[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

UNIRAS Brief - 539/05 - Mandriva - Four Security Update Advisories



 
-----BEGIN PGP SIGNED MESSAGE-----

- ----------------------------------------------------------------------------------
   UNIRAS (UK Govt CERT) Briefing Notice - 539/05 dated 14.07.05  Time: 11:00  
  UNIRAS is part of NISCC (National Infrastructure Security Co-ordination Centre)
- ---------------------------------------------------------------------------------- 
  UNIRAS material is also available from its website at www.uniras.gov.uk and
         Information about NISCC is available from www.niscc.gov.uk
- ----------------------------------------------------------------------------------

Title
=====

Mandriva - Four Security Update Advisories:
     1.  Updated dhcpcd packages fix vulnerabilities                   [MDKSA-2005:117]
     2.  Updated ruby packages fix vulnerabilities                     [MDKSA-2005:118]
     3.  Updated krb5 packages fix multiple vulnerabilities            [MDKSA-2005:119]
     4.  Updated mozilla-firefox packages fix multiple vulnerabilities [MDKSA-2005:120]


Detail
====== 

Security update advisory summaries:

     1.  It has been discovered that the dhcpcd DHCP client could be tricked
         into reading past the end of the supplied DHCP buffer, which could
         lead to the daemon crashing.

     2.  A vulnerability was discovered in ruby version 1.8 that could allow for
         the execution of arbitrary commands on a server running the ruby xmlrpc
         server.

     3.  A number of vulnerabilities have been corrected in this Kerberos
         update.

     4.  A number of vulnerabilities were reported and fixed in Firefox 1.0.5
         and Mozilla 1.7.9.


Security update advisory content follows:


1.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                Mandriva Linux Security Update Advisory
 _______________________________________________________________________

 Package name:           dhcpcd
 Advisory ID:            MDKSA-2005:117
 Date:                   July 12th, 2005

 Affected versions:	 10.1, 10.2, Corporate 3.0
 ______________________________________________________________________

 Problem Description:

 "infamous42md" discovered that the dhcpcd DHCP client could be tricked
 into reading past the end of the supplied DHCP buffer, which could
 lead to the daemon crashing.
 
 The updated packages have been patched to address this issue.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1848
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.1:
 c690959dc0ba51327c85856cc42c0c05  10.1/RPMS/dhcpcd-1.3.22pl4-4.1.101mdk.i586.rpm
 6b830a9a614025aa26c74c831dbbcd24  10.1/SRPMS/dhcpcd-1.3.22pl4-4.1.101mdk.src.rpm

 Mandrakelinux 10.1/X86_64:
 190a7e068611249ab13eba7f0754f30a  x86_64/10.1/RPMS/dhcpcd-1.3.22pl4-4.1.101mdk.x86_64.rpm
 6b830a9a614025aa26c74c831dbbcd24  x86_64/10.1/SRPMS/dhcpcd-1.3.22pl4-4.1.101mdk.src.rpm

 Mandrakelinux 10.2:
 8d7e2e4f9dd145c72dfa06b662437206  10.2/RPMS/dhcpcd-1.3.22pl4-4.1.102mdk.i586.rpm
 f88321c6e99e6ecdd614e79dd938d6b4  10.2/SRPMS/dhcpcd-1.3.22pl4-4.1.102mdk.src.rpm

 Mandrakelinux 10.2/X86_64:
 442b745b6d43b1fca68a9843e8c55c94  x86_64/10.2/RPMS/dhcpcd-1.3.22pl4-4.1.102mdk.x86_64.rpm
 f88321c6e99e6ecdd614e79dd938d6b4  x86_64/10.2/SRPMS/dhcpcd-1.3.22pl4-4.1.102mdk.src.rpm

 Corporate 3.0:
 f12b8268879122dbfbb348856578701e  corporate/3.0/RPMS/dhcpcd-1.3.22pl4-4.1.C30mdk.i586.rpm
 3f8e81acc938dd89f9a576cf50baff5f  corporate/3.0/SRPMS/dhcpcd-1.3.22pl4-4.1.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 2dc6f10ac3905c162177222ce57406a0  x86_64/corporate/3.0/RPMS/dhcpcd-1.3.22pl4-4.1.C30mdk.x86_64.rpm
 3f8e81acc938dd89f9a576cf50baff5f  x86_64/corporate/3.0/SRPMS/dhcpcd-1.3.22pl4-4.1.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFC1F2vmqjQ0CJFipgRArOSAKDWo0O1N7l6tQF2GZWz1Qu3f51pigCg6DIQ
tC+ZaJj4e7hHldguWiHBbt4=
=dOUk
- -----END PGP SIGNATURE-----



2.



- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                Mandriva Linux Security Update Advisory
 _______________________________________________________________________

 Package name:           ruby
 Advisory ID:            MDKSA-2005:118
 Date:                   July 12th, 2005

 Affected versions:	 10.1, 10.2, Corporate 3.0
 ______________________________________________________________________

 Problem Description:

 A vulnerability was discovered in ruby version 1.8 that could allow for
 the execution of arbitrary commands on a server running the ruby xmlrpc
 server.
 
 The updated packages have been patched to address this issue.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1992
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.1:
 043863c657386a3854a0360efe400485  10.1/RPMS/ruby-1.8.1-4.3.101mdk.i586.rpm
 2a8de5aaf553cae5ba5fc4ce64989c2a  10.1/RPMS/ruby-devel-1.8.1-4.3.101mdk.i586.rpm
 b05c05c460299fb987781b1a7bcb76a3  10.1/RPMS/ruby-doc-1.8.1-4.3.101mdk.i586.rpm
 a639754ad5ddec161d3e6310d2c8f597  10.1/RPMS/ruby-tk-1.8.1-4.3.101mdk.i586.rpm
 6b8c255d78584b374868f68c0fba1f9a  10.1/SRPMS/ruby-1.8.1-4.3.101mdk.src.rpm

 Mandrakelinux 10.1/X86_64:
 422ce1ef49205b71ec46cba5b324596e  x86_64/10.1/RPMS/ruby-1.8.1-4.3.101mdk.x86_64.rpm
 9cd8d758760b3a6f8e2d294b49974795  x86_64/10.1/RPMS/ruby-devel-1.8.1-4.3.101mdk.x86_64.rpm
 d1f77bd35fec7be67c174d421004cc99  x86_64/10.1/RPMS/ruby-doc-1.8.1-4.3.101mdk.x86_64.rpm
 ff201be467588f67119dac4c77d2451d  x86_64/10.1/RPMS/ruby-tk-1.8.1-4.3.101mdk.x86_64.rpm
 6b8c255d78584b374868f68c0fba1f9a  x86_64/10.1/SRPMS/ruby-1.8.1-4.3.101mdk.src.rpm

 Mandrakelinux 10.2:
 1abe15ec37c10254da6f869a91f462d6  10.2/RPMS/ruby-1.8.2-6.1.102mdk.i586.rpm
 69902e1e9f69fa0417de527b86b08129  10.2/RPMS/ruby-devel-1.8.2-6.1.102mdk.i586.rpm
 79d13e6dc12446bf0d4ceba8f3891746  10.2/RPMS/ruby-doc-1.8.2-6.1.102mdk.i586.rpm
 4d1bae45003f12c8f640354654d08c66  10.2/RPMS/ruby-tk-1.8.2-6.1.102mdk.i586.rpm
 72470b9bdecc8085247dd3ea9bfd026e  10.2/SRPMS/ruby-1.8.2-6.1.102mdk.src.rpm

 Mandrakelinux 10.2/X86_64:
 6defbc537392fd90ca86512ec16f84ba  x86_64/10.2/RPMS/ruby-1.8.2-6.1.102mdk.x86_64.rpm
 42f826518c7e2d7184409006156e85a1  x86_64/10.2/RPMS/ruby-devel-1.8.2-6.1.102mdk.x86_64.rpm
 be826ba64425c2b6257ae2106311c4ba  x86_64/10.2/RPMS/ruby-doc-1.8.2-6.1.102mdk.x86_64.rpm
 a229474a25b363f856dc73999e620409  x86_64/10.2/RPMS/ruby-tk-1.8.2-6.1.102mdk.x86_64.rpm
 72470b9bdecc8085247dd3ea9bfd026e  x86_64/10.2/SRPMS/ruby-1.8.2-6.1.102mdk.src.rpm

 Corporate 3.0:
 ee7b55f434cddfabbb51ff7de4b4300a  corporate/3.0/RPMS/ruby-1.8.1-1.3.C30mdk.i586.rpm
 8f30c891611ec8a94f2547ea9d6fc4f5  corporate/3.0/RPMS/ruby-devel-1.8.1-1.3.C30mdk.i586.rpm
 82012434d3fe44cfd6d3f22643382134  corporate/3.0/RPMS/ruby-doc-1.8.1-1.3.C30mdk.i586.rpm
 fac1f5244b97d58523ddf13afa550889  corporate/3.0/RPMS/ruby-tk-1.8.1-1.3.C30mdk.i586.rpm
 7781778b81a36b85cfb60424337ab463  corporate/3.0/SRPMS/ruby-1.8.1-1.3.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 8dccd5b797263c2784a6159bdf1b4614  x86_64/corporate/3.0/RPMS/ruby-1.8.1-1.3.C30mdk.x86_64.rpm
 89b25dcefd9e99b9b67255f1ed862946  x86_64/corporate/3.0/RPMS/ruby-devel-1.8.1-1.3.C30mdk.x86_64.rpm
 24559489e7e1aebe6f7f788caa31d0c3  x86_64/corporate/3.0/RPMS/ruby-doc-1.8.1-1.3.C30mdk.x86_64.rpm
 2737e9bdaafe436bcec1a367d4c80c82  x86_64/corporate/3.0/RPMS/ruby-tk-1.8.1-1.3.C30mdk.x86_64.rpm
 7781778b81a36b85cfb60424337ab463  x86_64/corporate/3.0/SRPMS/ruby-1.8.1-1.3.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFC1F6SmqjQ0CJFipgRApk6AKDYfxK9rSRXzCjoUrweytJnimPijQCeJa46
/RtageXCJm+dnkONlvjpd2Q=
=X4d+
- -----END PGP SIGNATURE-----



3.



- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                Mandriva Linux Security Update Advisory
 _______________________________________________________________________

 Package name:           krb5
 Advisory ID:            MDKSA-2005:119
 Date:                   July 13th, 2005

 Affected versions:	 10.0, 10.1, 10.2, Corporate 3.0,
			 Corporate Server 2.1,
			 Multi Network Firewall 2.0
 ______________________________________________________________________

 Problem Description:

 A number of vulnerabilities have been corrected in this Kerberos
 update:
 
 The rcp protocol would allow a server to instruct a client to write to
 arbitrary files outside of the current directory.  The Kerberos-aware
 rcp could be abused to copy files from a malicious server
 (CAN-2004-0175).
 
 Gael Delalleau discovered an information disclosure vulnerability in
 the way some telnet clients handled messages from a server.  This could
 be abused by a malicious telnet server to collect information from the
 environment of any victim connecting to the server using the Kerberos-
 aware telnet client (CAN-2005-0488).
 
 Daniel Wachdorf disovered that in error conditions that could occur in
 response to correctly-formatted client requests, the Kerberos 5 KDC may
 attempt to free uninitialized memory, which could cause the KDC to
 crash resulting in a Denial of Service (CAN-2005-1174).
 
 Daniel Wachdorf also discovered a single-byte heap overflow in the
 krb5_unparse_name() function that could, if successfully exploited,
 lead to a crash, resulting in a DoS.  To trigger this flaw, an attacker
 would need to have control of a Kerberos realm that shares a cross-
 realm key with the target (CAN-2005-1175).
 
 Finally, a double-free flaw was discovered in the krb5_recvauth()
 routine which could be triggered by a remote unauthenticated attacker.
 This issue could potentially be exploited to allow for the execution of
 arbitrary code on a KDC.  No exploit is currently known to exist
 (CAN-2005-1689).
 
 The updated packages have been patched to address this issue and
 Mandriva urges all users to upgrade to these packages as quickly as
 possible.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0175
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0488
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1174
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1175
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1689
  http://www.kb.cert.org/vuls/id/623332
  http://www.kb.cert.org/vuls/id/259798
  http://www.kb.cert.org/vuls/id/885830
  http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2005-002-kdc.txt
  http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2005-003-recvauth.txt
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.0:
 c87b9ac1660b8cb7909f0d7809e60c16  10.0/RPMS/ftp-client-krb5-1.3-6.6.100mdk.i586.rpm
 6f42470b37ea66bb7570694acf4b170c  10.0/RPMS/ftp-server-krb5-1.3-6.6.100mdk.i586.rpm
 bf802310809218151a91f70b431f58f7  10.0/RPMS/krb5-server-1.3-6.6.100mdk.i586.rpm
 dd0120f441cbe289189c98d1a6e7c9b5  10.0/RPMS/krb5-workstation-1.3-6.6.100mdk.i586.rpm
 69c40a89709e887063a3e817325125b9  10.0/RPMS/libkrb51-1.3-6.6.100mdk.i586.rpm
 34a0289675fc35576e2cb715a6e2117b  10.0/RPMS/libkrb51-devel-1.3-6.6.100mdk.i586.rpm
 bed8b731d7e752b4bcffe98abdbd7d3e  10.0/RPMS/telnet-client-krb5-1.3-6.6.100mdk.i586.rpm
 7b01eaa867670ef32aafc0c62d1e9b01  10.0/RPMS/telnet-server-krb5-1.3-6.6.100mdk.i586.rpm
 7b00ffd04e5fb1328a8ecfc3bad58827  10.0/SRPMS/krb5-1.3-6.6.100mdk.src.rpm

 Mandrakelinux 10.0/AMD64:
 174fdb05eb1f32630ff9e7796800f554  amd64/10.0/RPMS/ftp-client-krb5-1.3-6.6.100mdk.amd64.rpm
 97eb89e96cccdd269d1aed4c19d0c31c  amd64/10.0/RPMS/ftp-server-krb5-1.3-6.6.100mdk.amd64.rpm
 f57777163fcbca96e8f032fe22134414  amd64/10.0/RPMS/krb5-server-1.3-6.6.100mdk.amd64.rpm
 befa694e6b367b7ad9ac6f127edb28c4  amd64/10.0/RPMS/krb5-workstation-1.3-6.6.100mdk.amd64.rpm
 caaa22fb8566f59f749234cb6d2065f1  amd64/10.0/RPMS/lib64krb51-1.3-6.6.100mdk.amd64.rpm
 8f869dbf84022f913fc14841741cba82  amd64/10.0/RPMS/lib64krb51-devel-1.3-6.6.100mdk.amd64.rpm
 83d63d52ab2fa1545a8bfbcd81cf4b89  amd64/10.0/RPMS/telnet-client-krb5-1.3-6.6.100mdk.amd64.rpm
 ba7fc18ac57bda1f05aaf42c82dcd196  amd64/10.0/RPMS/telnet-server-krb5-1.3-6.6.100mdk.amd64.rpm
 7b00ffd04e5fb1328a8ecfc3bad58827  amd64/10.0/SRPMS/krb5-1.3-6.6.100mdk.src.rpm

 Mandrakelinux 10.1:
 fb9247177c9a8e1c97058458c70e6a38  10.1/RPMS/ftp-client-krb5-1.3.4-2.3.101mdk.i586.rpm
 dc55f0d19df94d5c4314ba7476d267f7  10.1/RPMS/ftp-server-krb5-1.3.4-2.3.101mdk.i586.rpm
 0a87d233095d1cd13ee637153dcc5b59  10.1/RPMS/krb5-server-1.3.4-2.3.101mdk.i586.rpm
 f8e4067a77c9d5bb681d2460bf2063b9  10.1/RPMS/krb5-workstation-1.3.4-2.3.101mdk.i586.rpm
 e0d4e8e580f3b6499bc405aed49552d3  10.1/RPMS/libkrb53-1.3.4-2.3.101mdk.i586.rpm
 73e3abef9c847fe90db56483531a1cf1  10.1/RPMS/libkrb53-devel-1.3.4-2.3.101mdk.i586.rpm
 ab219aaacc9c024b737f323350f20745  10.1/RPMS/telnet-client-krb5-1.3.4-2.3.101mdk.i586.rpm
 59950fc14b9ebde521822ceb72e020b5  10.1/RPMS/telnet-server-krb5-1.3.4-2.3.101mdk.i586.rpm
 b6791f0e031795f328a2373bd6bff4af  10.1/SRPMS/krb5-1.3.4-2.3.101mdk.src.rpm

 Mandrakelinux 10.1/X86_64:
 7cc15d17e2dd069951ae1033e2e5da0f  x86_64/10.1/RPMS/ftp-client-krb5-1.3.4-2.3.101mdk.x86_64.rpm
 08d8d3cd6b8e3be3a0647feb3a041cc0  x86_64/10.1/RPMS/ftp-server-krb5-1.3.4-2.3.101mdk.x86_64.rpm
 6ef2f47ace0c658673c20e7428058b3f  x86_64/10.1/RPMS/krb5-server-1.3.4-2.3.101mdk.x86_64.rpm
 eb7c38bbfacd43534d2508872ae07637  x86_64/10.1/RPMS/krb5-workstation-1.3.4-2.3.101mdk.x86_64.rpm
 911d542523934cae7891eb3aa1b4c22c  x86_64/10.1/RPMS/lib64krb53-1.3.4-2.3.101mdk.x86_64.rpm
 42c8a131ea1bb6b4a71826fa0367dcd9  x86_64/10.1/RPMS/lib64krb53-devel-1.3.4-2.3.101mdk.x86_64.rpm
 991aadec0a33745198589b1619f42190  x86_64/10.1/RPMS/telnet-client-krb5-1.3.4-2.3.101mdk.x86_64.rpm
 9fecbd14c5b908416e2eb5b8b7900602  x86_64/10.1/RPMS/telnet-server-krb5-1.3.4-2.3.101mdk.x86_64.rpm
 b6791f0e031795f328a2373bd6bff4af  x86_64/10.1/SRPMS/krb5-1.3.4-2.3.101mdk.src.rpm

 Mandrakelinux 10.2:
 2370d0bcd8e1055b828cbc5fd61b80fb  10.2/RPMS/ftp-client-krb5-1.3.6-6.1.102mdk.i586.rpm
 77d6d6822faf2d46126324d52b7de350  10.2/RPMS/ftp-server-krb5-1.3.6-6.1.102mdk.i586.rpm
 fd97b673156aab9df1dd084fa00ca4ee  10.2/RPMS/krb5-server-1.3.6-6.1.102mdk.i586.rpm
 e097b32bff94a889e9287328ea4383a7  10.2/RPMS/krb5-workstation-1.3.6-6.1.102mdk.i586.rpm
 10b12d24aeacbc51a72c5f6df7e063ab  10.2/RPMS/libkrb53-1.3.6-6.1.102mdk.i586.rpm
 c1b8458fdd25b9ac51338978958886b9  10.2/RPMS/libkrb53-devel-1.3.6-6.1.102mdk.i586.rpm
 225fb2cfd2b8a30d0743cc691a98f862  10.2/RPMS/telnet-client-krb5-1.3.6-6.1.102mdk.i586.rpm
 c7145ab6eb80b5a5bd6438dc1292c208  10.2/RPMS/telnet-server-krb5-1.3.6-6.1.102mdk.i586.rpm
 fc23e2f504e65b3ed2304bbf44b17626  10.2/SRPMS/krb5-1.3.6-6.1.102mdk.src.rpm

 Mandrakelinux 10.2/X86_64:
 48bf82662d9dc709f7b6fc93d408ec36  x86_64/10.2/RPMS/ftp-client-krb5-1.3.6-6.1.102mdk.x86_64.rpm
 a99dcafc0f131bee2fdd481a3c3b74ae  x86_64/10.2/RPMS/ftp-server-krb5-1.3.6-6.1.102mdk.x86_64.rpm
 6575fa785756ec309bc9a532ea201998  x86_64/10.2/RPMS/krb5-server-1.3.6-6.1.102mdk.x86_64.rpm
 9de12fff0f2556fc1b37309f3df38f43  x86_64/10.2/RPMS/krb5-workstation-1.3.6-6.1.102mdk.x86_64.rpm
 979d3a3a1076b5e1379388dfa12cbf14  x86_64/10.2/RPMS/lib64krb53-1.3.6-6.1.102mdk.x86_64.rpm
 51fdffc99853d03ae464cfd45e477cf8  x86_64/10.2/RPMS/lib64krb53-devel-1.3.6-6.1.102mdk.x86_64.rpm
 0f52ac0e1c637d1c9cd8ec0ce40f9221  x86_64/10.2/RPMS/telnet-client-krb5-1.3.6-6.1.102mdk.x86_64.rpm
 398385ff0c438b3ddf4e086a44ae118c  x86_64/10.2/RPMS/telnet-server-krb5-1.3.6-6.1.102mdk.x86_64.rpm
 fc23e2f504e65b3ed2304bbf44b17626  x86_64/10.2/SRPMS/krb5-1.3.6-6.1.102mdk.src.rpm

 Multi Network Firewall 2.0:
 fabcf16faccef529a4a5d95e52e4474a  mnf/2.0/RPMS/libkrb51-1.3-6.6.M20mdk.i586.rpm
 0a612cf3624c0e0279705eb4658cf08e  mnf/2.0/SRPMS/krb5-1.3-6.6.M20mdk.src.rpm

 Corporate Server 2.1:
 fb109362079c6f8a2aec1ca618882513  corporate/2.1/RPMS/ftp-client-krb5-1.2.5-1.10.C21mdk.i586.rpm
 92725fca271543c54c907c4860a9c225  corporate/2.1/RPMS/ftp-server-krb5-1.2.5-1.10.C21mdk.i586.rpm
 bc56956b9c25b804e9238aa750c79688  corporate/2.1/RPMS/krb5-devel-1.2.5-1.10.C21mdk.i586.rpm
 85da226bcd5c58f611c77e457505e660  corporate/2.1/RPMS/krb5-libs-1.2.5-1.10.C21mdk.i586.rpm
 680c3f4ff6a53c12ea5f706858a29c30  corporate/2.1/RPMS/krb5-server-1.2.5-1.10.C21mdk.i586.rpm
 ed55cd70d63d65c1ef644672a331beca  corporate/2.1/RPMS/krb5-workstation-1.2.5-1.10.C21mdk.i586.rpm
 2032b8637d45463118b6b2cec796ea89  corporate/2.1/RPMS/telnet-client-krb5-1.2.5-1.10.C21mdk.i586.rpm
 2f0aedf68f2a0e33a6a94139eaf50cac  corporate/2.1/RPMS/telnet-server-krb5-1.2.5-1.10.C21mdk.i586.rpm
 5998fcf5b2a19bac3f513fd9a196093f  corporate/2.1/SRPMS/krb5-1.2.5-1.10.C21mdk.src.rpm

 Corporate Server 2.1/X86_64:
 ef0287c7f515b77e4ee9c816564298c1  x86_64/corporate/2.1/RPMS/ftp-client-krb5-1.2.5-1.10.C21mdk.x86_64.rpm
 94268948f1c84bb9f2b194d02467e3e6  x86_64/corporate/2.1/RPMS/ftp-server-krb5-1.2.5-1.10.C21mdk.x86_64.rpm
 5f07977c217d7e8f03cf1264671100ea  x86_64/corporate/2.1/RPMS/krb5-devel-1.2.5-1.10.C21mdk.x86_64.rpm
 2af63c080bcce672cb112ecfcddd79cd  x86_64/corporate/2.1/RPMS/krb5-libs-1.2.5-1.10.C21mdk.x86_64.rpm
 224dfdac58646589d1bd5a50bb4ca3b9  x86_64/corporate/2.1/RPMS/krb5-server-1.2.5-1.10.C21mdk.x86_64.rpm
 199e3235e0ed34edc0d2ce377534c441  x86_64/corporate/2.1/RPMS/krb5-workstation-1.2.5-1.10.C21mdk.x86_64.rpm
 65b63aa5728e478eb566100c1e2a8061  x86_64/corporate/2.1/RPMS/telnet-client-krb5-1.2.5-1.10.C21mdk.x86_64.rpm
 0550444014da765a97deea983332d45e  x86_64/corporate/2.1/RPMS/telnet-server-krb5-1.2.5-1.10.C21mdk.x86_64.rpm
 5998fcf5b2a19bac3f513fd9a196093f  x86_64/corporate/2.1/SRPMS/krb5-1.2.5-1.10.C21mdk.src.rpm

 Corporate 3.0:
 dc39a416e792dbe6bd3c30e2a4be7350  corporate/3.0/RPMS/ftp-client-krb5-1.3-6.6.C30mdk.i586.rpm
 1a351c0d939faecda9051d9432afe724  corporate/3.0/RPMS/ftp-server-krb5-1.3-6.6.C30mdk.i586.rpm
 ddd38c40766625e7ac7a2c7964d1bf99  corporate/3.0/RPMS/krb5-server-1.3-6.6.C30mdk.i586.rpm
 8e83fef835a01e12aa3273b8b8970717  corporate/3.0/RPMS/krb5-workstation-1.3-6.6.C30mdk.i586.rpm
 24a4d0ffa3c2651121d7f7381cafad29  corporate/3.0/RPMS/libkrb51-1.3-6.6.C30mdk.i586.rpm
 be8a2e1088d1b06054a97c773960b0e0  corporate/3.0/RPMS/libkrb51-devel-1.3-6.6.C30mdk.i586.rpm
 1274d73b2ada444ebe50b998d1d83d6a  corporate/3.0/RPMS/telnet-client-krb5-1.3-6.6.C30mdk.i586.rpm
 fdf3981cdc25a9afee54a61cb01d042c  corporate/3.0/RPMS/telnet-server-krb5-1.3-6.6.C30mdk.i586.rpm
 1738741854a9259ef09e6a6325349a14  corporate/3.0/SRPMS/krb5-1.3-6.6.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 e6eda8a4875598ce56e56a7c45a9ca95  x86_64/corporate/3.0/RPMS/ftp-client-krb5-1.3-6.6.C30mdk.x86_64.rpm
 e7bd3ed8c1e29b25ebb3bffc3fa8c46a  x86_64/corporate/3.0/RPMS/ftp-server-krb5-1.3-6.6.C30mdk.x86_64.rpm
 e134c8918d95e99784b9e1a4078fd7ab  x86_64/corporate/3.0/RPMS/krb5-server-1.3-6.6.C30mdk.x86_64.rpm
 0bf662ecfd42b2f68b2af8e05ad510c7  x86_64/corporate/3.0/RPMS/krb5-workstation-1.3-6.6.C30mdk.x86_64.rpm
 262c7ec2ae2a0f72f3891abd5ed1b400  x86_64/corporate/3.0/RPMS/lib64krb51-1.3-6.6.C30mdk.x86_64.rpm
 be39364202543ef56bbce8f5d69bf309  x86_64/corporate/3.0/RPMS/lib64krb51-devel-1.3-6.6.C30mdk.x86_64.rpm
 d734050c0bfc0e5e65834aee4df6c77d  x86_64/corporate/3.0/RPMS/telnet-client-krb5-1.3-6.6.C30mdk.x86_64.rpm
 3a78f34256effe43feb9d6f3dc0fc62d  x86_64/corporate/3.0/RPMS/telnet-server-krb5-1.3-6.6.C30mdk.x86_64.rpm
 1738741854a9259ef09e6a6325349a14  x86_64/corporate/3.0/SRPMS/krb5-1.3-6.6.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFC1dvMmqjQ0CJFipgRArE7AJ9waVzWhtxKjvlZlKVtc6/OfznZNQCdG0Dn
n5En05/4DjAyPg88vHEBPQg=
=YWXS
- -----END PGP SIGNATURE-----



4.



- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                Mandriva Linux Security Update Advisory
 _______________________________________________________________________

 Package name:           mozilla-firefox
 Advisory ID:            MDKSA-2005:120
 Date:                   July 13th, 2005

 Affected versions:	 10.2
 ______________________________________________________________________

 Problem Description:

 A number of vulnerabilities were reported and fixed in Firefox 1.0.5
 and Mozilla 1.7.9.  The following vulnerabilities have been backported
 and patched for this update:
 
 In several places the browser UI did not correctly distinguish between
 true user events, such as mouse clicks or keystrokes, and synthetic
 events genenerated by web content. The problems ranged from minor
 annoyances like switching tabs or entering full-screen mode, to a
 variant on MFSA 2005-34 Synthetic events are now prevented from
 reaching the browser UI entirely rather than depend on each potentially
 spoofed function to protect itself from untrusted events
 (MFSA 2005-45).
 
 Scripts in XBL controls from web content continued to be run even when
 Javascript was disabled. By itself this causes no harm, but it could be
 combined with most script-based exploits to attack people running
 vulnerable versions who thought disabling javascript would protect
 them.  In the Thunderbird and Mozilla Suite mail clients Javascript is
 disabled by default for protection against denial-of-service attacks
 and worms; this vulnerability could be used to bypass that protection
 (MFSA 2005-46).
 
 If an attacker can convince a victim to use the "Set As Wallpaper"
 context menu item on a specially crafted image then they can run
 arbitary code on the user's computer. The image "source" must be a
 javascript: url containing an eval() statement and such an image would
 get the "broken image" icon, but with CSS it could be made transparent
 and placed on top of a real image.  The attacker would have to convince
 the user to change their desktop background to the exploit image, and
 to do so by using the Firefox context menu rather than first saving the
 image locally and using the normal mechanism provided by their
 operating system.  This affects only Firefox 1.0.3 and 1.0.4; earlier
 versions are unaffected. The implementation of this feature in the
 Mozilla Suite is also unaffected (MFSA 2005-47).
 
 The InstallTrigger.install() method for launching an install accepts a
 callback function that will be called with the final success or error
 status. By forcing a page navigation immediately after calling the
 install method this callback function can end up running in the context
 of the new page selected by the attacker. This is true even if the user
 cancels the unwanted install dialog: cancel is an error status. This
 callback script can steal data from the new page such as cookies or
 passwords, or perform actions on the user's behalf such as make a
 purchase if the user is already logged into the target site.  In
 Firefox the default settings allow only http://addons.mozilla.org to
 bring up this install dialog. This could only be exploited if users
 have added questionable sites to the install whitelist, and if a
 malicious site can convince you to install from their site that's a
 much more powerful attack vector.  In the Mozilla Suite the whitelist
 feature is turned off by default, any site can prompt the user to
 install software and exploit this vulnerability.  The browser has been
 fixed to clear any pending callback function when switching to a new
 site (MFSA 2005-48).
 
 Sites can use the _search target to open links in the Firefox sidebar.
 A missing security check allows the sidebar to inject data: urls
 containing scripts into any page open in the browser. This could be
 used to steal cookies, passwords or other sensitive data
 (MFSA 2005-49).
 
 When InstallVersion.compareTo() is passed an object rather than a
 string it assumed the object was another InstallVersion without
 verifying it. When passed a different kind of object the browser would
 generally crash with an access violation.  shutdown has demonstrated
 that different javascript objects can be passed on some OS versions to
 get control over the instruction pointer. We assume this could be
 developed further to run arbitrary machine code if the attacker can get
 exploit code loaded at a predictable address (MFSA 2005-50).
 
 The original frame-injection spoofing bug was fixed in the Mozilla
 Suite 1.7 and Firefox 0.9 releases. This protection was accidentally
 bypassed by one of the fixes in the Firefox 1.0.3 and Mozilla Suite
 1.7.7 releases (MFSA 2005-51).
 
 A child frame can call top.focus() even if the framing page comes from
 a different origin and has overridden the focus() routine. The call is
 made in the context of the child frame. The attacker would look for a
 target site with a framed page that makes this call but doesn't verify
 that its parent comes from the same site. The attacker could steal
 cookies and passwords from the framed page, or take actions on behalf
 of a signed-in user. This attack would work only against sites that use
 frames in this manner (MFSA 2005-52).
 
 Several media players, for example Flash and QuickTime, support
 scripted content with the ability to open URLs in the default browser.
 The default behavior for Firefox was to replace the currently open
 browser window's content with the externally opened content. If the
 external URL was a javascript: url it would run as if it came from the
 site that served the previous content, which could be used to steal
 sensitive information such as login cookies or passwords. If the
 media player content first caused a privileged chrome: url to load then
 the subsequent javascript: url could execute arbitrary code.  External
 javascript: urls will now run in a blank context regardless of what
 content it's replacing, and external apps will no longer be able to
 load privileged chrome: urls in a browser window. The -chrome command
 line option to load chrome applications is still supported
 (MFSA 2005-53).
 
 Alerts and prompts created by scripts in web pages are presented with
 the generic title [JavaScript Application] which sometimes makes it
 difficult to know which site created them. A malicious page could
 attempt to cause a prompt to appear in front of a trusted site in an
 attempt to extract information such as passwords from the user.  In the
 fixed version these prompts will contain the hostname from the page
 which created it (MFSA 2005-54).
 
 Parts of the browser UI relied too much on DOM node names without
 taking different namespaces into account and verifying that nodes
 really were of the expected type. An XHTML document could be used to
 create fake <IMG> elements, for example, with content-defined
 properties that the browser would access as if they were the trusted
 built-in properties of the expected HTML elements.  The severity of the
 vulnerability would depend on what the attacker could convince the
 victim to do, but could result in executing user-supplied script with
 elevated "chrome" privileges. This could be used to install malicious
 software on the victim's machine (MFSA 2005-55).
 
 Improper cloning of base objects allowed web content scripts to walk up
 the prototype chain to get to a privileged object.  This could be used
 to execute code with enhanced privileges (MFSA 2005-56).
 
 The updated packages have been patched to address these issue.
 _______________________________________________________________________

 References:

  http://www.mozilla.org/security/announce/mfsa2005-45.html
  http://www.mozilla.org/security/announce/mfsa2005-46.html
  http://www.mozilla.org/security/announce/mfsa2005-47.html
  http://www.mozilla.org/security/announce/mfsa2005-48.html
  http://www.mozilla.org/security/announce/mfsa2005-49.html
  http://www.mozilla.org/security/announce/mfsa2005-50.html
  http://www.mozilla.org/security/announce/mfsa2005-51.html
  http://www.mozilla.org/security/announce/mfsa2005-52.html
  http://www.mozilla.org/security/announce/mfsa2005-53.html
  http://www.mozilla.org/security/announce/mfsa2005-54.html
  http://www.mozilla.org/security/announce/mfsa2005-55.html
  http://www.mozilla.org/security/announce/mfsa2005-56.html
  http://secunia.com/advisories/15489/
  http://secunia.com/advisories/15549/
  http://secunia.com/advisories/15601/
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.2:
 e1b405c9ba89903ac57fa8ef1849f9e0  10.2/RPMS/libnss3-1.0.2-7.1.102mdk.i586.rpm
 5d06976462d9f0cf9cdc42b7f3449b13  10.2/RPMS/libnss3-devel-1.0.2-7.1.102mdk.i586.rpm
 881b159dc065c1822f4084a0022c4654  10.2/RPMS/libnspr4-1.0.2-7.1.102mdk.i586.rpm
 0f8273f507c95688351402f120517f52  10.2/RPMS/libnspr4-devel-1.0.2-7.1.102mdk.i586.rpm
 4be2d65eaf5baf43eb52bdec806040bb  10.2/RPMS/mozilla-firefox-1.0.2-7.1.102mdk.i586.rpm
 a134e6e29f9b0aca55fcd0d8708e9630  10.2/RPMS/mozilla-firefox-devel-1.0.2-7.1.102mdk.i586.rpm
 4d1968b656af129405977a9aff3be145  10.2/SRPMS/mozilla-firefox-1.0.2-7.1.102mdk.src.rpm

 Mandrakelinux 10.2/X86_64:
 27214cb9ac9d2ddbcd40f2ee3934c1b8  x86_64/10.2/RPMS/lib64nss3-1.0.2-7.1.102mdk.x86_64.rpm
 2104fd1c3dc3a0fc95c1f69cd2b3bcdd  x86_64/10.2/RPMS/lib64nss3-devel-1.0.2-7.1.102mdk.x86_64.rpm
 e1b405c9ba89903ac57fa8ef1849f9e0  x86_64/10.2/RPMS/libnss3-1.0.2-7.1.102mdk.i586.rpm
 5d06976462d9f0cf9cdc42b7f3449b13  x86_64/10.2/RPMS/libnss3-devel-1.0.2-7.1.102mdk.i586.rpm
 47ec9f1c56391a073847e6b5ef8be0b7  x86_64/10.2/RPMS/lib64nspr4-1.0.2-7.1.102mdk.x86_64.rpm
 05530693d7b048d721ac16caea859c07  x86_64/10.2/RPMS/lib64nspr4-devel-1.0.2-7.1.102mdk.x86_64.rpm
 881b159dc065c1822f4084a0022c4654  x86_64/10.2/RPMS/libnspr4-1.0.2-7.1.102mdk.i586.rpm
 0f8273f507c95688351402f120517f52  x86_64/10.2/RPMS/libnspr4-devel-1.0.2-7.1.102mdk.i586.rpm
 e271265e3395b746ad812c93896346b9  x86_64/10.2/RPMS/mozilla-firefox-1.0.2-7.1.102mdk.x86_64.rpm
 e253b6883f45647ea3c8e546bf8000d9  x86_64/10.2/RPMS/mozilla-firefox-devel-1.0.2-7.1.102mdk.x86_64.rpm
 4d1968b656af129405977a9aff3be145  x86_64/10.2/SRPMS/mozilla-firefox-1.0.2-7.1.102mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFC1eEUmqjQ0CJFipgRAh8CAKCfh+nHMVdmfp7QAQSfUi0WEnXVcgCcCwvF
lbj66NXyt+VZLyBPBQqAK+M=
=ai/5
- -----END PGP SIGNATURE-----



- ----------------------------------------------------------------------------------

For additional information or assistance, please contact the HELP Desk by 
telephone or Not Protectively Marked information may be sent via 
EMail to: uniras@xxxxxxxxxxxx

Office Hours:
Mon - Fri: 08:30 - 17:00 Hrs
Tel: +44 (0) 870 487 0748 Ext 4511
Fax: +44 (0) 870 487 0749

Outside of Office Hours:
On Call Duty Officer:
Tel: +44 (0) 870 487 0748 and follow the prompts

- ----------------------------------------------------------------------------------
UNIRAS wishes to acknowledge the contributions of Mandriva for the information 
contained in this Briefing. 
- ----------------------------------------------------------------------------------
This Briefing contains the information released by the original author. Some 
of the information may have changed since it was released. If the vulnerability 
affects you, it may be prudent to retrieve the advisory from the canonical site 
to ensure that you receive the most current information concerning that problem.

Reference to any specific commercial product, process, or service by trade 
name, trademark manufacturer, or otherwise, does not constitute or imply 
its endorsement, recommendation, or favouring by UNIRAS or NISCC.  The views 
and opinions of authors expressed within this notice shall not be used for 
advertising or product endorsement purposes.

Neither UNIRAS or NISCC shall also accept responsibility for any errors 
or omissions contained within this briefing notice. In particular, they shall 
not be liable for any loss or damage whatsoever, arising from or in connection 
with the usage of information contained within this notice.

UNIRAS is a member of the Forum of Incident Response and Security Teams (FIRST) 
and has contacts with other international Incident Response Teams (IRTs) in 
order to foster cooperation and coordination in incident prevention, to prompt 
rapid reaction to incidents, and to promote information sharing amongst its 
members and the community at large. 
- ----------------------------------------------------------------------------------
<End of UNIRAS Briefing>

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0

iQCVAwUBQtY4EIpao72zK539AQFoegQAthr+RoIOGt97pnFaT9UtEUJeaVvCN5RC
cZtm+M+sXUZWJ/t1xM8gLEIwJlJgXjlfT9Z2/pdk3ggOcVMSRtdU+5ria058Pv0D
1tgcndalwHTTMdSxpccAxruzHd18qwUhP3Z7KVRzsNpZI5Dah9kcjOdKb0VrlDlO
3gSxGCvlN7Q=
=mlpo
-----END PGP SIGNATURE-----


______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________

______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________