[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

UNIRAS Brief - 486/05 - Two Mandriva Linux Security Update Advisories:



 
-----BEGIN PGP SIGNED MESSAGE-----

- ----------------------------------------------------------------------------------
   UNIRAS (UK Govt CERT) Briefing Notice - 486/05 dated 29.06.05  Time: 14:55  
  UNIRAS is part of NISCC (National Infrastructure Security Co-ordination Centre)
- ---------------------------------------------------------------------------------- 
  UNIRAS material is also available from its website at www.uniras.gov.uk and
         Information about NISCC is available from www.niscc.gov.uk
- ----------------------------------------------------------------------------------

Title
=====

Two Mandriva Linux Security Update Advisories:
1. MDKSA-2005:106 - spamassassin
2. MDKSA-2005:107 - ImageMagick
             
Detail
====== 

1. A Denial of Service bug was discovered in SpamAssassin.  An attacker
 could construct a particular message that would cause SpamAssassin to
 consume CPU resources.  If a large number of these messages were sent,
 it could lead to a DoS.  SpamAssassin 3.0.4 was released to correct
 this vulnerability, as well as other minor bug fixes, and is provided
 with this update.

2. A heap-based buffer overflow was found in the way that ImageMagick
 parses PNM files.  If an attacker can trick a victim into opening
 a specially crafted PNM file, the attacker could execute arbitrary
 code on the victim's machine (CAN-2005-1275).



1.



- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                Mandriva Linux Security Update Advisory
 _______________________________________________________________________

 Package name:           spamassassin
 Advisory ID:            MDKSA-2005:106
 Date:                   June 28th, 2005

 Affected versions:	 10.1, 10.2
 ______________________________________________________________________

 Problem Description:

 A Denial of Service bug was discovered in SpamAssassin.  An attacker
 could construct a particular message that would cause SpamAssassin to
 consume CPU resources.  If a large number of these messages were sent,
 it could lead to a DoS.  SpamAssassin 3.0.4 was released to correct
 this vulnerability, as well as other minor bug fixes, and is provided
 with this update.
 
 For full details on the changes from previous versions of SpamAssassin
 to this current version, please refer to the online documentation at
 http://wiki.apache.org/spamassassin/NextRelease.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1266
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.1:
 70c3144fdfc90df050e058e788724af2  10.1/RPMS/perl-Mail-SpamAssassin-3.0.4-0.1.101mdk.i586.rpm
 a812132eaa7d2f5037b9d813a0ddb2d4  10.1/RPMS/spamassassin-3.0.4-0.1.101mdk.i586.rpm
 34ac7694b8a0d4757dc1e9514cb89abe  10.1/RPMS/spamassassin-spamc-3.0.4-0.1.101mdk.i586.rpm
 4771bb089113c7fcfe8fc76705c9a1d6  10.1/RPMS/spamassassin-spamd-3.0.4-0.1.101mdk.i586.rpm
 3dc5eb25ed5fbaf97126987fa6fef2a0  10.1/RPMS/spamassassin-tools-3.0.4-0.1.101mdk.i586.rpm
 5f5e0a9d95abf8a8c914b453a200622f  10.1/SRPMS/spamassassin-3.0.4-0.1.101mdk.src.rpm

 Mandrakelinux 10.1/X86_64:
 907ae240ba0c1383ffac92b6e44bf9b8  x86_64/10.1/RPMS/perl-Mail-SpamAssassin-3.0.4-0.1.101mdk.x86_64.rpm
 e4c381dce8549f1dcc0e193492344633  x86_64/10.1/RPMS/spamassassin-3.0.4-0.1.101mdk.x86_64.rpm
 e519886d73606721c7d039a781e48bf8  x86_64/10.1/RPMS/spamassassin-spamc-3.0.4-0.1.101mdk.x86_64.rpm
 cc9047d8bfc0f7dca47a8d20a4acdaba  x86_64/10.1/RPMS/spamassassin-spamd-3.0.4-0.1.101mdk.x86_64.rpm
 30a1796d9714c2f97fe18543611861ee  x86_64/10.1/RPMS/spamassassin-tools-3.0.4-0.1.101mdk.x86_64.rpm
 5f5e0a9d95abf8a8c914b453a200622f  x86_64/10.1/SRPMS/spamassassin-3.0.4-0.1.101mdk.src.rpm

 Mandrakelinux 10.2:
 968684a2cb5837f7b5c807e7cb84ac27  10.2/RPMS/perl-Mail-SpamAssassin-3.0.4-0.1.102mdk.i586.rpm
 b674284aeb77b560fcabea2e5cb3ea76  10.2/RPMS/spamassassin-3.0.4-0.1.102mdk.i586.rpm
 5fe7625fbea7970929efb0d34910d6e8  10.2/RPMS/spamassassin-spamc-3.0.4-0.1.102mdk.i586.rpm
 ca728cf0e5e798758c0e3c1a89e52996  10.2/RPMS/spamassassin-spamd-3.0.4-0.1.102mdk.i586.rpm
 94b9919c9afba79815ddf391f18ae9e7  10.2/RPMS/spamassassin-tools-3.0.4-0.1.102mdk.i586.rpm
 c0f1a6eda5f0e91c5630e81f2ec4a04c  10.2/SRPMS/spamassassin-3.0.4-0.1.102mdk.src.rpm

 Mandrakelinux 10.2/X86_64:
 e58fbab242a1dbfc66b9a038c9ad31ef  x86_64/10.2/RPMS/perl-Mail-SpamAssassin-3.0.4-0.1.102mdk.x86_64.rpm
 f52acfcca9d854c597462ef96cd0d60e  x86_64/10.2/RPMS/spamassassin-3.0.4-0.1.102mdk.x86_64.rpm
 434c6842488b18e288ed44e77ae83e9a  x86_64/10.2/RPMS/spamassassin-spamc-3.0.4-0.1.102mdk.x86_64.rpm
 3e6d8eecb483210d5a7504da27d7c109  x86_64/10.2/RPMS/spamassassin-spamd-3.0.4-0.1.102mdk.x86_64.rpm
 14af3895888adfcffd1ea48feeee38b8  x86_64/10.2/RPMS/spamassassin-tools-3.0.4-0.1.102mdk.x86_64.rpm
 c0f1a6eda5f0e91c5630e81f2ec4a04c  x86_64/10.2/SRPMS/spamassassin-3.0.4-0.1.102mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFCwbJwmqjQ0CJFipgRAjI4AJ9oDGjcRP2Z5UUGBpZTH9ldn0iGmgCff8UQ
bK9gcCcIrGT00bRCOv1NinQ=
=Hdy6
- -----END PGP SIGNATURE-----


2.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                Mandriva Linux Security Update Advisory
 _______________________________________________________________________

 Package name:           ImageMagick
 Advisory ID:            MDKSA-2005:107
 Date:                   June 28th, 2005

 Affected versions:	 10.1, 10.2, Corporate 3.0,
			 Corporate Server 2.1
 ______________________________________________________________________

 Problem Description:

 A heap-based buffer overflow was found in the way that ImageMagick
 parses PNM files.  If an attacker can trick a victim into opening
 a specially crafted PNM file, the attacker could execute arbitrary
 code on the victim's machine (CAN-2005-1275).
 
 As well, a Denial of Service vulnerability was found in the way
 that ImageMagick parses XWD files.  If a user or program executed
 ImageMagick to process a malicious XWD file, ImageMagick will enter
 info an infinite loop causing a DoS (CAN-2005-1739).
 
 The updated packages have been patched to fix these issues.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1275
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1739
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.1:
 7204ab3971632313f7ae847da62af4c5  10.1/RPMS/ImageMagick-6.0.4.4-5.3.101mdk.i586.rpm
 bff95b521ea8c8e2a159495c25e51efc  10.1/RPMS/ImageMagick-doc-6.0.4.4-5.3.101mdk.i586.rpm
 d65c0c50a3d40ceac62bae4fe0088ecb  10.1/RPMS/libMagick6.4.0-6.0.4.4-5.3.101mdk.i586.rpm
 878c21b19aa7afebdaa779b9b3ef71d3  10.1/RPMS/libMagick6.4.0-devel-6.0.4.4-5.3.101mdk.i586.rpm
 5c5fc0b42c710313e8e6d42628ab70b5  10.1/RPMS/perl-Magick-6.0.4.4-5.3.101mdk.i586.rpm
 d68f51a677e771ae20b4ff91d1792773  10.1/SRPMS/ImageMagick-6.0.4.4-5.3.101mdk.src.rpm

 Mandrakelinux 10.1/X86_64:
 798ffe25847a9c9e0cc3592c9eb01860  x86_64/10.1/RPMS/ImageMagick-6.0.4.4-5.3.101mdk.x86_64.rpm
 ef92b2e22fa6ac4c9d39b84412d1f115  x86_64/10.1/RPMS/ImageMagick-doc-6.0.4.4-5.3.101mdk.x86_64.rpm
 e5653abbf08119cabba8535b6aa988d9  x86_64/10.1/RPMS/lib64Magick6.4.0-6.0.4.4-5.3.101mdk.x86_64.rpm
 c364fae31c3dd29641bda09bccf283fe  x86_64/10.1/RPMS/lib64Magick6.4.0-devel-6.0.4.4-5.3.101mdk.x86_64.rpm
 0a65d39ff4b976c45ace888f62c6a73e  x86_64/10.1/RPMS/perl-Magick-6.0.4.4-5.3.101mdk.x86_64.rpm
 d68f51a677e771ae20b4ff91d1792773  x86_64/10.1/SRPMS/ImageMagick-6.0.4.4-5.3.101mdk.src.rpm

 Mandrakelinux 10.2:
 9a9011f107558829fcb232fd85d556dc  10.2/RPMS/ImageMagick-6.2.0.3-8.1.102mdk.i586.rpm
 47c28aa693bd83166100451b958dd3b8  10.2/RPMS/ImageMagick-doc-6.2.0.3-8.1.102mdk.i586.rpm
 d0844c92f73aef8e29a12e2cc8c3d946  10.2/RPMS/libMagick8.0.2-6.2.0.3-8.1.102mdk.i586.rpm
 5c7640c27cea8164a42d5f3048c4aac3  10.2/RPMS/libMagick8.0.2-devel-6.2.0.3-8.1.102mdk.i586.rpm
 eecc10db3e0633056039b7e3b6c0269b  10.2/RPMS/perl-Image-Magick-6.2.0.3-8.1.102mdk.i586.rpm
 a0107084465ecdd25a967bc865282c8e  10.2/SRPMS/ImageMagick-6.2.0.3-8.1.102mdk.src.rpm

 Mandrakelinux 10.2/X86_64:
 6b7cc28d1fdb66d0eda4206f2b47deff  x86_64/10.2/RPMS/ImageMagick-6.2.0.3-8.1.102mdk.x86_64.rpm
 6864d0102bfb382d997c0325a80ba199  x86_64/10.2/RPMS/ImageMagick-doc-6.2.0.3-8.1.102mdk.x86_64.rpm
 5efd08cab8bbb20c4fb736f01d11aab0  x86_64/10.2/RPMS/lib64Magick8.0.2-6.2.0.3-8.1.102mdk.x86_64.rpm
 408fd0dd00b46295a7aff30dc5271c43  x86_64/10.2/RPMS/lib64Magick8.0.2-devel-6.2.0.3-8.1.102mdk.x86_64.rpm
 d6d790e26c405512a1ab7000cbb8ea02  x86_64/10.2/RPMS/perl-Image-Magick-6.2.0.3-8.1.102mdk.x86_64.rpm
 a0107084465ecdd25a967bc865282c8e  x86_64/10.2/SRPMS/ImageMagick-6.2.0.3-8.1.102mdk.src.rpm

 Corporate Server 2.1:
 404ebb17078c3f09a86217afdb958407  corporate/2.1/RPMS/ImageMagick-5.4.8.3-2.4.C21mdk.i586.rpm
 7aec358404c3c43708bd171f93abda6a  corporate/2.1/RPMS/libMagick5-5.4.8.3-2.4.C21mdk.i586.rpm
 d89eef776bb0709fb7834aa2caa9df83  corporate/2.1/RPMS/libMagick5-devel-5.4.8.3-2.4.C21mdk.i586.rpm
 b2d796af8410f867f3f02f16b977e646  corporate/2.1/RPMS/perl-Magick-5.4.8.3-2.4.C21mdk.i586.rpm
 fc428f61f00a13dab91a583bf7c037b1  corporate/2.1/SRPMS/ImageMagick-5.4.8.3-2.4.C21mdk.src.rpm

 Corporate Server 2.1/X86_64:
 24db2c7377eeecfcb6bff42835a5408e  x86_64/corporate/2.1/RPMS/ImageMagick-5.4.8.3-2.4.C21mdk.x86_64.rpm
 aa24822cb61e3013cc231e9b32b7c239  x86_64/corporate/2.1/RPMS/libMagick5-5.4.8.3-2.4.C21mdk.x86_64.rpm
 7b7086a467ee0b3ef2db9158b37026c8  x86_64/corporate/2.1/RPMS/libMagick5-devel-5.4.8.3-2.4.C21mdk.x86_64.rpm
 ebfffce996bf42b1def96109449da752  x86_64/corporate/2.1/RPMS/perl-Magick-5.4.8.3-2.4.C21mdk.x86_64.rpm
 fc428f61f00a13dab91a583bf7c037b1  x86_64/corporate/2.1/SRPMS/ImageMagick-5.4.8.3-2.4.C21mdk.src.rpm

 Corporate 3.0:
 7c8ac61f65fb056784da754055f29e98  corporate/3.0/RPMS/ImageMagick-5.5.7.15-6.4.C30mdk.i586.rpm
 4c353e45b5b324533149042836076e0a  corporate/3.0/RPMS/ImageMagick-doc-5.5.7.15-6.4.C30mdk.i586.rpm
 1f4a50bf076d4eb0c09130f5e1fb663b  corporate/3.0/RPMS/libMagick5.5.7-5.5.7.15-6.4.C30mdk.i586.rpm
 56c938c54a8e032a72f38bbdbfce0c6b  corporate/3.0/RPMS/libMagick5.5.7-devel-5.5.7.15-6.4.C30mdk.i586.rpm
 1a7ef96b56e35e9afbe2b33a02e2eeba  corporate/3.0/RPMS/perl-Magick-5.5.7.15-6.4.C30mdk.i586.rpm
 478a29a256c3418fe826746f761f9dd0  corporate/3.0/SRPMS/ImageMagick-5.5.7.15-6.4.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 cb784d42be12ece05ad872a45da61e3d  x86_64/corporate/3.0/RPMS/ImageMagick-5.5.7.15-6.4.C30mdk.x86_64.rpm
 076932dfe4a0975c14f7f6027ed650dd  x86_64/corporate/3.0/RPMS/ImageMagick-doc-5.5.7.15-6.4.C30mdk.x86_64.rpm
 4ee3b5ffb7aa2496e1ad6448d23e48db  x86_64/corporate/3.0/RPMS/lib64Magick5.5.7-5.5.7.15-6.4.C30mdk.x86_64.rpm
 eb7d4c0aa93e759890c906fe3a89f43c  x86_64/corporate/3.0/RPMS/lib64Magick5.5.7-devel-5.5.7.15-6.4.C30mdk.x86_64.rpm
 a20da02a6fd0d101ff7166c836f5da91  x86_64/corporate/3.0/RPMS/perl-Magick-5.5.7.15-6.4.C30mdk.x86_64.rpm
 478a29a256c3418fe826746f761f9dd0  x86_64/corporate/3.0/SRPMS/ImageMagick-5.5.7.15-6.4.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFCwbOcmqjQ0CJFipgRAo3AAJ4vO8Oy8yjSNJa4XlQTkC3V53TBRACeNzqg
lEQSLcV9DD+pkBjjbWHBLpQ=
=ZDkd
- -----END PGP SIGNATURE-----


- ----------------------------------------------------------------------------------

For additional information or assistance, please contact the HELP Desk by 
telephone or Not Protectively Marked information may be sent via 
EMail to: uniras@xxxxxxxxxxxx

Office Hours:
Mon - Fri: 08:30 - 17:00 Hrs
Tel: +44 (0) 870 487 0748 Ext 4511
Fax: +44 (0) 870 487 0749

Outside of Office Hours:
On Call Duty Officer:
Tel: +44 (0) 870 487 0748 and follow the prompts

- ----------------------------------------------------------------------------------
UNIRAS wishes to acknowledge the contributions of Mandriva for the information 
contained in this Briefing. 
- ----------------------------------------------------------------------------------
This Briefing contains the information released by the original author. Some 
of the information may have changed since it was released. If the vulnerability 
affects you, it may be prudent to retrieve the advisory from the canonical site 
to ensure that you receive the most current information concerning that problem.

Reference to any specific commercial product, process, or service by trade 
name, trademark manufacturer, or otherwise, does not constitute or imply 
its endorsement, recommendation, or favouring by UNIRAS or NISCC.  The views 
and opinions of authors expressed within this notice shall not be used for 
advertising or product endorsement purposes.

Neither UNIRAS or NISCC shall also accept responsibility for any errors 
or omissions contained within this briefing notice. In particular, they shall 
not be liable for any loss or damage whatsoever, arising from or in connection 
with the usage of information contained within this notice.

UNIRAS is a member of the Forum of Incident Response and Security Teams (FIRST) 
and has contacts with other international Incident Response Teams (IRTs) in 
order to foster cooperation and coordination in incident prevention, to prompt 
rapid reaction to incidents, and to promote information sharing amongst its 
members and the community at large. 
- ----------------------------------------------------------------------------------
<End of UNIRAS Briefing>

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0

iQCVAwUBQsKnwopao72zK539AQEHbAQAqLH/9c/2WDAFQc+i2EmfIH79aBtGf/rK
99wV8NPrCBDLet0DCk+v6RTKwLcSB9G9IdhQs2Plt6nMDYoSW7SiJhZGB+b8ruvO
O35J9ErYabj91+EK0vofa5x3nWuvUuZ6SyxRHC61kQ29o3mdZYCgBDZNg60AvpzW
o4y3Dro2BGg=
=NrbV
-----END PGP SIGNATURE-----


______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________

______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________