openSUSE Security November 2010

security@lists.opensuse.org

10 participants
10 discussions

[opensuse-security] otrs and permissions file

by Christian

Hi, for otrs I need this config: (https://build.opensuse.org/package/show?package=otrs&project=network%3Aotrs…) %defattr(0644,%{name},www,0775) %dir /opt/%{name}/var/article %dir /opt/%{name}/var/log %dir /opt/%{name}/var/tmp but obs is complaining: permissions-directory-setuid-bit and I should contact security(a)suse.de Here I am :) Is this acceptable ? Kind Regards Chris -- To unsubscribe, e-mail: opensuse-security+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security+help(a)opensuse.org

10 years, 2 months

[opensuse-security] SUSE Security Summary Report: SUSE-SR:2010:022

by Thomas Biege

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Summary Report Announcement ID: SUSE-SR:2010:022 Date: Tue, 30 Nov 2010 12:00:00 +0000 Cross-References: CVE-2010-1172, CVE-2010-2948, CVE-2010-2949 CVE-2010-3702, CVE-2010-3704, CVE-2010-3864 Content of this advisory: 1) Solved Security Vulnerabilities: - gdm - openssl/libopenssl-devel - poppler/libpoppler4/libpoppler-devel - quagga 2) Pending Vulnerabilities, Solutions, and Work-Arounds: none 3) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Solved Security Vulnerabilities To avoid flooding mailing lists with SUSE Security Announcements for minor issues, SUSE Security releases weekly summary reports for the low profile vulnerability fixes. The SUSE Security Summary Reports do not list or download URLs like the SUSE Security Announcements that are released for more severe vulnerabilities. Fixed packages for the following incidents are already available on our FTP server and via the YaST Online Update. - gdm This update provides the following fixes: - 633655: Change the way dbus properties are exported to avoid write access to read-only properties. - 627893: Upon relogin gdm displays the Windows domain, but tries to authenticate locally - 490621: Windows domain not remembered from previous log-in - 583060: Optionally allow to configure to prohibit end user to use "root" id at gdm login - 506917: Fix window login getting a huge horizontal size - 627893: Fix that upon relogin gdm displays the Windows domain, but tries to authenticate locally. In addition this update was rebuilt against the latest dbus-glib bindings to avoid that local users can write properties that were exported read- only via dbus (CVE-2010-1172). Affected Products: SLE11, SLE11-SP1 - openssl/libopenssl-devel Multithreaded OpenSSL servers using the TLS server extension are vulnerable to a buffer overrun attack. CVE-2010-3864 has been assigned to this issue. Affected Products: SLE11, SLE11-SP1, openSUSE 11.1, 11.2, 11.3 - poppler/libpoppler4/libpoppler-devel Specially crafted PDF files could crash poppler or potentially even cause execution of arbitrary code (CVE-2010-3702, CVE-2010-3704) Affected Products: SLE10-SP3, SLE11, SLE11-SP1, openSUSE 11.1, 11.2, 11.3 - quagga This update of quagga fixes two security issues: - CVE-2010-2948: CVSS v2 Base Score: 6.5 (AV:N/AC:L/Au:S/C:P/I:P/A:P) Stack-based buffer overflow while processing malformed Route-Refresh messages. - CVE-2010-2949: CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P) Denial of service while processing malformed BGP update AS path messages Affected Products: SLE10-SP3, SLE11, SLE11-SP1, openSUSE 11.1, 11.2, 11.3 ______________________________________________________________________________ 2) Pending Vulnerabilities, Solutions, and Work-Arounds none ______________________________________________________________________________ 3) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify <file> replacing <file> with the name of the file containing the announcement. The output for a valid signature looks like: gpg: Signature made <DATE> using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team <security(a)suse.de>" where <DATE> is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and integrity of a package needs to be verified to ensure that it has not been tampered with. The internal RPM package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig <file.rpm> to verify the signature of the package, replacing <file.rpm> with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build(a)suse.de with the key ID 9C800ACA. This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and included at the end of this announcement. - SUSE runs two security mailing lists to which any interested party may subscribe: opensuse-security(a)opensuse.org - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to <opensuse-security+subscribe(a)opensuse.org>. opensuse-security-announce(a)opensuse.org - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to <opensuse-security-announce+subscribe(a)opensuse.org>. ===================================================================== SUSE's security contact is <security(a)suse.com> or <security(a)suse.de>. The <security(a)suse.de> public key is listed below. ===================================================================== ______________________________________________________________________________ The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text. SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security(a)suse.de> pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build(a)suse.de> - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.2 (GNU/Linux) mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh 1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+ cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7 tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63 Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+ x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0 Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2 saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o L0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU F7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS FQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW tp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It Klj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF AjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+ 3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk YS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP +Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR 8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U 8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S cZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh ELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB UVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo AqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n KFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi BBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro nIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg KL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx yoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn B/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV wM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh UzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF 5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3 D3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu zgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd 9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi a5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13 CNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp 271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE t5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG B/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw rbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt IJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL rWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H RKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa g8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA CspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO =ypVs - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) iQEVAwUBTPTj13ey5gA9JdPZAQKkwgf+MnaFU3ae+nvj3dJO2a5iBPfMJnVkOnwk h10oKJup1lCwWUrD5mwODru/1qHFS0z5DYm3NXZTMax2aEtmwTiHTGUqbwTfQYei iLNpjJ+701FGRkyDxE8nDNIgEbpF53Q3wZBVO96X6X9PRG5HJnq/AU7Wek+DXw/f EFMmdTJnWczT6tIHEb2S9pEQ51uKi1qOdP7DEznOvfFzlcutwFrrv5m7mCu2Cxkv 8E20e8WMtr0lGa+BoKCj6iYp6z5KV1cdQlLD8IG8K8m43iu5cm8PJDnvxr1FfrNB oDUkQgswk7ix5kCp6LAQvzlhCPdgXZ5xLIBwUUpCwE6EKwd4+b10lg== =ZFup -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-security+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security+help(a)opensuse.org

11 years, 7 months

[opensuse-security] SUSE Security Summary Report: SUSE-SR:2010:021

by Thomas Biege

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Summary Report Announcement ID: SUSE-SR:2010:021 Date: Tue, 16 Nov 2010 13:00:00 +0000 Cross-References: CVE-2008-7247, CVE-2009-4030, CVE-2010-1626 CVE-2010-1848, CVE-2010-1849, CVE-2010-2939 CVE-2010-3611, CVE-2010-3681, CVE-2010-3683 CVE-2010-4098, CVE-2010-4207, CVE-2010-4208 CVE-2010-4209 Content of this advisory: 1) Solved Security Vulnerabilities: - mysql - dhcp - monotone - moodle - openssl/libopenssl-devel 2) Pending Vulnerabilities, Solutions, and Work-Arounds: - none 3) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Solved Security Vulnerabilities To avoid flooding mailing lists with SUSE Security Announcements for minor issues, SUSE Security releases weekly summary reports for the low profile vulnerability fixes. The SUSE Security Summary Reports do not list or download URLs like the SUSE Security Announcements that are released for more severe vulnerabilities. Fixed packages for the following incidents are already available on our FTP server and via the YaST Online Update. - mysql - local users could delete data files for tables of other users (CVE-2010-1626). - authenticated users could gather information for tables they should not have access to (CVE-2010-1849) - authenticated users could crash mysqld (CVE-2010-3683, CVE-2010-3681, CVE-2010-1848) - authenticated users could bypass intended access restrictions (CVE-2008-7247, CVE-2009-4030) Affected Products: SLES9, SLE10-SP3, SLE11, SLE11-SP1, openSUSE 11.1, openSUSE 11.2 - dhcp ISC DHCP can be crashed with a single dhcpv6 packet. CVE-2010-3611 has been assigned to this issue. Additionally a dhcrelay crash when receiving packets on interfaces without assigned IPv4 address has been fixed as well as an infinite loop in dhcpd. Affected Products: openSUSE 11.3 - monotone Remote attackers could crash a monotone server via an empty argument to the 'mtn' command (CVE-2010-4098). Affected Products: openSUSE 11.3 - moodle This update of moodle fixes: - CVE-2010-4207: CVSS v2 Base Score: 4.3 (MEDIUM) Cross-site scripting vulnerability in the Flash component infrastructure in YUI allows remote attackers to inject arbitrary web script or HTML via charts/assets/charts.swf. - CVE-2010-4208: CVSS v2 Base Score: 4.3 (MEDIUM) Cross-site scripting vulnerability in the Flash component infrastructure in YUI allows remote attackers to inject arbitrary web script or HTML via uploader/assets/uploader.swf. - CVE-2010-4209: CVSS v2 Base Score: 4.3 (MEDIUM) Cross-site scripting vulnerability in the Flash component infrastructure in YUI allows remote attackers to inject arbitrary web script or HTML via swfstore/swfstore.swf. Affected Products: openSUSE 11.1 - openssl/libopenssl-devel Specially crafted responses from SSL servers could cause a double-free bug in openssl's client implementation. Therefore a malicious SSL servers could crash client-side code that uses the openssl library for its SSL connection. (CVE-2010-2939: CVSS v2 Base Score: 4.3 (MEDIUM)) Affected Products: SLE10-SP3, SLE11, SLE11-SP1, openSUSE 11.1, 11.2, 11.3 ______________________________________________________________________________ 2) Pending Vulnerabilities, Solutions, and Work-Arounds - none ______________________________________________________________________________ 3) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify <file> replacing <file> with the name of the file containing the announcement. The output for a valid signature looks like: gpg: Signature made <DATE> using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team <security(a)suse.de>" where <DATE> is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and integrity of a package needs to be verified to ensure that it has not been tampered with. The internal RPM package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig <file.rpm> to verify the signature of the package, replacing <file.rpm> with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build(a)suse.de with the key ID 9C800ACA. This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and included at the end of this announcement. - SUSE runs two security mailing lists to which any interested party may subscribe: opensuse-security(a)opensuse.org - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to <opensuse-security+subscribe(a)opensuse.org>. opensuse-security-announce(a)opensuse.org - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to <opensuse-security-announce+subscribe(a)opensuse.org>. ===================================================================== SUSE's security contact is <security(a)suse.com> or <security(a)suse.de>. The <security(a)suse.de> public key is listed below. ===================================================================== ______________________________________________________________________________ The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text. SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <security(a)suse.de> pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build(a)suse.de> - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.2 (GNU/Linux) mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh 1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+ cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7 tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63 Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+ x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0 Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2 saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o L0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU F7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS FQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW tp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It Klj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF AjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+ 3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk YS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP +Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR 8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U 8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S cZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh ELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB UVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo AqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n KFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi BBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro nIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg KL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx yoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn B/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV wM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh UzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF 5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3 D3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu zgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd 9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi a5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13 CNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp 271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE t5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG B/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw rbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt IJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL rWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H RKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa g8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA CspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO =ypVs - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.15 (GNU/Linux) iQEVAwUBTOJzo3ey5gA9JdPZAQKRFwf9FBIErTymQzna3KMm4eLaKaqoRXwO6Drd O5pLm1+yX2X7vH7w7Lv7VAwBHFaBFgMIWuh0Il/APMz+2aorjArlF+npvNxiD6B8 OFYTm8nUCNEYsLxxTqq5Szo8fNjB0+Jy26ZSbe2VnOsykv47HtHa8CEOqLOwkVZN ZctCbqxqDfelTeX1N5baSnXFfpp+uDxXhxeU8y68sWsAKff31+1z/s6Oq1UuI8lF gsySp4Gm9Z0jj09XlJE7ox9xoI0mZ3fmowv7yCTVQEH8tVhKTumM/XE61TemvyHa RAirEGCBNe/igGWxYr1pETfbwe0FQja3loy80nwaFAXsFUvW+hVFWQ== =SbwQ -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-security+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security+help(a)opensuse.org

11 years, 7 months

[opensuse-security] RFH: mlmmj: Directory traversal flaw by editing and saving list entries via php-admin web interface

by Thomas Biege

request for help If someone likes to help us with another security update s/he can take over https://bugzilla.novell.com/show_bug.cgi?id=617035 It also needs back-porting for 11.1 to 1.3 Thanks a lot! Thomas -- Thomas Biege <thomas(a)suse.de>, SUSE LINUX, Security Support & Auditing SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg) -- Wer aufhoert besser werden zu wollen, hoert auf gut zu sein. -- Marie von Ebner-Eschenbach -- To unsubscribe, e-mail: opensuse-security+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security+help(a)opensuse.org

11 years, 7 months

[opensuse-security] RFH: emacs reStructuredText tmp file problem

by Thomas Biege

request for help Hi folks, maybe someone likes to improve the tmp file handling of emacs and submits packages for 11.2 to 11.3. https://bugzilla.novell.com/show_bug.cgi?id=642787 Thanks, Thomas -- Thomas Biege <thomas(a)suse.de>, SUSE LINUX, Security Support & Auditing SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg) -- Wer aufhoert besser werden zu wollen, hoert auf gut zu sein. -- Marie von Ebner-Eschenbach -- To unsubscribe, e-mail: opensuse-security+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security+help(a)opensuse.org

11 years, 7 months

[opensuse-security] Recent RDS Exploit

by James Wright

Hello, After reading about the RDS vulnerability identified by VSR Security <http://www.zdnet.com/blog/security/linux-kernel-vulnerability-coughs-up-sup…>, I tested this out for myself by compiling the proof of concept. Here is the output of the test: jfwright@linux-x0ou:~/Downloads> id uid=1000(jfwright) gid=100(users) groups=16(dialout),20(cdrom),33(video),100(users),1000(vboxusers) jfwright@linux-x0ou:~/Downloads> ./linux-rds-exploit [*] Linux kernel >= 2.6.30 RDS socket exploit [*] by Dan Rosenberg [*] Resolving kernel addresses... [+] Resolved rds_proto_ops to 0xffffffffa0f5ee80 [+] Resolved rds_ioctl to 0xffffffffa0f57000 [+] Resolved commit_creds to 0xffffffff810785f0 [+] Resolved prepare_kernel_cred to 0xffffffff81078790 [*] Overwriting function pointer... [*] Triggering payload... [*] Restoring function pointer... [*] Got root! linux-x0ou:~/Downloads> id uid=0(root) gid=0(root) As you can see it works. I then updated the kernel to: Repository: @System Name: kernel-desktop Version: 2.6.34.7-0.4.1 Arch: x86_64 Vendor: openSUSE Installed: Yes Status: up-to-date I have at least a few and possibly many machines that will require a security fix. Is there a planned release date for a security patch, and is there a known work around to prevent this from being exploited? Thanks, James -- To unsubscribe, e-mail: opensuse-security+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security+help(a)opensuse.org

11 years, 7 months

[opensuse-security] Re: [security-announce] SUSE Security Announcement: Linux kernel (SUSE-SA:2010:054)

by pedrocsort-e＠yahoo.com

Hi, I have an old OpenSuSE 11.1 box and I made that last up-date. It happens that my partitions are encrypted with Luks Applying this up-date (or one that is on the list and up-dates mkinitrd) stops the pc from booting. Because of this bug in the new version of mkinitrd: https://bugzilla.novell.com/show_bug.cgi?id=631464 the solution is simple and was made available by Michal Marek in the link mentioned on the thread: http://gitorious.org/opensuse/mkinitrd/commit/e7144d37d271538ff3df224d28b47… I did like this: Googled for the problem, found the solution on the improved double quote kernel command line detection. and then: Boot the pc with the DVD in rescue mode. Change the /boot/grub/menu.lst in order to make only / available in the boot. So all the /dev/mapper/swap and /dev/mapper/home will be erased (in my case) so the the kernel command line 'luks="root swap home"' should be only: luks=root Therefore the machine boots and one get to acccess the all important / :) After that reboot the machine and it goes into recover mode (or something like that) ... Edit /lib/mkinitrd/scripts/boot-start.sh as mentioned on the patch (use vi ...yuck!). go back to /boot/grub/menu.lst and restore the initial setup of Luks with all partitions (in my case root swap and home). Reboot normally ... that's it! In case you have not done the upgrade ... after the normal upgrade check the mentioned file and change it with the fix. Regards, Pedro Linux Rules!! --- On Wed, 11/3/10, Marcus Meissner <meissner(a)suse.de> wrote: > From: Marcus Meissner <meissner(a)suse.de> > Subject: [security-announce] SUSE Security Announcement: Linux kernel (SUSE-SA:2010:054) > To: opensuse-security-announce(a)opensuse.org > Date: Wednesday, November 3, 2010, 12:13 PM > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > ______________________________________________________________________________ > > > SUSE Security Announcement > > Package: > kernel > Announcement ID: > SUSE-SA:2010:052 > Date: > Wed, 03 > Nov 2010 12:00:00 +0000 > Affected Products: > openSUSE 11.1 > > SUSE > Linux Enterprise High Availability Extension 11 > > SLE > 11 SERVER Unsupported Extras > > SUSE > Linux Enterprise Desktop 11 > > SUSE > Linux Enterprise Server 11 > Vulnerability Type: > local privilege escalation > CVSS v2 Base Score: > 7.2 (AV:L/AC:L/Au:N/C:C/I:C/A:C) > SUSE Default > Package: yes > Cross-References: > CVE-2010-2798, CVE-2010-2803, > CVE-2010-2942 > > > CVE-2010-2946, CVE-2010-2954, CVE-2010-2955 > > > CVE-2010-3015, CVE-2010-3078, CVE-2010-3080 > > > CVE-2010-3296, CVE-2010-3297, CVE-2010-3310 > > Content of This Advisory: > 1) Security Vulnerability > Resolved: > Linux > kernel security update > Problem > Description > 2) Solution or Work-Around > 3) Special Instructions and > Notes > 4) Package Location and > Checksums > 5) Pending Vulnerabilities, > Solutions, and Work-Arounds: > See SUSE Security > Summary Report. > 6) Authenticity Verification > and Additional Information > > ______________________________________________________________________________ > > 1) Problem Description and Brief Discussion > > This security update of the SUSE Linux > Enterprise 11 GA and openSUSE > 11.1 kernel updates the kernel to > 2.6.27.54 and fixes various security > issues and other bugs. > > The SUSE Linux Enterprise Server 11 > kernel was released last week, > the openSUSE 11.1 kernel with the same > source base yesterday. > > Following security issues were fixed: > CVE-2010-3310: Multiple integer > signedness errors in net/rose/af_rose.c > in the Linux kernel allowed local users > to cause a denial of service > (heap memory corruption) or possibly have > unspecified other impact > via a rose_getname function call, related > to the rose_bind and > rose_connect functions. > > CVE-2010-2955: A kernel information leak > via the WEXT ioctl was fixed. > > CVE-2010-3080: A double free in an alsa > error path was fixed, which > could lead to kernel crashes. > > CVE-2010-3078: Fixed a kernel information > leak in the xfs filesystem. > > CVE-2010-3296: Fixed a kernel information > leak in the cxgb3 driver. > > CVE-2010-3297: Fixed a kernel information > leak in the net/eql driver. > > CVE-2010-2954: The irda_bind function in > net/irda/af_irda.c in the > Linux kernel did not properly handle > failure of the irda_open_tsap > function, which allowed local users to > cause a denial of service > (NULL pointer dereference and panic) and > possibly have unspecified > other impact via multiple unsuccessful > calls to bind on an AF_IRDA > (aka PF_IRDA) socket. > > CVE-2010-2946: The 'os2' xattr namespace > on the jfs filesystem could > be used to bypass xattr namespace rules. > > CVE-2010-2942: Fixed a kernel information > leak in the net scheduler > code. > > CVE-2010-3015: Integer overflow in the > ext4_ext_get_blocks function > in fs/ext4/extents.c in the Linux kernel > allowed local users to cause > a denial of service (BUG and system > crash) via a write operation on > the last block of a large file, followed > by a sync operation. > > CVE-2010-2803: The drm_ioctl function in > drivers/gpu/drm/drm_drv.c > in the Direct Rendering Manager (DRM) > subsystem in the Linux kernel > allowed local users to obtain potentially > sensitive information from > kernel memory by requesting a large > memory-allocation amount. > > CVE-2010-2798: The gfs2_dirent_find_space > function in fs/gfs2/dir.c > in the Linux kernel used an incorrect > size value in calculations > associated with sentinel directory > entries, which allowed local users > to cause a denial of service (NULL > pointer dereference and panic) and > possibly have unspecified other impact by > renaming a file in a GFS2 > filesystem, related to the gfs2_rename > function in fs/gfs2/ops_inode.c. > > 2) Solution or Work-Around > > There is no workaround, please install > the fixed packages. > > 3) Special Instructions and Notes > > Please reboot the machine after the > update. > > 4) Package Location and Checksums > > The preferred method for installing > security updates is to use the YaST > "Online Update" module or the "zypper" > commandline tool. The package and > patch management stack will detect which > updates are required and > automatically perform the necessary steps > to verify and install them. > > Alternatively, download the update > packages for your distribution manually > and verify their integrity by the methods > listed in Section 6 of this > announcement. Then install the packages > using the command > > rpm -Fhv <file.rpm> > > to apply the update, replacing > <file.rpm> with the filename of the > downloaded RPM package. > > > x86 Platform: > > openSUSE 11.1: > http://download.opensuse.org/update/11.1/rpm/i586/kernel-debug-2.6.27.54-0.… > http://download.opensuse.org/update/11.1/rpm/i586/kernel-debug-base-2.6.27.… > http://download.opensuse.org/update/11.1/rpm/i586/kernel-debug-extra-2.6.27… > http://download.opensuse.org/update/11.1/rpm/i586/kernel-default-2.6.27.54-… > http://download.opensuse.org/update/11.1/rpm/i586/kernel-default-base-2.6.2… > http://download.opensuse.org/update/11.1/rpm/i586/kernel-default-extra-2.6.… > http://download.opensuse.org/update/11.1/rpm/i586/kernel-pae-2.6.27.54-0.1.… > http://download.opensuse.org/update/11.1/rpm/i586/kernel-pae-base-2.6.27.54… > http://download.opensuse.org/update/11.1/rpm/i586/kernel-pae-extra-2.6.27.5… > http://download.opensuse.org/update/11.1/rpm/i586/kernel-source-2.6.27.54-0… > http://download.opensuse.org/update/11.1/rpm/i586/kernel-syms-2.6.27.54-0.1… > http://download.opensuse.org/update/11.1/rpm/i586/kernel-trace-2.6.27.54-0.… > http://download.opensuse.org/update/11.1/rpm/i586/kernel-trace-base-2.6.27.… > http://download.opensuse.org/update/11.1/rpm/i586/kernel-trace-extra-2.6.27… > http://download.opensuse.org/update/11.1/rpm/i586/kernel-vanilla-2.6.27.54-… > http://download.opensuse.org/update/11.1/rpm/i586/kernel-xen-2.6.27.54-0.1.… > http://download.opensuse.org/update/11.1/rpm/i586/kernel-xen-base-2.6.27.54… > http://download.opensuse.org/update/11.1/rpm/i586/kernel-xen-extra-2.6.27.5… > > Platform Independent: > > openSUSE 11.1: > http://download.opensuse.org/update/11.1/rpm/noarch/kernel-docs-2.6.3-3.13.… > > Power PC Platform: > > openSUSE 11.1: > http://download.opensuse.org/update/11.1/rpm/ppc/kernel-default-2.6.27.54-0… > http://download.opensuse.org/update/11.1/rpm/ppc/kernel-default-base-2.6.27… > http://download.opensuse.org/update/11.1/rpm/ppc/kernel-default-extra-2.6.2… > http://download.opensuse.org/update/11.1/rpm/ppc/kernel-kdump-2.6.27.54-0.1… > http://download.opensuse.org/update/11.1/rpm/ppc/kernel-ppc64-2.6.27.54-0.1… > http://download.opensuse.org/update/11.1/rpm/ppc/kernel-ppc64-base-2.6.27.5… > http://download.opensuse.org/update/11.1/rpm/ppc/kernel-ppc64-extra-2.6.27.… > http://download.opensuse.org/update/11.1/rpm/ppc/kernel-ps3-2.6.27.54-0.1.1… > http://download.opensuse.org/update/11.1/rpm/ppc/kernel-source-2.6.27.54-0.… > http://download.opensuse.org/update/11.1/rpm/ppc/kernel-syms-2.6.27.54-0.1.… > http://download.opensuse.org/update/11.1/rpm/ppc/kernel-vanilla-2.6.27.54-0… > > x86-64 Platform: > > openSUSE 11.1: > http://download.opensuse.org/update/11.1/rpm/x86_64/kernel-debug-2.6.27.54-… > http://download.opensuse.org/update/11.1/rpm/x86_64/kernel-debug-base-2.6.2… > http://download.opensuse.org/update/11.1/rpm/x86_64/kernel-debug-extra-2.6.… > http://download.opensuse.org/update/11.1/rpm/x86_64/kernel-default-2.6.27.5… > http://download.opensuse.org/update/11.1/rpm/x86_64/kernel-default-base-2.6… > http://download.opensuse.org/update/11.1/rpm/x86_64/kernel-default-extra-2.… > http://download.opensuse.org/update/11.1/rpm/x86_64/kernel-source-2.6.27.54… > http://download.opensuse.org/update/11.1/rpm/x86_64/kernel-syms-2.6.27.54-0… > http://download.opensuse.org/update/11.1/rpm/x86_64/kernel-trace-2.6.27.54-… > http://download.opensuse.org/update/11.1/rpm/x86_64/kernel-trace-base-2.6.2… > http://download.opensuse.org/update/11.1/rpm/x86_64/kernel-trace-extra-2.6.… > http://download.opensuse.org/update/11.1/rpm/x86_64/kernel-vanilla-2.6.27.5… > http://download.opensuse.org/update/11.1/rpm/x86_64/kernel-xen-2.6.27.54-0.… > http://download.opensuse.org/update/11.1/rpm/x86_64/kernel-xen-base-2.6.27.… > http://download.opensuse.org/update/11.1/rpm/x86_64/kernel-xen-extra-2.6.27… > > Sources: > > openSUSE 11.1: > http://download.opensuse.org/update/11.1/rpm/src/kernel-debug-2.6.27.54-0.1… > http://download.opensuse.org/update/11.1/rpm/src/kernel-default-2.6.27.54-0… > http://download.opensuse.org/update/11.1/rpm/src/kernel-docs-2.6.3-3.13.122… > http://download.opensuse.org/update/11.1/rpm/src/kernel-kdump-2.6.27.54-0.1… > http://download.opensuse.org/update/11.1/rpm/src/kernel-pae-2.6.27.54-0.1.1… > http://download.opensuse.org/update/11.1/rpm/src/kernel-ppc64-2.6.27.54-0.1… > http://download.opensuse.org/update/11.1/rpm/src/kernel-ps3-2.6.27.54-0.1.1… > http://download.opensuse.org/update/11.1/rpm/src/kernel-source-2.6.27.54-0.… > http://download.opensuse.org/update/11.1/rpm/src/kernel-syms-2.6.27.54-0.1.… > http://download.opensuse.org/update/11.1/rpm/src/kernel-trace-2.6.27.54-0.1… > http://download.opensuse.org/update/11.1/rpm/src/kernel-vanilla-2.6.27.54-0… > http://download.opensuse.org/update/11.1/rpm/src/kernel-xen-2.6.27.54-0.1.1… > > Our maintenance customers are notified > individually. The packages are > offered for installation from the > maintenance web: > > SLE 11 SERVER Unsupported Extras > http://download.novell.com/patch/finder/?keywords=bd9ae64a765977a7721644cb6… > http://download.novell.com/patch/finder/?keywords=a26754073e422d7b7d2bdf784… > http://download.novell.com/patch/finder/?keywords=4bacf8b00c9bc222e0a14ed70… > http://download.novell.com/patch/finder/?keywords=72ae5c3ed53caa1ba58b4f047… > http://download.novell.com/patch/finder/?keywords=83796b8aba495c97aa0d63167… > > SUSE Linux Enterprise Server 11 > http://download.novell.com/patch/finder/?keywords=d69f430f61b72448377e859dd… > http://download.novell.com/patch/finder/?keywords=f3a833ad82c2fedcac92886c8… > http://download.novell.com/patch/finder/?keywords=adf6f45f6f57d4321fb47c3a8… > http://download.novell.com/patch/finder/?keywords=d3c38f03bc070bd67fc914231… > http://download.novell.com/patch/finder/?keywords=397f45e4eb102e91e10ebd86d… > > SUSE Linux Enterprise Desktop 11 > http://download.novell.com/patch/finder/?keywords=d69f430f61b72448377e859dd… > http://download.novell.com/patch/finder/?keywords=397f45e4eb102e91e10ebd86d… > > SUSE Linux Enterprise High Availability > Extension 11 > http://download.novell.com/patch/finder/?keywords=d69f430f61b72448377e859dd… > http://download.novell.com/patch/finder/?keywords=f3a833ad82c2fedcac92886c8… > http://download.novell.com/patch/finder/?keywords=adf6f45f6f57d4321fb47c3a8… > http://download.novell.com/patch/finder/?keywords=d3c38f03bc070bd67fc914231… > http://download.novell.com/patch/finder/?keywords=397f45e4eb102e91e10ebd86d… > > ______________________________________________________________________________ > > 5) Pending Vulnerabilities, Solutions, and Work-Arounds: > > See SUSE Security Summary Report. > ______________________________________________________________________________ > > 6) Authenticity Verification and Additional Information > > - Announcement authenticity verification: > > SUSE security announcements are published via > mailing lists and on Web > sites. The authenticity and integrity of a > SUSE security announcement is > guaranteed by a cryptographic signature in > each announcement. All SUSE > security announcements are published with a > valid signature. > > To verify the signature of the announcement, > save it as text into a file > and run the command > > gpg --verify <file> > > replacing <file> with the name of the > file where you saved the > announcement. The output for a valid > signature looks like: > > gpg: Signature made <DATE> using > RSA key ID 3D25D3D9 > gpg: Good signature from "SuSE > Security Team <security(a)suse.de>" > > where <DATE> is replaced by the date > the document was signed. > > If the security team's key is not contained > in your key ring, you can > import it from the first installation CD. To > import the key, use the > command > > gpg --import > gpg-pubkey-3d25d3d9-36e12d04.asc > > - Package authenticity verification: > > SUSE update packages are available on many > mirror FTP servers all over the > world. While this service is considered > valuable and important to the free > and open source software community, the > authenticity and the integrity of > a package needs to be verified to ensure that > it has not been tampered > with. > > The internal rpm package signatures provide > an easy way to verify the > authenticity of an RPM package. Use the > command > > rpm -v --checksig > <file.rpm> > > to verify the signature of the package, > replacing <file.rpm> with the > filename of the RPM package downloaded. The > package is unmodified if it > contains a valid signature from build(a)suse.de with > the key ID 9C800ACA. > > This key is automatically imported into the > RPM database (on > RPMv4-based distributions) and the gpg key > ring of 'root' during > installation. You can also find it on the > first installation CD and at > the end of this announcement. > > - SUSE runs two security mailing lists to which any > interested party may > subscribe: > > opensuse-security(a)opensuse.org > - General > Linux and SUSE security discussion. > All SUSE security > announcements are sent to this list. > To subscribe, > send an e-mail to > > <opensuse-security+subscribe(a)opensuse.org>. > > opensuse-security-announce(a)opensuse.org > - SUSE's > announce-only mailing list. > Only SUSE's > security announcements are sent to this list. > To subscribe, > send an e-mail to > > <opensuse-security-announce+subscribe(a)opensuse.org>. > > > ===================================================================== > SUSE's security contact is <security(a)suse.com> > or <security(a)suse.de>. > The <security(a)suse.de> > public key is listed below. > > ===================================================================== > ______________________________________________________________________________ > > The information in this advisory may be > distributed or reproduced, > provided that the advisory is not modified in > any way. In particular, the > clear text signature should show proof of the > authenticity of the text. > > SUSE Linux Products GmbH provides no > warranties of any kind whatsoever > with respect to the information contained in > this security advisory. > > Type Bits/KeyID Date > User ID > pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team > <security(a)suse.de> > pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing > Key <build(a)suse.de> > > - -----BEGIN PGP PUBLIC KEY BLOCK----- > Version: GnuPG v1.4.2 (GNU/Linux) > > mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA > BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz > JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh > 1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U > P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+ > cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg > VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b > yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7 > tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ > xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63 > Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo > choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI > BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u > v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+ > x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0 > Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq > MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2 > saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o > L0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU > F7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS > FQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW > tp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It > Klj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF > AjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+ > 3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk > YS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP > +Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR > 8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U > 8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S > cZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh > ELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB > UVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo > AqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n > KFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi > BBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro > nIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg > KL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx > yoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn > B/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV > wM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh > UzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF > 5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3 > D3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu > zgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd > 9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi > a5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13 > CNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp > 271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE > t5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG > B/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw > rbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt > IJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL > rWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H > RKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa > g8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA > CspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO > =ypVs > - -----END PGP PUBLIC KEY BLOCK----- > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2.0.15 (GNU/Linux) > > iQEVAwUBTNFRxHey5gA9JdPZAQKj8Qf9Gjhje8rSU15zu0oaYlpW/LchbgqzZvrP > kpEDjEmSfOB0ohmpsg82ppwNQXQg4zGI4eBWsBz00Smou+UwzXbVIyS5iJxu6mxq > U1Me0+ESnBRKI87ZtNNjPIlZnKQe/WOlvlp0BwPfr0oQBbFdApwHriu/jBUrrXE4 > 6wp3K1/c5oYWv729rPLV6Y2iorHww9mM2Z5FSk8P4qeB00WPx7SG0VE/3pxWp4rW > 82VlvJnsUoBdRpULSp8uVReiWHaVe0wj6rIGtWqqTGfa4GOeXzbSMdfmLyTES2oc > SsPVbkMG//qQMAlBQrHQZao0fQOjjzfwB/U9OwHvu9yaYVAzs0Ui0w== > =qMJh > -----END PGP SIGNATURE----- > -- > To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org > For additional commands, e-mail: > opensuse-security-announce+help(a)opensuse.org > > -- To unsubscribe, e-mail: opensuse-security+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security+help(a)opensuse.org

11 years, 8 months

[opensuse-security] Break-in via ftp and tomcat accounts

by Bob Vickers

Hello All, We recently suffered a rather puzzling intrusion on an OpenSUSE 11.3 workstation and I wondered whether anyone else had seen anything similar. This computer allowed (it doesn't any more) ssh access from anywhere in the world, and anyone with this set-up expects to see lots of failed login attempts in the log. On 24th Sept one of these attacks was taking place and generated the worrying message sshd[26712]: Accepted password for ftp from 221.6.15.150 port 60041 ssh2 A couple of days later there were a whole bunch of them. It seems that all the system accounts had become open. sshd[12088]: Accepted password for tomcat from 69.143.190.100 port 62729 ssh2 sshd[12130]: Accepted password for ftp from 69.143.190.100 port 63316 ssh2 sshd[12166]: Accepted password for postfix from 69.143.190.100 port 63739 ssh2 sshd[12192]: Accepted password for mysql from 69.143.190.100 port 60222 ssh2 sshd[12292]: Accepted password for nobody from 69.143.190.100 port 62565 ssh2 sshd[12336]: Accepted password for wwwrun from 69.143.190.100 port 63245 ssh2 sshd[12350]: Accepted password for news from 69.143.190.100 port 63501 ssh2 sshd[12382]: Accepted password for games from 69.143.190.100 port 63864 ssh2 sshd[12414]: Accepted password for mail from 69.143.190.100 port 60051 ssh2 sshd[12450]: Accepted password for sshd from 69.143.190.100 port 60814 ssh2 sshd[12460]: Accepted password for bin from 69.143.190.100 port 61108 ssh2 sshd[12490]: Accepted password for daemon from 69.143.190.100 port 61467 ssh2 sshd[12520]: Accepted password for lp from 69.143.190.100 port 61779 ssh2 sshd[12556]: Accepted password for uucp from 69.143.190.100 port 62212 ssh2 sshd[12981]: Accepted password for mysql from 69.143.190.100 port 60149 ssh2 sshd[12999]: Accepted password for ftp from 69.143.190.100 port 60514 ssh2 sshd[13073]: Accepted password for mysql from 69.143.190.100 port 61914 ssh2 sshd[13093]: Accepted password for sshd from 69.143.190.100 port 62346 ssh2 sshd[13220]: Accepted password for wwwrun from 69.143.190.100 port 60966 ssh2 sshd[13228]: Accepted password for news from 69.143.190.100 port 61196 ssh2 sshd[13258]: Accepted password for lp from 69.143.190.100 port 61497 ssh2 sshd[13288]: Accepted password for mail from 69.143.190.100 port 61830 ssh2 sshd[13294]: Accepted password for bin from 69.143.190.100 port 61916 ssh2 sshd[13324]: Accepted password for postfix from 69.143.190.100 port 62245 ssh2 sshd[13332]: Accepted password for at from 69.143.190.100 port 62362 ssh2 None of these accounts have passwords in /etc/shadow and none of them have null strings either. So it seems to me the most likely culprit was a misconfiguration in sshd or PAM or LDAP (in nsswitch.conf we have passwd: compat group: compat shadow: compat passwd_compat: ldap group_compat: ldap shadow_compat: ldap and also we have /etc/shadow:+::0:0:0:::: /etc/shadow:+::0:0:0:::: /etc/passwd:+:::::/nonexistent:/usr/local/etc/restricted-machine ) The machine has been rebooted with a new kernel since then and I cannot ssh to those accounts, so I am hoping the vulnerability is no longer present. But has anyone else ever seen anything similar? Regards, Bob ============================================================== Bob Vickers R.Vickers(a)cs.rhul.ac.uk Dept of Computer Science, Royal Holloway, University of London WWW: http://www.cs.rhul.ac.uk/home/bobv Phone: +44 1784 443691 -- To unsubscribe, e-mail: opensuse-security+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security+help(a)opensuse.org

11 years, 8 months

[opensuse-security] Kernel freezing KDE4 (was: Re: [security-announce] SUSE Security Announcement: Linux kernel (SUSE-SA:2010:051))

by David Hücking

Am Freitag, den 15.10.2010, 16:28 +0200 schrieb Marcus Meissner: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > ______________________________________________________________________________ > > SUSE Security Announcement > > Package: kernel > Announcement ID: SUSE-SA:2010:051 > Date: Fri, 15 Oct 2010 14:00:00 +0000 > Affected Products: openSUSE 11.3 > Vulnerability Type: local privilege escalation > CVSS v2 Base Score: 7.2 (AV:L/AC:L/Au:N/C:C/I:C/A:C) > SUSE Default Package: yes > Cross-References: CVE-2010-2962, CVE-2010-3310 > > Content of This Advisory: > 1) Security Vulnerability Resolved: > Linux kernel security update > Problem Description > 2) Solution or Work-Around > 3) Special Instructions and Notes > 4) Package Location and Checksums > 5) Pending Vulnerabilities, Solutions, and Work-Arounds: > See SUSE Security Summary Report. > 6) Authenticity Verification and Additional Information > > ______________________________________________________________________________ > > 1) Problem Description and Brief Discussion > > This updated openSUSE 11.3 kernel fixes the following security bugs: > > CVE-2010-3310: local users could corrupt kernel heap memory via > ROSE sockets. > > CVE-2010-2962: local users could write to any kernel memory location > via the i915 GEM ioctl interface. Exploitability requires the presence > of a i915 compatible graphics card. > > Additionally the update restores the compat_alloc_userspace() > inline function and includes several other bug fixes. Hi! I did set up a PC with i915 graphic chipset 00:02.0 VGA compatible controller: Intel Corporation 82915G/GV/910GL Integrated Graphics Controller (rev 04) 00:02.1 Display controller: Intel Corporation 82915G Integrated Graphics Controller (rev 04) an openSUSE 11.3 x86/ 32Bit running the kernel 2.6.34-7-desktop. I did apply all updates including this Kernel-Update 2.6.34-12-desktop. Now when I try to log on KDE4 the KDE splash screen appears and the system freezes (no reaction on keyboard, mouse or ACPI "on/ off" button). Ĺoging on to IceWM e.g. still works. Rolling back to the 2.6.34-7-desktop does help. Any tips what to do? Try other kernel "flavor"? Is it a bug?! Regards, David. -- Eat, sleep and go running, ;-) David Hücking. Encrypted eMail welcome! GnuPG/ PGP-Key: 0x57809216. Fingerprint: 3DF2 CBE0 DFAA 4164 02C2 4E2A E005 8DF7 5780 9216 -- To unsubscribe, e-mail: opensuse-security+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security+help(a)opensuse.org

11 years, 8 months

[opensuse-security] tempdir and tempfile question

by Togan Muftuoglu

Hi, I am planning to use havp in connection with squid. In looking to the parameters I found that havp uses the following tempdir and tempfile. SetConfig("TEMPDIR", "/var/tmp"); SetConfig("SCANTEMPFILE", "/var/tmp/havp/havp-XXXXXX"); So instead of the above I tend to use the following and the question is from the security point of view is what I'm doing wrong or is there a better way of doing. SetConfig("TEMPDIR", "/var/spool/havp"); SetConfig("SCANTEMPFILE", "/var/spool/havp/havp-XXXXXX"); Thanks Togan -- To unsubscribe, e-mail: opensuse-security+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security+help(a)opensuse.org

11 years, 8 months

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

2000

1999

1998

1997

1996

openSUSE Security November 2010