- openSUSE Security Announce

SUSE Security Announcement: permissions (SUSE-SA:2005:062)
by Ludwig Nussel 24 Oct '05

24 Oct '05

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Announcement Package: permissions Announcement ID: SUSE-SA:2005:062 Date: Mon, 24 Oct 2005 08:00:00 +0000 Affected Products: SUSE LINUX 10.0 SUSE LINUX 9.3 SUSE LINUX 9.2 SUSE LINUX 9.1 SuSE Linux 9.0 SuSE Linux Desktop 1.0 SuSE Linux Enterprise Server 8 SUSE SLES 9 UnitedLinux 1.0 Vulnerability Type: information disclosure Severity (1-10): 4 SUSE Default Package: yes Cross-References: - Content of This Advisory: 1) Security Vulnerability Resolved: information disclosure via permissions package Problem Description 2) Solution or Work-Around 3) Special Instructions and Notes 4) Package Location and Checksums 5) Pending Vulnerabilities, Solutions, and Work-Arounds: - See SUSE Security Summary Report 6) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Problem Description and Brief Discussion SUSE LINUX ships with three pre defined sets of permissions, 'easy', 'secure' and 'paranoid'. The chkstat program contained in the permissions package is used to set those permissions to the chosen level. Level 'easy' which is the default allows some world writeable directories. /usr/src/packages/RPMS and subdirectories is among them. To prevent users from playing tricks in there e.g. linking to /etc/shadow chkstat doesn't touch symlinks or files with an hardlink count != 1. Stefan Nordhausen discovered a way to trick this check. To gain access to e.g. /etc/shadow a malicious user has to place a hardlink to that file at a place that is modified by chkstat. chkstat will not touch the file because it has a hardlink count of two. However, if the administrator modifies the user database the original /etc/shadow gets deleted and replaced by a new one. That means the hardlink count of the file created by the malicious user drops to one. At this point chkstat will modify the file's permissions so anyone can read it. So it's technically impossible for chkstat to modify permissions of files in world writeable directories in a secure way. One such world writeable directoy in level 'easy' is /usr/src/packages/RPMS. Only subdirectories need to be adjusted in this case. Since normal users cannot create hard links to directories the problem can be solved by telling chkstat to not accept regular files. Another problematic directory is /var/games. Only members of group 'games' may write to it but it's likely that games with setgid 'games' are exploitable to allow user to gain group 'games' membership. The updated permissions package now tells chkstat when to only accept directories and no longer touches anything below /var/games to solve the described problems. On SUSE Linux 9.0 xmcd contained world writeable directories that suffered from the same problems. Updated xmcd packages for SUSE Linux 9.0 are therefore provided as well. We like to thank Stefan Nordhausen for pointing out the problems. 2) Solution or Work-Around In permissions level 'secure' no games are setgid 'games' and /usr/src/packages is not world writeable. You are safe if you switched to that level before any potentially malicious users could log in. 3) Special Instructions and Notes None 4) Package Location and Checksums The preferred method for installing security updates is to use the YaST Online Update (YOU) tool. YOU detects which updates are required and automatically performs the necessary steps to verify and install them. Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command rpm -Fhv <file.rpm> to apply the update, replacing <file.rpm> with the filename of the downloaded RPM package. x86 Platform: SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/filesystem-10.0-4.2.i… 5f634cb4cd45ad3283e6055c3794ecff ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/permissions-2005.10.2… 7e9beef0e8df0ba419ff64ac96ad57e1 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/permissions-2005.10.20… 216afa8469276198015e5fff177580d2 SUSE LINUX 9.2: ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/permissions-2005.10.20… 3d61d27c7bf81889a321972ac12dcaab SUSE LINUX 9.1: ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/permissions-2005.10.20… 72d9a0b5b0b750fb656aa54eb7c6ebdd SuSE Linux 9.0: ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/permissions-2005.10.20… cf8c022048e93fc6d159913ad7824e6a ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/xmcd-3.0.2-552.i586.rpm f3e82cf342c45ab46fca16c98587b22d Power PC Platform: SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/filesystem-10.0-4.2.pp… f0077c15af6a95edbd7aa25055668967 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/permissions-2005.10.20… 7f6552f5450b98821912c8703c580b38 x86-64 Platform: SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/filesystem-10.0-4.2… 214b7d7fc6dfdac3e07eff2ad4abf0e9 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/permissions-2005.10… 7b15cb94762ae6bc1cd7e441a08c39b4 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/permissions-2005.10.… 0d11d64965eee2cefeb56edfe258fee4 SUSE LINUX 9.2: ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/permissions-2005.10.… 4f2373ed4a93e3974b919e595a9490b7 SUSE LINUX 9.1: ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/permissions-2005.1… 3ca12f4aae9b7a1b484e6a0e4f8f658d SuSE Linux 9.0: ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/permissions-2005.1… 853503b8868c1d2a34d05aaf6824cf83 ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/xmcd-3.0.2-552.x86… fd95ac5dd3980af5308abe7062849149 Sources: SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/filesystem-10.0-4.2.sr… 1784328035be5507b20737a2edfce8d8 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/permissions-2005.10.20… 0fc7ffe7a9688f04c916c50709db08da SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/permissions-2005.10.20-… 0a856cadf3b65db9434f20203413aba3 SUSE LINUX 9.2: ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/permissions-2005.10.20-… 57c3240513c9861634e79547df4f8cf0 SUSE LINUX 9.1: ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/permissions-2005.10.20-… b47b5e76f759227d325a33dbbcb5ae96 ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/permissions-2005.10.2… f98fa35639b7d118e6aed1ecb99c4cbb SuSE Linux 9.0: ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/permissions-2005.10.20-… 8fa2759f6d2012aee4571e5830ea26eb ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/xmcd-3.0.2-552.src.rpm 44f64e89f871fd07bd6291d88277b327 ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/permissions-2005.10.2… 48857a183ff120bc39ebb280eaca8764 ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/xmcd-3.0.2-552.src.rpm 9e961bdfaf2c935857eb86bd64b74c83 Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web: http://support.novell.com/cgi-bin/search/searchtid.cgi?psdb/f91efcfdcc1e3f9… http://portal.suse.com/psdb/f91efcfdcc1e3f92b382d1725439765d.html http://support.novell.com/cgi-bin/search/searchtid.cgi?psdb/5811be293ad9fa3… http://portal.suse.com/psdb/5811be293ad9fa388c6d368261df375d.html ______________________________________________________________________________ 5) Pending Vulnerabilities, Solutions, and Work-Arounds: - See SUSE Security Summary Report ______________________________________________________________________________ 6) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify <file> replacing <file> with the name of the file where you saved the announcement. The output for a valid signature looks like: gpg: Signature made <DATE> using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team <security(a)suse.de>" where <DATE> is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with. There are two verification methods that can be used independently from each other to prove the authenticity of a downloaded file or RPM package: 1) Using the internal gpg signatures of the rpm package 2) MD5 checksums as provided in this announcement 1) The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig <file.rpm> to verify the signature of the package, replacing <file.rpm> with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build(a)suse.de with the key ID 9C800ACA. This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement. 2) If you need an alternative means of verification, use the md5sum command to verify the authenticity of the packages. Execute the command md5sum <filename.rpm> after you downloaded the file from a SUSE FTP server or its mirrors. Then compare the resulting md5sum with the one that is listed in the SUSE security announcement. Because the announcement containing the checksums is cryptographically signed (by security(a)suse.de) the checksums show proof of the authenticity of the package if the signature of the announcement is valid. Note that the md5 sums published in the SUSE Security Announcements are valid for the respective packages only. Newer versions of these packages cannot be verified. - SUSE runs two security mailing lists to which any interested party may subscribe: suse-security(a)suse.com - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to <suse-security-subscribe(a)suse.com>. suse-security-announce(a)suse.com - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to <suse-security-announce-subscribe(a)suse.com>. For general information or the frequently asked questions (FAQ), send mail to <suse-security-info(a)suse.com> or <suse-security-faq(a)suse.com>. ===================================================================== SUSE's security contact is <security(a)suse.com> or <security(a)suse.de>. The <security(a)suse.de> public key is listed below. ===================================================================== ______________________________________________________________________________ The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text. SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security(a)suse.de> pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build(a)suse.de> - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org mQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCkYS3yEKeueNWc+z/0Kvff 4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP+Y0PFPboMvKx0FXl/A0d M+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR8xocQSVCFxcwvwCglVcO QliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U8c/yE/vdvpN6lF0tmFrK XBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0ScZqITuZC4CWxJa9GynBE D3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEhELBeGaPdNCcmfZ66rKUd G5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtBUVKn4zLUOf6aeBAoV6NM CC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOoAqajLfvkURHAeSsxXIoE myW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1nKFvF+rQoU3VTRSBQYWNr YWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohcBBMRAgAcBQI57vSBBQkD wmcABAsKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyl8sAJ98BgD40zw0GHJHIf6d NfnwI2PAsgCgjH1+PnYEl7TFjtZsqhezX7vZvYCIRgQQEQIABgUCOnBeUgAKCRCe QOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lxyoAejACeOO1HIbActAevk5MUBhNe LZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWnB/9An5vfiUUE1VQnt+T/EYklES3t XXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDVwM2OgSEISZxbzdXGnqIlcT08TzBU D9i579uifklLsnr35SJDZ6ram51/CWOnnaVhUzneOA9gTPSr+/fT3WeVnwJiQCQ3 0kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF5Yryk23pQUPAgJENDEqeU6iIO9Ot 1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3D3EN8C1yPqZd5CvvznYvB6bWBIpW cRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGuzgpJt9IXSzyohEJB6XG5+D0BiF0E ExECAB0FAjxqqTQFCQoAgrMFCwcKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyp1f AJ9dR7saz2KPNwD3U+fy/0BDKXrYGACfbJ8fQcJqCBQxeHvt9yMPDVq0B0W5Ag0E Oe70khAIAISR0E3ozF/la+oNaRwxHLrCet30NgnxRROYhPaJB/Tu1FQokn2/Qld/ HZnh3TwhBIw1FqrhWBJ7491iAjLR9uPbdWJrn+A7t8kSkPaF3Z/6kyc5a8fas44h t5h+6HMBzoFCMAq2aBHQRFRNp9Mz1ZvoXXcI1lk1l8OqcUM/ovXbDfPcXsUVeTPT tGzcAi2jVl9hl3iwJKkyv/RLmcusdsi8YunbvWGFAF5GaagYQo7YlF6UaBQnYJTM 523AMgpPQtsKm9o/w9WdgXkgWhgkhZEeqUS3m5xNey1nLu9iMvq9M/iXnGz4sg6Q 2Y+GqZ+yAvNWjRRou3zSE7Bzg28MI4sAAwYH/2D71Xc5HPDgu87WnBFgmp8MpSr8 QnSs0wwPg3xEullGEocolSb2c0ctuSyeVnCttJMzkukL9TqyF4s/6XRstWirSWaw JxRLKH6Zjo/FaKsshYKf8gBkAaddvpl3pO0gmUYbqmpQ3xDEYlhCeieXS5MkockQ 1sj2xYdB1xO0ExzfiCiscUKjUFy+mdzUsUutafuZ+gbHog1CN/ccZCkxcBa5IFCH ORrNjq9pYWlrxsEn6ApsG7JJbM2besW1PkdEoxak74z1senh36m5jQvVjA3U4xq1 wwylxadmmJaJHzeiLfb7G1ZRjZTsB7fyYxqDzMVul6o9BSwO/1XsIAnV1uuITAQY EQIADAUCOe70kgUJA8JnAAAKCRCoTtronIAKyksiAJsFB3/77SkH3JlYOGrEe1Ol 0JdGwACeKTttgeVPFB+iGJdiwQlxasOfuXyITAQYEQIADAUCPGqpWQUJCgCCxwAK CRCoTtronIAKyofBAKCSZM2UFyta/fe9WgITK9I5hbxxtQCfX+0ar2CZmSknn3co SPihn1+OBNyZAQ0DNuEtBAAAAQgAoCRcd7SVZEFcumffyEwfLTcXQjhKzOahzxpo omuF+HIyU4AGq+SU8sTZ/1SsjhdzzrSAfv1lETACA+3SmLr5KV40Us1w0UC64cwt A46xowVq1vMlH2Lib+V/qr3b1hE67nMHjysECVx9Ob4gFuKNoR2eqnAaJvjnAT8J /LoUC20EdCHUqn6v+M9t/WZgC+WNR8cq69uDy3YQhDP/nIan6fm2uf2kSV9A7ZxE GrwsWl/WX5Q/sQqMWaU6r4az98X3z90/cN+eJJ3vwtA+rm+nxEvyev+jaLuOQBDf ebh/XA4FZ35xmi+spdiVeJH4F/ubaGlmj7+wDOF3suYAPSXT2QAFEbQlU3VTRSBT ZWN1cml0eSBUZWFtIDxzZWN1cml0eUBzdXNlLmRlPokBFQMFEDbhLUfkWLKHsco8 RQEBVw4H/1vIdiOLX/7hdzYaG9crQVIk3QwaB5eBbjvLEMvuCZHiY2COUg5QdmPQ 8SlWNZ6k4nu1BLcv2g/pymPUWP9fG4tuSnlUJDrWGm3nhyhAC9iudP2u1YQY37Gb B6NPVaZiYMnEb4QYFcqv5c/r2ghSXUTYk7etd6SW6WCOpEqizhx1cqDKNZnsI/1X 11pFcO2N7rc6byDBJ1T+cK+F1Ehan9XBt/shryJmv04nli5CXQMEbiqYYMOu8iaA 8AWRgXPCWqhyGhcVD3LRhUJXjUOdH4ZiHCXaoF3zVPxpeGKEQY8iBrDeDyB3wHmj qY9WCX6cmogGQRgYG6yJqDalLqrDOdmJARUDBRA24S0Ed7LmAD0l09kBAW04B/4p WH3f1vQn3i6/+SmDjGzUu2GWGq6Fsdwo2hVM2ym6CILeow/K9JfhdwGvY8LRxWRL hn09j2IJ9P7H1Yz3qDf10AX6V7YILHtchKT1dcngCkTLmDgC4rs1iAAl3f089sRG BafGPGKv2DQjHfR1LfRtbf0P7c09Tkej1MP8HtQMW9hPkBYeXcwbCjdrVGFOzqx+ AvvJDdT6a+oyRMTFlvmZ83UV5pgoyimgjhWnM1V4bFBYjPrtWMkdXJSUXbR6Q7Pi RZWCzGRzwbaxqpl3rK/YTCphOLwEMB27B4/fcqtBzgoMOiaZA0M5fFoo54KgRIh0 zinsSx2OrWgvSiLEXXYKiEYEEBECAAYFAjseYcMACgkQnkDjEAAKq6ROVACgjhDM /3KM+iFjs5QXsnd4oFPOnbkAnjYGa1J3em+bmV2aiCdYXdOuGn4ZiQCVAwUQN7c7 whaQN/7O/JIVAQEB+QP/cYblSAmPXxSFiaHWB+MiUNw8B6ozBLK0QcMQ2YcL6+Vl D+nSZP20+Ja2nfiKjnibCv5ss83yXoHkYk2Rsa8foz6Y7tHwuPiccvqnIC/c9Cvz dbIsdxpfsi0qWPfvX/jLMpXqqnPjdIZErgxpwujas1n9016PuXA8K3MJwVjCqSKI RgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA1iSYcbhtgvx9ByLPI DgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE= =LRKC - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) iQEVAwUBQ1yPZXey5gA9JdPZAQJ+4wf9H7nDq3wzVoJnyhFvSaiGU06eJWZVuChy bhlQREF6ToX/5RixIXivIWgZUa1s/PTkQqrSEfDQ5dfyCz/7BRkflRaJRz5n0CrS qOCYR9RZZQ6yZQN0ju1arT1gwxa/dcVZdUPdHhIxOyfc/kTwFPVBDOTmbgHzGguD dJY+ktFwqVPVIyrgf+vTsR5dHlzQAVP6OqXXY3iCHJWvQTx3tvSx5j8CsOfudvAm 5ii4fbCOW3LRjOIB9dE22kjMo/cYeL1+RIGy7lCHSKSVYAYRO/Bt7UYdyLCQUiWU THh3dWWBThMi7lAaegJA8vBB3oedjfDhLpXX78GMbQGtm41IBAJm4w== =kAm2 -----END PGP SIGNATURE-----

1 0

SUSE Security Summary Report SUSE-SR:2005:024
by Marcus Meissner 21 Oct '05

21 Oct '05

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Summary Report Announcement ID: SUSE-SR:2005:024 Date: Fri, 21 Oct 2005 11:00:000000 Cross-References: CVE-2005-3042, CVE-2005-2967, CVE-2005-2978, CVE-2005-3178, CVE-2005-2177 Content of this advisory: 1) Solved Security Vulnerabilities: - net-snmp stream based denial of service attack - several buffer overflows in xloadimage - netpbm buffer overflow in pnmtopng - xine-lib format string problem - webmin pam module remote execution 2) Pending Vulnerabilities, Solutions, and Work-Arounds: - snort remote problem - lynx buffer overflow - curl / wget NTLM authentication overflows - squid SSL crashes on SUSE Linux 9.0 3) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Solved Security Vulnerabilities To avoid flooding mailing lists with SUSE Security Announcements for minor issues, SUSE Security releases weekly summary reports for the low profile vulnerability fixes. The SUSE Security Summary Reports do not list md5 sums or download URLs like the SUSE Security Announcements that are released for more severe vulnerabilities. Fixed packages for the following incidents are already available on our FTP server and via the YaST Online Update. - net-snmp stream based denial of service attack This update fixes a denial of service problem in net-snmp when using stream based TCP/IP connections (CVE-2005-2177). For SUSE Linux 9.1 following additional non-security bugs were fixed: - Fixed incorrect pointer size on 64bit systems. - Fixed default agent address for SNMPv1 traps This problem affects SUSE Linux 9.1 up to 10.0 and SUSE Linux Enterprise Server 9. NOTE: Due to a bug in the rpm daemon restart scripts this update will start the net-snmp daemon even if it was not enabled before. If you are not using net-snmp, run: /usr/sbin/rcsnmpd stop after the upgrade. - Several buffer overflows in xloadimage This update fixes several buffer overflows in xli which can be exploited by malformed image files to execute arbitrary code. (CVE-2005-3178) This problem affects all SUSE Linux distributions. - netpbm buffer overflow in pnmtopng A buffer overflow in pnmtopng in the netpbm suite was fixed that may be used to execute arbitrary code while processing malformed PNM image files. (CVE-2005-2978) This update affects all SUSE Linux based products. - xine-lib format string problem When you use xine or gxine to play a CD, the programs will connect to a CDDB server to retrieve the record's artist/band and title as well as the song titles. The programs write this information to a cache file, and the code in xine-lib that performs this action suffers from a format string security bug, allowing remote execution of arbitrary code. This patch fixes this problem. (CVE-2005-2967) This problem affects all SUSE Linux distributions including "xine-lib". - webmin PAM module remote execution If Webmin or Usermin is configured to use full PAM conversations, it is vulnerable to the remote execution of arbitrary code with root privileges. Keigo Yamazaki discovered that the miniserv.pl web server, used in both Webmin and Usermin, does not properly validate authentication credentials before sending them to the PAM (Pluggable Authentication Modules) authentication process. This problem is tracked by the Mitre CVE ID CVE-2005-3042, and affects only SUSE Linux 9.0 and 9.1. ______________________________________________________________________________ 2) Pending Vulnerabilities, Solutions, and Work-Arounds - snort remote problem The network intrusion detection system snort has a remotely exploitable problem in the back orifice dissector code. We are working on a fix. - lynx buffer overflow The text based web browser lynx has a buffer overflow in the handling of long NNTP URLs. We are working on updates for this issue. - curl / wget NTLM authentication overflows A buffer overflow in the NTLM authentication handling of curl and newer wget versions was found. We are working on updates for this problem - squid SSL crashes on SUSE Linux 9.0 The last security update of Squid on SUSE Linux 9.0 suffers from stability problems in the https handling. We are working on isolating the problem. ______________________________________________________________________________ 3) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify <file> replacing <file> with the name of the file containing the announcement. The output for a valid signature looks like: gpg: Signature made <DATE> using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team <security(a)suse.de>" where <DATE> is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and integrity of a package needs to be verified to ensure that it has not been tampered with. The internal RPM package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig <file.rpm> to verify the signature of the package, replacing <file.rpm> with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build(a)suse.de with the key ID 9C800ACA. This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and included at the end of this announcement. - SUSE runs two security mailing lists to which any interested party may subscribe: suse-security(a)suse.com - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to <suse-security-subscribe(a)suse.com>. suse-security-announce(a)suse.com - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to <suse-security-announce-subscribe(a)suse.com>. For general information or the frequently asked questions (FAQ) send mail to <suse-security-info(a)suse.com> or <suse-security-faq(a)suse.com>. ===================================================================== SUSE's security contact is <security(a)suse.com> or <security(a)suse.de>. The <security(a)suse.de> public key is listed below. ===================================================================== ______________________________________________________________________________ The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text. SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security(a)suse.de> pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build(a)suse.de> - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org mQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCkYS3yEKeueNWc+z/0Kvff 4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP+Y0PFPboMvKx0FXl/A0d M+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR8xocQSVCFxcwvwCglVcO QliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U8c/yE/vdvpN6lF0tmFrK XBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0ScZqITuZC4CWxJa9GynBE D3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEhELBeGaPdNCcmfZ66rKUd G5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtBUVKn4zLUOf6aeBAoV6NM CC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOoAqajLfvkURHAeSsxXIoE myW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1nKFvF+rQoU3VTRSBQYWNr YWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohcBBMRAgAcBQI57vSBBQkD wmcABAsKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyl8sAJ98BgD40zw0GHJHIf6d NfnwI2PAsgCgjH1+PnYEl7TFjtZsqhezX7vZvYCIRgQQEQIABgUCOnBeUgAKCRCe QOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lxyoAejACeOO1HIbActAevk5MUBhNe LZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWnB/9An5vfiUUE1VQnt+T/EYklES3t XXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDVwM2OgSEISZxbzdXGnqIlcT08TzBU D9i579uifklLsnr35SJDZ6ram51/CWOnnaVhUzneOA9gTPSr+/fT3WeVnwJiQCQ3 0kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF5Yryk23pQUPAgJENDEqeU6iIO9Ot 1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3D3EN8C1yPqZd5CvvznYvB6bWBIpW cRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGuzgpJt9IXSzyohEJB6XG5+D0BiF0E ExECAB0FAjxqqTQFCQoAgrMFCwcKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyp1f AJ9dR7saz2KPNwD3U+fy/0BDKXrYGACfbJ8fQcJqCBQxeHvt9yMPDVq0B0W5Ag0E Oe70khAIAISR0E3ozF/la+oNaRwxHLrCet30NgnxRROYhPaJB/Tu1FQokn2/Qld/ HZnh3TwhBIw1FqrhWBJ7491iAjLR9uPbdWJrn+A7t8kSkPaF3Z/6kyc5a8fas44h t5h+6HMBzoFCMAq2aBHQRFRNp9Mz1ZvoXXcI1lk1l8OqcUM/ovXbDfPcXsUVeTPT tGzcAi2jVl9hl3iwJKkyv/RLmcusdsi8YunbvWGFAF5GaagYQo7YlF6UaBQnYJTM 523AMgpPQtsKm9o/w9WdgXkgWhgkhZEeqUS3m5xNey1nLu9iMvq9M/iXnGz4sg6Q 2Y+GqZ+yAvNWjRRou3zSE7Bzg28MI4sAAwYH/2D71Xc5HPDgu87WnBFgmp8MpSr8 QnSs0wwPg3xEullGEocolSb2c0ctuSyeVnCttJMzkukL9TqyF4s/6XRstWirSWaw JxRLKH6Zjo/FaKsshYKf8gBkAaddvpl3pO0gmUYbqmpQ3xDEYlhCeieXS5MkockQ 1sj2xYdB1xO0ExzfiCiscUKjUFy+mdzUsUutafuZ+gbHog1CN/ccZCkxcBa5IFCH ORrNjq9pYWlrxsEn6ApsG7JJbM2besW1PkdEoxak74z1senh36m5jQvVjA3U4xq1 wwylxadmmJaJHzeiLfb7G1ZRjZTsB7fyYxqDzMVul6o9BSwO/1XsIAnV1uuITAQY EQIADAUCOe70kgUJA8JnAAAKCRCoTtronIAKyksiAJsFB3/77SkH3JlYOGrEe1Ol 0JdGwACeKTttgeVPFB+iGJdiwQlxasOfuXyITAQYEQIADAUCPGqpWQUJCgCCxwAK CRCoTtronIAKyofBAKCSZM2UFyta/fe9WgITK9I5hbxxtQCfX+0ar2CZmSknn3co SPihn1+OBNyZAQ0DNuEtBAAAAQgAoCRcd7SVZEFcumffyEwfLTcXQjhKzOahzxpo omuF+HIyU4AGq+SU8sTZ/1SsjhdzzrSAfv1lETACA+3SmLr5KV40Us1w0UC64cwt A46xowVq1vMlH2Lib+V/qr3b1hE67nMHjysECVx9Ob4gFuKNoR2eqnAaJvjnAT8J /LoUC20EdCHUqn6v+M9t/WZgC+WNR8cq69uDy3YQhDP/nIan6fm2uf2kSV9A7ZxE GrwsWl/WX5Q/sQqMWaU6r4az98X3z90/cN+eJJ3vwtA+rm+nxEvyev+jaLuOQBDf ebh/XA4FZ35xmi+spdiVeJH4F/ubaGlmj7+wDOF3suYAPSXT2QAFEbQlU3VTRSBT ZWN1cml0eSBUZWFtIDxzZWN1cml0eUBzdXNlLmRlPokBFQMFEDbhLUfkWLKHsco8 RQEBVw4H/1vIdiOLX/7hdzYaG9crQVIk3QwaB5eBbjvLEMvuCZHiY2COUg5QdmPQ 8SlWNZ6k4nu1BLcv2g/pymPUWP9fG4tuSnlUJDrWGm3nhyhAC9iudP2u1YQY37Gb B6NPVaZiYMnEb4QYFcqv5c/r2ghSXUTYk7etd6SW6WCOpEqizhx1cqDKNZnsI/1X 11pFcO2N7rc6byDBJ1T+cK+F1Ehan9XBt/shryJmv04nli5CXQMEbiqYYMOu8iaA 8AWRgXPCWqhyGhcVD3LRhUJXjUOdH4ZiHCXaoF3zVPxpeGKEQY8iBrDeDyB3wHmj qY9WCX6cmogGQRgYG6yJqDalLqrDOdmJARUDBRA24S0Ed7LmAD0l09kBAW04B/4p WH3f1vQn3i6/+SmDjGzUu2GWGq6Fsdwo2hVM2ym6CILeow/K9JfhdwGvY8LRxWRL hn09j2IJ9P7H1Yz3qDf10AX6V7YILHtchKT1dcngCkTLmDgC4rs1iAAl3f089sRG BafGPGKv2DQjHfR1LfRtbf0P7c09Tkej1MP8HtQMW9hPkBYeXcwbCjdrVGFOzqx+ AvvJDdT6a+oyRMTFlvmZ83UV5pgoyimgjhWnM1V4bFBYjPrtWMkdXJSUXbR6Q7Pi RZWCzGRzwbaxqpl3rK/YTCphOLwEMB27B4/fcqtBzgoMOiaZA0M5fFoo54KgRIh0 zinsSx2OrWgvSiLEXXYKiEYEEBECAAYFAjseYcMACgkQnkDjEAAKq6ROVACgjhDM /3KM+iFjs5QXsnd4oFPOnbkAnjYGa1J3em+bmV2aiCdYXdOuGn4ZiQCVAwUQN7c7 whaQN/7O/JIVAQEB+QP/cYblSAmPXxSFiaHWB+MiUNw8B6ozBLK0QcMQ2YcL6+Vl D+nSZP20+Ja2nfiKjnibCv5ss83yXoHkYk2Rsa8foz6Y7tHwuPiccvqnIC/c9Cvz dbIsdxpfsi0qWPfvX/jLMpXqqnPjdIZErgxpwujas1n9016PuXA8K3MJwVjCqSKI RgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA1iSYcbhtgvx9ByLPI DgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE= =LRKC - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) iQEVAwUBQ1jdHHey5gA9JdPZAQKVNwf7BEbFR+hSpYHFUgTbqM+Eu5MBkxb57l/F mlIQSDaJgph8nrz6l5kA2Q9AxkTDba5SR3zINANDFUkpaznTsEuYVa22+mQTEE3e t/KlRslNZt+VLNDDuAgbjf06X/m8/UXBv/xxoUWJZVAhnsZMhF8momFjP62LJDWR onBIoewV0eAO0G/sbLKfOkd9JJgcdI0mToSBnwLU2dVRcfeWi4clpnig8LoW+tBc jaTy2VltWL+LBSpWR/vtR2pumSch2OL+Rn7zpHzc9gbnFPOD2I+JsNzNaVQzIp3h IUfVuFAo0JuEiafyM7tyAONTu4XtTFGa9+I8CCyazQiuTeizjyoFjg== =wZXs -----END PGP SIGNATURE-----

1 0

SUSE Security Announcement: openSSL protocol downgrade attack (SUSE-SA:2005:061)
by Marcus Meissner 19 Oct '05

19 Oct '05

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Announcement Package: openssl Announcement ID: SUSE-SA:2005:061 Date: Wed, 19 Oct 2005 12:00:00 +0000 Affected Products: SUSE LINUX 10.0 SuSE Linux 9.0 SUSE LINUX 9.1 SUSE LINUX 9.2 SUSE LINUX 9.3 SuSE Linux Desktop 1.0 SuSE Linux Enterprise Server 8 SUSE Linux Enterprise Server 9 UnitedLinux 1.0 Novell Linux Desktop 9 Open Enterprise Server Vulnerability Type: protocol downgrade attack Severity (1-10): 7 SUSE Default Package: yes Cross-References: CAN-2005-2969 Content of This Advisory: 1) Security Vulnerability Resolved: openssl protocol downgrading attack Problem Description 2) Solution or Work-Around 3) Special Instructions and Notes 4) Package Location and Checksums 5) Pending Vulnerabilities, Solutions, and Work-Arounds: See SUSE Security Summary Report. 6) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Problem Description and Brief Discussion The openssl cryptographic libraries have been updated to fix a protocol downgrading attack which allows a man-in-the-middle attacker to force the usage of SSLv2. This happens due to the work-around code of SSL_OP_MSIE_SSLV2_RSA_PADDING which is included in SSL_OP_ALL (which is commonly used in applications). (CAN-2005-2969) Additionally this update adds the Geotrusts Equifax Root1 CA certificate to allow correct certification against Novell Inc. websites and services. The same CA is already included in Mozilla, KDE, and curl, which use separate certificate stores. 2) Solution or Work-Around Please install the updated packages. A work-around would be to disable SSL v2 support in the applications. 3) Special Instructions and Notes Restart all services using SSL communication. 4) Package Location and Checksums The preferred method for installing security updates is to use the YaST Online Update (YOU) tool. YOU detects which updates are required and automatically performs the necessary steps to verify and install them. Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command rpm -Fhv <file.rpm> to apply the update, replacing <file.rpm> with the filename of the downloaded RPM package. x86 Platform: SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/openssl-0.9.7g-2.2.i5… e3327b60cd67e05c69fbad39787dccc9 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/openssl-devel-0.9.7g-… 24865cb7cc369352f0be0f6681c0337e SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/openssl-0.9.7e-3.2.i58… 83537e24205a2add698e1b3bdabd47da ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/openssl-devel-0.9.7e-3… 24b05ddf75b1b1c1630f489c73009782 SUSE LINUX 9.2: ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/openssl-0.9.7d-25.2.i5… eb5845c52c418f6c4dd54922854f282f ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/openssl-devel-0.9.7d-2… 3489d04736d818da68ef83d148aadddd SUSE LINUX 9.1: ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/openssl-0.9.7d-15.15.3… 44fa57fcbdf8f3889bacb9cff6b1a09f ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/openssl-devel-0.9.7d-1… 1faa73fc6dac13b05e40f5714f88b226 ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/i586/openssl-32bit-9.1-20… d4b72038c4552fcba9fa11b554af2eac ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/i586/openssl-devel-32bit-… 6b4b1eeaa0592fd7a92816ceb4658494 SuSE Linux 9.0: ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/openssl-0.9.7b-135.i58… cf17f027255eabe00df743ead5052f1a ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/openssl-devel-0.9.7b-1… 9ffd642f59150064dbb04644990d22b8 ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/i586/openssl-32bit-9.0-5.… b411a2e07c627174edf3e59c36e2afea ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/i586/openssl-devel-32bit-… 9dc0fcfe4741f1d8d4a173bc850d9e7d Power PC Platform: SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/openssl-0.9.7g-2.2.ppc… b0e8a0c17fbd8f49cfdbac754fd3c0ab ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/openssl-devel-0.9.7g-2… 58cf5958a728dcaa51948c65b643e384 x86-64 Platform: SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/openssl-0.9.7g-2.2.… c3936949ff35609e24aa3ff916660c7b ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/openssl-32bit-0.9.7… fd553f55be7b1853e6094493da3e07e6 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/openssl-devel-0.9.7… 665de86c4ae6b403f7e89b911b671ce6 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/openssl-devel-32bit… b141bae445d418406c0287627746aa34 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/openssl-0.9.7e-3.2.x… 3133ea05502fd5ebdecd906dbb751ff8 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/openssl-32bit-9.3-7.… 025292747aed0b549b21dd6286afa4ee ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/openssl-devel-0.9.7e… 9b50c10172a3cffd6e5095dc6487382f ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/openssl-devel-32bit-… ab9d47dc1d0ef66219ed6363c2d1234f SUSE LINUX 9.2: ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/openssl-0.9.7d-25.2.… 265519514837b9cc0a5e185b963e58c8 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/openssl-32bit-9.2-20… 28376541a6f7cb041cafb39eab6e669f ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/openssl-devel-0.9.7d… df48531e0db3877bda1f8e631c96440e ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/openssl-devel-32bit-… c1012b7d66aab61fc5ba932ce3b3ddd5 SUSE LINUX 9.1: ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/openssl-0.9.7d-15.… 97cbb139fac0a59b7e1ab5590cdd7911 ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/openssl-devel-0.9.… 4807e04cddbf761eb5da4fc1979822e5 SuSE Linux 9.0: ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/openssl-0.9.7b-135… 96767379ee26179d81231112da76ebc4 ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/openssl-devel-0.9.… eaacfac00c7fe69bee685e427b908ede Sources: SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/openssl-0.9.7g-2.2.src… 96f81c596120ea526f80925c928ba18d SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/openssl-0.9.7e-3.2.src.… 0e80ac579c04e13dc737c1efe57e1905 SUSE LINUX 9.2: ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/openssl-0.9.7d-25.2.src… a378099cce54b5660349de48228f97b9 SUSE LINUX 9.1: ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/openssl-0.9.7d-15.15.3.… bd45e590bccf5bb6dfc24756bc5a857f ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/openssl-0.9.7d-15.15.… 94d6dfafd61ccd20355f92907ffb8a72 SuSE Linux 9.0: ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/openssl-0.9.7b-135.src.… af0b9e588250c2970687b518613e897a ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/openssl-0.9.7b-135.sr… 29afc1febd81c7765e56aefe0b083ebb Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web: http://support.novell.com/cgi-bin/search/searchtid.cgi?psdb/5ac94511860f4bb… http://portal.suse.com/psdb/5ac94511860f4bb76c8ce92f5791934b.html http://support.novell.com/cgi-bin/search/searchtid.cgi?psdb/66fe930899c74b0… http://portal.suse.com/psdb/66fe930899c74b0ad097886cced1db5c.html ______________________________________________________________________________ 5) Pending Vulnerabilities, Solutions, and Work-Arounds: See SUSE Security Summary Report. ______________________________________________________________________________ 6) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify <file> replacing <file> with the name of the file where you saved the announcement. The output for a valid signature looks like: gpg: Signature made <DATE> using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team <security(a)suse.de>" where <DATE> is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with. There are two verification methods that can be used independently from each other to prove the authenticity of a downloaded file or RPM package: 1) Using the internal gpg signatures of the rpm package 2) MD5 checksums as provided in this announcement 1) The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig <file.rpm> to verify the signature of the package, replacing <file.rpm> with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build(a)suse.de with the key ID 9C800ACA. This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement. 2) If you need an alternative means of verification, use the md5sum command to verify the authenticity of the packages. Execute the command md5sum <filename.rpm> after you downloaded the file from a SUSE FTP server or its mirrors. Then compare the resulting md5sum with the one that is listed in the SUSE security announcement. Because the announcement containing the checksums is cryptographically signed (by security(a)suse.de) the checksums show proof of the authenticity of the package if the signature of the announcement is valid. Note that the md5 sums published in the SUSE Security Announcements are valid for the respective packages only. Newer versions of these packages cannot be verified. - SUSE runs two security mailing lists to which any interested party may subscribe: suse-security(a)suse.com - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to <suse-security-subscribe(a)suse.com>. suse-security-announce(a)suse.com - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to <suse-security-announce-subscribe(a)suse.com>. For general information or the frequently asked questions (FAQ), send mail to <suse-security-info(a)suse.com> or <suse-security-faq(a)suse.com>. ===================================================================== SUSE's security contact is <security(a)suse.com> or <security(a)suse.de>. The <security(a)suse.de> public key is listed below. ===================================================================== ______________________________________________________________________________ The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text. SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security(a)suse.de> pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build(a)suse.de> - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org mQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCkYS3yEKeueNWc+z/0Kvff 4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP+Y0PFPboMvKx0FXl/A0d M+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR8xocQSVCFxcwvwCglVcO QliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U8c/yE/vdvpN6lF0tmFrK XBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0ScZqITuZC4CWxJa9GynBE D3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEhELBeGaPdNCcmfZ66rKUd G5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtBUVKn4zLUOf6aeBAoV6NM CC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOoAqajLfvkURHAeSsxXIoE myW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1nKFvF+rQoU3VTRSBQYWNr YWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohcBBMRAgAcBQI57vSBBQkD wmcABAsKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyl8sAJ98BgD40zw0GHJHIf6d NfnwI2PAsgCgjH1+PnYEl7TFjtZsqhezX7vZvYCIRgQQEQIABgUCOnBeUgAKCRCe QOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lxyoAejACeOO1HIbActAevk5MUBhNe LZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWnB/9An5vfiUUE1VQnt+T/EYklES3t XXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDVwM2OgSEISZxbzdXGnqIlcT08TzBU D9i579uifklLsnr35SJDZ6ram51/CWOnnaVhUzneOA9gTPSr+/fT3WeVnwJiQCQ3 0kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF5Yryk23pQUPAgJENDEqeU6iIO9Ot 1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3D3EN8C1yPqZd5CvvznYvB6bWBIpW cRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGuzgpJt9IXSzyohEJB6XG5+D0BiF0E ExECAB0FAjxqqTQFCQoAgrMFCwcKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyp1f AJ9dR7saz2KPNwD3U+fy/0BDKXrYGACfbJ8fQcJqCBQxeHvt9yMPDVq0B0W5Ag0E Oe70khAIAISR0E3ozF/la+oNaRwxHLrCet30NgnxRROYhPaJB/Tu1FQokn2/Qld/ HZnh3TwhBIw1FqrhWBJ7491iAjLR9uPbdWJrn+A7t8kSkPaF3Z/6kyc5a8fas44h t5h+6HMBzoFCMAq2aBHQRFRNp9Mz1ZvoXXcI1lk1l8OqcUM/ovXbDfPcXsUVeTPT tGzcAi2jVl9hl3iwJKkyv/RLmcusdsi8YunbvWGFAF5GaagYQo7YlF6UaBQnYJTM 523AMgpPQtsKm9o/w9WdgXkgWhgkhZEeqUS3m5xNey1nLu9iMvq9M/iXnGz4sg6Q 2Y+GqZ+yAvNWjRRou3zSE7Bzg28MI4sAAwYH/2D71Xc5HPDgu87WnBFgmp8MpSr8 QnSs0wwPg3xEullGEocolSb2c0ctuSyeVnCttJMzkukL9TqyF4s/6XRstWirSWaw JxRLKH6Zjo/FaKsshYKf8gBkAaddvpl3pO0gmUYbqmpQ3xDEYlhCeieXS5MkockQ 1sj2xYdB1xO0ExzfiCiscUKjUFy+mdzUsUutafuZ+gbHog1CN/ccZCkxcBa5IFCH ORrNjq9pYWlrxsEn6ApsG7JJbM2besW1PkdEoxak74z1senh36m5jQvVjA3U4xq1 wwylxadmmJaJHzeiLfb7G1ZRjZTsB7fyYxqDzMVul6o9BSwO/1XsIAnV1uuITAQY EQIADAUCOe70kgUJA8JnAAAKCRCoTtronIAKyksiAJsFB3/77SkH3JlYOGrEe1Ol 0JdGwACeKTttgeVPFB+iGJdiwQlxasOfuXyITAQYEQIADAUCPGqpWQUJCgCCxwAK CRCoTtronIAKyofBAKCSZM2UFyta/fe9WgITK9I5hbxxtQCfX+0ar2CZmSknn3co SPihn1+OBNyZAQ0DNuEtBAAAAQgAoCRcd7SVZEFcumffyEwfLTcXQjhKzOahzxpo omuF+HIyU4AGq+SU8sTZ/1SsjhdzzrSAfv1lETACA+3SmLr5KV40Us1w0UC64cwt A46xowVq1vMlH2Lib+V/qr3b1hE67nMHjysECVx9Ob4gFuKNoR2eqnAaJvjnAT8J /LoUC20EdCHUqn6v+M9t/WZgC+WNR8cq69uDy3YQhDP/nIan6fm2uf2kSV9A7ZxE GrwsWl/WX5Q/sQqMWaU6r4az98X3z90/cN+eJJ3vwtA+rm+nxEvyev+jaLuOQBDf ebh/XA4FZ35xmi+spdiVeJH4F/ubaGlmj7+wDOF3suYAPSXT2QAFEbQlU3VTRSBT ZWN1cml0eSBUZWFtIDxzZWN1cml0eUBzdXNlLmRlPokBFQMFEDbhLUfkWLKHsco8 RQEBVw4H/1vIdiOLX/7hdzYaG9crQVIk3QwaB5eBbjvLEMvuCZHiY2COUg5QdmPQ 8SlWNZ6k4nu1BLcv2g/pymPUWP9fG4tuSnlUJDrWGm3nhyhAC9iudP2u1YQY37Gb B6NPVaZiYMnEb4QYFcqv5c/r2ghSXUTYk7etd6SW6WCOpEqizhx1cqDKNZnsI/1X 11pFcO2N7rc6byDBJ1T+cK+F1Ehan9XBt/shryJmv04nli5CXQMEbiqYYMOu8iaA 8AWRgXPCWqhyGhcVD3LRhUJXjUOdH4ZiHCXaoF3zVPxpeGKEQY8iBrDeDyB3wHmj qY9WCX6cmogGQRgYG6yJqDalLqrDOdmJARUDBRA24S0Ed7LmAD0l09kBAW04B/4p WH3f1vQn3i6/+SmDjGzUu2GWGq6Fsdwo2hVM2ym6CILeow/K9JfhdwGvY8LRxWRL hn09j2IJ9P7H1Yz3qDf10AX6V7YILHtchKT1dcngCkTLmDgC4rs1iAAl3f089sRG BafGPGKv2DQjHfR1LfRtbf0P7c09Tkej1MP8HtQMW9hPkBYeXcwbCjdrVGFOzqx+ AvvJDdT6a+oyRMTFlvmZ83UV5pgoyimgjhWnM1V4bFBYjPrtWMkdXJSUXbR6Q7Pi RZWCzGRzwbaxqpl3rK/YTCphOLwEMB27B4/fcqtBzgoMOiaZA0M5fFoo54KgRIh0 zinsSx2OrWgvSiLEXXYKiEYEEBECAAYFAjseYcMACgkQnkDjEAAKq6ROVACgjhDM /3KM+iFjs5QXsnd4oFPOnbkAnjYGa1J3em+bmV2aiCdYXdOuGn4ZiQCVAwUQN7c7 whaQN/7O/JIVAQEB+QP/cYblSAmPXxSFiaHWB+MiUNw8B6ozBLK0QcMQ2YcL6+Vl D+nSZP20+Ja2nfiKjnibCv5ss83yXoHkYk2Rsa8foz6Y7tHwuPiccvqnIC/c9Cvz dbIsdxpfsi0qWPfvX/jLMpXqqnPjdIZErgxpwujas1n9016PuXA8K3MJwVjCqSKI RgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA1iSYcbhtgvx9ByLPI DgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE= =LRKC - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) iQEVAwUBQ1ZCbHey5gA9JdPZAQKtLAf/U0O8C+zWkQREDADYB0i9QNnX3gham8pV BMhpJ7TIF5RMDEn+I9XUawqFOHC3z7frR9zO3L4rZHoPiCnTNftscrHKoZ44MT6V MzuBLYchAZQwivk9aVgqqwANc7kUwKsxyoDIMGkByMRFV0vb0QO9kxxIQZNMRUYI Z7fPLB+E4sYSJbnULpRmBjMHz0rIvTqwq1Aim2E3NIhoRaYRuMrGgDfR72FQgTTJ 6vceNm/ACSAywngGGvMDfTH5R6LGBdDwa9eV1+rdqRTQwWkvdXKibKecjn/vJ4cG pXndEp8iwbi0MKB/KTZPGey/XCVnjqnzFBUCBryL1DNQDk+skp1sGQ== =4rEE -----END PGP SIGNATURE-----

1 0

SUSE Security Announcement: OpenWBEM (SUSE-SA:2005:060)
by Sebastian Krahmer 17 Oct '05

17 Oct '05

-----BEGIN PGP SIGNED MESSAGE----- ______________________________________________________________________________ SUSE Security Announcement Package: OpenWBEM Announcement ID: SUSE-SA:2005:060 Date: Mon, 17 Oct 2005 11:00:00 +0000 Affected Products: SUSE SLES 9 Open-Enterprise-Server 9 Vulnerability Type: remote code execution Severity (1-10): 8 SUSE Default Package: no Cross-References: Content of This Advisory: 1) Security Vulnerability Resolved: remotely exploitable buffer overflow Problem Description 2) Solution or Work-Around 3) Special Instructions and Notes 4) Package Location and Checksums 5) Pending Vulnerabilities, Solutions, and Work-Arounds: none 6) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Problem Description and Brief Discussion The SUSE Security Team performed a security review of important parts of the OpenWBEM system. During the audit, several integer wrap arounds and buffer overflows have been discovered and fixed. If exploited, they allow remote attackers to execute arbitrary code with root privileges. 2) Solution or Work-Around 3) Special Instructions and Notes After successfully installing the updates you have to issue the following command as root: /usr/sbin/rcowcimomd restart 4) Package Location and Checksums The preferred method for installing security updates is to use the YaST Online Update (YOU) tool. YOU detects which updates are required and automatically performs the necessary steps to verify and install them. Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command rpm -Fhv <file.rpm> to apply the update, replacing <file.rpm> with the filename of the downloaded RPM package. Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web: http://support.novell.com/cgi-bin/search/searchtid.cgi?psdb/25258ab3ab19e06… http://portal.suse.com/psdb/25258ab3ab19e0642be41de4f518cee3.html ______________________________________________________________________________ 5) Pending Vulnerabilities, Solutions, and Work-Arounds: none ______________________________________________________________________________ 6) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify <file> replacing <file> with the name of the file where you saved the announcement. The output for a valid signature looks like: gpg: Signature made <DATE> using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team <security(a)suse.de>" where <DATE> is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with. There are two verification methods that can be used independently from each other to prove the authenticity of a downloaded file or RPM package: 1) Using the internal gpg signatures of the rpm package 2) MD5 checksums as provided in this announcement 1) The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig <file.rpm> to verify the signature of the package, replacing <file.rpm> with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build(a)suse.de with the key ID 9C800ACA. This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement. 2) If you need an alternative means of verification, use the md5sum command to verify the authenticity of the packages. Execute the command md5sum <filename.rpm> after you downloaded the file from a SUSE FTP server or its mirrors. Then compare the resulting md5sum with the one that is listed in the SUSE security announcement. Because the announcement containing the checksums is cryptographically signed (by security(a)suse.de) the checksums show proof of the authenticity of the package if the signature of the announcement is valid. Note that the md5 sums published in the SUSE Security Announcements are valid for the respective packages only. Newer versions of these packages cannot be verified. - SUSE runs two security mailing lists to which any interested party may subscribe: suse-security(a)suse.com - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to <suse-security-subscribe(a)suse.com>. suse-security-announce(a)suse.com - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to <suse-security-announce-subscribe(a)suse.com>. For general information or the frequently asked questions (FAQ), send mail to <suse-security-info(a)suse.com> or <suse-security-faq(a)suse.com>. ===================================================================== SUSE's security contact is <security(a)suse.com> or <security(a)suse.de>. The <security(a)suse.de> public key is listed below. ===================================================================== ______________________________________________________________________________ The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text. SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security(a)suse.de> pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build(a)suse.de> - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org mQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCkYS3yEKeueNWc+z/0Kvff 4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP+Y0PFPboMvKx0FXl/A0d M+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR8xocQSVCFxcwvwCglVcO QliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U8c/yE/vdvpN6lF0tmFrK XBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0ScZqITuZC4CWxJa9GynBE D3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEhELBeGaPdNCcmfZ66rKUd G5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtBUVKn4zLUOf6aeBAoV6NM CC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOoAqajLfvkURHAeSsxXIoE myW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1nKFvF+rQoU3VTRSBQYWNr YWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohcBBMRAgAcBQI57vSBBQkD wmcABAsKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyl8sAJ98BgD40zw0GHJHIf6d NfnwI2PAsgCgjH1+PnYEl7TFjtZsqhezX7vZvYCIRgQQEQIABgUCOnBeUgAKCRCe QOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lxyoAejACeOO1HIbActAevk5MUBhNe LZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWnB/9An5vfiUUE1VQnt+T/EYklES3t XXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDVwM2OgSEISZxbzdXGnqIlcT08TzBU D9i579uifklLsnr35SJDZ6ram51/CWOnnaVhUzneOA9gTPSr+/fT3WeVnwJiQCQ3 0kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF5Yryk23pQUPAgJENDEqeU6iIO9Ot 1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3D3EN8C1yPqZd5CvvznYvB6bWBIpW cRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGuzgpJt9IXSzyohEJB6XG5+D0BiF0E ExECAB0FAjxqqTQFCQoAgrMFCwcKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyp1f AJ9dR7saz2KPNwD3U+fy/0BDKXrYGACfbJ8fQcJqCBQxeHvt9yMPDVq0B0W5Ag0E Oe70khAIAISR0E3ozF/la+oNaRwxHLrCet30NgnxRROYhPaJB/Tu1FQokn2/Qld/ HZnh3TwhBIw1FqrhWBJ7491iAjLR9uPbdWJrn+A7t8kSkPaF3Z/6kyc5a8fas44h t5h+6HMBzoFCMAq2aBHQRFRNp9Mz1ZvoXXcI1lk1l8OqcUM/ovXbDfPcXsUVeTPT tGzcAi2jVl9hl3iwJKkyv/RLmcusdsi8YunbvWGFAF5GaagYQo7YlF6UaBQnYJTM 523AMgpPQtsKm9o/w9WdgXkgWhgkhZEeqUS3m5xNey1nLu9iMvq9M/iXnGz4sg6Q 2Y+GqZ+yAvNWjRRou3zSE7Bzg28MI4sAAwYH/2D71Xc5HPDgu87WnBFgmp8MpSr8 QnSs0wwPg3xEullGEocolSb2c0ctuSyeVnCttJMzkukL9TqyF4s/6XRstWirSWaw JxRLKH6Zjo/FaKsshYKf8gBkAaddvpl3pO0gmUYbqmpQ3xDEYlhCeieXS5MkockQ 1sj2xYdB1xO0ExzfiCiscUKjUFy+mdzUsUutafuZ+gbHog1CN/ccZCkxcBa5IFCH ORrNjq9pYWlrxsEn6ApsG7JJbM2besW1PkdEoxak74z1senh36m5jQvVjA3U4xq1 wwylxadmmJaJHzeiLfb7G1ZRjZTsB7fyYxqDzMVul6o9BSwO/1XsIAnV1uuITAQY EQIADAUCOe70kgUJA8JnAAAKCRCoTtronIAKyksiAJsFB3/77SkH3JlYOGrEe1Ol 0JdGwACeKTttgeVPFB+iGJdiwQlxasOfuXyITAQYEQIADAUCPGqpWQUJCgCCxwAK CRCoTtronIAKyofBAKCSZM2UFyta/fe9WgITK9I5hbxxtQCfX+0ar2CZmSknn3co SPihn1+OBNyZAQ0DNuEtBAAAAQgAoCRcd7SVZEFcumffyEwfLTcXQjhKzOahzxpo omuF+HIyU4AGq+SU8sTZ/1SsjhdzzrSAfv1lETACA+3SmLr5KV40Us1w0UC64cwt A46xowVq1vMlH2Lib+V/qr3b1hE67nMHjysECVx9Ob4gFuKNoR2eqnAaJvjnAT8J /LoUC20EdCHUqn6v+M9t/WZgC+WNR8cq69uDy3YQhDP/nIan6fm2uf2kSV9A7ZxE GrwsWl/WX5Q/sQqMWaU6r4az98X3z90/cN+eJJ3vwtA+rm+nxEvyev+jaLuOQBDf ebh/XA4FZ35xmi+spdiVeJH4F/ubaGlmj7+wDOF3suYAPSXT2QAFEbQlU3VTRSBT ZWN1cml0eSBUZWFtIDxzZWN1cml0eUBzdXNlLmRlPokBFQMFEDbhLUfkWLKHsco8 RQEBVw4H/1vIdiOLX/7hdzYaG9crQVIk3QwaB5eBbjvLEMvuCZHiY2COUg5QdmPQ 8SlWNZ6k4nu1BLcv2g/pymPUWP9fG4tuSnlUJDrWGm3nhyhAC9iudP2u1YQY37Gb B6NPVaZiYMnEb4QYFcqv5c/r2ghSXUTYk7etd6SW6WCOpEqizhx1cqDKNZnsI/1X 11pFcO2N7rc6byDBJ1T+cK+F1Ehan9XBt/shryJmv04nli5CXQMEbiqYYMOu8iaA 8AWRgXPCWqhyGhcVD3LRhUJXjUOdH4ZiHCXaoF3zVPxpeGKEQY8iBrDeDyB3wHmj qY9WCX6cmogGQRgYG6yJqDalLqrDOdmJARUDBRA24S0Ed7LmAD0l09kBAW04B/4p WH3f1vQn3i6/+SmDjGzUu2GWGq6Fsdwo2hVM2ym6CILeow/K9JfhdwGvY8LRxWRL hn09j2IJ9P7H1Yz3qDf10AX6V7YILHtchKT1dcngCkTLmDgC4rs1iAAl3f089sRG BafGPGKv2DQjHfR1LfRtbf0P7c09Tkej1MP8HtQMW9hPkBYeXcwbCjdrVGFOzqx+ AvvJDdT6a+oyRMTFlvmZ83UV5pgoyimgjhWnM1V4bFBYjPrtWMkdXJSUXbR6Q7Pi RZWCzGRzwbaxqpl3rK/YTCphOLwEMB27B4/fcqtBzgoMOiaZA0M5fFoo54KgRIh0 zinsSx2OrWgvSiLEXXYKiEYEEBECAAYFAjseYcMACgkQnkDjEAAKq6ROVACgjhDM /3KM+iFjs5QXsnd4oFPOnbkAnjYGa1J3em+bmV2aiCdYXdOuGn4ZiQCVAwUQN7c7 whaQN/7O/JIVAQEB+QP/cYblSAmPXxSFiaHWB+MiUNw8B6ozBLK0QcMQ2YcL6+Vl D+nSZP20+Ja2nfiKjnibCv5ss83yXoHkYk2Rsa8foz6Y7tHwuPiccvqnIC/c9Cvz dbIsdxpfsi0qWPfvX/jLMpXqqnPjdIZErgxpwujas1n9016PuXA8K3MJwVjCqSKI RgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA1iSYcbhtgvx9ByLPI DgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE= =LRKC - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2-rc1-SuSE (GNU/Linux) iQEVAwUBQ1OiV3ey5gA9JdPZAQH6iQgAgJ3DmvlfIm914fkyvMH1QkqhYXH7d3eZ sqPcmKz3HjFXpqyj+lw2nV8aLcMIpOfTnGefoKD8vktZqcq6cRppLIR2dS9hSpQk uVLP7y6mQhaEED8PYQRgGuUCsqU/gIpiXhmM+Ge4mCRGvX+LATgDyEFWzubAVKeK e+DKSYkEGeRekhfMgNTKoh51K6fmHuqLxl7aSwf7k6ZyH85a6xklh9wVyk+kD87g A0AwcuKDzTR9FwtFeRJWsdNyjDGLRW7jUdiVymPeDqmgA1gdYWbIG4zqUnEzoV5p SlH6IgqKFAqZQ18j8ary222c7aIGt7voQa38Kne+yoWPQboqB/6TvQ== =QiOJ -----END PGP SIGNATURE----- -- ~ ~ perl self.pl ~ $_='print"\$_=\47$_\47;eval"';eval ~ krahmer(a)suse.de - SuSE Security Team ~

1 0

SUSE Security Summary Report SUSE-SR:2005:023
by Marcus Meissner 14 Oct '05

14 Oct '05

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Summary Report Announcement ID: SUSE-SR:2005:023 Date: Fri, 14 Oct 2005 12:00:00 +0000 Cross-References: CAN-2005-2495, CAN-2005-2933, CAN-2005-2960 CAN-2005-2964, CAN-2005-3011 Content of this advisory: 1) Solved Security Vulnerabilities: - imap-lib crashes in client library - texinfo temporary file handling fixes - cfengine temporary file handling fixes - abiword buffer overflow in RTF import filter - various vnc servers affected by the pixmap integer overflow 2) Pending Vulnerabilities, Solutions, and Work-Arounds: None listed. 3) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Solved Security Vulnerabilities To avoid flooding mailing lists with SUSE Security Announcements for minor issues, SUSE Security releases weekly summary reports for the low profile vulnerability fixes. The SUSE Security Summary Reports do not list md5 sums or download URLs like the SUSE Security Announcements that are released for more severe vulnerabilities. Fixed packages for the following incidents are already available on our FTP server and via the YaST Online Update. - imap-lib crashes in client library The client part of the University of Washington IMAP implementation is prone to a buffer overflow while parsing mailbox names. This bug can probably be exploited by a remote attacker to execute arbitrary code with the privileges of the user running the affected mail client. (CAN-2005-2933). The 'imapd' that is included in the "imap" package itself is not affected by this problem. This problem affects all SUSE Linux based products. - texinfo temporary file handling fixes The handling of temporary files in the texinfo package was enhanced. Previous versions can be exploited by local users to overwrite arbitrary files. (CAN-2005-3011) This affects all SUSE Linux based products. - cfengine temporary file handling fixes This update of cfengine improves the handling of temporary files. This bug can be exploited locally and probably be used to escalate privileges. (CAN-2005-2960) This affects SUSE Linux 9.0 up to 10.0. - abiword buffer overflow in RTF import filter The Abiword word processor was updated to fix several buffer overflows that can be triggered by parsing malformed RTF documents (CAN-2005-2964). Thanks to Chris Evans. This affects SUSE Linux 9.0 (package name abiword2), SUSE Linux 9.1 up to 10.0 (package name abiword). - various vnc servers affected by the pixmap integer overflow Various VNC Servers were also affected by the integer overflow problem in the pixmap handling (CAN-2005-2495). An attacker may be able to exploit this bug to execute code remotely. SUSE Linux Enterprise Server 8, SUSE Linux Desktop 1 used the "vnc" package, newer products use the "XFree86-vnc" or "xorg-x11-vnc" packages. All SUSE Linux based products were affected and fixed packages were released. ______________________________________________________________________________ 2) Pending Vulnerabilities, Solutions, and Work-Arounds None listed. ______________________________________________________________________________ 3) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify <file> replacing <file> with the name of the file containing the announcement. The output for a valid signature looks like: gpg: Signature made <DATE> using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team <security(a)suse.de>" where <DATE> is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and integrity of a package needs to be verified to ensure that it has not been tampered with. The internal RPM package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig <file.rpm> to verify the signature of the package, replacing <file.rpm> with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build(a)suse.de with the key ID 9C800ACA. This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and included at the end of this announcement. - SUSE runs two security mailing lists to which any interested party may subscribe: suse-security(a)suse.com - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to <suse-security-subscribe(a)suse.com>. suse-security-announce(a)suse.com - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to <suse-security-announce-subscribe(a)suse.com>. For general information or the frequently asked questions (FAQ) send mail to <suse-security-info(a)suse.com> or <suse-security-faq(a)suse.com>. ===================================================================== SUSE's security contact is <security(a)suse.com> or <security(a)suse.de>. The <security(a)suse.de> public key is listed below. ===================================================================== ______________________________________________________________________________ The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text. SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security(a)suse.de> pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build(a)suse.de> - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org mQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCkYS3yEKeueNWc+z/0Kvff 4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP+Y0PFPboMvKx0FXl/A0d M+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR8xocQSVCFxcwvwCglVcO QliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U8c/yE/vdvpN6lF0tmFrK XBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0ScZqITuZC4CWxJa9GynBE D3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEhELBeGaPdNCcmfZ66rKUd G5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtBUVKn4zLUOf6aeBAoV6NM CC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOoAqajLfvkURHAeSsxXIoE myW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1nKFvF+rQoU3VTRSBQYWNr YWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohcBBMRAgAcBQI57vSBBQkD wmcABAsKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyl8sAJ98BgD40zw0GHJHIf6d NfnwI2PAsgCgjH1+PnYEl7TFjtZsqhezX7vZvYCIRgQQEQIABgUCOnBeUgAKCRCe QOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lxyoAejACeOO1HIbActAevk5MUBhNe LZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWnB/9An5vfiUUE1VQnt+T/EYklES3t XXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDVwM2OgSEISZxbzdXGnqIlcT08TzBU D9i579uifklLsnr35SJDZ6ram51/CWOnnaVhUzneOA9gTPSr+/fT3WeVnwJiQCQ3 0kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF5Yryk23pQUPAgJENDEqeU6iIO9Ot 1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3D3EN8C1yPqZd5CvvznYvB6bWBIpW cRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGuzgpJt9IXSzyohEJB6XG5+D0BiF0E ExECAB0FAjxqqTQFCQoAgrMFCwcKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyp1f AJ9dR7saz2KPNwD3U+fy/0BDKXrYGACfbJ8fQcJqCBQxeHvt9yMPDVq0B0W5Ag0E Oe70khAIAISR0E3ozF/la+oNaRwxHLrCet30NgnxRROYhPaJB/Tu1FQokn2/Qld/ HZnh3TwhBIw1FqrhWBJ7491iAjLR9uPbdWJrn+A7t8kSkPaF3Z/6kyc5a8fas44h t5h+6HMBzoFCMAq2aBHQRFRNp9Mz1ZvoXXcI1lk1l8OqcUM/ovXbDfPcXsUVeTPT tGzcAi2jVl9hl3iwJKkyv/RLmcusdsi8YunbvWGFAF5GaagYQo7YlF6UaBQnYJTM 523AMgpPQtsKm9o/w9WdgXkgWhgkhZEeqUS3m5xNey1nLu9iMvq9M/iXnGz4sg6Q 2Y+GqZ+yAvNWjRRou3zSE7Bzg28MI4sAAwYH/2D71Xc5HPDgu87WnBFgmp8MpSr8 QnSs0wwPg3xEullGEocolSb2c0ctuSyeVnCttJMzkukL9TqyF4s/6XRstWirSWaw JxRLKH6Zjo/FaKsshYKf8gBkAaddvpl3pO0gmUYbqmpQ3xDEYlhCeieXS5MkockQ 1sj2xYdB1xO0ExzfiCiscUKjUFy+mdzUsUutafuZ+gbHog1CN/ccZCkxcBa5IFCH ORrNjq9pYWlrxsEn6ApsG7JJbM2besW1PkdEoxak74z1senh36m5jQvVjA3U4xq1 wwylxadmmJaJHzeiLfb7G1ZRjZTsB7fyYxqDzMVul6o9BSwO/1XsIAnV1uuITAQY EQIADAUCOe70kgUJA8JnAAAKCRCoTtronIAKyksiAJsFB3/77SkH3JlYOGrEe1Ol 0JdGwACeKTttgeVPFB+iGJdiwQlxasOfuXyITAQYEQIADAUCPGqpWQUJCgCCxwAK CRCoTtronIAKyofBAKCSZM2UFyta/fe9WgITK9I5hbxxtQCfX+0ar2CZmSknn3co SPihn1+OBNyZAQ0DNuEtBAAAAQgAoCRcd7SVZEFcumffyEwfLTcXQjhKzOahzxpo omuF+HIyU4AGq+SU8sTZ/1SsjhdzzrSAfv1lETACA+3SmLr5KV40Us1w0UC64cwt A46xowVq1vMlH2Lib+V/qr3b1hE67nMHjysECVx9Ob4gFuKNoR2eqnAaJvjnAT8J /LoUC20EdCHUqn6v+M9t/WZgC+WNR8cq69uDy3YQhDP/nIan6fm2uf2kSV9A7ZxE GrwsWl/WX5Q/sQqMWaU6r4az98X3z90/cN+eJJ3vwtA+rm+nxEvyev+jaLuOQBDf ebh/XA4FZ35xmi+spdiVeJH4F/ubaGlmj7+wDOF3suYAPSXT2QAFEbQlU3VTRSBT ZWN1cml0eSBUZWFtIDxzZWN1cml0eUBzdXNlLmRlPokBFQMFEDbhLUfkWLKHsco8 RQEBVw4H/1vIdiOLX/7hdzYaG9crQVIk3QwaB5eBbjvLEMvuCZHiY2COUg5QdmPQ 8SlWNZ6k4nu1BLcv2g/pymPUWP9fG4tuSnlUJDrWGm3nhyhAC9iudP2u1YQY37Gb B6NPVaZiYMnEb4QYFcqv5c/r2ghSXUTYk7etd6SW6WCOpEqizhx1cqDKNZnsI/1X 11pFcO2N7rc6byDBJ1T+cK+F1Ehan9XBt/shryJmv04nli5CXQMEbiqYYMOu8iaA 8AWRgXPCWqhyGhcVD3LRhUJXjUOdH4ZiHCXaoF3zVPxpeGKEQY8iBrDeDyB3wHmj qY9WCX6cmogGQRgYG6yJqDalLqrDOdmJARUDBRA24S0Ed7LmAD0l09kBAW04B/4p WH3f1vQn3i6/+SmDjGzUu2GWGq6Fsdwo2hVM2ym6CILeow/K9JfhdwGvY8LRxWRL hn09j2IJ9P7H1Yz3qDf10AX6V7YILHtchKT1dcngCkTLmDgC4rs1iAAl3f089sRG BafGPGKv2DQjHfR1LfRtbf0P7c09Tkej1MP8HtQMW9hPkBYeXcwbCjdrVGFOzqx+ AvvJDdT6a+oyRMTFlvmZ83UV5pgoyimgjhWnM1V4bFBYjPrtWMkdXJSUXbR6Q7Pi RZWCzGRzwbaxqpl3rK/YTCphOLwEMB27B4/fcqtBzgoMOiaZA0M5fFoo54KgRIh0 zinsSx2OrWgvSiLEXXYKiEYEEBECAAYFAjseYcMACgkQnkDjEAAKq6ROVACgjhDM /3KM+iFjs5QXsnd4oFPOnbkAnjYGa1J3em+bmV2aiCdYXdOuGn4ZiQCVAwUQN7c7 whaQN/7O/JIVAQEB+QP/cYblSAmPXxSFiaHWB+MiUNw8B6ozBLK0QcMQ2YcL6+Vl D+nSZP20+Ja2nfiKjnibCv5ss83yXoHkYk2Rsa8foz6Y7tHwuPiccvqnIC/c9Cvz dbIsdxpfsi0qWPfvX/jLMpXqqnPjdIZErgxpwujas1n9016PuXA8K3MJwVjCqSKI RgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA1iSYcbhtgvx9ByLPI DgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE= =LRKC - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) iQEVAwUBQ0+5Y3ey5gA9JdPZAQKQ1Qf8D0qD+uSZ0WeZRJJZ31JeHE75/zFmnRZQ MvtBSMZcRSwgDzOQeOoDEe3YYrrwv602o91/Z1hnUSA4W+18pOc3pzAC26X+pH3l ph4BBM/HPOIdSqB6NJSd2s4FjXQJ+v+EDxMJ14SHyqW77O/iEhTND5JZaaran7U4 xnDTHLSm50lWjb7Fo+llPiLru6uP4zPwznV6k7IpW/P5Gd4/qDe9MKItJoGxXauD tOZR+rQkS+O16P4HtKc1odg8dAjtK670+fMjZlMA081rBBss6KijpaPwQ+NNddSA eR4SKKlVMeEl2E4deUvms+IHuhueuj3JKJYsNhmJgfAIbF+GRjMKfg== =LY1a -----END PGP SIGNATURE-----

1 0

SUSE Security Announcement: RealPlayer format string problem (SUSE-SA:2005:059)
by Marcus Meissner 10 Oct '05

10 Oct '05

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Announcement Package: RealPlayer Announcement ID: SUSE-SA:2005:059 Date: Mon, 10 Oct 2005 12:00:00 +0000 Affected Products: Novell Linux Desktop 9 SUSE LINUX 10.0 SUSE LINUX 9.2 SUSE LINUX 9.3 Vulnerability Type: remote code execution Severity (1-10): 9 SUSE Default Package: yes Cross-References: CAN-2005-2710 Content of This Advisory: 1) Security Vulnerability Resolved: realplayer remote format string exploit Problem Description 2) Solution or Work-Around 3) Special Instructions and Notes 4) Package Location and Checksums 5) Pending Vulnerabilities, Solutions, and Work-Arounds: none 6) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Problem Description and Brief Discussion The following security issue in RealPlayer was fixed: - A format string bug in the RealPix (.rp) file format parser (CAN-2005-2710). This bug allowed remote attackers to execute arbitrary code by supplying a specially crafted file, e.g via Web page or E-Mail. Note that we no longer support RealPlayer on the following distributions for some time now: - SUSE Linux 9.1 - SUSE Linux 9.0 - SUSE Linux Desktop 1.0 On these distributions, please deinstall RealPlayer by running as root: rpm -e RealPlayer 2) Solution or Work-Around There is no known workaround, please install the update packages. 3) Special Instructions and Notes Please close and restart all running instances of RealPlayer after the update. 4) Package Location and Checksums The preferred method for installing security updates is to use the YaST Online Update (YOU) tool. YOU detects which updates are required and automatically performs the necessary steps to verify and install them. Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command rpm -Fhv <file.rpm> to apply the update, replacing <file.rpm> with the filename of the downloaded RPM package. x86 Platform: SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/RealPlayer-10.0.6-3.2… 5a2d014eb663522c853f3e4a8fe356d3 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/RealPlayer-10.0.6-1.4.… 1097667994e2fccae1502262fe7215ca SUSE LINUX 9.2: ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/RealPlayer-10.0.6-1.4.… d98460b54af9378839a63c2b229547b8 Sources: SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/RealPlayer-10.0.6-3.2.… 25460c33b090cd6a7ddf93903172d125 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/RealPlayer-10.0.6-1.4.s… 83fccf7f9702cd9786d5f2ec69b4b7da SUSE LINUX 9.2: ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/RealPlayer-10.0.6-1.4.s… d62dc63575a544018f9a6dbeffe00a85 ______________________________________________________________________________ 5) Pending Vulnerabilities, Solutions, and Work-Arounds: none ______________________________________________________________________________ 6) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify <file> replacing <file> with the name of the file where you saved the announcement. The output for a valid signature looks like: gpg: Signature made <DATE> using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team <security(a)suse.de>" where <DATE> is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with. There are two verification methods that can be used independently from each other to prove the authenticity of a downloaded file or RPM package: 1) Using the internal gpg signatures of the rpm package 2) MD5 checksums as provided in this announcement 1) The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig <file.rpm> to verify the signature of the package, replacing <file.rpm> with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build(a)suse.de with the key ID 9C800ACA. This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement. 2) If you need an alternative means of verification, use the md5sum command to verify the authenticity of the packages. Execute the command md5sum <filename.rpm> after you downloaded the file from a SUSE FTP server or its mirrors. Then compare the resulting md5sum with the one that is listed in the SUSE security announcement. Because the announcement containing the checksums is cryptographically signed (by security(a)suse.de) the checksums show proof of the authenticity of the package if the signature of the announcement is valid. Note that the md5 sums published in the SUSE Security Announcements are valid for the respective packages only. Newer versions of these packages cannot be verified. - SUSE runs two security mailing lists to which any interested party may subscribe: suse-security(a)suse.com - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to <suse-security-subscribe(a)suse.com>. suse-security-announce(a)suse.com - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to <suse-security-announce-subscribe(a)suse.com>. For general information or the frequently asked questions (FAQ), send mail to <suse-security-info(a)suse.com> or <suse-security-faq(a)suse.com>. ===================================================================== SUSE's security contact is <security(a)suse.com> or <security(a)suse.de>. The <security(a)suse.de> public key is listed below. ===================================================================== ______________________________________________________________________________ The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text. SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security(a)suse.de> pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build(a)suse.de> - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org mQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCkYS3yEKeueNWc+z/0Kvff 4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP+Y0PFPboMvKx0FXl/A0d M+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR8xocQSVCFxcwvwCglVcO QliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U8c/yE/vdvpN6lF0tmFrK XBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0ScZqITuZC4CWxJa9GynBE D3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEhELBeGaPdNCcmfZ66rKUd G5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtBUVKn4zLUOf6aeBAoV6NM CC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOoAqajLfvkURHAeSsxXIoE myW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1nKFvF+rQoU3VTRSBQYWNr YWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohcBBMRAgAcBQI57vSBBQkD wmcABAsKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyl8sAJ98BgD40zw0GHJHIf6d NfnwI2PAsgCgjH1+PnYEl7TFjtZsqhezX7vZvYCIRgQQEQIABgUCOnBeUgAKCRCe QOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lxyoAejACeOO1HIbActAevk5MUBhNe LZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWnB/9An5vfiUUE1VQnt+T/EYklES3t XXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDVwM2OgSEISZxbzdXGnqIlcT08TzBU D9i579uifklLsnr35SJDZ6ram51/CWOnnaVhUzneOA9gTPSr+/fT3WeVnwJiQCQ3 0kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF5Yryk23pQUPAgJENDEqeU6iIO9Ot 1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3D3EN8C1yPqZd5CvvznYvB6bWBIpW cRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGuzgpJt9IXSzyohEJB6XG5+D0BiF0E ExECAB0FAjxqqTQFCQoAgrMFCwcKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyp1f AJ9dR7saz2KPNwD3U+fy/0BDKXrYGACfbJ8fQcJqCBQxeHvt9yMPDVq0B0W5Ag0E Oe70khAIAISR0E3ozF/la+oNaRwxHLrCet30NgnxRROYhPaJB/Tu1FQokn2/Qld/ HZnh3TwhBIw1FqrhWBJ7491iAjLR9uPbdWJrn+A7t8kSkPaF3Z/6kyc5a8fas44h t5h+6HMBzoFCMAq2aBHQRFRNp9Mz1ZvoXXcI1lk1l8OqcUM/ovXbDfPcXsUVeTPT tGzcAi2jVl9hl3iwJKkyv/RLmcusdsi8YunbvWGFAF5GaagYQo7YlF6UaBQnYJTM 523AMgpPQtsKm9o/w9WdgXkgWhgkhZEeqUS3m5xNey1nLu9iMvq9M/iXnGz4sg6Q 2Y+GqZ+yAvNWjRRou3zSE7Bzg28MI4sAAwYH/2D71Xc5HPDgu87WnBFgmp8MpSr8 QnSs0wwPg3xEullGEocolSb2c0ctuSyeVnCttJMzkukL9TqyF4s/6XRstWirSWaw JxRLKH6Zjo/FaKsshYKf8gBkAaddvpl3pO0gmUYbqmpQ3xDEYlhCeieXS5MkockQ 1sj2xYdB1xO0ExzfiCiscUKjUFy+mdzUsUutafuZ+gbHog1CN/ccZCkxcBa5IFCH ORrNjq9pYWlrxsEn6ApsG7JJbM2besW1PkdEoxak74z1senh36m5jQvVjA3U4xq1 wwylxadmmJaJHzeiLfb7G1ZRjZTsB7fyYxqDzMVul6o9BSwO/1XsIAnV1uuITAQY EQIADAUCOe70kgUJA8JnAAAKCRCoTtronIAKyksiAJsFB3/77SkH3JlYOGrEe1Ol 0JdGwACeKTttgeVPFB+iGJdiwQlxasOfuXyITAQYEQIADAUCPGqpWQUJCgCCxwAK CRCoTtronIAKyofBAKCSZM2UFyta/fe9WgITK9I5hbxxtQCfX+0ar2CZmSknn3co SPihn1+OBNyZAQ0DNuEtBAAAAQgAoCRcd7SVZEFcumffyEwfLTcXQjhKzOahzxpo omuF+HIyU4AGq+SU8sTZ/1SsjhdzzrSAfv1lETACA+3SmLr5KV40Us1w0UC64cwt A46xowVq1vMlH2Lib+V/qr3b1hE67nMHjysECVx9Ob4gFuKNoR2eqnAaJvjnAT8J /LoUC20EdCHUqn6v+M9t/WZgC+WNR8cq69uDy3YQhDP/nIan6fm2uf2kSV9A7ZxE GrwsWl/WX5Q/sQqMWaU6r4az98X3z90/cN+eJJ3vwtA+rm+nxEvyev+jaLuOQBDf ebh/XA4FZ35xmi+spdiVeJH4F/ubaGlmj7+wDOF3suYAPSXT2QAFEbQlU3VTRSBT ZWN1cml0eSBUZWFtIDxzZWN1cml0eUBzdXNlLmRlPokBFQMFEDbhLUfkWLKHsco8 RQEBVw4H/1vIdiOLX/7hdzYaG9crQVIk3QwaB5eBbjvLEMvuCZHiY2COUg5QdmPQ 8SlWNZ6k4nu1BLcv2g/pymPUWP9fG4tuSnlUJDrWGm3nhyhAC9iudP2u1YQY37Gb B6NPVaZiYMnEb4QYFcqv5c/r2ghSXUTYk7etd6SW6WCOpEqizhx1cqDKNZnsI/1X 11pFcO2N7rc6byDBJ1T+cK+F1Ehan9XBt/shryJmv04nli5CXQMEbiqYYMOu8iaA 8AWRgXPCWqhyGhcVD3LRhUJXjUOdH4ZiHCXaoF3zVPxpeGKEQY8iBrDeDyB3wHmj qY9WCX6cmogGQRgYG6yJqDalLqrDOdmJARUDBRA24S0Ed7LmAD0l09kBAW04B/4p WH3f1vQn3i6/+SmDjGzUu2GWGq6Fsdwo2hVM2ym6CILeow/K9JfhdwGvY8LRxWRL hn09j2IJ9P7H1Yz3qDf10AX6V7YILHtchKT1dcngCkTLmDgC4rs1iAAl3f089sRG BafGPGKv2DQjHfR1LfRtbf0P7c09Tkej1MP8HtQMW9hPkBYeXcwbCjdrVGFOzqx+ AvvJDdT6a+oyRMTFlvmZ83UV5pgoyimgjhWnM1V4bFBYjPrtWMkdXJSUXbR6Q7Pi RZWCzGRzwbaxqpl3rK/YTCphOLwEMB27B4/fcqtBzgoMOiaZA0M5fFoo54KgRIh0 zinsSx2OrWgvSiLEXXYKiEYEEBECAAYFAjseYcMACgkQnkDjEAAKq6ROVACgjhDM /3KM+iFjs5QXsnd4oFPOnbkAnjYGa1J3em+bmV2aiCdYXdOuGn4ZiQCVAwUQN7c7 whaQN/7O/JIVAQEB+QP/cYblSAmPXxSFiaHWB+MiUNw8B6ozBLK0QcMQ2YcL6+Vl D+nSZP20+Ja2nfiKjnibCv5ss83yXoHkYk2Rsa8foz6Y7tHwuPiccvqnIC/c9Cvz dbIsdxpfsi0qWPfvX/jLMpXqqnPjdIZErgxpwujas1n9016PuXA8K3MJwVjCqSKI RgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA1iSYcbhtgvx9ByLPI DgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE= =LRKC - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) iQEVAwUBQ0puMHey5gA9JdPZAQLKcQf8C56kpY59JdmFBG9lN/YSD1uD/03z83n9 QNpA0VEuYpaJtcOtCJxOR+M4V9uV7rYGiscjnuQh6N1EATWiSEcAUtKQ2h7ImG8I 0yVFbsyvq9RORfb4AA5UxviQcMvKMvWzW46zohZzY/NIAN/6T7YK/hU9c4TrPgaO 67DsICtiExX/pyYCiIpTeA2xj1VrbHUk6VhmzTSwM+CL/sZ/3XtVYvo3BBCPV5O+ EtNYvazKMf4XqFS/a8Mw2rz66bFxJiIiilyPhQhp/07RU1ykSfrKwHPAlBqU8mYv LHVMZvp7eoBOWTQUvxJdnpgMSWgc8TxDQdtCnRdAeyCFtdsUMSwC2g== =ygca -----END PGP SIGNATURE-----

1 0

SUSE Security Summary Report SUSE-SR:2005:022
by Marcus Meissner 07 Oct '05

07 Oct '05

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Summary Report Announcement ID: SUSE-SR:2005:022 Date: Fri, 07 Oct 2005 13:00:00 +0000 Cross-References: CAN-2005-2966 Content of this advisory: 1) Solved Security Vulnerabilities: - resmgr usb device restriction problems - liby2util problems with untrusted remote repositories - mediawiki edit history problems - powersave permission problems - bacula tmp race fixes - various user applications used LD_LIBRARY_PATH unsafely - dia svg import code execution 2) Pending Vulnerabilities, Solutions, and Work-Arounds: - none listed 3) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Solved Security Vulnerabilities To avoid flooding mailing lists with SUSE Security Announcements for minor issues, SUSE Security releases weekly summary reports for the low profile vulnerability fixes. The SUSE Security Summary Reports do not list md5 sums or download URLs like the SUSE Security Announcements that are released for more severe vulnerabilities. Fixed packages for the following incidents are already available on our FTP server and via the YaST Online Update. - resmgr usb device restriction problems resmgr is the SUSE way of providing device access to logged in desktop users. The following security problems were fixed in resmgr: - By using alternate syntax for specifying USB devices instead of a /proc/bus/usb path one could bypass access control rules and open any USB device. - Class specific exclude rules did not match devices that set their class ID at interface level. Therefore the default exclude rules for HID and hub devices did not work on many devices. This would allow a local attacker (logged into another X session or text console with desktop rights) to snoop on USB human input devices like keyboard or mice of other users. This problem affects only SUSE Linux 9.2 and 9.3. - liby2util problems with untrusted remote repositories Rene "l00m" Fischer found two problem in the handling of YaST package repositories. - The remote repositories were copied with permissions and ownerships intact. If the remote repository was owned by a user or had problematic permissions, these ownership and permissions were copied over to the system. If these included world writable permissions local users could overwrite package meta files. This problem is not present when installing from CD or a correctly set up network source. - The YaST package handling had a buffer overflow which could be used by attackers having access to the meta data (for instance due to above permission problem) to potentially execute code. These problems have been fixed with this update. All SUSE Linux based products were affected by this problem. A problem appeared in the SUSE Linux 9.1 update due to a symbol mismatch caused by incompatible changes in SUSE Linux Enterprise Server 9 which were not correctly merged back to SUSE Linux 9.1. If you are using SUSE Linux 9.1 and can no longer start YaST package manager or online_update, please reinstall the liby2util RPM from the original CD by hand. - Mediawiki edit history problems A bug in mediawiki Wiki edit submission handling could cause corruption of the previous revision in the database if an abnormal URL was used, such as those used by some spam bots. This mediawiki update contains fixes up to MediaWiki version 1.4.10. SUSE Linux 9.3 and 10.0 are affected by this problem. - powersave permission problems The powersave interfaces allows logged in desktop users to control certain power management functions of the machine. A configuration problem of the powersave daemon in SUSE Linux 10.0 allowed any local user to control the powersave daemon, allowing him for instance to suspend the machine. Additionally some bugs were fixed: - When doing CPU frequency scaling, the nice factor was not considered correctly. - The patch also fixes a problem were an ACPI button press was not ignored after coming back from sleep and so the system shut down again. - If the haldaemon is not running, powersave opens dbus connections without closing them after wards. These bugs only affect SUSE Linux 10.0. - bacula tmp race fixes A fixed version of bacula was released that improves its handling of temporary files. Only SUSE Linux 10.0 is affected. - Various user applications used LD_LIBRARY_PATH unsafely Several user applications handle LD_LIBRARY_PATH unsafely. By just appending paths to LD_LIBRARY_PATH they caused the program to also search the current directory for shared libraries. In directories that contain network data those libraries could be injected into the respective application. We already released updates for following applications: - beagle for SUSE Linux 9.3 and 10.0. - tomboy for SUSE Linux 9.3 and 10.0. - liferea for SUSE Linux 10.0. - blam for SUSE Linux 9.3 and 10.0. - banshee for SUSE Linux 10.0. Fixes for more applications will be released. - dia svg import code execution This update of dia fixes a bug in the SVG import plugin which allows the execution of Python code. (CAN-2005-2966) This problem only affects SUSE Linux 9.3 and 10.0. ______________________________________________________________________________ 2) Pending Vulnerabilities, Solutions, and Work-Arounds none ______________________________________________________________________________ 3) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify <file> replacing <file> with the name of the file containing the announcement. The output for a valid signature looks like: gpg: Signature made <DATE> using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team <security(a)suse.de>" where <DATE> is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and integrity of a package needs to be verified to ensure that it has not been tampered with. The internal RPM package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig <file.rpm> to verify the signature of the package, replacing <file.rpm> with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build(a)suse.de with the key ID 9C800ACA. This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and included at the end of this announcement. - SUSE runs two security mailing lists to which any interested party may subscribe: suse-security(a)suse.com - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to <suse-security-subscribe(a)suse.com>. suse-security-announce(a)suse.com - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to <suse-security-announce-subscribe(a)suse.com>. For general information or the frequently asked questions (FAQ) send mail to <suse-security-info(a)suse.com> or <suse-security-faq(a)suse.com>. ===================================================================== SUSE's security contact is <security(a)suse.com> or <security(a)suse.de>. The <security(a)suse.de> public key is listed below. ===================================================================== ______________________________________________________________________________ The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text. SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security(a)suse.de> pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build(a)suse.de> - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org mQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCkYS3yEKeueNWc+z/0Kvff 4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP+Y0PFPboMvKx0FXl/A0d M+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR8xocQSVCFxcwvwCglVcO QliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U8c/yE/vdvpN6lF0tmFrK XBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0ScZqITuZC4CWxJa9GynBE D3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEhELBeGaPdNCcmfZ66rKUd G5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtBUVKn4zLUOf6aeBAoV6NM CC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOoAqajLfvkURHAeSsxXIoE myW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1nKFvF+rQoU3VTRSBQYWNr YWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohcBBMRAgAcBQI57vSBBQkD wmcABAsKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyl8sAJ98BgD40zw0GHJHIf6d NfnwI2PAsgCgjH1+PnYEl7TFjtZsqhezX7vZvYCIRgQQEQIABgUCOnBeUgAKCRCe QOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lxyoAejACeOO1HIbActAevk5MUBhNe LZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWnB/9An5vfiUUE1VQnt+T/EYklES3t XXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDVwM2OgSEISZxbzdXGnqIlcT08TzBU D9i579uifklLsnr35SJDZ6ram51/CWOnnaVhUzneOA9gTPSr+/fT3WeVnwJiQCQ3 0kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF5Yryk23pQUPAgJENDEqeU6iIO9Ot 1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3D3EN8C1yPqZd5CvvznYvB6bWBIpW cRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGuzgpJt9IXSzyohEJB6XG5+D0BiF0E ExECAB0FAjxqqTQFCQoAgrMFCwcKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyp1f AJ9dR7saz2KPNwD3U+fy/0BDKXrYGACfbJ8fQcJqCBQxeHvt9yMPDVq0B0W5Ag0E Oe70khAIAISR0E3ozF/la+oNaRwxHLrCet30NgnxRROYhPaJB/Tu1FQokn2/Qld/ HZnh3TwhBIw1FqrhWBJ7491iAjLR9uPbdWJrn+A7t8kSkPaF3Z/6kyc5a8fas44h t5h+6HMBzoFCMAq2aBHQRFRNp9Mz1ZvoXXcI1lk1l8OqcUM/ovXbDfPcXsUVeTPT tGzcAi2jVl9hl3iwJKkyv/RLmcusdsi8YunbvWGFAF5GaagYQo7YlF6UaBQnYJTM 523AMgpPQtsKm9o/w9WdgXkgWhgkhZEeqUS3m5xNey1nLu9iMvq9M/iXnGz4sg6Q 2Y+GqZ+yAvNWjRRou3zSE7Bzg28MI4sAAwYH/2D71Xc5HPDgu87WnBFgmp8MpSr8 QnSs0wwPg3xEullGEocolSb2c0ctuSyeVnCttJMzkukL9TqyF4s/6XRstWirSWaw JxRLKH6Zjo/FaKsshYKf8gBkAaddvpl3pO0gmUYbqmpQ3xDEYlhCeieXS5MkockQ 1sj2xYdB1xO0ExzfiCiscUKjUFy+mdzUsUutafuZ+gbHog1CN/ccZCkxcBa5IFCH ORrNjq9pYWlrxsEn6ApsG7JJbM2besW1PkdEoxak74z1senh36m5jQvVjA3U4xq1 wwylxadmmJaJHzeiLfb7G1ZRjZTsB7fyYxqDzMVul6o9BSwO/1XsIAnV1uuITAQY EQIADAUCOe70kgUJA8JnAAAKCRCoTtronIAKyksiAJsFB3/77SkH3JlYOGrEe1Ol 0JdGwACeKTttgeVPFB+iGJdiwQlxasOfuXyITAQYEQIADAUCPGqpWQUJCgCCxwAK CRCoTtronIAKyofBAKCSZM2UFyta/fe9WgITK9I5hbxxtQCfX+0ar2CZmSknn3co SPihn1+OBNyZAQ0DNuEtBAAAAQgAoCRcd7SVZEFcumffyEwfLTcXQjhKzOahzxpo omuF+HIyU4AGq+SU8sTZ/1SsjhdzzrSAfv1lETACA+3SmLr5KV40Us1w0UC64cwt A46xowVq1vMlH2Lib+V/qr3b1hE67nMHjysECVx9Ob4gFuKNoR2eqnAaJvjnAT8J /LoUC20EdCHUqn6v+M9t/WZgC+WNR8cq69uDy3YQhDP/nIan6fm2uf2kSV9A7ZxE GrwsWl/WX5Q/sQqMWaU6r4az98X3z90/cN+eJJ3vwtA+rm+nxEvyev+jaLuOQBDf ebh/XA4FZ35xmi+spdiVeJH4F/ubaGlmj7+wDOF3suYAPSXT2QAFEbQlU3VTRSBT ZWN1cml0eSBUZWFtIDxzZWN1cml0eUBzdXNlLmRlPokBFQMFEDbhLUfkWLKHsco8 RQEBVw4H/1vIdiOLX/7hdzYaG9crQVIk3QwaB5eBbjvLEMvuCZHiY2COUg5QdmPQ 8SlWNZ6k4nu1BLcv2g/pymPUWP9fG4tuSnlUJDrWGm3nhyhAC9iudP2u1YQY37Gb B6NPVaZiYMnEb4QYFcqv5c/r2ghSXUTYk7etd6SW6WCOpEqizhx1cqDKNZnsI/1X 11pFcO2N7rc6byDBJ1T+cK+F1Ehan9XBt/shryJmv04nli5CXQMEbiqYYMOu8iaA 8AWRgXPCWqhyGhcVD3LRhUJXjUOdH4ZiHCXaoF3zVPxpeGKEQY8iBrDeDyB3wHmj qY9WCX6cmogGQRgYG6yJqDalLqrDOdmJARUDBRA24S0Ed7LmAD0l09kBAW04B/4p WH3f1vQn3i6/+SmDjGzUu2GWGq6Fsdwo2hVM2ym6CILeow/K9JfhdwGvY8LRxWRL hn09j2IJ9P7H1Yz3qDf10AX6V7YILHtchKT1dcngCkTLmDgC4rs1iAAl3f089sRG BafGPGKv2DQjHfR1LfRtbf0P7c09Tkej1MP8HtQMW9hPkBYeXcwbCjdrVGFOzqx+ AvvJDdT6a+oyRMTFlvmZ83UV5pgoyimgjhWnM1V4bFBYjPrtWMkdXJSUXbR6Q7Pi RZWCzGRzwbaxqpl3rK/YTCphOLwEMB27B4/fcqtBzgoMOiaZA0M5fFoo54KgRIh0 zinsSx2OrWgvSiLEXXYKiEYEEBECAAYFAjseYcMACgkQnkDjEAAKq6ROVACgjhDM /3KM+iFjs5QXsnd4oFPOnbkAnjYGa1J3em+bmV2aiCdYXdOuGn4ZiQCVAwUQN7c7 whaQN/7O/JIVAQEB+QP/cYblSAmPXxSFiaHWB+MiUNw8B6ozBLK0QcMQ2YcL6+Vl D+nSZP20+Ja2nfiKjnibCv5ss83yXoHkYk2Rsa8foz6Y7tHwuPiccvqnIC/c9Cvz dbIsdxpfsi0qWPfvX/jLMpXqqnPjdIZErgxpwujas1n9016PuXA8K3MJwVjCqSKI RgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA1iSYcbhtgvx9ByLPI DgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE= =LRKC - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) iQEVAwUBQ0ZtwHey5gA9JdPZAQL6Fgf+POy+IJHP6s/s/jb4WXXk7bCgTY9obcLi rB0QiUAEOvjez0icyreAEDZQVY9iRtvNj5flgIEKJZTYlNCBH4OyiCK0SvWVBRG3 l+O9Tsh3RAHM92IwBQAzItoafa1JsAuZXS6AJlo+JjoEK2g0nxpwJCgqOSa2HKL9 rTZi0e8jDTGUtG+OgNpR7NlWlVPGmW+5tddRZ2n3Jy6s/hx11GlLeEwlJpvCxu0w FevEhPOqsJ8xGNB5KCsjefQsZwJf8BojqhNDhSdBB+vVS8ISR52YHiLqvGA3+Hwk Pr+BGuL67kKmB+c5b6c8jT7OgeWRFhZ/F0sMd9ttJBHddMFLi52sUw== =1FC2 -----END PGP SIGNATURE-----

1 0

Defacement of several Novell websites
by Marcus Meissner 04 Oct '05

04 Oct '05

Hi, As you probably know, several Novell hosted web sites got defaced by a vandal on the weekend. The vandalized hosts wiki.novell.com, opensuse.org, and forge.novell.com are actually virtual hosts living on one machine, making this one affected machine. The intruder gained access to the system by exploiting a known vulnerability in the "Xoops" blog software installed on another virtual host on this system (www.novell.com/prblogs/) This software was not upgraded to the latest security fixed version. The host affected is fully separate from our RPM and security fix delivery machines, so the integrity of our distributions and update repositories was not affected. Sincerely, Marcus Meissner, SUSE Security Team

1 0

SUSE Security Summary Report SUSE-SR:2005:021
by Marcus Meissner 30 Sep '05

30 Sep '05

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Summary Report Announcement ID: SUSE-SR:2005:021 Date: Fri, 30 Sep 2005 14:00:00 +0000 Cross-References: CAN-2005-0941, CAN-2005-2558, CAN-2005-2794 CAN-2005-2796, CAN-2005-2876 Content of this advisory: 1) Solved Security Vulnerabilities: - storeBackup insecure /tmp usage and permissions - squid remote denial of service problems - mysql stack overflow in function handling - util-linux umount privilege escalation - OpenOffice_org version upgrade - mediawiki cross site scripting problems 2) Pending Vulnerabilities, Solutions, and Work-Arounds: None 3) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Solved Security Vulnerabilities To avoid flooding mailing lists with SUSE Security Announcements for minor issues, SUSE Security releases weekly summary reports for the low profile vulnerability fixes. The SUSE Security Summary Reports do not list md5 sums or download URLs like the SUSE Security Announcements that are released for more severe vulnerabilities. Fixed packages for the following incidents are already available on our FTP server and via the YaST Online Update. - storeBackup insecure /tmp usage and permissions This update upgrades storeBackup to version 1.19 and fixes following security issues: - storeBackup used insecure /tmp filenames. - storeBackup used insecure (world readable) file permissions for the backup root. Only SUSE Linux retail products contain storeBackup and are affected. - squid remote denial of service problems The web proxy squid was updated to fix two remotely exploitable denial of service vulnerabilities. One can be triggered by aborting a request and the other one occurs in sslConnectTimeout while handling malformed requests. This is tracked by the Mitre CVE IDs CAN-2005-2794 and CAN-2005-2796. All SUSE Linux based products containing squid are affected. - mysql stack overflow in function handling This update fixes a stack-based buffer overflow in MySQL's init_syms function that can be exploited by authenticated users with the privilege to create user-defined functions. This is tracked by the Mitre CVE ID CAN-2005-2558. All SUSE Linux based products including mysql are affected. - util-linux umount privilege escalation The remount option of umount allowed local users to clear certain security relevant flags such as the nosuid flag. This is tracked by the Mitre CVE ID CAN-2005-2876. All SUSE Linux based products are affected by this problem. - OpenOffice_org version upgrade OpenOffice.org on SUSE Linux 9.3 was upgraded to 2.0 Beta Milestone m125. This includes a large number of bug fixes in all areas. This update also fixes a buffer overflow in the MS Word document reader. By creating a specially crafted Word document a remote attacker could exploit this bug to execute arbitrary code under the user id of the user viewing the document (CAN-2005-0941). Note that this version will save files in the new, final XML format that cannot be read by the original SUSE Linux 9.3 version. Files saved with the original 9.3 version can be read without problems. - Mediawiki cross site scripting problems More cross site scripting problems were found in MediaWiki. The problems fixed in the 1.4.9 release have been back ported and are included in this security update. Only SUSE Linux 9.3 contains MediaWiki. ______________________________________________________________________________ 2) Pending Vulnerabilities, Solutions, and Work-Arounds None ______________________________________________________________________________ 3) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify <file> replacing <file> with the name of the file containing the announcement. The output for a valid signature looks like: gpg: Signature made <DATE> using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team <security(a)suse.de>" where <DATE> is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and integrity of a package needs to be verified to ensure that it has not been tampered with. The internal RPM package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig <file.rpm> to verify the signature of the package, replacing <file.rpm> with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build(a)suse.de with the key ID 9C800ACA. This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and included at the end of this announcement. - SUSE runs two security mailing lists to which any interested party may subscribe: suse-security(a)suse.com - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to <suse-security-subscribe(a)suse.com>. suse-security-announce(a)suse.com - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to <suse-security-announce-subscribe(a)suse.com>. For general information or the frequently asked questions (FAQ) send mail to <suse-security-info(a)suse.com> or <suse-security-faq(a)suse.com>. ===================================================================== SUSE's security contact is <security(a)suse.com> or <security(a)suse.de>. The <security(a)suse.de> public key is listed below. ===================================================================== ______________________________________________________________________________ The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text. SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security(a)suse.de> pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build(a)suse.de> - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org mQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCkYS3yEKeueNWc+z/0Kvff 4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP+Y0PFPboMvKx0FXl/A0d M+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR8xocQSVCFxcwvwCglVcO QliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U8c/yE/vdvpN6lF0tmFrK XBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0ScZqITuZC4CWxJa9GynBE D3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEhELBeGaPdNCcmfZ66rKUd G5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtBUVKn4zLUOf6aeBAoV6NM CC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOoAqajLfvkURHAeSsxXIoE myW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1nKFvF+rQoU3VTRSBQYWNr YWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohcBBMRAgAcBQI57vSBBQkD wmcABAsKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyl8sAJ98BgD40zw0GHJHIf6d NfnwI2PAsgCgjH1+PnYEl7TFjtZsqhezX7vZvYCIRgQQEQIABgUCOnBeUgAKCRCe QOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lxyoAejACeOO1HIbActAevk5MUBhNe LZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWnB/9An5vfiUUE1VQnt+T/EYklES3t XXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDVwM2OgSEISZxbzdXGnqIlcT08TzBU D9i579uifklLsnr35SJDZ6ram51/CWOnnaVhUzneOA9gTPSr+/fT3WeVnwJiQCQ3 0kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF5Yryk23pQUPAgJENDEqeU6iIO9Ot 1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3D3EN8C1yPqZd5CvvznYvB6bWBIpW cRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGuzgpJt9IXSzyohEJB6XG5+D0BiF0E ExECAB0FAjxqqTQFCQoAgrMFCwcKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyp1f AJ9dR7saz2KPNwD3U+fy/0BDKXrYGACfbJ8fQcJqCBQxeHvt9yMPDVq0B0W5Ag0E Oe70khAIAISR0E3ozF/la+oNaRwxHLrCet30NgnxRROYhPaJB/Tu1FQokn2/Qld/ HZnh3TwhBIw1FqrhWBJ7491iAjLR9uPbdWJrn+A7t8kSkPaF3Z/6kyc5a8fas44h t5h+6HMBzoFCMAq2aBHQRFRNp9Mz1ZvoXXcI1lk1l8OqcUM/ovXbDfPcXsUVeTPT tGzcAi2jVl9hl3iwJKkyv/RLmcusdsi8YunbvWGFAF5GaagYQo7YlF6UaBQnYJTM 523AMgpPQtsKm9o/w9WdgXkgWhgkhZEeqUS3m5xNey1nLu9iMvq9M/iXnGz4sg6Q 2Y+GqZ+yAvNWjRRou3zSE7Bzg28MI4sAAwYH/2D71Xc5HPDgu87WnBFgmp8MpSr8 QnSs0wwPg3xEullGEocolSb2c0ctuSyeVnCttJMzkukL9TqyF4s/6XRstWirSWaw JxRLKH6Zjo/FaKsshYKf8gBkAaddvpl3pO0gmUYbqmpQ3xDEYlhCeieXS5MkockQ 1sj2xYdB1xO0ExzfiCiscUKjUFy+mdzUsUutafuZ+gbHog1CN/ccZCkxcBa5IFCH ORrNjq9pYWlrxsEn6ApsG7JJbM2besW1PkdEoxak74z1senh36m5jQvVjA3U4xq1 wwylxadmmJaJHzeiLfb7G1ZRjZTsB7fyYxqDzMVul6o9BSwO/1XsIAnV1uuITAQY EQIADAUCOe70kgUJA8JnAAAKCRCoTtronIAKyksiAJsFB3/77SkH3JlYOGrEe1Ol 0JdGwACeKTttgeVPFB+iGJdiwQlxasOfuXyITAQYEQIADAUCPGqpWQUJCgCCxwAK CRCoTtronIAKyofBAKCSZM2UFyta/fe9WgITK9I5hbxxtQCfX+0ar2CZmSknn3co SPihn1+OBNyZAQ0DNuEtBAAAAQgAoCRcd7SVZEFcumffyEwfLTcXQjhKzOahzxpo omuF+HIyU4AGq+SU8sTZ/1SsjhdzzrSAfv1lETACA+3SmLr5KV40Us1w0UC64cwt A46xowVq1vMlH2Lib+V/qr3b1hE67nMHjysECVx9Ob4gFuKNoR2eqnAaJvjnAT8J /LoUC20EdCHUqn6v+M9t/WZgC+WNR8cq69uDy3YQhDP/nIan6fm2uf2kSV9A7ZxE GrwsWl/WX5Q/sQqMWaU6r4az98X3z90/cN+eJJ3vwtA+rm+nxEvyev+jaLuOQBDf ebh/XA4FZ35xmi+spdiVeJH4F/ubaGlmj7+wDOF3suYAPSXT2QAFEbQlU3VTRSBT ZWN1cml0eSBUZWFtIDxzZWN1cml0eUBzdXNlLmRlPokBFQMFEDbhLUfkWLKHsco8 RQEBVw4H/1vIdiOLX/7hdzYaG9crQVIk3QwaB5eBbjvLEMvuCZHiY2COUg5QdmPQ 8SlWNZ6k4nu1BLcv2g/pymPUWP9fG4tuSnlUJDrWGm3nhyhAC9iudP2u1YQY37Gb B6NPVaZiYMnEb4QYFcqv5c/r2ghSXUTYk7etd6SW6WCOpEqizhx1cqDKNZnsI/1X 11pFcO2N7rc6byDBJ1T+cK+F1Ehan9XBt/shryJmv04nli5CXQMEbiqYYMOu8iaA 8AWRgXPCWqhyGhcVD3LRhUJXjUOdH4ZiHCXaoF3zVPxpeGKEQY8iBrDeDyB3wHmj qY9WCX6cmogGQRgYG6yJqDalLqrDOdmJARUDBRA24S0Ed7LmAD0l09kBAW04B/4p WH3f1vQn3i6/+SmDjGzUu2GWGq6Fsdwo2hVM2ym6CILeow/K9JfhdwGvY8LRxWRL hn09j2IJ9P7H1Yz3qDf10AX6V7YILHtchKT1dcngCkTLmDgC4rs1iAAl3f089sRG BafGPGKv2DQjHfR1LfRtbf0P7c09Tkej1MP8HtQMW9hPkBYeXcwbCjdrVGFOzqx+ AvvJDdT6a+oyRMTFlvmZ83UV5pgoyimgjhWnM1V4bFBYjPrtWMkdXJSUXbR6Q7Pi RZWCzGRzwbaxqpl3rK/YTCphOLwEMB27B4/fcqtBzgoMOiaZA0M5fFoo54KgRIh0 zinsSx2OrWgvSiLEXXYKiEYEEBECAAYFAjseYcMACgkQnkDjEAAKq6ROVACgjhDM /3KM+iFjs5QXsnd4oFPOnbkAnjYGa1J3em+bmV2aiCdYXdOuGn4ZiQCVAwUQN7c7 whaQN/7O/JIVAQEB+QP/cYblSAmPXxSFiaHWB+MiUNw8B6ozBLK0QcMQ2YcL6+Vl D+nSZP20+Ja2nfiKjnibCv5ss83yXoHkYk2Rsa8foz6Y7tHwuPiccvqnIC/c9Cvz dbIsdxpfsi0qWPfvX/jLMpXqqnPjdIZErgxpwujas1n9016PuXA8K3MJwVjCqSKI RgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA1iSYcbhtgvx9ByLPI DgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE= =LRKC - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) iQEVAwUBQz0unney5gA9JdPZAQKnegf/dYaL6M6PtmR/enoXhjibG2ulKB4wLNqa sOhQDA7Q2Ys02IZekV+njc3hjFynYnWNgj3jaBY1xMbXy/QT48MCQdle21llrsF7 5zlhePVveAOm2OBh+N+RDU1DDhSaqPQ6d56jX5QJQPcRQkuEmC/dDZVLHFgqZTEp yuCVOfhrzHQLcHSdu+rMUUadIl+9+6BqLm+6Oj9sYM1kfREeem0eG88U/PiBYiWc vnc+4B7TyzQsTqFE4mUTZfgfG64g2zkgjs2k7VF52K61Mm1VE3BRQnuUFY49RYdO Z7ODPG9QJeU4KO395002CwJmIGYn99fTFYs1nu5cCsdGB4I2xgpGXQ== =6Bdz -----END PGP SIGNATURE-----

1 0

SUSE Security Announcement: Mozilla,Mozilla Firefox remote code execution (SUSE-SA:2005:058)
by Marcus Meissner 30 Sep '05

30 Sep '05

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Announcement Package: mozilla,MozillaFirefox Announcement ID: SUSE-SA:2005:058 Date: Fri, 30 Sep 2005 10:00:00 +0000 Affected Products: Novell Linux Desktop 9 SuSE Linux 9.0 SUSE LINUX 9.1 SUSE LINUX 9.2 SUSE LINUX 9.3 SUSE LINUX 10.0 SUSE LINUX 10.0 OSS SUSE Linux Enterprise Server 9 SuSE Linux Desktop 1.0 SuSE Linux Enterprise Server 8 UnitedLinux 1.0 Vulnerability Type: remote code execution Severity (1-10): 8 SUSE Default Package: yes Cross-References: CAN-2005-2701 CAN-2005-2702 CAN-2005-2703 CAN-2005-2704 CAN-2005-2705 CAN-2005-2706 CAN-2005-2707 Content of This Advisory: 1) Security Vulnerability Resolved: various security problems in Mozilla based browsers Problem Description 2) Solution or Work-Around 3) Special Instructions and Notes 4) Package Location and Checksums 5) Pending Vulnerabilities, Solutions, and Work-Arounds: See SUSE Security Summary Report 6) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Problem Description and Brief Discussion The web browsers Mozilla and Mozilla Firefox have been updated to contain fixes for the vulnerabilities fixed in: - Mozilla browser suite version 1.7.12 - Mozilla Firefox version 1.0.7 The security problems with their corresponding Mitre CVE ID are: - CAN-2005-2701: Heap overrun in XBM image processing - CAN-2005-2702: Crash on "zero-width non-joiner" sequence - CAN-2005-2703: XMLHttpRequest header spoofing - CAN-2005-2704: Object spoofing using XBL <implements> - CAN-2005-2705: Javascript integer overflow - CAN-2005-2706: Privilege escalation using about: scheme - CAN-2005-2707: Chrome window spoofing 2) Solution or Work-Around There is no known workaround, please install the update packages. 3) Special Instructions and Notes Please close and restart all running instances of mozilla or Firefox after the update. 4) Package Location and Checksums The preferred method for installing security updates is to use the YaST Online Update (YOU) tool. YOU detects which updates are required and automatically performs the necessary steps to verify and install them. Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command rpm -Fhv <file.rpm> to apply the update, replacing <file.rpm> with the filename of the downloaded RPM package. x86 Platform: SUSE LINUX 10.0 OSS: ftp://ftp.suse.com/pub/suse/i386/update/10.0-OSS/rpm/i586/MozillaFirefox-1.… b070f22c50716e9793c6286e75d7f1d3 ftp://ftp.suse.com/pub/suse/i386/update/10.0-OSS/rpm/i586/MozillaFirefox-tr… b7e3dbc40ec322b6b4baff3db1ab8f33 ftp://ftp.suse.com/pub/suse/i386/update/10.0-OSS/rpm/i586/mozilla-1.7.11-9.… 3d363104fbaccb6ed24bcbfdaf8d3e0b ftp://ftp.suse.com/pub/suse/i386/update/10.0-OSS/rpm/i586/mozilla-calendar-… dfeb241e004969274396918859ce9c29 ftp://ftp.suse.com/pub/suse/i386/update/10.0-OSS/rpm/i586/mozilla-devel-1.7… 9ccff14aedb21ded7a274de9452c68fb ftp://ftp.suse.com/pub/suse/i386/update/10.0-OSS/rpm/i586/mozilla-dom-inspe… c7fc87a1c63e9be69b5d32eea19d0779 ftp://ftp.suse.com/pub/suse/i386/update/10.0-OSS/rpm/i586/mozilla-irc-1.7.1… cb8a2af71a14a9158c57717649766a74 ftp://ftp.suse.com/pub/suse/i386/update/10.0-OSS/rpm/i586/mozilla-mail-1.7.… 494909fceea44bd110e08482ae151a78 ftp://ftp.suse.com/pub/suse/i386/update/10.0-OSS/rpm/i586/mozilla-spellchec… 41d9c223405d9d94dfcc5b6fb98dc066 ftp://ftp.suse.com/pub/suse/i386/update/10.0-OSS/rpm/i586/mozilla-venkman-1… 292cc9a346d743de3144b71b1b61feb7 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/MozillaFirefox-1.0.7-… b070f22c50716e9793c6286e75d7f1d3 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/MozillaFirefox-transl… b7e3dbc40ec322b6b4baff3db1ab8f33 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/mozilla-1.7.11-9.2.i5… 3d363104fbaccb6ed24bcbfdaf8d3e0b ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/mozilla-calendar-1.7.… dfeb241e004969274396918859ce9c29 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/mozilla-devel-1.7.11-… 9ccff14aedb21ded7a274de9452c68fb ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/mozilla-dom-inspector… c7fc87a1c63e9be69b5d32eea19d0779 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/mozilla-irc-1.7.11-9.… cb8a2af71a14a9158c57717649766a74 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/mozilla-mail-1.7.11-9… 494909fceea44bd110e08482ae151a78 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/mozilla-spellchecker-… 41d9c223405d9d94dfcc5b6fb98dc066 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/mozilla-venkman-1.7.1… 292cc9a346d743de3144b71b1b61feb7 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/MozillaFirefox-1.0.7-0… e98cdd73507000f7fa68c48821f37f04 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/MozillaFirefox-transla… e7faca0efbe75c279ffa99cd1f076f37 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/mozilla-1.7.5-17.7.i58… 06712cf8c34b60c89e88d92b7ead910d ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/mozilla-calendar-1.7.5… 059b7754c74ae3c84affe8df06a47794 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/mozilla-devel-1.7.5-17… a45be8b0f1276601f8dcf05485ea78e2 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/mozilla-dom-inspector-… 0dc9f868e9ca4e232fa3da840d501c4f ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/mozilla-irc-1.7.5-17.7… 979c5dc463d2f1a56e1d9127ccc5710b ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/mozilla-mail-1.7.5-17.… 7f6abe44aa06eeac8a25475c2b751f57 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/mozilla-spellchecker-1… f9952790bb4be571626b25d08fd1e342 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/mozilla-venkman-1.7.5-… cf5a35adb33f12a0395b847566a4a6f9 SUSE LINUX 9.2: ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/MozillaFirefox-1.0.7-0… 58e9886032fe946144548daf1b4e47b8 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/MozillaFirefox-transla… eea987167c75d56ace45d361cb4cc924 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/epiphany-1.2.10-0.4.i5… 5b79318a93799582dc072ccf20ad30e0 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/epiphany-doc-1.2.10-0.… d30905577f54fa8b62f15ddc258f74a7 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/epiphany-extensions-0.… c2f24bd8207dd6f66d393d96e3df38c4 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/epiphany-extensions-de… 670ac56681d0e07805df24ea6ab250b1 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/galeon-1.3.19-6.2.i586… 3716981c5488f9f91ae0591a6d078301 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/mozilla-1.7.2-17.14.i5… cf222da855dba56dad4183944c999c63 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/mozilla-calendar-1.7.2… d4fbc3fd3516101ad4bc1a0c7f54b004 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/mozilla-devel-1.7.2-17… 101f9906054da65fa796c84d8c61e257 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/mozilla-dom-inspector-… 4a96a0f7b9f804b4a50f719702e7fcd6 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/mozilla-irc-1.7.2-17.1… 0a9b0eff1927fb41097d04c92f31ec91 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/mozilla-mail-1.7.2-17.… 7d43bc0f6efdba8ec8d2bee4708cac9d ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/mozilla-spellchecker-1… cdcdb5714caac35a0e1a54deb20a37aa ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/mozilla-venkman-1.7.2-… a871f995700d1a3ddf9511c10fd1caac SUSE LINUX 9.1: ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/MozillaFirefox-1.0.7-0… 37080fb2690efd9be2c43e8256a682dc ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/MozillaFirefox-transla… dba6e7624528c385d92f9060326763ea ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/mozilla-1.7.8-5.13.i58… 79f25c5c016aa6ba5b5e03edaa5250b0 ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/mozilla-calendar-1.7.8… e1a17720cb3e02365dfff9e827cbbc07 ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/mozilla-cs-1.7.5-4.5.i… f39e3c1a52914234ecad41921f873107 ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/mozilla-deat-1.7.6-0.5… 56204c9d290201e272e4ec4e9facfacb ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/mozilla-devel-1.7.8-5.… d596bfa47dfdbab3b0875cb04c296572 ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/mozilla-dom-inspector-… c1d2f354fa2a213ab5fce5a59db8b561 ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/mozilla-hu-1.78-0.6.i5… f7870dc318dab84dc53c446460524eff ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/mozilla-irc-1.7.8-5.13… 7ebe1eeba553ece769f914f7c09f2ba0 ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/mozilla-ja-1.7.7-0.6.i… d53222a37715570d1db4b1baeb6f36ba ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/mozilla-ko-1.75-0.6.i5… b9a321e8fd0f67e677be6efc125359b2 ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/mozilla-mail-1.7.8-5.1… 8fcddcef60122566c180938c6bcd0b99 ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/mozilla-spellchecker-1… 4bb1efcd97b8066dd4913c9223d18dc8 ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/mozilla-venkman-1.7.8-… 51421590af63afa139ac0622a1baf684 SuSE Linux 9.0: ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/MozillaFirebird-1.0.7-… 4e53eabcd32f3abad4c3b1b5e407f318 ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/mozilla-1.7.8-22.i586.… 5371abafdf197f561b42cbb62a3955cd ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/mozilla-calendar-1.7.8… 05af99fbab21e29a4dc20b5b3aa48350 ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/mozilla-cs-1.7.5-8.i58… c99f2fb5bc86968de3e16f420923984c ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/mozilla-deat-1.7.6-5.i… ee755cccefdb8f16ddff4f636a26fe11 ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/mozilla-devel-1.7.8-22… 2029374bce342b76df4217dc3529b71d ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/mozilla-dom-inspector-… 95db2c6e045a546811d35808c76431f1 ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/mozilla-hu-1.78-6.i586… 5b641188c547f742399c1fa1d3a1ba3c ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/mozilla-irc-1.7.8-22.i… 19935f7e9f70ad9825f110cc8b7a8f36 ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/mozilla-mail-1.7.8-22.… 57e5689880bacdedc82874f66f51704a ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/mozilla-spellchecker-1… 1f64833df09e7c5f17fa384ae392f943 ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/mozilla-venkman-1.7.8-… 20b1ecc87577dedaa7db1633e8e58bc5 Power PC Platform: SUSE LINUX 10.0 OSS: ftp://ftp.suse.com/pub/suse/i386/update/10.0-OSS/rpm/ppc/mozilla-1.7.11-9.2… 430e1c4f054bcb88b715b5ca34ba9725 ftp://ftp.suse.com/pub/suse/i386/update/10.0-OSS/rpm/ppc/mozilla-calendar-1… 95c070ad06d421ff645ed898fe4066c2 ftp://ftp.suse.com/pub/suse/i386/update/10.0-OSS/rpm/ppc/mozilla-devel-1.7.… a57b62e27f94ae3156adfea528b55bc4 ftp://ftp.suse.com/pub/suse/i386/update/10.0-OSS/rpm/ppc/mozilla-dom-inspec… fd030f1a7c191ea06c3c63300a52dd2c ftp://ftp.suse.com/pub/suse/i386/update/10.0-OSS/rpm/ppc/mozilla-irc-1.7.11… 7394df9566dc9b52cdacdc6ae91cbaf4 ftp://ftp.suse.com/pub/suse/i386/update/10.0-OSS/rpm/ppc/mozilla-mail-1.7.1… 0515073dafedc53d0ec5d5c3b0cfa144 ftp://ftp.suse.com/pub/suse/i386/update/10.0-OSS/rpm/ppc/mozilla-spellcheck… 55d8e9f1d9110e965b5c6c7b84ca8c15 ftp://ftp.suse.com/pub/suse/i386/update/10.0-OSS/rpm/ppc/mozilla-venkman-1.… 493263b3ec34285c9bac277b99b762fc x86-64 Platform: SUSE LINUX 10.0 OSS: ftp://ftp.suse.com/pub/suse/i386/update/10.0-OSS/rpm/x86_64/mozilla-1.7.11-… f4069ccda839c1146e478e8927b42ae0 ftp://ftp.suse.com/pub/suse/i386/update/10.0-OSS/rpm/x86_64/mozilla-calenda… e059af96039f550a0eb1dbdcaa51d691 ftp://ftp.suse.com/pub/suse/i386/update/10.0-OSS/rpm/x86_64/mozilla-devel-1… eba511d40cc67672c9d4461b551543a1 ftp://ftp.suse.com/pub/suse/i386/update/10.0-OSS/rpm/x86_64/mozilla-dom-ins… 1afaabbf461d0d7d439861efd638bf82 ftp://ftp.suse.com/pub/suse/i386/update/10.0-OSS/rpm/x86_64/mozilla-irc-1.7… 13a5d28dffe9fb8f4eaee758a03d54c5 ftp://ftp.suse.com/pub/suse/i386/update/10.0-OSS/rpm/x86_64/mozilla-mail-1.… 01a2b53726e958516315bf2e11390fff ftp://ftp.suse.com/pub/suse/i386/update/10.0-OSS/rpm/x86_64/mozilla-spellch… 5b5cdd12fc9002ca41cf3efcca1025f0 ftp://ftp.suse.com/pub/suse/i386/update/10.0-OSS/rpm/x86_64/mozilla-venkman… 02740535ecb1adc8534e4ebd2d28ced1 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/mozilla-1.7.11-9.2.… f4069ccda839c1146e478e8927b42ae0 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/mozilla-calendar-1.… e059af96039f550a0eb1dbdcaa51d691 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/mozilla-devel-1.7.1… eba511d40cc67672c9d4461b551543a1 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/mozilla-dom-inspect… 1afaabbf461d0d7d439861efd638bf82 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/mozilla-irc-1.7.11-… 13a5d28dffe9fb8f4eaee758a03d54c5 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/mozilla-mail-1.7.11… 01a2b53726e958516315bf2e11390fff ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/mozilla-spellchecke… 5b5cdd12fc9002ca41cf3efcca1025f0 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/mozilla-venkman-1.7… 02740535ecb1adc8534e4ebd2d28ced1 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/mozilla-1.7.5-17.7.x… ad132a0176b38d35aa5a59f5dddd48e9 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/mozilla-32bit-9.3-7.… 3ca7760002db72b56644085727877b40 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/mozilla-calendar-1.7… 87efa7a30315bcc8bdd2f580141f4ebe ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/mozilla-devel-1.7.5-… 91e920dc2e883d38c0fe362cfeaaedb3 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/mozilla-dom-inspecto… ac3b0bbf03ded04a2b7e7991a724d59a ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/mozilla-irc-1.7.5-17… 86afd380a362338baeb96ba1e1673071 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/mozilla-mail-1.7.5-1… 3548f885148faf1d6d8f31a2149693c9 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/mozilla-spellchecker… ea4339aa06d16ef076193368be577788 ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/mozilla-venkman-1.7.… d1f485c3cea08964be5cfc935d6476db SUSE LINUX 9.2: ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/MozillaFirefox-1.0.7… 5cffdac01a15a951168244554255c832 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/MozillaFirefox-trans… c49627cf05e2a069e3d540edc434da1f ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/epiphany-1.2.10-0.4.… 719c1d18b869185e45f349898ffaa4b0 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/epiphany-doc-1.2.10-… 597c527c061a6758b87bd392cc7e85fd ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/epiphany-extensions-… 99d2fad0d66ca029ae13606e0b38a678 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/epiphany-extensions-… 02e692e00a2401301e9dc8ea3eff25b1 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/galeon-1.3.19-6.2.x8… 7eb3ca48f665999523d3fe2ffa69fb99 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/mozilla-1.7.2-17.14.… 28e756cebc948024d3d7eb19090fb8b8 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/mozilla-calendar-1.7… 68388f461bf620f6b8050f706cfd87a4 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/mozilla-devel-1.7.2-… e2a710fc8344c9e96bd0dc11bccb5de2 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/mozilla-dom-inspecto… d10426280e0a7daafcad9c52f8cc90a6 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/mozilla-irc-1.7.2-17… 24d8f99ca3b83f2f647e2e3a69814fbc ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/mozilla-mail-1.7.2-1… 73ee0e42d82b38e3a1420e72366782b0 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/mozilla-spellchecker… 1dd0a5bc9598750c6417afdf9eb89a2b ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/mozilla-venkman-1.7.… 92fbc53b7e94cb6b736b134a201da6f0 SUSE LINUX 9.1: ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/MozillaFirefox-1.0… 00c2104c2a6cfced9254fd529e2a3eb0 ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/MozillaFirefox-tra… d9c05812c47c81d65664feb010af7891 ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/mozilla-1.7.8-5.13… b630d42f44fa70f5c41216fc42beaa06 ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/mozilla-calendar-1… 9de2513892aed768d01ba77853400bf5 ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/mozilla-cs-1.7.5-4… 8298d98b7fd64707227b97ccf8e2ccf8 ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/mozilla-deat-1.7.6… 5b7c071a12a0867107dcdb4b26ea3965 ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/mozilla-devel-1.7.… 2c2c42b0f518a5e139338f0083073add ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/mozilla-dom-inspec… 43924915be1555fa119bf8a0fb50ac39 ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/mozilla-hu-1.78-0.… 182349498b15b1c8cd1bfa6b7087a2a6 ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/mozilla-irc-1.7.8-… af2a1dcacbda6ef35c456c4cf5be4729 ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/mozilla-ja-1.7.7-0… cd694a201d6e9416be5634ff2b4ed08a ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/mozilla-ko-1.75-0.… e542067f8c9565e0e5ea018ae69a6eb5 ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/mozilla-mail-1.7.8… 78606b9b9a607dde560e7bc58047363c ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/mozilla-spellcheck… e669c013cd3a564909464d466cf004de ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/mozilla-venkman-1.… 0ac108535f987e0d37fab840f24e820d SuSE Linux 9.0: ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/MozillaFirebird-1.… ee62a8fa3053951b7069a7523bac87bc ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/mozilla-1.7.8-22.x… 59be47c90cc3a5134d6856df4a3453ad ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/mozilla-calendar-1… 99b376ba53d6bce9e006cfb6b471843a ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/mozilla-cs-1.7.5-8… c85120938f7111382804d9ffeb7d80f2 ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/mozilla-deat-1.7.6… 952a6ba1d1c52fb715606570eeb4d69e ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/mozilla-devel-1.7.… b643663a2fd73baa85b1cb2a0388fb9f ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/mozilla-dom-inspec… a6d1b59b10bd06d0359a507401c2735b ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/mozilla-hu-1.78-6.… 82d3508a125302620ba6762eeb0c76a4 ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/mozilla-irc-1.7.8-… cb45dc7828a793cf841b4a26829a0b0a ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/mozilla-mail-1.7.8… b3c39f74bd1b3a6c3d28a9f47e590c8a ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/mozilla-spellcheck… 5c8c42792d29095560b734109f37c01f ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/mozilla-venkman-1.… 27eca70e1e49b9bcbea2c00fbdc6ca98 Sources: SUSE LINUX 10.0 OSS: ftp://ftp.suse.com/pub/suse/i386/update/10.0-OSS/rpm/src/MozillaFirefox-1.0… d09caffc894595153a79d1b97f016954 ftp://ftp.suse.com/pub/suse/i386/update/10.0-OSS/rpm/src/mozilla-1.7.11-9.2… d83a9eacb5faa1c095ab8158146f077b SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/MozillaFirefox-1.0.7-0… d09caffc894595153a79d1b97f016954 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/mozilla-1.7.11-9.2.src… 0be969f1998e2619aa06af9403fb1f71 SUSE LINUX 9.3: ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/MozillaFirefox-1.0.7-0.… 593d44805da6927c4f6d0f8baba9a39e ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/mozilla-1.7.5-17.7.src.… 9e3cb1bcc89d282ba1867778eb59cf41 SUSE LINUX 9.2: ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/MozillaFirefox-1.0.7-0.… 5d29e5a760c0c7c47294a64604a06cf0 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/epiphany-1.2.10-0.4.src… 345a1cd4936264eb420624bee8e117ec ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/epiphany-extensions-0.8… 51eb4a5a6dbc77afea461563493f590b ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/galeon-1.3.19-6.2.src.r… 886a6b86ffec1f3a513f49ef95321340 ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/mozilla-1.7.2-17.14.src… 1bb1d4a94210c6dc7371fe09a8dfba98 SUSE LINUX 9.1: ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/MozillaFirefox-1.0.7-0.… 1f9d95f57d6a80a36dce9d8f84c3963a ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/mozilla-1.7.8-5.13.src.… 80533e066eaed0a657bf5cb8e25234ab ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/mozilla-cs-1.7.5-4.5.sr… 47220d851a53e7a63fbf12dea62b1cc6 ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/mozilla-deat-1.7.6-0.5.… 07c014a5492f61a68320863281db4c96 ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/mozilla-hu-1.78-0.6.src… bdbc740b3c37c17103aa56d219351e4c ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/mozilla-ja-1.7.7-0.6.sr… 14aecf150956f4635f021b64f554f78d ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/mozilla-ko-1.75-0.6.src… 7a1ea397402d592477e5310a3250e549 ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/MozillaFirefox-1.0.7-… b77f775d1e92864fbe8023a24b1720e0 ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/mozilla-1.7.8-5.13.sr… 30b43409cd492ae0656d752732b95d86 ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/mozilla-cs-1.7.5-4.5.… 3c1170db7e139b7f6ea4e15784c8ff38 ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/mozilla-deat-1.7.6-0.… bbc9ac1ef35c3d86103fa6fc6d7f8537 ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/mozilla-hu-1.78-0.6.s… e43906af2dee9bf63a9e1089b8a3f368 ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/mozilla-ja-1.7.7-0.6.… 2a82cf5cbb535a285ce0ba81b9201c8c ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/mozilla-ko-1.75-0.6.s… 45d09732344464d46c0dc702c7c543f0 SuSE Linux 9.0: ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/MozillaFirebird-1.0.7-2… 580b76681deef6804eab49cf69a173f3 ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/mozilla-1.7.8-22.src.rpm 34de2c3f3f025eebf20eaef3a67cd163 ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/mozilla-cs-1.7.5-8.src.… 0722c1ed3f1876b5aaeb9beb461ff94d ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/mozilla-deat-1.7.6-5.sr… d692de86ba4705d68b4601fe98ef9a34 ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/mozilla-hu-1.78-6.src.r… 67ee232260f2e968666ead52e61b0733 ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/MozillaFirebird-1.0.7… c2990ece2e6034aa2d3018f5bd715f0c ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/mozilla-1.7.8-22.src.… c94b039006cc2fa88d427892c02817bd ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/mozilla-cs-1.7.5-8.sr… b3de942cf3bca2fd421a9eea038b59f9 ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/mozilla-deat-1.7.6-5.… 23abbabf17c82104fc795dcaac639352 ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/mozilla-hu-1.78-6.src… 27827ab4dc20eba79ed514a0f6a40f92 Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web: http://support.novell.com/cgi-bin/search/searchtid.cgi?psdb/4f19e198bd78960… http://portal.suse.com/psdb/4f19e198bd78960e9bfc40d41f8aafae.html http://support.novell.com/cgi-bin/search/searchtid.cgi?psdb/5a2d044b1e43fb7… http://portal.suse.com/psdb/5a2d044b1e43fb74c91034c754c71c07.html http://support.novell.com/cgi-bin/search/searchtid.cgi?psdb/b310b00e5cb76ad… http://portal.suse.com/psdb/b310b00e5cb76adf21b02190e55fb6a2.html http://support.novell.com/cgi-bin/search/searchtid.cgi?psdb/8de3ea0ba7cd0da… http://portal.suse.com/psdb/8de3ea0ba7cd0da892d902baee1e6d60.html ______________________________________________________________________________ 5) Pending Vulnerabilities, Solutions, and Work-Arounds: See SUSE Security Summary Report. ______________________________________________________________________________ 6) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify <file> replacing <file> with the name of the file where you saved the announcement. The output for a valid signature looks like: gpg: Signature made <DATE> using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team <security(a)suse.de>" where <DATE> is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with. There are two verification methods that can be used independently from each other to prove the authenticity of a downloaded file or RPM package: 1) Using the internal gpg signatures of the rpm package 2) MD5 checksums as provided in this announcement 1) The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig <file.rpm> to verify the signature of the package, replacing <file.rpm> with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build(a)suse.de with the key ID 9C800ACA. This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement. 2) If you need an alternative means of verification, use the md5sum command to verify the authenticity of the packages. Execute the command md5sum <filename.rpm> after you downloaded the file from a SUSE FTP server or its mirrors. Then compare the resulting md5sum with the one that is listed in the SUSE security announcement. Because the announcement containing the checksums is cryptographically signed (by security(a)suse.de) the checksums show proof of the authenticity of the package if the signature of the announcement is valid. Note that the md5 sums published in the SUSE Security Announcements are valid for the respective packages only. Newer versions of these packages cannot be verified. - SUSE runs two security mailing lists to which any interested party may subscribe: suse-security(a)suse.com - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to <suse-security-subscribe(a)suse.com>. suse-security-announce(a)suse.com - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to <suse-security-announce-subscribe(a)suse.com>. For general information or the frequently asked questions (FAQ), send mail to <suse-security-info(a)suse.com> or <suse-security-faq(a)suse.com>. ===================================================================== SUSE's security contact is <security(a)suse.com> or <security(a)suse.de>. The <security(a)suse.de> public key is listed below. ===================================================================== ______________________________________________________________________________ The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text. SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security(a)suse.de> pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build(a)suse.de> - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org mQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCkYS3yEKeueNWc+z/0Kvff 4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP+Y0PFPboMvKx0FXl/A0d M+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR8xocQSVCFxcwvwCglVcO QliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U8c/yE/vdvpN6lF0tmFrK XBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0ScZqITuZC4CWxJa9GynBE D3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEhELBeGaPdNCcmfZ66rKUd G5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtBUVKn4zLUOf6aeBAoV6NM CC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOoAqajLfvkURHAeSsxXIoE myW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1nKFvF+rQoU3VTRSBQYWNr YWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohcBBMRAgAcBQI57vSBBQkD wmcABAsKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyl8sAJ98BgD40zw0GHJHIf6d NfnwI2PAsgCgjH1+PnYEl7TFjtZsqhezX7vZvYCIRgQQEQIABgUCOnBeUgAKCRCe QOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lxyoAejACeOO1HIbActAevk5MUBhNe LZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWnB/9An5vfiUUE1VQnt+T/EYklES3t XXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDVwM2OgSEISZxbzdXGnqIlcT08TzBU D9i579uifklLsnr35SJDZ6ram51/CWOnnaVhUzneOA9gTPSr+/fT3WeVnwJiQCQ3 0kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF5Yryk23pQUPAgJENDEqeU6iIO9Ot 1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3D3EN8C1yPqZd5CvvznYvB6bWBIpW cRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGuzgpJt9IXSzyohEJB6XG5+D0BiF0E ExECAB0FAjxqqTQFCQoAgrMFCwcKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyp1f AJ9dR7saz2KPNwD3U+fy/0BDKXrYGACfbJ8fQcJqCBQxeHvt9yMPDVq0B0W5Ag0E Oe70khAIAISR0E3ozF/la+oNaRwxHLrCet30NgnxRROYhPaJB/Tu1FQokn2/Qld/ HZnh3TwhBIw1FqrhWBJ7491iAjLR9uPbdWJrn+A7t8kSkPaF3Z/6kyc5a8fas44h t5h+6HMBzoFCMAq2aBHQRFRNp9Mz1ZvoXXcI1lk1l8OqcUM/ovXbDfPcXsUVeTPT tGzcAi2jVl9hl3iwJKkyv/RLmcusdsi8YunbvWGFAF5GaagYQo7YlF6UaBQnYJTM 523AMgpPQtsKm9o/w9WdgXkgWhgkhZEeqUS3m5xNey1nLu9iMvq9M/iXnGz4sg6Q 2Y+GqZ+yAvNWjRRou3zSE7Bzg28MI4sAAwYH/2D71Xc5HPDgu87WnBFgmp8MpSr8 QnSs0wwPg3xEullGEocolSb2c0ctuSyeVnCttJMzkukL9TqyF4s/6XRstWirSWaw JxRLKH6Zjo/FaKsshYKf8gBkAaddvpl3pO0gmUYbqmpQ3xDEYlhCeieXS5MkockQ 1sj2xYdB1xO0ExzfiCiscUKjUFy+mdzUsUutafuZ+gbHog1CN/ccZCkxcBa5IFCH ORrNjq9pYWlrxsEn6ApsG7JJbM2besW1PkdEoxak74z1senh36m5jQvVjA3U4xq1 wwylxadmmJaJHzeiLfb7G1ZRjZTsB7fyYxqDzMVul6o9BSwO/1XsIAnV1uuITAQY EQIADAUCOe70kgUJA8JnAAAKCRCoTtronIAKyksiAJsFB3/77SkH3JlYOGrEe1Ol 0JdGwACeKTttgeVPFB+iGJdiwQlxasOfuXyITAQYEQIADAUCPGqpWQUJCgCCxwAK CRCoTtronIAKyofBAKCSZM2UFyta/fe9WgITK9I5hbxxtQCfX+0ar2CZmSknn3co SPihn1+OBNyZAQ0DNuEtBAAAAQgAoCRcd7SVZEFcumffyEwfLTcXQjhKzOahzxpo omuF+HIyU4AGq+SU8sTZ/1SsjhdzzrSAfv1lETACA+3SmLr5KV40Us1w0UC64cwt A46xowVq1vMlH2Lib+V/qr3b1hE67nMHjysECVx9Ob4gFuKNoR2eqnAaJvjnAT8J /LoUC20EdCHUqn6v+M9t/WZgC+WNR8cq69uDy3YQhDP/nIan6fm2uf2kSV9A7ZxE GrwsWl/WX5Q/sQqMWaU6r4az98X3z90/cN+eJJ3vwtA+rm+nxEvyev+jaLuOQBDf ebh/XA4FZ35xmi+spdiVeJH4F/ubaGlmj7+wDOF3suYAPSXT2QAFEbQlU3VTRSBT ZWN1cml0eSBUZWFtIDxzZWN1cml0eUBzdXNlLmRlPokBFQMFEDbhLUfkWLKHsco8 RQEBVw4H/1vIdiOLX/7hdzYaG9crQVIk3QwaB5eBbjvLEMvuCZHiY2COUg5QdmPQ 8SlWNZ6k4nu1BLcv2g/pymPUWP9fG4tuSnlUJDrWGm3nhyhAC9iudP2u1YQY37Gb B6NPVaZiYMnEb4QYFcqv5c/r2ghSXUTYk7etd6SW6WCOpEqizhx1cqDKNZnsI/1X 11pFcO2N7rc6byDBJ1T+cK+F1Ehan9XBt/shryJmv04nli5CXQMEbiqYYMOu8iaA 8AWRgXPCWqhyGhcVD3LRhUJXjUOdH4ZiHCXaoF3zVPxpeGKEQY8iBrDeDyB3wHmj qY9WCX6cmogGQRgYG6yJqDalLqrDOdmJARUDBRA24S0Ed7LmAD0l09kBAW04B/4p WH3f1vQn3i6/+SmDjGzUu2GWGq6Fsdwo2hVM2ym6CILeow/K9JfhdwGvY8LRxWRL hn09j2IJ9P7H1Yz3qDf10AX6V7YILHtchKT1dcngCkTLmDgC4rs1iAAl3f089sRG BafGPGKv2DQjHfR1LfRtbf0P7c09Tkej1MP8HtQMW9hPkBYeXcwbCjdrVGFOzqx+ AvvJDdT6a+oyRMTFlvmZ83UV5pgoyimgjhWnM1V4bFBYjPrtWMkdXJSUXbR6Q7Pi RZWCzGRzwbaxqpl3rK/YTCphOLwEMB27B4/fcqtBzgoMOiaZA0M5fFoo54KgRIh0 zinsSx2OrWgvSiLEXXYKiEYEEBECAAYFAjseYcMACgkQnkDjEAAKq6ROVACgjhDM /3KM+iFjs5QXsnd4oFPOnbkAnjYGa1J3em+bmV2aiCdYXdOuGn4ZiQCVAwUQN7c7 whaQN/7O/JIVAQEB+QP/cYblSAmPXxSFiaHWB+MiUNw8B6ozBLK0QcMQ2YcL6+Vl D+nSZP20+Ja2nfiKjnibCv5ss83yXoHkYk2Rsa8foz6Y7tHwuPiccvqnIC/c9Cvz dbIsdxpfsi0qWPfvX/jLMpXqqnPjdIZErgxpwujas1n9016PuXA8K3MJwVjCqSKI RgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA1iSYcbhtgvx9ByLPI DgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE= =LRKC - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) iQEVAwUBQzz/5Xey5gA9JdPZAQIODgf+ON5YV7r+Jv06IHHxJ737lfp4tv6nTu9y wmUkcS52amcUH9gDVvgu8rLaD5YvtDi4mmZWUNtKqpw2kY9d1z/446piTCityu8c 8m2t9T/OWDPPxV5MB7XV86wRI6LEJlHJ239278RTR0tbWa4U1L8mHzwurNHWwGBw jxLdYUuq6ci/oBqqoK2xpsjgMRHRjWSayXGkMzntLkfVe86OGOiwjsJ7dpC0cVe/ hVV+NqpgMYh6KTkY0UG1KHe3ImpvaYLJaY1M/JJWALpFRcJYgs6AMaW5MkI9IQaE SKc2j10xpZKAtxBcJfysBzHXET4cI4M6/fe/Zy0rLFCMaW++BOwbRA== =deqq -----END PGP SIGNATURE-----

1 0