a)suse.de>. The <security(a)suse.de> public key is listed below. ===================================================================== ______________________________________________________________________________ The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text. SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security(a)suse.de> pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build(a)suse.de> - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.2 (GNU/Linux) mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh 1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+ cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7 tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63 Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+ x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0 Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2 saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o L0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU F7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS FQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW tp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It Klj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF AjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+ 3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk YS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP +Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR 8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U 8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S cZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh ELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB UVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo AqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n KFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi BBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro nIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg KL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx yoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn B/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV wM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh UzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF 5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3 D3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu zgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd 9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi a5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13 CNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp 271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE t5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG B/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw rbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt IJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL rWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H RKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa g8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA CspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO =ypVs - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBRX/ZUHey5gA9JdPZAQIOtAgAhfTRKFz8N8OVIgeSs4QoP9KwUO3dTRiu EWk70Nh0T+NzXCeybmfHde1B5wqzQzvF1Z0SpwOUd44yRVQFeMlsijwaiIVpAb3f FAMCD5hjx2Q9kgMMq0H6sGWep2llC1fF1KPdwjS28mc9th7LYh18Gya5nT6dLLy5 A4OE5gKPnAxVd/JjV/hlMZLsEgYyXxwqa9s1L88IvMyOvu2RqmDBBEQYyC4PXGAW 1VA1OGy9479Hp58bLK7m49g0oHArW0QNJvJU2n7I9A9WLDVC5uq9UwMjvV16yek5 CaZLjfJAe6ojd+eTf7aKuo7cuBA7iZUXhDaeUH/khMoezLfZuc51Qw== =X3GI -----END PGP SIGNATURE-----

1 0

SUSE Security Announcement: Madwifi remote root exploit (SUSE-SA:2006:074)
by Marcus Meissner 11 Dec '06

11 Dec '06

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Announcement Package: madwifi Announcement ID: SUSE-SA:2006:074 Date: Mon, 11 Dec 2006 18:00:00 +0000 Affected Products: SUSE SLED 10 SUSE Linux 9.3 SUSE Linux 10.0 Vulnerability Type: remote code execution Severity (1-10): 10 SUSE Default Package: yes Cross-References: CVE-2006-6332 Content of This Advisory: 1) Security Vulnerability Resolved: Atheros WLAN driver remote root exploit Problem Description 2) Solution or Work-Around 3) Special Instructions and Notes 4) Package Location and Checksums 5) Pending Vulnerabilities, Solutions, and Work-Arounds: See SUSE Security Summary Report. 6) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Problem Description and Brief Discussion The madwifi-ng Atheros Wireless LAN card driver is subject to a remotely exploitable stack buffer overflow, which either code execution possibility or at least a denial of service (kernel crash). A physical local attacker (within WLAN range) has to provide an malicious access point which the card tries to associate with to be able to effect this attack. This issue is tracked by the Mitre CVE ID CVE-2006-6332. This update also brings the madwifi driver to version 0.9.2.1. Affected SUSE Linux products: SUSE Linux Desktop 10 - Code execution is possible when this problem is exploited. Fixed madwifi-kmp-* packages are available and linked from this advisory. SUSE Linux 9.3 and 10.0 - These distributions use an older madwifi driver version, where an attacker can only overflow the buffer with hex characters, making code execution nearly impossible but a denial of service (crash) still likely. Updates for 9.3 and 10.0 are in preparation and will be in the next kernel security update. Other SUSE Linux versions do not ship the madwifi driver or are not vulnerable to this problem. For SUSE Linux 10.1 and openSUSE 10.2 the Madwifi community provides fixed driver modules and a new driver module layout on http://madwifi.org/wiki/news/20061208/suse-repository-updated-layout-changed 2) Solution or Work-Around There is no known workaround, please install the update packages. 3) Special Instructions and Notes It is sufficient to rmmod and then modprobe the "ath_pci" kernel module after installing the update. The recommended way to get a known good state is to reboot the machine. 4) Package Location and Checksums The preferred method for installing security updates is to use the YaST Online Update (YOU) tool. YOU detects which updates are required and automatically performs the necessary steps to verify and install them. Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command rpm -Fhv <file.rpm> to apply the update, replacing <file.rpm> with the filename of the downloaded RPM package. Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web: SUSE SLED 10 http://support.novell.com/techcenter/psdb/3416396e4a9f8f1824b11dc72bbdce3e.… ______________________________________________________________________________ 5) Pending Vulnerabilities, Solutions, and Work-Arounds: See SUSE Security Summary Report. ______________________________________________________________________________ 6) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify <file> replacing <file> with the name of the file where you saved the announcement. The output for a valid signature looks like: gpg: Signature made <DATE> using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team <security(a)suse.de>" where <DATE> is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with. There are two verification methods that can be used independently from each other to prove the authenticity of a downloaded file or RPM package: 1) Using the internal gpg signatures of the rpm package 2) MD5 checksums as provided in this announcement 1) The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig <file.rpm> to verify the signature of the package, replacing <file.rpm> with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build(a)suse.de with the key ID 9C800ACA. This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement. 2) If you need an alternative means of verification, use the md5sum command to verify the authenticity of the packages. Execute the command md5sum <filename.rpm> after you downloaded the file from a SUSE FTP server or its mirrors. Then compare the resulting md5sum with the one that is listed in the SUSE security announcement. Because the announcement containing the checksums is cryptographically signed (by security(a)suse.de) the checksums show proof of the authenticity of the package if the signature of the announcement is valid. Note that the md5 sums published in the SUSE Security Announcements are valid for the respective packages only. Newer versions of these packages cannot be verified. - SUSE runs two security mailing lists to which any interested party may subscribe: opensuse-security(a)opensuse.org - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to <opensuse-security+subscribe(a)opensuse.org>. suse-security-announce(a)suse.com - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to <suse-security-announce-subscribe(a)suse.com>. For general information or the frequently asked questions (FAQ), send mail to <suse-security-info(a)suse.com> or <suse-security-faq(a)suse.com>. ===================================================================== SUSE's security contact is <security(a)suse.com> or <security(a)suse.de>. The <security(a)suse.de> public key is listed below. ===================================================================== ______________________________________________________________________________ The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text. SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security(a)suse.de> pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build(a)suse.de> - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.2 (GNU/Linux) mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh 1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+ cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7 tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63 Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+ x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0 Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2 saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o L0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU F7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS FQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW tp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It Klj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF AjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+ 3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk YS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP +Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR 8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U 8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S cZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh ELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB UVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo AqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n KFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi BBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro nIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg KL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx yoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn B/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV wM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh UzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF 5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3 D3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu zgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd 9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi a5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13 CNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp 271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE t5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG B/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw rbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt IJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL rWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H RKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa g8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA CspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO =ypVs - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBRX2Mg3ey5gA9JdPZAQKGZQf+I2xJDBSD0TlV2IkxAncE0m+abZbiRBH8 jFEEPHquzlR5Ea1IQ9PWiPbjZHQ/LrHliyv65JvNrZQAS2RYwxSQCtQfNI4AyIK/ whah8HwbMgzb7BIaBqj9Hq6jEw0gb8eS0ZQRNhUuw5GC4ctzqkt0UD101Py57eRL q9xpYti55fh0hUq9B/0PCqrvF6LtPDfj5mklQGnGs6CHTq2vEprnGBy7QddEkZWi h6RcTTrkYDlTtsPMRyQPgo+fvu23NeAL+lpk7Sn9qiXEyKAYuBc9re+ztvfbgFhr ln6Ly+B4qyBBW9Hx/dwLpUmuchf4TLMgWxt9gqXkVGisaM7ansz91w== =cv50 -----END PGP SIGNATURE-----

1 0

SUSE Security Summary Report SUSE-SR:2006:028
by Marcus Meissner 08 Dec '06

08 Dec '06

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Summary Report Announcement ID: SUSE-SR:2006:028 Date: Fri, 08 Dec 2006 17:00:00 +0000 Cross-References: CVE-2006-3334, CVE-2006-4513, CVE-2006-4810 CVE-2006-5793, CVE-2006-5864, CVE-2006-6172 CVE-2006-6235, CVE-2006-6332 Content of this advisory: 1) Solved Security Vulnerabilities: - xine-lib realmedia overflow problem - texinfo buffer overflows - wv overflows - libpng 2 denial of service 2) Pending Vulnerabilities, Solutions, and Work-Arounds: - madwifi remote exploit - next kernel update - gpg stack corruption - evince code execution - koffice PPT document denial of service 3) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Solved Security Vulnerabilities To avoid flooding mailing lists with SUSE Security Announcements for minor issues, SUSE Security releases weekly summary reports for the low profile vulnerability fixes. The SUSE Security Summary Reports do not list md5 sums or download URLs like the SUSE Security Announcements that are released for more severe vulnerabilities. Fixed packages for the following incidents are already available on our FTP server and via the YaST Online Update. - xine-lib realmedia overflow problem A bug in the XINE libraries that could have caused a buffer overflow in the real media plugin has been fixed. (CVE-2006-6172) It is not clear to us how exploitable this problem is. All SUSE Linux based products including xine-lib were affected. - texinfo buffer overflows Specially crafted texinfo files could crash the texinfo utilities. (CVE-2006-4810) This problem affected all SUSE Linux based distributions. - wv overflows Two integer overflows were found in the Microsoft Word converter library "wv", which could potentially be used to crash programs using this library or to even execute code. - A LVL Count Integer Overflow Vulnerability was fixed. - A LFO Count Integer Overflow Vulnerability was fixed. Both problems have been assigned the Mitre CVE ID CVE-2006-4513 and affect all SUSE Linux based products containing the "wv" package. - libpng 2 denial of service The sPLT chunk handling in libpng was incorrect and a handcrafted PNG file could be use to cause an out-of-bounds read, effectively crashing the PNG viewer or web browser. (CVE-2006-5793) Additionally a 2 byte stack overflow was fixed which we do not believe to be exploitable. It will cause an abort of the viewer or web browser in SUSE Linux 10.0 and newer due to string overflow checking. (CVE-2006-3334) These problems were fixed for all SUSE Linux based distributions. ______________________________________________________________________________ 2) Pending Vulnerabilities, Solutions, and Work-Arounds - madwifi remote exploit A remote exploitable vulnerability was found in the Atheros madwifi driver. On the version on SUSE Linux Enterprise Desktop 10 it is possible for a attacker physically close (WLAN range) to the machine to overflow a kernel stack buffer and execute code. On SUSE Linux 9.3 and 10.0 it is possible for a physically close attacker to cause a kernel crash, but no code execution. SUSE Linux Enterprise Server 9 contains the Atheros driver, but is not vulnerable to the problem due to the age of the driver. Other SUSE Linux and openSUSE versions do not contain the Atheros driver. This issue is tracked by the Mitre CVE ID CVE-2006-6332. We are currently preparing fixed packages. - Next kernel update We are currently preparing the next kernel update round of our 2.6 kernels, scheduled to be delivered before Christmas. There are no outstanding critical security problems, the release target is mostly rolling in local denial of service problems and other bugfixes. - gpg stack corruption A stack corruption which potentially can lead to code execution was found in the GNU Privacy Guard, versions 1 and 2. This issue is tracked by the Mitre CVE ID CVE-2006-6235. Updates are currently in QA. - evince code execution The PDF and Postscript viewer evince is also affected by the postscript triggered stack overflow found in "gv", tracked by the Mitre CVE ID CVE-2006-5864. Updated packages for this problem are currently in QA. - koffice PPT document denial of service A denial of service (crash) with PPT documents was reported in the Laola import filters of koffice. QA found that those problems are not fully fixed yet and we are currently reviewing and fixing the rest of them. ______________________________________________________________________________ 3) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify <file> replacing <file> with the name of the file containing the announcement. The output for a valid signature looks like: gpg: Signature made <DATE> using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team <security(a)suse.de>" where <DATE> is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and integrity of a package needs to be verified to ensure that it has not been tampered with. The internal RPM package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig <file.rpm> to verify the signature of the package, replacing <file.rpm> with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build(a)suse.de with the key ID 9C800ACA. This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and included at the end of this announcement. - SUSE runs two security mailing lists to which any interested party may subscribe: opensuse-security(a)opensuse.org - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to <opensuse-security+subscribe(a)opensuse.org>. suse-security-announce(a)suse.com - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to <suse-security-announce-subscribe(a)suse.com>. For general information or the frequently asked questions (FAQ) send mail to <suse-security-info(a)suse.com> or <suse-security-faq(a)suse.com>. ===================================================================== SUSE's security contact is <security(a)suse.com> or <security(a)suse.de>. The <security(a)suse.de> public key is listed below. ===================================================================== ______________________________________________________________________________ The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text. SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security(a)suse.de> pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build(a)suse.de> - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.2 (GNU/Linux) mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh 1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+ cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7 tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63 Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+ x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0 Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2 saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o L0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU F7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS FQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW tp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It Klj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF AjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+ 3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk YS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP +Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR 8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U 8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S cZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh ELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB UVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo AqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n KFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi BBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro nIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg KL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx yoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn B/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV wM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh UzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF 5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3 D3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu zgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd 9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi a5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13 CNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp 271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE t5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG B/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw rbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt IJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL rWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H RKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa g8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA CspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO =ypVs - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBRXmHVXey5gA9JdPZAQI1zAgAiAnrG3HNKRN7uMF7qKf2ZAKStp5Fe93v 24e2VByrqh6nhoXbjMf1R7HQZ3GFKs/Hty0/NsFN1ZEMwivTEwfxHFu23sAkvcly 3CPFlgefTfvJ4P/q+CtwQ1a0GyGCUVfr8tZmTALCPc10zubqOMMfpmdJlg1zyTeT SH3bdeA4eMNq0kXlHWvW8a8xZQ4+cZ/YMSTyFFavms1e2aVieMABwJ28X1DrgcVy tVCXbO7XwsAD8wAoucQMXRF5J8sIzg2frpYTZMC0pB9K3YSBQ4EcwOPuGo7wfr3x SvONkDodRTYmjBFwftLzConEeXSddhJMYL7eZhXj9UBHhN1ebTslvQ== =qvAb -----END PGP SIGNATURE-----

1 0

SUSE Security Announcement: mono (SUSE-SA:2006:073)
by Marcus Meissner 01 Dec '06

01 Dec '06

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Announcement Package: mono-core Announcement ID: SUSE-SA:2006:073 Date: Fri, 01 Dec 2006 16:00:00 +0000 Affected Products: Novell Linux Desktop 9 Open Enterprise Server SLE SDK 10 SLES SDK 9 SUSE LINUX 10.1 SUSE LINUX 10.0 SUSE LINUX 9.3 SUSE SLED 10 SUSE SLES 10 Vulnerability Type: local privilege escalation Severity (1-10): 5 SUSE Default Package: yes Cross-References: CVE-2006-4799, CVE-2006-4800, CVE-2006-5072 CVE-2006-5973 Content of This Advisory: 1) Security Vulnerability Resolved: Mono tempfile race might lead to privilege escalation Problem Description 2) Solution or Work-Around 3) Special Instructions and Notes 4) Package Location and Checksums 5) Pending Vulnerabilities, Solutions, and Work-Arounds: - dovecot off by one overflow - xine-lib several overflows - kdegraphics3 kfile_jpeg EXIF crashes 6) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Problem Description and Brief Discussion Sebastian Krahmer of SUSE Security found that the Mono System.Xml.Serialization class contained a /tmp race which potentially allows local attackers to execute code as the user using the Serialization method. This is tracked by the Mitre CVE ID CVE-2006-5072. Packages for all affected distributions were released on November 10th, and for SLE 10 on November 27th. 2) Solution or Work-Around There is no known workaround, please install the update packages. 3) Special Instructions and Notes Please close and restart all running instances of beagle (one user of C# serialization) after the update. 4) Package Location and Checksums The preferred method for installing security updates is to use the YaST Online Update (YOU) tool. YOU detects which updates are required and automatically performs the necessary steps to verify and install them. Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command rpm -Fhv <file.rpm> to apply the update, replacing <file.rpm> with the filename of the downloaded RPM package. x86 Platform: SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/bytefx-data-mysql-1.1.13.8… 7b4abac64336eb30d5937b25aabe7494 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/ibm-data-db2-1.1.13.8-2.10… 66859d556f70601ca9b73d7b401f6985 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/mono-basic-1.1.13.8-2.10.i… 02b60b74291d274e763f90d34db1541f ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/mono-core-1.1.13.8-2.10.i5… 9036159cfa23d2d87434c053cf7d8999 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/mono-data-1.1.13.8-2.10.i5… eb618bb94e3fe4ffedb155cb2c213624 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/mono-data-firebird-1.1.13.… d02343e65f86dbbe12b29196bb5fdf2c ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/mono-data-oracle-1.1.13.8-… d64bc8dd2687a516aadd13b3c554ea95 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/mono-data-postgresql-1.1.1… a80d59f87ec8c37f339014485e4a39d4 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/mono-data-sqlite-1.1.13.8-… dceba155389e2427ae71fa0997142842 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/mono-data-sybase-1.1.13.8-… 09d51fa450bacc0eea814c32c5dcbec5 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/mono-devel-1.1.13.8-2.10.i… 3f57ef06657bac839837fefeef45b0ec ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/mono-extras-1.1.13.8-2.10.… 83b41f4bdfb04e8ee7afd0ef0796aa17 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/mono-jscript-1.1.13.8-2.10… aeb8b0d7490918bfb4777f1d472529e9 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/mono-locale-extras-1.1.13.… 6715990b4674d06897929e892758d656 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/mono-nunit-1.1.13.8-2.10.i… eb37fcf30228a1e3a4be1030f02d163d ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/mono-web-1.1.13.8-2.10.i58… cf507f8fb0d351ee109acfbcf742af2f ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/mono-winforms-1.1.13.8-2.1… 36e253dceff26c6d8665842d2092d2a8 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/bytefx-data-mysql-1.1… 8723e97076ed998aedb5c149745a4240 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/ibm-data-db2-1.1.8.3-… 82a201ed72c8ccf6e564063b036756f6 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/mono-basic-1.1.8.3-6.… e6b5ea2f15319e9bbf7f06bbdd564af5 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/mono-core-1.1.8.3-6.3… a2cb5556848cd0dfa9ad8eae3f4c4eb2 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/mono-data-1.1.8.3-6.3… e96d50f8c57e97f01b09bf45df6d5caa ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/mono-data-oracle-1.1.… ec79d94d2c77199fcda0e0a1b345e79e ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/mono-data-postgresql-… 1725efd5f7231007cbafde6dbb17d6d3 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/mono-data-sqlite-1.1.… defe0b0095be00f5db4ce6a68e0768da ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/mono-data-sybase-1.1.… 0935ede50fd97451dceca2429a94b69c ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/mono-devel-1.1.8.3-6.… f64733249eaa4cfdcb5bc18da199136b ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/mono-extras-1.1.8.3-6… f85c62aca21da3c246487e7acaa46279 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/mono-ikvm-1.1.8.3-6.3… 6297e9c7666b6982b8f2fe681b65eeb5 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/mono-locale-extras-1.… f81c3d2f2e4cb78923fe97c476f51f8e ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/mono-nunit-1.1.8.3-6.… f5364d8503d3b0224a02602db6fd3ac2 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/mono-web-1.1.8.3-6.3.… ecda8771dd681ea6b59c5299e0feaf02 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/mono-winforms-1.1.8.3… ea5b6cf547461a7dd0acbabd6f1c6e5f SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/bytefx-data-mysql-1.1.… 1a547c3c0ab97e5055ceaf3d31dbdb3a ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/ibm-data-db2-1.1.4-15.… 087cdd86b5f7b5d9cbbda2a2f9d27bd1 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/mono-basic-1.1.4-15.2.… 3b423876c8143c012431810d56d5efbc ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/mono-core-1.1.4-15.2.i… 58345dff171b360a90ff551e9d41af8b ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/mono-data-1.1.4-15.2.i… c2f4a478f0b6e928b1ceaec1be0b9471 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/mono-data-oracle-1.1.4… 44470ab6051edcd175463cdd891729ce ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/mono-data-postgresql-1… 01df17ef51f4dd2ca09720ddfabc2479 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/mono-data-sqlite-1.1.4… 412e9c9b7e1c1a34484242cab4cad458 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/mono-data-sybase-1.1.4… 19e03e53d58589369fdebb168d7a73f1 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/mono-devel-1.1.4-15.2.… c310e0e401f7c6e199c8da324b9ffd9d ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/mono-extras-1.1.4-15.2… 3a21f822e56267d0b9f4401430e96abb ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/mono-ikvm-1.1.4-15.2.i… 4f5667eacc74fda44bd90d4f3e9c337e ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/mono-locale-extras-1.1… 8a53abf982e0d1b0ca85bba71ec65635 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/mono-web-1.1.4-15.2.i5… c458032d6863a1f1eab9a020031e735a ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/mono-winforms-1.1.4-15… 308768cbcf198fa1ec3172e26e9d67d1 Power PC Platform: SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/bytefx-data-mysql-1.1.13.8-… 9313cea2c9dec8f52cdfe4441248ee54 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/ibm-data-db2-1.1.13.8-2.10.… a9e6e92384d55db7ab84498997ff95b5 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/mono-basic-1.1.13.8-2.10.pp… c5d31bd0f0897a093d058efb3e9d36ee ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/mono-core-1.1.13.8-2.10.ppc… 5f08a5f5ceed82e3a2029af9fe44243e ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/mono-data-1.1.13.8-2.10.ppc… c77b18deac849e205a686140dc577077 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/mono-data-firebird-1.1.13.8… 096347d6190bbd6952f34a06191c0b5b ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/mono-data-oracle-1.1.13.8-2… 068132b00bf66578afd0f57a02fbc0f3 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/mono-data-postgresql-1.1.13… a7633423935807d8ec63af34c140126f ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/mono-data-sqlite-1.1.13.8-2… 7d679cd2374a89c3def920368bbcd689 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/mono-data-sybase-1.1.13.8-2… 19ebb43356078a17b7e962db58ac8058 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/mono-devel-1.1.13.8-2.10.pp… 8274b40f614ab66d8e588f284a1e654b ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/mono-extras-1.1.13.8-2.10.p… abd9e49ffaaabb50d9e9dfdc7c02bf2a ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/mono-jscript-1.1.13.8-2.10.… 70f9d55dd1078ac976431bd2b3246368 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/mono-locale-extras-1.1.13.8… 918878cbbe1e0a9a59058f6d81433751 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/mono-nunit-1.1.13.8-2.10.pp… a5a3de007da4558073bc00a2019ba5aa ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/mono-web-1.1.13.8-2.10.ppc.… e2208039b64330e34aac9ec7020a063c ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/mono-winforms-1.1.13.8-2.10… ec89803672bb0d000f238009927343e7 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/bytefx-data-mysql-1.1.… 89141c520781244c275ff2e2d8b4c1b5 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/ibm-data-db2-1.1.8.3-6… 968f25f3c344929b2f1754f4f9f5a0fc ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/mono-basic-1.1.8.3-6.3… 8dcb79d36fda7785124038240bb40df0 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/mono-core-1.1.8.3-6.3.… 50675e0b79610192a8f38fdaf4b655a3 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/mono-data-1.1.8.3-6.3.… d13657008290fc055958fac933b15beb ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/mono-data-oracle-1.1.8… 0829dd512ffe36216eba935288a37aff ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/mono-data-postgresql-1… 71a78c27a97f620774c23b4a5ae9e1ac ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/mono-data-sqlite-1.1.8… b4709e8c29aea15d130cd3df58e198f2 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/mono-data-sybase-1.1.8… 1b84a559b9c91895187707e08df7bb81 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/mono-devel-1.1.8.3-6.3… dbf8dc82c1b56af047402424fa36e889 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/mono-extras-1.1.8.3-6.… 52dc5bd08e8d0838a190d32abe6d9360 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/mono-ikvm-1.1.8.3-6.3.… 006f73bc4a0376aa6dcdb476773fac7f ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/mono-locale-extras-1.1… f4e37b49b4cd0cba088d1cbce4b6a106 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/mono-nunit-1.1.8.3-6.3… d0d846db02bdfd31225fbceeb99a83d9 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/mono-web-1.1.8.3-6.3.p… 25e0ce59ffc1cc50eab7381029d9f37b ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/mono-winforms-1.1.8.3-… 12c2317e35c03901605d35828ad97559 x86-64 Platform: SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/bytefx-data-mysql-1.1.13… 2f9b1e124a86cd8d9434dc34ae704e34 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/ibm-data-db2-1.1.13.8-2.… eb35e4758f2367f14e63f93653d93929 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/mono-basic-1.1.13.8-2.10… e45fc3b3d4f6e6738e1be4a7756b3b87 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/mono-core-1.1.13.8-2.10.… 022fcc53335d2521eef17fd2d9d5d65e ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/mono-core-32bit-1.1.13.8… 14aa868bfeeb53ccd484c542db37ca8f ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/mono-data-1.1.13.8-2.10.… 3bc6667d6f053b9d737feee86548187a ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/mono-data-firebird-1.1.1… 0c5701fe6cb9689876d81edaa85376f1 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/mono-data-oracle-1.1.13.… c8c1f41f8dfd7053c20e831a4ef0dab9 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/mono-data-postgresql-1.1… ebd0e9c450d432e9d0330d535cf49e5f ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/mono-data-sqlite-1.1.13.… a13b9d5c42edcaf106fff4fa5518a25a ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/mono-data-sybase-1.1.13.… e3906044737c10c7703908171adf3f57 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/mono-devel-1.1.13.8-2.10… f467c3939b354ed578f7157d8ef31ba7 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/mono-extras-1.1.13.8-2.1… d2f67c4278dff46c6467a5aa5d5ae21a ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/mono-jscript-1.1.13.8-2.… 02e8931e0c337c91d7659ad6a6411f3e ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/mono-locale-extras-1.1.1… bc6f46f246e4a04db7ce73c4a9a8e14a ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/mono-nunit-1.1.13.8-2.10… 0c8256c4fb7cf7260871e260051e9cb8 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/mono-web-1.1.13.8-2.10.x… 44662d4d9dcbe2dcfdaed5aadf0d3280 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/mono-winforms-1.1.13.8-2… 3f1f16b27a5e82d4ec21813ff6d20de6 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/bytefx-data-mysql-1… faaafa4a6b2697b64002a0e54d966fb5 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/ibm-data-db2-1.1.8.… 9bc2cc6f76d3ab0a3fa40e432ce8a5a5 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/mono-basic-1.1.8.3-… b34db12ed5a82a0e421024924b8c9d35 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/mono-core-1.1.8.3-6… 9012ea42ee4342f5f33d0441d343dfbc ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/mono-core-32bit-1.1… 44a8e61f033f307894649a5f426a0201 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/mono-data-1.1.8.3-6… 8368c48caf6f752b5b95eb4eba3fd328 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/mono-data-oracle-1.… 8ac64af18626a2a781ad07dd94c06d98 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/mono-data-postgresq… 569cf2d488ceb8c75ce24509255db131 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/mono-data-sqlite-1.… aa45bd963f675134c562cf337656a431 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/mono-data-sybase-1.… d27ef73513e09f0e13198ac917de4f5a ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/mono-devel-1.1.8.3-… a9a6390486569dd2a30404c2a1c720d1 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/mono-extras-1.1.8.3… 952679113589f9568203b0f65e353be7 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/mono-ikvm-1.1.8.3-6… 8e8477d1f0dbf6c58372655b94b2e763 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/mono-locale-extras-… b24ef527a716c2828bcbde7c64554f55 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/mono-nunit-1.1.8.3-… 18b311d2694fec20cb8e91cace644b7a ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/mono-web-1.1.8.3-6.… 58e7313cc4497968024c97bf9d0391e1 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/mono-winforms-1.1.8… 92ba868cfa14ec498100e5dd65ed907d SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/bytefx-data-mysql-1.… b0826412e85bbff760b5779fdc80ec94 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/ibm-data-db2-1.1.4-1… 98bd39be148e960ad27d8069c2adf8d1 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/mono-basic-1.1.4-15.… 156ae0023277a6160e87acc6ca8900d9 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/mono-core-1.1.4-15.2… 4fb514b18b529705623f7e6a0a215f19 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/mono-data-1.1.4-15.2… db7ae6e63b7723c9f098c1e1ae8b4fd2 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/mono-data-oracle-1.1… 5b703b05cd53c20425ef68705c9373f8 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/mono-data-postgresql… a29f36a0cac395178ac22be57821862e ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/mono-data-sqlite-1.1… 31a71ffbd976fb28c9d68d69faa8bcfd ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/mono-data-sybase-1.1… 241c1862886fd0a36afb17113a72858a ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/mono-devel-1.1.4-15.… b884e230f98ed60c5e75da726a498349 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/mono-extras-1.1.4-15… bd0a1137352eec2f3a8bc0d02f779a57 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/mono-ikvm-1.1.4-15.2… 32f13ab54aafbd90ab70813c81bc4bb7 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/mono-locale-extras-1… 776af4929c99c7c5169baa9c9e114b91 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/mono-web-1.1.4-15.2.… d96f093d040a9f4b8d778a86a7b816e7 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/mono-winforms-1.1.4-… 3e542aca65ef4dfbe9e395c3427f93c4 Sources: SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/mono-core-1.1.13.8-2.10.src… 331cc1e61190283b14483c43a542b249 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/mono-core-1.1.8.3-6.3.… 3d571d3a89e8b002b5adf330eb77fabc SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/mono-core-1.1.4-15.2.sr… bef98a4d3e3ecc2ce308b65b3614c701 Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web: SUSE SLES 10 http://support.novell.com/techcenter/psdb/d0045f4fdf109a52c8482692f86759ac.… SLE SDK 10 http://support.novell.com/techcenter/psdb/d0045f4fdf109a52c8482692f86759ac.… SUSE SLED 10 http://support.novell.com/techcenter/psdb/d0045f4fdf109a52c8482692f86759ac.… SLES SDK 9 http://support.novell.com/techcenter/psdb/375ca96db35d471ce78d859b07e10e7a.… Novell Linux Desktop 9 http://support.novell.com/techcenter/psdb/375ca96db35d471ce78d859b07e10e7a.… Open Enterprise Server http://support.novell.com/techcenter/psdb/76c31e721b09466bd2ae950409714b5b.… ______________________________________________________________________________ 5) Pending Vulnerabilities, Solutions, and Work-Arounds: - dovecot off by one overflow Off-by-one buffer overflow in Dovecot 1.0 versions, when index files are used and mmap_disable is set to "yes," allows remote authenticated IMAP or POP3 users to cause a denial of service (crash) via unspecified vectors involving the cache file. (CVE-2006-5973) This update only affects SUSE Linux 10.1 and was released on November 27th. - xine-lib several overflows Multiple buffer overflows were fixed in the XINE decoder libraries, which could be used by attackers to crash players or potentially execute code. CVE-2006-4799: Buffer overflow in ffmpeg for xine-lib before 1.1.2 might allow context-dependent attackers to execute arbitrary code via a crafted AVI file and "bad indexes". CVE-2006-4800: Multiple buffer overflows in libavcodec in ffmpeg before 0.4.9_p20060530 allow remote attackers to cause a denial of service or possibly execute arbitrary code via multiple unspecified vectors in (1) dtsdec.c, (2) vorbis.c, (3) rm.c, (4) sierravmd.c, (5) smacker.c, (6) tta.c, (7) 4xm.c, (8) alac.c, (9) cook.c, (10) shorten.c, (11) smacker.c, (12) snow.c, and (13) tta.c. This update was released on 27th of November and affects all SUSE Linux based products containing xine-lib. - kdegraphics3 kfile_jpeg EXIF crashes The KFILE JPEG plugin that is responsible for displaying meta-data of JPEG files was affected by some old common vulnerabilities in EXIF handling. A JPEG file could be prepared with an EXIF section with endless recursion that would overflow the stack and cause the plugin and so the image browser (konqueror, digikam or other kfile users) to crash. This problem can only be used for denial of service attacks. ______________________________________________________________________________ 6) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify <file> replacing <file> with the name of the file where you saved the announcement. The output for a valid signature looks like: gpg: Signature made <DATE> using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team <security(a)suse.de>" where <DATE> is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with. There are two verification methods that can be used independently from each other to prove the authenticity of a downloaded file or RPM package: 1) Using the internal gpg signatures of the rpm package 2) MD5 checksums as provided in this announcement 1) The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig <file.rpm> to verify the signature of the package, replacing <file.rpm> with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build(a)suse.de with the key ID 9C800ACA. This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement. 2) If you need an alternative means of verification, use the md5sum command to verify the authenticity of the packages. Execute the command md5sum <filename.rpm> after you downloaded the file from a SUSE FTP server or its mirrors. Then compare the resulting md5sum with the one that is listed in the SUSE security announcement. Because the announcement containing the checksums is cryptographically signed (by security(a)suse.de) the checksums show proof of the authenticity of the package if the signature of the announcement is valid. Note that the md5 sums published in the SUSE Security Announcements are valid for the respective packages only. Newer versions of these packages cannot be verified. - SUSE runs two security mailing lists to which any interested party may subscribe: opensuse-security(a)opensuse.org - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to <opensuse-security+subscribe(a)opensuse.org>. suse-security-announce(a)suse.com - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to <suse-security-announce-subscribe(a)suse.com>. For general information or the frequently asked questions (FAQ), send mail to <suse-security-info(a)suse.com> or <suse-security-faq(a)suse.com>. ===================================================================== SUSE's security contact is <security(a)suse.com> or <security(a)suse.de>. The <security(a)suse.de> public key is listed below. ===================================================================== ______________________________________________________________________________ The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text. SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security(a)suse.de> pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build(a)suse.de> - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.2 (GNU/Linux) mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh 1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+ cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7 tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63 Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+ x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0 Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2 saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o L0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU F7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS FQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW tp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It Klj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF AjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+ 3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk YS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP +Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR 8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U 8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S cZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh ELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB UVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo AqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n KFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi BBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro nIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg KL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx yoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn B/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV wM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh UzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF 5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3 D3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu zgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd 9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi a5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13 CNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp 271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE t5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG B/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw rbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt IJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL rWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H RKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa g8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA CspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO =ypVs - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) iQEVAwUBRXBKdHey5gA9JdPZAQIjtgf/b9OEcg3h8ngyZWdIsOS7kokhQqof6uHR q/J23LUsBdv0sRmRN4/xBKURTOZtBBlYE/VPKGFOrtwzf4CD3ih3qJGut4OAQovb EDXhu0/zYfrFFwjfhZsYC4Ek+5aemvsj6t+igVULbX6FSeulDgHNtAcOyfPCviad FlD/l75p+c3McthaLH8VLuJ+hKXRMFW42cwqGBEkkdhDz+0E0/P1HfT6o+Z3Zrql wS+i7iM/krGHd2a30NoNO0VI/ZO5TbOiN0RXsKt1AJpvARcFHxAGBFOMm9EtU2/q j4C4cLImTL+nvHorWUhKWlC9QHkPQvRyc2ujlgPNR92OiXoJDoM/Uw== =wHrU -----END PGP SIGNATURE-----

1 0