openSUSE Security Announce
Threads by month
- ----- 2024 -----
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2000 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1999 -----
- December
- November
- October
- September
- August
- 2 participants
- 9907 discussions
-----BEGIN PGP SIGNED MESSAGE-----
______________________________________________________________________________
SuSE Security Announcement
Package: gnorpm
Advisory-ID: SuSE-SA:2000:040
Date: Monday, October 16th, 2000 15:45 MEST
Affected SuSE versions: 6.0, 6.1, 6.2, 6.3, 6.4, 7.0
Vulnerability Type: tmp race / local file overwrite
Severity (1-10): 4
SuSE default package: no
Other affected systems: Systems using gnorpm
Content of this advisory:
1) security vulnerability resolved: gnorpm
problem description, discussion, solution and upgrade information
2) pending vulnerabilities, solutions, workarounds
3) standard appendix (further information)
______________________________________________________________________________
1) problem description, brief discussion, solution, upgrade information
gnorpm is a graphical user interface to the rpm subsystem for the
gnome desktop.
Insecure temporary file handling may cause the gnorpm package to
overwrite arbitrary files on the system. As a workaround solution
it is recommended to make sure that no active user processes on the
system while performing software updates with gnorpm. This can be
accomplished by bringing the linux system down to runlevel 1
(multi-user without network) and starting the network by hand
(rci4l_hardware start; rci4l start;rcnetwork start; rcroute start).
IMPORTANT NOTE:
SuSE provides update packages for the vulnerable gnorpm package.
However, tests have revealed that the new gnorpm version from Alan Cox
does not work reliably with the rpm subsystem in older SuSE
distributions. Adding patches to these gnorpm versions has proven to
not increase the reliability of the package either. For this reason we
do not provide update packages for the SuSE distributions prior to
(and including) SuSE-6.3. Please update your system to a more recent
base installation (SuSE-7.0 recommended) or use the workaround as
described above if you need to use gnorpm in a multi user and possibly
hostile environment.
Download the update package from locations desribed below and install
the package with the command `rpm -Fhv file.rpm'. The md5sum for each
file is in the line below. You can verify the integrity of the rpm
files using the command
`rpm --checksig --nogpg file.rpm',
independently from the md5 signatures below.
<p> i386 Intel Platform:
SuSE-7.0
ftp://ftp.suse.com/pub/suse/i386/update/7.0/gnm3/gnorpm-0.95-3.i386.rpm
6aa5ea031f48d903bf3fb4e2328fc4c7
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.0/zq1/gnorpm-0.95-3.src.rpm
a6df0b51a50b0f82a1d0e77d46587d82
SuSE-6.4
ftp://ftp.suse.com/pub/suse/i386/update/6.4/gnm3/gnorpm-0.95-3.i386.rpm
2f47a772c634c35d989078287668e67d
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.4/zq1/gnorpm-0.95-3.src.rpm
04a7c41f0537ef513495efc49c105b1b
<p> Sparc Platform:
SuSE-7.0
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/gnm3/gnorpm-0.9-159.sparc.rpm
467a2839f7df52c31eb42b97ebb8dd0d
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/zq1/gnorpm-0.9-159.src.rpm
eb09af61e93eab32a55c6538d0b45bc4
<p><p> AXP Alpha Platform:
SuSE-6.4
ftp://ftp.suse.com/pub/suse/axp/update/6.4/gnm3/gnorpm-0.95-4.alpha.rpm
b99a121e1469f958413b26eef1fd7ce9
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.4/zq1/gnorpm-0.95-4.src.rpm
a65ba20f86d5d0693ecc3e77520ff584
<p><p> PPC Power PC Platform:
SuSE-6.4
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/gnm3/gnorpm-0.95-3.ppc.rpm
9ad07eb2c2c437ed427d8ec5cb2b8439
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/zq1/gnorpm-0.95-3.src.rpm
ffdb55e153b7e07cad91830eafb088b9
______________________________________________________________________________
2) Pending vulnerabilities in SuSE Distributions and Workarounds:
A set of security announcements is following this advisory.
______________________________________________________________________________
3) standard appendix:
SuSE runs two security mailing lists to which any interested party may
subscribe:
suse-security(a)suse.com
- general/linux/SuSE security discussion.
All SuSE security announcements are sent to this list.
To subscribe, send an email to
<suse-security-subscribe(a)suse.com>.
suse-security-announce(a)suse.com
- SuSE's announce-only mailing list.
Only SuSE's security annoucements are sent to this list.
To subscribe, send an email to
<suse-security-announce-subscribe(a)suse.com>.
For general information or the frequently asked questions (faq)
send mail to:
<suse-security-info(a)suse.com> or
<suse-security-faq(a)suse.com> respectively.
===============================================
SuSE's security contact is <security(a)suse.com>.
===============================================
Regards,
Roman Drahtmüller.
- - --
- -
| Roman Drahtmüller <draht(a)suse.de> // "Caution: Cape does |
SuSE GmbH - Security Phone: // not enable user to fly."
| Nürnberg, Germany +49-911-740530 // (Batman Costume warning label) |
- -
______________________________________________________________________________
The information in this advisory may be distributed or reproduced,
provided that the advisory is not modified in any way.
SuSE GmbH makes no warranties of any kind whatsoever with respect
to the information contained in this security advisory.
Type Bits/KeyID Date User ID
pub 2048/3D25D3D9 1999/03/06 SuSE Security Team <security(a)suse.de>
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.3i
mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA
BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz
JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh
1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U
P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+
cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg
VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b
yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7
tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ
xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63
Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo
choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI
BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u
v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+
x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0
Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq
MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2
saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o
L0oixF12Cg==
=pIeS
- -----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
iQEVAwUBOesJuHey5gA9JdPZAQFOaQf7BeD4f+p2nnW6HurZfmn3286FAOGGdEeO
7fYP+ECHNIgzwa9QSVjbbG/sDMbLiND4sv+z4Bi/7v6qm1rMIGrR1t3yYSAQLvJQ
RiW5Vvg3epdhZA4IVb+T0UDGLzSztWs5kfKmELUV2DCPwNA3ot6WXKJr64x27Ewj
bygg78xtIAvpLFa1IwHezllVPrdMjHJvIfMDV2bukLrVMTfax4sf8EmnPexIVTSW
hXp/+63HHWKXaELMvD3UHV6P9kjCcbqNsoerJCQ9KlaSC5dujMj31P5J5hsYSsOG
I+6T34rmFMuzANDc3AzMyQZb3zXBx6f2ozmHhQ1Ur/0b2+db0xknRw==
=bbjh
-----END PGP SIGNATURE-----
1
0
-----BEGIN PGP SIGNED MESSAGE-----
______________________________________________________________________________
SuSE Security Announcement
Package: cfengine
Date: Wednesday, October 11th, 2000 19:15 MEST
Affected SuSE versions: 5.3, 6.0, 6.1, 6.3, 6.4, 7.0
Vulnerability Type: remote (root) compromise
Severity (1-10): 5
SuSE default package: no
Other affected systems: Linux systems using the pam_smb module
Content of this advisory:
1) security vulnerability resolved: pam_smb
problem description, discussion, solution and upgrade information
2) pending vulnerabilities, solutions, workarounds
3) standard appendix (further information)
______________________________________________________________________________
1) problem description, brief discussion, solution, upgrade information
GNU cfengine is an abstract programming language for system
administrators of large heterogeneous networks, used for maintenance
and administration. Pekka Savola <pekkas(a)netcore.fi> has found several
format string vulnerabilities in syslog() calls that can be abused to
either make the cfengine program to segfault and die or to execute
arbitrary commands as the user the cfengine process runs as (usually
root).
The cfengine package is not installed per default, and not activated
when installed. Thus, the vulnerability affects only systems where the
administrator actively uses this tool.
The only efficient fix for the problem is an update of the cfengine
package since access restrictions limit the attack possibilities to
a closed group of hosts/users only.
Download the update package from locations desribed below and install
the package with the command `rpm -Fhv file.rpm'. The md5sum for each
file is in the line below. You can verify the integrity of the rpm
files using the command
`rpm --checksig --nogpg file.rpm',
independently from the md5 signatures below.
<p> i386 Intel Platform:
SuSE-7.0
ftp://ftp.suse.com/pub/suse/i386/update/7.0/ap1/cfengine-1.5.4-82.i386.rpm
dc42c40f3d38756f03d0fe120854438f
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.0/zq1/cfengine-1.5.4-82.src.rpm
2fd8a119cfef86239ce8fa96eb84115d
SuSE-6.4
ftp://ftp.suse.com/pub/suse/i386/update/6.4/ap1/cfengine-1.5.4-82.i386.rpm
751acfe93106296ce1109a2502756802
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.4/zq1/cfengine-1.5.4-82.src.rpm
843b0f958737d528d7160f7fada0e480
SuSE-6.3
ftp://ftp.suse.com/pub/suse/i386/update/6.3/ap1/cfengine-1.5.4-82.i386.rpm
c8acb6a4cb25bf5794a58cbdddeadb3c
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.3/zq1/cfengine-1.5.4-82.src.rpm
0fc789bf5ee81448416e3b70665eac5e
SuSE-6.2
ftp://ftp.suse.com/pub/suse/i386/update/6.2/ap1/cfengine-1.5.4-82.i386.rpm
414b3b1ba8d1f6c54e8edf1bc06e3fd4
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.2/zq1/cfengine-1.5.4-82.src.rpm
4cbc2ee010505ebd386c77c275cbe623
SuSE-6.1
ftp://ftp.suse.com/pub/suse/i386/update/6.1/ap1/cfengine-1.5.4-82.i386.rpm
c90ee6da76d111f537ae3bf0e3a8410d
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.1/zq1/cfengine-1.5.4-82.src.rpm
de796070b0df0e7ff564ba73ef02fa2e
SuSE-6.0
please use the update packages for the SuSE-6.1 distribution.
SuSE-5.3
ftp://ftp.suse.com/pub/suse/i386/update/5.3/ap1/cfengine-1.5.4-87.i386.rpm
a47f6a4a9affbe258d3c83b569b1dba4
ftp://ftp.suse.com/pub/suse/i386/update/5.3/zq1/cfengine-1.5.4-87.src.rpm
546bc5a8a2e2c4b717d83fe4c04519bd
<p> Sparc Platform:
SuSE-7.0
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/ap1/cfengine-1.5.4-83.sparc.rpm
3517304c0fd9ff411631ea4c8191516f
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/zq1/cfengine-1.5.4-83.src.rpm
fdc47c721783442a605ca209fa088122
<p><p> AXP Alpha Platform:
SuSE-6.4
ftp://ftp.suse.com/pub/suse/axp/update/6.4/ap1/cfengine-1.5.4-82.alpha.rpm
409a3b91a67f383a330ea26faccb5eef
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.4/zq1/cfengine-1.5.4-82.src.rpm
b86fe2ebe7e971c98203c977543ffddc
SuSE-6.3
Please use the update packages for the SuSE-6.4 distribution.
SuSE-6.1
ftp://ftp.suse.com/pub/suse/axp/update/6.1/ap1/cfengine-1.5.4-84.alpha.rpm
b15950b227f1e77e783dba1ebf512df4
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.1/zq1/cfengine-1.5.4-84.src.rpm
d38bc69b3024e375b3757b869fab88df
<p><p> PPC Power PC Platform:
SuSE-7.0
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/ap1/cfengine-1.5.4-85.ppc.rpm
2ee85ef27d51cac7ac1d574e8233aae5
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/zq1/cfengine-1.5.4-85.src.rpm
282c56270f5ecc8b58cc8be27472f6aa
SuSE-6.4
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/ap1/cfengine-1.5.4-82.ppc.rpm
ddc0e11f730e2fbb2ef5462987eadffa
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/zq1/cfengine-1.5.4-82.src.rpm
e2f61fcf0e0598f673fc93411fbbbb18
______________________________________________________________________________
2) Pending vulnerabilities in SuSE Distributions and Workarounds:
- gnorpm
A race condition has been found in the gnorpm program, a GUI for
the rpm system. The issue will be addressed in a following advisory.
<p> - ncurses
The ncurses library contains buffer overflows that are exploitable
when user-supplied terminfo databases are processed. This imposes a
security risk on programs/binaries that are linked against libncurses
and run with special privileges. Both workaround and clean solution
is to remove the suid bit from all executable files with setuid bit
set.
The issue will be addressed in a following security announcement.
<p> - apache mod_rewrite, php
A bug has been discovered in the apache package that allows attackers
to read arbitrary files on a system that runs apache. The responsible
apache module named "mod_rewrite" is not used by default on SuSE
installations of the apache package. The issue will be addressed in
a following security announcement.
<p> - usermode/userhelper
userhelper is a suid helper program designed to let the user who
is logged on to the console execute some programs with root
privileges. SuSE distributions do not contain the usermode package
and therefore are not vulnerable to the security problems recently
discovered in the usermode package.
<p> - tmpwatch
The tmpwatch packages as shipped with SuSE distributions are not
vulnerable to the attacks as discussed on security forums because
we ship an older version that does not provide the functionality
that can be exploited.
<p> - lprNG
The versions of the lprNG package that come with SuSE distributions
are not vulnerable to the format string parsing errors as discussed
in security forums.
<p> - traceroute
The traceroute program has been found vulnerable to a bug
(`traceroute -g 1 -g 1') in many distributions. Newer SuSE
distributions have a different implementation of the traceroute
program and are not vulnerable to the bug found by
Pekka Savola <pekkas(a)netcore.fi>. The vulnerability could not be
verified in older SuSE distributions.
______________________________________________________________________________
3) standard appendix:
SuSE runs two security mailing lists to which any interested party may
subscribe:
suse-security(a)suse.com
- general/linux/SuSE security discussion.
All SuSE security announcements are sent to this list.
To subscribe, send an email to
<suse-security-subscribe(a)suse.com>.
suse-security-announce(a)suse.com
- SuSE's announce-only mailing list.
Only SuSE's security annoucements are sent to this list.
To subscribe, send an email to
<suse-security-announce-subscribe(a)suse.com>.
For general information or the frequently asked questions (faq)
send mail to:
<suse-security-info(a)suse.com> or
<suse-security-faq(a)suse.com> respectively.
===============================================
SuSE's security contact is <security(a)suse.com>.
===============================================
Regards,
Roman Drahtmüller.
- - --
- -
| Roman Drahtmüller <draht(a)suse.de> // "Caution: Cape does |
SuSE GmbH - Security Phone: // not enable user to fly."
| Nürnberg, Germany +49-911-740530 // (Batman Costume warning label) |
- -
______________________________________________________________________________
The information in this advisory may be distributed or reproduced,
provided that the advisory is not modified in any way.
SuSE GmbH makes no warranties of any kind whatsoever with respect
to the information contained in this security advisory.
Type Bits/KeyID Date User ID
pub 2048/3D25D3D9 1999/03/06 SuSE Security Team <security(a)suse.de>
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.3i
mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA
BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz
JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh
1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U
P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+
cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg
VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b
yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7
tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ
xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63
Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo
choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI
BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u
v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+
x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0
Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq
MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2
saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o
L0oixF12Cg==
=pIeS
- -----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
iQEVAwUBOeShFXey5gA9JdPZAQHCdQf/RVtjLXr9Bp+5rfPi2+8aCiVvkjT1Y0bi
SwPxhqY0BXxg54nGZuQNKuIwudt+qiSiPpe0di1JurDpKJwarKJjjqOr2GxWTsS8
etPp4600noYv1bDCAwjXTDrZrtlEGpTWo9G22VSHfj8HAbcYcJN3F1gp7nMMdet7
PDROiolnXizB0/IWxBbaC7CrZk0pijHnxpYS+DTNqGNbGvoAg7npT9l8Vw8c0tGW
4p6cs4iMW7i5rm2xX2WtFRqx7ZhUcm/bwTGnILAEqrC4nTN2num/Fdar3imqlSYP
vO5skgR7XTNO5jBhOXgBqho5JJYfINjm7bLrfLH405xpCH8Q3sI1PA==
=yMlp
-----END PGP SIGNATURE-----
1
0
-----BEGIN PGP SIGNED MESSAGE-----
______________________________________________________________________________
SuSE Security Announcement
Package: esound
Date: Wednesday, October 11th, 2000 19:00 MEST
Affected SuSE versions: 6.3, 6.4, 7.0
Vulnerability Type: local user compromise
Severity (1-10): 3
SuSE default package: yes
Other affected systems: Linux systems using esound with unix domain
socket support
Content of this advisory:
1) security vulnerability resolved: esound
problem description, discussion, solution and upgrade information
2) pending vulnerabilities, solutions, workarounds
3) standard appendix (further information)
______________________________________________________________________________
1) problem description, brief discussion, solution, upgrade information
esound, a daemon program for the Gnome desktop, is used for sound replay
by various programs such as windowmanagers and other applications.
The esound daemon creates a directory /tmp/.esd to host a unix domain
socket. Upon startup, the daemon changes the modes of the socket, but
a race condition allows an attacker to place a symlink into the
directory to point to an arbitrary file belonging to the victim. By
consequence, an attacker may be able to change the permissions of any
file belonging to the victim. If the victim's userid is root, the
attacker may be able to change the modes of any file in the system.
SuSE distributions before SuSE-6.3 were not vulnerable to this attack
because unix domain sockets were not supported by the esound daemon as
shipped with these distributions.
The only efficient solution for the problem is to store the unix domain
socket in a directory where only the user has write access to. The
user's home directory is such a location.
Update packages that fix the race conditions by placing the sockets into
the user's home directory are available for download. It is recommended
to apply the fix on systems where multiple users can access the local
filesystem.
Note: Not all filesystems support unix domain sockets. The fix might
not work if the user's home directory is on such a filesystem
(such as AFS, eg.). In such rare cases, administrators are usually
aware of such limitations. SuSE default installations do not have
this limitation.
Download the update package from locations desribed below and install
the package with the command `rpm -Fhv file.rpm'. The md5sum for each
file is in the line below. You can verify the integrity of the rpm
files using the command
`rpm --checksig --nogpg file.rpm',
independently from the md5 signatures below.
<p> i386 Intel Platform:
SuSE-7.0
ftp://ftp.suse.com/pub/suse/i386/update/7.0/snd1/esound-0.2.19-15.i386.rpm
9d8addaa5ba29554a727eb34ae5189f4
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.0/zq1/esound-0.2.19-15.src.rpm
a9724b99a96430b1b7c1f741a8e8d528
SuSE-6.4
ftp://ftp.suse.com/pub/suse/i386/update/6.4/snd1/esound-0.2.16-75.i386.rpm
6f32f0867d1597a5129d0516438d9cca
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.4/zq1/esound-0.2.16-75.src.rpm
94ca6842981f7a501300d9edfc5cbf73
SuSE-6.3
ftp://ftp.suse.com/pub/suse/i386/update/6.3/snd1/esound-0.2.15-21.i386.rpm
16a5804a2f27e62d73df40d206b047ca
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.3/zq1/esound-0.2.15-21.src.rpm
c86689fd5d9f719135e1263dd5a38832
<p> Sparc Platform:
SuSE-7.0
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/snd1/esound-0.2.19-15.sparc.rpm
112648ef64c351952f832b180fcca23c
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/zq1/esound-0.2.19-15.src.rpm
a0bb3e3517ca83c13abd6827a8d2295e
<p><p> AXP Alpha Platform:
SuSE-6.4
ftp://ftp.suse.com/pub/suse/axp/update/6.4/snd1/esound-0.2.16-75.alpha.rpm
d2efefb21a6424a81e63788d972db49d
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.4/zq1/esound-0.2.16-75.src.rpm
a69ebae320c6f118f4b9e07f2a9af4d2
SuSE-6.3
ftp://ftp.suse.com/pub/suse/axp/update/6.3/snd1/esound-0.2.15-21.alpha.rpm
19942e308eda0c0d505bb64da734ad8d
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.3/zq1/esound-0.2.15-21.src.rpm
6f337d6864111d27fa93ef2bc3cb7b5a
<p><p> PPC Power PC Platform:
SuSE-7.0
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/snd1/esound-0.2.19-16.ppc.rpm
be6daabfee0e7e629b848814be81d9d0
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/zq1/esound-0.2.19-16.src.rpm
c77475b2c8fff104f8662bb9179efb64
SuSE-6.4
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/snd1/esound-0.2.16-75.ppc.rpm
f0e1aa54c3fdf7c6c02b34bedc51ee0f
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/zq1/esound-0.2.16-75.src.rpm
9acd25b5521201386bb73bc707382646
______________________________________________________________________________
2) Pending vulnerabilities in SuSE Distributions and Workarounds:
- gnorpm
A race condition has been found in the gnorpm program, a GUI for
the rpm system. The issue will be addressed in a following
announcement.
<p> - ncurses
The ncurses library contains buffer overflows that are exploitable
when user-supplied terminfo databases are processed. This imposes a
security risk on programs/binaries that are linked against libncurses
and run with special privileges. Both workaround and clean solution
is to remove the suid bit from all executable files with setuid bit
set.
The issue will be addressed in a following security announcement.
<p> - apache mod_rewrite
A bug has been discovered in the apache package that allows attackers
to read arbitrary files on a system that runs apache. The responsible
apache module named "mod_rewrite" is not used by default on SuSE
installations of the apache package. The issue will be addressed in
a following security announcement.
<p> - cfengine
A format string parsing bug causes the cfengine package to be
vulnerable to a remote root attack. Update packages are available,
the security announcement is pending.
<p> - usermode/userhelper
userhelper is a suid helper program designed to let the user who
is logged on to the console execute some programs with root
privileges. SuSE distributions do not contain the usermode package
and therefore are not vulnerable to the security problems recently
discovered in the usermode package.
<p> - tmpwatch
The tmpwatch packages as shipped with SuSE distributions are not
vulnerable to the attacks as discussed on security forums because
we ship an older version that does not provide the functionality
that can be exploited.
<p> - lprNG
The versions of the lprNG package that come with SuSE distributions
are not vulnerable to the format string parsing errors as discussed
in security forums.
<p> - traceroute
The traceroute program has been found vulnerable to a bug
(`traceroute -g 1 -g 1') in many distributions. Newer SuSE
distributions have a different implementation of the traceroute
program and are not vulnerable to the bug found by
Pekka Savola <pekkas(a)netcore.fi>. The vulnerability could not be
verified in older SuSE distributions.
<p>______________________________________________________________________________
3) standard appendix:
SuSE runs two security mailing lists to which any interested party may
subscribe:
suse-security(a)suse.com
- general/linux/SuSE security discussion.
All SuSE security announcements are sent to this list.
To subscribe, send an email to
<suse-security-subscribe(a)suse.com>.
suse-security-announce(a)suse.com
- SuSE's announce-only mailing list.
Only SuSE's security annoucements are sent to this list.
To subscribe, send an email to
<suse-security-announce-subscribe(a)suse.com>.
For general information or the frequently asked questions (faq)
send mail to:
<suse-security-info(a)suse.com> or
<suse-security-faq(a)suse.com> respectively.
===============================================
SuSE's security contact is <security(a)suse.com>.
===============================================
Regards,
Roman Drahtmüller.
- - --
- -
| Roman Drahtmüller <draht(a)suse.de> // "Caution: Cape does |
SuSE GmbH - Security Phone: // not enable user to fly."
| Nürnberg, Germany +49-911-740530 // (Batman Costume warning label) |
- -
______________________________________________________________________________
The information in this advisory may be distributed or reproduced,
provided that the advisory is not modified in any way.
SuSE GmbH makes no warranties of any kind whatsoever with respect
to the information contained in this security advisory.
Type Bits/KeyID Date User ID
pub 2048/3D25D3D9 1999/03/06 SuSE Security Team <security(a)suse.de>
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.3i
mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA
BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz
JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh
1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U
P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+
cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg
VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b
yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7
tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ
xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63
Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo
choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI
BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u
v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+
x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0
Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq
MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2
saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o
L0oixF12Cg==
=pIeS
- -----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
iQEVAwUBOeSeQHey5gA9JdPZAQHrvQf/Rr4f0JNuNIRymhcGou60OfvkDjXOH2yi
iT/CG9+uQns6QCyNe4jFjMNoFjCt//eZG2zMOO/22RiiCXUbPKeLPXVgyZYDN5VS
F1JDJfxYIoHrU+eQnDO1QVM0QpXbeSU4J6YIXxneZaZ0uP2kqi6y0o36UQtwzk3j
tRY/H1NsNWcKPYYTYWgmKZUQNd5n+Jq3cSf8DQAPWzoRoLGPo1+yp/SGuOyZbKN/
mEwTcsFxdOGgHtBOcHfRaAcb4nBHQ9QApKZTan8ndLTUIrhFb9C06gh9BEGmaqLD
jENF4MnWIlxGX5EaW0nLSJ2Ts4uh8julg9qteJGLN949+2ECfgzqag==
=oZfu
-----END PGP SIGNATURE-----
1
0
-----BEGIN PGP SIGNED MESSAGE-----
Dear reader,
Many customers have asked to publish the packages of the SuSE-7.0
distribution that are not included in the US version due to US crypto
regulations.
With <arch> being one out of i386, ia64, sparc, axp or ppc, the directory
<a href="ftp://ftp.suse.de/pub/suse/<arch">ftp://ftp.suse.de/pub/suse/<arch</a>>/7.0/
now contains all RPM packages that contain cryptographic software, along
with the source RPMs.
Please note that this directory will be removed again as soon as the
German FTP version of the SuSE distribution is being released. This should
happen in a few weeks from now.
The file ftp://ftp.suse.de/pub/suse/md5sum.crypto-packages-7.0 is
pgp-signed with the SuSE Security Team <security(a)suse.de>.
Thank you,
Roman Drahtmüller.
- --
- -
| Roman Drahtmüller <draht(a)suse.de> // "Caution: Cape does |
SuSE GmbH - Security Phone: // not enable user to fly."
| Nürnberg, Germany +49-911-740530 // (Batman Costume warning label) |
- -
<p>-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
iQEVAwUBOc/rNney5gA9JdPZAQFtRAf7BDTKrVeu2ysQMN3VG4kEoYk9kYyIR0a8
6+LYFC++M43HIvGCYaoJgPFAWuJj4z5KQQeo06o3IVR4zpuYOPOFOg96KyxfTykl
8SJ7TDQ+ZPvE5WeaepaLj1YBFiswAXGRVhd5RpTbGeG3REYFlHquI+mAj/01Ijw5
D/oer/ICBAZLQKV97k8OWPxl8Kzccj+nup9YlJgCFXgAdXGdRntISCM3KE1m3ADx
R7YO++n9O4GKW2jhBf9Uz+i66vHfGaHMrlINVLIkww55sysx7S/OMbV7xCw14VK9
s4p6bF92xGRlHOlymsOdwMt+7Ak6qQcJTwDmWrD5y19tvqrWkE7jiw==
=NyVY
-----END PGP SIGNATURE-----
1
0
-----BEGIN PGP SIGNED MESSAGE-----
______________________________________________________________________________
SuSE Security Announcement
Package: syslogd/klogd
Date: Wednesday, September 20th, 2000 03:00 MEST
Affected SuSE versions: 6.1 6.2, 6.3, 6.4, 7.0
Vulnerability Type: local DoS, possible root compromise
Severity (1-10): 5
SuSE default package: yes
Other affected systems: Linux systems, possibly unix systems
Content of this advisory:
1) security vulnerability resolved: syslogd/klogd
problem description, discussion, solution and upgrade information
2) pending vulnerabilities, solutions, workarounds
3) standard appendix (further information)
______________________________________________________________________________
1) problem description, brief discussion, solution, upgrade information
The syslogd package consists of two daemons that are being launched upon
system startup: klogd and syslogd. The former collects kernel messages
and passes them on to the syslog(3) facility. syslogd will pick up the
logging messages and write them to the logfiles as specified by the
syslogd configuration file /etc/syslog.conf. Errors in both the klogd
and the syslogd can cause both daemons do die when specially designed
strings get passed to the kernel by the user, eg. with a malformed
structure in a system call. These errors have been discovered by Jouko
Pynnönen, Solar Designer, a fix for one of the bugs has been provided
by Daniel Jacobowitz.
There is currently no known way to exploit these bugs with an
effect other than a DoS (Denial of Service) of the syslog/klog service.
Since it may be possible to execute arbitrary code as a result of a
buffer overflow, administrators should consider applying the patches
as soon as possible. Also, logging messages resulting from firewall
rules in the kernel can get lost if the daemon does not pick them up.
Efficient temporary countermeasures against these attacks other than
package upgrade do not exist.
Download the update package from locations desribed below and install
the package with the command `rpm -Fhv file.rpm'. The md5sum for each
file is in the line below. You can verify the integrity of the rpm
files using the command
`rpm --checksig --nogpg file.rpm',
independently from the md5 signatures below.
<p> i386 Intel Platform:
SuSE-7.0
ftp://ftp.suse.com/pub/suse/i386/update/7.0/a1/syslogd-1.3.33-161.i386.rpm
284b1975cda65cd6ed5ce65672706e19
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.0/zq1/syslogd-1.3.33-161.src.rpm
49c7a171753171f4e6fd772453d46a93
SuSE-6.4
ftp://ftp.suse.com/pub/suse/i386/update/6.4/a1/syslogd-1.3.33-161.i386.rpm
cb89ed419b0c9dbf7c66191a58606920
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.4/zq1/syslogd-1.3.33-161.src.rpm
33686198aa6412401b0056241829aae0
SuSE-6.3
ftp://ftp.suse.com/pub/suse/i386/update/6.3/a1/syslogd-1.3.33-161.i386.rpm
af5e43976fb9814e1f5d626e16c2d176
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.3/zq1/syslogd-1.3.33-161.src.rpm
1e821f6fda1f471d36e9b4990aa496b4
SuSE-6.2
ftp://ftp.suse.com/pub/suse/i386/update/6.2/a1/syslogd-1.3.33-9.i386.rpm
fc29df9455288f40eb1e8dbd0f47d5b3
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.2/zq1/syslogd-1.3.33-9.src.rpm
ae980989a754e6bf85de9dd60676b321
SuSE-6.1
ftp://ftp.suse.com/pub/suse/i386/update/6.1/a1/syslogd-1.3.33-161.i386.rpm
c8d23ec6c3a9f944c15d6e12ffebc66f
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.1/zq1/syslogd-1.3.33-161.src.rpm
b0329c20caf1d1d427da9961240732f5
SuSE-5.3
ftp://ftp.suse.com/pub/suse/i386/update/5.3/a1/syslogd-1.3.33-9.i386.rpm
3104e26a8b474e215ed703b7c4d48888
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/5.3/zq1/syslogd-1.3.33-9.src.rpm
09c9539df1c4225d2366a2a860b01dbb
<p> Sparc Platform:
SuSE-7.0
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/a1/syslogd-1.3.33-161.sparc.rpm
38bb40e8bdfd55387f0e25407d4e5cbd
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/zq1/syslogd-1.3.33-161.src.rpm
2017cbca57305092c0a912b77c2411dd
<p><p> AXP Alpha Platform:
SuSE-6.4
ftp://ftp.suse.com/pub/suse/axp/update/6.4/a1/syslogd-1.3.33-162.alpha.rpm
419ea3172f4532f77c4fc5907de345f2
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.4/zq1/syslogd-1.3.33-162.src.rpm
44cb992c94dffff0d31b65a0938fc1cc
SuSE-6.3
ftp://ftp.suse.com/pub/suse/axp/update/6.3/a1/syslogd-1.3.33-161.alpha.rpm
84cfb8fa2e471baadf96eae1d3be1d0a
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.3/zq1/syslogd-1.3.33-161.src.rpm
23ee4562c993de6943cead4878e73259
SuSE-6.1
ftp://ftp.suse.com/pub/suse/axp/update/6.1/a1/syslogd-1.3.33-161.alpha.rpm
3b04489436b536d3d2e4b4bec6bc5ced
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.1/zq1/syslogd-1.3.33-161.src.rpm
ab7edad2685d8d820b0f72b470048e81
<p> PPC Power PC Platform:
SuSE-6.4
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/a1/syslogd-1.3.33-161.ppc.rpm
9d588d1d4614d173b60746ae74fc6046
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/zq1/syslogd-1.3.33-161.src.rpm
eae3b0cd9b7de4ded453e9151b722b0e
______________________________________________________________________________
2) Pending vulnerabilities in SuSE Distributions and Workarounds:
This is the updated list of currently known security problems. Other
problems such as the one from the subject of this advisory have passed
these vulnerabilities due to greater severity.
- esound, xchat, gnorpm, xpdf
These packages are known to exhibit file race conditions. We will
provide update packages soon.
- pine
The pine Mail User Agent may crash when it encounters a specially
crafted header line in an email. Again, we're working on a patch.
______________________________________________________________________________
3) standard appendix:
SuSE runs two security mailing lists to which any interested party may
subscribe:
suse-security(a)suse.com
- general/linux/SuSE security discussion.
All SuSE security announcements are sent to this list.
To subscribe, send an email to
<suse-security-subscribe(a)suse.com>.
suse-security-announce(a)suse.com
- SuSE's announce-only mailing list.
Only SuSE's security annoucements are sent to this list.
To subscribe, send an email to
<suse-security-announce-subscribe(a)suse.com>.
For general information or the frequently asked questions (faq)
send mail to:
<suse-security-info(a)suse.com> or
<suse-security-faq(a)suse.com> respectively.
===============================================
SuSE's security contact is <security(a)suse.com>.
===============================================
Regards,
Roman Drahtmüller.
- - --
- -
| Roman Drahtmüller <draht(a)suse.de> // "Caution: Cape does |
SuSE GmbH - Security Phone: // not enable user to fly."
| Nürnberg, Germany +49-911-740530 // (Batman Costume warning label) |
- -
______________________________________________________________________________
The information in this advisory may be distributed or reproduced,
provided that the advisory is not modified in any way.
SuSE GmbH makes no warranties of any kind whatsoever with respect
to the information contained in this security advisory.
Type Bits/KeyID Date User ID
pub 2048/3D25D3D9 1999/03/06 SuSE Security Team <security(a)suse.de>
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.3i
mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA
BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz
JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh
1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U
P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+
cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg
VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b
yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7
tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ
xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63
Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo
choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI
BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u
v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+
x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0
Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq
MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2
saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o
L0oixF12Cg==
=pIeS
- -----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
iQEVAwUBOcgNaney5gA9JdPZAQGaQAf/S0nBPM0i735AsSOy9+R9GzYJomXpchj4
ld/iuNeUjPax+ZFMc7xDeBr/s+4NIzwFifB3jT2uVktlbTHFJqX9wxpNwCc8EOEa
/pGqfEjR84z0uio1RhQ603t1rvUhbD5VpdVA0axDAqy3OXpt9RBF++BpHrCYzdto
r0IfLQfVbRr23aIV0cxlLXsVL4Y/e9mQCQ00soJPzcvkRlRx3j1yeTrTvC0LOP8N
rV57t1OSYlzehuNAwP6tT+WEFsBS1v4iSCphp+qlIfk8mlHFKV7QtR5OgM1PQZVp
jkJ9MiMXvZtyoauaKjsdi/iWjj9X0vc8TwAuj9XiQbHlp3dmb2JaMg==
=49Fr
-----END PGP SIGNATURE-----
1
1
-----BEGIN PGP SIGNED MESSAGE-----
______________________________________________________________________________
SuSE Security Announcement
Package: pam_smb
Date: Wednesday, September 13th, 2000 18:00 MEST
Affected SuSE versions: 6.2, 6.3, 6.4, 7.0
Vulnerability Type: remote root compromise
Severity (1-10): 8
SuSE default package: no
Other affected systems: Linux systems using the pam_smb module
Content of this advisory:
1) security vulnerability resolved: pam_smb
problem description, discussion, solution and upgrade information
2) pending vulnerabilities, solutions, workarounds
3) standard appendix (further information)
______________________________________________________________________________
1) problem description, brief discussion, solution, upgrade information
pam_smb is a package for a PAM (Pluggable Authentication Modules) module
that allows Linux/Unix user authentication using a Windows NT server.
Versions 1.1.5 and before contain a buffer overflow that would allow
a remote attacker to gain root access on the target host, provided that
the target host has the module installed and configured. The bug was
found by Shaun Clowes <shaun(a)securereality.com.au>, and a new, fixed
version of the package was promptly published by Dave Airlie
<airlied(a)samba.org>, the author of the pam_smb package.
SuSE distributions starting with SuSE-6.2 have the package pam_smb
installed if a network server installation configuration has been
selected or if the package has been selected manually. To find out
if the PAM module is installed, use the command `rpm -q pam_smb'.
If the module package is not installed, your host does not exhibit
the weakness.
If you do not use the pam_smb module, you can safely remove it using the
command `rpm -e pam_smb'. SuSE provides update packages with the latest
version of pam_smb. If you do use the module, you should upgrade the
package as soon as possible.
There is currently no easy workaround for this problem other than a
package upgrade.
Download the update package from locations desribed below and install
the package with the command `rpm -Fhv file.rpm'. The md5sum for each
file is in the line below. You can verify the integrity of the rpm
files using the command
`rpm --checksig --nogpg file.rpm',
independently from the md5 signatures below.
<p> i386 Intel Platform:
SuSE-7.0
ftp://ftp.suse.com/pub/suse/i386/update/7.0/n1/pam_smb-1.1.6-0.i386.rpm
b5f7c7d92f9f023446a6ca3e73689aee
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.0/zq1/pam_smb-1.1.6-0.src.rpm
f56fa744add8ccdc9777f28475106148
SuSE-6.4
ftp://ftp.suse.com/pub/suse/i386/update/6.4/n1/pam_smb-1.1.6-0.i386.rpm
736c2fe5460724461b96d60b057bd4ab
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.4/zq1/pam_smb-1.1.6-0.src.rpm
fcfa4609d7d62c6fb0e1f03652dcaf56
SuSE-6.3
ftp://ftp.suse.com/pub/suse/i386/update/6.3/n1/pam_smb-1.1.6-0.i386.rpm
d5559e6f3474adcc041f7f8156cde15d
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.3/zq1/pam_smb-1.1.6-0.src.rpm
4fecea0bdf9db5c97d20e0c1e6153663
SuSE-6.2
ftp://ftp.suse.com/pub/suse/i386/update/6.2/n1/pam_smb-1.1.6-0.i386.rpm
73258171e7837d2995b39ebeeb3a87ff
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.2/zq1/pam_smb-1.1.6-0.src.rpm
f8f6f03f3c15f2f3c38f30bd97164919
<p><p> Sparc Platform:
SuSE-7.0
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/n1/pam_smb-1.1.6-0.sparc.rpm
9514dd4d6b54208468f0b5aca6ac51e4
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/zq1/pam_smb-1.1.6-0.src.rpm
22e8dc3e1b51a0f73e7451edd32dc824
<p><p> AXP Alpha Platform:
SuSE-6.4
ftp://ftp.suse.com/pub/suse/axp/update/6.4/n1/pam_smb-1.1.6-0.alpha.rpm
58547d46f0d19a73f6df6dd60693379f
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.4/zq1/pam_smb-1.1.6-0.src.rpm
5a14499e61e22607efd6f5a6700bf9f8
SuSE-6.3
ftp://ftp.suse.com/pub/suse/axp/update/6.3/n1/pam_smb-1.1.6-0.alpha.rpm
b507bcffe74723c5e950af141e17dce5
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.3/zq1/pam_smb-1.1.6-0.src.rpm
f9e692675604c2e1fad3567b394e12d6
<p><p> PPC Power PC Platform:
SuSE-6.4
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/n1/pam_smb-1.1.6-0.ppc.rpm
4a098a9308e93f207fa908f6febd7800
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/zq1/pam_smb-1.1.6-0.src.rpm
7e13f60d71ecbda1fc4e3b3765a5ec35
______________________________________________________________________________
2) Pending vulnerabilities in SuSE Distributions and Workarounds:
- zope
Zope is contained in SuSE-7.0, i386 Intel and Sparc Platforms only.
A permission problem can lead to users given extra roles for the
duration of a single request by mutating the roles list as a part
of the request processing. Please update the package from our ftp
server using the commands as described above in section 1).
Considering the moderate severity of the problem and the noise on
the security mailing lists, we do not provide a seperate security
advisory to address this problem.
i386 Intel Platform:
ftp://ftp.suse.com/pub/suse/i386/update/7.0/d2/zope-2.1.6-39.i386.rpm
472928c355c78c40973c01b9dc606adc
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.0/zq1/zope-2.1.6-39.src.rpm
9adbba630924b684458643f753d44832
<p> Sparc Platform:
SuSE-7.0
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/d2/zope-2.1.6-45.sparc.rpm
89358a5217ca6bb3c778cc0f2173d3fb
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/zq1/zope-2.1.6-45.src.rpm
9ce982884dc73e29bc60da3a00f3ab55
<p> - xchat
The xchat IRC client may be tricked to execute arbitrary commands
if the user clicks on an URL. We will provide an update package
shortly. Please note that this kind of problem is rather common
and will be addressed soon in a future advisory for another package.
<p> - IMP
IMP is a webmail application to allow users to read and write their
email in a browser. Security problems have been found that would
allow attackers to run arbitrary commands on the webserver running
IMP.
SuSE does not ship IMP or the Apache module "horde" that IMP is
based on.
______________________________________________________________________________
3) standard appendix:
SuSE runs two security mailing lists to which any interested party may
subscribe:
suse-security(a)suse.com
- general/linux/SuSE security discussion.
All SuSE security announcements are sent to this list.
To subscribe, send an email to
<suse-security-subscribe(a)suse.com>.
suse-security-announce(a)suse.com
- SuSE's announce-only mailing list.
Only SuSE's security annoucements are sent to this list.
To subscribe, send an email to
<suse-security-announce-subscribe(a)suse.com>.
For general information or the frequently asked questions (faq)
send mail to:
<suse-security-info(a)suse.com> or
<suse-security-faq(a)suse.com> respectively.
===============================================
SuSE's security contact is <security(a)suse.com>.
===============================================
Regards,
Roman Drahtmüller.
- - --
- -
| Roman Drahtmüller <draht(a)suse.de> // "Caution: Cape does |
SuSE GmbH - Security Phone: // not enable user to fly."
| Nürnberg, Germany +49-911-740530 // (Batman Costume warning label) |
- -
______________________________________________________________________________
The information in this advisory may be distributed or reproduced,
provided that the advisory is not modified in any way.
SuSE GmbH makes no warranties of any kind whatsoever with respect
to the information contained in this security advisory.
Type Bits/KeyID Date User ID
pub 2048/3D25D3D9 1999/03/06 SuSE Security Team <security(a)suse.de>
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.3i
mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA
BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz
JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh
1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U
P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+
cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg
VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b
yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7
tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ
xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63
Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo
choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI
BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u
v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+
x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0
Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq
MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2
saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o
L0oixF12Cg==
=pIeS
- -----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
iQEVAwUBOb+lbHey5gA9JdPZAQGoaAf/Scih4DSvieaIS+nw1amDM4Z4ybO6IXyH
h5V9Oc0pMoacPqN9eqRBgE9AfP2OekCYs4X27TbKpW5sRHZ9/H3ttF+FRrV+ImHe
vCiLjc8tUnY6/yG5mHDTjMtSHpJNmpI1y8oj4VgWfkO9hZcXqP9k/vMblUBMxezi
ZaYRYinPULRQ+CPPapOr5p7KMIx0qGVa9CfEQJpr0g4KFktbQrm5gbDCtEwFSb03
Wrkrfe+WTGqFYJ9zMBJZdn68J9dnjgMM7c/cRmzM9xr3LI0hfPnDCwa8kkLkKBq8
POwK59t2kzfODrBnfymvb/3AlQddt67qbFu3n0mlOoXR42qP1QJpRw==
=OYCm
-----END PGP SIGNATURE-----
1
0
-----BEGIN PGP SIGNED MESSAGE-----
Dear suse-linux-announce subscribers,
due to both organisational as well as techinal difficulties, postings to
suse-security-announce got delayed. These difficulties have now been
resolved.
Security announcements as well as warnings and SuSE-related official
security statements (f. ex. that SuSE distributions are not vulnerable to
a known problem) will be posted to suse-security-announce _prior_ to any
other forum.
To make sure that all subscribers are up-to-date with the currently known
security issues, all SuSE Security Announcements filed after August 10th
will be sent again in short succession (~5 minute seperation).
These advisories are:
SuSE Security Announcement: rpc.kstatd (knfsd)
SuSE Security Announcement: suidperl (perl)
SuSE Security Announcement: Netscape
SuSE Security Announcement: Netscape (addition with download URLs to
ftp.suse.com)
SuSE Security Announcement: shlibs (glibc)
SuSE Security Announcement: screen
SuSE Security Announcement: apache
The last in the chain will be the (yet) unreleased announcement about
pam_smb.
We apologize for the inconvenience that the recent problems with the list
may have caused.
Sincerely,
Roman Drahtmüller.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
iQEVAwUBOb9D7ney5gA9JdPZAQFDRggAkzpQ+dZA+0Xlr9ReG4ob+mRkyJORJ5U3
FYzvdRBnMJS5izSFmG0q4VMAsQtK55d+uyD3Au6eZO6mwoOwy77wkY5Kz7Dy+d0i
rk0mbwau3Mb+nTAAJ6mh817Kexzq9icDTzcUnW7rz5w+dVeht7t6hiYnfcBEEgfx
/b/nFU9O8/xPxLqMdghf5VQRpqoZoxUuRDqWtg10cd1BwjqbD4+ZUiLdQR2RTCMk
fqK0jcUPU2R4JSea/PBX5AZBZvZ/CVcteQm4jvEroBN5xoWdJ9FoYOEq7jMoFtym
uENw3m37EzrNsAsK7THp3WyqWenMpCaGSHfadi4h2HMVaHm9EiUQvg==
=F63r
-----END PGP SIGNATURE-----
1
0
-----BEGIN PGP SIGNED MESSAGE-----
______________________________________________________________________________
SuSE Security Announcement
Package: apache
Date: Thursday, September 7th, 2000 20:00 MEST
Affected SuSE versions: 6.1, 6.2, 6.3, 6.4, 7.0
Vulnerability Type: remote file viewing
Severity (1-10): 2
SuSE default package: yes
Other affected systems: none, as of the release date of this advisory
Content of this advisory:
1) security vulnerability resolved: apache
problem description, discussion, solution and upgrade information
2) credits: @stake
3) standard appendix (further information)
<p>______________________________________________________________________________
1) problem description, brief discussion, solution, upgrade information
The default package selection in SuSE distributions includes apache.
The configuration file that comes with the package contains two
security relevant errors:
a) Starting in SuSE-6.0, a section in apache's configuration file
/etc/httpd/httpd.conf reads
Alias /cgi-bin-sdb/ /usr/local/httpd/cgi-bin/
This allows remote users to read the cgi script sources of the server,
located in /usr/local/httpd/cgi-bin/.
b) Starting with SuSE-6.3, the distribution comes with the apache module
WebDAV. It is contained in a seperate package, named mod_dav, and it
is installed if selected by hand or if a network server configuration
has been selected in the installation process. mod_dav is not contained
in the default package selection. WebDAV stands for "Web-based
Distributed Authoring and Versioning" and allows users to
collaboratively edit and manage files on remote web servers (see
http://www.webdav.org/ for further details!).
If WebDAV is installed, apache will automatically run with the module
activated. Opposing the recommendations on the WebDAV homepage under
http://www.webdav.org/mod_dav/#security, there is no access control or
authentification activated. This should most definitely be considered
a security problem.
The overall policy wrt activating an installed package will adopt to this
conclusion in future releases of the SuSE Linux distribution.
Problem a) and b) can be easily solved by changing the relevant parts
of apache's configuration file /etc/httpd/httpd.conf:
a) Change "Alias /cgi-bin-sdb/ /usr/local/httpd/cgi-bin/" to read:
"ScriptAlias /cgi-bin-sdb/ /usr/local/httpd/cgi-bin/"
Then, restart apache: `/sbin/init.d/apache restart'
b) Change "DAV On" to read: "DAV Off". This removes the problem,
regardless of the package being installed or not. Alternatively,
you may wish to remove the mod_dav package using the command
`rpm -e mod_dav'.
Then, restart apache: `/sbin/init.d/apache restart'
SuSE strongly recommends to have these changes applied as soon as
possible. In addition, SuSE provides an update for the vulnerable
misconfigured packages for the case that the admin of a SuSE Linux
machine did not change the configuration file yet.
Download the update package from locations desribed below and install
the package with the command `rpm -Fhv file.rpm'. The md5sum for each
file is in the line below. You can verify the integrity of the rpm
files using the command
`rpm --checksig --nogpg file.rpm',
independently from the md5 signatures below.
<p> i386 Intel Platform:
SuSE-7.0
ftp://ftp.suse.com/pub/suse/i386/update/7.0/n1/apache-1.3.12-107.i386.rpm
65bac933de7676ad3d8f63b32c608dad
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.0/zq1/apache-1.3.12-107.nosrc.rpm
5b0f9ce9b5e2c3a45356fcd9cdff07ba
SuSE-6.4
ftp://ftp.suse.com/pub/suse/i386/update/6.4/n1/apache-1.3.12-107.i386.rpm
a4bea77974c9d300ac13698e6f9812eb
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.4/zq1/apache-1.3.12-107.nosrc.rpm
39cf311c44bc760159c711c7ec97685f
SuSE-6.3
ftp://ftp.suse.com/pub/suse/i386/update/6.3/n1/apache-1.3.9-70.i386.rpm
87d7a6426857e6f3afcf991c273fc1a5
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.3/zq1/apache-1.3.9-70.nosrc.rpm
ab81b76d0c4e6c765b77a69fd4143620
SuSE-6.2
ftp://ftp.suse.com/pub/suse/i386/update/6.2/n1/apache-1.3.6-52.i386.rpm
d7c513bb4aad15a9f3dfb11ff1302405
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.2/zq1/apache-1.3.6-52.nosrc.rpm
bdabbdf7df648c3b4b8c5fd031e65cfc
SuSE-6.1
ftp://ftp.suse.com/pub/suse/i386/update/6.1/n1/apache-1.3.6-53.i386.rpm
db40e37d1931fb4e5830358b37acee5e
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.1/zq1/apache-1.3.6-53.nosrc.rpm
8ad785cb5f16456b8540982f1175b0b0
SuSE-6.0
Please use the update packages from the 6.1 directory for SuSE-6.0!
<p> Sparc Platform:
SuSE-7.0
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/n1/apache-1.3.12-109.sparc.rpm
66f87cb2100960ee72ae1110fa077424
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/zq1/apache-1.3.12-109.nosrc.rpm
fff4bd1d37a7e9d430e8a60898865567
<p> AXP Alpha Platform:
SuSE-6.4
The update packages will be available soon at the usual location
ftp://ftp.suse.com/pub/suse/axp/update/6.4/n1/ .
Until then, please correct the configuration file by hand as
described above.
SuSE-6.3
The update packages will be available soon at the usual location
ftp://ftp.suse.com/pub/suse/axp/update/6.3/n1/ .
Until then, please correct the configuration file by hand as
described above.
SuSE-6.1
ftp://ftp.suse.com/pub/suse/axp/update/6.1/n1/apache-1.3.6-43.alpha.rpm
eaca8f06c54c669d60f6a06fbe7301dc
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.1/zq1/apache-1.3.6-43.nosrc.rpm
2227de2e6d5faf268413cd474175d126
<p> PPC Power PC Platform:
SuSE-6.4
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/n1/apache-1.3.12-108.ppc.rpm
0c830d4d33f2bac33d6a44ab0efc34e7
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/zq1/apache-1.3.12-108.nosrc.rpm
f5fd7575d67e369f87fb2e5c47b61eaf
SuSE-6.3
The update packages will be available soon at the usual location
ftp://ftp.suse.com/pub/suse/ppc/update/6.3/n1/ .
Until then, please correct the configuration file by hand as
described above.
______________________________________________________________________________
2) Credits:
SuSE would like to express its sincere appreciation for the efforts
and the working style of the Cerberus Security Team/@Stake Inc., in
particular to mnemonix (David Litchfield <dlitchfield(a)atstake.com>)
and to weld <weld(a)atstake.com>.
Have a look at their website at http://www.atstake.com/ for further
information.
______________________________________________________________________________
3) standard appendix:
SuSE runs two security mailing lists to which any interested party may
subscribe:
suse-security(a)suse.com
- general/linux/SuSE security discussion.
All SuSE security announcements are sent to this list.
To subscribe, send an email to
<suse-security-subscribe(a)suse.com>.
suse-security-announce(a)suse.com
- SuSE's announce-only mailing list.
Only SuSE's security annoucements are sent to this list.
To subscribe, send an email to
<suse-security-announce-subscribe(a)suse.com>.
For general information or the frequently asked questions (faq)
send mail to:
<suse-security-info(a)suse.com> or
<suse-security-faq(a)suse.com> respectively.
===============================================
SuSE's security contact is <security(a)suse.com>.
===============================================
Regards,
Roman Drahtmüller.
- - --
- -
| Roman Drahtmüller <draht(a)suse.de> // "Caution: Cape does |
SuSE GmbH - Security Phone: // not enable user to fly."
| Nürnberg, Germany +49-911-740530 // (Batman Costume warning label) |
- -
______________________________________________________________________________
The information in this advisory may be distributed or reproduced,
provided that the advisory is not modified in any way.
SuSE GmbH makes no warranties of any kind whatsoever with respect
to the information contained in this security advisory.
Type Bits/KeyID Date User ID
pub 2048/3D25D3D9 1999/03/06 SuSE Security Team <security(a)suse.de>
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.3i
mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA
BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz
JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh
1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U
P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+
cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg
VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b
yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7
tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ
xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63
Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo
choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI
BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u
v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+
x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0
Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq
MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2
saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o
L0oixF12Cg==
=pIeS
- -----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
iQEVAwUBObfXOHey5gA9JdPZAQHhzwf+KIt1AysU1WAwQXlQTssfVFEM0nh6fT2O
FRqoAF+2FpC3FaTZBmTqYTuNtegSG0cndg/NzWy2Q2CTFxbEzm7aJqOxtS/R6Am2
GPKV6k51gW0lmL7Pl9j15s9kngW/U9fRnMX/SCw4CiHnuMTD+AuERFYEQOAVFaQy
Qvw03BYRJnr36DOl3PUovir5TyIrBQloPr6IxfJPvL/mbHz63h8ISBgLjfITpAY0
7FJtUN4SM86pXcuO7LGyOTQciAzvIChSqelaZnqGEUVhmGBcTzTsaoMrwf43w2NP
KQ61Ez34EwNN1AA/jhY9ARdenNUKCTXcWC6hFcXibMKTdqgJJq6waA==
=x36R
-----END PGP SIGNATURE-----
1
0
-----BEGIN PGP SIGNED MESSAGE-----
______________________________________________________________________________
SuSE Security Announcement
Package: screen
Date: Wednesday, September 6th, 2000 19:35 MEST
Affected SuSE versions: 5.3, 6.0, 6.1, 6.2, 6.3, 6.4, 7.0
Vulnerability Type: local root compromise
Severity (1-10): 8
SuSE default package: yes
Other affected systems: all linux systems with the screen program
installed suid root
Content of this advisory:
1) security vulnerability resolved: screen
problem description, discussion, solution and upgrade information
2) pending vulnerabilities, temporary workarounds
3) standard appendix (further information)
<p>______________________________________________________________________________
1) problem description, brief discussion, solution, upgrade information
screen, a tty multiplexer, is installed suid root by default on SuSE
Linux distributions. By supplying a thoughtfully designed string as
the visual bell message, local users can obtain root privilege.
Exploit information has been published on security forums.
The temporary workaround for this problem would be to remove the suid
bit from /usr/bin/screen*. This also requires mode changes in the
/tmp/screens directory where the pipes for communication between
the client and server part of screen are placed upon start of screen.
SuSE provides an update for the vulnerable screen package. It is
strongly recommended to upgrade to the latest version found on our
ftp server as described below. The update packages remove all currently
known security problems in the glibc package.
Download the update package from locations desribed below and install
the package with the command `rpm -Fhv file.rpm'. The md5sum for each
file is in the line below. You can verify the integrity of the rpm
files using the command
`rpm --checksig --nogpg file.rpm',
independently from the md5 signatures below.
<p> i386 Intel Platform:
SuSE-7.0
ftp://ftp.suse.com/pub/suse/i386/update/7.0/ap1/screen-3.9.8-1.i386.rpm
84b6330f0b9ac7600cc5ec53a9dfdbe9
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.0/zq1/screen-3.9.8-1.src.rpm
883d80abf603a4eab2238a4e857301e2
SuSE-6.4
ftp://ftp.suse.com/pub/suse/i386/update/6.4/ap1/screen-3.9.8-0.i386.rpm
52f451ce0c8c49e02311dd16961aa028
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.4/zq1/screen-3.9.8-0.src.rpm
a3cb0fb2c90664c6deb986fcbf4e74fd
SuSE-6.3
ftp://ftp.suse.com/pub/suse/i386/update/6.3/ap1/screen-3.9.8-0.i386.rpm
2c244140d346b16a3d5fb77e2cf1f860
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.3/zq1/screen-3.9.8-0.src.rpm
2c84eadb44a5694dc3088000fff5ec82
SuSE-6.2
ftp://ftp.suse.com/pub/suse/i386/update/6.2/ap1/screen-3.9.8-0.i386.rpm
a72973a281467a1b390453ba2cbf3b59
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.2/zq1/screen-3.9.8-0.src.rpm
a379e5b4ca81cf4118002c3064d1c3da
SuSE-6.1
ftp://ftp.suse.com/pub/suse/i386/update/6.1/ap1/screen-3.9.8-0.i386.rpm
d64479b7ba3740299acf717fe36c3834
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.1/zq1/screen-3.9.8-0.src.rpm
e0b08bc5887c40d9f6e3176936c7150b
SuSE-6.0
Please use the update packages from the 6.1 directory for SuSE-6.0!
SuSE-5.3
ftp://ftp.suse.com/pub/suse/i386/update/5.3/ap1/screen-3.9.8-0.i386.rpm
cd3ef3bc018973d8907000a8a23bafb6
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/5.3/zq1/screen-3.9.8-0.src.rpm
f94c9664219649a2f2100344a88cdd22
<p><p> Sparc Platform:
SuSE-7.0
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/ap1/screen-3.9.8-0.sparc.rpm
3adce8a1bcf2464266d5db728b8d8af9
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/zq1/screen-3.9.8-0.src.rpm
26b1186598be0f873732fa5bf7b7b77b
<p><p> AXP Alpha Platform:
SuSE-6.4
ftp://ftp.suse.com/pub/suse/axp/update/6.4/ap1/screen-3.9.8-0.alpha.rpm
aa64d979f33d3c03b5bc0c5074892df8
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.4/zq1/screen-3.9.8-0.src.rpm
11f2261b54e8a329c8b0d1bfd9d0c96f
SuSE-6.3
ftp://ftp.suse.com/pub/suse/axp/update/6.3/ap1/screen-3.9.8-0.alpha.rpm
8e5acd8e3fe9efa7d82e2710489c7300
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.3/zq1/screen-3.9.8-0.src.rpm
6a1c04d9dd4f8c351e189a38f6f5d614
SuSE-6.1
ftp://ftp.suse.com/pub/suse/axp/update/6.1/ap1/screen-3.9.8-0.alpha.rpm
54828e3e9f0c72cc022fb35660c687e8
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.1/zq1/screen-3.9.8-0.src.rpm
e1ff18f05b40afa7849e7d07ae5b8755
<p> PPC Power PC Platform:
SuSE-6.4
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/ap1/screen-3.9.8-0.ppc.rpm
7418b948cf1e92622814c8aae3fa9aa6
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/zq1/screen-3.9.8-0.src.rpm
25c8979ec0f63f09a3e39cdadf2ef657
SuSE-6.3
ftp://ftp.suse.com/pub/suse/ppc/update/6.3/ap1/screen-3.9.8-0.ppc.rpm
ea459ccb8c91b293e8b2b321df39be89
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/6.3/zq1/screen-3.9.8-0.src.rpm
aa87f61ec2fa912be6c83711c0630129
______________________________________________________________________________
2) Pending vulnerabilities in SuSE Distributions and Workarounds:
This section addresses currently known vulnerabilities in Linux/Unix
systems that have not been resolved yet as of the release date of
this advisory.
- zope
SuSE distributions before 7.0 do not contain zope as a package.
An updated package for the freshly released SuSE-7.0 is on the way.
- xchat
A fix for the URL handler vulnerabilty is in progress and will
be released within a few days. There is currently no effective
and easy workaround other than removing the package by hand
(`rpm -e xchat'). More information on xchat can be found in
xchat's documentation directory /usr/doc/packages/xchat or
/usr/share/doc/packages/xchat for SuSE-7.0.
______________________________________________________________________________
3) standard appendix:
SuSE runs two security mailing lists to which any interested party may
subscribe:
suse-security(a)suse.com
- general/linux/SuSE security discussion.
All SuSE security announcements are sent to this list.
To subscribe, send an email to
<suse-security-subscribe(a)suse.com>.
suse-security-announce(a)suse.com
- SuSE's announce-only mailing list.
Only SuSE's security annoucements are sent to this list.
To subscribe, send an email to
<suse-security-announce-subscribe(a)suse.com>.
For general information or the frequently asked questions (faq)
send mail to:
<suse-security-info(a)suse.com> or
<suse-security-faq(a)suse.com> respectively.
===============================================
SuSE's security contact is <security(a)suse.com>.
===============================================
Regards,
Roman Drahtmüller.
- - --
- -
| Roman Drahtmüller <draht(a)suse.de> // "Caution: Cape does |
SuSE GmbH - Security Phone: // not enable user to fly."
| Nürnberg, Germany +49-911-740530 // (Batman Costume warning label) |
- -
______________________________________________________________________________
The information in this advisory may be distributed or reproduced,
provided that the advisory is not modified in any way.
SuSE GmbH makes no warranties of any kind whatsoever with respect
to the information contained in this security advisory.
Type Bits/KeyID Date User ID
pub 2048/3D25D3D9 1999/03/06 SuSE Security Team <security(a)suse.de>
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.3i
mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA
BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz
JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh
1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U
P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+
cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg
VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b
yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7
tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ
xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63
Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo
choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI
BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u
v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+
x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0
Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq
MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2
saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o
L0oixF12Cg==
=pIeS
- -----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
iQEVAwUBObaAlXey5gA9JdPZAQHi5gf9FE0NBzriT2G37ogRKRdENNXEZhWmj5fa
vUcFBeGXvJzRxIabFbyqGfIlONp+SKdbxJqVpxBBXB+NaFYAAEtLIgjKA+DUOThQ
DZjFVouMiuzwROl8JZU33GCNjqGh+97ImBA4LlVymFm603fgRllYZV2+TsqeWarE
s2xIzB9z4GlLbyG/X/bM0tAOoPKiEl3hiTdWM7tAgXVoiTkdVBOYGDR/9wmMNiEU
ZNkxdq5OJUcNd4Pa4vbnxTLPUEdBhQmZgWvfP+9v45FylkgTuRXrcCcyRj6YVVdC
oOgB050z1zr56fVCClGKeOvgTKACwrUMX7pyIeG0HZCWGU+Ag+SsHw==
=WVPy
-----END PGP SIGNATURE-----
1
0
-----BEGIN PGP SIGNED MESSAGE-----
______________________________________________________________________________
SuSE Security Announcement
Package: shlibs (glibc-2.0, glibc-2.1)
Date: Wednesday, September 6th, 2000 12:30 MEST
Affected SuSE versions: 6.0, 6.1, 6.2, 6.3, 6.4, 7.0
Vulnerability Type: local root compromise
Severity (1-10): 9
SuSE default package: yes
Other affected systems: all glibc based linux systems, other
Un*x systems
Content of this advisory:
1) security vulnerability resolved: shlibs (glibc)
problem description, discussion, solution and upgrade information
2) pending vulnerabilities, temporary workarounds
3) standard appendix (further information)
<p>______________________________________________________________________________
1) problem description, brief discussion, solution, upgrade information
The glibc implementations in all SuSE distributions starting with
SuSE-6.0 have multiple security problems where at least one of them
allows any local user to gain root access to the system.
a) ld-linux.so.2, the runtime linker, is supposed to clean environment
variables that may influence the execution of programs ran by a
suid program. Variables of that kind include LD_LIBRARY_PATH and
LD_PRELOAD. These variables do not have any effect on the suid
application itself since the linker ignores them. However, if the
suid program executes another non-suid application without dropping
privileges and without cleaning the environment, the LD_* variables
would allow an attacker to execute arbitrary code as the effective
uid of the calling suid program. There is currently no program in the
SuSE distribution known to be susceptible to this problem.
b) locale handling portions of the glibc code fails to properly check
given environment settings such as the variable LANGUAGE. This could
lead to arbitrary code being executed as root, depending on the
permissions and ownerships of the program being used for the exploit.
c) A bug in the mutex handling code in the shlibs version for SuSE-7.0
could cause multithreaded applications to hang or crash. This has also
been fixed.
There is only one way to temporarily circumvent the exploit: Disable
all suid applications in the system.
SuSE provides a updated packages for the vulnerable libraries. It is
strongly recommended to upgrade to the latest version found on our
ftp server as described below. The update packages remove all currently
known security problems in the glibc package.
Download the update packages as described below and install the
package with the command `rpm -Fhv file.rpm'. The md5sum for each
file is in the line below. You can verify the integrity of the rpm
files using the command
`rpm --checksig --nogpg file.rpm',
independently from the md5 signatures below.
SPECIAL INSTALL INSTRUCTIONS:
Note that the complete update consists of three (3) binary rpm
packages and one source rpm package per distribution and platform.
libc-*.rpm contains the static libraries, libd is the package for
the profiling+debugging version of the libraries.
If at all possible, keep your machine calm while you perform the
update. Execute the following commands after the rpm update has been
applied:
/sbin/ldconfig # alternatively, use SuSEconfig
/sbin/init u # will restart init to make a clean shutdown
# possible once needed.
i386 Intel Platform:
SuSE-7.0
ftp://ftp.suse.com/pub/suse/i386/update/7.0/a1/shlibs-2.1.3-154.i386.rpm
753176172ebf628c6567c70a9b950933
ftp://ftp.suse.com/pub/suse/i386/update/7.0/d1/libc-2.1.3-154.i386.rpm
0f0696fc359cdb7b13f40a52d6676f09
ftp://ftp.suse.com/pub/suse/i386/update/7.0/d2/libd-2.1.3-154.i386.rpm
4ca3268f91a9294313cf871e9f7cb8b8
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.0/zq1/libc-2.1.3-154.src.rpm
a6af3232fe6d474d6309c68469c126ec
SuSE-6.4
ftp://ftp.suse.com/pub/suse/i386/update/6.4/a1/shlibs-2.1.3-154.i386.rpm
150dcb3854b066c021c396b4a0fe25e6
ftp://ftp.suse.com/pub/suse/i386/update/6.4/d1/libc-2.1.3-154.i386.rpm
75c9aef75d6e7e4b196c21bb500d00e0
ftp://ftp.suse.com/pub/suse/i386/update/6.4/d2/libd-2.1.3-154.i386.rpm
47fff508b0b67a82356361aa23c8beae
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.4/zq1/libc-2.1.3-154.src.rpm
bfeaa4e15ecbe1fea986b710152b5fec
SuSE-6.3
ftp://ftp.suse.com/pub/suse/i386/update/6.3/a1/shlibs-2.1.2-47.i386.rpm
8e88f237414a4d8f96131b17267b4d53
ftp://ftp.suse.com/pub/suse/i386/update/6.3/d1/libc-2.1.2-47.i386.rpm
575bb0c94474add7ae02333cbb77cba0
ftp://ftp.suse.com/pub/suse/i386/update/6.3/d2/libd-2.1.2-47.i386.rpm
8728db143b6393a261aa9060d9321345
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.3/zq1/libc-2.1.2-47.src.rpm
eea1810dceafe5e7f77b4b5137829834
SuSE-6.2
ftp://ftp.suse.com/pub/suse/i386/update/6.2/a1/shlibs-2.1.1-29.i386.rpm
78360eddc58f3897a14327d2fa214191
ftp://ftp.suse.com/pub/suse/i386/update/6.2/d1/libc-2.1.1-29.i386.rpm
456cad1d8034d40ebbf8337d1308c4de
ftp://ftp.suse.com/pub/suse/i386/update/6.2/d2/libd-2.1.1-29.i386.rpm
6dccdf557c6d329b40238a1644368564
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.2/zq1/libc-2.1.1-29.src.rpm
cec489c212826cb2dcc65a602da61da3
SuSE-6.1
ftp://ftp.suse.com/pub/suse/i386/update/6.1/a1/shlibs-2000.9.5-0.i386.rpm
7a272e7f15fd2dec69401d4c788de015
ftp://ftp.suse.com/pub/suse/i386/update/6.1/d1/libc-2000.9.5-0.i386.rpm
c748944bbe8a55f69478e6ef0bda843a
ftp://ftp.suse.com/pub/suse/i386/update/6.1/d2/libd-2000.9.5-0.i386.rpm
7fce2e2e41b62dc985e48ee31f6dac1c
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.1/zq1/libc-2000.9.5-0.src.rpm
77fa60f5a3a10e02460bd1960b1f78f6
Please use the packages from the SuSE-6.1 directory for SuSE-6.0!
<p><p> Sparc Platform:
SuSE-7.0:
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/a1/shlibs-2.1.3-154.sparc.rpm
1563171d7ee17a3048500afd4424927d
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/d1/libc-2.1.3-154.sparc.rpm
a907fbb3e5e48664cadb6b75570e15b2
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/d2/libd-2.1.3-154.sparc.rpm
f60071e3a497e3af48078338b3bd6610
source rpm:
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/zq1/libc-2.1.3-154.src.rpm
690a34f9ddb6bd6edf41a07d5fba0ad4
<p><p> AXP Alpha Platform:
SuSE-6.4
ftp://ftp.suse.com/pub/suse/axp/update/6.4/a1/shlibs-2.1.3-154.alpha.rpm
d08a782d1dc1cc406b2141727295befe
ftp://ftp.suse.com/pub/suse/axp/update/6.4/d1/libc-2.1.3-154.alpha.rpm
730c9b3c98f9d243c09ce41c5c4240a5
ftp://ftp.suse.com/pub/suse/axp/update/6.4/d2/libd-2.1.3-154.alpha.rpm
0c2ba3d11a42d84f48b1ee79a15e36b2
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.4/zq1/libc-2.1.3-154.src.rpm
a5f2a207c6f8b179bbd91cea9c96711d
SuSE-6.3
ftp://ftp.suse.com/pub/suse/axp/update/6.3/a1/shlibs-2.1.2-47.alpha.rpm
afc0ac7f3db066702fbd19bfaa216751
ftp://ftp.suse.com/pub/suse/axp/update/6.3/d1/libc-2.1.2-47.alpha.rpm
3530ef711231a5b378d14fe70e2971f6
ftp://ftp.suse.com/pub/suse/axp/update/6.3/d2/libd-2.1.2-47.alpha.rpm
5836a7a1557046b0c3498b7dec1ee436
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.3/zq1/libc-2.1.2-47.src.rpm
0100769ad09d68563a7540ba73c826d7
SuSE-6.1
ftp://ftp.suse.com/pub/suse/axp/update/6.1/a1/shlibs-2000.9.5-0.alpha.rpm
64c59dcb13069293694faf845446463e
ftp://ftp.suse.com/pub/suse/axp/update/6.1/d1/libc-2000.9.5-0.alpha.rpm
2b8df961dcfb42933cdf298f9229cffd
ftp://ftp.suse.com/pub/suse/axp/update/6.1/d2/libd-2000.9.5-0.alpha.rpm
75dd4bcfb0bf2cc64fe8dd5bfc4a69f0
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.1/zq1/libc-2000.9.5-0.src.rpm
11871baa8279f8c0c79f6c9d95ca531c
<p> PPC Power PC Platform:
SuSE-6.4
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/a1/shlibs-2.1.3-154.ppc.rpm
8565cd463e4fbbccc39aa96f1eefdc70
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/d1/libc-2.1.3-154.ppc.rpm
987ed3d338fb7c42083cf6dd2057ce0b
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/d2/libd-2.1.3-154.ppc.rpm
a212f188cf31d55c2016236d2c313cf4
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/zq1/libc-2.1.3-154.src.rpm
401b4f2f306a065fb04edd89cd153364
______________________________________________________________________________
2) Pending vulnerabilities in SuSE Distributions and Workarounds:
This section addresses currently known vulnerabilities in Linux/Unix
systems that have not been resolved yet as of the release date of
this advisory.
- screen
local root compromise. Update+advisory follows this advisory.
- zope
SuSE distributions before 7.0 do not contain zope as a package.
An updated package for the freshly released SuSE-7.0 is on the way.
- xchat
A fix for the URL handler vulnerabilty is in progress and will
be released within a few days. There is currently no effective
and easy workaround other than removing the package by hand
(`rpm -e xchat'). More information on xchat can be found in
xchat's documentation directory /usr/doc/packages/xchat or
/usr/share/doc/packages/xchat for SuSE-7.0.
______________________________________________________________________________
3) standard appendix:
SuSE runs two security mailing lists to which any interested party may
subscribe:
suse-security(a)suse.com
- general/linux/SuSE security discussion.
All SuSE security announcements are sent to this list.
To subscribe, send an email to
<suse-security-subscribe(a)suse.com>.
suse-security-announce(a)suse.com
- SuSE's announce-only mailing list.
Only SuSE's security annoucements are sent to this list.
To subscribe, send an email to
<suse-security-announce-subscribe(a)suse.com>.
For general information or the frequently asked questions (faq)
send mail to:
<suse-security-info(a)suse.com> or
<suse-security-faq(a)suse.com> respectively.
===============================================
SuSE's security contact is <security(a)suse.com>.
===============================================
Regards,
Roman Drahtmüller.
- - --
- -
| Roman Drahtmüller <draht(a)suse.de> // "Caution: Cape does |
SuSE GmbH - Security Phone: // not enable user to fly."
| Nürnberg, Germany +49-911-740530 // (Batman Costume warning label) |
- -
______________________________________________________________________________
The information in this advisory may be distributed or reproduced,
provided that the advisory is not modified in any way.
SuSE GmbH makes no warranties of any kind whatsoever with respect
to the information contained in this security advisory.
Type Bits/KeyID Date User ID
pub 2048/3D25D3D9 1999/03/06 SuSE Security Team <security(a)suse.de>
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.3i
mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA
BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz
JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh
1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U
P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+
cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg
VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b
yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7
tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ
xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63
Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo
choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI
BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u
v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+
x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0
Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq
MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2
saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o
L0oixF12Cg==
=pIeS
- -----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
iQEVAwUBObYa53ey5gA9JdPZAQHOcwf/Xwz2AsyelEXHA9KA+9/b5ZpEPu0hnySF
KjADn6wLGDGdUBb70IszsIWbxg5XUXkQ4rjmHgE2IXmZG+euD+KW7Y9QPNTGpt5/
JD9lQAaqlqSOFr6/CuD44ZaU/hUGELeMIyG0YDCG27zQwWGigjJwdeyuDeqif0+M
MGDnBqW+GS/LXaLd7Yb4QIocFDKzYFHqGPbYIP3vEAkTpT/gBV6C51E7NBDE8Bwm
3k8PvrHIoq/ovlUEqMbeEETskjMuGQfkUPHfVDV0um96RpsdKEHQIBdCfeMBTe5P
ZL/aLeMwDdN6kKNAeouKDszWz453uXuWo0h8cZCJG2/Z1bNtoEi9Aw==
=iM4f
-----END PGP SIGNATURE-----
1
0