[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

UNIRAS Brief - 790/06 - Three Mandriva Linux Advisories:



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ---------------------------------------------------------------------------------------
       UNIRAS (UK Government CERT) Briefing - 790/06 Dated 30.11.06 Time 13:15  

UNIRAS is part of NISCC (the UK National Infrastructure Security  Co-ordination Centre)
- ---------------------------------------------------------------------------------------
 	UNIRAS material is available from the NISCC website at www.niscc.gov.uk
- ---------------------------------------------------------------------------------------

Title
=====

Three Mandriva Linux Advisories:

1. MDKSA-2006:219 - Updated tar packages fix vulnerability

2. MDKA-2006:055 - Updated rpmdrake packages address several issues

3. MDKA-2006:056 - Updated drakxtools packages address several issues

Detail
======

1.  GNU tar 1.16 and 1.15.1, and possibly other versions, allows  user-assisted attackers to overwrite arbitrary files via a tar
file  that contains a GNUTYPE_NAMES record with a symbolic link, which is not  properly handled by the extract_archive function in
extract.c and  extract_mangle function in mangle.c, a variant of CVE-2002-1216.

2.  Several bugs were fixed in rpmdrake: - various people saw crashes due  to invalid UTF-8 strings (#26099) - edit-urpm-sources.pl
didn't start  if urpmi.cfg did not exist (#27336) - MandrivaUpdate got several fixes:
 o it was impossible to select an update where there was only one group
 (#26135) o all updates are preselected by default (#25271) o all  security, bugfix & normal updates were not displayed in "all
updates"
 mode (#27268) o default is now "all updates" rather than "security  updates"

3. Several bugs were fixed in drakxtools:



1.




- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2006:219
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : tar
 Date    : November 28, 2006
 Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0,
           Multi Network Firewall 2.0
 _______________________________________________________________________
 
 Problem Description:
 
 GNU tar 1.16 and 1.15.1, and possibly other versions, allows  user-assisted attackers to overwrite arbitrary files via a tar file
that contains a GNUTYPE_NAMES record with a symbolic link, which is not  properly handled by the extract_archive function in
extract.c and  extract_mangle function in mangle.c, a variant of CVE-2002-1216.

 The updated packages have been patched to address this issue.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6097
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2006.0:
 162f61a8fd27d2056e0412ca2db835ec  2006.0/i586/tar-1.15.1-5.2.20060mdk.i586.rpm
 ff8a8b9a0438f72f01fc81ee7d36f303  2006.0/SRPMS/tar-1.15.1-5.2.20060mdk.src.rpm

 Mandriva Linux 2006.0/X86_64:
 811ff45e7001afef069d024c496eaaf4  2006.0/x86_64/tar-1.15.1-5.2.20060mdk.x86_64.rpm
 ff8a8b9a0438f72f01fc81ee7d36f303  2006.0/SRPMS/tar-1.15.1-5.2.20060mdk.src.rpm

 Mandriva Linux 2007.0:
 2f2b45550cb57234a437143e78a92ce1  2007.0/i586/tar-1.15.91-1.1mdv2007.0.i586.rpm
 7adbb2a696af7e9fbc87702c21555c9e  2007.0/SRPMS/tar-1.15.91-1.1mdv2007.0.src.rpm

 Mandriva Linux 2007.0/X86_64:
 ad0aa3bb29ff3cad8842dc0b72054761  2007.0/x86_64/tar-1.15.91-1.1mdv2007.0.x86_64.rpm
 7adbb2a696af7e9fbc87702c21555c9e  2007.0/SRPMS/tar-1.15.91-1.1mdv2007.0.src.rpm

 Corporate 3.0:
 4f64d5d13fc887e2698b59f908d144fd  corporate/3.0/i586/tar-1.13.25-11.1.C30mdk.i586.rpm
 6f470c1fd005021c072627f4ed720f0b  corporate/3.0/SRPMS/tar-1.13.25-11.1.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 e7ddc900476c0c202abdcedd28cc7893  corporate/3.0/x86_64/tar-1.13.25-11.1.C30mdk.x86_64.rpm
 6f470c1fd005021c072627f4ed720f0b  corporate/3.0/SRPMS/tar-1.13.25-11.1.C30mdk.src.rpm

 Corporate 4.0:
 23aaf07731b8a40a67fbd1a0d1f282ad  corporate/4.0/i586/tar-1.15.1-5.2.20060mlcs4.i586.rpm
 feab531719ee55b58cdb14183d84cfc6  corporate/4.0/SRPMS/tar-1.15.1-5.2.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 633ca84b42d52bce291a58c348b1a823  corporate/4.0/x86_64/tar-1.15.1-5.2.20060mlcs4.x86_64.rpm
 feab531719ee55b58cdb14183d84cfc6  corporate/4.0/SRPMS/tar-1.15.1-5.2.20060mlcs4.src.rpm

 Multi Network Firewall 2.0:
 3f07efd5980e45ce55f05364f0e1f4bd  mnf/2.0/i586/tar-1.13.25-11.1.M20mdk.i586.rpm
 0b6cd4ea429d91884e9c2fffbd8d0dbc  mnf/2.0/SRPMS/tar-1.13.25-11.1.M20mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification  of md5 checksums and GPG signatures is performed
automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the  GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFFbKMGmqjQ0CJFipgRAmGKAJ9EHoE4gY/eBi8m6Lo/SUnPWSsyZgCg202D
nWZjV7Ob4WVLrfvrkJp2QBI=
=/ryN
- -----END PGP SIGNATURE-----


2.



- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Advisory                                   MDKA-2006:055
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : rpmdrake
 Date    : November 29, 2006
 Affected: 2007.0
 _______________________________________________________________________
 
 Problem Description:
 
 Several bugs were fixed in rpmdrake: - various people saw crashes due  to invalid UTF-8 strings (#26099) - edit-urpm-sources.pl
didn't start  if urpmi.cfg did not exist (#27336) - MandrivaUpdate got several fixes:
 o it was impossible to select an update where there was only one group
 (#26135) o all updates are preselected by default (#25271) o all  security, bugfix & normal updates were not displayed in "all
updates"
 mode (#27268) o default is now "all updates" rather than "security  updates"
 _______________________________________________________________________

 References:
 
 http://qa.mandriva.com/show_bug.cgi?id=27372
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2007.0:
 807509e587008fde45f09e0e40580bb1  2007.0/i586/park-rpmdrake-3.19-1.1mdv2007.0.i586.rpm
 ec432d4e75ed6b30c6c30c573925a680  2007.0/i586/rpmdrake-3.19-1.1mdv2007.0.i586.rpm
 aeaaa3b7e8713864a115e86c780ace5a  2007.0/SRPMS/rpmdrake-3.19-1.1mdv2007.0.src.rpm

 Mandriva Linux 2007.0/X86_64:
 4c7724ec148009169c01544cf39471e8  2007.0/x86_64/park-rpmdrake-3.19-1.1mdv2007.0.x86_64.rpm
 c65a2252856aac1cac429659034a9688  2007.0/x86_64/rpmdrake-3.19-1.1mdv2007.0.x86_64.rpm
 aeaaa3b7e8713864a115e86c780ace5a  2007.0/SRPMS/rpmdrake-3.19-1.1mdv2007.0.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification  of md5 checksums and GPG signatures is performed
automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the  GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFFbh2dmqjQ0CJFipgRApqNAJ4z087k+2bhuq38Lv+52CKNSvs0zQCdH5nw
ShNnUpN/obgzJT7vZE9xqw4=
=eE++
- -----END PGP SIGNATURE-----


3.




- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Advisory                                   MDKA-2006:056
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : drakxtools
 Date    : November 29, 2006
 Affected: 2007.0
 _______________________________________________________________________
 
 Problem Description:
 
 Several bugs were fixed in drakxtools:

 - it was not possible to start rpmdrake from the menu (#26383) - it was  not possible to set up updates media and then distro media
(or the
 reverse) in edit-urpm-sources - drakauth: o add encrypted home and  pam_mount support o hide password when calling "net join" or
"net ads  join" (pixel) - drakbackup: o fix archiver detection/config file  replace (stew, #26705, #27180) o do not backup the
backups (Adamw) -
 drakboot: support Xen with lilo using mbootpack - drakfirewall: really  disable services (#27295) - drakvpn: o add pkcs11 token
support for  openvpn o ask password/PIN if needed - drakconnect/drakroam: o detect  wireless interfaces with unknown driver, e.g.
rt61 o do not check for
 ipw3945 kernel module packages o do not wrongly tell that  acx100-firmware can be found in Club or commercial editions (#26475) o
use iwpriv commands to configure WPA on rt2570 and rt61 chipsets o  update madwifi URL which was old - finish-install: add encrypted
home  and pam_mount support - printerdrake: due to changes in the format of  HPLIP's device description XML files, scanner
functionality was not  recognized any more (#26567).
 _______________________________________________________________________

 References:
 
 http://qa.mandriva.com/show_bug.cgi?id=27373
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2007.0:
 0fb7e2cc80d6bd24979e505d47821d7d  2007.0/i586/drakx-finish-install-10.4.81-2.2mdv2007.0.i586.rpm
 65bf955f1e51fa132e3c0b843104971b  2007.0/i586/drakxtools-10.4.81-2.2mdv2007.0.i586.rpm
 49d1e9d0e3624296a62301e7ff29bef8  2007.0/i586/drakxtools-backend-10.4.81-2.2mdv2007.0.i586.rpm
 999c8957740ce83f19931ce74b5ce16d  2007.0/i586/drakxtools-http-10.4.81-2.2mdv2007.0.i586.rpm
 6743add9f6a0f8ff0d7637963f5c52a9  2007.0/i586/drakxtools-newt-10.4.81-2.2mdv2007.0.i586.rpm
 34cb2145f374fa9070687328b7db0e81  2007.0/i586/harddrake-10.4.81-2.2mdv2007.0.i586.rpm
 f18197293d0457f987cc176fa2c15a53  2007.0/i586/harddrake-ui-10.4.81-2.2mdv2007.0.i586.rpm
 c1a39660eab5a60044ccf31a0381b2a3  2007.0/SRPMS/drakxtools-10.4.81-2.2mdv2007.0.src.rpm

 Mandriva Linux 2007.0/X86_64:
 9bf9f299e93fec92d91584cdc9ec85a5  2007.0/x86_64/drakx-finish-install-10.4.81-2.2mdv2007.0.x86_64.rpm
 082b8d5d332d4d4337239315251404f9  2007.0/x86_64/drakxtools-10.4.81-2.2mdv2007.0.x86_64.rpm
 7aa9a10de0b7096ae3f39ae3aadb5eb0  2007.0/x86_64/drakxtools-backend-10.4.81-2.2mdv2007.0.x86_64.rpm
 23e1604dcebc0e02f48c9922ba47c4d3  2007.0/x86_64/drakxtools-http-10.4.81-2.2mdv2007.0.x86_64.rpm
 88ac5e838cd093204fda0f28675c249e  2007.0/x86_64/drakxtools-newt-10.4.81-2.2mdv2007.0.x86_64.rpm
 186f9b2fe3cc142508bcf61be7a577e3  2007.0/x86_64/harddrake-10.4.81-2.2mdv2007.0.x86_64.rpm
 55fe51353f8ebbd8068a4e146c1ca0a5  2007.0/x86_64/harddrake-ui-10.4.81-2.2mdv2007.0.x86_64.rpm
 c1a39660eab5a60044ccf31a0381b2a3  2007.0/SRPMS/drakxtools-10.4.81-2.2mdv2007.0.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification  of md5 checksums and GPG signatures is performed
automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the  GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFFbiEdmqjQ0CJFipgRAulZAJ9s5qyiE+CjRI4QL0vC4tFaGOMDRgCggTEU
SCz4fxmW4gKsv7UjMwQM6AQ=
=Etjc
- -----END PGP SIGNATURE-----


- ---------------------------------------------------------------------------------------
NISCC values your feedback.

1. Which of the following most reflects the value of the briefing to you?
   (Place an 'X' next to your choice)

	Very useful:__ Useful:__ Not useful:__ 

2. If you did not find it useful, why not?


3. Any other comments? How could we improve our briefings?


Thank you for your contribution.
- ---------------------------------------------------------------------------------------

For additional information or assistance, please contact our help desk by telephone.  
You may send Not Protectively Marked information via e-mail to uniras@xxxxxxxxxxxxx

Office hours:

Mon - Fri: 08:30 - 17:00 hours
Tel: +44 (0) 870 487 0748 and follow the voice prompts
Fax: +44 (0) 870 487 0749

On-call duty officer outside office hours:
Tel: +44 (0) 870 487 0748 and follow the voice prompts

- ---------------------------------------------------------------------------------------
UNIRAS wishes to acknowledge the contributions of Mandriva for the information contained 

in this briefing.
- ---------------------------------------------------------------------------------------

This notice contains information released by the original author. Some of the information may have changed since it was released. If
the vulnerability affects you, it may be prudent to retrieve the advisory from the site of the original source to ensure that you
receive the most current information concerning that problem.

Reference to any specific commercial product, process, or service by trade name, trademark manufacturer, or otherwise, does not
constitute or imply its endorsement, recommendation, or favouring by UNIRAS or NISCC. The views and opinions of authors expressed
within this notice shall not be used for advertising or product endorsement purposes.

Neither UNIRAS or NISCC shall also accept responsibility for any errors or omissions contained within this briefing notice. In
particular, they shall not be liable for any loss or damage whatsoever, arising from or in connection with the usage of information
contained within this notice.

UNIRAS is a member of the Forum of Incident Response and Security Teams (FIRST) and has contacts with other international Incident
Response Teams (IRTs) in order to foster cooperation and coordination in incident prevention, to prompt rapid reaction to incidents,
and to promote information sharing amongst its members and the community at large.
- ---------------------------------------------------------------------------------------
<End of UNIRAS Briefing>



-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQA/AwUBRW7ZFml7oeQsXfKvEQKGAACglcxlWPkbzocAJpH8NjFuXJijixUAn0iY
+0KqHzWi73rhhedxJ+1EPAyU
=iJRo
-----END PGP SIGNATURE-----


______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________

______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________