openSUSE Security March 2008

security@lists.opensuse.org

15 participants
9 discussions

[opensuse-security] SuSEfirewall2- how can/does it work?

by Don Harter

I looked at my firewall using iptables and wondered if I was being protected. It seems that the first statement accepts all protocols from anywhere to anywhere. So are most of the statements left in the INPUT chain meaningless? I have made 2 changes manually to the firewall. One to allow port 6881 traffic and to prevent 6881 resets by middlemen on a connection. When I delete the first line my browser stops working. I had been forced to use a untainted kernel and so apparmor does not load. Is that why this is behaving weirdly? Does apparmor with its kernel patches add another chain/table to the SuSEfirewall2? Doesn't "ACCEPT" stop processing of rules in a given chain? root:~> root:~>iptables -L Chain INPUT (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED input_ext all -- anywhere anywhere input_ext all -- anywhere anywhere LOG all -- anywhere anywhere limit: avg 3/min burst 5 LOG level warning tcp-options ip-options prefix `SFW2-IN-ILL-TARGET ' DROP all -- anywhere anywhere Chain FORWARD (policy DROP) target prot opt source destination LOG all -- anywhere anywhere limit: avg 3/min burst 5 LOG level warning tcp-options ip-options prefix `SFW2-FWD-ILL-ROUTING ' Chain OUTPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere state NEW,RELATED,ESTABLISHED LOG all -- anywhere anywhere limit: avg 3/min burst 5 LOG level warning tcp-options ip-options prefix `SFW2-OUT-ERROR ' Chain forward_ext (0 references) target prot opt source destination Chain input_ext (2 references) target prot opt source destination DROP all -- anywhere anywhere PKTTYPE = broadcast ACCEPT icmp -- anywhere anywhere icmp source-quench ACCEPT icmp -- anywhere anywhere icmp echo-request DROP tcp -- anywhere anywhere tcp dpt:6881 flags:RST/RST ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED LOG tcp -- anywhere anywhere limit: avg 3/min burst 5 tcp dpt:111 flags:FIN,SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INext-ACC-TCP ' ACCEPT tcp -- anywhere anywhere tcp dpt:111 LOG tcp -- anywhere anywhere limit: avg 3/min burst 5 tcp dpt:20 flags:FIN,SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INext-ACC-TCP ' ACCEPT tcp -- anywhere anywhere tcp dpt:20 LOG tcp -- anywhere anywhere limit: avg 3/min burst 5 tcp dpt:21 flags:FIN,SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INext-ACC-TCP ' ACCEPT tcp -- anywhere anywhere tcp dpt:21 LOG tcp -- anywhere anywhere limit: avg 3/min burst 5 tcp dpt:2401 flags:FIN,SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INext-ACC-TCP ' ACCEPT tcp -- anywhere anywhere tcp dpt:2401 LOG tcp -- anywhere anywhere limit: avg 3/min burst 5 tcp dpt:80 flags:FIN,SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INext-ACC-TCP ' ACCEPT tcp -- anywhere anywhere tcp dpt:80 LOG tcp -- anywhere anywhere limit: avg 3/min burst 5 tcp dpt:6881 flags:FIN,SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INext-ACC-TCP ' ACCEPT tcp -- anywhere anywhere tcp dpt:6881 reject_func tcp -- anywhere anywhere tcp dpt:113 state NEW LOG all -- anywhere anywhere limit: avg 3/min burst 5 PKTTYPE = multicast LOG level warning tcp-options ip-options prefix `SFW2-INext-DROP-DEFLT ' DROP all -- anywhere anywhere PKTTYPE = multicast LOG tcp -- anywhere anywhere limit: avg 3/min burst 5 tcp flags:FIN,SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INext-DROP-DEFLT ' LOG icmp -- anywhere anywhere limit: avg 3/min burst 5 LOG level warning tcp-options ip-options prefix `SFW2-INext-DROP-DEFLT ' LOG udp -- anywhere anywhere limit: avg 3/min burst 5 LOG level warning tcp-options ip-options prefix `SFW2-INext-DROP-DEFLT ' LOG all -- anywhere anywhere limit: avg 3/min burst 5 state INVALID LOG level warning tcp-options ip-options prefix `SFW2-INext-DROP-DEFLT-INV ' DROP all -- anywhere anywhere Chain reject_func (1 references) target prot opt source destination REJECT tcp -- anywhere anywhere reject-with tcp-reset REJECT udp -- anywhere anywhere reject-with icmp-port-unreachable REJECT all -- anywhere anywhere reject-with icmp-proto-unreachable root:~> --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-security+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security+help(a)opensuse.org

14 years, 3 months

[opensuse-security] Re: [security-announce] SUSE Security Announcement: Linux kernel (SUSE-SA:2008:017)

by Marcus Meissner

On Fri, Mar 28, 2008 at 03:29:34PM +0100, Frank Steiner wrote: > Marcus Meissner wrote > > > Open Enterprise Server > > http://support.novell.com/techcenter/psdb/aab836528f99df07c43db5dd38e62ad0.… > > > > Novell Linux Desktop 9 for x86 > > http://support.novell.com/techcenter/psdb/aab836528f99df07c43db5dd38e62ad0.… > > > >.... > > None of those links are found at the novell site (15:25). And > http://support.novell.com/linux/psdb/i386SUSESLES9.html doesn't list a > kernel update for SLES9. > > Are you just too quick for the novell web site maintainers? ;-) Yes, I am too quick. They are done manual, only YOU will have them right now... I expect them to be there this evening, or Monday. Ciao, Marcus --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-security+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security+help(a)opensuse.org

14 years, 3 months

[opensuse-security] Exec option for Encrypted Partition

by Alvin

Hello all, How can I set the execute option when mounting an encrypted partition? I am using openSUSE 10.3 and have created an encrypted partition using Yast. In 10.2, I simply added the 'exec' option to /etc/cryptotab. However, in 10.3 encrypted partitons are done using a combination of /etc/crypttab and /etc/fstab files. I have tried adding 'exec' to the appropriate /etc/fstab entry, but that doesn't work. The only way I have found is to remount the partition using the command: sudo mount -o remount,exec /encrypted I have also added the 'exec' keyword to the partitions Addition Options field in Yast->Partitioner. 'exec' appears in the /etc/fstab entry, however it seems to be ignored. Thanks, Alvin --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-security+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security+help(a)opensuse.org

14 years, 3 months

[opensuse-security] Unsubscribe

by mochyn-mawr＠rogers.com

Unsubscribe Sent from my BlackBerry® wireless device

14 years, 3 months

[opensuse-security] SUSE Security Announcement: krb5 (SUSE-SA:2008:016)

by Thomas Biege

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Announcement Package: krb5 Announcement ID: SUSE-SA:2008:016 Date: Wed, 19 Mar 2008 10:00:00 +0000 Affected Products: SUSE LINUX 10.1 openSUSE 10.2 openSUSE 10.3 SUSE Linux Enterprise Desktop 10 SP1 SLE SDK 10 SP1 SUSE Linux Enterprise Server 10 SP1 Vulnerability Type: remote code execution Severity (1-10): 7 SUSE Default Package: no Cross-References: CVE-2008-0062 CVE-2008-0063 CVE-2008-0947 CVE-2008-0948 Content of This Advisory: 1) Security Vulnerability Resolved: Problem Description 2) Solution or Work-Around 3) Special Instructions and Notes 4) Package Location and Checksums 5) Pending Vulnerabilities, Solutions, and Work-Arounds: 6) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Problem Description and Brief Discussion The krb5 package is the implementation of the Kerberos protocol suite from MIT. This update fixes three vulnerabilities, two of them are only possible if krb4 support is enabled: - CVE-2008-0062: null/dangling pointer (krb4) - CVE-2008-0063: operations on uninitialized buffer content, possible information leak (krb4) - CVE-2008-0947/8: out-of-bound array access in kadmind's RPC lib 2) Solution or Work-Around Please install the new packages. 3) Special Instructions and Notes Please restart the kerberos services. 4) Package Location and Checksums The preferred method for installing security updates is to use the YaST Online Update (YOU) tool. YOU detects which updates are required and automatically performs the necessary steps to verify and install them. Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command rpm -Fhv <file.rpm> to apply the update, replacing <file.rpm> with the filename of the downloaded RPM package. x86 Platform: openSUSE 10.3: http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/krb5-1.6.2-2… 53f6c9b454e27c47ec4cb32679757c48 http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/krb5-apps-cl… 66ee0e785595b000842c5cd2c9162c55 http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/krb5-apps-se… f3fba89b56860b8f46691c69bba8b3c7 http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/krb5-client-… 193a8298aa8bb866e19e0c48f23e523e http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/krb5-devel-1… a9b01b5c846e02c588664cddcae4c5c6 http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/krb5-server-… ff536136c01b5f900aebe6fdc1ec62e6 openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/krb5-1.5.1-23.14.i586.rpm 5764e87b834c6a5b8a467fa6aa8ec40e ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/krb5-apps-clients-1.5.1-23… 94db70009c4c6e099a9807584c701686 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/krb5-apps-servers-1.5.1-23… 5881c8be92dc3eb215a1e837b6468922 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/krb5-client-1.5.1-23.14.i5… c45980b430614c2371dd1ad4f8d21a34 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/krb5-devel-1.5.1-23.14.i58… 1c6a45d60e5eabffedc2c1e3e755ac73 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/krb5-server-1.5.1-23.14.i5… 03793b23aced1c01d9e2817648d7c777 SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/krb5-1.4.3-19.30.6.i586.rpm 51d1c53aaf25a36dd1e2e74662cbabd9 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/krb5-apps-clients-1.4.3-19… 6b4d89a932988685993dba1e87aea95f ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/krb5-apps-servers-1.4.3-19… c7ff44ef5a8453d5223da71d670fdea4 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/krb5-client-1.4.3-19.30.6.… bc0456ed7708ee3ffdc2501e849e9dbe ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/krb5-devel-1.4.3-19.30.6.i… 9942cbbfd032ea80d8a20daa34ce5374 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/krb5-server-1.4.3-19.30.6.… d4596d47caafa6ea4ee4b4f4e218f831 Power PC Platform: openSUSE 10.3: http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/krb5-1.6.2-22… f0d1399edebb3e1d715d84568065130a http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/krb5-apps-cli… 8e444214994c1e7297b5332d96967ec0 http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/krb5-apps-ser… 2eecfe960c969bf3a3dcce2fcab010f0 http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/krb5-client-1… 8052a7d7a942545a46fa5e962c562ab8 http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/krb5-devel-1.… 6a118f48123ebfc23715bf797bf8b7d0 http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/krb5-server-1… fd8f73d6d8757d9ce3dea43997b56b0c openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/krb5-1.5.1-23.14.ppc.rpm 04289bb24041d226f27eb92025b25463 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/krb5-apps-clients-1.5.1-23.… 731ea1ef473c0d1c8990a8045a9fe587 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/krb5-apps-servers-1.5.1-23.… f911f86a0d2e8c9da16930525bd8b163 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/krb5-client-1.5.1-23.14.ppc… a4c560015bbaddcbc88603e1e194146e ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/krb5-devel-1.5.1-23.14.ppc.… 64d0f163ebff972f2e70c6cc4d760555 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/krb5-server-1.5.1-23.14.ppc… 8b06dc5e5ac5b3fa410559017403378a SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/krb5-1.4.3-19.30.6.ppc.rpm ae1652f3ea622c5c91b0fd1d47b066ef ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/krb5-apps-clients-1.4.3-19.… a389841f387e37732c80d9d5095f9ae6 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/krb5-apps-servers-1.4.3-19.… cb6b4e402570e45767c5ae7a5c26e34c ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/krb5-client-1.4.3-19.30.6.p… 3a2c13bc932e84f7a451f3a2c77c99f0 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/krb5-devel-1.4.3-19.30.6.pp… b34f9511e269e0dfc2896ac88cf41cce ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/krb5-server-1.4.3-19.30.6.p… 0263cbb8f0f41e50dacfed082eca0835 x86-64 Platform: openSUSE 10.3: http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/krb5-1.6.2… 6df39c9ddfb04cd4889b5f4bb271213a http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/krb5-32bit… 77ba221640964cc90ad8e0010ad5c07e http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/krb5-apps-… fccb50e18045baa2c78165f20eb13eec http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/krb5-apps-… 3bfd6270a31f2a6a35728bcd274ae327 http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/krb5-clien… 53b3634e9e92255b62a932ed6d30742d http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/krb5-devel… 54071b2e12004117b0599f53c4a6027b http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/krb5-devel… 07069062d1e7b140c6774cc2aaa821d5 http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/krb5-serve… b07d395220662db193b6f54753931ccc openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/krb5-1.5.1-23.14.x86_64.… 3f2d8918cf5da2cab839bf2c72af1495 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/krb5-32bit-1.5.1-23.14.x… 4348a17ec69b6c64c69e11f74fa88a08 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/krb5-apps-clients-1.5.1-… 433ffcced3ede0163628854ae3296baf ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/krb5-apps-servers-1.5.1-… c24ab880f1314c1d25f3e9561b204c10 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/krb5-client-1.5.1-23.14.… 6022c2534c50718a2a4fd18fde346daf ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/krb5-devel-1.5.1-23.14.x… d82a0204e6e0f5e9d6bcd8f60aa4fbde ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/krb5-devel-32bit-1.5.1-2… 17dc2896ebc7f252e39fc8e23a41abc1 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/krb5-server-1.5.1-23.14.… 45596c22ec6d0c1eebf42f683e4e0cd4 SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/krb5-1.4.3-19.30.6.x86_6… 684c7d1363494a7854afd3755bdb2a20 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/krb5-32bit-1.4.3-19.30.6… b8552a99f0785f1eee434f6d7293731a ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/krb5-apps-clients-1.4.3-… 060fac873ba1bc13e4b5b813ae6a6cd2 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/krb5-apps-servers-1.4.3-… 28235a5328a8a982e2a1784793a17863 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/krb5-client-1.4.3-19.30.… 056f5e479561d2b831e3dd969261f8de ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/krb5-devel-1.4.3-19.30.6… d81c85af0ca1812c273bbd1c6ddf3cb1 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/krb5-devel-32bit-1.4.3-1… d17b2d40649a83e28afd6a7a3dec96d6 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/krb5-server-1.4.3-19.30.… dd8096c153fb51bdd67352cbe8a51953 Sources: openSUSE 10.3: http://download.opensuse.org/pub/opensuse/update/10.3/rpm/src/krb5-1.6.2-22… 6ead1c530f58e6255b1c9ba1b78eb3ae openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/krb5-1.5.1-23.14.src.rpm add4417c6743a6dd26f35182e85ee956 SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/krb5-1.4.3-19.30.6.src.rpm 2185d5b60fe733640f16a3a561ec6888 Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web: SUSE Linux Enterprise Server 10 SP1 http://support.novell.com/techcenter/psdb/a1cba9b24d53ae5d2b80a81acd449edb.… SLE SDK 10 SP1 http://support.novell.com/techcenter/psdb/a1cba9b24d53ae5d2b80a81acd449edb.… SUSE Linux Enterprise Desktop 10 SP1 http://support.novell.com/techcenter/psdb/a1cba9b24d53ae5d2b80a81acd449edb.… ______________________________________________________________________________ 5) Pending Vulnerabilities, Solutions, and Work-Arounds: Please read our weekly security report. ______________________________________________________________________________ 6) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify <file> replacing <file> with the name of the file where you saved the announcement. The output for a valid signature looks like: gpg: Signature made <DATE> using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team <security(a)suse.de>" where <DATE> is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with. There are two verification methods that can be used independently from each other to prove the authenticity of a downloaded file or RPM package: 1) Using the internal gpg signatures of the rpm package 2) MD5 checksums as provided in this announcement 1) The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig <file.rpm> to verify the signature of the package, replacing <file.rpm> with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build(a)suse.de with the key ID 9C800ACA. This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement. 2) If you need an alternative means of verification, use the md5sum command to verify the authenticity of the packages. Execute the command md5sum <filename.rpm> after you downloaded the file from a SUSE FTP server or its mirrors. Then compare the resulting md5sum with the one that is listed in the SUSE security announcement. Because the announcement containing the checksums is cryptographically signed (by security(a)suse.de), the checksums show proof of the authenticity of the package if the signature of the announcement is valid. Note that the md5 sums published in the SUSE Security Announcements are valid for the respective packages only. Newer versions of these packages cannot be verified. - SUSE runs two security mailing lists to which any interested party may subscribe: opensuse-security(a)opensuse.org - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to <opensuse-security+subscribe(a)opensuse.org>. opensuse-security-announce(a)opensuse.org - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to <opensuse-security-announce+subscribe(a)opensuse.org>. ===================================================================== SUSE's security contact is <security(a)suse.com> or <security(a)suse.de>. The <security(a)suse.de> public key is listed below. ===================================================================== ______________________________________________________________________________ The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text. SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security(a)suse.de> pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build(a)suse.de> - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.2 (GNU/Linux) mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh 1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+ cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7 tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63 Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+ x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0 Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2 saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o L0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU F7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS FQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW tp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It Klj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF AjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+ 3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk YS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP +Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR 8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U 8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S cZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh ELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB UVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo AqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n KFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi BBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro nIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg KL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx yoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn B/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV wM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh UzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF 5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3 D3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu zgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd 9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi a5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13 CNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp 271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE t5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG B/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw rbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt IJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL rWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H RKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa g8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA CspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO =ypVs - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBR+DajHey5gA9JdPZAQKZWQf/c7FbHpN34xqDaH9zLueN+4Rf9G0Ygwdt y3t3dV+e/gxGjtAJROkomd0zSJ/hbPyhYCXw/qiJH8aGfIu2GgvBsqlYbWpbsFj2 CUCalCQgyb6KJUz5tcnmllcnHPVj4zOc+pEHF477SRy2NZewYQngPlxyo/HJTtoH Rv65AVL0zmc3elsuQeYYNzKpoZYPHxI+Ih5lPOcAKor8DFSmtSA1frq+quqplmAi 0A7HNiSpgigBppU0PwaJwcs+O5/QXoSkD9VQcv/sZOn/LXLB+zM8gyTSsW0hbaKx IdIU7Ev3FWqehBOU1lz/Eh5BOlnDVdG2vx11RZL3Psc5I2nQTSDhPg== =yEIN -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-security+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security+help(a)opensuse.org

14 years, 3 months

[opensuse-security] SUSE Security Announcement: evolution (SUSE-SA:2008:014)

by Thomas Biege

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Announcement Package: evolution Announcement ID: SUSE-SA:2008:014 Date: Fri, 14 Mar 2008 10:00:00 +0000 Affected Products: SUSE LINUX 10.1 openSUSE 10.2 openSUSE 10.3 Novell Linux Desktop 9 SUSE Linux Enterprise Desktop 10 SP1 SLE SDK 10 SP1 Vulnerability Type: remote code execution Severity (1-10): 8 SUSE Default Package: yes Cross-References: CVE-2008-0072 Content of This Advisory: 1) Security Vulnerability Resolved: format string vulnerability Problem Description 2) Solution or Work-Around 3) Special Instructions and Notes 4) Package Location and Checksums 5) Pending Vulnerabilities, Solutions, and Work-Arounds: none 6) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Problem Description and Brief Discussion Evolution is a personal information manager (PIM) and workgroup information management software. The function emf_multipart_encrypted() that is used to process encrypted messages is vulnerable to format-string bugs. This bug can be abused by a remote attacker to execute arbitrary code by sending a crafted encrypted eMail. 2) Solution or Work-Around No work-around. Please install the current security update package. 3) Special Instructions and Notes Please restart evolution. 4) Package Location and Checksums The preferred method for installing security updates is to use the YaST Online Update (YOU) tool. YOU detects which updates are required and automatically performs the necessary steps to verify and install them. Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command rpm -Fhv <file.rpm> to apply the update, replacing <file.rpm> with the filename of the downloaded RPM package. x86 Platform: openSUSE 10.3: http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/evolution-2.… 4a13b961952e7913af466ef1738c0196 http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/evolution-de… 2ecaf3f223841665df554aa8e20d5978 http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/evolution-pi… d06a664885565b04774d5d3c2afb84f5 openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/evolution-2.8.2-9.i586.rpm c7949a1af35d7abdb7a36fd7fc90607b ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/evolution-devel-2.8.2-9.i5… eadabc26ef71fbb91c498f202196e640 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/evolution-pilot-2.8.2-9.i5… b8a8b80039aa8f1641c0103bb04f75a0 SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/evolution-2.6.0-49.66.3.i5… cc40ee93e3f2043a25dff22e62bc4e4e ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/evolution-devel-2.6.0-49.6… b7fb5fec304a0e623be28233a66525ad ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/evolution-pilot-2.6.0-49.6… d2833e3948641af99a9e76026da6e8da Power PC Platform: openSUSE 10.3: http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/evolution-2.1… a6e9d56b825c7809bc62a87f546bdb50 http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/evolution-dev… 772ce1adbb46a5ba5f703bf4dcfbd49e http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/evolution-pil… 946a9756bab858d4242736e055009173 openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/evolution-2.8.2-9.ppc.rpm fa5ed56ee0d3a6718015bf722e34ff6f ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/evolution-devel-2.8.2-9.ppc… 91565615e83f40a40d435e9edcca2a63 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/evolution-pilot-2.8.2-9.ppc… 443a51070cdb147473536fec3b704533 SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/evolution-2.6.0-49.66.3.ppc… 8b0beec2e2ecad7969fc91aa12c963d2 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/evolution-devel-2.6.0-49.66… 46706e204d46f01026af35b861c101a6 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/evolution-pilot-2.6.0-49.66… 0c946a3533d2a55812f0fd60886e097f x86-64 Platform: openSUSE 10.3: http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/evolution-… 6c9f98241bf08edc4a77d52c4232ed60 http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/evolution-… bab5d0660dbb9076bd865ccae25bc68d http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/evolution-… 44778c1ea873e4e54021ce3588f406de openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/evolution-2.8.2-9.x86_64… 8ac28a5b6875266d281400060867b45f ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/evolution-devel-2.8.2-9.… 970d89a3ae7574334586a6b9388e1073 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/evolution-pilot-2.8.2-9.… 6ffb4564be38436e91a0b10b908ff18d SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/evolution-2.6.0-49.66.3.… c352e53bfd35cb08ef87102829ed2dcb ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/evolution-devel-2.6.0-49… a4d5259610db7850b39e2b4ae2b7a00e ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/evolution-pilot-2.6.0-49… 50dae7030db765effccf36e23f112671 Sources: openSUSE 10.3: http://download.opensuse.org/pub/opensuse/update/10.3/rpm/src/evolution-2.1… 483dffff6981e43065de58916fc7faa0 openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/evolution-2.8.2-9.src.rpm ba7d8312622f37c7d05dba4e6d03a5e0 SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/evolution-2.6.0-49.66.3.src… 93827395e2d05427ea717d882f444da5 Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web: Novell Linux Desktop 9 http://support.novell.com/techcenter/psdb/d93d20ddb38276f9b6f334240fd20e16.… SLE SDK 10 SP1 http://support.novell.com/techcenter/psdb/d93d20ddb38276f9b6f334240fd20e16.… SUSE Linux Enterprise Desktop 10 SP1 http://support.novell.com/techcenter/psdb/d93d20ddb38276f9b6f334240fd20e16.… ______________________________________________________________________________ 5) Pending Vulnerabilities, Solutions, and Work-Arounds: none ______________________________________________________________________________ 6) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify <file> replacing <file> with the name of the file where you saved the announcement. The output for a valid signature looks like: gpg: Signature made <DATE> using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team <security(a)suse.de>" where <DATE> is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with. There are two verification methods that can be used independently from each other to prove the authenticity of a downloaded file or RPM package: 1) Using the internal gpg signatures of the rpm package 2) MD5 checksums as provided in this announcement 1) The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig <file.rpm> to verify the signature of the package, replacing <file.rpm> with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build(a)suse.de with the key ID 9C800ACA. This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement. 2) If you need an alternative means of verification, use the md5sum command to verify the authenticity of the packages. Execute the command md5sum <filename.rpm> after you downloaded the file from a SUSE FTP server or its mirrors. Then compare the resulting md5sum with the one that is listed in the SUSE security announcement. Because the announcement containing the checksums is cryptographically signed (by security(a)suse.de), the checksums show proof of the authenticity of the package if the signature of the announcement is valid. Note that the md5 sums published in the SUSE Security Announcements are valid for the respective packages only. Newer versions of these packages cannot be verified. - SUSE runs two security mailing lists to which any interested party may subscribe: opensuse-security(a)opensuse.org - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to <opensuse-security+subscribe(a)opensuse.org>. opensuse-security-announce(a)opensuse.org - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to <opensuse-security-announce+subscribe(a)opensuse.org>. ===================================================================== SUSE's security contact is <security(a)suse.com> or <security(a)suse.de>. The <security(a)suse.de> public key is listed below. ===================================================================== ______________________________________________________________________________ The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text. SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security(a)suse.de> pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build(a)suse.de> - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.2 (GNU/Linux) mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh 1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+ cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7 tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63 Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+ x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0 Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2 saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o L0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU F7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS FQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW tp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It Klj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF AjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+ 3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk YS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP +Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR 8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U 8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S cZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh ELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB UVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo AqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n KFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi BBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro nIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg KL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx yoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn B/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV wM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh UzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF 5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3 D3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu zgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd 9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi a5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13 CNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp 271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE t5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG B/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw rbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt IJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL rWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H RKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa g8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA CspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO =ypVs - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBR9pBtney5gA9JdPZAQLsggf9ENWlXkaebixueunOP6mbqRZvNEdKcSF+ sXCiDJTB/JJvNy6tKGa9hm49jH5FUV7/ZP24KFz4xbB7taPOqAcVEzDppT37ksD1 U5KwyvOY0fcPrr+Oif+3mjZaVXVF5X4YTL5nbzp4+OaroAys83pygierfupztJYI nVb2xNuk5DcM2X8S4NFjU1Z778ljdai2NAgjaI0n3s5fQMUW0zfDt5Gde45PYRvN 8CifrO/yrqZ3n+38BbwabeeKVNVPgtcdh5RmKJXPMeCR8VLWFhFfysHNwwpIxukQ bFJIg1fLKy+jd0C+b1nMeTwOYMbSxReSbOmHqHSdnCfb7v2TNuo8PQ== =SWQQ -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-security+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security+help(a)opensuse.org

14 years, 3 months

[opensuse-security] SuSefirewall - protect sshd

by Otto Rodusek (AP-SGP)

Hi, I'm a bit confused with Susefirewall. I have had a number of robot attacks against sshd so I set the following rule in SuSefirewall to limit the number of allowable sshd logins per 60 second period: FW_SERVICES_ACCEPT_EXT="0/0,tcp,22,,hitcount=3,blockseconds=60,recentname=ssh" which I assume will limit sshd logins to only 3 per 60 seconds however when I check my log I still get: Mar 10 01:32:54 sshd[19890]: Invalid user patrick from 222.156.220.25 Mar 10 01:32:56 sshd[19892]: Invalid user patrick from 222.156.220.25 Mar 10 01:33:09 sshd[19904]: Invalid user rolo from 222.156.220.25 Mar 10 01:33:11 sshd[19906]: Invalid user iceuser from 222.156.220.25 Mar 10 01:33:12 sshd[19908]: Invalid user horde from 222.156.220.25 Mar 10 01:33:14 sshd[19910]: Invalid user cyrus from 222.156.220.25 Mar 10 01:33:16 sshd[19912]: Invalid user www from 222.156.220.25 Did I forget something or do I need to set some other parameter as well? (yes I did restart the firewall and even re-booted the system for good measure!!) Thanks for any suggestions or help. Rgds. Otto Rodusek. --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-security+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security+help(a)opensuse.org

14 years, 3 months

[opensuse-security] SUSE Security Announcement: cups (SUSE-SA:2008:012)

by Thomas Biege

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Announcement Package: cups Announcement ID: SUSE-SA:2008:012 Date: Thu, 06 Mar 2008 11:00:00 +0000 Affected Products: SUSE LINUX 10.1 openSUSE 10.2 openSUSE 10.3 SuSE Linux Enterprise Server 8 SUSE SLES 9 Novell Linux Desktop 9 Open Enterprise Server Novell Linux POS 9 SUSE Linux Enterprise Desktop 10 SP1 SUSE Linux Enterprise Server 10 SP1 Vulnerability Type: remote code execution Severity (1-10): 7 SUSE Default Package: yes Cross-References: CVE-2008-0596 CVE-2008-0597 CVE-2008-0882 Content of This Advisory: 1) Security Vulnerability Resolved: remote code execution and multiple denial-of-service bugs Problem Description 2) Solution or Work-Around 3) Special Instructions and Notes 4) Package Location and Checksums 5) Pending Vulnerabilities, Solutions, and Work-Arounds: none 6) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Problem Description and Brief Discussion CUPS is the default printer system on SUSE Linux. The current security update of cups fixes a double-free bug in the function process_browse_data() that can lead to a remote denial-of-service by crash- ing cupsd or possibly to a remote code execution (CVE-2008-0882). The bug can only be exploited if cupsd listens to 631/udp by crafted UDP Browse packets. Additionally two remote denial-of-service bugs were fixed. The first one can be triggered via crafted IPP packets to use a pointer after it was freed (CVE-2008-0597) and the second issue is a memory-leak caused by a large number of requests to add and remove shared printers (CVE-2008-0596). 2) Solution or Work-Around No work-around known. Please install the new cups package. 3) Special Instructions and Notes Restart the cups server after the update. 4) Package Location and Checksums The preferred method for installing security updates is to use the YaST Online Update (YOU) tool. YOU detects which updates are required and automatically performs the necessary steps to verify and install them. Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command rpm -Fhv <file.rpm> to apply the update, replacing <file.rpm> with the filename of the downloaded RPM package. x86 Platform: openSUSE 10.3: http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/cups-1.2.12-… 58a5a276cce67effbd6fbe8154bbfb61 http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/cups-client-… 6d40b6ce8b5fd0a72cd25d8f6fbf8859 http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/cups-devel-1… 9b3055b00b3ca8ff417b72a981b9e301 http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/cups-libs-1.… 8f8e73fe3aece7a53f4f51bfce87d921 openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/cups-1.2.7-12.11.i586.rpm ce2f6be0cf30e3b71b646e62a029cb79 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/cups-client-1.2.7-12.11.i5… 0a23fa9760a2a88cd1e8451b8d5b48a6 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/cups-devel-1.2.7-12.11.i58… b87ce06a93ee2ef1062153b2a8689749 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/cups-libs-1.2.7-12.11.i586… 7fc972995c533e45ce7577545576e1b9 SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/cups-1.1.23-40.38.i586.rpm 4ef1069e44543a4e07048b21128c19a3 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/cups-client-1.1.23-40.38.i… a0ed40efdfa03596535ff90d990409cb ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/cups-devel-1.1.23-40.38.i5… f205135dea30ff1079e342e86ac0c240 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/cups-libs-1.1.23-40.38.i58… 3e82329efd71ea8987c6f5ad06f1dcc3 Power PC Platform: openSUSE 10.3: http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/cups-1.2.12-2… 1de1c175ed2609c7b6fb17adf619a3bd http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/cups-client-1… e9b59c6c02679bf8ef010fdc9133211e http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/cups-devel-1.… c82e8802db9f891d8d0b8ee4ca6f1b0c http://download.opensuse.org/pub/opensuse/update/10.3/rpm/ppc/cups-libs-1.2… 46fd5eddc31037acd8a26bcb11d351d4 openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/cups-1.2.7-12.11.ppc.rpm 3d688a3ec198f3c9a31951caf95ddbb6 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/cups-client-1.2.7-12.11.ppc… e50f0eca33d3666c938648fafd472e1b ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/cups-devel-1.2.7-12.11.ppc.… cffbbe682c5970e95a42af1c2a5321d5 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/cups-libs-1.2.7-12.11.ppc.r… aef41b836d4b0f71daa623ae0fead618 SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/cups-1.1.23-40.38.ppc.rpm 9878a85c10c4c1299a6f6e8d7887d701 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/cups-client-1.1.23-40.38.pp… 074944cc0244f49ea5ca0c39866e5e85 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/cups-devel-1.1.23-40.38.ppc… aed89c7c4d0832c7df289cf28b73cfe9 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/cups-libs-1.1.23-40.38.ppc.… 6fb7c82e682182e4e584ede96c87f2de x86-64 Platform: openSUSE 10.3: http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/cups-1.2.1… fd8d905a8129fdcf79f17b6c35a1e99c http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/cups-clien… eb74b82bc67cd0bf048ac75d56e86c54 http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/cups-devel… 30a69685925386b6fd6a287463f5c596 http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/cups-libs-… c47e7346ffa3054b9e79b06f4a68f4da http://download.opensuse.org/pub/opensuse/update/10.3/rpm/x86_64/cups-libs-… 15784eb2174e331113e3fd7f313fcf38 openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/cups-1.2.7-12.11.x86_64.… 3ed2e2dbb567a458071bf2f15e36fcab ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/cups-client-1.2.7-12.11.… 746c10e52f6e34b004906dcb705b4d3f ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/cups-devel-1.2.7-12.11.x… becb337fcdc4e04325d8abe940056751 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/cups-libs-1.2.7-12.11.x8… 2eeec7af8a643fa95bdf38f9e00b67fa ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/cups-libs-32bit-1.2.7-12… 1f7552edbbc1c7d06c7c68924f3bce8d SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/cups-1.1.23-40.38.x86_64… e987389ac8c86b42e35c8ec7937b837d ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/cups-client-1.1.23-40.38… a8daa44c9179ab1fd4fbeee199861658 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/cups-devel-1.1.23-40.38.… ce844e64c5340593a9da6828afe279b9 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/cups-libs-1.1.23-40.38.x… e5548c55b068f015d7e18f5e02e7ce2e ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/cups-libs-32bit-1.1.23-4… 5d2a7df4d6c7c38f2fd0be0860fcee70 Sources: openSUSE 10.3: http://download.opensuse.org/pub/opensuse/update/10.3/rpm/src/cups-1.2.12-2… c8beb8c8be3b611388b81bd3e7c3d9b0 openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/cups-1.2.7-12.11.src.rpm 6a7c78bf03906366efc3c7b996db0382 SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/cups-1.1.23-40.38.src.rpm 6fadf975197cd21eb83174d32ee192c7 Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web: Open Enterprise Server http://support.novell.com/techcenter/psdb/1addc7e3aa69e266f0fba3fdfef8b6c7.… Novell Linux POS 9 http://support.novell.com/techcenter/psdb/1addc7e3aa69e266f0fba3fdfef8b6c7.… Novell Linux Desktop 9 http://support.novell.com/techcenter/psdb/1addc7e3aa69e266f0fba3fdfef8b6c7.… SuSE Linux Enterprise Server 8 http://support.novell.com/techcenter/psdb/1addc7e3aa69e266f0fba3fdfef8b6c7.… SUSE Linux Enterprise Server 10 SP1 http://support.novell.com/techcenter/psdb/1addc7e3aa69e266f0fba3fdfef8b6c7.… SUSE Linux Enterprise Desktop 10 SP1 http://support.novell.com/techcenter/psdb/1addc7e3aa69e266f0fba3fdfef8b6c7.… SUSE SLES 9 http://support.novell.com/techcenter/psdb/1addc7e3aa69e266f0fba3fdfef8b6c7.… ______________________________________________________________________________ 5) Pending Vulnerabilities, Solutions, and Work-Arounds: Please consult our weekly summary report. ______________________________________________________________________________ 6) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify <file> replacing <file> with the name of the file where you saved the announcement. The output for a valid signature looks like: gpg: Signature made <DATE> using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team <security(a)suse.de>" where <DATE> is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with. There are two verification methods that can be used independently from each other to prove the authenticity of a downloaded file or RPM package: 1) Using the internal gpg signatures of the rpm package 2) MD5 checksums as provided in this announcement 1) The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig <file.rpm> to verify the signature of the package, replacing <file.rpm> with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build(a)suse.de with the key ID 9C800ACA. This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement. 2) If you need an alternative means of verification, use the md5sum command to verify the authenticity of the packages. Execute the command md5sum <filename.rpm> after you downloaded the file from a SUSE FTP server or its mirrors. Then compare the resulting md5sum with the one that is listed in the SUSE security announcement. Because the announcement containing the checksums is cryptographically signed (by security(a)suse.de), the checksums show proof of the authenticity of the package if the signature of the announcement is valid. Note that the md5 sums published in the SUSE Security Announcements are valid for the respective packages only. Newer versions of these packages cannot be verified. - SUSE runs two security mailing lists to which any interested party may subscribe: opensuse-security(a)opensuse.org - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to <opensuse-security+subscribe(a)opensuse.org>. opensuse-security-announce(a)opensuse.org - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to <opensuse-security-announce+subscribe(a)opensuse.org>. ===================================================================== SUSE's security contact is <security(a)suse.com> or <security(a)suse.de>. The <security(a)suse.de> public key is listed below. ===================================================================== ______________________________________________________________________________ The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text. SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security(a)suse.de> pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build(a)suse.de> - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.2 (GNU/Linux) mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh 1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+ cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7 tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63 Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+ x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0 Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2 saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o L0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU F7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS FQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW tp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It Klj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF AjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+ 3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk YS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP +Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR 8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U 8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S cZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh ELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB UVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo AqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n KFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi BBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro nIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg KL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx yoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn B/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV wM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh UzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF 5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3 D3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu zgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd 9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi a5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13 CNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp 271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE t5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG B/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw rbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt IJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL rWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H RKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa g8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA CspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO =ypVs - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBR8++l3ey5gA9JdPZAQLnQQf/faDZxMhd4sZDgWmwjniWkevXcp4t7gYk k61GWtabRlEalwHmLVfORjjrpCD/khNmY36Gluf4EI4Yk6IAbnfNIn1+J3QIPYAy 9kk056Yfe8L7AhgjKGIHuFideRErjj25EYeWRXoc+iLWv11eJs7RICbBzLQqGNHK tfSTa9XhZoCrkSWMhdcU17jXOMZhwur0yFXzeWb5U1JsHqgsMeqlKAYS1GzhdSCf wKScwSayueA62AUkrzwD3jzm+ORooPOdTyXNvrDOV3h/Pyz7q1wF2J9e8Rzn4Cla stuwKDzvZVqoIW/jmav8pZFWMAiABCyV/Gld6ikIm5h99Pwd9pDPNQ== =CS2J -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-security+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security+help(a)opensuse.org

14 years, 4 months

[opensuse-security] Incorporate OpenVAS to support security management?

by Jan-Oliver Wagner

Hi, I just proposed to include OpenVAS as a package to OpenSUSE [1]. As said there, the current Nessus package in fact violates the license of Nessus server and should either be distibuted without SSL or removed. While the Nessus-fork OpenVAS offers the same or even improved base technology, the actual value of such a tool is related to the extend/quality of the test routines (called "plugins" in Nessus and "NVTs" in OpenVAS). So far, OpenVAS has established a upto-date stream of so-called "local security checks" for GNU/Debian. It make sense to extend this to other distributions as well and of course SUSE comes to mind as it occurs in enterprise environments. Are there any opinions here whether/how to establish a stream of NVT's for the SUSE SAs? (Of course I have some ideas about "how" :-) Best regards Jan [1] http://en.opensuse.org/Wishlist_Network#O -- Dr. Jan-Oliver Wagner Intevation GmbH, Osnabrück Amtsgericht Osnabrück, HR B 18998 http://www.intevation.de/ Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-security+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security+help(a)opensuse.org

14 years, 4 months

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

2000

1999

1998

1997

1996

openSUSE Security March 2008