November 2009 - openSUSE Security Announce

[security-announce] SUSE Security Summary Report: SUSE-SR:2009:019
by Thomas Biege 24 Nov '09

24 Nov '09

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Summary Report Announcement ID: SUSE-SR:2009:019 Date: Tue, 24 Nov 2009 07:00:00 +0000 Cross-References: CVE-2009-1523, CVE-2009-2700, CVE-2009-2820 CVE-2009-3265, CVE-2009-3266, CVE-2009-3608 CVE-2009-3609, CVE-2009-3616, CVE-2009-3831 Content of this advisory: 1) Solved Security Vulnerabilities: - cups - jetty5 - libqt4/dbus-1-qt - opera - puretls/jessie - kdegraphics3-pdf - qemu 2) Pending Vulnerabilities, Solutions, and Work-Arounds: none 3) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Solved Security Vulnerabilities To avoid flooding mailing lists with SUSE Security Announcements for minor issues, SUSE Security releases weekly summary reports for the low profile vulnerability fixes. The SUSE Security Summary Reports do not list or download URLs like the SUSE Security Announcements that are released for more severe vulnerabilities. Fixed packages for the following incidents are already available on our FTP server and via the YaST Online Update. - cups The cups web interface was prone to Cross-Site Scripting (XSS) problems. CVE-2009-2820: CVSS v2 Base Score: 4.3 Affected products: openSUSE 11.0-11.1, SLE11 - jetty5 This update fixes a directory traversal bug in jetty5's HTTP server. CVE-2009-1523: CVSS v2 Base Score: 7.1 Affected products: openSUSE 11.2 - libqt4/dbus-1-qt This update fixes the handling of the subjectAltName field in SSL certificates. CVE-2009-2700: CVSS v2 Base Score: 6.8 Affected products: openSUSE 11.0-11.1, SLE10, SLE11 - opera Version upgrade of Opera to 10.1 to fix: - two XSS attacks via RSS/Atom CVE-2009-3265: CVSS v2 Base Score: 4.3 CVE-2009-3266: CVSS v2 Base Score: 4.3 - possible remote arbitrary code execution via crafted domain names CVE-2009-3831: CVSS v2 Base Score: 9.3 Affected products: openSUSE 11.0-11.2 - puretls/jessie The Java packages puretls and jessie can be used for TLS communication by Java programs. This packages are vulnerable to the current TLS renegatioation vulnerability tracked by CVE-2009-3555. The standard way to use TLS in Java is the JSSE framework included in the corresponding JDK. We will update the JDKs and therefore skip these orphaned packages. CVE-2009-3555: CVSS v2 Base Score: 6.4 - kdegraphics3-pdf Specially crafted PDF files could cause buffer overflows in the pdftops filter when printing such a document. CVE-2009-3608: CVSS v2 Base Score: 9.3 CVE-2009-3609: CVSS v2 Base Score: 4.3 Affected products: openSUSE 11.0-11.1, SLE10 - qemu The VNC server of qemu was vulnerable to use-after-free bugs, that allowed the execution of code on the host system initiated from the guest system. This bug can be used to escape from the guest machine. CVE-2009-3616: CVSS v2 Base Score: 8.5 Affected products: openSUSE 11.0-11.1, SLE11 ______________________________________________________________________________ 2) Pending Vulnerabilities, Solutions, and Work-Arounds none ______________________________________________________________________________ 3) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify <file> replacing <file> with the name of the file containing the announcement. The output for a valid signature looks like: gpg: Signature made <DATE> using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team <security(a)suse.de>" where <DATE> is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and integrity of a package needs to be verified to ensure that it has not been tampered with. The internal RPM package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig <file.rpm> to verify the signature of the package, replacing <file.rpm> with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build(a)suse.de with the key ID 9C800ACA. This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and included at the end of this announcement. - SUSE runs two security mailing lists to which any interested party may subscribe: opensuse-security(a)opensuse.org - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to <opensuse-security+subscribe(a)opensuse.org>. opensuse-security-announce(a)opensuse.org - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to <opensuse-security-announce+subscribe(a)opensuse.org>. ===================================================================== SUSE's security contact is <security(a)suse.com> or <security(a)suse.de>. The <security(a)suse.de> public key is listed below. ===================================================================== ______________________________________________________________________________ The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text. SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security(a)suse.de> pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build(a)suse.de> - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.2 (GNU/Linux) mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh 1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+ cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7 tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63 Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+ x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0 Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2 saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o L0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU F7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS FQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW tp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It Klj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF AjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+ 3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk YS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP +Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR 8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U 8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S cZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh ELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB UVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo AqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n KFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi BBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro nIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg KL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx yoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn B/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV wM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh UzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF 5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3 D3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu zgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd 9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi a5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13 CNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp 271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE t5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG B/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw rbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt IJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL rWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H RKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa g8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA CspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO =ypVs - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBSwu2dney5gA9JdPZAQL5oAf/XnMOAKd0Zoj54hRu+83y0xQWPCK3Pa1c VGYOczQqZJ2/JJR9m1hw12Kg9ubX3DmTRCly5brdmGkod++gPnvfaBbeFH0cbvow rMdXFHBuIGDfepdpLwywPFth3bKMyQjifmIZEQNDw5e96LKtjESCUx7hqL7F118d njGSJqsNP2rVoMUb3yakmx01RT7w3M9HAST9M3n1oh1EYjlSYgn5VE8oiaLizQPX aWU6Pzathfz9G99ME7nyReJH9Y+AaHWE6q9AThL6c75RPykawIeTgjg8XhEGDufy J7tpqNchsiKSr5tAGmIVPHELAUXr2GFPOEG6PNUIEgIQyj8FCmtyqw== =xlsJ -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE Security Announcement: Sun Java 6 (SUSE-SA:2009:058)
by Marcus Meissner 19 Nov '09

19 Nov '09

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Announcement Package: java-1_6_0-sun Announcement ID: SUSE-SA:2009:058 Date: Thu, 19 Nov 2009 16:00:00 +0000 Affected Products: openSUSE 11.0 openSUSE 11.1 openSUSE 11.2 SLES 11 DEBUGINFO SLED 11 Vulnerability Type: remote code execution Severity (1-10): 7 SUSE Default Package: yes Cross-References: CVE-2009-3864, CVE-2009-3865, CVE-2009-3866 CVE-2009-3867, CVE-2009-3868, CVE-2009-3869 CVE-2009-3871, CVE-2009-3872, CVE-2009-3873 CVE-2009-3874, CVE-2009-3875, CVE-2009-3876 CVE-2009-3877 Content of This Advisory: 1) Security Vulnerability Resolved: Sun Java 6 security update Problem Description 2) Solution or Work-Around 3) Special Instructions and Notes 4) Package Location and Checksums 5) Pending Vulnerabilities, Solutions, and Work-Arounds: See SUSE Security Summary Report. 6) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Problem Description and Brief Discussion The Sun Java 6 SDK/JRE was updated to u17 update fixing bugs and various security issues: CVE-2009-3866:The Java Web Start Installer in Sun Java SE in JDK and JRE 6 before Update 17 does not properly use security model permissions when removing installer extensions, which allows remote attackers to execute arbitrary code by modifying a certain JNLP file to have a URL field that points to an unintended trusted application, aka Bug Id 6872824. CVE-2009-3867: Stack-based buffer overflow in the HsbParser.getSoundBank function in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a long file: URL in an argument, aka Bug Id 6854303. CVE-2009-3869: Stack-based buffer overflow in the setDiffICM function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a crafted argument, aka Bug Id 6872357. CVE-2009-3871: Heap-based buffer overflow in the setBytePixels function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via crafted arguments, aka Bug Id 6872358. CVE-2009-3874: Integer overflow in the JPEGImageReader implementation in the ImageI/O component in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via large subsample dimensions in a JPEG file that triggers a heap-based buffer overflow, aka Bug Id 6874643. CVE-2009-3875: The MessageDigest.isEqual function in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to spoof HMAC-based digital signatures, and possibly bypass authentication, via unspecified vectors related to "timing attack vulnerabilities," aka Bug Id 6863503. CVE-2009-3876: Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consumption) via crafted DER encoded data, which is not properly decoded by the ASN.1 DER input stream parser, aka Bug Id 6864911. CVE-2009-3877: Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consumption) via crafted HTTP headers, which are not properly parsed by the ASN.1 DER input stream parser, aka Bug Id 6864911. CVE-2009-3864: The Java Update functionality in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22 and JDK and JRE 6 before Update 17, when a non-English version of Windows is used, does not retrieve available new JRE versions, which allows remote attackers to leverage vulnerabilities in older releases of this software, aka Bug Id 6869694. CVE-2009-3865: The launch method in the Deployment Toolkit plugin in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 6 before Update 17 allows remote attackers to execute arbitrary commands via a crafted web page, aka Bug Id 6869752. CVE-2009-3868: Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 does not properly parse color profiles, which allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862970. CVE-2009-3872: Unspecified vulnerability in the JPEG JFIF Decoder in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862969. CVE-2009-3873: The JPEG Image Writer in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to gain privileges via a crafted image file, related to a "quantization problem," aka Bug Id 6862968. 2) Solution or Work-Around There is no known workaround, please install the update packages. 3) Special Instructions and Notes Please close and restart all running instances of Sun Java 6 after the update. 4) Package Location and Checksums The preferred method for installing security updates is to use the YaST Online Update (YOU) tool. YOU detects which updates are required and automatically performs the necessary steps to verify and install them. Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command rpm -Fhv <file.rpm> to apply the update, replacing <file.rpm> with the filename of the downloaded RPM package. x86 Platform: openSUSE 11.2: http://download.opensuse.org/update/11.2/rpm/i586/java-1_6_0-sun-1.6.0.u17-… http://download.opensuse.org/update/11.2/rpm/i586/java-1_6_0-sun-alsa-1.6.0… http://download.opensuse.org/update/11.2/rpm/i586/java-1_6_0-sun-devel-1.6.… http://download.opensuse.org/update/11.2/rpm/i586/java-1_6_0-sun-jdbc-1.6.0… http://download.opensuse.org/update/11.2/rpm/i586/java-1_6_0-sun-plugin-1.6… http://download.opensuse.org/update/11.2/rpm/i586/java-1_6_0-sun-src-1.6.0.… openSUSE 11.1: http://download.opensuse.org/update/11.1/rpm/i586/java-1_6_0-sun-1.6.0.u17-… http://download.opensuse.org/update/11.1/rpm/i586/java-1_6_0-sun-alsa-1.6.0… http://download.opensuse.org/update/11.1/rpm/i586/java-1_6_0-sun-devel-1.6.… http://download.opensuse.org/update/11.1/rpm/i586/java-1_6_0-sun-jdbc-1.6.0… http://download.opensuse.org/update/11.1/rpm/i586/java-1_6_0-sun-plugin-1.6… http://download.opensuse.org/update/11.1/rpm/i586/java-1_6_0-sun-src-1.6.0.… openSUSE 11.0: http://download.opensuse.org/update/11.0/rpm/i586/java-1_6_0-sun-1.6.0.u17-… http://download.opensuse.org/update/11.0/rpm/i586/java-1_6_0-sun-alsa-1.6.0… http://download.opensuse.org/update/11.0/rpm/i586/java-1_6_0-sun-demo-1.6.0… http://download.opensuse.org/update/11.0/rpm/i586/java-1_6_0-sun-devel-1.6.… http://download.opensuse.org/update/11.0/rpm/i586/java-1_6_0-sun-jdbc-1.6.0… http://download.opensuse.org/update/11.0/rpm/i586/java-1_6_0-sun-plugin-1.6… http://download.opensuse.org/update/11.0/rpm/i586/java-1_6_0-sun-src-1.6.0.… x86-64 Platform: openSUSE 11.2: http://download.opensuse.org/update/11.2/rpm/x86_64/java-1_6_0-sun-1.6.0.u1… http://download.opensuse.org/update/11.2/rpm/x86_64/java-1_6_0-sun-alsa-1.6… http://download.opensuse.org/update/11.2/rpm/x86_64/java-1_6_0-sun-devel-1.… http://download.opensuse.org/update/11.2/rpm/x86_64/java-1_6_0-sun-jdbc-1.6… http://download.opensuse.org/update/11.2/rpm/x86_64/java-1_6_0-sun-plugin-1… http://download.opensuse.org/update/11.2/rpm/x86_64/java-1_6_0-sun-src-1.6.… openSUSE 11.1: http://download.opensuse.org/update/11.1/rpm/x86_64/java-1_6_0-sun-1.6.0.u1… http://download.opensuse.org/update/11.1/rpm/x86_64/java-1_6_0-sun-alsa-1.6… http://download.opensuse.org/update/11.1/rpm/x86_64/java-1_6_0-sun-devel-1.… http://download.opensuse.org/update/11.1/rpm/x86_64/java-1_6_0-sun-jdbc-1.6… http://download.opensuse.org/update/11.1/rpm/x86_64/java-1_6_0-sun-plugin-1… http://download.opensuse.org/update/11.1/rpm/x86_64/java-1_6_0-sun-src-1.6.… openSUSE 11.0: http://download.opensuse.org/update/11.0/rpm/x86_64/java-1_6_0-sun-1.6.0.u1… http://download.opensuse.org/update/11.0/rpm/x86_64/java-1_6_0-sun-alsa-1.6… http://download.opensuse.org/update/11.0/rpm/x86_64/java-1_6_0-sun-demo-1.6… http://download.opensuse.org/update/11.0/rpm/x86_64/java-1_6_0-sun-devel-1.… http://download.opensuse.org/update/11.0/rpm/x86_64/java-1_6_0-sun-jdbc-1.6… http://download.opensuse.org/update/11.0/rpm/x86_64/java-1_6_0-sun-plugin-1… http://download.opensuse.org/update/11.0/rpm/x86_64/java-1_6_0-sun-src-1.6.… Sources: openSUSE 11.2: http://download.opensuse.org/update/11.2/rpm/src/java-1_6_0-sun-1.6.0.u17-1… openSUSE 11.1: http://download.opensuse.org/update/11.1/rpm/src/java-1_6_0-sun-1.6.0.u17-1… openSUSE 11.0: http://download.opensuse.org/update/11.0/rpm/src/java-1_6_0-sun-1.6.0.u17-1… Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web: SLED 11 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… SLES 11 DEBUGINFO http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… ______________________________________________________________________________ 5) Pending Vulnerabilities, Solutions, and Work-Arounds: See SUSE Security Summary Report. ______________________________________________________________________________ 6) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify <file> replacing <file> with the name of the file where you saved the announcement. The output for a valid signature looks like: gpg: Signature made <DATE> using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team <security(a)suse.de>" where <DATE> is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with. The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig <file.rpm> to verify the signature of the package, replacing <file.rpm> with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build(a)suse.de with the key ID 9C800ACA. This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement. - SUSE runs two security mailing lists to which any interested party may subscribe: opensuse-security(a)opensuse.org - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to <opensuse-security+subscribe(a)opensuse.org>. opensuse-security-announce(a)opensuse.org - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to <opensuse-security-announce+subscribe(a)opensuse.org>. ===================================================================== SUSE's security contact is <security(a)suse.com> or <security(a)suse.de>. The <security(a)suse.de> public key is listed below. ===================================================================== ______________________________________________________________________________ The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text. SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security(a)suse.de> pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build(a)suse.de> - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.2 (GNU/Linux) mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh 1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+ cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7 tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63 Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+ x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0 Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2 saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o L0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU F7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS FQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW tp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It Klj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF AjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+ 3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk YS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP +Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR 8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U 8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S cZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh ELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB UVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo AqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n KFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi BBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro nIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg KL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx yoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn B/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV wM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh UzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF 5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3 D3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu zgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd 9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi a5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13 CNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp 271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE t5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG B/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw rbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt IJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL rWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H RKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa g8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA CspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO =ypVs - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (GNU/Linux) iQEVAwUBSwVr5Hey5gA9JdPZAQIfyAf/ZFYe2TfPcwxVSdGX7xc2IcBEw9rCIQwK UOPYsTUztWn7tOOGk7SLu8zBZemq6wckY8YR8GiStKW0YLdAtALe2x/X+fNwSJIE wCMXsiuohtHkxiHWZbZVYdg0058RvOJqZo3RUo1tngGm/FutYr2aHr36sTtpLWRE fnkJFaqzsMjm3eS1Lc6wEp5sCvP4+xGk64yHV7Ui8G5YtC5VE0lziEq7mhZWhoZp 34qL1Lv4yoFR9zDmSChlhYGhD6Rsws2xTwqRDql0ApcYIuIWEA1anaK5yRUCamPx J+HMEzO87ZGboqI2v4sDanXQCgK2BrGEkrLIEjYWI3hzhKPZhIeGYQ== =bvtJ -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE Security Announcement: openssl (SUSE-SA:2009:057)
by Thomas Biege 18 Nov '09

18 Nov '09

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Announcement Package: openssl Announcement ID: SUSE-SA:2009:057 Date: Wed, 18 Nov 2009 08:00:00 +0000 Affected Products: openSUSE 11.0 openSUSE 11.1 openSUSE 11.2 SUSE SLES 9 Novell Linux Desktop 9 Open Enterprise Server Novell Linux POS 9 SLE SDK 10 SP2 SLE SDK 10 SP3 SUSE Linux Enterprise Desktop 10 SP2 SUSE Linux Enterprise Desktop 10 SP3 SUSE Linux Enterprise 10 SP2 DEBUGINFO SUSE Linux Enterprise Server 10 SP2 SUSE Linux Enterprise 10 SP3 DEBUGINFO SUSE Linux Enterprise Server 10 SP3 SLES 11 DEBUGINFO SUSE Moblin 2.0 SLE 11 SLED 11 SLES 11 Vulnerability Type: man-in-the-middle attack CVSS v2 Base Score: 6.4 (MEDIUM) (AV:N/AC:L/Au:N/C:N/I:P/A:P) SUSE Default Package: yes Cross-References: CVE-2009-3555 Content of This Advisory: 1) Security Vulnerability Resolved: using unauthenticated data during TLS renegotiation Problem Description 2) Solution or Work-Around 3) Special Instructions and Notes 4) Package Location and Checksums 5) Pending Vulnerabilities, Solutions, and Work-Arounds: none 6) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Problem Description and Brief Discussion The TLS/SSLv3 protocol as implemented in openssl prior to this update was not able to associate already sent data to a renegotiated connection. This allowed man-in-the-middle attackers to inject HTTP requests in a HTTPS session without being noticed. For example Apache's mod_ssl was vulnerable to this kind of attack because it uses openssl. It is believed that this vulnerability is actively exploited in the wild to get access to HTTPS protected web-sites. Please note that renegotiation will be disabled for any application using openssl by this update and may cause problems in some cases. Additionally this attack is not limited to HTTP. 2) Solution or Work-Around There is no work-around known. Please install the update. Moblin packages will be released later. 3) Special Instructions and Notes Please note that this update disables renegotiation for all applications using openssl. All applications using openssl need to be restarted. You can find out what library an application uses with lsof(8) as root. If possible restart your system. 4) Package Location and Checksums The preferred method for installing security updates is to use the YaST Online Update (YOU) tool. YOU detects which updates are required and automatically performs the necessary steps to verify and install them. Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command rpm -Fhv <file.rpm> to apply the update, replacing <file.rpm> with the filename of the downloaded RPM package. x86 Platform: openSUSE 11.2: http://download.opensuse.org/debug/update/11.2/rpm/i586/compat-openssl097g-… http://download.opensuse.org/debug/update/11.2/rpm/i586/compat-openssl097g-… http://download.opensuse.org/debug/update/11.2/rpm/i586/libopenssl0_9_8-deb… http://download.opensuse.org/debug/update/11.2/rpm/i586/openssl-debuginfo-0… http://download.opensuse.org/debug/update/11.2/rpm/i586/openssl-debugsource… http://download.opensuse.org/update/11.2/rpm/i586/compat-openssl097g-0.9.7g… http://download.opensuse.org/update/11.2/rpm/i586/libopenssl-devel-0.9.8k-3… http://download.opensuse.org/update/11.2/rpm/i586/libopenssl0_9_8-0.9.8k-3.… http://download.opensuse.org/update/11.2/rpm/i586/openssl-0.9.8k-3.5.3.i586… http://download.opensuse.org/update/11.2/rpm/i586/openssl-doc-0.9.8k-3.5.3.… openSUSE 11.1: http://download.opensuse.org/debug/update/11.1/rpm/i586/compat-openssl097g-… http://download.opensuse.org/debug/update/11.1/rpm/i586/compat-openssl097g-… http://download.opensuse.org/debug/update/11.1/rpm/i586/openssl-debuginfo-0… http://download.opensuse.org/debug/update/11.1/rpm/i586/openssl-debugsource… http://download.opensuse.org/update/11.1/rpm/i586/compat-openssl097g-0.9.7g… http://download.opensuse.org/update/11.1/rpm/i586/libopenssl-devel-0.9.8h-2… http://download.opensuse.org/update/11.1/rpm/i586/libopenssl0_9_8-0.9.8h-28… http://download.opensuse.org/update/11.1/rpm/i586/openssl-0.9.8h-28.11.1.i5… http://download.opensuse.org/update/11.1/rpm/i586/openssl-doc-0.9.8h-28.11.… openSUSE 11.0: http://download.opensuse.org/debug/update/11.0/rpm/i586/compat-openssl097g-… http://download.opensuse.org/debug/update/11.0/rpm/i586/compat-openssl097g-… http://download.opensuse.org/debug/update/11.0/rpm/i586/openssl-debuginfo-0… http://download.opensuse.org/debug/update/11.0/rpm/i586/openssl-debugsource… http://download.opensuse.org/update/11.0/rpm/i586/compat-openssl097g-0.9.7g… http://download.opensuse.org/update/11.0/rpm/i586/libopenssl-devel-0.9.8g-4… http://download.opensuse.org/update/11.0/rpm/i586/libopenssl0_9_8-0.9.8g-47… http://download.opensuse.org/update/11.0/rpm/i586/openssl-0.9.8g-47.10.i586… http://download.opensuse.org/update/11.0/rpm/i586/openssl-certs-0.9.8g-47.1… http://download.opensuse.org/update/11.0/rpm/i586/openssl-doc-0.9.8g-47.10.… Platform Independent: openSUSE 11.2: http://download.opensuse.org/update/11.2/rpm/noarch/openssl-certs-0.9.8h-28… openSUSE 11.1: http://download.opensuse.org/update/11.1/rpm/noarch/openssl-certs-0.9.8h-25… Power PC Platform: openSUSE 11.1: http://download.opensuse.org/debug/update/11.1/rpm/ppc/compat-openssl097g-d… http://download.opensuse.org/debug/update/11.1/rpm/ppc/compat-openssl097g-d… http://download.opensuse.org/debug/update/11.1/rpm/ppc/compat-openssl097g-d… http://download.opensuse.org/debug/update/11.1/rpm/ppc/openssl-debuginfo-0.… http://download.opensuse.org/debug/update/11.1/rpm/ppc/openssl-debugsource-… http://download.opensuse.org/update/11.1/rpm/ppc/compat-openssl097g-0.9.7g-… http://download.opensuse.org/update/11.1/rpm/ppc/compat-openssl097g-64bit-0… http://download.opensuse.org/update/11.1/rpm/ppc/libopenssl-devel-0.9.8h-28… http://download.opensuse.org/update/11.1/rpm/ppc/libopenssl0_9_8-0.9.8h-28.… http://download.opensuse.org/update/11.1/rpm/ppc/libopenssl0_9_8-64bit-0.9.… http://download.opensuse.org/update/11.1/rpm/ppc/openssl-0.9.8h-28.11.1.ppc… http://download.opensuse.org/update/11.1/rpm/ppc/openssl-doc-0.9.8h-28.11.1… openSUSE 11.0: http://download.opensuse.org/debug/update/11.0/rpm/ppc/compat-openssl097g-d… http://download.opensuse.org/debug/update/11.0/rpm/ppc/compat-openssl097g-d… http://download.opensuse.org/debug/update/11.0/rpm/ppc/openssl-debuginfo-0.… http://download.opensuse.org/debug/update/11.0/rpm/ppc/openssl-debugsource-… http://download.opensuse.org/update/11.0/rpm/ppc/compat-openssl097g-0.9.7g-… http://download.opensuse.org/update/11.0/rpm/ppc/compat-openssl097g-64bit-0… http://download.opensuse.org/update/11.0/rpm/ppc/libopenssl-devel-0.9.8g-47… http://download.opensuse.org/update/11.0/rpm/ppc/libopenssl0_9_8-0.9.8g-47.… http://download.opensuse.org/update/11.0/rpm/ppc/libopenssl0_9_8-64bit-0.9.… http://download.opensuse.org/update/11.0/rpm/ppc/openssl-0.9.8g-47.10.ppc.r… http://download.opensuse.org/update/11.0/rpm/ppc/openssl-certs-0.9.8g-47.10… http://download.opensuse.org/update/11.0/rpm/ppc/openssl-doc-0.9.8g-47.10.p… x86-64 Platform: openSUSE 11.2: http://download.opensuse.org/debug/update/11.2/rpm/x86_64/compat-openssl097… http://download.opensuse.org/debug/update/11.2/rpm/x86_64/compat-openssl097… http://download.opensuse.org/debug/update/11.2/rpm/x86_64/compat-openssl097… http://download.opensuse.org/debug/update/11.2/rpm/x86_64/libopenssl0_9_8-d… http://download.opensuse.org/debug/update/11.2/rpm/x86_64/libopenssl0_9_8-d… http://download.opensuse.org/debug/update/11.2/rpm/x86_64/openssl-debuginfo… http://download.opensuse.org/debug/update/11.2/rpm/x86_64/openssl-debugsour… http://download.opensuse.org/update/11.2/rpm/x86_64/compat-openssl097g-0.9.… http://download.opensuse.org/update/11.2/rpm/x86_64/compat-openssl097g-32bi… http://download.opensuse.org/update/11.2/rpm/x86_64/libopenssl-devel-0.9.8k… http://download.opensuse.org/update/11.2/rpm/x86_64/libopenssl0_9_8-0.9.8k-… http://download.opensuse.org/update/11.2/rpm/x86_64/libopenssl0_9_8-32bit-0… http://download.opensuse.org/update/11.2/rpm/x86_64/openssl-0.9.8k-3.5.3.x8… http://download.opensuse.org/update/11.2/rpm/x86_64/openssl-doc-0.9.8k-3.5.… openSUSE 11.1: http://download.opensuse.org/debug/update/11.1/rpm/x86_64/compat-openssl097… http://download.opensuse.org/debug/update/11.1/rpm/x86_64/compat-openssl097… http://download.opensuse.org/debug/update/11.1/rpm/x86_64/compat-openssl097… http://download.opensuse.org/debug/update/11.1/rpm/x86_64/openssl-debuginfo… http://download.opensuse.org/debug/update/11.1/rpm/x86_64/openssl-debugsour… http://download.opensuse.org/update/11.1/rpm/x86_64/compat-openssl097g-0.9.… http://download.opensuse.org/update/11.1/rpm/x86_64/compat-openssl097g-32bi… http://download.opensuse.org/update/11.1/rpm/x86_64/libopenssl-devel-0.9.8h… http://download.opensuse.org/update/11.1/rpm/x86_64/libopenssl0_9_8-0.9.8h-… http://download.opensuse.org/update/11.1/rpm/x86_64/libopenssl0_9_8-32bit-0… http://download.opensuse.org/update/11.1/rpm/x86_64/openssl-0.9.8h-28.11.1.… http://download.opensuse.org/update/11.1/rpm/x86_64/openssl-doc-0.9.8h-28.1… openSUSE 11.0: http://download.opensuse.org/debug/update/11.0/rpm/x86_64/compat-openssl097… http://download.opensuse.org/debug/update/11.0/rpm/x86_64/compat-openssl097… http://download.opensuse.org/debug/update/11.0/rpm/x86_64/openssl-debuginfo… http://download.opensuse.org/debug/update/11.0/rpm/x86_64/openssl-debugsour… http://download.opensuse.org/update/11.0/rpm/x86_64/compat-openssl097g-0.9.… http://download.opensuse.org/update/11.0/rpm/x86_64/compat-openssl097g-32bi… http://download.opensuse.org/update/11.0/rpm/x86_64/libopenssl-devel-0.9.8g… http://download.opensuse.org/update/11.0/rpm/x86_64/libopenssl0_9_8-0.9.8g-… http://download.opensuse.org/update/11.0/rpm/x86_64/libopenssl0_9_8-32bit-0… http://download.opensuse.org/update/11.0/rpm/x86_64/openssl-0.9.8g-47.10.x8… http://download.opensuse.org/update/11.0/rpm/x86_64/openssl-certs-0.9.8g-47… http://download.opensuse.org/update/11.0/rpm/x86_64/openssl-doc-0.9.8g-47.1… Sources: openSUSE 11.2: http://download.opensuse.org/update/11.2/rpm/src/compat-openssl097g-0.9.7g-… http://download.opensuse.org/update/11.2/rpm/src/openssl-0.9.8k-3.5.3.src.r… http://download.opensuse.org/update/11.2/rpm/src/openssl-certs-0.9.8h-28.2.… openSUSE 11.1: http://download.opensuse.org/update/11.1/rpm/src/compat-openssl097g-0.9.7g-… http://download.opensuse.org/update/11.1/rpm/src/openssl-0.9.8h-28.11.1.src… http://download.opensuse.org/update/11.1/rpm/src/openssl-certs-0.9.8h-25.2.… openSUSE 11.0: http://download.opensuse.org/update/11.0/rpm/src/compat-openssl097g-0.9.7g-… http://download.opensuse.org/update/11.0/rpm/src/openssl-0.9.8g-47.10.src.r… Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web: SUSE Linux Enterprise Server 10 SP3 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… SLE SDK 10 SP3 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… SUSE Linux Enterprise 10 SP3 DEBUGINFO http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… SUSE Linux Enterprise Desktop 10 SP3 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… Open Enterprise Server http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… Novell Linux POS 9 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… Novell Linux Desktop 9 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… SUSE SLES 9 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… SUSE Moblin 2.0 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… SUSE Linux Enterprise Server 10 SP2 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… SLE SDK 10 SP2 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… SUSE Linux Enterprise 10 SP2 DEBUGINFO http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… SUSE Linux Enterprise Desktop 10 SP2 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… SLES 11 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… SLED 11 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… SLE 11 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… SLES 11 DEBUGINFO http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… ______________________________________________________________________________ 5) Pending Vulnerabilities, Solutions, and Work-Arounds: Please read our Summary Report. ______________________________________________________________________________ 6) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify <file> replacing <file> with the name of the file where you saved the announcement. The output for a valid signature looks like: gpg: Signature made <DATE> using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team <security(a)suse.de>" where <DATE> is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with. The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig <file.rpm> to verify the signature of the package, replacing <file.rpm> with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build(a)suse.de with the key ID 9C800ACA. This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement. - SUSE runs two security mailing lists to which any interested party may subscribe: opensuse-security(a)opensuse.org - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to <opensuse-security+subscribe(a)opensuse.org>. opensuse-security-announce(a)opensuse.org - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to <opensuse-security-announce+subscribe(a)opensuse.org>. ===================================================================== SUSE's security contact is <security(a)suse.com> or <security(a)suse.de>. The <security(a)suse.de> public key is listed below. ===================================================================== ______________________________________________________________________________ The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text. SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security(a)suse.de> pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build(a)suse.de> - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.2 (GNU/Linux) mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh 1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+ cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7 tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63 Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+ x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0 Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2 saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o L0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU F7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS FQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW tp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It Klj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF AjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+ 3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk YS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP +Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR 8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U 8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S cZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh ELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB UVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo AqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n KFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi BBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro nIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg KL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx yoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn B/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV wM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh UzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF 5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3 D3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu zgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd 9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi a5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13 CNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp 271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE t5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG B/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw rbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt IJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL rWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H RKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa g8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA CspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO =ypVs - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBSwO0uXey5gA9JdPZAQJ5Ygf/XvhvAU3f7QOXcfzh9lMfGrnQTpGNnXC5 WgcNleGxHxx2Km4975Q+9ehXWfK46vRvg+8jCbtL/tWYH0O0w2oObhRbMHRce0zl si12kO/QKL5cO574TXaSpZxN9pzXGigGoxTr+gaxRvM4UuZ7gl+ZrQHauRFB+UJQ KsVspJ6drVjn5HN25M/v2t0oTbJua0PytwJd+yP2AtE/AEiLhB3JEN30mgQelduY nEY4jTRrG1uvOwpHZ17e33KCN8q9cpFMVSNcMlsPGtlfhthlsCKtykbyS8eA+co7 zphqn4Gm7RCHrulet1WodIVpRKkZyhkDcatcbeN54LoeNWLer23xlQ== =8N/4 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] openSUSE 10.3 has reached End of Life
by Marcus Meissner 16 Nov '09

16 Nov '09

Hi, With the release of an cups security fix on Friday 13th we have released the last update for openSUSE 10.3. It is now officially discontinued and out of support. openSUSE 10.3 was released on October 4 2006. Some statistics on the released patches: Total updates: 715 (+72) Security: 521 (+35) Recommended: 191 (+37) Optional: 3 ( 0) CVE Entries: 1006 (+300) There is a 7% increase in the number of security updates compared to openSUSE 10.2. But there appears to be a 42% increase in CVE numbers fixed. Top issues (compared to 10.2 for issues down to 5): 13 opera (-1) 13 MozillaFirefox (0) 12 java-1_6_0-sun (new, java-1_5_0-sun in 10.2 had 8) 12 cups (0) 12 clamav (-3) 11 kernel (+3) 10 seamonkey (+1) 10 java-1_5_0-sun (+2) 9 wireshark (+2) 9 MozillaThunderbird (0) 9 acroread (+2) 7 moodle (+2) 7 apache2-mod_php5 (+1) 6 xpdf (new) 6 xine-devel (+1) 6 mozilla-xulrunner181 (+1) 6 libxml2 (new) 6 libpng (new) 6 libopenssl-devel (new) 6 flash-player (0) 5 squirrelmail (-3) 5 phpMyAdmin (new) 5 bind (0) 5 apache2 (new) And top issues sorted by CVE (Common Vulnerability Enumeration) count (down to 5) (compared to 10.2 for the top): 123 MozillaFirefox (+7) 110 seamonkey (+33) 75 java-1_6_0-sun (new) 70 java-1_5_0-sun (+47) 58 MozillaThunderbird (+1) 55 kernel (-3) 52 acroread (+42) 46 mozilla-xulrunner181 (+14) 34 flash-player (+22) 34 cups (+17) 28 wireshark (+11) 24 clamav (+5) 23 xine-devel (+17) 21 xpdf (new) 19 ruby (+10) 19 phpMyAdmin (+12) 19 opera (+8) 19 apache2 (+6) 17 poppler (+12) 16 apache2-mod_php5 (-25) 14 libmysqlclient-devel (+5) 12 krb5 (-3) 11 xgl (+4) 11 kdegraphics3 (new) 10 OpenOffice_org (-1) 10 moodle (+4) 10 libopenssl-devel 9 tomcat55 9 python 9 postgresql 8 squirrelmail 8 lighttpd 8 GraphicsMagick 7 libxml2 7 gvim 7 finch 7 cifs-mount 7 apache2-mod_jk 6 xorg-x11-Xvnc 6 qemu 6 pcre 6 ghostscript-devel 6 dovecot 5 xorg-x11-Xnest 5 viewvc 5 openldap2 5 NX 5 novell-ipsec-tools 5 libpng 5 horde 5 gstreamer010-plugins-good 5 gnutls -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE Security Announcement: Linux kernel (SUSE-SA:2009:056)
by Marcus Meissner 16 Nov '09

16 Nov '09

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Announcement Package: kernel Announcement ID: SUSE-SA:2009:056 Date: Mon, 16 Nov 2009 13:00:00 +0000 Affected Products: SUSE SLES 9 Novell Linux Desktop 9 Novell Linux POS 9 Vulnerability Type: local privilege escalation Severity (1-10): 7 SUSE Default Package: yes Cross-References: CVE-2009-1192, CVE-2009-1633, CVE-2009-2848 CVE-2009-2909, CVE-2009-2910, CVE-2009-3002 CVE-2009-3547, CVE-2009-3726 Content of This Advisory: 1) Security Vulnerability Resolved: Linux kernel security update Problem Description 2) Solution or Work-Around 3) Special Instructions and Notes 4) Package Location and Checksums 5) Pending Vulnerabilities, Solutions, and Work-Arounds: See SUSE Security Summary Report. 6) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Problem Description and Brief Discussion Several security issues and some bugs were fixed in the SUSE Linux Enterprise 9 kernel. Following security bugs were fixed: CVE-2009-3547: A race condition in the pipe(2) system call could be used by local attackers to execute code and escalate privileges. CVE-2009-2910: On x86_64 systems a information leak of high register contents (upper 32bit) was fixed. CVE-2009-1192: The (1) agp_generic_alloc_page and (2) agp_generic_alloc_pages functions in drivers/char/agp/generic.c in the agp subsystem in the Linux kernel do not zero out pages that may later be available to a user-space process, which allows local users to obtain sensitive information by reading these pages. CVE-2009-2909: Unsigned check in the ax25 socket handler could allow local attackers to potentially crash the kernel or even execute code. CVE-2009-2848: The execve function in the Linux kernel did not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone system call with CLONE_CHILD_SETTID or CLONE_CHILD_CLEARTID enabled, which is not properly handled during thread creation and exit. CVE-2009-3002: Fixed various socket handler getname leaks, which could disclose memory previously used by the kernel or other userland processes to the local attacker. CVE-2009-1633: Multiple buffer overflows in the cifs subsystem in the Linux kernel allow remote CIFS servers to cause a denial of service (memory corruption) and possibly have unspecified other impact via (1) a malformed Unicode string, related to Unicode string area alignment in fs/cifs/sess.c; or (2) long Unicode characters, related to fs/cifs/cifssmb.c and the cifs_readdir function in fs/cifs/readdir.c. CVE-2009-3726: The nfs4_proc_lock function in fs/nfs/nfs4proc.c in the NFSv4 client in the allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) by sending a certain response containing incorrect file attributes, which trigger attempted use of an open file that lacks NFSv4 state. For a complete list of changes, please refer to the RPM changelog. 2) Solution or Work-Around There is no known workaround, please install the update packages. 3) Special Instructions and Notes Reboot the machine after installing the update. 4) Package Location and Checksums The preferred method for installing security updates is to use the YaST Online Update (YOU) tool. YOU detects which updates are required and automatically performs the necessary steps to verify and install them. Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command rpm -Fhv <file.rpm> to apply the update, replacing <file.rpm> with the filename of the downloaded RPM package. Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web: SUSE CORE 9 for IBM zSeries 64bit http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… SUSE CORE 9 for IBM S/390 31bit http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… SUSE CORE 9 for AMD64 and Intel EM64T http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… SUSE CORE 9 for IBM POWER http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… SUSE CORE 9 for Itanium Processor Family http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… Novell Linux POS 9 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… SUSE SLES 9 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… SUSE CORE 9 for x86 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… Novell Linux Desktop 9 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… Novell Linux Desktop 9 for x86_64 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… ______________________________________________________________________________ 5) Pending Vulnerabilities, Solutions, and Work-Arounds: See SUSE Security Summary Report. ______________________________________________________________________________ 6) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify <file> replacing <file> with the name of the file where you saved the announcement. The output for a valid signature looks like: gpg: Signature made <DATE> using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team <security(a)suse.de>" where <DATE> is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with. The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig <file.rpm> to verify the signature of the package, replacing <file.rpm> with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build(a)suse.de with the key ID 9C800ACA. This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement. - SUSE runs two security mailing lists to which any interested party may subscribe: opensuse-security(a)opensuse.org - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to <opensuse-security+subscribe(a)opensuse.org>. opensuse-security-announce(a)opensuse.org - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to <opensuse-security-announce+subscribe(a)opensuse.org>. ===================================================================== SUSE's security contact is <security(a)suse.com> or <security(a)suse.de>. The <security(a)suse.de> public key is listed below. ===================================================================== ______________________________________________________________________________ The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text. SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security(a)suse.de> pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build(a)suse.de> - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.2 (GNU/Linux) mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh 1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+ cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7 tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63 Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+ x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0 Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2 saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o L0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU F7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS FQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW tp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It Klj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF AjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+ 3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk YS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP +Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR 8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U 8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S cZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh ELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB UVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo AqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n KFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi BBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro nIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg KL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx yoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn B/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV wM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh UzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF 5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3 D3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu zgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd 9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi a5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13 CNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp 271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE t5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG B/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw rbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt IJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL rWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H RKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa g8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA CspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO =ypVs - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (GNU/Linux) iQEVAwUBSwE/f3ey5gA9JdPZAQKUFwgAl7WQg6PuUUcQZGsxAIhh4vWGshbTve1l 5vDnsNzoGcKHGpypsX+6+nNzZ0e8Lu4HpLc5RhfhIKBKXp4M6cZiljE/oR/TAKBR k2KOUfItPxlrJoC//63rs1IvEIye7csMfW9sYaKnhC0wCpGNgIvNF4PLBvk2bp1q XZu+Ro39/+FCNKHK8V55ytI4fxnoGVi8a1JfSBTWue1u5Nz9GvFE1eQkUCrx4lOj Cb1XhWMh3Ger8qwtQ/QvcpFA/3MOAxxDHWuHrilstcrmM4Lxtp9r3ZQB5XaAghQd 7L5e8fUJ8YibNsrxSNW2AFD6ZN8nJvtKyUdmxgyLMuWMsHoXbBE8AQ== =KCXU -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE Security Announcement: Linux Kernel (SUSE-SA:2009:055)
by Marcus Meissner 12 Nov '09

12 Nov '09

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Announcement Package: kernel Announcement ID: SUSE-SA:2009:055 Date: Thu, 12 Nov 2009 19:00:00 +0000 Affected Products: SLE SDK 10 SP3 SUSE Linux Enterprise Desktop 10 SP3 SUSE Linux Enterprise 10 SP3 DEBUGINFO SUSE Linux Enterprise Server 10 SP3 Vulnerability Type: local privilege escalation Severity (1-10): 7 SUSE Default Package: yes Cross-References: CVE-2009-1192, CVE-2009-2909, CVE-2009-2910, CVE-2009-3238, CVE-2009-3547 Content of This Advisory: 1) Security Vulnerability Resolved: Linux kernel security update Problem Description 2) Solution or Work-Around 3) Special Instructions and Notes 4) Package Location and Checksums 5) Pending Vulnerabilities, Solutions, and Work-Arounds: Pending updates for the CVE-2009-3547 issue 6) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Problem Description and Brief Discussion This update fixes various bugs and some security issues in the SUSE Linux Enterprise 10 SP 3 kernel. Following security issues were fixed: CVE-2009-3547: A race condition during pipe open could be used by local attackers to elevate privileges. CVE-2009-3238: The get_random_int function in drivers/char/random.c in the Linux kernel produces insufficiently random numbers, which allows attackers to predict the return value, and possibly defeat protection mechanisms based on randomization, via vectors that leverage the functions tendency to return the same value over and over again for long stretches of time. CVE-2009-1192: The (1) agp_generic_alloc_page and (2) agp_generic_alloc_pages functions in drivers/char/agp/generic.c in the agp subsystem in the Linux kernel do not zero out pages that may later be available to a user-space process, which allows local users to obtain sensitive information by reading these pages. CVE-2009-2909: Unsigned check in the ax25 socket handler could allow local attackers to potentially crash the kernel or even execute code. CVE-2009-2910: On x86_64 systems a information leak of high register contents (upper 32bit) was fixed. 2) Solution or Work-Around There is no known workaround, please install the update packages. 3) Special Instructions and Notes Reboot the machine after installing the update. 4) Package Location and Checksums The preferred method for installing security updates is to use the YaST Online Update (YOU) tool. YOU detects which updates are required and automatically performs the necessary steps to verify and install them. Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command rpm -Fhv <file.rpm> to apply the update, replacing <file.rpm> with the filename of the downloaded RPM package. Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web: SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… SUSE Linux Enterprise 10 SP3 DEBUGINFO for IBM zSeries 64bit http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… SUSE Linux Enterprise 10 SP3 DEBUGINFO for IBM POWER http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… SUSE Linux Enterprise 10 SP3 DEBUGINFO for IPF http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… SUSE Linux Enterprise Server 10 SP3 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… SLE SDK 10 SP3 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… SUSE Linux Enterprise 10 SP3 DEBUGINFO http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… SUSE Linux Enterprise Desktop 10 SP3 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… SUSE Linux Enterprise Desktop 10 SP3 for x86 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… ______________________________________________________________________________ 5) Pending Vulnerabilities, Solutions, and Work-Arounds: - Pending kernel updates for the CVE-2009-3547 issue. SLES 9 kernels are still in QA and were delayed to build failures. We expect a release either tomorrow or Monday. SUSE Linux Enterprise 11 and the openSUSE products use "mmap_min_addr" protection by default and are default not vulnerable. The fix will be rolled in into their next update rounds. ______________________________________________________________________________ 6) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify <file> replacing <file> with the name of the file where you saved the announcement. The output for a valid signature looks like: gpg: Signature made <DATE> using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team <security(a)suse.de>" where <DATE> is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with. The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig <file.rpm> to verify the signature of the package, replacing <file.rpm> with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build(a)suse.de with the key ID 9C800ACA. This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement. - SUSE runs two security mailing lists to which any interested party may subscribe: opensuse-security(a)opensuse.org - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to <opensuse-security+subscribe(a)opensuse.org>. opensuse-security-announce(a)opensuse.org - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to <opensuse-security-announce+subscribe(a)opensuse.org>. ===================================================================== SUSE's security contact is <security(a)suse.com> or <security(a)suse.de>. The <security(a)suse.de> public key is listed below. ===================================================================== ______________________________________________________________________________ The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text. SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security(a)suse.de> pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build(a)suse.de> - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.2 (GNU/Linux) mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh 1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+ cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7 tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63 Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+ x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0 Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2 saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o L0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU F7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS FQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW tp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It Klj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF AjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+ 3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk YS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP +Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR 8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U 8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S cZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh ELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB UVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo AqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n KFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi BBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro nIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg KL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx yoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn B/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV wM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh UzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF 5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3 D3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu zgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd 9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi a5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13 CNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp 271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE t5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG B/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw rbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt IJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL rWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H RKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa g8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA CspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO =ypVs - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (GNU/Linux) iQEVAwUBSvxN63ey5gA9JdPZAQJmcQf+PklHSQmZPLQGYPnDfnuytmDmLOnEMyjR cJnZp3pvqbRqkv0hoEu3IRt6/HVA4/ACHJdv2aArQMRE+Ntl0yON3qw02LX+EQlx 5HzGMDsBcjGjDxmUKvrNMn4DdKfr7EzPNhB9r2krzArL4yOORjXFiELKVwm4ONBY MrMfFSaXRXjPuW1wtMFhFepUZGKo85quJEIXMa8+t9AFt9kKdwh4PXk6LxnHxV8c QQuCl0Zm7SLDWY2z5AzbJiks+N3oxY8m3iHq+hNGKxvfkZh9oHysWA+CmXlgR6vR xIbKHfvNVLCSTcdP1pNsi0KezVThlwMNFo2r6OKXhztM8rnKlBgrSg== =5283 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE Security Announcement: Linux kernel (SUSE-SA:2009:054)
by Marcus Meissner 11 Nov '09

11 Nov '09

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Announcement Package: kernel Announcement ID: SUSE-SA:2009:054 Date: Wed, 11 Nov 2009 15:00:00 +0000 Affected Products: SLE SDK 10 SP2 SUSE Linux Enterprise Desktop 10 SP2 SUSE Linux Enterprise 10 SP2 DEBUGINFO SUSE Linux Enterprise Server 10 SP2 Vulnerability Type: local privilege escalation Severity (1-10): 7 SUSE Default Package: yes Cross-References: CVE-2009-1192, CVE-2009-1633, CVE-2009-2848 CVE-2009-2909, CVE-2009-2910, CVE-2009-3002 CVE-2009-3238, CVE-2009-3547 Content of This Advisory: 1) Security Vulnerability Resolved: Linux kernel security update Problem Description 2) Solution or Work-Around 3) Special Instructions and Notes 4) Package Location and Checksums 5) Pending Vulnerabilities, Solutions, and Work-Arounds: - Pending kernels for CVE-2009-3547 6) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Problem Description and Brief Discussion This update fixes a several security issues and various bugs in the SUSE Linux Enterprise 10 SP 2 kernel. Following security issues were fixed: CVE-2009-3547: A race condition during pipe open could be used by local attackers to elevate privileges. CVE-2009-2910: On x86_64 systems an information leak of high register contents (upper 32bit) was fixed. CVE-2009-3238: The randomness of the ASLR methods used in the kernel was increased. CVE-2009-1192: A information leak from the kernel due to uninitialized memory in AGP handling was fixed. CVE-2009-2909: A signed comparison in the ax25 sockopt handler was fixed which could be used to crash the kernel or potentially execute code. CVE-2009-2848: The execve function in the Linux kernel did not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone system call with CLONE_CHILD_SETTID or CLONE_CHILD_CLEARTID enabled, which is not properly handled during thread creation and exit. CVE-2009-3002: Fixed various socket handler getname leaks, which could disclose memory previously used by the kernel or other userland processes to the local attacker. CVE-2009-1633: Multiple buffer overflows in the cifs subsystem in the Linux kernel allow remote CIFS servers to cause a denial of service (memory corruption) and possibly have unspecified other impact via (1) a malformed Unicode string, related to Unicode string area alignment in fs/cifs/sess.c; or (2) long Unicode characters, related to fs/cifs/cifssmb.c and the cifs_readdir function in fs/cifs/readdir.c. Also see the RPM changelog for more changes. 2) Solution or Work-Around There is no known workaround, please install the update packages. 3) Special Instructions and Notes Reboot the machine after installing the update. 4) Package Location and Checksums The preferred method for installing security updates is to use the YaST Online Update (YOU) tool. YOU detects which updates are required and automatically performs the necessary steps to verify and install them. Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command rpm -Fhv <file.rpm> to apply the update, replacing <file.rpm> with the filename of the downloaded RPM package. Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web: SUSE Linux Enterprise Desktop 10 SP2 for AMD64 and Intel EM64T http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… SUSE Linux Enterprise 10 SP2 DEBUGINFO for IBM zSeries 64bit http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… SUSE Linux Enterprise 10 SP2 DEBUGINFO for IBM POWER http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… SUSE Linux Enterprise Desktop 10 SP2 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… SUSE Linux Enterprise Desktop 10 SP2 for x86 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… SUSE Linux Enterprise Server 10 SP2 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… SLE SDK 10 SP2 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… SUSE Linux Enterprise 10 SP2 DEBUGINFO http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… SUSE Linux Enterprise 10 SP2 DEBUGINFO for IPF http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… ______________________________________________________________________________ 5) Pending Vulnerabilities, Solutions, and Work-Arounds: - Pending kernels for CVE-2009-3547 problem SUSE Linux Enterprise 10 SP3 kernels will be released tomorrow. SUSE Linux Enterprise 9 kernels had another QA failure and so will be released approximately begin of next week. openSUSE 11.0, 11.1 and SUSE Linux Enterprise 11 kernels have "mmap_min_addr" protection by default and will be released in their regular release cycles. (Probably around end of November). ______________________________________________________________________________ 6) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify <file> replacing <file> with the name of the file where you saved the announcement. The output for a valid signature looks like: gpg: Signature made <DATE> using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team <security(a)suse.de>" where <DATE> is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with. The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig <file.rpm> to verify the signature of the package, replacing <file.rpm> with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build(a)suse.de with the key ID 9C800ACA. This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement. - SUSE runs two security mailing lists to which any interested party may subscribe: opensuse-security(a)opensuse.org - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to <opensuse-security+subscribe(a)opensuse.org>. opensuse-security-announce(a)opensuse.org - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to <opensuse-security-announce+subscribe(a)opensuse.org>. ===================================================================== SUSE's security contact is <security(a)suse.com> or <security(a)suse.de>. The <security(a)suse.de> public key is listed below. ===================================================================== ______________________________________________________________________________ The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text. SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security(a)suse.de> pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build(a)suse.de> - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.2 (GNU/Linux) mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh 1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+ cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7 tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63 Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+ x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0 Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2 saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o L0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU F7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS FQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW tp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It Klj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF AjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+ 3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk YS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP +Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR 8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U 8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S cZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh ELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB UVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo AqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n KFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi BBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro nIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg KL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx yoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn B/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV wM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh UzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF 5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3 D3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu zgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd 9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi a5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13 CNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp 271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE t5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG B/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw rbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt IJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL rWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H RKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa g8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA CspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO =ypVs - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (GNU/Linux) iQEVAwUBSvrrtney5gA9JdPZAQJHuQf/X0sDJl2/0gRZsBnRGwQmq65d5HXRCESQ herlVvlLCXhhDuEYnmYbxejoxc78xghsP0dJA19yVqlW/T3nWqstFHxgCGPF7N1V QpTujXTZ9vOKuEU1twPE4ep9ThMrr1tCquHiL5dv7SNBkFt2UB3/nxgq2Qb3CUr9 hExlJo6nKxFIevA/ghtK8nIRPpfFelNoLyuWDA/1I/icetA1sFZ+6Rq/VvG5nqWn OQEu2HEjxdnrUAwkKUGKECQGbviHZZ6RWRq6vQjR8V0XuwFOasVsoZvlp2DLxh2K c1gc0xWk8hXcxpXV9Pq4pwOXHDGwV5Z2KTqRMmHz6WgjWDLGpWwlGA== =A1qf -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] SUSE Security Summary Report: SUSE-SR:2009:018
by Thomas Biege 10 Nov '09

10 Nov '09

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Summary Report Announcement ID: SUSE-SR:2009:018 Date: Tue, 10 Nov 2009 13:00:00 +0000 Cross-References: CVE-2008-5519, CVE-2009-1563, CVE-2009-2408 CVE-2009-2473, CVE-2009-2661, CVE-2009-3111 CVE-2009-3235, CVE-2009-3603, CVE-2009-3604 CVE-2009-3605, CVE-2009-3606, CVE-2009-3608 CVE-2009-3609, CVE-2009-3720, MFSA 2009-59 Content of this advisory: 1) Solved Security Vulnerabilities: - cyrus-imapd - neon/libneon - freeradius - strongswan - openldap2 - apache2-mod_jk - expat - xpdf - mozilla-nspr 2) Pending Vulnerabilities, Solutions, and Work-Arounds: none 3) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Solved Security Vulnerabilities To avoid flooding mailing lists with SUSE Security Announcements for minor issues, SUSE Security releases weekly summary reports for the low profile vulnerability fixes. The SUSE Security Summary Reports do not list or download URLs like the SUSE Security Announcements that are released for more severe vulnerabilities. Fixed packages for the following incidents are already available on our FTP server and via the YaST Online Update. - cyrus-imapd This update fixes another buffer overflow in the Sieve code. This can be exploited by users allowed to use their own sieve scripts to execute arbitrary code remotely. CVE-2009-3235: CVSS v2 Base Score: 7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P) Additionally the handling of long headers was improved. Affected products: openSUSE 10.3-11.1, SLES9, SLE10, SLE11 - neon/libneon neon did not properly handle embedded NUL characters in X.509 certificates when comparing host names. Attackers could exploit that to spoof SSL servers. CVE-2009-2408: CVSS v2 Base Score: 7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P) Specially crafted XML documents that contain a large number of nested entity references could cause neon to consume large amounts of CPU and memory (CVE-2009-2473). CVE-2009-2473: CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:N/A:P) Affected products: openSUSE 10.3-11.1, SLES9, SLE10, SLE11 - freeradius This update of freeradius fixes a remote denial-of-service bug in function rad_decode() which can be triggered by zero-length Tunnel-Password attri- butes to make radiusd crash. CVE-2009-3111: CVSS v2 Base Score: 5.0 (MEDIUM) (AV:N/AC:L/Au:N/C:N/I:N/A:P) Affected products: SLE10 SP3 - strongswan The previous fix for a flaw in the ASN.1 parser was incomplete and had to be reworked. This could lead to crashes of the pluto IKE daemon. CVE-2009-2661: CVSS v2 Base Score: 5.0 (MEDIUM) (AV:N/AC:L/Au:N/C:N/I:N/A:P) Affected products: SLE10 SP3 - openldap2 This update of openldap2 makes SSL certificate verification more robust against uses of the special character \0 in the subjects name. CVE-2009-2408: CVSS v2 Base Score: 7.5 (HIGH) (AV:N/AC:L/Au:N/C:P/I:P/A:P) Affected products: SLE10 SP3 - apache2-mod_jk Certain HTTP request could confuse the JK connector in Apache Tomcat which could result in a user seeing responses destined for other users. CVE-2008-5519: CVSS v2 Base Score: 2.6 (LOW) (AV:N/AC:H/Au:N/C:P/I:N/A:N) Affected products: openSUSE 10.3-11.1 - expat Specially crafted XML documents could make expat run into an enless loop,i therefore locking up applications using expat. CVE-2009-3720: CVSS v2 Base Score: 5.0 (MEDIUM) (AV:N/AC:L/Au:N/C:N/I:N/A:P) Affected products: openSUSE 10.3-11.1, SLES9, SLE10, SLE11 - xpdf Specially crafted PDF files could cause buffer overflows in xpdf when viewing such a document. CVE-2009-3603: CVSS v2 Base Score: 9.3 (HIGH) (AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2009-3604: CVSS v2 Base Score: 9.3 (HIGH) (AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2009-3605: CVSS v2 Base Score: 10.0 (HIGH) (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2009-3606: CVSS v2 Base Score: 9.3 (HIGH) (AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2009-3608: CVSS v2 Base Score: 9.3 (HIGH) (AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2009-3609: CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:N/A:P) Affected products: openSUSE 10.3-11.1, SLES9, SLE10, SLE11 - mozilla-nspr This update fixes a bug in the Mozilla NSPR helper libraries, which could be used by remote attackers to potentially execute code via javascript vectors. MFSA 2009-59: Security researcher Alin Rad Pop of Secunia Research reported a heap-based buffer overflow in Mozilla's string to floating point number conversion routines. Using this vulnerability an attacker could craft some malicious JavaScript code containing a very long string to be converted to a floating point number which would result in improper memory allocation and the execution of an arbitrary memory location. This vulnerability could thus be leveraged by the attacker to run arbitrary code on a victim's computer. CVE-2009-1563: CVSS v2 Base Score: 10.0 (HIGH) (AV:N/AC:L/Au:N/C:C/I:C/A:C) Affected products: openSUSE 11.0-11.1, SLE10, SLE11 ______________________________________________________________________________ 2) Pending Vulnerabilities, Solutions, and Work-Arounds none ______________________________________________________________________________ 3) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify <file> replacing <file> with the name of the file containing the announcement. The output for a valid signature looks like: gpg: Signature made <DATE> using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team <security(a)suse.de>" where <DATE> is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and integrity of a package needs to be verified to ensure that it has not been tampered with. The internal RPM package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig <file.rpm> to verify the signature of the package, replacing <file.rpm> with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build(a)suse.de with the key ID 9C800ACA. This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and included at the end of this announcement. - SUSE runs two security mailing lists to which any interested party may subscribe: opensuse-security(a)opensuse.org - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to <opensuse-security+subscribe(a)opensuse.org>. opensuse-security-announce(a)opensuse.org - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to <opensuse-security-announce+subscribe(a)opensuse.org>. ===================================================================== SUSE's security contact is <security(a)suse.com> or <security(a)suse.de>. The <security(a)suse.de> public key is listed below. ===================================================================== ______________________________________________________________________________ The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text. SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security(a)suse.de> pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build(a)suse.de> - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.2 (GNU/Linux) mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh 1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+ cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7 tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63 Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+ x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0 Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2 saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o L0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU F7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS FQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW tp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It Klj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF AjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+ 3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk YS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP +Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR 8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U 8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S cZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh ELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB UVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo AqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n KFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi BBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro nIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg KL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx yoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn B/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV wM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh UzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF 5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3 D3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu zgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd 9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi a5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13 CNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp 271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE t5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG B/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw rbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt IJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL rWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H RKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa g8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA CspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO =ypVs - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBSvlisXey5gA9JdPZAQJMpQf+Ii978gZMYFXllUktZJiLQanMToUhfwUb WUQNqIhnp4rll7VVoja0cesrrmbWt5EecFPeWQfccPDKsb3c6bS0Im+XmgGjWqn5 g/3tRxPKJuglupDi7bfxUYZjmTQmyspVZlU8j2H5eAvsKFF7+47q6ULaZpPPBk6/ LpNKJ13KG1vlRCP5B33yI60ylQ0ilBsE0y2iXfWy/gbEfV20XKWiktmMkcMS3dfW VAkp+xpRekZE1MWPxPKK7O+8K3PfEf+0NXgKKLFNmrikFtC8BdE6b71CY2OxFlXk AIindBFqNTPiBX4bjcQfbkTi/p85ii6ju7z+b5QyCykVGi+GBLCtpg== =vLAZ -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] New Linux kernel privilege escalation - heads up notice
by Marcus Meissner 04 Nov '09

04 Nov '09

Hi, A bug in the Linux kernels "pipe" system call implementation was found which can be used by local attackers to gain root privileges. CVE-2009-3547 http://www.openwall.com/lists/oss-security/2009/11/03/1 This problem affects all our currently maintained Linux products. - SUSE Linux Enterprise Server 9 / Open Enterprise Server 1 Are affected. Updates are being prepared and will be released next week. There is unfortunately no workaround possible. - SUSE Linux Enterprise Server / Desktop 10 SP2, Open Enterprise Server 2 SP1 Are affected. Updates are being QA'ed and will be released begin of next week. There is unfortunately no workaround possible. - SUSE Linux Enterprise Server / Desktop 10 SP3 Are affected. Updates are being QA'ed and will be released begin of next week. A workaround is possible by enabling the MMAP null page exploitprotection by enabling the "mmap_min_addr" protection in this kernel, by doing (as root): echo -n 65536 > /proc/sys/vm/mmap_min_addr To keep this persistent over the next boot, you can also add it to /etc/sysctl.conf: vm.mmap_min_addr = 65536 (We did not enable this by default to avoid breaking legacy software.) - SUSE Linux Enterprise Server / Desktop 11 openSUSE 11.0 openSUSE 11.1 Are affected by this problem, but the exploit can not be used to execute code, just to cause a crash / "Oops". The kernel is using the MMAP null page exploit protection by default and so the exploit is not effective (will just lead to a Ooops). You can verify the protection to be enabled by doing: cat /proc/sys/vm/mmap_min_addr A value larger than 0 means "enabled". Updates that fix this issue will be published, but not in the same hurry as for the older product lines. The several days delay in getting Kernel updates out is due to kernel QA taking around 4 days, as they include numbers of regressions, burn-in and partner tests and careful evaluation of the generated results. Ciao, Marcus

1 0

[security-announce] SUSE Security Announcement: IBM Java 6 (SUSE-SA:2009:053)
by Marcus Meissner 04 Nov '09

04 Nov '09

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Announcement Package: java-1_6_0-ibm Announcement ID: SUSE-SA:2009:053 Date: Wed, 04 Nov 2009 15:00:00 +0000 Affected Products: SLE 11 SLES 11 Vulnerability Type: remote code execution Severity (1-10): 8 SUSE Default Package: yes Cross-References: CVE-2009-0217, CVE-2009-2493, CVE-2009-2625 CVE-2009-2670, CVE-2009-2671, CVE-2009-2672 CVE-2009-2673, CVE-2009-2674, CVE-2009-2675 CVE-2009-2676 Content of This Advisory: 1) Security Vulnerability Resolved: IBM Java 6 security update Problem Description 2) Solution or Work-Around 3) Special Instructions and Notes 4) Package Location and Checksums 5) Pending Vulnerabilities, Solutions, and Work-Arounds: See SUSE Security Summary Report. 6) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Problem Description and Brief Discussion The IBM Java 6 JRE/SDK was updated to Service Release 6, fixing various bugs and security issues. Following security issues were fixed: CVE-2009-2676: A security vulnerability in the JNLPAppletLauncher might impact users of the Sun JDK and JRE. Non-current versions of the JNLPAppletLauncher might be re-purposed with an untrusted Java applet to write arbitrary files on the system of the user downloading and running the untrusted applet. The JNLPAppletLauncher is a general purpose JNLP-based applet launcher class for deploying applets that use extension libraries containing native code. CVE-2009-2493: The Java Runtime Environment includes the Java Web Start technology that uses the Java Web Start ActiveX control to launch Java Web Start in Internet Explorer. A security vulnerability in the Active Template Library (ATL) in various releases of Microsoft Visual Studio, which is used by the Java Web Start ActiveX control, might allow the Java Web Start ActiveX control to be leveraged to run arbitrary code. This might occur as the result of a user of the Java Runtime Environment viewing a specially crafted web page that exploits this vulnerability. CVE-2009-2670: A vulnerability in the Java Runtime Environment audio system might allow an untrusted applet or Java Web Start application to access system properties. CVE-2009-0217: A vulnerability with verifying HMAC-based XML digital signatures in the XML Digital Signature implementation included with the Java Runtime Environment (JRE) might allow authentication to be bypassed. Applications that validate HMAC-based XML digital signatures might be vulnerable to this type of attack. Note: This vulnerability cannot be exploited by an untrusted applet or Java Web Start application. CVE-2009-2671 CVE-2009-2672: A vulnerability in the Java Runtime Environment with the SOCKS proxy implementation might allow an untrusted applet or Java Web Start application to determine the user name of the user running the applet or application. A second vulnerability in the Java Runtime Environment with the proxy mechanism implementation might allow an untrusted applet or Java Web Start application to obtain browser cookies and leverage those cookies to hijack sessions. CVE-2009-2673: A vulnerability in the Java Runtime Environment with the proxy mechanism implementation might allow an untrusted applet or Java Web Start application to make non-authorized socket or URL connections to hosts other than the origin host. CVE-2009-2674: An integer overflow vulnerability in the Java Runtime Environment with processing JPEG images might allow an untrusted Java Web Start application to escalate privileges. For example, an untrusted application might grant itself permissions to read and write local files or run local applications that are accessible to the user running the untrusted applet. CVE-2009-2675: An integer overflow vulnerability in the Java Runtime Environment with unpacking applets and Java Web Start applications using the unpack200 JAR unpacking utility might allow an untrusted applet or application to escalate privileges. For example, an untrusted applet might grant itself permissions to read and write local files or run local applications that are accessible to the user running the untrusted applet. CVE-2009-2625: A vulnerability in the Java Runtime Environment (JRE) with parsing XML data might allow a remote client to create a denial-of-service condition on the system that the JRE runs on. 2) Solution or Work-Around There is no known workaround, please install the update packages. 3) Special Instructions and Notes Please close and restart all running instances of IBM Java after the update. 4) Package Location and Checksums The preferred method for installing security updates is to use the YaST Online Update (YOU) tool. YOU detects which updates are required and automatically performs the necessary steps to verify and install them. Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command rpm -Fhv <file.rpm> to apply the update, replacing <file.rpm> with the filename of the downloaded RPM package. Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web: SLES 11 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… SLE 11 http://download.novell.com/index.jsp?search=Search&set_restricted=true&keyw… ______________________________________________________________________________ 5) Pending Vulnerabilities, Solutions, and Work-Arounds: See SUSE Security Summary Report. ______________________________________________________________________________ 6) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify <file> replacing <file> with the name of the file where you saved the announcement. The output for a valid signature looks like: gpg: Signature made <DATE> using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team <security(a)suse.de>" where <DATE> is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with. The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig <file.rpm> to verify the signature of the package, replacing <file.rpm> with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build(a)suse.de with the key ID 9C800ACA. This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement. - SUSE runs two security mailing lists to which any interested party may subscribe: opensuse-security(a)opensuse.org - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to <opensuse-security+subscribe(a)opensuse.org>. opensuse-security-announce(a)opensuse.org - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to <opensuse-security-announce+subscribe(a)opensuse.org>. ===================================================================== SUSE's security contact is <security(a)suse.com> or <security(a)suse.de>. The <security(a)suse.de> public key is listed below. ===================================================================== ______________________________________________________________________________ The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text. SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security(a)suse.de> pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build(a)suse.de> - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.2 (GNU/Linux) mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh 1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+ cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7 tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63 Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+ x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0 Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2 saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o L0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU F7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS FQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW tp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It Klj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF AjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+ 3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk YS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP +Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR 8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U 8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S cZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh ELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB UVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo AqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n KFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi BBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro nIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg KL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx yoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn B/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV wM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh UzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF 5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3 D3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu zgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd 9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi a5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13 CNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp 271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE t5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG B/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw rbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt IJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL rWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H RKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa g8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA CspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO =ypVs - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (GNU/Linux) iQEVAwUBSvGO+Hey5gA9JdPZAQIUXQf/eoS9Zrr8CW+BM/hZbKV37ZdYQr+ZkB3U c92rs/ctiznHEl1ermO6kO+GRxFYNBoVXgw0mogkqvnTITj2iTk0CU3RueUaKHu6 NuId9mkXHDPGTGBqOQKARVMnBCT7BtEUlJWDm6DPYl80BbMXCRo5DfdzmCi6AB3V aipxKtMf4yUUxEH5bE/yHgwLQ+PrB+uUEoGcopBR3s2qHYocdu+JJh9EtS4wMoY0 utelcFKr/eLsTetabihd2DVpm+05qRybU4Wz4j4zfZDl+1XRRK75AdwhNUGkCr2q q58omDWwxVsO+jaz6TUquqSzH97xeFsm7fsbrn6kgKirz1YuVVAHMQ== =nMVQ -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0