[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

UNIRAS Brief - 562/05 - Slackware - Two Security Announcements



 
-----BEGIN PGP SIGNED MESSAGE-----

- ----------------------------------------------------------------------------------
   UNIRAS (UK Govt CERT) Briefing Notice - 562/05 dated 21.07.05  Time: 11:05  
  UNIRAS is part of NISCC (National Infrastructure Security Co-ordination Centre)
- ---------------------------------------------------------------------------------- 
  UNIRAS material is also available from its website at www.uniras.gov.uk and
         Information about NISCC is available from www.niscc.gov.uk
- ----------------------------------------------------------------------------------

Title
=====

Slackware - Two Security Announcements:
     1.  dnsmasq (SSA:2005-201-01)
     2.  emacs movemail POP utility (SSA:2005-201-02)


Detail
====== 

Security announcement summaries:

     1.  New dnsmasq packages are available for Slackware 10.0, 10.1, and -current
         to fix security issues.    An off-by-one overflow vulnerability may allow
         a DHCP client to create a denial of service condition.  Additional code
         was also added to detect and defeat attempts to poison the DNS cache.

     2.  New emacs packages are available for Slackware 10.1 and -current to
         a security issue with the movemail utility for retrieving mail from
         a POP mail server.  If used to connect to a malicious POP server, it
         is possible for the server to cause the execution of arbitrary code as
         the user running emacs.


Security announcement content follows:


1.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security]  dnsmasq (SSA:2005-201-01)


New dnsmasq packages are available for Slackware 10.0, 10.1, and -current
to fix security issues.    An off-by-one overflow vulnerability may allow
a DHCP client to create a denial of service condition.  Additional code
was also added to detect and defeat attempts to poison the DNS cache.


More details about these issues may be found in the Common
Vulnerabilities and Exposures (CVE) database:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0876
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0877

Here are the details from the Slackware 10.1 ChangeLog:
+--------------------------+
patches/packages/dnsmasq-2.22-i486-1.tgz:  Upgraded to dnsmasq-2.22.
  This fixes an off-by-one overflow vulnerability may allow a DHCP
  client to create a denial of service condition.  Additional code was
  also added to detect and defeat attempts to poison the DNS cache.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0876
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0877
  (* Security fix *)
+--------------------------+


Where to find the new packages:
+-----------------------------+

Updated package for Slackware 10.0:
ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/dnsmasq-2.22-i486-1.tgz

Updated package for Slackware 10.1:
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/dnsmasq-2.22-i486-1.tgz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/dnsmasq-2.22-i486-1.tgz


MD5 signatures:
+-------------+

Slackware 10.0 package:
9716a39a464c0121b88a3a717a65b7a3  dnsmasq-2.22-i486-1.tgz

Slackware 10.1 package:
21f99c7ed9bbee044fb839f4a9214b8c  dnsmasq-2.22-i486-1.tgz

Slackware -current package:
e37624bee39e7e5da2f8790973e89e07  dnsmasq-2.22-i486-1.tgz


Installation instructions:
+------------------------+

Upgrade the package as root:
# upgradepkg dnsmasq-2.22-i486-1.tgz


+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@xxxxxxxxxxxxx

+------------------------------------------------------------------------+
| To leave the slackware-security mailing list:                          |
+------------------------------------------------------------------------+
| Send an email to majordomo@xxxxxxxxxxxxx with this text in the body of |
| the email message:                                                     |
|                                                                        |
|   unsubscribe slackware-security                                       |
|                                                                        |
| You will get a confirmation message back containing instructions to    |
| complete the process.  Please do not reply to this email address.      |
+------------------------------------------------------------------------+

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.7 (GNU/Linux)

iD8DBQFC3qVuakRjwEAQIjMRAugwAJwLKlNP8P+tMmOdVXY2q9JLVvfbrgCeOLdv
BOMNsQRNEBmko2P9llY8HPo=
=MfPW
- -----END PGP SIGNATURE-----




2.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] emacs movemail POP utility (SSA:2005-201-02)


New emacs packages are available for Slackware 10.1 and -current to
a security issue with the movemail utility for retrieving mail from
a POP mail server.  If used to connect to a malicious POP server, it
is possible for the server to cause the execution of arbitrary code as
the user running emacs.

Here are the details from the Slackware 10.1 ChangeLog:
+--------------------------+
patches/packages/emacs-21.4a-i486-1.tgz:  Upgraded to emacs-21.4a.
  This fixes a vulnerability in the movemail utility when connecting to a
  malicious POP server that may allow the execution of arbitrary code as
  the user running emacs.
  (* Security fix *)
+--------------------------+


Where to find the new packages:
+-----------------------------+

Updated packages for Slackware 10.1:
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/emacs-21.4a-i486-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/emacs-info-21.4a-noarch-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/emacs-leim-21.4-noarch-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/emacs-lisp-21.4a-noarch-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/emacs-misc-21.4a-noarch-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/emacs-nox-21.4a-i486-1.tgz

Updated packages for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/e/emacs-21.4a-i486-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/e/emacs-info-21.4a-noarch-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/e/emacs-leim-21.4-noarch-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/e/emacs-lisp-21.4a-noarch-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/e/emacs-misc-21.4a-noarch-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/e/emacs-nox-21.4a-i486-1.tgz


MD5 signatures:
+-------------+

Slackware 10.1 packages:
7bb30482651e5e4558eea0b66b55d1de  emacs-21.4a-i486-1.tgz
45b0fb651c6c7b9deacb55efe582b4b5  emacs-info-21.4a-noarch-1.tgz
5d0152fa95027215b14ece0f8fbf8a37  emacs-leim-21.4-noarch-1.tgz
5bd976633a33dad36161eba7e92bec61  emacs-lisp-21.4a-noarch-1.tgz
2763fe68ed8c833ed95ec4c95aacc562  emacs-misc-21.4a-noarch-1.tgz
195df428e1a10c50da88129002c9e2f9  emacs-nox-21.4a-i486-1.tgz

Slackware -current packages:
44986e6ca1e02d971f43e3d0f118dde3  emacs-21.4a-i486-1.tgz
100643203d73d54df78c58eef8596e4b  emacs-info-21.4a-noarch-1.tgz
70effd3b113d795d8532022139269f77  emacs-leim-21.4-noarch-1.tgz
2bcec4297285f30124e2a61f85a27440  emacs-lisp-21.4a-noarch-1.tgz
48ebc0d4e581d5deb15159a4d34c060d  emacs-misc-21.4a-noarch-1.tgz
04fb5ed4b1da572063b2a991d8c54edf  emacs-nox-21.4a-i486-1.tgz


Installation instructions:
+------------------------+

Upgrade the packages as root:
# upgradepkg emacs-21.4a-i486-1.tgz 
emacs-info-21.4a-noarch-1.tgz 
emacs-leim-21.4-noarch-1.tgz 
emacs-lisp-21.4a-noarch-1.tgz 
emacs-misc-21.4a-noarch-1.tgz 
emacs-nox-21.4a-i486-1.tgz


+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@xxxxxxxxxxxxx

+------------------------------------------------------------------------+
| To leave the slackware-security mailing list:                          |
+------------------------------------------------------------------------+
| Send an email to majordomo@xxxxxxxxxxxxx with this text in the body of |
| the email message:                                                     |
|                                                                        |
|   unsubscribe slackware-security                                       |
|                                                                        |
| You will get a confirmation message back containing instructions to    |
| complete the process.  Please do not reply to this email address.      |
+------------------------------------------------------------------------+

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.7 (GNU/Linux)

iD8DBQFC3qbFakRjwEAQIjMRAgthAJsFFB9Z36TqtkNPM+tegL9KZS1zogCdHHcS
9X8hl9NzM70t4pPBPymgqe0=
=cd3U
- -----END PGP SIGNATURE-----



- ----------------------------------------------------------------------------------

For additional information or assistance, please contact the HELP Desk by 
telephone or Not Protectively Marked information may be sent via 
EMail to: uniras@xxxxxxxxxxxx

Office Hours:
Mon - Fri: 08:30 - 17:00 Hrs
Tel: +44 (0) 870 487 0748 Ext 4511
Fax: +44 (0) 870 487 0749

Outside of Office Hours:
On Call Duty Officer:
Tel: +44 (0) 870 487 0748 and follow the prompts

- ----------------------------------------------------------------------------------
UNIRAS wishes to acknowledge the contributions of Slackware for the information 
contained in this Briefing. 
- ----------------------------------------------------------------------------------
This Briefing contains the information released by the original author. Some 
of the information may have changed since it was released. If the vulnerability 
affects you, it may be prudent to retrieve the advisory from the canonical site 
to ensure that you receive the most current information concerning that problem.

Reference to any specific commercial product, process, or service by trade 
name, trademark manufacturer, or otherwise, does not constitute or imply 
its endorsement, recommendation, or favouring by UNIRAS or NISCC.  The views 
and opinions of authors expressed within this notice shall not be used for 
advertising or product endorsement purposes.

Neither UNIRAS or NISCC shall also accept responsibility for any errors 
or omissions contained within this briefing notice. In particular, they shall 
not be liable for any loss or damage whatsoever, arising from or in connection 
with the usage of information contained within this notice.

UNIRAS is a member of the Forum of Incident Response and Security Teams (FIRST) 
and has contacts with other international Incident Response Teams (IRTs) in 
order to foster cooperation and coordination in incident prevention, to prompt 
rapid reaction to incidents, and to promote information sharing amongst its 
members and the community at large. 
- ----------------------------------------------------------------------------------
<End of UNIRAS Briefing>

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0

iQCVAwUBQt9zdIpao72zK539AQFkuAP/fzU5inh/KdCT0+khJAfw3oqaqOW4AX6o
KB/2uwiMA76X0+1zU95cokmUqvmR7OXGHMvy17efXth2EzCkpkF8o0PoOqbwvtQW
qJ8YRwilmjoEOJwBcJBk7h2vnhiW9njDhPf8AqOkLVeXg+SjXqVvA3qCrchYmmBk
8EIMBlC8has=
=XhK+
-----END PGP SIGNATURE-----


______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________

______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________