| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue May 17 13:58:55 2005
From: martin.pitt at canonical.com (Martin Pitt)
Subject: [USN-127-1] bzip2 vulnerabilities
===========================================================
Ubuntu Security Notice USN-127-1 May 17, 2005
bzip2 vulnerabilities
CAN-2005-0953, CAN-2005-1260
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 4.10 (Warty Warthog)
Ubuntu 5.04 (Hoary Hedgehog)
The following packages are affected:
bzip2
libbz2-1.0
The problem can be corrected by upgrading the affected package to
version 1.0.2-1ubuntu0.1 (for Ubuntu 4.10), or 1.0.2-2ubuntu0.1 (for
Ubuntu 5.04). In general, a standard system upgrade is sufficient to
effect the necessary changes.
Details follow:
Imran Ghory discovered a race condition in the file permission restore
code of bunzip2. While a user was decompressing a file, a local
attacker with write permissions in the directory of that file could
replace the target file with a hard link. This would cause bzip2 to
restore the file permissions to the hard link target instead of to the
bzip2 output file, which could be exploited to gain read or even write
access to files of other users. (CAN-2005-0953)
Specially crafted bzip2 archives caused an infinite loop in the
decompressor which resulted in an indefinitively large output file
("decompression bomb"). This could be exploited to a Denial of Service
attack due to disk space exhaustion on systems which automatically
process user supplied bzip2 compressed files. (CAN-2005-1260)
Updated packages for Ubuntu 4.10 (Warty Warthog):
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/bzip2_1.0.2-1ubuntu0.1.diff.gz
Size/MD5: 11463 f41f690ff6fbab41b51f4bc74a94ccec
http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/bzip2_1.0.2-1ubuntu0.1.dsc
Size/MD5: 582 35cc8d1071721389a1f15ca23c0b423f
http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/bzip2_1.0.2.orig.tar.gz
Size/MD5: 665198 ee76864958d568677f03db8afad92beb
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/bzip2_1.0.2-1ubuntu0.1_amd64.deb
Size/MD5: 231626 c1d7730fffe239921b5029bbcae76aac
http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/libbz2-1.0_1.0.2-1ubuntu0.1_amd64.deb
Size/MD5: 36272 d4a9299e4b06726dc88a513ffd8ec55d
http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/libbz2-dev_1.0.2-1ubuntu0.1_amd64.deb
Size/MD5: 29898 4386a71c42656cf99b33baeb99e79b4c
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/bzip2_1.0.2-1ubuntu0.1_i386.deb
Size/MD5: 228992 8bd1ee063e22d07353a45781f2e66ce3
http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/libbz2-1.0_1.0.2-1ubuntu0.1_i386.deb
Size/MD5: 37162 a09cbb601c062ed1c98a62aa6b174e27
http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/libbz2-dev_1.0.2-1ubuntu0.1_i386.deb
Size/MD5: 29260 8eeeebcecb057b94a1174a809d0d6038
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/bzip2_1.0.2-1ubuntu0.1_powerpc.deb
Size/MD5: 232182 0554e36432c93a0c3c1d92382ac79a6c
http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/libbz2-1.0_1.0.2-1ubuntu0.1_powerpc.deb
Size/MD5: 41406 6e44800b5f55a65e100024c9f4b60d81
http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/libbz2-dev_1.0.2-1ubuntu0.1_powerpc.deb
Size/MD5: 33602 6127c224707e15755237526b62cc1264
Updated packages for Ubuntu 5.04 (Hoary Hedgehog):
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/bzip2_1.0.2-2ubuntu0.1.diff.gz
Size/MD5: 11648 ffa0f303e1b1138672df8af3ed61a36d
http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/bzip2_1.0.2-2ubuntu0.1.dsc
Size/MD5: 605 038fc61ae3c6a5f1ca3e4b36db33f9b0
http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/bzip2_1.0.2.orig.tar.gz
Size/MD5: 665198 ee76864958d568677f03db8afad92beb
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/bzip2_1.0.2-2ubuntu0.1_amd64.deb
Size/MD5: 231960 70e59024cfde7094249c8db0d7762c50
http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/libbz2-1.0_1.0.2-2ubuntu0.1_amd64.deb
Size/MD5: 36822 462dadc1b8dff11c045a45b295c2ca21
http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/libbz2-dev_1.0.2-2ubuntu0.1_amd64.deb
Size/MD5: 30270 026c8e240a2e0fcea47d532c209af032
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/bzip2_1.0.2-2ubuntu0.1_i386.deb
Size/MD5: 229180 a05a675282214a1c944eb6c90e0cc717
http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/libbz2-1.0_1.0.2-2ubuntu0.1_i386.deb
Size/MD5: 37688 28d2f72a15e8d664aa8b2cb60fc58ca1
http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/libbz2-dev_1.0.2-2ubuntu0.1_i386.deb
Size/MD5: 29626 e42f8c47d203c668549c08d02faebe45
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/bzip2_1.0.2-2ubuntu0.1_powerpc.deb
Size/MD5: 232506 30a2fa79bd53c66c6678dd4d581bc0a6
http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/libbz2-1.0_1.0.2-2ubuntu0.1_powerpc.deb
Size/MD5: 41972 90061fab66d20ccd3358988d8eda230f
http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/libbz2-dev_1.0.2-2ubuntu0.1_powerpc.deb
Size/MD5: 33968 4e8568f2f05a32a84268e5bc088185ef
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20050517/503e6c53/attachment.bin
Powered by blists - more mailing lists