Mailinglist Archive: opensuse-security-announce (30 mails)

< Previous Next >
[security-announce] SUSE-SU-2011:0917-1: critical: Security update for kiwi
SUSE Security Update: Security update for kiwi
______________________________________________________________________________

Announcement ID: SUSE-SU-2011:0917-1
Rating: critical
References: #571584 #659843 #667082 #668014 #670299 #675004
#681902 #682978 #689907 #693847 #694506 #699558
#699708 #699710 #700356 #700588 #700589 #700591
#700948 #701512 #701814 #701815 #701816 #702041
#702320 #704726 #704730 #707637 #709437 #709572
#710392 #711998 #712000
Cross-References: CVE-2011-2225 CVE-2011-2226 CVE-2011-2644
CVE-2011-2645 CVE-2011-2646 CVE-2011-2647
CVE-2011-2648 CVE-2011-2649 CVE-2011-2650
CVE-2011-2651 CVE-2011-2652
Affected Products:
SUSE Studio Onsite 1.1
______________________________________________________________________________

An update that solves 11 vulnerabilities and has 22 fixes
is now available. It includes two new package versions.

Description:


SUSE Studio was prone to several cross-site-scripting (XSS)
and shell quoting issues.

* CVE-2011-2652 - XSS vulnerability in overlay files:
bad escaping archive file list
* CVE-2011-2651 - Remote code execution via crafted
filename in file browser
* CVE-2011-2650 - XSS vulnerability when displaying RPM
info (pattern name)
* CVE-2011-2649 - Unwanted shell expansion when
executing commands in FileUtils fix
* CVE-2011-2648 - Arbitrary code execution via filters
in modified files
* CVE-2011-2647 - studio: Remote code execution via
crafted archive name in testdrive's modified files
* CVE-2011-2646 - studio: Remote code execution via
crafted filename in testdrive's modified files
* CVE-2011-2645 - Remote code execution via crafted
custom RPM filename
* CVE-2011-2644 - XSS vulnerability in displaying RPM
info
* CVE-2011-2226 - XSS vulnerability when displaying
pattern listing
* CVE-2011-2225 - Overlay directory pathes are not
properly escaped before inclusion into config.sh

Furthermore, the following non-security fixes are included:

* 682978: Fix apache config for cloning appliances with
image repos
* 681902: Fix images being deleted when one format is
deleted
* 571584: Show 32bit packages in 64bit appliance when
there's no 64bit version available
* 701512: Remove kiwi version dependency on release
* 704730: Fix script for fixing the apache configuration
* 707637: Fixed rmds segfaults during attempt of adding
specially crafted repositories
* 704726: Disable partition alignment for SLE10
* 709437: Fix Export script
* 689907: Fix SLE 10 SP3 appliances containing SP2
product file
* 711998: Do not waste disk space when generating the
export tarball

In addition, this update provides kiwi version 3.73.1 with
the following fixes:

* 667082: KIWIManager.sh rpmLibs() should execute
ldconfig after baselib cleanup
* 668014: Support raid 1 (mirroring) for pxe images
* 670299: kiwi's implementation of 4k alignment feature
covers only first partition
* 675004: TFTP block size
* 694506: Kiwi: boot partition runs out of space
* 659843: Avoid initialization of KMS without kernel
support
* 693847: fixed URL quoting, we have to distinguish the
quoting

Also an important fix was made to the "export" script.

Security Issue references:

* CVE-2011-2652
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2652
>
* CVE-2011-2651
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2651
>
* CVE-2011-2650
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2650
>
* CVE-2011-2649
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2649
>
* CVE-2011-2648
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2648
>
* CVE-2011-2647
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2647
>
* CVE-2011-2646
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2646
>
* CVE-2011-2645
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2645
>
* CVE-2011-2644
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2644
>
* CVE-2011-2225
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2225
>
* CVE-2011-2226
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2226
>


Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- SUSE Studio Onsite 1.1:

zypper in -t patch slestsosp1-susestudio-201107-4998

To bring your system up-to-date, use "zypper patch".


Package List:

- SUSE Studio Onsite 1.1 (x86_64) [New Version: 1.1.4 and 3.74.2]:

kiwi-3.74.2-0.81.8
kiwi-desc-isoboot-3.74.2-0.81.8
kiwi-desc-netboot-3.74.2-0.81.8
kiwi-desc-oemboot-3.74.2-0.81.8
kiwi-desc-usbboot-3.74.2-0.81.8
kiwi-desc-vmxboot-3.74.2-0.81.8
kiwi-desc-xenboot-3.74.2-0.81.8
kiwi-doc-3.74.2-0.81.8
kiwi-tools-3.74.2-0.81.8
susestudio-1.1.4-0.19.2
susestudio-clicfs-1.1.4-0.19.2
susestudio-common-1.1.4-0.19.2
susestudio-image-helpers-1.1.4-0.3.2
susestudio-kiwi-runner-1.1.4-0.19.2
susestudio-rmds-1.1.4-0.19.2
susestudio-testdrive-1.1.4-0.19.2
susestudio-thoth-1.1.4-0.19.2
susestudio-ui-server-1.1.4-0.19.2


References:

http://support.novell.com/security/cve/CVE-2011-2225.html
http://support.novell.com/security/cve/CVE-2011-2226.html
http://support.novell.com/security/cve/CVE-2011-2644.html
http://support.novell.com/security/cve/CVE-2011-2645.html
http://support.novell.com/security/cve/CVE-2011-2646.html
http://support.novell.com/security/cve/CVE-2011-2647.html
http://support.novell.com/security/cve/CVE-2011-2648.html
http://support.novell.com/security/cve/CVE-2011-2649.html
http://support.novell.com/security/cve/CVE-2011-2650.html
http://support.novell.com/security/cve/CVE-2011-2651.html
http://support.novell.com/security/cve/CVE-2011-2652.html
https://bugzilla.novell.com/571584
https://bugzilla.novell.com/659843
https://bugzilla.novell.com/667082
https://bugzilla.novell.com/668014
https://bugzilla.novell.com/670299
https://bugzilla.novell.com/675004
https://bugzilla.novell.com/681902
https://bugzilla.novell.com/682978
https://bugzilla.novell.com/689907
https://bugzilla.novell.com/693847
https://bugzilla.novell.com/694506
https://bugzilla.novell.com/699558
https://bugzilla.novell.com/699708
https://bugzilla.novell.com/699710
https://bugzilla.novell.com/700356
https://bugzilla.novell.com/700588
https://bugzilla.novell.com/700589
https://bugzilla.novell.com/700591
https://bugzilla.novell.com/700948
https://bugzilla.novell.com/701512
https://bugzilla.novell.com/701814
https://bugzilla.novell.com/701815
https://bugzilla.novell.com/701816
https://bugzilla.novell.com/702041
https://bugzilla.novell.com/702320
https://bugzilla.novell.com/704726
https://bugzilla.novell.com/704730
https://bugzilla.novell.com/707637
https://bugzilla.novell.com/709437
https://bugzilla.novell.com/709572
https://bugzilla.novell.com/710392
https://bugzilla.novell.com/711998
https://bugzilla.novell.com/712000

http://download.novell.com/patch/finder/?keywords=a7ac468c5be46a2fa087e91241b263bd

--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-security-announce+help@xxxxxxxxxxxx

< Previous Next >
This Thread
  • No further messages