July 2005 - openSUSE Security - openSUSE Mailing Lists

Re: [suse-security-announce] SUSE Security Announcement: Acrobat Reader 5 buffer overflow (SUSE-SA:2005:042)
by Mathias Homann 18 Jul '05

18 Jul '05

Am Donnerstag, 14. Juli 2005 19:46 schrieb Marcus Meissner: > Package: acroread 5 > Announcement ID: SUSE-SA:2005:042 > Date: Thu, 14 Jul 2005 15:00:00 +0000 > Affected Products: 9.0, 9.1, 9.2 > SUSE Linux Desktop 1 > SUSE Linux Enterprise Server 8, 9 > Novell Linux Desktop 9 > Open Enterprise Server 9 > Vulnerability Type: remote code execution > Severity (1-10): 8 > SUSE Default Package: yes > Cross-References: CAN-2005-1625 > > Content of This Advisory: > 1) Security Vulnerability Resolved: > Buffer overflow in Acrobat Reader 5 > Problem Description > 2) Solution or Work-Around > 3) Special Instructions and Notes > 4) Package Location and Checksums > 5) Pending Vulnerabilities, Solutions, and Work-Arounds: > See SUSE Security Summary Report. > 6) Authenticity Verification and Additional Information > > ___________________________________________________________________ >___________ > > 1) Problem Description and Brief Discussion > > This update fixes a buffer overflow in Acrobat Reader versions > 5, where an attacker could execute code by providing a handcrafted > PDF to the viewer. > > The Acrobat Reader 5 versions of SUSE Linux 9.0 up to 9.2, SUSE > Linux Enterprise Server 9 and Novell Linux Desktop 9 were > upgraded to Acrobat Reader 7. > > Unfortunately this version upgrade introduces new dependencies. > Please use the YaST module "Install or Remove Software" to check if > there are new dependencies and install the required packages. shouldn't that read "unfortunately acrobat reader 7 contains spyware" instead? bye, MH

3 3

SuSEfirewall config file broken after update
by Bernd Johannes 18 Jul '05

18 Jul '05

Hello, maybe I got this malfunction by chance but I will report it anyway - perhaps someone else got hit. During a recent update of my Suse9.2 (within the last 3-4 weeks) my sysconfig/SuSEfirewall2 config file got modified in a bad way. The cause was a multiline configuration entry with "\" to span to the next line(s). After the first multiline, there where repetitions of comments which where harmless to single-line entries, but disrupted the first - and any subsequent multiline-entries thereafter. I did not recognize the problem at once (its my home box - I am rather lazy about it and don't scan the message logs every day :-) - so I cannot refer exactly which update caused the problem - but I found that my firewall did no longer work as intended which pointed me to the problem. Greetings Bernd

3 2

RE: [suse-security] FW: ipsec and NAT on same box, roadwarrior config
by Philipp Snizek 18 Jul '05

18 Jul '05

Hi no need to answer. it works. philipp > -----Original Message----- > From: Philipp Snizek [mailto:mailinglists@belfin.ch] > Sent: Sonntag, 17. Juli 2005 18:53 > To: suse-security(a)suse.com > Subject: [suse-security] FW: ipsec and NAT on same box, > roadwarrior config > > > Hi > > I got IPSEC and NAT on one linux box. > For gateway to gateway tunnels with static ip addresses this > is no problem. A no-NAT iptables postrouting rule (-j ACCEPT) > for the tunnels will do. But how can this be done in a road > warrior config with changing ip addresses? > > Any ideas? > > thanks > philipp > > -- > Check the headers for your unsubscription address For > additional commands, e-mail: suse-security-help(a)suse.com > Security-related bug reports go to security(a)suse.de, not here > >

1 0

FW: ipsec and NAT on same box, roadwarrior config
by Philipp Snizek 17 Jul '05

17 Jul '05

Hi I got IPSEC and NAT on one linux box. For gateway to gateway tunnels with static ip addresses this is no problem. A no-NAT iptables postrouting rule (-j ACCEPT) for the tunnels will do. But how can this be done in a road warrior config with changing ip addresses? Any ideas? thanks philipp

1 0

UDP ports
by jmena＠enitel.net.ni 17 Jul '05

17 Jul '05

Hello, i have a suse professional 8.0, i wan to known how can i trace what application is open a tcp or udp port ? -- ENITEL (http://enitel.net.ni)

5 4

SFW2-IN-ILL-TARGET
by Michael Hoeller 14 Jul '05

14 Jul '05

Hallo die Firewall meines remote Rechners sperrt mich aus wenn ich mich mit ssh verbinden möchte. Die Verbindung grundsätzlich wird hergestellt und die IP Adressen werden (fix) vergeben. bei der FW auf dem remote Rechner habe ich ssh zugelassen.. Aber das ist Offensichtlich nicht genug, was habe ich vergessen? Ich habe gegoogelt aber nur Hinweise auf FW_QUICKMODE="yes" gefunden. Das scheint mir aber nicht die Lösung zu sein da ich ja die FW2 verwende...??? Gruß und Dank Michael Jul 9 21:34:18 omicron ipppd[7273]: local IP address 192.168.55.100 Jul 9 21:34:18 omicron ipppd[7273]: remote IP address 192.168.55.200 Jul 9 21:34:22 omicron kernel: SFW2-IN-ILL-TARGET IN=ippp0 OUT= MAC= SRC=192.168.55.200 DST=192.168.55.100 LEN=6 0 TOS=0x00 PREC=0x00 TTL=64 ID=48935 DF PROTO=TCP SPT=1032 DPT=22 WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B404 02080A01E052360000000001030302) This e-mail (and/or attachments) is confidential and may be privileged. Use or disclosure of it by anyone other than a designated addressee is unauthorized. If you are not an intended recipient, please delete this e-mail from the computer on which you received it. We thank you for notifying us immediately.

6 23

Re: [suse-security-announce] SUSE Security Announcement: opera various problems (SUSE-SA:2005:034)
by Frank Steiner 14 Jul '05

14 Jul '05

Hi, just like all version of 8.01 that I can download from Operas ftp server, the SuSE packages segfault on my SuSE 9.0. Other people seem to have the same problem with SuSE 9.0, look here: http://groups.google.com/groups?hl=de&lr=&threadm=20050622193542.6e210a55.l… Anyone running 8.01 successfully on SuSE 9.0? cu, Frank -- Dipl.-Inform. Frank Steiner Web: http://www.bio.ifi.lmu.de/~steiner/ Lehrstuhl f. Bioinformatik Mail: http://www.bio.ifi.lmu.de/~steiner/m/ LMU, Amalienstr. 17 Phone: +49 89 2180-4049 80333 Muenchen, Germany Fax: +49 89 2180-99-4049 * Rekursion kann man erst verstehen, wenn man Rekursion verstanden hat. *

3 4

firewall
by Mitja 11 Jul '05

11 Jul '05

Hi! My system: SuSE 9.3, KDE 3.04.0 level b, kernel 2.6.11.4-21.7-smp Starting Firewall Initialization (phase 2 of 2) SuSEfirewall2: Warning: ip6tables does not support state matching. Extended IPv6 support disabled. done I got above message. Is it possible to enable extended IPv6? Thanks, Mitja

1 0

how to create graphic login Banner
by wayne yu 10 Jul '05

10 Jul '05

hi : I have problem creating the security login banner on the graphic login window ( Example CDE). Can some one help out Thanks. Wayne Yu __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com

3 2

RE : [suse-security] Kernel update
by "Dubé, Michel" 09 Jul '05

09 Jul '05

SuSE use the version 0.7.5 (drbd-0.7.5-0.13.i586.rpm), 6 versions older than the current one 0.7.11, which one you prefer ? Michel. -----Message d'origine----- De : Ingo Boernig [mailto:ingo@boernig.de] Envoyé : 7 juillet 2005 12:00 À : suse-security(a)suse.com Objet : Re: [suse-security] RE : [suse-security] Kernel update Am Donnerstag, 7. Juli 2005 17:50 schrieb Dubé, Michel: > I install this list of software from source, I don't use the rpm from > SuSE. So you already gave your answer: Only the kernel modules have to be rebuild. The Linux Userspace API ist quite stable. BTW, did I miss a big bug/missing feature in the shipped drbd package? wkr, > Michel. > -----Message d'origine----- -- Ingo Börnig <ingo at boernig.de> /*\ \ / ASCII Ribbon Campaign ask for phone or snail mail X against HTML email / \ GPG-Fingerprint: 2F8B DDFB F2A8 155A 206D 2969 F8FB 3C63 2033 BF32

3 2