| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <200311282041.58581.security-announce@turbolinux.co.jp>
From: security-announce at turbolinux.co.jp (Turbolinux)
Subject: [TURBOLINUX SECURITY INFO] 28/Nov/2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
This is an announcement only email list for the x86 architecture.
============================================================
Turbolinux Security Announcement 28/Nov/2003
============================================================
The following page contains the security information of Turbolinux Inc.
- Turbolinux Security Center
http://www.turbolinux.com/security/
(1) fileutils -> ls vulnerabilities
(2) fetchmail -> DoS vulnerability in fetchmail
(3) postgresql -> Buffer overflow
(4) cups -> cups denial of service attack
(5) ethereal -> Multiple vulnerabilities in ethereal
===========================================================
* fileutils -> ls vulnerabilities
===========================================================
More information :
The fileutils package contains several basic system utilities.
An integer overflow in ls in the fileutils or causes a great memory consumption.
Impact :
The remote or local attackers can create a denial of service condition.
Affected Products :
- Turbolinux 10 Desktop
- Turbolinux 8 Server
- Turbolinux 8 Workstation
- Turbolinux 7 Server
- Turbolinux 7 Workstation
- Turbolinux Server 6.5
- Turbolinux Advanced Server 6
- Turbolinux Server 6.1
- Turbolinux Workstation 6.0
Solution :
Please use turbopkg tool to apply the update.
<Turbolinux 10 Desktop>
Source Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/SRPMS/fileutils-4.1.10-6.src.rpm
1727184 9ea15c9c0c48e2b387708c75be2d2389
Binary Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/fileutils-4.1.10-6.i586.rpm
846279 1e992678f1cdadde9b3a6264ce06d70c
<Turbolinux 8 Server>
Source Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/SRPMS/fileutils-4.0.33-15.src.rpm
1851066 425095b282c96b01bf4aa1c0ec1f4949
Binary Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/fileutils-4.0.33-15.i586.rpm
487915 35c55eca885950de707faea85b185479
<Turbolinux 8 Workstation>
Source Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/SRPMS/fileutils-4.0.33-15.src.rpm
1851066 4ace5e2a77097a3d319c0cd976aae1d1
Binary Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/fileutils-4.0.33-15.i586.rpm
487865 db5554c66d3ab84b2c01e959756c4c33
<Turbolinux 7 Server>
Source Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/SRPMS/fileutils-4.0.33-15.src.rpm
1851066 58143feac4a957fe47c8afee9a25debf
Binary Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/fileutils-4.0.33-15.i586.rpm
482453 bace1f6e1eb472e108235f4b6a2c6f12
<Turbolinux 7 Workstation>
Source Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/SRPMS/fileutils-4.0.33-15.src.rpm
1851066 03f9e95e442293a60e038200735ac8f1
Binary Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/fileutils-4.0.33-15.i586.rpm
482353 f7d252fc559f986ac8481036df9f0a72
<Turbolinux Server 6.5>
Source Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/6.5/updates/SRPMS/fileutils-4.0.33-15.src.rpm
1851066 033abc2f9d4229e0a16e2a72f046dc15
Binary Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/6.5/updates/RPMS/fileutils-4.0.33-15.i386.rpm
682431 78937fd3a3845c3ad713cee3b1f68ae3
<Turbolinux Advanced Server 6>
Source Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/AdvancedServer/6/ja/updates/SRPMS/fileutils-4.0.33-15.src.rpm
1851066 fe753768335ffaabbbd4c462c1a2a383
Binary Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/AdvancedServer/6/ja/updates/RPMS/fileutils-4.0.33-15.i386.rpm
682456 37fd3684b2dfc52d939fa09a1d90cc58
<Turbolinux Server 6.1>
Source Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/6.1/ja/updates/SRPMS/fileutils-4.0.33-15.src.rpm
1851066 29bf8628bf52542c7702ec5aedb3b4b5
Binary Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/6.1/ja/updates/RPMS/fileutils-4.0.33-15.i386.rpm
682483 6087c37f157dbd21912b1ed77076f7ce
<Turbolinux Workstation 6.0>
Source Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/6.0/ja/updates/SRPMS/fileutils-4.0.33-15.src.rpm
1851066 09c0d7b4b1f1281c186f56b6fd584512
Binary Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/6.0/ja/updates/RPMS/fileutils-4.0.33-15.i386.rpm
682416 bba966cfd0dea82139855a3cb33b60ab
References :
CVE
[CAN-2003-0853]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0853
[CAN-2003-0854]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0854
===========================================================
* fetchmail -> DoS vulnerability in fetchmail
===========================================================
More information :
Fetchmail is a full-featured, robust, well-documented remote-mail retrieval and
forwarding utility intended to be used over on-demand TCP/IP links (such as SLIP or PPP connections).
A specific crafted email can cause the program to crash.
Impact :
The vulnerability allows an attacker to cause a denial of service of the fetchmail.
Affected Products :
- Turbolinux 10 Desktop
- Turbolinux 8 Server
- Turbolinux 8 Workstation
- Turbolinux 7 Server
- Turbolinux 7 Workstation
- Turbolinux Server 6.5
- Turbolinux Advanced Server 6
- Turbolinux Server 6.1
- Turbolinux Workstation 6.0
Solution :
Please use turbopkg tool to apply the update.
<Turbolinux 10 Desktop>
Source Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/SRPMS/fetchmail-6.2.5-1.src.rpm
1269769 2ba46dfdf878a780048107c8d6b0f862
Binary Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/fetchmail-6.2.5-1.i586.rpm
452080 2370e104c25fddfcf07fd4c748bb4b25
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/fetchmailconf-6.2.5-1.i586.rpm
26366 8385303e6b9426f173c8218a6c40a223
<Turbolinux 8 Server>
Source Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/SRPMS/fetchmail-6.2.5-1.src.rpm
1269769 bcbf4975e4ec2af7ff8b59f7b5453a9f
Binary Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/fetchmail-6.2.5-1.i586.rpm
449111 1129479fcf085f6a6101208317d7944f
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/fetchmailconf-6.2.5-1.i586.rpm
25897 9c72296305ac255a94d0c68c1932fc05
<Turbolinux 8 Workstation>
Source Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/SRPMS/fetchmail-6.2.5-1.src.rpm
1269769 cf32d34e9f9421e2bf6751011e2f8fbe
Binary Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/fetchmail-6.2.5-1.i586.rpm
448059 23f9af17e4fb16debb8fe6392ae5f771
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/fetchmailconf-6.2.5-1.i586.rpm
25886 8420ccd9c17244eb212c87a808ddcd30
<Turbolinux 7 Server>
Source Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/SRPMS/fetchmail-6.2.5-1.src.rpm
1269769 c03d31d556ccdd1c1e7bb0cb7bc31246
Binary Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/fetchmail-6.2.5-1.i586.rpm
445580 7eb19e0cd9dfbba9b1c2dc9ffd1e4539
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/fetchmailconf-6.2.5-1.i586.rpm
25905 adfe41a2e00b498120c1dd252582c820
<Turbolinux 7 Workstation>
Source Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/SRPMS/fetchmail-6.2.5-1.src.rpm
1269769 c61a8dbba1acf4c51636a47a84e08796
Binary Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/fetchmail-6.2.5-1.i586.rpm
445382 35fceb5095e25c7c2b25f9dccf5e7037
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/7/updates/RPMS/fetchmailconf-6.2.5-1.i586.rpm
25904 15829c7e9e2b0e88e29241aef91d4230
<Turbolinux Server 6.5>
Source Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/6.5/updates/SRPMS/fetchmail-6.2.5-1.src.rpm
1269769 40b808a2b1b08bd0c7808dba3eb4eeaf
Binary Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/6.5/updates/RPMS/fetchmail-6.2.5-1.i386.rpm
571442 92ec9dd02da8b7a0c081a5d680997f71
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/6.5/updates/RPMS/fetchmailconf-6.2.5-1.i386.rpm
27318 41cb10d029acd23b260228df389975d7
<Turbolinux Advanced Server 6>
Source Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/AdvancedServer/6/ja/updates/SRPMS/fetchmail-6.2.5-1.src.rpm
1269769 0ba8cf9f2719b4cd50258f0e5bac4e8e
Binary Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/AdvancedServer/6/ja/updates/RPMS/fetchmail-6.2.5-1.i386.rpm
571416 05e6abe980aa3496dd80e50e9ad535f5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/AdvancedServer/6/ja/updates/RPMS/fetchmailconf-6.2.5-1.i386.rpm
27311 9df1c4312ca14486395104d38f5930c5
<Turbolinux Server 6.1>
Source Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/6.1/ja/updates/SRPMS/fetchmail-6.2.5-1.src.rpm
1269769 65982b5a43811be4a9f733ad6501c7a6
Binary Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/6.1/ja/updates/RPMS/fetchmail-6.2.5-1.i386.rpm
571416 3561e31e3712082842db08ee9e049b40
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/6.1/ja/updates/RPMS/fetchmailconf-6.2.5-1.i386.rpm
27322 6566854a22a2e92b5002f3b7412da999
<Turbolinux Workstation 6.0>
Source Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/6.0/ja/updates/SRPMS/fetchmail-6.2.5-1.src.rpm
1269769 3ceaaf8761bcf5c47f4b1237001d62a9
Binary Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/6.0/ja/updates/RPMS/fetchmail-6.2.5-1.i386.rpm
571377 4f559a3da9da3dbcb821867054715a4f
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/6.0/ja/updates/RPMS/fetchmailconf-6.2.5-1.i386.rpm
27304 036d294e83abdd2cc6e3592b01e97eb5
References :
CVE
[CAN-2003-0792]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0792
===========================================================
* postgresql -> Buffer overflow
===========================================================
More information :
PostgreSQL is an advanced Object-Relational database management system.
Buffer overflow in to_ascii for PostgreSQL 7.2.x, and 7.3.x.
The to_ascii() function is normally used to convert text from multibyte encoding format to ASCII.
Impact :
This vulnerability may allow a remote attacker to execute arbitrary code.
Affected Products :
- Turbolinux 8 Server
- Turbolinux 8 Workstation
- Turbolinux 7 Server
Solution :
Please use turbopkg tool to apply the update.
<Turbolinux 10 Desktop>
Source Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/SRPMS/postgresql-7.3-5.src.rpm
11495338 836c934d99bba25542b0c99c07d8a296
Binary Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/postgresql-7.3-5.i586.rpm
1226938 ddfc913fd2006ddda86453a6468027ee
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/postgresql-contrib-7.3-5.i586.rpm
688155 d23c421d3565747073a2a34468d8a2d0
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/postgresql-devel-7.3-5.i586.rpm
573306 4bc8aa5b838814863b8d70c83e89e9be
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/postgresql-docs-7.3-5.i586.rpm
1074765 4f86e59952106cdd7628d1e0310ae488
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/postgresql-libs-7.3-5.i586.rpm
588548 bd01af526c8f6d4258b5aa0f2f6b49be
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/postgresql-odbc-7.3-5.i586.rpm
260682 0408ffa003b34feb0d2b5c03c7453881
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/postgresql-perl-7.3-5.i586.rpm
4566745 9eaf2a0b7771584e8634bdd7e0b92e5a
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/postgresql-python-7.3-5.i586.rpm
121148 650d086c66c7d071b06f831d40dbcf99
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/postgresql-server-7.3-5.i586.rpm
2518608 03afebd0663e03723bc8aa6c1cb0ee7e
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/postgresql-tcl-7.3-5.i586.rpm
182560 5e47c7701a10b9144cc79024f9d2b28d
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/postgresql-test-7.3-5.i586.rpm
909664 546db416154b2e800806ec234d9ab826
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/postgresql-tk-7.3-5.i586.rpm
21705 c5cc9222c5355acd673702a3c6365027
<Turbolinux 8 Server>
Source Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/SRPMS/postgresql-7.2.2-3.src.rpm
9601478 c6db4f032421a4b00527494c272013ef
Binary Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/postgresql-7.2.2-3.i586.rpm
1072147 11c73b7e0ffa691fc2b7258a8566b116
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/postgresql-contrib-7.2.2-3.i586.rpm
985483 309c028a0b281c218b05000c41c6df33
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/postgresql-devel-7.2.2-3.i586.rpm
578722 6de530d2ce27e709d76ebed4c931e2ea
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/postgresql-docs-7.2.2-3.i586.rpm
946973 e078cc7f4c19d2da64223eb04be43733
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/postgresql-jdbc-7.2.2-3.i586.rpm
377965 f735a0374d7444919d850e2d8d333a93
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/postgresql-libs-7.2.2-3.i586.rpm
86344 8d7060f4473b734b3b3f412ccaf6ec45
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/postgresql-odbc-7.2.2-3.i586.rpm
109219 d303e21e0763d614232176957b63b4c8
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/postgresql-perl-7.2.2-3.i586.rpm
59027 91d87b231f2927a68a2452f57878f2c4
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/postgresql-python-7.2.2-3.i586.rpm
66688 f9fa377e3238f8413b6ff80f8e1d282f
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/postgresql-server-7.2.2-3.i586.rpm
1334072 9e9b24ed99e8bb2b9aef9f7a5c022ff5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/postgresql-tcl-7.2.2-3.i586.rpm
50095 f2b4fdb60491c96057b3d264ff4ab84b
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/postgresql-test-7.2.2-3.i586.rpm
863196 75e1447eead25ddeb5518f3af43f7245
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/postgresql-tk-7.2.2-3.i586.rpm
423709 819a07e6552e3b8085fa98ec8d894181
<Turbolinux 8 Workstation>
Source Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/SRPMS/postgresql-7.2.2-3.src.rpm
9601478 97a1f775e848d520dc73abb4a76bf687
Binary Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/postgresql-7.2.2-3.i586.rpm
1071785 b2e8183f87e7caef4f35443121c7c39b
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/postgresql-contrib-7.2.2-3.i586.rpm
984120 797bffe97017ab99f51d9de2dd129a5b
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/postgresql-devel-7.2.2-3.i586.rpm
579622 8cc936704a3f438f9e8aac5b278a4c46
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/postgresql-docs-7.2.2-3.i586.rpm
946248 277873ffdbf8774b5f6b09d560aee85b
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/postgresql-jdbc-7.2.2-3.i586.rpm
377968 3847264ae014919d620a3d646d6665f3
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/postgresql-libs-7.2.2-3.i586.rpm
86321 5538c8f28fa2bd1fb3bfedff47fc8863
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/postgresql-odbc-7.2.2-3.i586.rpm
109197 506b3ce35043e2a2b75104cdc6e1159c
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/postgresql-perl-7.2.2-3.i586.rpm
59049 7a274d4015ce7eee189030842976cabc
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/postgresql-python-7.2.2-3.i586.rpm
66605 fa801df563e9d5bed756b8ebbdb9dac2
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/postgresql-server-7.2.2-3.i586.rpm
1333386 64fd9ff25e8d3c8f7792280c27ebe86c
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/postgresql-tcl-7.2.2-3.i586.rpm
50104 c704ba6a835826c5ae0b0981fea8ce91
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/postgresql-test-7.2.2-3.i586.rpm
863147 cb9cd4bbbd2bd7c3341ac420ff5cc992
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/postgresql-tk-7.2.2-3.i586.rpm
423857 3937fe09cf866ae88c4edc01a8ec9b57
<Turbolinux 7 Server>
Source Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/SRPMS/postgresql-7.2.2-3.src.rpm
9601478 9ae436f96891146aadb9db6bbe47f813
Binary Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/postgresql-7.2.2-3.i586.rpm
1068712 b1099afb2f160bf305de570afa5462e0
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/postgresql-contrib-7.2.2-3.i586.rpm
979496 883381de89051aae17367ca2b1112c07
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/postgresql-devel-7.2.2-3.i586.rpm
567973 a5bb5eab9a3759e9ab80b734a5c4de64
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/postgresql-docs-7.2.2-3.i586.rpm
946794 acecf16d7a9ce0e8afcb170f5a8657a9
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/postgresql-jdbc-7.2.2-3.i586.rpm
378029 39eed9dbd8da9b24bc85a64f03645f1f
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/postgresql-libs-7.2.2-3.i586.rpm
84212 c419aafd6a7fd33c4488cd3015cc0543
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/postgresql-odbc-7.2.2-3.i586.rpm
106819 0c7c9993398fd040da4be01a4a02a585
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/postgresql-perl-7.2.2-3.i586.rpm
86879 fdd5fbf2cd7e0eb04b07a5288efe49fa
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/postgresql-python-7.2.2-3.i586.rpm
66191 a7aa70b8ccd17055379f7a64f091df39
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/postgresql-server-7.2.2-3.i586.rpm
1309390 8fd0192c22817f00b3b5ba8db19912ee
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/postgresql-tcl-7.2.2-3.i586.rpm
50458 3ae4d3e405075ebf1f1699872fb38446
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/postgresql-test-7.2.2-3.i586.rpm
863058 59edd764413f280362411d4817e1cb49
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/updates/RPMS/postgresql-tk-7.2.2-3.i586.rpm
423942 1f06f11e81651dc049fe0fc040121c34
References :
CVE
[CAN-2003-0901]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0901
===========================================================
* cups -> cups denial of service attack
===========================================================
More information :
The CUPS (Common UNIX Printing System) provides a portable printing layer for
UNIX/Linux operating systems.
Unknown vulnerability in the Internet Printing Protocol (IPP) implementation
in CUPS version prior to 1.1.19.
Impact :
The vulnerability allows remote attackers to cause a denial of service.
Affected Products :
- Turbolinux 8 Server
- Turbolinux 8 Workstation
Solution :
Please use turbopkg tool to apply the update.
<Turbolinux 8 Server>
Source Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/SRPMS/cups-1.1.19-11.src.rpm
4190239 fa2296374166017e3d5884b317e82020
Binary Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/cups-1.1.19-11.i586.rpm
2494947 171a683f9a2eecdf0e002fcc22d2ca01
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/cups-devel-1.1.19-11.i586.rpm
114655 27da64cd9a96bfc554701f834f40e56a
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/updates/RPMS/cups-libs-1.1.19-11.i586.rpm
92327 c0b65479d953b859c7049cbb5999e263
<Turbolinux 8 Workstation>
Source Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/SRPMS/cups-1.1.19-11.src.rpm
4190239 6cdf69eeae8c99fa5c8fab23aa2a706f
Binary Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/cups-1.1.19-11.i586.rpm
2496076 34a2f0257043f0ba95be6668f49d56f2
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/cups-devel-1.1.19-11.i586.rpm
114688 ec848f27af3b449b31f40bc14df0d525
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/8/updates/RPMS/cups-libs-1.1.19-11.i586.rpm
92332 c93aada2dc65495c648ae28f368ad347
References :
CUPS org
http://www.cups.org/str.php?L315+P0+S0+C0+I0+E0+Q
CVE
[CAN-2003-0788]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0788
===========================================================
* ethereal -> Multiple vulnerabilities in ethereal
===========================================================
More information :
Ethereal is a network traffic analyzer for Unix-ish operating systems.
An improperly formatted GTP MSISDN string can cause a buffer overflow.
A malformed ISAKMP or MEGACO packet could make Ethereal or Tethereal crash.
Also a heap overflow exists in the SOCKS dissector.
Impact :
This vulnerability may allow a remote attacker to execute arbitrary code.
Affected Products :
- Turbolinux 10 Desktop
Solution :
Please use turbopkg tool to apply the update.
<Turbolinux 10 Desktop>
Source Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/SRPMS/ethereal-0.9.16-1.src.rpm
5402047 038d0adf5efd837e75e75b08704788e1
Binary Packages
Size : MD5
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/ethereal-0.9.16-1.i586.rpm
5404979 9ce02ed8b6af7e6ae7a5e7a50054a137
References :
Ethereal.com
[Security problems in Ethereal 0.9.15]
http://www.ethereal.com/appnotes/enpa-sa-00011.html
CVE
[CAN-2003-0925]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0925
[CAN-2003-0926]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0926
[CAN-2003-0927]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0927
* You may need to update the turbopkg tool before applying the update.
Please refer to the following URL for detailed information.
http://www.turbolinux.com/download/zabom.html
http://www.turbolinux.com/download/zabomupdate.html
Package Update Path
http://www.turbolinux.com/update
============================================================
* To obtain the public key
Here is the public key
http://www.turbolinux.com/security/
* To unsubscribe from the list
If you ever want to remove yourself from this mailing list,
you can send a message to <server-users-e-ctl@...bolinux.co.jp> with
the word `unsubscribe' in the body (don't include the quotes).
unsubscribe
* To change your email address
If you ever want to chage email address in this mailing list,
you can send a message to <server-users-e-ctl@...bolinux.co.jp> with
the following command in the message body:
chaddr 'old address' 'new address'
If you have any questions or problems, please contact
<supp_info@...bolinux.co.jp>
Thank you!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQE/xzR9K0LzjOqIJMwRAl0XAJ9zQQGVRk0Gir9msPIXhpNwpkqjXwCfVnHp
qM/9RRV4BwuEXp0jbJYpJiI=
=H51o
-----END PGP SIGNATURE-----
Powered by blists - more mailing lists