openSUSE Security Announce
Threads by month
- ----- 2024 -----
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2000 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1999 -----
- December
- November
- October
- September
- August
- 2 participants
- 9825 discussions
-----BEGIN PGP SIGNED MESSAGE-----
______________________________________________________________________________
SuSE Security Announcement
Package: sudo
Announcement-ID: SuSE-SA:2001:13
Date: Wednesday, April 18th, 2001 12.26 MEST
Affected SuSE versions: 6.1, 6.2, 6.3, 6.4, 7.0, 7.1
Vulnerability Type: possible local root compromise
Severity (1-10): 6
SuSE default package: no
Other affected systems: all systems using sudo
Content of this advisory:
1) security vulnerability resolved: sudo
problem description, discussion, solution and upgrade information
2) pending vulnerabilities, solutions, workarounds
3) standard appendix (further information)
______________________________________________________________________________
1) problem description, brief discussion, solution, upgrade information
The setuid application sudo(8) allows a user to execute commands under
the privileges of another user (including root).
sudo(8) previous to version 1.6.3p6 is vulnerable by a buffer overflow
in it's logging code, which could lead to local root compromise.
There is no exploit known to be public.
A useful workaround isn't possible, the only fix is to install the new
sudo packages.
Download the update package from locations described below and install
the package with the command `rpm -Uhv file.rpm'. The md5sum for each
file is in the line below. You can verify the integrity of the rpm
files using the command
`rpm --checksig --nogpg file.rpm',
independently from the md5 signatures below.
<p><p> i386 Intel Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/i386/update/7.1/ap1/sudo-1.6.3p6-3.i386.rpm
b0d658c98effd4e11bed6d8c1f5f80f9
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.1/zq1/sudo-1.6.3p6-3.src.rpm
a4b44f0998a165b3a69c598075420b7f
SuSE-7.0
ftp://ftp.suse.com/pub/suse/i386/update/7.0/ap1/sudo-1.6.3p6-21.i386.rpm
a002d657c7faf24b9fb5b430061e6c19
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.0/zq1/sudo-1.6.3p6-21.src.rpm
d9ebc68015886fb642a1795e21bde788
SuSE-6.4
ftp://ftp.suse.com/pub/suse/i386/update/6.4/ap1/sudo-1.5.9p1-79.i386.rpm
8a25b40ba081be885b214410b3c662ce
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.4/zq1/sudo-1.5.9p1-79.src.rpm
9a13efa0d76a4fe3cbda7dcd2e2befe0
SuSE-6.3
ftp://ftp.suse.com/pub/suse/i386/update/6.3/ap1/sudo-1.5.9p1-80.i386.rpm
a6e359c6449d764199bce3b7bc2867d8
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.3/zq1/sudo-1.5.9p1-80.src.rpm
b89db78d5b8d04b10ac6e17c29cec1c4
SuSE-6.2
ftp://ftp.suse.com/pub/suse/i386/update/6.2/ap1/sudo-1.5.9p1-79.i386.rpm
c3fbbff2219bf948f9b209eefafab4fe
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.2/zq1/sudo-1.5.9p1-79.src.rpm
85ae3e3b9ef159201bb661e8f83e82d3
SuSE-6.1
Packets for 6.1 won't be available, sorry.
Try to install the 6.2-RPM, please.
<p> Sprac Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/sparc/update/7.1/ap1/sudo-1.6.3p6-8.sparc.rpm
5531c5be20082b084e940d4e66dffea0
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.1/zq1/sudo-1.6.3p6-8.src.rpm
98fb9920e8de32727deb5e4295ee70d4
SuSE-7.0
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/ap1/sudo-1.6.3p6-9.sparc.rpm
cdd87431019ace22d0a2b0d46b294856
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/zq1/sudo-1.6.3p6-9.src.rpm
846035dcf0e42d22aac5d0dc77d90a02
<p><p> AXP Alpha Platform:
SuSE-7.0
ftp://ftp.suse.com/pub/suse/axp/update/7.0/ap1/sudo-1.6.3p6-12.alpha.rpm
c0fea14a3c0e565892f150cf97d971ed
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/7.0/zq1/sudo-1.6.3p6-12.src.rpm
42651a443d7ca62415bc2d3ef3dc5bde
SuSE-6.4
ftp://ftp.suse.com/pub/suse/axp/update/6.4/ap1/sudo-1.5.9p1-79.alpha.rpm
9a177de02176df90d8006fc7e8adae0d
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.4/zq1/sudo-1.5.9p1-79.src.rpm
9f52a3df082ba513cbc0af5da6cccbe4
SuSE-6.3
ftp://ftp.suse.com/pub/suse/axp/update/6.3/ap1/sudo-1.5.9p1-79.alpha.rpm
5bbe1f211cb53758ad2840d192280269
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.3/zq1/sudo-1.5.9p1-79.src.rpm
4687f818ab5dbc50b1c0a3b907775f30
<p><p> PPC PowerPC Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/ap1/sudo-1.6.3p6-5.ppc.rpm
199a677423a84bc577a7a9199e5e22d4
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/zq1/sudo-1.6.3p6-5.src.rpm
49ed607375823b56d819e0610e3a8d31
SuSE-7.0
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/ap1/sudo-1.6.3p6-10.ppc.rpm
03ffbcf07ba9a4222c75b162c97f9292
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/zq1/sudo-1.6.3p6-10.src.rpm
a07d0b0283ca83e14c4d58ca9bcc933c
SuSE-6.4
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/ap1/sudo-1.5.9p1-80.ppc.rpm
b5c9dee89ee0101fa8ac5795c1e8e49c
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/zq1/sudo-1.5.9p1-80.src.rpm
bfc917660898fdf9f2de170895ca7b22
<p>______________________________________________________________________________
2) Pending vulnerabilities in SuSE Distributions and Workarounds:
- New RPMs for HylaFax, a Fax Server, are currently being build, which
fix a format bug in hfaxd, which could lead to local root privilege.
- NEdit a GUI-style text editor needs an update due to a tmp race
condition. The source code is currently being reviewed and new
RPMs will be available within the next days.
- Updated man RPMs will be available in a few days.
- In the past weeks, some security related bugs in the Linux kernel 2.2
and 2.4 were found. An announcement, that addresses this will be
released this week.
- Samba has serveral security problems, which could lead to local root
access. Samba 2.0.8 fixes these problems. New RPMs are currently being
build.
______________________________________________________________________________
3) standard appendix:
SuSE runs two security mailing lists to which any interested party may
subscribe:
suse-security(a)suse.com
- general/linux/SuSE security discussion.
All SuSE security announcements are sent to this list.
To subscribe, send an email to
<suse-security-subscribe(a)suse.com>.
suse-security-announce(a)suse.com
- SuSE's announce-only mailing list.
Only SuSE's security annoucements are sent to this list.
To subscribe, send an email to
<suse-security-announce-subscribe(a)suse.com>.
For general information or the frequently asked questions (faq)
send mail to:
<suse-security-info(a)suse.com> or
<suse-security-faq(a)suse.com> respectively.
===============================================
SuSE's security contact is <security(a)suse.com>.
===============================================
______________________________________________________________________________
The information in this advisory may be distributed or reproduced,
provided that the advisory is not modified in any way.
SuSE GmbH makes no warranties of any kind whatsoever with respect
to the information contained in this security advisory.
<p>-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
iQEVAwUBOt6upXey5gA9JdPZAQE56gf/ezpPVXpQRzpr8BLU1bVi476xG64cRdWs
XEtnrjPHo6AJH1WpPM6ousQrYnP0PJW2yasmIg0zEVjQiiI3TmjxDayKKh5SaMmY
zq4Gm98XAJotBN/pNszmjlWJ1kAfLllux2m1GC8d24adS87YPoRROgBLx3//RxRj
DRsrw6wIEKIBfJkY1TMaS8lCT7Vdl5QhVsVDxKpygEtwwiSy2u0YKyRrfaY45vg4
M63exyEauwwn/Kyg79vQSbqI/u7dB2l9pW1TuMAy9BYZkkCJGKvaVUC/bnmMmTCx
dYRl7yFX/C69bfNMb4BcSAmkPct/FN4Lvq8RF7nTy4eiKTjB+TOJvw==
=mDVO
-----END PGP SIGNATURE-----
Bye,
Thomas
--
Thomas Biege, SuSE GmbH, Schanzaeckerstr. 10, 90443 Nuernberg
E@mail: thomas(a)suse.de Function: Security Support & Auditing
"lynx -source http://www.suse.de/~thomas/thomas.pgp | pgp -fka"
Key fingerprint = 51 AD B9 C7 34 FC F2 54 01 4A 1C D4 66 64 09 84
1
0
-----BEGIN PGP SIGNED MESSAGE-----
______________________________________________________________________________
SuSE Security Announcement
Package: vim/gvim
Announcement-ID: SuSE-SA:2001:12
Date: Tuesday, April 10th, 2001 15.23 MEST
Affected SuSE versions: 6.1, 6.2, 6.3, 6.4, 7.0, 7.1
Vulnerability Type: local privilege escalation
Severity (1-10): 5
SuSE default package: yes
Other affected systems: all system using vim/gvim
Content of this advisory:
1) security vulnerability resolved: vim/gvim
problem description, discussion, solution and upgrade information
2) pending vulnerabilities, solutions, workarounds
3) standard appendix (further information)
______________________________________________________________________________
1) problem description, brief discussion, solution, upgrade information
The text editor vim, Vi IMproved, was found vulnerable to two security
bugs.
1.) a tmp race condition
2.) vim commands in regular files will be executed if the status line
of vim is enabled in vimrc
Both vulnerabilities could be used to gain unauthorized access to more
privileges.
<p> Download the update package from locations desribed below and install
the package with the command `rpm -Uhv file.rpm'. The md5sum for each
file is in the line below. You can verify the integrity of the rpm
files using the command
`rpm --checksig --nogpg file.rpm',
independently from the md5 signatures below.
<p><p> vim:
----
i386 Intel Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/i386/update/7.1/a1/vim-5.7-71.i386.rpm
db368baa134c23b3578c8022a66d2703
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.1/zq1/vim-5.7-71.src.rpm
00cf66142e477e24824410c8bf9e8702
SuSE-7.0
ftp://ftp.suse.com/pub/suse/i386/update/7.0/a1/vim-5.7-73.i386.rpm
3a35734d8737c4f1e97ca9a6c1f68073
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.0/zq1/vim-5.7-73.src.rpm
6275c8d938a7254e648ba33765613573
SuSE-6.4
ftp://ftp.suse.com/pub/suse/i386/update/6.4/a1/vim-5.7-72.i386.rpm
7db6e43273fcfccf0f019246ba43fd05
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.4/zq1/vim-5.7-72.src.rpm
f2d7177a61b1794068412ea687b9ecf6
SuSE-6.3
ftp://ftp.suse.com/pub/suse/i386/update/6.3/a1/vim-5.7-72.i386.rpm
c12a03ff18235ea3421b18c48d6448af
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.3/zq1/vim-5.7-72.src.rpm
b6e46176215691fc398fc6184e437a36
SuSE-6.2
ftp://ftp.suse.com/pub/suse/i386/update/6.2/a1/vim-5.7-71.i386.rpm
a9f2154d991f9eb848dff3ffa1dcf430
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.2/zq1/vim-5.7-71.src.rpm
8e554dbfe786562204039358df810984
SuSE-6.1
ftp://ftp.suse.com/pub/suse/i386/update/6.1/a1/vim-5.7-72.i386.rpm
fcef6ade53f01ffe4cd8a7b8c033e176
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.1/zq1/vim-5.7-72.src.rpm
e3d554b1354208ca6175c4757bab0373
<p><p> Sparc Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/sparc/update/7.1/a1/vim-5.7-54.sparc.rpm
6746fc4eafc91ba5fa6d6377f22efdbd
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.1/zq1/vim-5.7-54.src.rpm
de427c49af200e5fefa62a39959eaaaf
SuSE-7.0
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/a1/vim-5.7-54.sparc.rpm
7648859cc6a584ce1a2715cf7bc34bdc
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/zq1/vim-5.7-54.src.rpm
934385ba01d59fc7bdd1bbaeca0cf260
<p><p> AXP Alpha Platform:
SuSE-7.0
ftp://ftp.suse.com/pub/suse/axp/update/7.0/a1/vim-5.7-57.alpha.rpm
ebe9dfc83dd1294b83d6b3aaad92fca0
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/7.0/zq1/vim-5.7-57.src.rpm
038ab54d8a08f96b61118373f5e00948
SuSE-6.4
ftp://ftp.suse.com/pub/suse/axp/update/6.4/a1/vim-5.7-57.alpha.rpm
24d5f1365522d267650be44f80ab0b52
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.4/zq1/vim-5.7-57.src.rpm
0a7a5bbde8e645254f4a5bd6cd402943
SuSE-6.3
ftp://ftp.suse.com/pub/suse/axp/update/6.3/a1/vim-5.7-57.alpha.rpm
b496518ea1640852e17ddb1274759fc4
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.3/zq1/vim-5.7-57.src.rpm
1760adfac8e70bff334d74330acbefed
SuSE-6.1
ftp://ftp.suse.com/pub/suse/axp/update/6.1/a1/vim-5.7-57.alpha.rpm
dc633df2ac8fafa41c76d5c0216ed149
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.1/zq1/vim-5.7-57.src.rpm
610088cca725fec62a4e7d6f1b030af1
<p><p> PPC PowerPC Platform:
SuSE-7.0
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/a1/vim-5.7-20.ppc.rpm
0b9ecb77901b15a90bf25623701d834b
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/zq1/vim-5.7-20.src.rpm
3224f60fa80f27a9fb249a69c0ceaf01
SuSE-6.4
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/a1/vim-5.7-19.ppc.rpm
2044541d409bd756a166a75515214ffa
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/zq1/vim-5.7-19.src.rpm
cac70ab3c2dee163d490bd85126f70aa
<p><p><p> gvim:
-----
i386 Intel Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/i386/update/7.1/xap2/gvim-5.7-79.i386.rpm
066d163c43a6bb58f7a4a3770f179770
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.1/zq1/gvim-5.7-79.src.rpm
e6e92c8c4de39bd3a5899a55d6003d82
SuSE-7.0
ftp://ftp.suse.com/pub/suse/i386/update/7.0/xap1/gvim-5.7-79.i386.rpm
16973a740f4a1fc2f2a189f036a10fe9
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.0/zq1/gvim-5.7-79.src.rpm
fecbd910f57b351e992f7b7015e3149b
SuSE-6.4
ftp://ftp.suse.com/pub/suse/i386/update/6.4/xap1/gvim-5.7-78.i386.rpm
1700470566ac4fb2e5588771f07638ed
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.4/zq1/gvim-5.7-78.src.rpm
43a49e33acb8b9f017e6e5846ba636df
SuSE-6.3
ftp://ftp.suse.com/pub/suse/i386/update/6.3/xap1/gvim-5.7-78.i386.rpm
db2abf1a9414b36466eb3d1186df5a7e
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.3/zq1/gvim-5.7-78.src.rpm
0b0b50b4987d594ee48a146e939f7152
SuSE-6.2
ftp://ftp.suse.com/pub/suse/i386/update/6.2/xap1/gvim-5.7-77.i386.rpm
125171df7f45c80c10ea0fd52f944a6a
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.2/zq1/gvim-5.7-77.src.rpm
634e7b355274aed0af0fd7ac83218d78
SuSE-6.1
ftp://ftp.suse.com/pub/suse/i386/update/6.1/xap1/gvim-5.7-78.i386.rpm
1d18996bf9666269db7893ae340e5642
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.1/zq1/gvim-5.7-78.src.rpm
9279a59d6eb1942186e1233c6f0ebcf1
<p><p> Sparc Platform:
SuSE-7.0
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/xap1/gvim-5.7-59.sparc.rpm
d415a24027510882b68d4ddcf1970ab4
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/zq1/gvim-5.7-59.src.rpm
57bfa58f0f7c46354edc78f0fc694d43
<p><p> AXP Alpha Platform:
SuSE-6.4
ftp://ftp.suse.com/pub/suse/axp/update/6.4/xap1/gvim-5.7-57.alpha.rpm
4cd25502d4ac5067fc64cd917ebd9018
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.4/zq1/gvim-5.7-57.src.rpm
347a84634805a6efa1ebf76df2a8ddb5
SuSE-6.3
ftp://ftp.suse.com/pub/suse/axp/update/6.3/xap1/gvim-5.7-57.alpha.rpm
5808f168b8632c85518d61ecec33e3d1
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.3/zq1/gvim-5.7-57.src.rpm
9402b1f0440b71a6aa0c1a60748dd26d
SuSE-6.1
ftp://ftp.suse.com/pub/suse/axp/update/6.1/xap1/gvim-5.7-57.alpha.rpm
b74d1cb6f7200d0bcf6ddbe1310e28c7
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.1/zq1/gvim-5.7-57.src.rpm
599e9ed0a326a9b86a6584f0a24ae4ad
<p><p> PPC PowerPC Paltform:
SuSE-7.0
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/xap1/gvim-5.7-58.ppc.rpm
27e579ff062662425a3581da6d08bce9
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/zq1/gvim-5.7-58.src.rpm
42a9a5b423848bbe381251c15a095a65
SuSE-6.4
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/xap1/gvim-5.7-57.ppc.rpm
07b386f3dbaca5c9b3f8c440ba59c782
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/zq1/gvim-5.7-57.src.rpm
4ddef3c55da33c3b548dd055d3d9b75b
<p>______________________________________________________________________________
2) Pending vulnerabilities in SuSE Distributions and Workarounds:
- We are in the process of preparing update packages for the man package
which has been found vulnerable to a commandline format string bug.
The man command is installed suid man on SuSE systems. When exploited,
the bug can be used to install a different man binary to introduce a
trojan into the system. As an interim workaround, we recommend to
`chmod -s /usr/bin/manŽ and ignore the warnings and errors when
viewing manpages.
- A bufferoverflow in sudo was discovered and fixed RPMs will be
available as soon as possible. A exploit was not made public until
now.
- NEdit a GUI-style text editor needs an update due to a tmp race
condition. The source code is currently being reviewed and new
RPMs will be available within the next days.
______________________________________________________________________________
3) standard appendix:
SuSE runs two security mailing lists to which any interested party may
subscribe:
suse-security(a)suse.com
- general/linux/SuSE security discussion.
All SuSE security announcements are sent to this list.
To subscribe, send an email to
<suse-security-subscribe(a)suse.com>.
suse-security-announce(a)suse.com
- SuSE's announce-only mailing list.
Only SuSE's security annoucements are sent to this list.
To subscribe, send an email to
<suse-security-announce-subscribe(a)suse.com>.
For general information or the frequently asked questions (faq)
send mail to:
<suse-security-info(a)suse.com> or
<suse-security-faq(a)suse.com> respectively.
===============================================
SuSE's security contact is <security(a)suse.com>.
===============================================
______________________________________________________________________________
The information in this advisory may be distributed or reproduced,
provided that the advisory is not modified in any way.
SuSE GmbH makes no warranties of any kind whatsoever with respect
to the information contained in this security advisory.
<p>-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
iQEVAwUBOtMMyXey5gA9JdPZAQFnUwgAmiUtFvm1KydQIAQZKbQfSDdCL+gcpdJs
5NLVWTNGGL/pxP7y1l+7/kg107TrO7QKzfzfm/tKODu7m4jAvao8QMEnXP3GIzK5
jPSK7sckztfIsp7Rgom/yjgEZk2UrKbZadr5ASnen/QGuppsUL7qL8QvcCie2Ypv
NYAIC44gdJBrZRC7joNAtOLoSOfNIR6Hj3wkbmKpWVKANCZPnLwLpXn/4rd9Xorz
S0FKR+FzsigN7zHkeIzeqezYBTsBfBSsRomHpkiiPsGFKBYDDc6nWsPTLlOWinww
Pj5VrcQ2sqZKW5RF4ET+w3v2GjGKRP/vcQMbP9qrIy8VNl9/MztskA==
=C7Jm
-----END PGP SIGNATURE-----
Bye,
Thomas
--
Thomas Biege, SuSE GmbH, Schanzaeckerstr. 10, 90443 Nuernberg
E@mail: thomas(a)suse.de Function: Security Support & Auditing
"lynx -source http://www.suse.de/~thomas/thomas.pgp | pgp -fka"
Key fingerprint = 09 48 F2 FD 81 F7 E7 98 6D C7 36 F1 96 6A 12 47
1
0
-----BEGIN PGP SIGNED MESSAGE-----
______________________________________________________________________________
SuSE Security Announcement
Package: mc
Announcement-ID: SuSE-SA:2001:11
Date: Tuesday, April 10th, 2001 15.21 MEST
Affected SuSE versions: 6.1, 6.2, 6.3, 6.4, 7.0, 7.1
Vulnerability Type: local privilege escalation
Severity (1-10): 4
SuSE default package: no
Other affected systems: all system using mc
Content of this advisory:
1) security vulnerability resolved: mc
problem description, discussion, solution and upgrade information
2) pending vulnerabilities, solutions, workarounds
3) standard appendix (further information)
______________________________________________________________________________
1) problem description, brief discussion, solution, upgrade information
The Midnight Commander, mc(1), is a ncurses-based file manager.
A local attacker could trick mc(1) into executing commands with
the privileges of the user running mc(1) by creating malicious
directory names. This attack leads to local privilege escalation.
There does no workaround exist. The only solution is to update the
mc package.
Download the update package from locations desribed below and install
the package with the command `rpm -Uhv file.rpm'. The md5sum for each
file is in the line below. You can verify the integrity of the rpm
files using the command
`rpm --checksig --nogpg file.rpm',
independently from the md5 signatures below.
<p><p> i386 Intel Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/i386/update/7.1/ap1/mc-4.5.51-1.i386.rpm
c1eb197dff39e61065c498fa91347836
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.1/zq1/mc-4.5.51-1.src.rpm
cb768e70eacbf622464a71d8b5983769
SuSE-7.0
ftp://ftp.suse.com/pub/suse/i386/update/7.0/ap1/mc-4.5.50-1.i386.rpm
2770c2df6acd3e3ec8d9195e689aa037
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.0/zq1/mc-4.5.50-1.src.rpm
579a86de5c2a14e61d0b6097611fdfb7
SuSE-6.4
ftp://ftp.suse.com/pub/suse/i386/update/6.4/ap1/mc-4.5.42-47.i386.rpm
c16569cbbeb1d42823c1b6abdd61c03e
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.4/zq1/mc-4.5.42-47.src.rpm
d30069c9d3bf76b6f90d11b6cff86133
SuSE-6.3
ftp://ftp.suse.com/pub/suse/i386/update/6.3/ap1/mc-4.5.40-3.i386.rpm
655a6cac8bdb49789ee55c3bdc38e104
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.3/zq1/mc-4.5.40-3.src.rpm
969a5f5427e04ea2710516ae3b9360c6
SuSE-6.2
ftp://ftp.suse.com/pub/suse/i386/update/6.2/ap1/mc-4.5.37-20.i386.rpm
c6cf641cd54c976df4f64a0fa1263d65
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.2/zq1/mc-4.5.37-20.src.rpm
ccdd4d9e727edc45c610013f69af9c86
SuSE-6.1
ftp://ftp.suse.com/pub/suse/i386/update/6.1/ap1/mc-4.5.33-1.i386.rpm
2dd900869259558ef6ad9b16e056322d
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.1/zq1/mc-4.5.33-1.src.rpm
10c3a9ae63cbd8e43923f9245bba166c
<p><p> Sparc Platform:
SuSE-7.0
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/ap1/mc-4.5.50-1.sparc.rpm
16fab4824da5347fe243bfd8a3196a02
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/zq1/mc-4.5.50-1.src.rpm
f8a51dd5975e6c1c34492f1fae6c66c7
<p><p> AXP Alpha Platform:
SuSE-6.4
ftp://ftp.suse.com/pub/suse/axp/update/6.4/ap1/mc-4.5.42-47.alpha.rpm
dd80759475ca682a421cdd7dff4c6539
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.4/zq1/mc-4.5.42-47.src.rpm
1d98da3743c951003b99bf8b88b577f1
SuSE-6.3
ftp://ftp.suse.com/pub/suse/axp/update/6.3/ap1/mc-4.5.40-1.alpha.rpm
31a77b496e6c4185b0d9dd50336fb238
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.3/zq1/mc-4.5.40-1.src.rpm
dae662f3de8f42590feb62e1dc3abce8
SuSE-6.1
ftp://ftp.suse.com/pub/suse/axp/update/6.1/ap1/mc-4.5.33-14.alpha.rpm
58906f33013bc64cc090ed56c05ab6d7
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.1/zq1/mc-4.5.33-14.src.rpm
32727c15d6df11ceaa07afbd67b96b64
<p><p> PPC PowerPC Platform:
SuSE-7.0
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/ap1/mc-4.5.50-1.ppc.rpm
0f17db922b03ee5db09e46311b5c1096
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/zq1/mc-4.5.50-1.src.rpm
aa1d77e05edd2b6097896be3bc3433d2
SuSE-6.4
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/ap1/mc-4.5.42-47.ppc.rpm
018dbd5d4f7ed760e5fcfe22bceee016
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/zq1/mc-4.5.42-47.src.rpm
e56125ce9edd85accd1ea2830e578504
<p>______________________________________________________________________________
2) Pending vulnerabilities in SuSE Distributions and Workarounds:
- We are in the process of preparing update packages for the man package
which has been found vulnerable to a commandline format string bug.
The man command is installed suid man on SuSE systems. When exploited,
the bug can be used to install a different man binary to introduce a
trojan into the system. As an interim workaround, we recommend to
`chmod -s /usr/bin/manŽ and ignore the warnings and errors when
viewing manpages.
- Two bugs were found in the text editor vim. These bugs are currently
being fixed.
- A bufferoverflow in sudo was discovered and fixed RPMs will be
available as soon as possible. A exploit was not made public until
now.
- NEdit a GUI-style text editor needs an update due to a tmp race
condition. The source code is currently being reviewed and new
RPMs will be available within the next days.
______________________________________________________________________________
3) standard appendix:
SuSE runs two security mailing lists to which any interested party may
subscribe:
suse-security(a)suse.com
- general/linux/SuSE security discussion.
All SuSE security announcements are sent to this list.
To subscribe, send an email to
<suse-security-subscribe(a)suse.com>.
suse-security-announce(a)suse.com
- SuSE's announce-only mailing list.
Only SuSE's security annoucements are sent to this list.
To subscribe, send an email to
<suse-security-announce-subscribe(a)suse.com>.
For general information or the frequently asked questions (faq)
send mail to:
<suse-security-info(a)suse.com> or
<suse-security-faq(a)suse.com> respectively.
===============================================
SuSE's security contact is <security(a)suse.com>.
===============================================
______________________________________________________________________________
The information in this advisory may be distributed or reproduced,
provided that the advisory is not modified in any way.
SuSE GmbH makes no warranties of any kind whatsoever with respect
to the information contained in this security advisory.
<p>-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
iQEVAwUBOtMMnHey5gA9JdPZAQGAxAgAnwW45oAtOGMOySwqVdhKwqIrN/7FOEED
3FvQtMrLlICwAqD/DaS35qQs2IqIWfVtAm/bRoLlNwAkizmu4P2InskvNBXO9YuS
YdbntegiAdmX/7P55/9xBdOZub4PRi5jk7MWRJd//VWaumgx4RZHWnVvtI2eSWKT
xc6yBgxPfTlQQxp8mh3oUbAgkUf3kfE2CuSs7NXk7dV0xoenjfObt/3SPlHEBaRw
ASFDcXk8PiRPAM1KhtzkKQqGYDijDGfzXJ65pU2dm5mqUa2hwJrVFtLfMwPD7nYP
9Bvk4ym0iXQ3LNIQgYFgTcCuM4W4BV1IB4YeHyorDsOwbl2K7QggkQ==
=IWSy
-----END PGP SIGNATURE-----
Bye,
Thomas
--
Thomas Biege, SuSE GmbH, Schanzaeckerstr. 10, 90443 Nuernberg
E@mail: thomas(a)suse.de Function: Security Support & Auditing
"lynx -source http://www.suse.de/~thomas/thomas.pgp | pgp -fka"
Key fingerprint = 09 48 F2 FD 81 F7 E7 98 6D C7 36 F1 96 6A 12 47
1
0
-----BEGIN PGP SIGNED MESSAGE-----
______________________________________________________________________________
SuSE Security Announcement
Package: xntp
Announcement-ID: SuSE-SA:2001:10
Date: Monday, April 9th 22:30 MEST
Affected SuSE versions: (6.0, 6.1, 6.2), 6.3, 6.4, 7.0, 7.1
Vulnerability Type: remote root compromise
Severity (1-10): 8
SuSE default package: no
Other affected systems: systems using xntp in newer versions
Content of this advisory:
1) security vulnerability resolved: xntp
problem description, discussion, solution and upgrade information
2) pending vulnerabilities, solutions, workarounds
3) standard appendix (further information)
______________________________________________________________________________
1) problem description, brief discussion, solution, upgrade information
xntp is the network time protocol package widely used with many unix
and linux systems for system time synchronization over a network.
An exploit published by Przemyslaw Frasunek demonstrates a buffer
overflow in the control request parsing code. The exploit allows a
remote attacker to execute arbitrary commands as root. All versions as
shipped with SuSE Linux are affected by the buffer overflow problem.
A temporary workaround is to kill the daemon and to set the variable
START_XNTPD in the file /etc/rc.config to "no" so that the daemon
will not be started again upon reboot of the system. Correct the system
time manually if necessary or adjust the time by running ntpdate from
a cron job on a regular basis.
We believe that this problem is generally underestimated since the
xntpd daemon tends to get forgotten over the years of a system's life-
time once installed and configured. The xntpd daemon is not started by
default in SuSE Linux distributions. We strongly recommend to immediately
update the xntp package on each system where the daemon is installed,
configured and running.
Note:
The xntp update packages for most distributions have been available
for download since Friday last week. The packages for all 6.4 and 7.0
version distributions had to be rebuilt due to a specfile bug that
did not show up earlier and that caused a delay in building packages.
This bug causes the rpm subsystem to complain about the release number
of the package. Now that this bug is corrected, you might find yourself
having installed a package where there is a newer version of the package
on the ftp server. However, regardless of the package release number,
all published packages fix the currently known security problems in the
xntpd network time daemon.
Note:
The source rpm of xntp in newer distributions generates two packages:
xntp.rpm and xntpdoc.rpm. It is not necessary to update the xntpdoc
package which is why we do not provide the update packages on our ftp
server. The xntpdoc package only contains the documentation for the
xntp package and did not change in this updated package.
<p> Download the update package from locations desribed below and install
the package with the command `rpm -Uhv file.rpm'. The md5sum for each
file is in the line below. You can verify the integrity of the rpm
files using the command
`rpm --checksig --nogpg file.rpm',
independently from the md5 signatures below.
SPECIAL INSTALL INSTRUCTIONS:
==============================
The xntpd daemon must be restarted for the new package to become
active after the installation of the update rpm. You can do this
by running the command
kill -15 `pidof xntpd`
as root. After performing the upgrade using the rpm command above,
you can restart the xntpd:
rcxntpd start
You should now see the new daemon synchronizing in your syslogs,
depending on where you configured the daemon to write its logs to.
<p> i386 Intel Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/i386/update/7.1/n2/xntp-4.0.99f-34.i386.rpm
9e39ca8f7b01fef22766463b8295e25d
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.1/zq1/xntp-4.0.99f-34.src.rpm
dfa51b46c92b917353f52e5d83863478
SuSE-7.0
ftp://ftp.suse.com/pub/suse/i386/update/7.0/n1/xntp-4.0.99f-37.i386.rpm
4293ad8a3e084ec5d773bbcab8380c08
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.0/zq1/xntp-4.0.99f-37.src.rpm
745b894dcb6a97caa36f97858a51e279
SuSE-6.4
ftp://ftp.suse.com/pub/suse/i386/update/6.4/n1/xntp-4.0.99f-38.i386.rpm
8001ac19d0ee812be82b6b066b4313d5
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.4/zq1/xntp-4.0.99f-38.src.rpm
7d56618cba3d768aa53246f39158987d
SuSE-6.3
ftp://ftp.suse.com/pub/suse/i386/update/6.3/n1/xntp-4.0.98d-1.i386.rpm
2f5d7b43b167c6acf13f68b13b1b7989
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.3/zq1/xntp-4.0.98d-1.src.rpm
11182e5e8c3769e6f9498ade9fcbe1fc
SuSE-6.2 (unsupported platform)
ftp://ftp.suse.com/pub/suse/i386/update/6.2/n1/xntp-4.0.93a-18.i386.rpm
5b55d179e3d4a0c57513bed03013c1a9
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.2/zq1/xntp-4.0.93a-18.src.rpm
dbb7c833ddc25b0bde406b4319d4106f
SuSE-6.1 (unsupported platform)
ftp://ftp.suse.com/pub/suse/i386/update/6.1/n1/xntp-4.0.92c-1.i386.rpm
baa93b55a4eaa486968fa6285f04c865
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.1/zq1/xntp-4.0.92c-1.src.rpm
06f0174e8934e3ce6f419284564a7c91
<p><p> Sparc Platform:
SuSE-7.1
The xntp packages for the SuSE-7.1 sparc distribution are currently
pending for being built. They will be available on the ftp server
as soon as they are built. The packages are gpg-signed using the key
<build(a)suse.de> that should have been installed on your system upon
system installation/upgrade. Use the command `rpm --checksig xntp.rpmŽ
to verify this signature once the packages are available for download.
In the meanwhile, please use the temporary workaround as described above.
SuSE-7.0
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/n1/xntp-4.0.99f-19.sparc.rpm
bea9ea6a88ae68f27962d1b9ad866eac
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/zq1/xntp-4.0.99f-19.src.rpm
83243db2982126e1a6ba371ef6dcf59b
<p> AXP Alpha Platform:
SuSE-7.0
ftp://ftp.suse.com/pub/suse/axp/update/7.0/n1/xntp-4.0.99f-22.alpha.rpm
e410a96c44f12ba3d51a4f1f3e056fcd
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/7.0/zq1/xntp-4.0.99f-22.src.rpm
61ed8e66753868735cd14e94cb295718
SuSE-6.4
ftp://ftp.suse.com/pub/suse/axp/update/6.4/n1/xntp-4.0.99f-22.alpha.rpm
9460bd3eaf5500c0184d9394b8b86627
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.4/zq1/xntp-4.0.99f-22.src.rpm
5c62ef99f064b687047087562cfe54ca
SuSE-6.3
ftp://ftp.suse.com/pub/suse/axp/update/6.3/n1/xntp-4.0.98d-1.alpha.rpm
ad8c8494f0aaa06a1690e4edcaa43904
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.3/zq1/xntp-4.0.98d-1.src.rpm
743fe2aba27f1801ac5b14cff2f2edb6
SuSE-6.1 (unsupported platform)
ftp://ftp.suse.com/pub/suse/axp/update/6.1/n1/xntp-4.0.92c-40.alpha.rpm
d400eeecb9bd0b4347f3fe58f7f90fee
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.1/zq1/xntp-4.0.92c-40.src.rpm
e2d01c31542ebbf8c740b820a6372ad1
<p> PPC Power PC Platform:
SuSE-7.1
The xntp packages for the SuSE-7.1 ppc distribution are currently
pending for being built. They will be available on the ftp server
as soon as they are built. The packages are gpg-signed using the key
<build(a)suse.de> that should have been installed on your system upon
system installation/upgrade. Use the command `rpm --checksig xntp.rpmŽ
to verify this signature once the packages are available for download.
In the meanwhile, please use the temporary workaround as described above.
SuSE-7.0
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/n1/xntp-4.0.99f-21.ppc.rpm
2d82e8f63df84cb409df7659437c1177
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/zq1/xntp-4.0.99f-21.src.rpm
a0bce6c36cf30da1aa587e03103a01f6
SuSE-6.4
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/n1/xntp-4.0.99f-21.ppc.rpm
fe9082268bdf53dddcaad075284f899b
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/zq1/xntp-4.0.99f-21.src.rpm
1940b97593e3e134487d294a721e350d
<p>______________________________________________________________________________
2) Pending vulnerabilities in SuSE Distributions and Workarounds:
- kernel
Please expect security updates of the Linux kernel soon. To resolve all
currently known security problems in the Linux kernel, update the kernel
manually to version 2.2.19 or wait until the SuSE update rpm packages
for the supported distributions 6.3, 6.4, 7.0 and 7.1 are ready to be
used and available for download.
- more updates
In addition to the kernel update, please expect more packages to see
security updates. Currently, this involves vim, mc and sudo.
<p> - bind8
The update packages for the 7.0 sparc distribution is available.
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/n1/bind8-8.2.3-39.sparc.rpm
c7e2a95bd4b90d03207ffc3a9880c36c
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/zq1/bind8-8.2.3-39.src.rpm
5d4d4b608f2a8a3e61f7dc6917254f4f
The SuSE-7.1 sparc distribution was published after the bugs in bind8
were corrected.
______________________________________________________________________________
3) standard appendix:
SuSE runs two security mailing lists to which any interested party may
subscribe:
suse-security(a)suse.com
- general/linux/SuSE security discussion.
All SuSE security announcements are sent to this list.
To subscribe, send an email to
<suse-security-subscribe(a)suse.com>.
suse-security-announce(a)suse.com
- SuSE's announce-only mailing list.
Only SuSE's security annoucements are sent to this list.
To subscribe, send an email to
<suse-security-announce-subscribe(a)suse.com>.
For general information or the frequently asked questions (faq)
send mail to:
<suse-security-info(a)suse.com> or
<suse-security-faq(a)suse.com> respectively.
===============================================
SuSE's security contact is <security(a)suse.com>.
===============================================
______________________________________________________________________________
The information in this advisory may be distributed or reproduced,
provided that the advisory is not modified in any way.
SuSE GmbH makes no warranties of any kind whatsoever with respect
to the information contained in this security advisory.
Type Bits/KeyID Date User ID
pub 2048/3D25D3D9 1999/03/06 SuSE Security Team <security(a)suse.de>
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.3i
mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA
BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz
JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh
1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U
P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+
cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg
VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b
yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7
tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ
xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63
Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo
choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI
BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u
v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+
x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0
Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq
MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2
saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o
L0oixF12Cg==
=pIeS
- -----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
iQEVAwUBOtIdLXey5gA9JdPZAQGX0Af/RbqT5xox/JWc6gz7QGxA/TCKrLvk3rO3
RBesK0QJ/GqEWZh3CI81CyXCHZiyOkKzmUo5+BhX5NU4OnmuvVokofTk/cAQxh1M
6HzcUySvNrru79VwSuFE1nFGuyzWSDkKAAgD2/mP0fSporpinJTeVJm/JkXH3jau
sOq+eIzhi7grtnVgbIueGR8mGrAg8COLlCx7GjYLd+VQxeS+eOtT16sLY4gMDV43
RDzpRA5dWFh48KGkncA5/0Cuvs46LTmBkVDgyflgyG1h+dmrSlfXSvoLyo08lupy
ekFi4zg2H91Bb7SX0FFs456R42S02arJyld2/xm8IR9fkR18Ve12gg==
=6ds6
-----END PGP SIGNATURE-----
1
0
-----BEGIN PGP SIGNED MESSAGE-----
To those involved in Linux security:
The latest release of "Linux-Magazin", a monthly German magazine that focuses
on Linux, contains an article by Mirko Dölle about security problems in the
Linux kernel.
In particular, the article argues that IP packets could be forwarded to the
address 208.47.125.33 (there is a PTR record at gary7.nsa.gov, which has an A
record back to the same address).
Many German Linux users have been calling SuSE support to learn details on
how to deal with this problem, not willing to believe that the article is an
April Fool's joke on security. None of the claims are correct, which makes a
kernel update unnecessary for this particular problem.
<p>Now, as inclined readers of security mailing lists may have noticed, there
are indeed security problems in the Linux kernel. These problems are no
backdoors of any kind, and they are not related to the article mentioned
above. In addition, the known kernel security issues are not remotely
exploitable, which means that local shell access is needed to take advantage
of the weaknesses. The weaknesses allow for a local attacker to gain
superuser access to the system.
SuSE will provide update packages for the supported distributions 6.3, 6.4,
7.0 and 7.1 shortly that eliminate the known problems. The SuSE kernels are
standard kernels, equipped with a set of patches that introduce drivers and
many other enhancements to the standard Linux kernel. The update packages are
currently being tested and will be available and announced as soon as
possible.
As an information for those who compile and install their own kernels: The
freshly released Linux kernel version 2.2.19 fixes the known issues in the
kernel. It should run smoothly on all 6.x SuSE Linux distributions, but
please note that 2.2.19 requires update packages for the lvm and/or the
raidtools (formerly mdutils) package if lvm (logical volume manager) or the
software raid facility of the Linux kernel are used. The lvm package is
available for download from our ftp server ftp.suse.com, the raidtools
package will follow soon.
Regards,
Roman Drahtmüller,
SuSE Security
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
iQEVAwUBOsM8uney5gA9JdPZAQGnRggAkh+oXciCyj07rUgi0YJ4DEQVYopJRZQw
oYFcktCTC/CYXE42ZEkChlMO9UA2Op6kiFyqDnaIKo12C1555CxAJgjszQfAjPCe
1b2kxLNtY0GvibkFHjgJ5BLeh7rM3d7bMoA14HKSNXcHDQIuJEUD0Hh0ENe4fNng
qfZNHsd2EIdkjN3ncuQGjqPvy5N+se145OrEUGsOFY5Xb1KajxJhd8SlJ8+VkjTA
5tRi4NvLUZqdk1eKPvcKSkIuuv/rmSSOBEASUr/dEmy4Z8guVNW3qP6jk4HtPjYp
23yTkhZDHaYpCC7S/gMoU3pSrre0nh51W6yQx1oBOqaWZJtLSUJ+2A==
=RpeD
-----END PGP SIGNATURE-----
1
0
-----BEGIN PGP SIGNED MESSAGE-----
______________________________________________________________________________
SuSE Security Announcement
Package: joe
Announcement-ID: SuSE-SA:2001:09
Date: Tuesday, March 27th, 2001 17.03 MEST
Affected SuSE versions: 6.1, 6.2, 6.3, 6.4, 7.0, 7.1
Vulnerability Type: local privilege escalation
Severity (1-10): 3
SuSE default package: yes
Other affected systems: all system using joe
Content of this advisory:
1) security vulnerability resolved: joe
problem description, discussion, solution and upgrade information
2) pending vulnerabilities, solutions, workarounds
3) standard appendix (further information)
______________________________________________________________________________
1) problem description, brief discussion, solution, upgrade information
A bug in joe(1), a userfriendly text editor, was found by Christer Öberg
of Wkit Security AB a few weeks ago.
After starting joe(1) it tries to open its configuration file joerc in the
current directory, the users home directory and some other locations.
joe(1) doesn't check the ownership of joerc when trying the current
directory.
An attacker could place a malicious joerc file in a public writeable
directory, like /tmp, to execute commands with the privilege of any user
(including root), which runs joe while being in this directory.
Download the update package from locations desribed below and install
the package with the command `rpm -Uhv file.rpm'. The md5sum for each
file is in the line below. You can verify the integrity of the rpm
files using the command
`rpm --checksig --nogpg file.rpm',
independently from the md5 signatures below.
<p><p> i386 Intel Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/i386/update/7.1/ap1/joe-2.8-300.i386.rpm
3140f1eb79eb246ad98f7687de517371
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.1/zq1/joe-2.8-300.src.rpm
0c04bb25b8ae452f1fcdfe11af32e1b6
SuSE-7.0
ftp://ftp.suse.com/pub/suse/i386/update/7.0/ap1/joe-2.8-304.i386.rpm
2a406de36322fc7bc28aaeca0bbdf54d
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.0/zq1/joe-2.8-304.src.rpm
2aac0d130597d580d96c75d59397958c
SuSE-6.4
ftp://ftp.suse.com/pub/suse/i386/update/6.4/ap1/joe-2.8-303.i386.rpm
348a5e4a981f76943c77431606e5c3b2
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.4/zq1/joe-2.8-303.src.rpm
9f938aa365460257baf56f5f92f565ee
SuSE-6.3
ftp://ftp.suse.com/pub/suse/i386/update/6.3/ap1/joe-2.8-302.i386.rpm
236ec54a0251859e1c2c1fc4018b5dae
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.3/zq1/joe-2.8-302.src.rpm
49b638dd238cacc8e99048ee5a8024ea
SuSE-6.2
ftp://ftp.suse.com/pub/suse/i386/update/6.2/ap1/joe-2.8-302.i386.rpm
094577b41a2ad5baa0d16f4d53378d0e
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.2/zq1/joe-2.8-302.src.rpm
78333a2bac40b08db1e54ccaf1380caf
SuSE-6.1
ftp://ftp.suse.com/pub/suse/i386/update/6.1/ap1/joe-2.8-305.i386.rpm
72fbb78af21f3878f1ae8b8bc87c96f4
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.1/zq1/joe-2.8-305.src.rpm
b4fbe27a24bf66d60db45da3c3d13020
<p><p> Sparc Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/sparc/update/7.1/ap1/joe-2.8-290.sparc.rpm
eeb78e413ee0b48d39ccdab29228ae80
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.1/zq1/joe-2.8-290.src.rpm
f29199161ffd38f3f26c82b5d21ba89b
SuSE-7.0
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/ap1/joe-2.8-292.sparc.rpm
d1d70f58df37de53f05734d90be596fa
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/zq1/joe-2.8-292.src.rpm
45091ece9cb66e4f093d07b0386fd2b9
<p><p> AXP Alpha Platform:
SuSE-7.0
ftp://ftp.suse.com/pub/suse/axp/update/7.0/ap1/joe-2.8-296.alpha.rpm
85e609519bbfbbc0be5aec7b8de2dffc
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/7.0/zq1/joe-2.8-296.src.rpm
ce623f8a73b1f6395eb9498324cc1e21
<p> SuSE-6.4
ftp://ftp.suse.com/pub/suse/axp/update/6.4/ap1/joe-2.8-293.alpha.rpm
d930c6a2f0757f51f04409946f6152f8
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.4/zq1/joe-2.8-293.src.rpm
0b20e5bd36f0feeaf78cb4815566e982
SuSE-6.3
ftp://ftp.suse.com/pub/suse/axp/update/6.3/ap1/joe-2.8-293.alpha.rpm
6278e4dd4a42d4e091d1a08e3f617fa2
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.3/zq1/joe-2.8-293.src.rpm
88f428cc9c916b9159dfb54144c7802e
SuSE-6.1
ftp://ftp.suse.com/pub/suse/axp/update/6.1/ap1/joe-2.8-295.alpha.rpm
3e531066b0495be2261f02ef2d4583f0
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.1/zq1/joe-2.8-295.src.rpm
1d7796f1fad01365e40a944f0db84470
<p><p> PPC PowerPC Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/ap1/joe-2.8-272.ppc.rpm
f11094b9f1afeb04786030e3a140ed03
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/zq1/joe-2.8-272.src.rpm
4058ea46c9d75976a24a6ac419fc19d5
SuSE-7.0
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/ap1/joe-2.8-274.ppc.rpm
c385a2ca601cf9b01ad2d39433d6a872
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/zq1/joe-2.8-274.src.rpm
b667ea68d356a9582d3696ad68869c69
SuSE-6.4
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/ap1/joe-2.8-273.ppc.rpm
4f6c2c20e961aea4987381d12692af6c
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/zq1/joe-2.8-273.src.rpm
8c3ebda871c54afc11a24d80d207c34e
______________________________________________________________________________
2) Pending vulnerabilities in SuSE Distributions and Workarounds:
- We are in the process of preparing update packages for the man package
which has been found vulnerable to a commandline format string bug.
The man command is installed suid man on SuSE systems. When exploited,
the bug can be used to install a different man binary to introduce a
trojan into the system. As an interim workaround, we recommend to
`chmod -s /usr/bin/manŽ and ignore the warnings and errors when
viewing manpages.
- The file browser MidnightCommander (mc) is vulnerable to unwanted
program execution. Updates are currently being built.
- Two bugs were found in the text editor vim. These bugs are currently
being fixed.
- A bufferoverflow in sudo was discovered and fixed RPMs will be available
as soon as possible. A exploit was not made public until now.
______________________________________________________________________________
3) standard appendix:
SuSE runs two security mailing lists to which any interested party may
subscribe:
suse-security(a)suse.com
- general/linux/SuSE security discussion.
All SuSE security announcements are sent to this list.
To subscribe, send an email to
<suse-security-subscribe(a)suse.com>.
suse-security-announce(a)suse.com
- SuSE's announce-only mailing list.
Only SuSE's security annoucements are sent to this list.
To subscribe, send an email to
<suse-security-announce-subscribe(a)suse.com>.
For general information or the frequently asked questions (faq)
send mail to:
<suse-security-info(a)suse.com> or
<suse-security-faq(a)suse.com> respectively.
===============================================
SuSE's security contact is <security(a)suse.com>.
===============================================
______________________________________________________________________________
The information in this advisory may be distributed or reproduced,
provided that the advisory is not modified in any way.
SuSE GmbH makes no warranties of any kind whatsoever with respect
to the information contained in this security advisory.
<p>-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
iQEVAwUBOsG6aney5gA9JdPZAQEkMAgAiLgKgaIQS9psq0wwl/RJDaXCKwopeKsx
meuZexE+iBgCXEeDAYtsbUEgTtHfTZ7XO5VwsIfFD9r8yOoAxWUcCkmIHOTYlRF3
jC4BTN5PkhbY7JymlSaEIreEfgflNWfYY1soaUm0LYy6Q/jDvMYReMh7uiG3wpPw
ja8wiLjJ+PZa7OqtCsk9zTLBmFeTHJJ0mYeiy8qD4xASUW+GY6qE9i9naYrZgN9L
oEY6DrOy6RERh35+NKMaI21o+yULhxPcV1AUYUndyc4U3OQErNEoLdViU6F39KeB
JA9sgxk8iMvtqEyyCWaWJyRahrzo05gBepjUy+DjTovmJGMOhR+VAg==
=58ij
-----END PGP SIGNATURE-----
Bye,
Thomas
--
Thomas Biege, SuSE GmbH, Schanzaeckerstr. 10, 90443 Nuernberg
E@mail: thomas(a)suse.de Function: Security Support & Auditing
"lynx -source http://www.suse.de/~thomas/thomas.pgp | pgp -fka"
Key fingerprint = 09 48 F2 FD 81 F7 E7 98 6D C7 36 F1 96 6A 12 47
1
0
-----BEGIN PGP SIGNED MESSAGE-----
______________________________________________________________________________
SuSE Security Announcement
Package: eperl
Announcement-ID: SuSE-SA:2001:08
Date: Tuesday, March 27th, 2001 16.00 MEST
Affected SuSE versions: 6.3, 6.4, 7.0, 7.1
Vulnerability Type: local and remote compromise
Severity (1-10): 6
SuSE default package: no
Other affected systems: all system using eperl package
Content of this advisory:
1) security vulnerability resolved: eperl
problem description, discussion, solution and upgrade information
2) pending vulnerabilities, solutions, workarounds
3) standard appendix (further information)
______________________________________________________________________________
1) problem description, brief discussion, solution, upgrade information
The ePerl program is a interpreter for the Embedded Perl 5 Language.
It's main purpose is to serve as Webserver scripting language for dynamic
HTML page programming. Besides this it could also serve as a standalone
Unix filter.
Fumitoshi Ukai and Denis Barbier have found several potential buffer
overflows, which could lead to local privilege escalation if installed
setuid (note: it's not installed setuid per default) or to remote
compromise.
There is currently no efficient measure against the security problems
in the eperl perl interpreter other than not using or updating it.
SuSE provides update packages for the defective software.
SuSE Linux version before 6.3 don't include the eperl package.
Download the update package from locations described below and install
the package with the command `rpm -Uhv file.rpm'. The md5sum for each
file is in the line below. You can verify the integrity of the rpm
files using the command
`rpm --checksig --nogpg file.rpm',
independently from the md5 signatures below.
<p> i386 Intel Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/i386/update/7.1/d2/eperl-2.2.14-206.i386.rpm
e613b06d47dcfb7bbcea8c3d0c0e678b
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.1/zq1/eperl-2.2.14-206.src.rpm
c58a95f3b8ae757ea4d72f3157e2ea62
SuSE-7.0
ftp://ftp.suse.com/pub/suse/i386/update/7.0/d1/eperl-2.2.14-203.i386.rpm
e66520cc0062e25495941542dd5b1f82
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.0/zq1/eperl-2.2.14-203.src.rpm
34d6682524154c9fb7b5fbec4f4ea82e
SuSE-6.4
ftp://ftp.suse.com/pub/suse/i386/update/6.4/d1/eperl-2.2.14-203.i386.rpm
4b6a5a89899320a8eeb35c149ae111f5
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.4/zq1/eperl-2.2.14-203.src.rpm
062b14716e52f2649f4380a6a6e4e7f9
SuSE-6.3
ftp://ftp.suse.com/pub/suse/i386/update/6.3/d1/eperl-2.2.14-202.i386.rpm
ba75d7f4a64329a3b5c324b3f0742575
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.3/zq1/eperl-2.2.14-202.src.rpm
c7ae001d4668ba3a0524f94429b1e4e6
<p> Sparc Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/sparc/update/7.1/d2/eperl-2.2.14-193.sparc.rpm
9752f8b9df6ac1ffdc68cb4b552d6491
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.1/zq1/eperl-2.2.14-193.src.rpm
f09a1ce9288c201ae63e193914fc84ce
SuSE-7.0
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/d1/eperl-2.2.14-191.sparc.rpm
900eddc134215569fc88d11ce14c11f3
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/zq1/eperl-2.2.14-191.src.rpm
76aaa0efa8ae1c84b80201f73462fc26
<p> AXP Alpha Platform:
SuSE-7.0
ftp://ftp.suse.com/pub/suse/axp/update/7.0/d1/eperl-2.2.14-195.alpha.rpm
d7b4be8d988f8cd501a33f9d2fb12a07
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/7.0/zq1/eperl-2.2.14-195.src.rpm
b0379287f9078fcd244cc720fad92c4d
SuSE-6.4
ftp://ftp.suse.com/pub/suse/axp/update/6.4/d1/eperl-2.2.14-195.alpha.rpm
78241206bc1b3927effdb5b1aa4d0ed5
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.4/zq1/eperl-2.2.14-195.src.rpm
325a04ec8c5c3da6b9c2fdf4e2c6c901
SuSE-6.3
ftp://ftp.suse.com/pub/suse/axp/update/6.3/d1/eperl-2.2.14-194.alpha.rpm
88a09004e5c0c2e6174785207e111318
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.3/zq1/eperl-2.2.14-194.src.rpm
a04cfa3e64aac49f6c148992e9a50189
<p> PPC Power PC Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/d2/eperl-2.2.14-178.ppc.rpm
3e05c702aca97db476155054d113ff95
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/zq1/eperl-2.2.14-178.src.rpm
67849b0c1c053eca482508fe2eac3042
SuSE-7.0
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/d1/eperl-2.2.14-177.ppc.rpm
35584e2f1bcebced98fad2ae241824da
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/zq1/eperl-2.2.14-177.src.rpm
98046dce35c4adfba57cc54c018376d7
SuSE-6.4
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/d1/eperl-2.2.14-176.ppc.rpm
9c36bad7ec2e8f6c31307729c7d21bc8
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/zq1/eperl-2.2.14-176.src.rpm
eeaf1144dd659fe13b6a943bf40bf65b
<p> S/390 Platform:
SuSE-7.0
ftp://ftp.suse.com/pub/suse/s390/update/7.0/d1/eperl-2.2.14-182.s390.rpm
416974a30c9c9e435e028f2807e15a51
source rpm:
ftp://ftp.suse.com/pub/suse/s390/update/7.0/zq1/eperl-2.2.14-182.src.rpm
b14c7d9cbb969cda54b0d9f599f1b5cc
______________________________________________________________________________
2) Pending vulnerabilities in SuSE Distributions and Workarounds:
- We are in the process of preparing update packages for the man package
which has been found vulnerable to a commandline format string bug.
The man command is installed suid man on SuSE systems. When exploited,
the bug can be used to install a different man binary to introduce a
trojan into the system. As an interim workaround, we recommend to
`chmod -s /usr/bin/manŽ and ignore the warnings and errors when
viewing manpages.
- The file browser MidnightCommander (mc) is vulnerable to unwanted
program execution. Updates are currently being built.
- Two bugs were found in the text editor vim. These bugs are currently
being fixed.
- A bufferoverflow in sudo was discovered and fixed RPMs will be
available as soon as possible. A exploit was not made public until
now.
______________________________________________________________________________
3) standard appendix:
SuSE runs two security mailing lists to which any interested party may
subscribe:
suse-security(a)suse.com
- general/linux/SuSE security discussion.
All SuSE security announcements are sent to this list.
To subscribe, send an email to
<suse-security-subscribe(a)suse.com>.
suse-security-announce(a)suse.com
- SuSE's announce-only mailing list.
Only SuSE's security annoucements are sent to this list.
To subscribe, send an email to
<suse-security-announce-subscribe(a)suse.com>.
For general information or the frequently asked questions (faq)
send mail to:
<suse-security-info(a)suse.com> or
<suse-security-faq(a)suse.com> respectively.
===============================================
SuSE's security contact is <security(a)suse.com>.
===============================================
______________________________________________________________________________
The information in this advisory may be distributed or reproduced,
provided that the advisory is not modified in any way.
SuSE GmbH makes no warranties of any kind whatsoever with respect
to the information contained in this security advisory.
______________________________________________________________________________
<p>-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
iQEVAwUBOsG3GXey5gA9JdPZAQGQtQgAmPBgkp8fCIbo0RJ+mJDa0Zx7W0N8S+Ba
LP2tH/cXkW9QPUT5vh1mKbB+LsH6wuG/uv7NG0EMrYHcmy3UFBEFKel4XD4G8XNU
BhAKegayEvjYH/OK8q8poVHYdvctrZ00LtfrW7IQkNfCXEVx0ByfaX5w/Qe/GQxQ
MWlqdw2klUXpnYZnaYj7mMsdTrc6DrIGdL4uCWozdQcyxGLeh/mQArg4TEdpv7KT
OW0LgDgZETo5akS/AwtZn3NE7rh+ZIAUAhPw8iUoK0k6RY+Z+RJa+QFQ+XXv7eHm
EXUcUd0wY47j5CROk+g7WzYy92Vn6VVOY63pcbhiv4R8BuPM9WVWJw==
=QNk3
-----END PGP SIGNATURE-----
Bye,
Thomas
--
Thomas Biege, SuSE GmbH, Schanzaeckerstr. 10, 90443 Nuernberg
E@mail: thomas(a)suse.de Function: Security Support & Auditing
"lynx -source http://www.suse.de/~thomas/thomas.pgp | pgp -fka"
Key fingerprint = 09 48 F2 FD 81 F7 E7 98 6D C7 36 F1 96 6A 12 47
1
0
23 Mar '01
Hi,
I resend advisory SuSE-SA:2001:07, because of a wrong signature.
Have a nice weekend.
-----BEGIN PGP SIGNED MESSAGE-----
______________________________________________________________________________
SuSE Security Announcement
Package: nkitb/nkitserv
Announcement-ID: SuSE-SA:2001:07
Date: Thursday, March 22th, 2001 19.06 MEST
Affected SuSE versions: 6.1, 6.2, 6.3, 6.4, 7.0, 7.1
Vulnerability Type: remote denial-of-service
Severity (1-10): 4
SuSE default package: yes: in.ftpd, no: timed
Other affected systems: all system using in.ftpd (OpenBSD port) or timed
Content of this advisory:
1) security vulnerability resolved: timed, in.ftpd
problem description, discussion, solution and upgrade information
2) pending vulnerabilities, solutions, workarounds
3) standard appendix (further information)
______________________________________________________________________________
1) problem description, brief discussion, solution, upgrade information
Two parts of the nkitb/nkitserv package are vulnerable to security related
bugs.
in.ftpd(8):
A one-byte bufferoverflow was discovered in the OpenBSD port of the
FTP daemon in.ftpd(8) several weeks ago.
This bug could just be triggered by authenticated users, which have write
access. This bug is believed to not be exploitable under Linux. However,
we prefer to provide a fixed update package to make sure that the daemon
is on the safe side.
in.ftpd(8) will be invoked by inetd(8) and is activated by default.
timed(8):
The time server daemon timed(8), which is started at boot time, tries to
synchronize the local host time with the time of other machines on the
local area network.
A bug in timed(8) was reported by the FreeBSD Security Officer, that could
be triggered remotely to crash the time server daemon.
For SuSE 6.1-6.4 in.ftpd and timed were part of nkitb.
Users of SuSE 7.0 need to download the nkitserv package for both in.ftpd
and timed.
The bug in in.ftpd is fixed in SuSE 7.1, so nkitserv for SuSE 7.1 just
includes a new version of timed(8).
Download the update package from locations desribed below and install
the package with the command `rpm -Uhv file.rpm'. The md5sum for each
file is in the line below. You can verify the integrity of the rpm
files using the command
`rpm --checksig --nogpg file.rpm',
independently from the md5 signatures below.
<p><p> i386 Intel Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/i386/update/7.1/n1/nkitserv-2001.3.16-0.i386.rpm
c4313f92a36916f0eba0b8837c9c0c81
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.1/zq1/nkitb-2001.3.16-1.src.rpm
ec452523fa25c8aed962fbd3349d1f3d
SuSE-7.0
ftp://ftp.suse.com/pub/suse/i386/update/7.0/n1/nkitserv-2001.3.16-0.i386.rpm
02772824805c6c4293bd1750d7bda6d3
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.0/zq1/nkitb-2001.3.16-1.src.rpm
5d301edc1b1ec9111572815aace33984
SuSE-6.4
ftp://ftp.suse.com/pub/suse/i386/update/6.4/a1/nkitb-2001.3.16-1.i386.rpm
842dea179cc449c4af25accf0c3f38ec
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.4/zq1/nkitb-2001.3.16-1.src.rpm
c099e7c1194b7706100453a89433b59c
SuSE-6.3
ftp://ftp.suse.com/pub/suse/i386/update/6.3/a1/nkitb-2001.3.16-0.i386.rpm
768a636df4731cd8efd181aa2eaf2e60
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.3/zq1/nkitb-2001.3.16-0.src.rpm
b705425c4c3cb70ebf9cd1345c92104a
SuSE-6.2
ftp://ftp.suse.com/pub/suse/i386/update/6.2/a1/nkitb-2001.3.16-0.i386.rpm
cbae31148c79c91a1443f79ee1ba34d3
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.2/zq1/nkitb-2001.3.16-0.src.rpm
d287c01d35d00756ecbf8da04556037c
SuSE-6.1
ftp://ftp.suse.com/pub/suse/i386/update/6.1/a1/nkitb-2001.3.16-0.i386.rpm
5f45ade69a9e8c2756e671c4a6e3522a
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.1/zq1/nkitb-2001.3.16-0.src.rpm
62b969c4e666f3ea71b6ce6b31762718
<p><p> Sparc Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/sparc/update/7.1/n1/nkitserv-2001.3.16-0.sparc.…
142329dcae76a1603c0d84836192e357
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.1/zq1/nkitb-2001.3.16-0.src.rpm
5bd9123cecba6ddd42cc965c599f383e
SuSE-7.0
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/n1/nkitserv-2001.3.16-0.sparc.…
07ed33c76c7ae2df5b877003b254944d
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/zq1/nkitb-2001.3.16-0.src.rpm
66ba7b71624f636e24e2d628c8f06e81
<p><p> AXP Alpha Platform:
SuSE-7.0
ftp://ftp.suse.com/pub/suse/axp/update/7.0/n1/nkitserv-2001.3.16-0.alpha.rpm
5fcf177588788eb069bdb69332046d23
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/7.0/zq1/nkitb-2001.3.16-0.src.rpm
c27ed3bf0c293eaa77fe5a8fa960e95d
SuSE-6.4
ftp://ftp.suse.com/pub/suse/axp/update/6.4/a1/nkitb-2001.3.16-0.alpha.rpm
385fa60c0c216f1d9e61afd52d37df93
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.4/zq1/nkitb-2001.3.16-0.src.rpm
5ba60084740c9be9f89a729e2d21a77c
SuSE-6.3
ftp://ftp.suse.com/pub/suse/axp/update/6.3/a1/nkitb-2001.3.16-0.alpha.rpm
8a9e207a77e3c7f954e8faa91954f7aa
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.3/zq1/nkitb-2001.3.16-0.src.rpm
53f8a03feacc7fb81b92a726c8e81d21
SuSE-6.1
ftp://ftp.suse.com/pub/suse/axp/update/6.1/a1/nkitb-2001.3.16-0.alpha.rpm
359a3432f73220cecd42ba0b365d5e06
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.1/zq1/nkitb-2001.3.16-0.src.rpm
e0ccf6395312f9c33518f5f083c9d51f
<p><p> PPC PowerPC Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/n1/nkitserv-2001.3.16-0.ppc.rpm
37bf5a963bc93215084b5634e864479c
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/zq1/nkitb-2001.3.16-0.src.rpm
c31af637f58d9b43db542657b02bc772
<p> SuSE-7.0
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/n1/nkitserv-2001.3.16-1.ppc.rpm
ddc1dcfb94ba90f3cbdf395f89dd3b84
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/zq1/nkitb-2001.3.16-1.src.rpm
2fa9c58b871248172285a64107e3be7c
SuSE-6.4
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/a1/nkitb-2001.3.16-0.ppc.rpm
1dc4c831b5f6bd344ab8f511497b3fa5
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/zq1/nkitb-2001.3.16-0.src.rpm
5529e5f63e2391ab1669efa0a8c33b57
______________________________________________________________________________
2) Pending vulnerabilities in SuSE Distributions and Workarounds:
- joe (configuration file vulnerability): The problem has been reported
on multiple security-related mailing lists. We are about to provide
fixed packages.
- The game spaceboom (SVGA shoot'em up) has been found vulnerable to
multiple vulnerabilities. As a reaction to these bugs, the spaceboom
game has been dropped from the distribution. We recommend to deinstall
the game from our 6.x and 7.x distribution by using the command
`rpm -e spaceŽ, or to remove the suid bit from the file
/usr/games/SpaceBoom/SpaceBoom using the command
`chmod -s /usr/games/SpaceBoom/SpaceBoomŽ.
(Note: removing the suid bit prevents the game from being used by
non-root users and from being reinstalled after removal.)
- We are in the process of preparing update packages for the man package
which has been found vulnerable to a commandline format string bug.
The man command is installed suid man on SuSE systems. When exploited,
the bug can be used to install a different man binary to introduce a
trojan into the system. As an interim workaround, we recommend to
`chmod -s /usr/bin/manŽ and ignore the warnings and errors when
viewing manpages.
- The file browser MidnightCommander (mc) is vulnerable to unwanted
program execution. Updates are currently being built.
- New RPMs, that fix' a vulnerbility in the eperl package for SuSE 6.1-7.1 are
currently being built.
______________________________________________________________________________
3) standard appendix:
SuSE runs two security mailing lists to which any interested party may
subscribe:
suse-security(a)suse.com
- general/linux/SuSE security discussion.
All SuSE security announcements are sent to this list.
To subscribe, send an email to
<suse-security-subscribe(a)suse.com>.
suse-security-announce(a)suse.com
- SuSE's announce-only mailing list.
Only SuSE's security annoucements are sent to this list.
To subscribe, send an email to
<suse-security-announce-subscribe(a)suse.com>.
For general information or the frequently asked questions (faq)
send mail to:
<suse-security-info(a)suse.com> or
<suse-security-faq(a)suse.com> respectively.
===============================================
SuSE's security contact is <security(a)suse.com>.
===============================================
______________________________________________________________________________
The information in this advisory may be distributed or reproduced,
provided that the advisory is not modified in any way.
SuSE GmbH makes no warranties of any kind whatsoever with respect
to the information contained in this security advisory.
<p>-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
iQEVAwUBOrpHQ3ey5gA9JdPZAQEWXwf/TwIX3tVUM4l32z6efEOdiLPNe0FmdImz
kgFkyWX+aDSLIVvhoqjpfr7DjD0p2Run9d1BjdLoTGqUgFZf+WR5yZWUbR94+5wN
ahaoKWHMGGxHxynrbr+YnlOFyKH1Zv3HqFbsY/KTrVSsWCsbqsqs1wd8ePVG/El9
oODwYHDBlMHGu+tXRqXAMhxGgrlMw5Id2fQEXVXvQu6/OJjqjzeRDHCA05vw/lZK
hK0vAPbU3UKHkgbHLmA1kKyqMIYJZcSWDngv6IOWrS/5MyoswL8sWcda+7Z3omyL
885DLHrszKcnH2mYzVeVV/ZYE2u711dhVRn+FEHIxukNty0un6rLaQ==
=aQ3n
-----END PGP SIGNATURE-----
Bye,
Thomas
--
Thomas Biege, SuSE GmbH, Schanzaeckerstr. 10, 90443 Nuernberg
E@mail: thomas(a)suse.de Function: Security Support & Auditing
"lynx -source http://www.suse.de/~thomas/thomas.pgp | pgp -fka"
Key fingerprint = 09 48 F2 FD 81 F7 E7 98 6D C7 36 F1 96 6A 12 47
1
0
Hi,
I resend advisory SuSE-SA:2001:06, because of a wrong signature.
-----BEGIN PGP SIGNED MESSAGE-----
______________________________________________________________________________
SuSE Security Announcement
Package: pop
Announcement-ID: SuSE-SA:2001:06
Date: Wednesday, March 21th, 2001 19.19 MEST
Affected SuSE versions: 6.1
Vulnerability Type: remote command execution
Severity (1-10): 2
SuSE default package: no
Other affected systems: all system using the pop package
Content of this advisory:
1) security vulnerability resolved: imapd, ipop2d, ipop3d
problem description, discussion, solution and upgrade information
2) pending vulnerabilities, solutions, workarounds
3) standard appendix (further information)
______________________________________________________________________________
1) problem description, brief discussion, solution, upgrade information
The eMail access daemons imapd(8), ipop2d(8) and ipop3d(8) of SuSE 6.1
are vulnerable to several buffer overflows. Due to a misconfiguration
these vulnerbilities could be triggered remotely after a user had been
authenticated.
Download the update package from locations desribed below and install
the package with the command `rpm -Uhv file.rpm'. The md5sum for each
file is in the line below. You can verify the integrity of the rpm
files using the command
`rpm --checksig --nogpg file.rpm',
independently from the md5 signatures below.
<p> i386 Intel Platform:
SuSE-6.1
ftp://ftp.suse.com/pub/suse/i386/update/6.1/n1/pop-2001.3.21-0.i386.rpm
1277deee87f3d1553ee18ae078d646aa
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.1/zq1/pop-2001.3.21-0.src.rpm
ce326335b36e51b6a635b69fc0106911
<p><p> AXP Alpha Platform:
SuSE-6.1
ftp://ftp.suse.com/pub/suse/axp/update/6.1/n1/pop-2001.3.21-0.alpha.rpm
33405d29e279795d99853a1235a821f9
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.1/zq1/pop-2001.3.21-0.src.rpm
eecd7c9ac81397f9eb7b2bee01a0154d
<p>______________________________________________________________________________
2) Pending vulnerabilities in SuSE Distributions and Workarounds:
- joe (configuration file vulnerability): The problem has been reported
on multiple security-related mailing lists. We are about to provide
fixed packages.
- The game spaceboom (SVGA shoot'em up) has been found vulnerable to
multiple vulnerabilities. As a reaction to these bugs, the spaceboom
game has been dropped from the distribution. We recommend to deinstall
the game from our 6.x and 7.x distribution by using the command
`rpm -e spaceŽ, or to remove the suid bit from the file
/usr/games/SpaceBoom/SpaceBoom using the command
`chmod -s /usr/games/SpaceBoom/SpaceBoomŽ.
(Note: removing the suid bit prevents the game from being used by
non-root users and from being reinstalled after removal.)
- We are in the process of preparing update packages for the man package
which has been found vulnerable to a commandline format string bug.
The man command is installed suid man on SuSE systems. When exploited,
the bug can be used to install a different man binary to introduce a
trojan into the system. As an interim workaround, we recommend to
`chmod -s /usr/bin/manŽ and ignore the warnings and errors when
viewing manpages.
- The file browser MidnightCommander (mc) is vulnerable to unwanted
program execution. Updates are currently being built.
- A new nkitb/nkitserv package will be availabe soon. This update adresses
bugs in timed, in.ftpd.
- New RPMs, that fix' a vulnerbility in the eperl package for SuSE 6.1-7.1
are currently being built.
______________________________________________________________________________
3) standard appendix:
SuSE runs two security mailing lists to which any interested party may
subscribe:
suse-security(a)suse.com
- general/linux/SuSE security discussion.
All SuSE security announcements are sent to this list.
To subscribe, send an email to
<suse-security-subscribe(a)suse.com>.
suse-security-announce(a)suse.com
- SuSE's announce-only mailing list.
Only SuSE's security annoucements are sent to this list.
To subscribe, send an email to
<suse-security-announce-subscribe(a)suse.com>.
For general information or the frequently asked questions (faq)
send mail to:
<suse-security-info(a)suse.com> or
<suse-security-faq(a)suse.com> respectively.
===============================================
SuSE's security contact is <security(a)suse.com>.
===============================================
______________________________________________________________________________
The information in this advisory may be distributed or reproduced,
provided that the advisory is not modified in any way.
SuSE GmbH makes no warranties of any kind whatsoever with respect
to the information contained in this security advisory.
<p>-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
iQEVAwUBOrpWCXey5gA9JdPZAQEyxwf+PEmG3VQd59s4IEkNpStXAH6cRqEIAIkh
rKXcrukIiBWdj08uNLoiggEgzq7wyUKBQH3thCD3CkolpPM4ViZmiVLAr8uerTmx
fP4Vd+m47VeYzcsdhRPPASpnVzgVHyLVxCiOKOM76QK1sOHZhf2jAzQEZbl9G1Mc
Z2Jo+4tAtFUPxsp0IN9NmfDezGOLeuXH5eIyp+Sgpw1fMa6Mkpk+Eib6Dc0qnM4H
JBqj1WBw539lD2wU8n4N4mM0YdUhzCx179vVJKf9C9XLPdFHUwuyDRR75M/lOH8U
dC5eg3QVdDm4bUDxMyDbvJqfxFpzlRt6dsb/vDk7Q6Hepat3plXhdQ==
=klWl
-----END PGP SIGNATURE-----
Bye,
Thomas
--
Thomas Biege, SuSE GmbH, Schanzaeckerstr. 10, 90443 Nuernberg
E@mail: thomas(a)suse.de Function: Security Support & Auditing
"lynx -source http://www.suse.de/~thomas/thomas.pgp | pgp -fka"
Key fingerprint = 09 48 F2 FD 81 F7 E7 98 6D C7 36 F1 96 6A 12 47
1
0
-----BEGIN PGP SIGNED MESSAGE-----
______________________________________________________________________________
SuSE Security Announcement
Package: nkitb/nkitserv
Announcement-ID: SuSE-SA:2001:07
Date: Thursday, March 22th, 2001 19.06 MEST
Affected SuSE versions: 6.1, 6.2, 6.3, 6.4, 7.0, 7.1
Vulnerability Type: remote denial-of-service
Severity (1-10): 4
SuSE default package: yes: in.ftpd, no: timed
Other affected systems: all system using in.ftpd (OpenBSD port) or timed
Content of this advisory:
1) security vulnerability resolved: timed, in.ftpd
problem description, discussion, solution and upgrade information
2) pending vulnerabilities, solutions, workarounds
3) standard appendix (further information)
______________________________________________________________________________
1) problem description, brief discussion, solution, upgrade information
Two parts of the nkitb/nkitserv package are vulnerable to security related
bugs.
in.ftpd(8):
A one-byte bufferoverflow was discovered in the OpenBSD port of the
FTP daemon in.ftpd(8) several weeks ago.
This bug could just be triggered by authenticated users, which have write
access. This bug is believed to not be exploitable under Linux. However,
we prefer to provide a fixed update package to make sure that the daemon
is on the safe side.
in.ftpd(8) will be invoked by inetd(8) and is activated by default.
timed(8):
The time server daemon timed(8), which is started at boot time, tries to
synchronize the local host time with the time of other machines on the
local area network.
A bug in timed(8) was reported by the FreeBSD Security Officer, that could
be triggered remotely to crash the time server daemon.
For SuSE 6.1-6.4 in.ftpd and timed were part of nkitb.
Users of SuSE 7.0 need to download the nkitserv package for both in.ftpd
and timed.
The bug in in.ftpd is fixed in SuSE 7.1, so nkitserv for SuSE 7.1 just
includes a new version of timed(8).
Download the update package from locations desribed below and install
the package with the command `rpm -Uhv file.rpm'. The md5sum for each
file is in the line below. You can verify the integrity of the rpm
files using the command
`rpm --checksig --nogpg file.rpm',
independently from the md5 signatures below.
<p><p> i386 Intel Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/i386/update/7.1/n1/nkitserv-2001.3.16-0.i386.rpm
c4313f92a36916f0eba0b8837c9c0c81
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.1/zq1/nkitb-2001.3.16-1.src.rpm
ec452523fa25c8aed962fbd3349d1f3d
SuSE-7.0
ftp://ftp.suse.com/pub/suse/i386/update/7.0/n1/nkitserv-2001.3.16-0.i386.rpm
02772824805c6c4293bd1750d7bda6d3
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.0/zq1/nkitb-2001.3.16-1.src.rpm
5d301edc1b1ec9111572815aace33984
SuSE-6.4
ftp://ftp.suse.com/pub/suse/i386/update/6.4/a1/nkitb-2001.3.16-1.i386.rpm
842dea179cc449c4af25accf0c3f38ec
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.4/zq1/nkitb-2001.3.16-1.src.rpm
c099e7c1194b7706100453a89433b59c
SuSE-6.3
ftp://ftp.suse.com/pub/suse/i386/update/6.3/a1/nkitb-2001.3.16-0.i386.rpm
768a636df4731cd8efd181aa2eaf2e60
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.3/zq1/nkitb-2001.3.16-0.src.rpm
b705425c4c3cb70ebf9cd1345c92104a
SuSE-6.2
ftp://ftp.suse.com/pub/suse/i386/update/6.2/a1/nkitb-2001.3.16-0.i386.rpm
cbae31148c79c91a1443f79ee1ba34d3
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.2/zq1/nkitb-2001.3.16-0.src.rpm
d287c01d35d00756ecbf8da04556037c
SuSE-6.1
ftp://ftp.suse.com/pub/suse/i386/update/6.1/a1/nkitb-2001.3.16-0.i386.rpm
5f45ade69a9e8c2756e671c4a6e3522a
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.1/zq1/nkitb-2001.3.16-0.src.rpm
62b969c4e666f3ea71b6ce6b31762718
<p><p> Sparc Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/sparc/update/7.1/n1/nkitserv-2001.3.16-0.sparc.…
142329dcae76a1603c0d84836192e357
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.1/zq1/nkitb-2001.3.16-0.src.rpm
5bd9123cecba6ddd42cc965c599f383e
SuSE-7.0
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/n1/nkitserv-2001.3.16-0.sparc.…
07ed33c76c7ae2df5b877003b254944d
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/zq1/nkitb-2001.3.16-0.src.rpm
66ba7b71624f636e24e2d628c8f06e81
<p><p> AXP Alpha Platform:
SuSE-7.0
ftp://ftp.suse.com/pub/suse/axp/update/7.0/n1/nkitserv-2001.3.16-0.alpha.rpm
5fcf177588788eb069bdb69332046d23
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/7.0/zq1/nkitb-2001.3.16-0.src.rpm
c27ed3bf0c293eaa77fe5a8fa960e95d
SuSE-6.4
ftp://ftp.suse.com/pub/suse/axp/update/6.4/a1/nkitb-2001.3.16-0.alpha.rpm
385fa60c0c216f1d9e61afd52d37df93
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.4/zq1/nkitb-2001.3.16-0.src.rpm
5ba60084740c9be9f89a729e2d21a77c
SuSE-6.3
ftp://ftp.suse.com/pub/suse/axp/update/6.3/a1/nkitb-2001.3.16-0.alpha.rpm
8a9e207a77e3c7f954e8faa91954f7aa
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.3/zq1/nkitb-2001.3.16-0.src.rpm
53f8a03feacc7fb81b92a726c8e81d21
SuSE-6.1
ftp://ftp.suse.com/pub/suse/axp/update/6.1/a1/nkitb-2001.3.16-0.alpha.rpm
359a3432f73220cecd42ba0b365d5e06
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.1/zq1/nkitb-2001.3.16-0.src.rpm
e0ccf6395312f9c33518f5f083c9d51f
<p><p> PPC PowerPC Platform:
SuSE-7.1
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/n1/nkitserv-2001.3.16-0.ppc.rpm
37bf5a963bc93215084b5634e864479c
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/zq1/nkitb-2001.3.16-0.src.rpm
c31af637f58d9b43db542657b02bc772
<p> SuSE-7.0
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/n1/nkitserv-2001.3.16-1.ppc.rpm
ddc1dcfb94ba90f3cbdf395f89dd3b84
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/zq1/nkitb-2001.3.16-1.src.rpm
2fa9c58b871248172285a64107e3be7c
SuSE-6.4
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/a1/nkitb-2001.3.16-0.ppc.rpm
1dc4c831b5f6bd344ab8f511497b3fa5
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/zq1/nkitb-2001.3.16-0.src.rpm
5529e5f63e2391ab1669efa0a8c33b57
______________________________________________________________________________
2) Pending vulnerabilities in SuSE Distributions and Workarounds:
- joe (configuration file vulnerability): The problem has been reported
on multiple security-related mailing lists. We are about to provide
fixed packages.
- The game spaceboom (SVGA shoot'em up) has been found vulnerable to
multiple vulnerabilities. As a reaction to these bugs, the spaceboom
game has been dropped from the distribution. We recommend to deinstall
the game from our 6.x and 7.x distribution by using the command
`rpm -e spaceŽ, or to remove the suid bit from the file
/usr/games/SpaceBoom/SpaceBoom using the command
`chmod -s /usr/games/SpaceBoom/SpaceBoomŽ.
(Note: removing the suid bit prevents the game from being used by
non-root users and from being reinstalled after removal.)
- We are in the process of preparing update packages for the man package
which has been found vulnerable to a commandline format string bug.
The man command is installed suid man on SuSE systems. When exploited,
the bug can be used to install a different man binary to introduce a
trojan into the system. As an interim workaround, we recommend to
`chmod -s /usr/bin/manŽ and ignore the warnings and errors when
viewing manpages.
- The file browser MidnightCommander (mc) is vulnerable to unwanted
program execution. Updates are currently being built.
- New RPMs, that fix' a vulnerbility in the eperl package for SuSE 6.1-7.1
are currently being built.
______________________________________________________________________________
3) standard appendix:
SuSE runs two security mailing lists to which any interested party may
subscribe:
suse-security(a)suse.com
- general/linux/SuSE security discussion.
All SuSE security announcements are sent to this list.
To subscribe, send an email to
<suse-security-subscribe(a)suse.com>.
suse-security-announce(a)suse.com
- SuSE's announce-only mailing list.
Only SuSE's security annoucements are sent to this list.
To subscribe, send an email to
<suse-security-announce-subscribe(a)suse.com>.
For general information or the frequently asked questions (faq)
send mail to:
<suse-security-info(a)suse.com> or
<suse-security-faq(a)suse.com> respectively.
===============================================
SuSE's security contact is <security(a)suse.com>.
===============================================
______________________________________________________________________________
The information in this advisory may be distributed or reproduced,
provided that the advisory is not modified in any way.
SuSE GmbH makes no warranties of any kind whatsoever with respect
to the information contained in this security advisory.
<p>-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
iQEVAwUBOrpHQ3ey5gA9JdPZAQEWXwf/TwIX3tVUM4l32z6efEOdiLPNe0FmdImz
kgFkyWX+aDSLIVvhoqjpfr7DjD0p2Run9d1BjdLoTGqUgFZf+WR5yZWUbR94+5wN
ahaoKWHMGGxHxynrbr+YnlOFyKH1Zv3HqFbsY/KTrVSsWCsbqsqs1wd8ePVG/El9
oODwYHDBlMHGu+tXRqXAMhxGgrlMw5Id2fQEXVXvQu6/OJjqjzeRDHCA05vw/lZK
hK0vAPbU3UKHkgbHLmA1kKyqMIYJZcSWDngv6IOWrS/5MyoswL8sWcda+7Z3omyL
885DLHrszKcnH2mYzVeVV/ZYE2u711dhVRn+FEHIxukNty0un6rLaQ==
=aQ3n
-----END PGP SIGNATURE-----
Bye,
Thomas
--
Thomas Biege, SuSE GmbH, Schanzaeckerstr. 10, 90443 Nuernberg
E@mail: thomas(a)suse.de Function: Security Support & Auditing
"lynx -source http://www.suse.de/~thomas/thomas.pgp | pgp -fka"
Key fingerprint = 09 48 F2 FD 81 F7 E7 98 6D C7 36 F1 96 6A 12 47
1
0