lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20070719135754.GL11087@outflux.net>
Date: Thu, 19 Jul 2007 06:57:55 -0700
From: Kees Cook <kees@...ntu.com>
To: ubuntu-security-announce@...ts.ubuntu.com
Cc: bugtraq@...urityfocus.com, full-disclosure@...ts.grok.org.uk
Subject: [USN-489-2] redhat-cluster-suite vulnerability

=========================================================== 
Ubuntu Security Notice USN-489-2              July 19, 2007
redhat-cluster-suite vulnerability
CVE-2007-3380
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
  redhat-cluster-suite-source              1.20060222-0ubuntu6.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

USN-489-1 fixed vulnerabilities in the Linux kernel.  This update
provides the corresponding fixes for the redhat cluster suite kernel
sources.

Original advisory details:

 A flaw was discovered in the cluster manager.  A remote attacker could
 connect to the DLM port and block further DLM operations.
 (CVE-2007-3380)


Updated packages for Ubuntu 6.06 LTS:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/redhat-cluster-suite_1.20060222-0ubuntu6.1.diff.gz
      Size/MD5:    31897 c7ced827740f2042a86e9f4523bd3cef
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/redhat-cluster-suite_1.20060222-0ubuntu6.1.dsc
      Size/MD5:     1669 552ffa5da81d9325d470a9d67bd83b67
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/redhat-cluster-suite_1.20060222.orig.tar.gz
      Size/MD5:  1572788 00b513a7b6a9a943c83f3f3450944177

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/universe/r/redhat-cluster-suite/redhat-cluster-suite-source_1.20060222-0ubuntu6.1_all.deb
      Size/MD5:   382620 140a83c3b01f3f15c8ba6fd9aadb2f63
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/redhat-cluster-suite_1.20060222-0ubuntu6.1_all.deb
      Size/MD5:     7772 43c85ef36c27af346d7679868c2eb260

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/ccs_1.20060222-0ubuntu6.1_amd64.deb
      Size/MD5:    60410 909eb868ab4b258c22a2b695c87b06e4
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/cman_1.20060222-0ubuntu6.1_amd64.deb
      Size/MD5:    29750 b665ac14693fe77ef6d4b2559b0884a4
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/fence-gnbd_1.20060222-0ubuntu6.1_amd64.deb
      Size/MD5:    13378 a568e66ca6bec1e444cb59ab22d2d011
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/fence_1.20060222-0ubuntu6.1_amd64.deb
      Size/MD5:    99268 ae3a87b56e1bb944e5c49db01041d676
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/gfs-tools_1.20060222-0ubuntu6.1_amd64.deb
      Size/MD5:   161076 946f5e3da3f3cbfd7b28cb1bd5e12619
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/gnbd-client_1.20060222-0ubuntu6.1_amd64.deb
      Size/MD5:    53902 96ee2065fe950cc92b2084a6166f86a0
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/gnbd-server_1.20060222-0ubuntu6.1_amd64.deb
      Size/MD5:    45236 43a7e1e219529f84a87838276b9c8fde
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/gulm_1.20060222-0ubuntu6.1_amd64.deb
      Size/MD5:   115454 3b135ccfc949c71235d151fe3ad616ca
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/libccs-dev_1.20060222-0ubuntu6.1_amd64.deb
      Size/MD5:    11414 d56092009f87a1614a79f24f9c611eae
    http://security.ubuntu.com/ubuntu/pool/universe/r/redhat-cluster-suite/libcman-dev_1.20060222-0ubuntu6.1_amd64.deb
      Size/MD5:    13142 61b8b96fd7c7318c83776b340d087e16
    http://security.ubuntu.com/ubuntu/pool/universe/r/redhat-cluster-suite/libcman1_1.20060222-0ubuntu6.1_amd64.deb
      Size/MD5:    10330 f3a4217845d3d0bbebeb4e0614764677
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/libdlm-dev_1.20060222-0ubuntu6.1_amd64.deb
      Size/MD5:    17896 0984b2c723aa2a99e823443ad4e24a55
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/libdlm1_1.20060222-0ubuntu6.1_amd64.deb
      Size/MD5:    16784 89494d80244b187d4dbb3fb0db19aa6f
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/libgulm-dev_1.20060222-0ubuntu6.1_amd64.deb
      Size/MD5:    18782 d8575759235ff807195f735baf603f7c
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/libgulm1_1.20060222-0ubuntu6.1_amd64.deb
      Size/MD5:    16636 aa1794dd225872b42f1a091b2fdf0da4
    http://security.ubuntu.com/ubuntu/pool/universe/r/redhat-cluster-suite/libiddev-dev_1.20060222-0ubuntu6.1_amd64.deb
      Size/MD5:     9202 2e1bd9d6cd4281a2015d0aaa37a6cedb
    http://security.ubuntu.com/ubuntu/pool/universe/r/redhat-cluster-suite/libmagma-dev_1.20060222-0ubuntu6.1_amd64.deb
      Size/MD5:    36608 f4bc7b234588efb0a748b98c07c9c70a
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/libmagma1_1.20060222-0ubuntu6.1_amd64.deb
      Size/MD5:    26760 6aa9099176e06effbef1ca4105a1fa07
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/magma-plugins_1.20060222-0ubuntu6.1_amd64.deb
      Size/MD5:    19710 617c584879b03a12f4e29ac092960ef5
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/magma_1.20060222-0ubuntu6.1_amd64.deb
      Size/MD5:    21990 33cb789f071d26b3c5cbeed410c1a34f
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/rgmanager_1.20060222-0ubuntu6.1_amd64.deb
      Size/MD5:   110958 53f223d82661cc0786a83bea9becb723

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/ccs_1.20060222-0ubuntu6.1_i386.deb
      Size/MD5:    53400 8a4f88f100cc4e6dbf603492b76c58de
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/cman_1.20060222-0ubuntu6.1_i386.deb
      Size/MD5:    27426 9323a5d87da5c4e3fb160c9e5169737e
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/fence-gnbd_1.20060222-0ubuntu6.1_i386.deb
      Size/MD5:    12866 ff4a9fb9201a416d851e7052953a1883
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/fence_1.20060222-0ubuntu6.1_i386.deb
      Size/MD5:    92456 624fa26aa410aeef89a2685d015e96fe
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/gfs-tools_1.20060222-0ubuntu6.1_i386.deb
      Size/MD5:   153482 42122a7aa9409c41d18cc8bb524487ec
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/gnbd-client_1.20060222-0ubuntu6.1_i386.deb
      Size/MD5:    42692 2493f50ec9907fbffb7c305c22d83cae
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/gnbd-server_1.20060222-0ubuntu6.1_i386.deb
      Size/MD5:    38952 3a2064955f0007fed5606e080feec396
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/gulm_1.20060222-0ubuntu6.1_i386.deb
      Size/MD5:   106888 de00ac3ca880b76cafdb338a87e90b0b
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/libccs-dev_1.20060222-0ubuntu6.1_i386.deb
      Size/MD5:    10744 9a2c8f30dfcb64f0257038194ecdbd15
    http://security.ubuntu.com/ubuntu/pool/universe/r/redhat-cluster-suite/libcman-dev_1.20060222-0ubuntu6.1_i386.deb
      Size/MD5:    12754 df62512f49ad00b97c5c55feeaab4d37
    http://security.ubuntu.com/ubuntu/pool/universe/r/redhat-cluster-suite/libcman1_1.20060222-0ubuntu6.1_i386.deb
      Size/MD5:     9756 9493eb461783c3a8287dfc7d7dc5c19b
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/libdlm-dev_1.20060222-0ubuntu6.1_i386.deb
      Size/MD5:    16672 d19f6adb0e2732ba093aeda9ab88c1b3
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/libdlm1_1.20060222-0ubuntu6.1_i386.deb
      Size/MD5:    15082 070d6ca743aa1d87be02acd44e31f92c
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/libgulm-dev_1.20060222-0ubuntu6.1_i386.deb
      Size/MD5:    17772 c9265cf16edb0c949478930ad74b8e4f
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/libgulm1_1.20060222-0ubuntu6.1_i386.deb
      Size/MD5:    15594 822e85e101c1d7cfa97d82a94a26c8a1
    http://security.ubuntu.com/ubuntu/pool/universe/r/redhat-cluster-suite/libiddev-dev_1.20060222-0ubuntu6.1_i386.deb
      Size/MD5:     9098 2768beeb5e8b3559e4617fdb97bacead
    http://security.ubuntu.com/ubuntu/pool/universe/r/redhat-cluster-suite/libmagma-dev_1.20060222-0ubuntu6.1_i386.deb
      Size/MD5:    34508 ca61205b79cc0c2cb94beb89772c7388
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/libmagma1_1.20060222-0ubuntu6.1_i386.deb
      Size/MD5:    23956 3712d0b101645440382bee7c401a8e4f
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/magma-plugins_1.20060222-0ubuntu6.1_i386.deb
      Size/MD5:    17506 844b7ff2bc799a6be8eb98477b7cfebf
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/magma_1.20060222-0ubuntu6.1_i386.deb
      Size/MD5:    21010 77356ae5c5205db8f21fb14f1553525e
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/rgmanager_1.20060222-0ubuntu6.1_i386.deb
      Size/MD5:   103604 4b03d5a635a53d1f33eba77fd0d1cb1b

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/ccs_1.20060222-0ubuntu6.1_powerpc.deb
      Size/MD5:    60870 4aa495960377f4d9a1ffbafc76caa78e
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/cman_1.20060222-0ubuntu6.1_powerpc.deb
      Size/MD5:    27868 14ce6af8110dc32eab3e0219ba99def9
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/fence-gnbd_1.20060222-0ubuntu6.1_powerpc.deb
      Size/MD5:    13078 c8f36aa91ac9b4138dc3524bd4c0342f
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/fence_1.20060222-0ubuntu6.1_powerpc.deb
      Size/MD5:    95658 cf656102b6d7d739929c50bd84db8b49
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/gfs-tools_1.20060222-0ubuntu6.1_powerpc.deb
      Size/MD5:   175352 f098b716bc8d4f08730fdfd1b8c62123
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/gnbd-client_1.20060222-0ubuntu6.1_powerpc.deb
      Size/MD5:    56664 59cd3796294b476a6ebd177f106c9e51
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/gnbd-server_1.20060222-0ubuntu6.1_powerpc.deb
      Size/MD5:    46432 d72340b40ed2c07a1dacf0ecfcada441
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/gulm_1.20060222-0ubuntu6.1_powerpc.deb
      Size/MD5:   105546 fa93c432787eec81fbc384d8af519805
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/libccs-dev_1.20060222-0ubuntu6.1_powerpc.deb
      Size/MD5:    11292 00cdbe5d328e16a1bc2d85d44099addc
    http://security.ubuntu.com/ubuntu/pool/universe/r/redhat-cluster-suite/libcman-dev_1.20060222-0ubuntu6.1_powerpc.deb
      Size/MD5:    12730 47ac86e04a8b27bde15cc81baea10e91
    http://security.ubuntu.com/ubuntu/pool/universe/r/redhat-cluster-suite/libcman1_1.20060222-0ubuntu6.1_powerpc.deb
      Size/MD5:    11522 c1dfaa2be5cac4eb031167d1bee546aa
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/libdlm-dev_1.20060222-0ubuntu6.1_powerpc.deb
      Size/MD5:    17132 d717c37f99758937da1971c412f19a96
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/libdlm1_1.20060222-0ubuntu6.1_powerpc.deb
      Size/MD5:    18184 1de1f87e1dba3efc8088a8694136210f
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/libgulm-dev_1.20060222-0ubuntu6.1_powerpc.deb
      Size/MD5:    17522 e3356fd333826007ddd6fe8e41d1c020
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/libgulm1_1.20060222-0ubuntu6.1_powerpc.deb
      Size/MD5:    16690 a111713aab7715ce755cde10ea042f01
    http://security.ubuntu.com/ubuntu/pool/universe/r/redhat-cluster-suite/libiddev-dev_1.20060222-0ubuntu6.1_powerpc.deb
      Size/MD5:     9448 3951ed37f9b798b93a6f7f1c87737ade
    http://security.ubuntu.com/ubuntu/pool/universe/r/redhat-cluster-suite/libmagma-dev_1.20060222-0ubuntu6.1_powerpc.deb
      Size/MD5:    34102 ae080b6618c7c695b749d2b63fedc2ae
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/libmagma1_1.20060222-0ubuntu6.1_powerpc.deb
      Size/MD5:    27764 2362ea6f654eec6258e7234080190469
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/magma-plugins_1.20060222-0ubuntu6.1_powerpc.deb
      Size/MD5:    20842 38728607b783e25159b3e27634aeb6fb
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/magma_1.20060222-0ubuntu6.1_powerpc.deb
      Size/MD5:    24040 ad3ff8d5f2ba9725373e422debb22b5a
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/rgmanager_1.20060222-0ubuntu6.1_powerpc.deb
      Size/MD5:   111148 b7f7d6ca71bf7d7b20da05adbb54017b

  sparc architecture (Sun SPARC/UltraSPARC)

    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/ccs_1.20060222-0ubuntu6.1_sparc.deb
      Size/MD5:    55522 0301eecc85613d909c85950157e3ac1a
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/cman_1.20060222-0ubuntu6.1_sparc.deb
      Size/MD5:    27500 9572f53a8050844162f5da1605ead6ea
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/fence-gnbd_1.20060222-0ubuntu6.1_sparc.deb
      Size/MD5:    12998 42b2edd6c21cb1065e406ceef0bb7d4a
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/fence_1.20060222-0ubuntu6.1_sparc.deb
      Size/MD5:    93348 8a2cdc560235fbc32d0abb13c2cde456
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/gfs-tools_1.20060222-0ubuntu6.1_sparc.deb
      Size/MD5:   160740 c50cc2fa747e34e40bd49e922a81523c
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/gnbd-client_1.20060222-0ubuntu6.1_sparc.deb
      Size/MD5:    43702 621267d278ddff381ecdcfb7d85b5a71
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/gnbd-server_1.20060222-0ubuntu6.1_sparc.deb
      Size/MD5:    40016 46b7c077473511b73e8efb68ec7b32b8
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/gulm_1.20060222-0ubuntu6.1_sparc.deb
      Size/MD5:   107080 70e375601335f78321818c3eaec214f5
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/libccs-dev_1.20060222-0ubuntu6.1_sparc.deb
      Size/MD5:    11002 cc34e556746042d1f06f0060dec845b8
    http://security.ubuntu.com/ubuntu/pool/universe/r/redhat-cluster-suite/libcman-dev_1.20060222-0ubuntu6.1_sparc.deb
      Size/MD5:    12078 de7fab50f3eefa7cdc84e968a1351e5b
    http://security.ubuntu.com/ubuntu/pool/universe/r/redhat-cluster-suite/libcman1_1.20060222-0ubuntu6.1_sparc.deb
      Size/MD5:     9512 7ebf203da261cd88431e416b083c1806
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/libdlm-dev_1.20060222-0ubuntu6.1_sparc.deb
      Size/MD5:    17314 e87caae9f169dc7e5f20d73ae23abbe4
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/libdlm1_1.20060222-0ubuntu6.1_sparc.deb
      Size/MD5:    15224 a4ec6dd31a3ffa450e5cb53ccb626e31
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/libgulm-dev_1.20060222-0ubuntu6.1_sparc.deb
      Size/MD5:    16994 5c41aa6528dd7d6b885761aebc4ebed6
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/libgulm1_1.20060222-0ubuntu6.1_sparc.deb
      Size/MD5:    14736 cf97663d83eef3aed5ae613bb8175f93
    http://security.ubuntu.com/ubuntu/pool/universe/r/redhat-cluster-suite/libiddev-dev_1.20060222-0ubuntu6.1_sparc.deb
      Size/MD5:     9204 8846728cbaf16ad06393eda123567402
    http://security.ubuntu.com/ubuntu/pool/universe/r/redhat-cluster-suite/libmagma-dev_1.20060222-0ubuntu6.1_sparc.deb
      Size/MD5:    35540 410fe931cc361b8032c0123603e53a67
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/libmagma1_1.20060222-0ubuntu6.1_sparc.deb
      Size/MD5:    23708 9c6f4db377bd018e87d417a1f2e42b2b
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/magma-plugins_1.20060222-0ubuntu6.1_sparc.deb
      Size/MD5:    18298 e4160667634d9ed4c37de7c5053ccb90
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/magma_1.20060222-0ubuntu6.1_sparc.deb
      Size/MD5:    20580 38c404215f55f2e0fda9ef8ef62546ba
    http://security.ubuntu.com/ubuntu/pool/main/r/redhat-cluster-suite/rgmanager_1.20060222-0ubuntu6.1_sparc.deb
      Size/MD5:   107742 3f9a2e95dd9f8b3e6453988958659437


Download attachment "signature.asc" of type "application/pgp-signature" (190 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ