[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
UNIRAS Brief - 943/05 - Four Mandriva Linux Security Advisories:
----------------------------------------------------------------------------------
UNIRAS (UK Govt CERT) Briefing Notice - 943/05 dated 10.11.05 Time: 15:00
UNIRAS is part of NISCC (National Infrastructure Security Co-ordination Centre)
----------------------------------------------------------------------------------
UNIRAS material is also available from its website at www.uniras.gov.uk and
Information about NISCC is available from www.niscc.gov.uk
----------------------------------------------------------------------------------
Title
=====
Four Mandriva Linux Security Advisories:
1. MDKSA-2005:207 - libungif
2. MDKSA-2005:208 - emacs
3. MDKSA-2005:209 - fetchmail
4. MDKSA-2005:210 - w3c-libwww
Detail
======
1. Several bugs have been discovered in the way libungif decodes GIF
images. These allow an attacker to create a carefully crafted GIF
image file in such a way that it could cause applications linked
with libungif to crash or execute arbitrary code when the file
is opened by the user.
2. Emacs 21.2 does not prompt or warn the user before executing Lisp code
in the local variables section of a text file, which allows user-
complicit attackers to execute arbitrary commands, as demonstrated
using the mode-name variable.
3. Thomas Wolff and Miloslav Trmac discovered a race condition in the
fetchmailconf program. fetchmailconf would create the initial output
configuration file with insecure permissions and only after writing
would it change permissions to be more restrictive. During that time,
passwords and other data could be exposed to other users on the system
unless the user used a more restrictive umask setting.
4. Sam Varshavchik discovered the HTBoundary_put_block function
in HTBound.c for W3C libwww (w3c-libwww) allows remote servers
to cause a denial of service (segmentation fault) via a crafted
multipart/byteranges MIME message that triggers an out-of-bounds
read.
1.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDKSA-2005:207
http://www.mandriva.com/security/
_______________________________________________________________________
Package : libungif
Date : November 9, 2005
Affected: 10.1, 10.2, 2006.0, Corporate 2.1, Corporate 3.0
_______________________________________________________________________
Problem Description:
Several bugs have been discovered in the way libungif decodes GIF
images. These allow an attacker to create a carefully crafted GIF
image file in such a way that it could cause applications linked
with libungif to crash or execute arbitrary code when the file
is opened by the user.
The updated packages have been patched to address this issue.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2974
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3350
_______________________________________________________________________
Updated Packages:
Mandriva Linux 10.1:
7572b3ed1c8846b63e4cfe1b8894a32f 10.1/RPMS/libungif4-4.1.2-2.1.101mdk.i586.rpm
82bd5a5c751e078763c81220da64c423 10.1/RPMS/libungif4-devel-4.1.2-2.1.101mdk.i586.rpm
d6d48523f5e06df65ec15baa1bf2bddb 10.1/RPMS/libungif4-static-devel-4.1.2-2.1.101mdk.i586.rpm
c76166c5d8c0e9810a00eb0f43933fe2 10.1/RPMS/libungif-progs-4.1.2-2.1.101mdk.i586.rpm
37ddb151c6110d637ed6a98e198a1e53 10.1/SRPMS/libungif-4.1.2-2.1.101mdk.src.rpm
Mandriva Linux 10.1/X86_64:
a47d1d8f03418e916294fa5713143150 x86_64/10.1/RPMS/lib64ungif4-4.1.2-2.1.101mdk.x86_64.rpm
eb9d79c3243fe189c0093bff6ea2fd35 x86_64/10.1/RPMS/lib64ungif4-devel-4.1.2-2.1.101mdk.x86_64.rpm
0f9a3c70ea330841b2449cc21a604d8c x86_64/10.1/RPMS/lib64ungif4-static-devel-4.1.2-2.1.101mdk.x86_64.rpm
303c855118c6cd38dcd7419896e4c913 x86_64/10.1/RPMS/libungif-progs-4.1.2-2.1.101mdk.x86_64.rpm
37ddb151c6110d637ed6a98e198a1e53 x86_64/10.1/SRPMS/libungif-4.1.2-2.1.101mdk.src.rpm
Mandriva Linux 10.2:
ebf8f6eb09d3114f9a761cc7f52cd8bb 10.2/RPMS/libungif4-4.1.3-1.1.102mdk.i586.rpm
88ae8d5c2248985eba52680873759f11 10.2/RPMS/libungif4-devel-4.1.3-1.1.102mdk.i586.rpm
3eca46cddca2d15bee06f5109cf5e287 10.2/RPMS/libungif4-static-devel-4.1.3-1.1.102mdk.i586.rpm
8586b759a2a6fafba49f29e23e4dae13 10.2/RPMS/libungif-progs-4.1.3-1.1.102mdk.i586.rpm
ae1821c6f0cb57991206c287bef87211 10.2/SRPMS/libungif-4.1.3-1.1.102mdk.src.rpm
Mandriva Linux 10.2/X86_64:
4f64cf649de6ccf2e0343b3aae2157c5 x86_64/10.2/RPMS/lib64ungif4-4.1.3-1.1.102mdk.x86_64.rpm
69a3ea4a02abbdbba26977a1ed1f3392 x86_64/10.2/RPMS/lib64ungif4-devel-4.1.3-1.1.102mdk.x86_64.rpm
bd7441f6648425731a453c58b4b9cc63 x86_64/10.2/RPMS/lib64ungif4-static-devel-4.1.3-1.1.102mdk.x86_64.rpm
5a91547614f3716d7f8dd9bfdbc3fb6c x86_64/10.2/RPMS/libungif-progs-4.1.3-1.1.102mdk.x86_64.rpm
ae1821c6f0cb57991206c287bef87211 x86_64/10.2/SRPMS/libungif-4.1.3-1.1.102mdk.src.rpm
Mandriva Linux 2006.0:
24070dfd47ec6b55a64debfd348d9711 2006.0/RPMS/libungif4-4.1.3-1.1.20060mdk.i586.rpm
ce86d6f15aebb0f7c9a772f60414fa0f 2006.0/RPMS/libungif4-devel-4.1.3-1.1.20060mdk.i586.rpm
48fcbd7ac7f0463db1c031dca381c79b 2006.0/RPMS/libungif4-static-devel-4.1.3-1.1.20060mdk.i586.rpm
62edb8465eece3bf2d52a44d7cdaf870 2006.0/RPMS/libungif-progs-4.1.3-1.1.20060mdk.i586.rpm
377b356f789805ffd30b75620681df31 2006.0/SRPMS/libungif-4.1.3-1.1.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64:
8a1c2fdc518a898d1638f162dbcf0129 x86_64/2006.0/RPMS/lib64ungif4-4.1.3-1.1.20060mdk.x86_64.rpm
76150147149dbce7c1b6ea990f7bc737 x86_64/2006.0/RPMS/lib64ungif4-devel-4.1.3-1.1.20060mdk.x86_64.rpm
3fb2d95c03cb31ffd41d86786d3471a8 x86_64/2006.0/RPMS/lib64ungif4-static-devel-4.1.3-1.1.20060mdk.x86_64.rpm
775f7f489b5c289ffcdfe5bf005c4131 x86_64/2006.0/RPMS/libungif-progs-4.1.3-1.1.20060mdk.x86_64.rpm
377b356f789805ffd30b75620681df31 x86_64/2006.0/SRPMS/libungif-4.1.3-1.1.20060mdk.src.rpm
Corporate Server 2.1:
936ee3114e416984e4aba756608a2802 corporate/2.1/RPMS/libungif4-4.1.0-19.1.C21mdk.i586.rpm
f76d4814f118ca630bfdf44998d9d49d corporate/2.1/RPMS/libungif4-devel-4.1.0-19.1.C21mdk.i586.rpm
fc5532eea180d6c31c0a9e41f2f2b5c9 corporate/2.1/RPMS/libungif4-static-devel-4.1.0-19.1.C21mdk.i586.rpm
b00eb0db117e0873d9e3727d8623019d corporate/2.1/SRPMS/libungif-4.1.0-19.1.C21mdk.src.rpm
Corporate Server 2.1/X86_64:
b949a414676df894beff1f0bbd1cf8dd x86_64/corporate/2.1/RPMS/libungif4-4.1.0-19.1.C21mdk.x86_64.rpm
d688a956b50e58a390da4638c8d8552b x86_64/corporate/2.1/RPMS/libungif4-devel-4.1.0-19.1.C21mdk.x86_64.rpm
d4b4ae8c4fbab006e11f732da4e94072 x86_64/corporate/2.1/RPMS/libungif4-static-devel-4.1.0-19.1.C21mdk.x86_64.rpm
b00eb0db117e0873d9e3727d8623019d x86_64/corporate/2.1/SRPMS/libungif-4.1.0-19.1.C21mdk.src.rpm
Corporate 3.0:
100e1f0098e403f373246b40ad30a26c corporate/3.0/RPMS/libungif4-4.1.0-23.1.C30mdk.i586.rpm
9395faa12299d659e1c21f0710e68d0d corporate/3.0/RPMS/libungif4-devel-4.1.0-23.1.C30mdk.i586.rpm
710f25082b1534ecaed8cd93e925b1ce corporate/3.0/RPMS/libungif4-static-devel-4.1.0-23.1.C30mdk.i586.rpm
f1457fe0f7af89d2c4b91b7234264106 corporate/3.0/SRPMS/libungif-4.1.0-23.1.C30mdk.src.rpm
Corporate 3.0/X86_64:
4c2dcc592be1b52254a942cfa0771cf9 x86_64/corporate/3.0/RPMS/lib64ungif4-4.1.0-23.1.C30mdk.x86_64.rpm
fb7420250a7444c44da3f142a2ffe206 x86_64/corporate/3.0/RPMS/lib64ungif4-devel-4.1.0-23.1.C30mdk.x86_64.rpm
b876da48e6fa314cd5f735619d5325ef x86_64/corporate/3.0/RPMS/lib64ungif4-static-devel-4.1.0-23.1.C30mdk.x86_64.rpm
f1457fe0f7af89d2c4b91b7234264106 x86_64/corporate/3.0/SRPMS/libungif-4.1.0-23.1.C30mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFDcnHamqjQ0CJFipgRAjz+AJ0fjnANDCTPTdvfQWok+vQpdTkpcQCeN4fk
nIl7CpNguWyFcs8x8vqGGJA=
=0sZZ
-----END PGP SIGNATURE-----
2.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDKSA-2005:208
http://www.mandriva.com/security/
_______________________________________________________________________
Package : emacs
Date : November 9, 2005
Affected: Corporate 2.1
_______________________________________________________________________
Problem Description:
Emacs 21.2 does not prompt or warn the user before executing Lisp code
in the local variables section of a text file, which allows user-
complicit attackers to execute arbitrary commands, as demonstrated
using the mode-name variable.
The packages have been updated to version 21.3 to correct the problem.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-1232
_______________________________________________________________________
Updated Packages:
Corporate Server 2.1:
48dc24e034b8091dcf425692e3063313 corporate/2.1/RPMS/emacs-21.3-1.1.C21mdk.i586.rpm
2719f8131f4d22cb331e1d9139a5469a corporate/2.1/RPMS/emacs-el-21.3-1.1.C21mdk.i586.rpm
72083c11973082f333e77ab8517ef39d corporate/2.1/RPMS/emacs-leim-21.3-1.1.C21mdk.i586.rpm
c08f09ad0fc94583508edd3ba2706743 corporate/2.1/RPMS/emacs-nox-21.3-1.1.C21mdk.i586.rpm
6e6c749452b93361b17270ec94a55f4a corporate/2.1/RPMS/emacs-X11-21.3-1.1.C21mdk.i586.rpm
6a8ed9e75840c8af8c5e498daaa04167 corporate/2.1/SRPMS/emacs-21.3-1.1.C21mdk.src.rpm
Corporate Server 2.1/X86_64:
63f47c94136bff5fd82f4486dbef173d x86_64/corporate/2.1/RPMS/emacs-21.3-1.1.C21mdk.x86_64.rpm
ea4d960602af4c4f1e7a3899aacbfc38 x86_64/corporate/2.1/RPMS/emacs-el-21.3-1.1.C21mdk.x86_64.rpm
9406e42241f55358662ca7c11afbfbe5 x86_64/corporate/2.1/RPMS/emacs-leim-21.3-1.1.C21mdk.x86_64.rpm
37436bb462c3680e88faf06a8fb71dd7 x86_64/corporate/2.1/RPMS/emacs-nox-21.3-1.1.C21mdk.x86_64.rpm
963f81f300e17c4b72999e146be5f772 x86_64/corporate/2.1/RPMS/emacs-X11-21.3-1.1.C21mdk.x86_64.rpm
6a8ed9e75840c8af8c5e498daaa04167 x86_64/corporate/2.1/SRPMS/emacs-21.3-1.1.C21mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFDcnJvmqjQ0CJFipgRAluEAJ9L1DMaYAPBpjahC49cWqS1eapENQCePSJo
15EH7mwQZZDnCwfXGIyb/T8=
=KrT/
-----END PGP SIGNATURE-----
3.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDKSA-2005:209
http://www.mandriva.com/security/
_______________________________________________________________________
Package : fetchmail
Date : November 9, 2005
Affected: 10.1, 10.2, 2006.0, Corporate 2.1, Corporate 3.0
_______________________________________________________________________
Problem Description:
Thomas Wolff and Miloslav Trmac discovered a race condition in the
fetchmailconf program. fetchmailconf would create the initial output
configuration file with insecure permissions and only after writing
would it change permissions to be more restrictive. During that time,
passwords and other data could be exposed to other users on the system
unless the user used a more restrictive
-----BEGIN PGP SIGNED MESSAGE-----
umask
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1
iQCVAwUBQ3Nhk4pao72zK539AQFR7gP9GwTGSnMMQlAvUl4unhn47JHiKfAu1H05
EgcL2t8+5HFuqXUo7dAJvTdDsZY9WF9qFvBroEpcEvV6MuL9HagnQIzo8uPXqoOn
d2hzlO6iweUVnifXVkUQlY24kpM37oVenSYXMdl/pxdkVWIBKPCGuKxJ3NqmewFY
qzefgbDmVrA=
=oZjr
-----END PGP SIGNATURE-----
setting.
As well, the Mandriva Linux 2006 packages did not contain the patch
that corrected the issues fixed in MDKSA-2005:126, namely a buffer
overflow in fetchmail's POP3 client (CAN-2005-2355).
The updated packages have been patched to address this issue, and the
Mandriva 2006 packages have also been patched to correct CAN-2005-2355.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3088
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2355
_______________________________________________________________________
Updated Packages:
Mandriva Linux 10.1:
de0b7fb59640e490441fe4a48d11954d 10.1/RPMS/fetchmail-6.2.5-5.2.101mdk.i586.rpm
84c6cb9619cb5b4ef74ade674845f51e 10.1/RPMS/fetchmailconf-6.2.5-5.2.101mdk.i586.rpm
1f0b8136bcd4caeae75542ff54d78371 10.1/RPMS/fetchmail-daemon-6.2.5-5.2.101mdk.i586.rpm
e9309094431f4983fad035cbc1eb566b 10.1/SRPMS/fetchmail-6.2.5-5.2.101mdk.src.rpm
Mandriva Linux 10.1/X86_64:
32720e7378b6b85ae3a1287d5ff558e3 x86_64/10.1/RPMS/fetchmail-6.2.5-5.2.101mdk.x86_64.rpm
c46469b4d83446e861b8db3b54c60f6d x86_64/10.1/RPMS/fetchmailconf-6.2.5-5.2.101mdk.x86_64.rpm
5ea98645d8fd15f30c7060576d220518 x86_64/10.1/RPMS/fetchmail-daemon-6.2.5-5.2.101mdk.x86_64.rpm
e9309094431f4983fad035cbc1eb566b x86_64/10.1/SRPMS/fetchmail-6.2.5-5.2.101mdk.src.rpm
Mandriva Linux 10.2:
59614bb2b9bd76c93300d3459bd908e8 10.2/RPMS/fetchmail-6.2.5-10.3.102mdk.i586.rpm
096f60340d1d71ea15290534a5b1cfc9 10.2/RPMS/fetchmailconf-6.2.5-10.3.102mdk.i586.rpm
c40c436ab5751c4599caefc8cd28940f 10.2/RPMS/fetchmail-daemon-6.2.5-10.3.102mdk.i586.rpm
1a7299f4d74a9d0aa89ce25871644616 10.2/SRPMS/fetchmail-6.2.5-10.3.102mdk.src.rpm
Mandriva Linux 10.2/X86_64:
f9290067e4f4e039753d3b6e7eead02d x86_64/10.2/RPMS/fetchmail-6.2.5-10.3.102mdk.x86_64.rpm
813f46e3d0d3413b4b4c5122b5ff8bfc x86_64/10.2/RPMS/fetchmailconf-6.2.5-10.3.102mdk.x86_64.rpm
820953daf6e6c69f58a1e3380cb60369 x86_64/10.2/RPMS/fetchmail-daemon-6.2.5-10.3.102mdk.x86_64.rpm
1a7299f4d74a9d0aa89ce25871644616 x86_64/10.2/SRPMS/fetchmail-6.2.5-10.3.102mdk.src.rpm
Mandriva Linux 2006.0:
b11365c74030b1075435ce6c9e0bda88 2006.0/RPMS/fetchmail-6.2.5-11.1.20060mdk.i586.rpm
f24c20a001b8df396355bae70166c051 2006.0/RPMS/fetchmailconf-6.2.5-11.1.20060mdk.i586.rpm
0d86053a3e69cd9bbf772664eec6236c 2006.0/RPMS/fetchmail-daemon-6.2.5-11.1.20060mdk.i586.rpm
5781cf14f33e52da296bb4b89f811812 2006.0/SRPMS/fetchmail-6.2.5-11.1.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64:
dd6f3321e9ff2f6b767c9c2940c0379a x86_64/2006.0/RPMS/fetchmail-6.2.5-11.1.20060mdk.x86_64.rpm
4400d9a3f5e6489bfd40c3185d98970a x86_64/2006.0/RPMS/fetchmailconf-6.2.5-11.1.20060mdk.x86_64.rpm
3b62ae9bcc9fbaa14198b898774b7cec x86_64/2006.0/RPMS/fetchmail-daemon-6.2.5-11.1.20060mdk.x86_64.rpm
5781cf14f33e52da296bb4b89f811812 x86_64/2006.0/SRPMS/fetchmail-6.2.5-11.1.20060mdk.src.rpm
Corporate Server 2.1:
ce7a54747ca8339473335f6b588bc5ce corporate/2.1/RPMS/fetchmail-6.1.0-1.4.C21mdk.i586.rpm
7b44a889fef845ae5db3290dc9b866c9 corporate/2.1/RPMS/fetchmailconf-6.1.0-1.4.C21mdk.i586.rpm
73d527b67a4854fcf9fe9e8b27232fbe corporate/2.1/RPMS/fetchmail-daemon-6.1.0-1.4.C21mdk.i586.rpm
2a20268d079b94fbadafd29c3253504f corporate/2.1/SRPMS/fetchmail-6.1.0-1.4.C21mdk.src.rpm
Corporate Server 2.1/X86_64:
173c6aeda81987ac1820ea7865ca1942 x86_64/corporate/2.1/RPMS/fetchmail-6.1.0-1.4.C21mdk.x86_64.rpm
9624c2cf97df1588c14a3048899b571a x86_64/corporate/2.1/RPMS/fetchmailconf-6.1.0-1.4.C21mdk.x86_64.rpm
e8922f5da70e12576c9feac6d5998913 x86_64/corporate/2.1/RPMS/fetchmail-daemon-6.1.0-1.4.C21mdk.x86_64.rpm
2a20268d079b94fbadafd29c3253504f x86_64/corporate/2.1/SRPMS/fetchmail-6.1.0-1.4.C21mdk.src.rpm
Corporate 3.0:
03913f6670b6de3b9e1c45e35ae0a186 corporate/3.0/RPMS/fetchmail-6.2.5-3.2.C30mdk.i586.rpm
fb46ec776a21f713f6fde14b575d5628 corporate/3.0/RPMS/fetchmailconf-6.2.5-3.2.C30mdk.i586.rpm
ded6e5340284869543be18b5b971be76 corporate/3.0/RPMS/fetchmail-daemon-6.2.5-3.2.C30mdk.i586.rpm
b54d99d537e7317aa590e6aae57df78b corporate/3.0/SRPMS/fetchmail-6.2.5-3.2.C30mdk.src.rpm
Corporate 3.0/X86_64:
d4d0d8a6995d5d209a508984b3b0d7d8 x86_64/corporate/3.0/RPMS/fetchmail-6.2.5-3.2.C30mdk.x86_64.rpm
6bf1d33980eb83ec0434a9fbdae1014f x86_64/corporate/3.0/RPMS/fetchmailconf-6.2.5-3.2.C30mdk.x86_64.rpm
62db83cb99470473cf1718fc38aaedc6 x86_64/corporate/3.0/RPMS/fetchmail-daemon-6.2.5-3.2.C30mdk.x86_64.rpm
b54d99d537e7317aa590e6aae57df78b x86_64/corporate/3.0/SRPMS/fetchmail-6.2.5-3.2.C30mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFDcnQPmqjQ0CJFipgRAk6dAJ9GH/E98V/wHxCv2SufVnNDGJhHMQCfUpeJ
douSyj4gSpEu6e2KCnT8tHk=
=Gpyr
-----END PGP SIGNATURE-----
4.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDKSA-2005:210
http://www.mandriva.com/security/
_______________________________________________________________________
Package : w3c-libwww
Date : November 9, 2005
Affected: 10.1, 10.2, 2006.0, Corporate 2.1, Corporate 3.0
_______________________________________________________________________
Problem Description:
Sam Varshavchik discovered the HTBoundary_put_block function
in HTBound.c for W3C libwww (w3c-libwww) allows remote servers
to cause a denial of service (segmentation fault) via a crafted
multipart/byteranges MIME message that triggers an out-of-bounds
read.
The updated packages have been patched to address this issue.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3183
_______________________________________________________________________
Updated Packages:
Mandriva Linux 10.1:
0028a9950c115d5d12bfbee15c9a1faf 10.1/RPMS/w3c-libwww-5.4.0-3.1.101mdk.i586.rpm
4a3be6811dd6d050d0d71b19529a3981 10.1/RPMS/w3c-libwww-apps-5.4.0-3.1.101mdk.i586.rpm
fce977cbc39a6bb745fe2be4735894d6 10.1/RPMS/w3c-libwww-devel-5.4.0-3.1.101mdk.i586.rpm
970c882bb1726148859331e261b7decc 10.1/SRPMS/w3c-libwww-5.4.0-3.1.101mdk.src.rpm
Mandriva Linux 10.1/X86_64:
230dab77e0420b4b5e71621f7aa4bb03 x86_64/10.1/RPMS/w3c-libwww-5.4.0-3.1.101mdk.x86_64.rpm
79a88076028dc9f67143b18f469bcfe7 x86_64/10.1/RPMS/w3c-libwww-apps-5.4.0-3.1.101mdk.x86_64.rpm
9a593f8e9c24188e67d99d0f0cfefccd x86_64/10.1/RPMS/w3c-libwww-devel-5.4.0-3.1.101mdk.x86_64.rpm
970c882bb1726148859331e261b7decc x86_64/10.1/SRPMS/w3c-libwww-5.4.0-3.1.101mdk.src.rpm
Mandriva Linux 10.2:
dedea2c8f6044a7e8e926dec7aacb7b6 10.2/RPMS/w3c-libwww-5.4.0-5.1.102mdk.i586.rpm
a23c0a0492d5e3283f2ba1f5011ac6e0 10.2/RPMS/w3c-libwww-apps-5.4.0-5.1.102mdk.i586.rpm
58a644897fa5b4bd4758f1fd796b333f 10.2/RPMS/w3c-libwww-devel-5.4.0-5.1.102mdk.i586.rpm
6325ed733dd1288eed4b7cadd761efb4 10.2/SRPMS/w3c-libwww-5.4.0-5.1.102mdk.src.rpm
Mandriva Linux 10.2/X86_64:
a9eb35e0a8911a6d0f4ca62835ccf11b x86_64/10.2/RPMS/w3c-libwww-5.4.0-5.1.102mdk.x86_64.rpm
2bf2c665aa0457e3fd4477bf3bc420ed x86_64/10.2/RPMS/w3c-libwww-apps-5.4.0-5.1.102mdk.x86_64.rpm
a32352084a5e6b4e596149e9f70b2e0e x86_64/10.2/RPMS/w3c-libwww-devel-5.4.0-5.1.102mdk.x86_64.rpm
6325ed733dd1288eed4b7cadd761efb4 x86_64/10.2/SRPMS/w3c-libwww-5.4.0-5.1.102mdk.src.rpm
Mandriva Linux 2006.0:
90a6b76b0348b44b0e27bea010b4eb49 2006.0/RPMS/w3c-libwww-5.4.0-5.1.20060mdk.i586.rpm
c3110ef8841c42bca06d7bec5a735dfc 2006.0/RPMS/w3c-libwww-apps-5.4.0-5.1.20060mdk.i586.rpm
3ce9cb49c20992d28dbcef5279320a2e 2006.0/RPMS/w3c-libwww-devel-5.4.0-5.1.20060mdk.i586.rpm
aa2513983ebff77a377f050a03f0f709 2006.0/SRPMS/w3c-libwww-5.4.0-5.1.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64:
211a4e31b787234053b57a98649ba4dd x86_64/2006.0/RPMS/w3c-libwww-5.4.0-5.1.20060mdk.x86_64.rpm
3202bdeae1f581a5bd96ac36c3fc9343 x86_64/2006.0/RPMS/w3c-libwww-apps-5.4.0-5.1.20060mdk.x86_64.rpm
3b38bfd1666b8a7f2ee06279b8bc9c02 x86_64/2006.0/RPMS/w3c-libwww-devel-5.4.0-5.1.20060mdk.x86_64.rpm
aa2513983ebff77a377f050a03f0f709 x86_64/2006.0/SRPMS/w3c-libwww-5.4.0-5.1.20060mdk.src.rpm
Corporate Server 2.1:
7a89ba5572926683e96c33e77f3ac90c corporate/2.1/RPMS/w3c-libwww-5.4.0-1.1.C21mdk.i586.rpm
d6bae42a8ce8464b5939768a8db0984b corporate/2.1/RPMS/w3c-libwww-apps-5.4.0-1.1.C21mdk.i586.rpm
94fc975b58d69415229a07c72208d68b corporate/2.1/RPMS/w3c-libwww-devel-5.4.0-1.1.C21mdk.i586.rpm
658ef36b9237c32c8b8b2242d784b649 corporate/2.1/SRPMS/w3c-libwww-5.4.0-1.1.C21mdk.src.rpm
Corporate Server 2.1/X86_64:
79b5a6c4cb509f8006d3ec99632f2ad6 x86_64/corporate/2.1/RPMS/w3c-libwww-5.4.0-1.1.C21mdk.x86_64.rpm
b094ee750ad39cbb3ca4a3cbd8691e4b x86_64/corporate/2.1/RPMS/w3c-libwww-apps-5.4.0-1.1.C21mdk.x86_64.rpm
703d42ad6034c04f67965ce7c7d85c68 x86_64/corporate/2.1/RPMS/w3c-libwww-devel-5.4.0-1.1.C21mdk.x86_64.rpm
658ef36b9237c32c8b8b2242d784b649 x86_64/corporate/2.1/SRPMS/w3c-libwww-5.4.0-1.1.C21mdk.src.rpm
Corporate 3.0:
694c85995c941cdba2192fe97e5ec059 corporate/3.0/RPMS/w3c-libwww-5.4.0-2.1.C30mdk.i586.rpm
19f8b7186d1a89b35e09e361ef886b71 corporate/3.0/RPMS/w3c-libwww-apps-5.4.0-2.1.C30mdk.i586.rpm
2bc46f631fbaa3c76c34d68379a98a1d corporate/3.0/RPMS/w3c-libwww-devel-5.4.0-2.1.C30mdk.i586.rpm
fbcc5c240ba9a1393630d104348b8f0d corporate/3.0/SRPMS/w3c-libwww-5.4.0-2.1.C30mdk.src.rpm
Corporate 3.0/X86_64:
4338a82df1ad722c4db049093c2ce40e x86_64/corporate/3.0/RPMS/w3c-libwww-5.4.0-2.1.C30mdk.x86_64.rpm
1b0b167065556a599eb495a7bded51d1 x86_64/corporate/3.0/RPMS/w3c-libwww-apps-5.4.0-2.1.C30mdk.x86_64.rpm
979feebbff0b283e480d223332369cbd x86_64/corporate/3.0/RPMS/w3c-libwww-devel-5.4.0-2.1.C30mdk.x86_64.rpm
fbcc5c240ba9a1393630d104348b8f0d x86_64/corporate/3.0/SRPMS/w3c-libwww-5.4.0-2.1.C30mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFDcnlMmqjQ0CJFipgRAjGwAJ40Z6rAFU0GwRsqzj7lgZX6B531gwCeItNf
f2A0d4XLb7CxvwcEU2x/BVs=
=81Jq
-----END PGP SIGNATURE-----
----------------------------------------------------------------------------------
For additional information or assistance, please contact the HELP Desk by
telephone or Not Protectively Marked information may be sent via
EMail to: uniras@xxxxxxxxxxxx
Office Hours:
Mon - Fri: 08:30 - 17:00 Hrs
Tel: +44 (0) 870 487 0748 Ext 4511
Fax: +44 (0) 870 487 0749
Outside of Office Hours:
On Call Duty Officer:
Tel: +44 (0) 870 487 0748 and follow the prompts
----------------------------------------------------------------------------------
UNIRAS wishes to acknowledge the contributions of Mandriva for the information
contained in this Briefing.
----------------------------------------------------------------------------------
This Briefing contains the information released by the original author. Some
of the information may have changed since it was released. If the vulnerability
affects you, it may be prudent to retrieve the advisory from the canonical site
to ensure that you receive the most current information concerning that problem.
Reference to any specific commercial product, process, or service by trade
name, trademark manufacturer, or otherwise, does not constitute or imply
its endorsement, recommendation, or favouring by UNIRAS or NISCC. The views
and opinions of authors expressed within this notice shall not be used for
advertising or product endorsement purposes.
Neither UNIRAS or NISCC shall also accept responsibility for any errors
or omissions contained within this briefing notice. In particular, they shall
not be liable for any loss or damage whatsoever, arising from or in connection
with the usage of information contained within this notice.
UNIRAS is a member of the Forum of Incident Response and Security Teams (FIRST)
and has contacts with other international Incident Response Teams (IRTs) in
order to foster cooperation and coordination in incident prevention, to prompt
rapid reaction to incidents, and to promote information sharing amongst its
members and the community at large.
----------------------------------------------------------------------------------
<End of UNIRAS Briefing>
______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
______________________________________________________________________
______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
______________________________________________________________________