[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

UNIRAS Brief - 430/05 - Mandriva - Two Security Update Advisories [MDKSA-2005:096,097]



 
-----BEGIN PGP SIGNED MESSAGE-----

- ----------------------------------------------------------------------------------
   UNIRAS (UK Govt CERT) Briefing Notice - 430/05 dated 08.06.05  Time: 16:05  
  UNIRAS is part of NISCC (National Infrastructure Security Co-ordination Centre)
- ---------------------------------------------------------------------------------- 
  UNIRAS material is also available from its website at www.uniras.gov.uk and
         Information about NISCC is available from www.niscc.gov.uk
- ----------------------------------------------------------------------------------

Title
=====
Mandriva - Two Security Update Advisories:
     1.  Updated openssl packages fix vulnerabilities [MDKSA-2005:096]
     2.  Updated a2ps packages fix temporary file vulnerabilities [MDKSA-2005:097]

Detail
====== 

Security Update Advisory summaries:

     1.  There us a cache timing attack that could be used to allow a malicious local 
         user to gain portions of cryptographic keys (CAN-2005-0109).  The patch was 
         designed to mitigate cache timing and possibly related attacks.

     2.   The fixps and psmandup scripts, part of the a2ps package, are vulnerable to 
          symlink attacks which could allow a local attacker to overwrite arbitrary 
          files.  The updated packages have been patched to correct the problem.


Security Update Advisory content follows:


1.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                Mandriva Linux Security Update Advisory
 _______________________________________________________________________

 Package name:           openssl
 Advisory ID:            MDKSA-2005:096
 Date:                   June 6th, 2005

 Affected versions:	 10.0, 10.1, 10.2, Corporate 3.0,
			 Corporate Server 2.1
 ______________________________________________________________________

 Problem Description:

 Colin Percival reported a cache timing attack that could be used to
 allow a malicious local user to gain portions of cryptographic keys
 (CAN-2005-0109).  The OpenSSL library has been patched to add a new
 fixed-window mod_exp implementation as default for RSA, DSA, and DH
 private key operations.  The patch was designed to mitigate cache
 timing and possibly related attacks.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0109
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.0:
 cee49155c0a92bb8135a319fd7932c91  10.0/RPMS/libopenssl0.9.7-0.9.7c-3.2.100mdk.i586.rpm
 2c80ea6436e6a6c6466a917f52d2390c  10.0/RPMS/libopenssl0.9.7-devel-0.9.7c-3.2.100mdk.i586.rpm
 52d0e353df687a95873de42742662654  10.0/RPMS/libopenssl0.9.7-static-devel-0.9.7c-3.2.100mdk.i586.rpm
 292de5de390f0ef4692d31309b9bde11  10.0/RPMS/openssl-0.9.7c-3.2.100mdk.i586.rpm
 ee45559e7e24574e13c6a67c74f7133d  10.0/SRPMS/openssl-0.9.7c-3.2.100mdk.src.rpm

 Mandrakelinux 10.0/AMD64:
 e301b8be00577ccc4e2b1efd7f413179  amd64/10.0/RPMS/lib64openssl0.9.7-0.9.7c-3.2.100mdk.amd64.rpm
 f8c587ca420c66ca24e951b59834c963  amd64/10.0/RPMS/lib64openssl0.9.7-devel-0.9.7c-3.2.100mdk.amd64.rpm
 a06d5783022cd8a9b5c79c680661d174  amd64/10.0/RPMS/lib64openssl0.9.7-static-devel-0.9.7c-3.2.100mdk.amd64.rpm
 464d4ea1d39a0679108adb8ac165cdce  amd64/10.0/RPMS/openssl-0.9.7c-3.2.100mdk.amd64.rpm
 ee45559e7e24574e13c6a67c74f7133d  amd64/10.0/SRPMS/openssl-0.9.7c-3.2.100mdk.src.rpm

 Mandrakelinux 10.1:
 de2ad60c1e4f2a65530e306de708dcbd  10.1/RPMS/libopenssl0.9.7-0.9.7d-1.2.101mdk.i586.rpm
 f061104d9da8c4321a724b3497eadf44  10.1/RPMS/libopenssl0.9.7-devel-0.9.7d-1.2.101mdk.i586.rpm
 5733754aba4dfe0d216a9d2c3a586fc3  10.1/RPMS/libopenssl0.9.7-static-devel-0.9.7d-1.2.101mdk.i586.rpm
 d85002e7e972e92649143f32843921c2  10.1/RPMS/openssl-0.9.7d-1.2.101mdk.i586.rpm
 ae8b9201966a40154c936e86c66ed6ee  10.1/SRPMS/openssl-0.9.7d-1.2.101mdk.src.rpm

 Mandrakelinux 10.1/X86_64:
 9cb7b4a822ee946c9bfbfd58eab266db  x86_64/10.1/RPMS/lib64openssl0.9.7-0.9.7d-1.2.101mdk.x86_64.rpm
 8d3cee9ae100bdc96680d1f2981c605c  x86_64/10.1/RPMS/lib64openssl0.9.7-devel-0.9.7d-1.2.101mdk.x86_64.rpm
 d5567a5ed0e73448718be767d15c909f  x86_64/10.1/RPMS/lib64openssl0.9.7-static-devel-0.9.7d-1.2.101mdk.x86_64.rpm
 7fd69749f62ac883da9d5c25a6a9d20b  x86_64/10.1/RPMS/openssl-0.9.7d-1.2.101mdk.x86_64.rpm
 ae8b9201966a40154c936e86c66ed6ee  x86_64/10.1/SRPMS/openssl-0.9.7d-1.2.101mdk.src.rpm

 Mandrakelinux 10.2:
 b1eeb36b807c8f4aa28d206045d43a9f  10.2/RPMS/libopenssl0.9.7-0.9.7e-5.1.102mdk.i586.rpm
 ac3d69c0b6f943ad93bb234d6af9c744  10.2/RPMS/libopenssl0.9.7-devel-0.9.7e-5.1.102mdk.i586.rpm
 56ca2ecdb9bde08be0b04224f53269eb  10.2/RPMS/libopenssl0.9.7-static-devel-0.9.7e-5.1.102mdk.i586.rpm
 2aa7bb69baacd4e552ffcd1a262e4ba4  10.2/RPMS/openssl-0.9.7e-5.1.102mdk.i586.rpm
 182440988393b2c33dd7d350b4f8ec60  10.2/SRPMS/openssl-0.9.7e-5.1.102mdk.src.rpm

 Mandrakelinux 10.2/X86_64:
 5ca7610752c8170145c94aeeddedbc1e  x86_64/10.2/RPMS/lib64openssl0.9.7-0.9.7e-5.1.102mdk.x86_64.rpm
 9a1b5b77a6dddbc10355d88de59206eb  x86_64/10.2/RPMS/lib64openssl0.9.7-devel-0.9.7e-5.1.102mdk.x86_64.rpm
 d33fef3346899531526124ccf00f0c5f  x86_64/10.2/RPMS/lib64openssl0.9.7-static-devel-0.9.7e-5.1.102mdk.x86_64.rpm
 7ab4a343b30ab609360ff7ce0b89a350  x86_64/10.2/RPMS/openssl-0.9.7e-5.1.102mdk.x86_64.rpm
 182440988393b2c33dd7d350b4f8ec60  x86_64/10.2/SRPMS/openssl-0.9.7e-5.1.102mdk.src.rpm

 Corporate Server 2.1:
 6501a7b2d19013ca711281fb353dea0b  corporate/2.1/RPMS/libopenssl0-0.9.6i-1.9.C21mdk.i586.rpm
 d559b800134dd67dbb7f012fc48a807b  corporate/2.1/RPMS/libopenssl0-devel-0.9.6i-1.9.C21mdk.i586.rpm
 b6125ddcc2ba183ce6c1da6a3d1a636f  corporate/2.1/RPMS/libopenssl0-static-devel-0.9.6i-1.9.C21mdk.i586.rpm
 c2fb9fbd3ccbc10615d291fbfff2c24a  corporate/2.1/RPMS/openssl-0.9.6i-1.9.C21mdk.i586.rpm
 eeb2c5885af72a4bbe7bb67defa1dc3d  corporate/2.1/SRPMS/openssl-0.9.6i-1.9.C21mdk.src.rpm

 Corporate Server 2.1/X86_64:
 16deadec23cf0f734428c54cd30d77c1  x86_64/corporate/2.1/RPMS/libopenssl0-0.9.6i-1.9.C21mdk.x86_64.rpm
 8ebda70886c54271c9717310e58f7cf0  x86_64/corporate/2.1/RPMS/libopenssl0-devel-0.9.6i-1.9.C21mdk.x86_64.rpm
 3e71a68e38fc41d553ac0ccd113b2062  x86_64/corporate/2.1/RPMS/libopenssl0-static-devel-0.9.6i-1.9.C21mdk.x86_64.rpm
 34e577f8a74f1ccb5256da88871f175b  x86_64/corporate/2.1/RPMS/openssl-0.9.6i-1.9.C21mdk.x86_64.rpm
 eeb2c5885af72a4bbe7bb67defa1dc3d  x86_64/corporate/2.1/SRPMS/openssl-0.9.6i-1.9.C21mdk.src.rpm

 Corporate 3.0:
 dad75a0c76174530ef85eaa43b1027d0  corporate/3.0/RPMS/libopenssl0.9.7-0.9.7c-3.2.C30mdk.i586.rpm
 b3d0b4c5e81bd5c8be7205be1aa3d6a8  corporate/3.0/RPMS/libopenssl0.9.7-devel-0.9.7c-3.2.C30mdk.i586.rpm
 28ce0bb5d23162464e072676ff114ed2  corporate/3.0/RPMS/libopenssl0.9.7-static-devel-0.9.7c-3.2.C30mdk.i586.rpm
 4ee3247a813b1ddc5846d8e8cd3d683b  corporate/3.0/RPMS/openssl-0.9.7c-3.2.C30mdk.i586.rpm
 17755643bd9ab4d1e77c9299b4f98c6a  corporate/3.0/SRPMS/openssl-0.9.7c-3.2.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 1584bf57d460c30fdf46f9418066bcb7  x86_64/corporate/3.0/RPMS/lib64openssl0.9.7-0.9.7c-3.2.C30mdk.x86_64.rpm
 cbc8670bab2a5bfb0cb4ec7c5156b1b2  x86_64/corporate/3.0/RPMS/lib64openssl0.9.7-devel-0.9.7c-3.2.C30mdk.x86_64.rpm
 9e31e783e4e0f97cb4c2b746844acba7  x86_64/corporate/3.0/RPMS/lib64openssl0.9.7-static-devel-0.9.7c-3.2.C30mdk.x86_64.rpm
 a3fe1a197f4e88179cc07b58ff4602fa  x86_64/corporate/3.0/RPMS/openssl-0.9.7c-3.2.C30mdk.x86_64.rpm
 17755643bd9ab4d1e77c9299b4f98c6a  x86_64/corporate/3.0/SRPMS/openssl-0.9.7c-3.2.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFCpSTumqjQ0CJFipgRAvvAAKCu68pGzh3Kj4liHEUGO61TguiXmQCg63RI
+L74N1O01IKjacoZAeVi7ws=
=YHE9
- -----END PGP SIGNATURE-----



2.



- ----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                Mandriva Linux Security Update Advisory
 _______________________________________________________________________

 Package name:           a2ps
 Advisory ID:            MDKSA-2005:097
 Date:                   June 7th, 2005

 Affected versions:	 10.1, 10.2, Corporate 3.0,
			 Corporate Server 2.1
 ______________________________________________________________________

 Problem Description:

 The fixps and psmandup scripts, part of the a2ps package, are
 vulnerable to symlink attacks which could allow a local attacker to
 overwrite arbitrary files.  The updated packages have been patched to
 correct the problem.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1377
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.1:
 938d5b703cbeb762efd5619880208497  10.1/RPMS/a2ps-4.13b-5.2.101mdk.i586.rpm
 e0e7a61ec86b0af969cbe60008e6830f  10.1/RPMS/a2ps-devel-4.13b-5.2.101mdk.i586.rpm
 fce5b28393e1c8da6e0ea1ebdb1a2de6  10.1/RPMS/a2ps-static-devel-4.13b-5.2.101mdk.i586.rpm
 05f8fdc46bded4e920c709a781c98550  10.1/SRPMS/a2ps-4.13b-5.2.101mdk.src.rpm

 Mandrakelinux 10.1/X86_64:
 fc1fd3817e4f41ea41758a3ac53e86cd  x86_64/10.1/RPMS/a2ps-4.13b-5.2.101mdk.x86_64.rpm
 84541cd7d841c64ceccb89f2a413d450  x86_64/10.1/RPMS/a2ps-devel-4.13b-5.2.101mdk.x86_64.rpm
 acf595ef3b6f3d2a79204feec3e34208  x86_64/10.1/RPMS/a2ps-static-devel-4.13b-5.2.101mdk.x86_64.rpm
 05f8fdc46bded4e920c709a781c98550  x86_64/10.1/SRPMS/a2ps-4.13b-5.2.101mdk.src.rpm

 Mandrakelinux 10.2:
 47722386507aa7fb8c4ddbbbbcc4a20c  10.2/RPMS/a2ps-4.13b-6.1.102mdk.i586.rpm
 190e48d0b4143ac0ad911482e0b0151f  10.2/RPMS/a2ps-devel-4.13b-6.1.102mdk.i586.rpm
 4d3d6cbd4ad35999c9bff1f61f890778  10.2/RPMS/a2ps-static-devel-4.13b-6.1.102mdk.i586.rpm
 52a665ac72fec5e99b3e1412e6470063  10.2/SRPMS/a2ps-4.13b-6.1.102mdk.src.rpm

 Mandrakelinux 10.2/X86_64:
 37135cc64ba189c769851ba678532576  x86_64/10.2/RPMS/a2ps-4.13b-6.1.102mdk.x86_64.rpm
 6f4cbd5624aac20e99703072131538c7  x86_64/10.2/RPMS/a2ps-devel-4.13b-6.1.102mdk.x86_64.rpm
 4314538dcbb211c28f32abc64d9e3de8  x86_64/10.2/RPMS/a2ps-static-devel-4.13b-6.1.102mdk.x86_64.rpm
 52a665ac72fec5e99b3e1412e6470063  x86_64/10.2/SRPMS/a2ps-4.13b-6.1.102mdk.src.rpm

 Corporate Server 2.1:
 65a7ea65f589533d0aca00a6a37760ff  corporate/2.1/RPMS/a2ps-4.13-14.2.C21mdk.i586.rpm
 45c465fc3e2165e6681cccda909fb91f  corporate/2.1/RPMS/a2ps-devel-4.13-14.2.C21mdk.i586.rpm
 273f20da1e895043ee719b964b7d2b55  corporate/2.1/RPMS/a2ps-static-devel-4.13-14.2.C21mdk.i586.rpm
 58e6bdd04f757728aa63089f8b4249ac  corporate/2.1/SRPMS/a2ps-4.13-14.2.C21mdk.src.rpm

 Corporate Server 2.1/X86_64:
 d5cc8c0304f537acd89c575c7124a6c0  x86_64/corporate/2.1/RPMS/a2ps-4.13-14.2.C21mdk.x86_64.rpm
 ee85486832fbdf9873c3acfa8b73bafe  x86_64/corporate/2.1/RPMS/a2ps-devel-4.13-14.2.C21mdk.x86_64.rpm
 84c3ca054e874346bc55daeb5fea0f9f  x86_64/corporate/2.1/RPMS/a2ps-static-devel-4.13-14.2.C21mdk.x86_64.rpm
 58e6bdd04f757728aa63089f8b4249ac  x86_64/corporate/2.1/SRPMS/a2ps-4.13-14.2.C21mdk.src.rpm

 Corporate 3.0:
 859d494306ae1dca81186e2fe99b9a96  corporate/3.0/RPMS/a2ps-4.13b-5.2.C30mdk.i586.rpm
 9bd2c39d7495f18412fcd0a1412f1169  corporate/3.0/RPMS/a2ps-devel-4.13b-5.2.C30mdk.i586.rpm
 68be9c1420f80da9047bf2c7f41e861c  corporate/3.0/RPMS/a2ps-static-devel-4.13b-5.2.C30mdk.i586.rpm
 daba71e7aa523a71040a54e841bf9300  corporate/3.0/SRPMS/a2ps-4.13b-5.2.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 3d2e4b184d3ff5f19d5ce48762b25c41  x86_64/corporate/3.0/RPMS/a2ps-4.13b-5.2.C30mdk.x86_64.rpm
 7edb5fa8542f0a8216e2670a668aaf04  x86_64/corporate/3.0/RPMS/a2ps-devel-4.13b-5.2.C30mdk.x86_64.rpm
 aebaa6e7473f6fa84bd973df34ef3b96  x86_64/corporate/3.0/RPMS/a2ps-static-devel-4.13b-5.2.C30mdk.x86_64.rpm
 daba71e7aa523a71040a54e841bf9300  x86_64/corporate/3.0/SRPMS/a2ps-4.13b-5.2.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFCpgvJmqjQ0CJFipgRAheSAJ9orZvyngdNmOlbIwh4uRPqQi8tMACgmJxw
EiHp0Bt4ppEs0n/AGblpMuc=
=t8PQ
- -----END PGP SIGNATURE-----



- ----------------------------------------------------------------------------------

For additional information or assistance, please contact the HELP Desk by 
telephone or Not Protectively Marked information may be sent via 
EMail to: uniras@xxxxxxxxxxxx

Office Hours:
Mon - Fri: 08:30 - 17:00 Hrs
Tel: +44 (0) 870 487 0748 Ext 4511
Fax: +44 (0) 870 487 0749

Outside of Office Hours:
On Call Duty Officer:
Tel: +44 (0) 870 487 0748 and follow the prompts

- ----------------------------------------------------------------------------------
UNIRAS wishes to acknowledge the contributions of Mandriva for the information 
contained in this Briefing. 
- ----------------------------------------------------------------------------------
This Briefing contains the information released by the original author. Some 
of the information may have changed since it was released. If the vulnerability 
affects you, it may be prudent to retrieve the advisory from the canonical site 
to ensure that you receive the most current information concerning that problem.

Reference to any specific commercial product, process, or service by trade 
name, trademark manufacturer, or otherwise, does not constitute or imply 
its endorsement, recommendation, or favouring by UNIRAS or NISCC.  The views 
and opinions of authors expressed within this notice shall not be used for 
advertising or product endorsement purposes.

Neither UNIRAS or NISCC shall also accept responsibility for any errors 
or omissions contained within this briefing notice. In particular, they shall 
not be liable for any loss or damage whatsoever, arising from or in connection 
with the usage of information contained within this notice.

UNIRAS is a member of the Forum of Incident Response and Security Teams (FIRST) 
and has contacts with other international Incident Response Teams (IRTs) in 
order to foster cooperation and coordination in incident prevention, to prompt 
rapid reaction to incidents, and to promote information sharing amongst its 
members and the community at large. 
- ----------------------------------------------------------------------------------
<End of UNIRAS Briefing>

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0

iQCVAwUBQqcJLopao72zK539AQHkvQQAtUTbt4Pdo9DyMyQQ+eHA15sXVA5+TOdP
4RhNtBWBSZAvb7kOxtlJxk9qSWDZPwD3Hf1a4RqTBIPIZBjAAmYmznVejZl29dto
fHpm93gH5TvnyQr1vMdflvHjBicSAzYotMy47R+ZzTAgNfXUtoAm9hHqD/f7hrpx
sKveisc6+7U=
=VjTk
-----END PGP SIGNATURE-----


______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________

______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________