[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20040421222239.11455.qmail@updates.mandrakesoft.com>
From: security at linux-mandrake.com (Mandrake Linux Security Team)
Subject: MDKSA-2004:031-1 - Updated utempter packages fix several vulnerabilities
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: utempter
Advisory ID: MDKSA-2004:031-1
Date: April 21st, 2004
Original Advisory Date: April 19th, 2004
Affected versions: 10.0, 9.1, 9.2, Corporate Server 2.1,
Multi Network Firewall 8.2
______________________________________________________________________
Problem Description:
Steve Grubb discovered two potential issues in the utempter program:
1) If the path to the device contained /../ or /./ or //, the
program was not exiting as it should. It would be possible to use something
like /dev/../tmp/tty0, and then if /tmp/tty0 were deleted and symlinked
to another important file, programs that have root privileges that do no
further validation can then overwrite whatever the symlink pointed to.
2) Several calls to strncpy without a manual termination of the string.
This would most likely crash utempter.
The updated packages are patched to correct these problems.
Update:
The second portion of the patch to address the manual termination of
the string has been determined to be uneccessary, as well as reducing the
length of utmp strings by one character. As such, it has been removed.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0233
______________________________________________________________________
Updated Packages:
Mandrakelinux 10.0:
20728c199dc84538cc1c1c5db70b6784 10.0/SRPMS/utempter-0.5.2-12.2.100mdk.src.rpm
295d91a84f7495ec66796b06317a6e50 10.0/RPMS/libutempter0-0.5.2-12.2.100mdk.i586.rpm
f6a6a5bff4c46f68f2e2039f88e281b9 10.0/RPMS/libutempter0-devel-0.5.2-12.2.100mdk.i586.rpm
80064975fddb9184eed63988ab8d5144 10.0/RPMS/utempter-0.5.2-12.2.100mdk.i586.rpm
Corporate Server 2.1:
9c88fb56dd2bf5be45b667dd986b6a93 corporate/2.1/SRPMS/utempter-0.5.2-11.2.C21mdk.src.rpm
dc2b4c0b75f5829b01e5711a48575acb corporate/2.1/RPMS/libutempter0-0.5.2-11.2.C21mdk.i586.rpm
234bf4cd1d11f03999d0389dfb1b92a0 corporate/2.1/RPMS/libutempter0-devel-0.5.2-11.2.C21mdk.i586.rpm
d8c8193245ee4bb4dd0b29934710d616 corporate/2.1/RPMS/utempter-0.5.2-11.2.C21mdk.i586.rpm
Corporate Server 2.1/x86_64:
9c88fb56dd2bf5be45b667dd986b6a93 x86_64/corporate/2.1/SRPMS/utempter-0.5.2-11.2.C21mdk.src.rpm
c633f8b5c17c2c2005b7ea2e83f88ad3 x86_64/corporate/2.1/RPMS/libutempter0-0.5.2-11.2.C21mdk.x86_64.rpm
68d6d623e6c20493301d78dc51b64ae6 x86_64/corporate/2.1/RPMS/libutempter0-devel-0.5.2-11.2.C21mdk.x86_64.rpm
dab90f2133385bf148f104f95031e95b x86_64/corporate/2.1/RPMS/utempter-0.5.2-11.2.C21mdk.x86_64.rpm
Mandrakelinux 9.1:
d5130114cb6a6eac57b13eb91abfef36 9.1/SRPMS/utempter-0.5.2-10.2.91mdk.src.rpm
0593f4150d6eae47c91e844e39b45a98 9.1/RPMS/libutempter0-0.5.2-10.2.91mdk.i586.rpm
9fa7cc39c0f06052be6e6a8a961e2ccd 9.1/RPMS/libutempter0-devel-0.5.2-10.2.91mdk.i586.rpm
0000bb29eff9317cb386eb5674c5f8e3 9.1/RPMS/utempter-0.5.2-10.2.91mdk.i586.rpm
Mandrakelinux 9.1/PPC:
d5130114cb6a6eac57b13eb91abfef36 ppc/9.1/SRPMS/utempter-0.5.2-10.2.91mdk.src.rpm
b63ef5b274759fd8c72f1b756b343275 ppc/9.1/RPMS/libutempter0-0.5.2-10.2.91mdk.ppc.rpm
ee58c267af2148950cd8ddf0dbd2829f ppc/9.1/RPMS/libutempter0-devel-0.5.2-10.2.91mdk.ppc.rpm
d0d22b0acaa39b6a55763c36fb5ba06c ppc/9.1/RPMS/utempter-0.5.2-10.2.91mdk.ppc.rpm
Mandrakelinux 9.2:
7e74a057a62e7b9b673ce6d67afa7787 9.2/SRPMS/utempter-0.5.2-12.2.92mdk.src.rpm
70753671ed9759554caebf40a5e6045c 9.2/RPMS/libutempter0-0.5.2-12.2.92mdk.i586.rpm
ae1cad0a2d1bb89c2311f1a331b3af84 9.2/RPMS/libutempter0-devel-0.5.2-12.2.92mdk.i586.rpm
622767f0ce4824a0d70424932954b5d6 9.2/RPMS/utempter-0.5.2-12.2.92mdk.i586.rpm
Mandrakelinux 9.2/AMD64:
7e74a057a62e7b9b673ce6d67afa7787 amd64/9.2/SRPMS/utempter-0.5.2-12.2.92mdk.src.rpm
1b3fe88346c0abc0f964f397c033b234 amd64/9.2/RPMS/lib64utempter0-0.5.2-12.2.92mdk.amd64.rpm
bfc40facd647fe21e22f1753556b3e33 amd64/9.2/RPMS/lib64utempter0-devel-0.5.2-12.2.92mdk.amd64.rpm
3aa865490f19b372a47e34157bbcdaff amd64/9.2/RPMS/utempter-0.5.2-12.2.92mdk.amd64.rpm
Multi Network Firewall 8.2:
3d1f7e6a11e8d342a625a5f2c849ac98 mnf8.2/SRPMS/utempter-0.5.2-5.2.M82mdk.src.rpm
7b5a0a2804484629e48956f0173bd034 mnf8.2/RPMS/libutempter0-0.5.2-5.2.M82mdk.i586.rpm
e0187ad9c7ab211e1a6a51344da3ec59 mnf8.2/RPMS/libutempter0-devel-0.5.2-5.2.M82mdk.i586.rpm
fe94436a22a4547e9d5b499076b431b9 mnf8.2/RPMS/utempter-0.5.2-5.2.M82mdk.i586.rpm
_______________________________________________________________________
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
A list of FTP mirrors can be obtained from:
http://www.mandrakesecure.net/en/ftp.php
All packages are signed by Mandrakesoft for security. You can obtain
the GPG public key of the Mandrakelinux Security Team by executing:
gpg --recv-keys --keyserver www.mandrakesecure.net 0x22458A98
Please be aware that sometimes it takes the mirrors a few hours to
update.
You can view other update advisories for Mandrakelinux at:
http://www.mandrakesecure.net/en/advisories/
Mandrakesoft has several security-related mailing list services that
anyone can subscribe to. Information on these lists can be obtained by
visiting:
http://www.mandrakesecure.net/en/mlist.php
If you want to report vulnerabilities, please contact
security_linux-mandrake.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team
<security linux-mandrake.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQFAhvQvmqjQ0CJFipgRApDdAJ4kEeNNdqpcnvIHVnNQwTMTgV82zwCeJI2d
CPruJjkPeKUUTT+62rRib4U=
=oJ1E
-----END PGP SIGNATURE-----
Powered by blists - more mailing lists