lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <10208211547.ZM391150@einstein.csd.sgi.com>
From: agent99 at sgi.com (SGI Security Coordinator)
Subject: WorldView vulnerability on IRIX

-----BEGIN PGP SIGNED MESSAGE-----

______________________________________________________________________________
                           SGI Security Advisory

         Title:  WorldView vulnerability
        Number:  20000803-01-P
          Date:  August 21, 2002
     Reference:  SGI Security Advisory 20000803-01-A
     Reference:  CVE CAN-2000-0704
______________________________________________________________________________

- -----------------------
- --- Issue Specifics ---
- -----------------------

This bulletin is a followup to SGI Security Bulletin 20000803-01-A.

There is a root buffer overflow vulnerability in WorldView reported by
Shadow Penguin Security Org. on the FreeWnn Mailing List:
http://www.tomo.gr.jp/users/wnn/0008ml/msg00000.html (in Japanese)
and also reported by Omron Software on
http://www.omronsoft.co.jp/SP/support/pcunix/wnn/update1.html (in Japanese)

Besides the issues discussed in 20000803-01-A, there is an additional
vulnerability that is addressed by this advisory and the fixes noted herein.

WorldView is an optional purchased product used by SGI customers that
require foreign language support in IRIX. It is not installed by default on
base IRIX. Only SGI systems that have WorldView Japanese, Korean, and
Chinese installed are vulnerable to these issues.

The WorldView vulnerability can lead to root access through a buffer
overflow exploit. SGI has investigated the issue and recommends the
following steps for neutralizing the exposure.

The workaround involves changing ownership of the [jks]server to a non-
privileged user (see detail below).  It is HIGHLY RECOMMENDED that these
measures be implemented on ALL vulnerable SGI systems.

These issues have been corrected with patches an in future releases of IRIX.


- --------------
- --- Impact ---
- --------------

The WorldView package is not installed by default on IRIX 6.5 systems.

To determine the version of IRIX you are running, execute the following
command:

  # uname -R

That will return a result similar to the following:

  # 6.5 6.5.16f

The first number ("6.5") is the release name, the second ("6.5.16f" in this
case) is the extended release name.  The extended release name is the
"version" we refer to throughout this document.

To see if WorldView is installed, execute the following command:

  # versions -b | grep WorldView

     I  WorldView_base_jp    05/06/1998  WorldView Base Japanese 6.5
     I  WorldView_books_jp   05/06/1998  WorldView Books: Japanese 6.5
     I  WorldView_fonts_jp1  05/06/1998  WorldView Fonts Japanese, 6.5
     I  WorldView_japanese   05/06/1998  WorldView Japanese 6.5

If the output is similar to that shown above, then WorldView is installed
and the system may be vulnerable.

This vulnerability was assigned the following CVE:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2000-0704


- ----------------------------
- --- Temporary Workaround ---
- ----------------------------

SGI understands that there are times when upgrading the operating system or
installing patches are inconvenient or not possible.  In those instances, we
recommend the following workaround:

Japanese:
=======
o Step 1: Become the root user on the system.

              % /bin/su -
              Password:
              #


o Step 2: Verify WorldView is installed as shown above. Only systems that have
        WorldView installed are vulnerable.

o Step 3: If the WorldView is not currently needed, disable the jserver.

              # chkconfig jserver off

       Note: This will disable Japanese character input support.

o Step 3: Add the following lines to the files /etc/password and /etc/group
       with a text editor like vi.

       /etc/passwd:

                wnn:*:127:127:Wnn System Account:/usr/lib/wnn6:/bin/sh

       /etc/group:

                wnn:*:127

o Step 4: Change the owner of the WNN related files.

              # chown -R wnn.sys /usr/bin/Wnn6
              # chown -R wnn.sys /usr/lib/wnn6

o Step 5: Verify that the file ownership changes have been made.

              # ls -ls /usr/bin/Wnn6/jserver
              1136 -r-sr-xr-x    1 wnn      sys       578660

              # ls -ls /usr/lib/wnn6/serverdefs
              8 -rw-r--r--    1 wnn      sys          662

o Step 6: Reboot the system.

              # reboot

Korean:
=======
o Step 1: Become the root user on the system and
           disable kserver

           (Example)
           % /bin/su
           Password:
           #
           # /etc/init.d/kserver stop

o Step 2: add the following lines to the files
           /etc/password and /etc/group with a text editor
           like vi.

           /etc/password:
           wnn:*:127:127:Wnn System Account:/usr/lib/wnn:/bin/sh

           /etc/group:
           wnn:*:127

o Step 3: Change the owner of Wnn related files.

           # chown -R wnn.sys /usr/bin/kWnn4
           # chown -R wnn.sys /usr/lib/wnn

o Step 4: Verify that the file ownership changes
           have been made.

           (Example)
           # ls -ls /usr/bin/kWnn4/kserver

           1136 -r-sr-xr-x    1 wnn     sys       578660 Aug 14 15:24

           # ls -ls /usr/lib/wnn/serverdefs

           8 -rw-r--r--    1 wnn     sys       662 Aug 14 15:25

o Step 5: Reboot the system or restart kserver.

           (Example)
           # /etc/init.d/kserver start
           # reboot

           You may also refer to the file
           /usr/bin/kWnn4/add_wnn_account.sh which is created
           during installation. Furthermore, for server machines,
           especially those not protected by a firewall, that do
           not require Korean character input, please execute the
           following command and then reboot the system.

           # chkconfig kserver off

Chinese:
========
o Step 1: Become the root user on the system and
           disable cserver

           (Example)
           % /bin/su
           Password:
           #
           # /etc/init.d/cserver stop

o Step 2: add the following lines to the files
           /etc/password and /etc/group with a text editor
           like vi.

           /etc/password:

           wnn:*:127:127:Wnn System Account:/usr/lib/wnn:/bin/sh

           /etc/group:

           wnn:*:127

o Step 3: Change the owner of Wnn related files.

           # chown -R wnn.sys /usr/bin/cWnn4
           # chown -R wnn.sys /usr/lib/wnn

o Step 4: Verify that the file ownership changes
           have been made.

           (Example)
           # ls -ls /usr/bin/cWnn4/cserver

           1136 -r-sr-xr-x    1 wnn     sys       578660 Aug 14 15:24

           # ls -ls /usr/lib/wnn/serverdefs

           8 -rw-r--r--    1 wnn     sys       662 Aug 14 15:25

o Step 5: Reboot the system or restart kserver.

           (Example)
           # /etc/init.d/cserver start

           # reboot

           You may also refer to the file
           /usr/bin/cWnn4/add_wnn_account.sh which is created
           during installation. Furthermore, for server machines,
           especially those not protected by a firewall, that do
           not require Chinese character input, please execute
           the following command and then reboot the system.

           # chkconfig cserver off


- ----------------
- --- Solution ---
- ----------------

SGI has provided a series of patches for these vulnerabilities. Our
recommendation is to upgrade to IRIX 6.5.16 when available, or install the
appropriate patch from the list below.  Note that there are patches for
Maintenance and Feature streams, for three different languages.  See the
notes after the listing for assistance in this admittedly complex matrix.

   OS Version     Vulnerable?     Patch #      Other Actions
   ----------     -----------     -------      -------------
   IRIX 3.x        unknown                     Note 1
   IRIX 4.x        unknown                     Note 1
   IRIX 5.x        unknown                     Note 1
   IRIX 6.0.x      unknown                     Note 1
   IRIX 6.1        unknown                     Note 1
   IRIX 6.2        unknown                     Note 1
   IRIX 6.3        unknown                     Note 1
   IRIX 6.4        unknown                     Note 1
   IRIX 6.5          yes            4632       Notes 2, 3, & 4
   IRIX 6.5          yes            4633       Notes 2, 3, & 5
   IRIX 6.5          yes            4644       Notes 2, 3, & 6
   IRIX 6.5.1        yes            4632       Notes 2, 3, & 4
   IRIX 6.5.1        yes            4633       Notes 2, 3, & 5
   IRIX 6.5.1        yes            4644       Notes 2, 3, & 6
   IRIX 6.5.2m       yes            4632       Notes 2, 3, & 4
   IRIX 6.5.2m       yes            4633       Notes 2, 3, & 5
   IRIX 6.5.2m       yes            4644       Notes 2, 3, & 6
   IRIX 6.5.2f       yes            4645       Notes 2, 3, & 4
   IRIX 6.5.2f       yes            4646       Notes 2, 3, & 5
   IRIX 6.5.2f       yes            4647       Notes 2, 3, & 6
   IRIX 6.5.3m       yes            4632       Notes 2, 3, & 4
   IRIX 6.5.3m       yes            4633       Notes 2, 3, & 5
   IRIX 6.5.3m       yes            4644       Notes 2, 3, & 6
   IRIX 6.5.3f       yes            4645       Notes 2, 3, & 4
   IRIX 6.5.3f       yes            4646       Notes 2, 3, & 5
   IRIX 6.5.3f       yes            4647       Notes 2, 3, & 6
   IRIX 6.5.4m       yes            4632       Notes 2, 3, & 4
   IRIX 6.5.4m       yes            4633       Notes 2, 3, & 5
   IRIX 6.5.4m       yes            4644       Notes 2, 3, & 6
   IRIX 6.5.4f       yes            4645       Notes 2, 3, & 4
   IRIX 6.5.4f       yes            4646       Notes 2, 3, & 5
   IRIX 6.5.4f       yes            4647       Notes 2, 3, & 6
   IRIX 6.5.5m       yes            4632       Notes 2, 3, & 4
   IRIX 6.5.5m       yes            4633       Notes 2, 3, & 5
   IRIX 6.5.5m       yes            4644       Notes 2, 3, & 6
   IRIX 6.5.5f       yes            4645       Notes 2, 3, & 4
   IRIX 6.5.5f       yes            4646       Notes 2, 3, & 5
   IRIX 6.5.5f       yes            4647       Notes 2, 3, & 6
   IRIX 6.5.6m       yes            4632       Notes 2, 3, & 4
   IRIX 6.5.6m       yes            4633       Notes 2, 3, & 5
   IRIX 6.5.6m       yes            4644       Notes 2, 3, & 6
   IRIX 6.5.6f       yes            4645       Notes 2, 3, & 4
   IRIX 6.5.6f       yes            4646       Notes 2, 3, & 5
   IRIX 6.5.6f       yes            4647       Notes 2, 3, & 6
   IRIX 6.5.7m       yes            4632       Notes 2, 3, & 4
   IRIX 6.5.7m       yes            4633       Notes 2, 3, & 5
   IRIX 6.5.7m       yes            4644       Notes 2, 3, & 6
   IRIX 6.5.7f       yes            4645       Notes 2, 3, & 4
   IRIX 6.5.7f       yes            4646       Notes 2, 3, & 5
   IRIX 6.5.7f       yes            4647       Notes 2, 3, & 6
   IRIX 6.5.8m       yes            4632       Notes 2, 3, & 4
   IRIX 6.5.8m       yes            4633       Notes 2, 3, & 5
   IRIX 6.5.8m       yes            4644       Notes 2, 3, & 6
   IRIX 6.5.8f       yes            4645       Notes 2, 3, & 4
   IRIX 6.5.8f       yes            4646       Notes 2, 3, & 5
   IRIX 6.5.8f       yes            4647       Notes 2, 3, & 6
   IRIX 6.5.9m       yes            4632       Notes 2, 3, & 4
   IRIX 6.5.9m       yes            4633       Notes 2, 3, & 5
   IRIX 6.5.9m       yes            4644       Notes 2, 3, & 6
   IRIX 6.5.9f       yes            4645       Notes 2, 3, & 4
   IRIX 6.5.9f       yes            4646       Notes 2, 3, & 5
   IRIX 6.5.9f       yes            4647       Notes 2, 3, & 6
   IRIX 6.5.10m      yes            4632       Notes 2, 3, & 4
   IRIX 6.5.10m      yes            4633       Notes 2, 3, & 5
   IRIX 6.5.10m      yes            4644       Notes 2, 3, & 6
   IRIX 6.5.10f      yes            4645       Notes 2, 3, & 4
   IRIX 6.5.10f      yes            4646       Notes 2, 3, & 5
   IRIX 6.5.10f      yes            4647       Notes 2, 3, & 6
   IRIX 6.5.11m      yes            4632       Notes 2, 3, & 4
   IRIX 6.5.11m      yes            4633       Notes 2, 3, & 5
   IRIX 6.5.11m      yes            4644       Notes 2, 3, & 6
   IRIX 6.5.11f      yes            4645       Notes 2, 3, & 4
   IRIX 6.5.11f      yes            4646       Notes 2, 3, & 5
   IRIX 6.5.11f      yes            4647       Notes 2, 3, & 6
   IRIX 6.5.12m      yes            4632       Notes 2, 3, & 4
   IRIX 6.5.12m      yes            4633       Notes 2, 3, & 5
   IRIX 6.5.12m      yes            4644       Notes 2, 3, & 6
   IRIX 6.5.12f      yes            4645       Notes 2, 3, & 4
   IRIX 6.5.12f      yes            4646       Notes 2, 3, & 5
   IRIX 6.5.12f      yes            4647       Notes 2, 3, & 6
   IRIX 6.5.13m      yes            4632       Notes 2, 3, & 4
   IRIX 6.5.13m      yes            4633       Notes 2, 3, & 5
   IRIX 6.5.13m      yes            4644       Notes 2, 3, & 6
   IRIX 6.5.13f      yes            4645       Notes 2, 3, & 4
   IRIX 6.5.13f      yes            4646       Notes 2, 3, & 5
   IRIX 6.5.13f      yes            4647       Notes 2, 3, & 6
   IRIX 6.5.14m      yes            4632       Notes 2, 3, & 4
   IRIX 6.5.14m      yes            4633       Notes 2, 3, & 5
   IRIX 6.5.14m      yes            4644       Notes 2, 3, & 6
   IRIX 6.5.14f      yes            4645       Notes 2, 3, & 4
   IRIX 6.5.14f      yes            4646       Notes 2, 3, & 5
   IRIX 6.5.14f      yes            4647       Notes 2, 3, & 6
   IRIX 6.5.15m      yes            4632       Notes 2, 3, & 4
   IRIX 6.5.15m      yes            4633       Notes 2, 3, & 5
   IRIX 6.5.15m      yes            4644       Notes 2, 3, & 6
   IRIX 6.5.15f      yes            4645       Notes 2, 3, & 4
   IRIX 6.5.15f      yes            4646       Notes 2, 3, & 5
   IRIX 6.5.15f      yes            4647       Notes 2, 3, & 6
   IRIX 6.5.16m      no
   IRIX 6.5.16f      no

   NOTES

     1) This version of the IRIX operating has been retired. Upgrade to an
        actively supported IRIX operating system.  See
        http://support.sgi.com/irix/news/index.html#policy for more
        information.

     2) If you have not received an IRIX 6.5.X CD for IRIX 6.5, contact your
        SGI Support Provider or URL: http://support.sgi.com/irix/swupdates/

     3) Upgrade to IRIX 6.5.16m or 6.5.16f.

     4) This patch is for the Chinese version of WorldView

     5) This patch is for the Japanese version of WorldView

     6) This patch is for the Korean version of WorldView

                ##### Patch File Checksums ####

The actual patch will be a tar file containing the following files:

Filename:                 README.patch.4632
Algorithm #1 (sum -r):    26909 9 README.patch.4632
Algorithm #2 (sum):       65166 9 README.patch.4632
MD5 checksum:             2FD2DA8D620CD6D1AACF3AEBA849A8CC

Filename:                 patchSG0004632
Algorithm #1 (sum -r):    55463 11 patchSG0004632
Algorithm #2 (sum):       45916 11 patchSG0004632
MD5 checksum:             BE1192C3956DA4AFAAAEB20E80B4B871

Filename:                 patchSG0004632.WorldView_base_zh_man
Algorithm #1 (sum -r):    04888 60 patchSG0004632.WorldView_base_zh_man
Algorithm #2 (sum):       11741 60 patchSG0004632.WorldView_base_zh_man
MD5 checksum:             3E9A9291C665ABCB05C226E474025772

Filename:                 patchSG0004632.WorldView_base_zh_sw
Algorithm #1 (sum -r):    10189 8796 patchSG0004632.WorldView_base_zh_sw
Algorithm #2 (sum):       60949 8796 patchSG0004632.WorldView_base_zh_sw
MD5 checksum:             8F10B772F984918DD538B0E22119DC59

Filename:                 patchSG0004632.idb
Algorithm #1 (sum -r):    28940 57 patchSG0004632.idb
Algorithm #2 (sum):       53711 57 patchSG0004632.idb
MD5 checksum:             577BEFF5AF3E74CA26F131022087C213


Filename:                 README.patch.4633
Algorithm #1 (sum -r):    13789 21 README.patch.4633
Algorithm #2 (sum):       36010 21 README.patch.4633
MD5 checksum:             AC34AEC5FA49059C97C4827648CEFF74

Filename:                 patchSG0004633
Algorithm #1 (sum -r):    47911 15 patchSG0004633
Algorithm #2 (sum):       55668 15 patchSG0004633
MD5 checksum:             46189BAFED486CD7EB9C0DE4015CE15A

Filename:                 patchSG0004633.WorldView_base_jp_m_man
Algorithm #1 (sum -r):    58493 534 patchSG0004633.WorldView_base_jp_m_man
Algorithm #2 (sum):       8259 534 patchSG0004633.WorldView_base_jp_m_man
MD5 checksum:             8D11313946D296D067638C172346EE04

Filename:                 patchSG0004633.WorldView_base_jp_m_sw
Algorithm #1 (sum -r):    37659 27483 patchSG0004633.WorldView_base_jp_m_sw
Algorithm #2 (sum):       41431 27483 patchSG0004633.WorldView_base_jp_m_sw
MD5 checksum:             E1FEE921C457B1AEE21BB8FD1A2ED6A5

Filename:                 patchSG0004633.WorldView_base_jp_man
Algorithm #1 (sum -r):    58493 534 patchSG0004633.WorldView_base_jp_man
Algorithm #2 (sum):       8259 534 patchSG0004633.WorldView_base_jp_man
MD5 checksum:             8D11313946D296D067638C172346EE04

Filename:                 patchSG0004633.WorldView_base_jp_sw
Algorithm #1 (sum -r):    37659 27483 patchSG0004633.WorldView_base_jp_sw
Algorithm #2 (sum):       41431 27483 patchSG0004633.WorldView_base_jp_sw
MD5 checksum:             E1FEE921C457B1AEE21BB8FD1A2ED6A5

Filename:                 patchSG0004633.idb
Algorithm #1 (sum -r):    14135 314 patchSG0004633.idb
Algorithm #2 (sum):       32019 314 patchSG0004633.idb
MD5 checksum:             0D88FA74BDD7A36B74429DFDBB1E6F6C


Filename:                 README.patch.4644
Algorithm #1 (sum -r):    26307 9 README.patch.4644
Algorithm #2 (sum):       63058 9 README.patch.4644
MD5 checksum:             20269396EEB1C9CAE21F0390C49E54FA

Filename:                 patchSG0004644
Algorithm #1 (sum -r):    40978 3 patchSG0004644
Algorithm #2 (sum):       45657 3 patchSG0004644
MD5 checksum:             4D6A402C38B0580E20E537F106B4BB89

Filename:                 patchSG0004644.WorldView_base_kr_sw
Algorithm #1 (sum -r):    05837 4367 patchSG0004644.WorldView_base_kr_sw
Algorithm #2 (sum):       46247 4367 patchSG0004644.WorldView_base_kr_sw
MD5 checksum:             4BCA7CED7D3B0C6F0689CC16D63663A3

Filename:                 patchSG0004644.idb
Algorithm #1 (sum -r):    11364 21 patchSG0004644.idb
Algorithm #2 (sum):       37357 21 patchSG0004644.idb
MD5 checksum:             2D1A6C5EE30221791B5F540D632D1DBB


Filename:                 README.patch.4645
Algorithm #1 (sum -r):    56495 8 README.patch.4645
Algorithm #2 (sum):       47628 8 README.patch.4645
MD5 checksum:             8E5184C19213475E394A5E5425E002E0

Filename:                 patchSG0004645
Algorithm #1 (sum -r):    31356 12 patchSG0004645
Algorithm #2 (sum):       42696 12 patchSG0004645
MD5 checksum:             669CFA38E12964A224359E9B047CDA01

Filename:                 patchSG0004645.WorldView_base_zh_man
Algorithm #1 (sum -r):    11175 83 patchSG0004645.WorldView_base_zh_man
Algorithm #2 (sum):       64903 83 patchSG0004645.WorldView_base_zh_man
MD5 checksum:             B2A768642225A7521106BC896F1C3E9C

Filename:                 patchSG0004645.WorldView_base_zh_sw
Algorithm #1 (sum -r):    04097 23742 patchSG0004645.WorldView_base_zh_sw
Algorithm #2 (sum):       29922 23742 patchSG0004645.WorldView_base_zh_sw
MD5 checksum:             D7169017E289DF3ED647D462F886476B

Filename:                 patchSG0004645.idb
Algorithm #1 (sum -r):    22837 68 patchSG0004645.idb
Algorithm #2 (sum):       51368 68 patchSG0004645.idb
MD5 checksum:             9D361EACF451EF4FA87B10C47E24DDFF


Filename:                 README.patch.4646
Algorithm #1 (sum -r):    02166 21 README.patch.4646
Algorithm #2 (sum):       55271 21 README.patch.4646
MD5 checksum:             AD7A9320DF3B27AE959120F1BD38C6D3

Filename:                 patchSG0004646
Algorithm #1 (sum -r):    31477 22 patchSG0004646
Algorithm #2 (sum):       57038 22 patchSG0004646
MD5 checksum:             C8840105CC22BC09566AF59DDAB0CEF0

Filename:                 patchSG0004646.WorldView_base_jp_f_man
Algorithm #1 (sum -r):    12074 787 patchSG0004646.WorldView_base_jp_f_man
Algorithm #2 (sum):       9863 787 patchSG0004646.WorldView_base_jp_f_man
MD5 checksum:             137A3ED0288811FDC8E00FF81976EA9D

Filename:                 patchSG0004646.WorldView_base_jp_f_sw
Algorithm #1 (sum -r):    57843 27481 patchSG0004646.WorldView_base_jp_f_sw
Algorithm #2 (sum):       5392 27481 patchSG0004646.WorldView_base_jp_f_sw
MD5 checksum:             98E94A69F0702DE3FCAD91C72E71555E

Filename:                 patchSG0004646.WorldView_base_jp_man
Algorithm #1 (sum -r):    12074 787 patchSG0004646.WorldView_base_jp_man
Algorithm #2 (sum):       9863 787 patchSG0004646.WorldView_base_jp_man
MD5 checksum:             137A3ED0288811FDC8E00FF81976EA9D

Filename:                 patchSG0004646.WorldView_base_jp_sw
Algorithm #1 (sum -r):    57843 27481 patchSG0004646.WorldView_base_jp_sw
Algorithm #2 (sum):       5392 27481 patchSG0004646.WorldView_base_jp_sw
MD5 checksum:             98E94A69F0702DE3FCAD91C72E71555E

Filename:                 patchSG0004646.idb
Algorithm #1 (sum -r):    49677 344 patchSG0004646.idb
Algorithm #2 (sum):       64578 344 patchSG0004646.idb
MD5 checksum:             89B3B76E5B3E671D05F98CB625A212D0


Filename:                 README.patch.4647
Algorithm #1 (sum -r):    33928 9 README.patch.4647
Algorithm #2 (sum):       60695 9 README.patch.4647
MD5 checksum:             3050E993AF207C20D9CE07F1262315DC

Filename:                 patchSG0004647
Algorithm #1 (sum -r):    26329 3 patchSG0004647
Algorithm #2 (sum):       29776 3 patchSG0004647
MD5 checksum:             8D75C0A403FAE2008EB5830F3417E47D

Filename:                 patchSG0004647.WorldView_base_kr_sw
Algorithm #1 (sum -r):    43891 4367 patchSG0004647.WorldView_base_kr_sw
Algorithm #2 (sum):       38705 4367 patchSG0004647.WorldView_base_kr_sw
MD5 checksum:             556AE9A433FC7A305AF5C3C6A05151AA

Filename:                 patchSG0004647.idb
Algorithm #1 (sum -r):    13883 21 patchSG0004647.idb
Algorithm #2 (sum):       37267 21 patchSG0004647.idb
MD5 checksum:             1E01C64639DE74F3C445C365336A2A1C


- ------------------------
- --- Acknowledgments ----
- ------------------------

SGI wishes to thank FIRST and the users of the Internet Community at large
for their assistance in this matter.


- -------------
- --- Links ---
- -------------

SGI Security Advisories can be found at:
http://www.sgi.com/support/security/ and
ftp://patches.sgi.com/support/free/security/advisories/

SGI Security Patches can be found at:
http://www.sgi.com/support/security/ and
ftp://patches.sgi.com/support/free/security/patches/

SGI patches for IRIX can be found at the following patch servers:
http://support.sgi.com/irix/ and ftp://patches.sgi.com/

SGI freeware updates for IRIX can be found at:
http://freeware.sgi.com/

SGI fixes for SGI open sourced code can be found on:
http://oss.sgi.com/projects/

SGI patches and RPMs for Linux can be found at:
http://support.sgi.com/linux/ or
http://oss.sgi.com/projects/sgilinux-combined/download/security-fixes/

SGI patches for Windows NT or 2000 can be found at:
http://support.sgi.com/nt/

IRIX 5.2-6.4 Recommended/Required Patch Sets can be found at:
http://support.sgi.com/irix/ and ftp://patches.sgi.com/support/patchset/

IRIX 6.5 Maintenance Release Streams can be found at:
http://support.sgi.com/colls/patches/tools/relstream/index.html

IRIX 6.5 Software Update CDs can be obtained from:
http://support.sgi.com/irix/swupdates/

The primary SGI anonymous FTP site for security advisories and patches is
patches.sgi.com (216.32.174.211).  Security advisories and patches are
located under the URL ftp://patches.sgi.com/support/free/security/

For security and patch management reasons, ftp.sgi.com (mirrors
patches.sgi.com security FTP repository) lags behind and does not do a
real-time update.


- -----------------------------------------
- --- SGI Security Information/Contacts ---
- -----------------------------------------

If there are questions about this document, email can be sent to
security-info@....com.

                      ------oOo------

SGI provides security information and patches for use by the entire SGI
community.  This information is freely available to any person needing the
information and is available via anonymous FTP and the Web.

The primary SGI anonymous FTP site for security advisories and patches is
patches.sgi.com (216.32.174.211).  Security advisories and patches are
located under the URL ftp://patches.sgi.com/support/free/security/

The SGI Security Headquarters Web page is accessible at the URL:
http://www.sgi.com/support/security/

For issues with the patches on the FTP sites, email can be sent to
security-info@....com.

For assistance obtaining or working with security patches, please
contact your SGI support provider.

                      ------oOo------

SGI provides a free security mailing list service called wiretap and
encourages interested parties to self-subscribe to receive (via email) all
SGI Security Advisories when they are released. Subscribing to the mailing
list can be done via the Web
(http://www.sgi.com/support/security/wiretap.html) or by sending email to
SGI as outlined below.

% mail wiretap-request@....com
subscribe wiretap <YourEmailAddress such as aaanalyst@....com >
end
^d

In the example above, <YourEmailAddress> is the email address that you wish
the mailing list information sent to.  The word end must be on a separate
line to indicate the end of the body of the message. The control-d (^d) is
used to indicate to the mail program that you are finished composing the
mail message.


                      ------oOo------

SGI provides a comprehensive customer World Wide Web site. This site is
located at http://www.sgi.com/support/security/ .

                      ------oOo------

If there are general security questions on SGI systems, email can be sent to
security-info@....com.

For reporting *NEW* SGI security issues, email can be sent to
security-alert@....com or contact your SGI support provider.  A support
contract is not required for submitting a security report.

______________________________________________________________________________
      This information is provided freely to all interested parties
      and may be redistributed provided that it is not altered in any
      way, SGI is appropriately credited and the document retains and
      includes its valid PGP signature.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBPWQUwLQ4cFApAP75AQGg+wQAvJfYAbn6dP6JQkqB6NIrSHjJd86MtgS5
O0reWu40obEk5DBnnsFlSQkc5AFa2vppn0z1s6RTL6nXw0LB+CXaqSxywdKVzd2d
JR4odtYvVjC04bJSjSjcZu9bGIiaNhiPFz3DCTIEShdyoQSn5RANroSX4GvyoWc1
qIND5E/nKR8=
=pFRh
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ