[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20050714100751.GA17006@tsunami.trustix.net>
Date: Thu, 14 Jul 2005 12:07:51 +0200
From: Trustix Security Advisor <tsl@...stix.org>
To: bugtraq@...urityfocus.com
Subject: TSLSA-2005-0036 - multi
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- --------------------------------------------------------------------------
Trustix Secure Linux Security Advisory #2005-0036
Package name: kerberos5, kernel, php4
Summary: Various security fixes
Date: 2005-07-14
Affected versions: Trustix Secure Linux 2.2
Trustix Secure Linux 3.0
Trustix Operating System - Enterprise Server 2
- --------------------------------------------------------------------------
Package description:
kerberos5:
(MIT) Kerberos is a network authentication protocol. It is designed to
provide strong authentication for client/server applications by using
secret-key cryptography. A free implementation of this protocol is
available from the Massachusetts Institute of Technology. Kerberos is
available in many commercial products as well.
kernel:
The kernel package contains the Linux kernel (vmlinuz), the core of your
Trustix Secure Linux operating system. The kernel handles the basic
functions of the operating system: memory allocation, process allocation,
device input and output, etc.
php4:
PHP is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated web pages. PHP
also offers built-in database integration for several commercial
and non-commercial database management systems, so writing a
database-enabled web page with PHP is fairly simple. The most
common use of PHP coding is probably as a replacement for CGI
scripts. The mod_php module enables the Apache web server to
understand and process the embedded PHP language in web pages.
Problem description:
kerberos5:
- Double-free in krb5_recvauth (CAN-2005-1689).
Buffer overflow, Heap corruption in KDC (CAN-2005-1174) and (CAN-2005-1175)
Fixed Bug# 1073 and 1075
kernel:
- Fixed Race condition within system calls (CAN-2005-1768). Fix Bug #1065.
Critical and major fixes has been done.
php4:
- New Upstream
- Security Bug Fix release to 4.3.11, Fix Bug #1064
Vendor update for XML_RPC to fix remote code execution vulnerability.
Action:
We recommend that all systems with this package installed be upgraded.
Please note that if you do not need the functionality provided by this
package, you may want to remove it from your system.
Location:
All Trustix Secure Linux updates are available from
<URI:http://http.trustix.org/pub/trustix/updates/>
<URI:ftp://ftp.trustix.org/pub/trustix/updates/>
About Trustix Secure Linux:
Trustix Secure Linux is a small Linux distribution for servers. With focus
on security and stability, the system is painlessly kept safe and up to
date from day one using swup, the automated software updater.
Automatic updates:
Users of the SWUP tool can enjoy having updates automatically
installed using 'swup --upgrade'.
Questions?
Check out our mailing lists:
<URI:http://www.trustix.org/support/>
Verification:
This advisory along with all Trustix packages are signed with the
TSL sign key.
This key is available from:
<URI:http://www.trustix.org/TSL-SIGN-KEY>
The advisory itself is available from the errata pages at
<URI:http://www.trustix.org/errata/trustix-2.2/> and
<URI:http://www.trustix.org/errata/trustix-3.0/>
or directly at
<URI:http://www.trustix.org/errata/2005/0036/>
MD5sums of the packages:
- --------------------------------------------------------------------------
1b7fe9c06bb4791df6d2e9e546ea775b 3.0/rpms/kerberos5-1.4.1-5tr.i586.rpm
4da5de7687952478f5629b01dc937d15 3.0/rpms/kerberos5-devel-1.4.1-5tr.i586.rpm
a649e160958f628c959fbb27d5d2a689 3.0/rpms/kerberos5-libs-1.4.1-5tr.i586.rpm
3ee2030fdadca8409a62fc797f19cd68 2.2/rpms/kerberos5-1.3.6-5tr.i586.rpm
6e1278f8dc2edaed547d2039c8bffa2c 2.2/rpms/kerberos5-devel-1.3.6-5tr.i586.rpm
eafdea3a4d558845a757dfe475069e74 2.2/rpms/kerberos5-libs-1.3.6-5tr.i586.rpm
e8efd21c111e0c0f77ea6d5552ad9b28 kernel-2.4.31-4tr.i586.rpm
983172ad01677d9154bf2e8cb18e2c6e kernel-BOOT-2.4.31-4tr.i586.rpm
481b31855846891f8665963afb93fe1b kernel-doc-2.4.31-4tr.i586.rpm
5e02303168c0cbe74fc2ddc1b570f2e1 kernel-smp-2.4.31-4tr.i586.rpm
46edf8595351e06e25957d1faee90b22 kernel-source-2.4.31-4tr.i586.rpm
50d48f6ec84ed09548fd3326d83f54cc kernel-utils-2.4.31-4tr.i586.rpm
049887017b1c55f552c24d0bb3df68c4 2.2/rpms/php4-4.4.0-1tr.i586.rpm
5f46aa47bdec2e97dd2aa8981e3e9d8c 2.2/rpms/php4-cli-4.4.0-1tr.i586.rpm
92f291964bfed09c2691056caa74d0f8 2.2/rpms/php4-devel-4.4.0-1tr.i586.rpm
eeebf3f79c167ac97f8b6b21cd283093 2.2/rpms/php4-domxml-4.4.0-1tr.i586.rpm
82f8464b62514f03edb657f0ad3a73d6 2.2/rpms/php4-exif-4.4.0-1tr.i586.rpm
e19838578eeda827d3d8dd4c5a550f70 2.2/rpms/php4-gd-4.4.0-1tr.i586.rpm
2d9c339bf665c3f7f0cd99bf1d7e721b 2.2/rpms/php4-imap-4.4.0-1tr.i586.rpm
1e7c85aa84b204aef680a9e46e1ad29c 2.2/rpms/php4-ldap-4.4.0-1tr.i586.rpm
520993dd95b97d26b3152b023fdba9ef 2.2/rpms/php4-mhash-4.4.0-1tr.i586.rpm
557d7af7baeba9c5f055895049c678b2 2.2/rpms/php4-mysql-4.4.0-1tr.i586.rpm
2d0ccf253c097c48acad252e0c49e4cb 2.2/rpms/php4-pgsql-4.4.0-1tr.i586.rpm
cf87ec3b86bcd1050609e193197034f1 2.2/rpms/php4-test-4.4.0-1tr.i586.rpm
- --------------------------------------------------------------------------
Trustix Security Team
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFC1jlJi8CEzsK9IksRAjCzAJ0YgcXZST4ZqhlAp6QYcfHbiBDjKQCeI3kw
3dNme6eKVF7dEXjb0p3rplM=
=khJE
-----END PGP SIGNATURE-----
Powered by blists - more mailing lists