[3643] in linux-announce channel archive
Linux-Announce Digest #934
daemon@ATHENA.MIT.EDU (Digestifier)
Sat Mar 24 12:26:03 2001
Message-ID: <20010324171303.16643.qmail@senator-bedfellow.mit.edu>
From: Digestifier <Linux-Announce-Request@senator-bedfellow.mit.edu>
To: Linux-Announce@senator-bedfellow.mit.edu
Reply-To: Linux-Announce@senator-bedfellow.mit.edu
Date: Sat, 24 Mar 01 12:13:02 EST
Linux-Announce Digest #934, Volume #3 Sat, 24 Mar 01 12:13:02 EST
Contents:
SECURITY - SecurityPortal - Weekly Linux Security Digest - 2001/03/05 to 2001/03/11 ("Kurt Seifried")
----------------------------------------------------------------------------
From: "Kurt Seifried" <seifried@securityportal.com>
Subject: SECURITY - SecurityPortal - Weekly Linux Security Digest - 2001/03/05 to 2001/03/11
Date: Sat, 24 Mar 2001 17:00:03 GMT
Reply-To: "Kurt Seifried" <seifried@securityportal.com>
=====BEGIN PGP SIGNED MESSAGE=====
============================================================
Weekly Linux Security Digest
2001/03/05 to 2001/03/11
============================================================
By Kurt Seifried (seifried@securityportal.com) for SecurityPortal
Weekly Linux Security Digest Archive
http://securityportal.com/research/research.wsl.html
- ------------------------------------------------------------
The Rundown
- ------------------------------------------------------------
A busy week with Debian issuing almost a dozen advisories and Mandrake
issuing quite a few. Problems were found in joe, CUPS and numerous other
applications. A PHPIMAP overflow has been found, but it only affects some
people running webmail services based on PHP, so isn't a huge concern for
most, luckily. Also a problem in Mailman - an administrator could
potentially get ahold of user passwords used in Mailman. Again not a
terribly huge risk, but a fix has been issued. Also, a new nmap beta has
been released (YAY!!).
We lead off with general advisories and exploit code, then move to vendor
advisories. Most items appear in alphabetical order. If we're missing a
Linux vendor's advisory, please tell us - ditto for any Linux-related
security alerts. The long strings of hex in front of package names are MD5
signatures.
Exploits are housed here.
http://securityportal.com/research/exploits/linux/
- ------------------------------------------------------------
General Advisories and Exploits
- ------------------------------------------------------------
- -- PHP IMAP overflow --
>From the advisory by geekgang www.geekgang.co.uk:
PHP 4.0.4 contains a fix for a buffer overflow in the imap module.
Unfortunately this fix breaks the imap module under some circumstances due
to its interaction with the WU c-client library which PHP uses to implement
the imap protocol.
The imap module in PHP contained a buffer overflow in versions prior to
4.0.4, due to improper use of strcpy(). The fix in 4.0.4 resolves the strcpy
() problem, but causes the imap module to fail under some circumstances.
For example, the IMP WebMail system fails to work correctly under 4.0.4, so
PHP 4.0.3 is extensively deployed for use with IMP.
A number of WebMail systems are likely to be vulnerable to this issue.
The PHP imap module relies on the WU c-client library to actually perform
imap (and POP3, NNTP and local mailbox) requests. Additionally, the c-
client library uses callbacks into PHP in order to ascertain the username
and password for the requested connection.
The patch in PHP 4.0.4 changed the behavior of the imap module such that
the username and password is no longer stored beyond the initial imap_open
() call. However, the c-client library may still call the callback function
to retrieve the username and password outside of this call, which then
returns garbage data. For example, the imap_reopen() function triggers this
call sequence.
This issue appears to be fixed in the current CVS version of PHP (I haven't
tested it, just looked at the code).
The gsa2001-01.diff patch against php-4.0.4pl1 reverts the imap module to
4.0.3 behavior, without reintroducing the buffer overflow.
- -- Mailman --
>From the advisory released by the Mailman team:
I've just uploaded the Mailman 2.0.2 release to SourceForge. This is a bug
fix release that also fixes a potential privacy hole, which could allow a
list administrator to get access to user passwords. Even with those
passwords, I believe there's little additional harm that a list admin could
do, but still they probably shouldn't have access to those passwords.
There are a few other important fixes in this release, so I recommend that
all sites running Mailman 2.0 or 2.0.1 should upgrade.
As usual I'm releasing this as both a complete tarball and as a patch
against Mailman 2.0.1. If you grab the patchfile, you'll want to cd into
your 2.0 source, and apply it like so:
% patch -p1 < mailman-2.0.1-2.0.2.diff Currently only
http://mailman.sourceforge.net is updated, but the list.org and gnu.org
sites should be updated soon. The release information on SF is at
http://sourceforge.net/project/shownotes.php?r
elease_id=25955
My thanks to Thomas Wouters for his help!
Enjoy,
- -Barry
- -- Joe --
>From the ImmunixOS advisory:
The version of joe shipped in Immunix OS 6.2 and 7.0-beta looks for a
configuration file in the current working directory, the user's home
directory and in /etc/joe. A malicious user could create their own .joerc
configuration file and try to get other users to use it. If this happens,
the user could execute malicious commands with their own user id and
privilege. This problem was originally reported by WKIT Security AB and
more information on it can be found at
http://www.wkit.com/content/eng/advisories/wsi
r0202.txt
- ------------------------------------------------------------
Announcements of New Tools/Projects
- ------------------------------------------------------------
- -- Nmap 2.54Beta21 Release --
Some people have been asking me "is nmap development dead?" because the
last public release was BETA7 last October. Don't worry -- the Nmap
development effort is as strong as ever! I have been restructuring the code
significantly, and didn't want to risk an unstable public release. So the
last 13 versions have only gone to the nmap-dev list (the guinea pigs for
that sort of thing). I have also been very busy.
I am not done restructuring yet, but too much good stuff and bugfixes have
gone into this release for me to delay any longer.
For those of you running Linux/x86 w/a recent version of rpm (www.rpm.org),
you can install/upgrade to the newest version of nmap/nmapfe with these
commands:
rpm -vhU (nmap url)
where (nmap url) is one (or both) of these:
http://www.insecure.org/nmap/dist/nmap-2.54BETA
21-1.i386.rpm
http://www.insecure.org/nmap/dist/nmap-frontend-0.
2.54BETA21-1.i386.rpm
source tarballs and source RPMs are always available at:
http://www.insecure.org/nmap/#download
For the more paranoid (smart) members of the list, here are the md5 hashes:
f86e5c8e2d8fb238bb35c081784be8b8
nmap-2.54BETA21-1.i386.rpm
9ec868a28d1ce1bb77f67c301bf8189b
nmap-2.54BETA21-1.src.rpm
731199e10c9c243e83b3122f262acf64
nmap-2.54BETA21.tgz
b7b302c7e466f9b4b23cf8ac8f4949d7
nmap-frontend-0.2.54BETA21-1.i386.rpm
[ Yes, I should really GPG sign this email too ]
- -- Format Bug Paper --
A paper on format bugs is available at:
http://www.securityfocus.com/data/library/format-bug
- -analysis.pdf.
I highly recommend reading it.
- -- vsftpd-0.0.14 --
ftp://ferret.lmh.ox.ac.uk/pub/linux/vsftpd-0.0.14.tar.gz
The was going to be a feature freeze release, but that didn't happen. I
need to get v14 out to fix an irritating data connection timeout whereby
the timeone will sometime trigger incorrectly :-/
Many thanks to Joshua Hill for reporting and fixing that bug. Other new
stuff:
- - chroot() on a per user basis
- - list of anonymous e-mail addresses to deny
- - non-PAM authentication support
- - range restriction available on PASV ports
- - a vsftpd.conf.5 man page whoo hoo
- - small performance boosts, including nailing a quadratic(!) algorithm
parsing the config file, and .message files.
Plans: the next release should be a feature freeze release. After that,
focus will switch to making vsftpd extremely stable/tested, and also very
carefully audited, just in case. The currently screwy signal/timeout
handling will get fixed for the next release.
Let me know if v0.0.14 contains any other bonehead bugs.
- -- Vorpal Mail 0.6.0 --
Vorpal Mail is an easily configurable but flexible replacement for
sendmail, supporting advanced features such as virus scanning, virtual
domains, etc. http://www.virtua-web.co.uk/vindex.html
- -- Virtual FTPD 6.5.3 --
Based on the Linux port of the OpenBSD daemon, VFTPD allows you to give
secure FTP access to people without creating real system users for them. It
also feature various security enhancements designed to stop anyone from
leveraging more acces to the system, even if they have somehow gained
control of the ftp daemon and its configuration files.
http://startuplinux.com/software.html
- -- Kernel Change-UID 0.3 --
kchuid is an experimental Linux kernel module that allows you to change the
UID/GID/CAPS of a running process (by PID). Think of it as providing a
setuid() system call that also has a pid_t argument. It's the first step in
a full authentication system, and further, a full Unixish system devoid of
setuid binaries/scripts. http://www.nimh.org/code.shtml
- ------------------------------------------------------------
Vendor Advisories and Patches
- ------------------------------------------------------------
- -- Caldera --
No patches issued.
- -- Conectiva --
No patches issued.
- -- Debian --
DSA-011-2 - In Debian Security Advisory DSA 011-1 we have reported insecure
creation of temporary files in the mgetty package that have been fixed. For
details please read the main advisory.
The most recent advisory covering proftpd missed two architectures that
were released with Debian GNU/Linux 2.2. Therefore this advisory is only an
addition to DSA 011-1 and only adds the relevant package for the Motorola
680x0 and PowerPC architecture.
We recommend you upgrade your mgetty packages for m68k immediately.
c175cdd07927e5a6e9f6ebecbd91366b
http://security.debian.org/dists/stable/updates/main
/binary-m68k/mgetty-fax_1.1.21-3potato1_m68k.d
eb
8aa48ed8b00d7873452cac3970c47877
http://security.debian.org/dists/stable/updates/main
/binary-m68k/mgetty-viewfax_1.1.21-3potato1_m6
8k.deb
89a9c11cfaa04cac4f2cc752714e1f3f
http://security.debian.org/dists/stable/updates/main
/binary-m68k/mgetty-voice_1.1.21-3potato1_m68k
..deb
40b004e0dcaad89253a552e823809f7a
http://security.debian.org/dists/stable/updates/main
/binary-m68k/mgetty_1.1.21-3potato1_m68k.deb
fe951cbfbbd37d26cd7c210ee9eee8a1
http://security.debian.org/dists/stable/updates/main
/binary-powerpc/mgetty_1.1.21-3potato1_powerpc
..deb
e9b3c8b63f82333cc8cb22eeecaaa1c9
http://security.debian.org/dists/stable/updates/main
/binary-powerpc/mgetty-fax_1.1.21-3potato1_powe
rpc.deb
afbed28e1382f53cfdca42c089d56516
http://security.debian.org/dists/stable/updates/main
/binary-powerpc/mgetty-viewfax_1.1.21-3potato1_p
owerpc.deb
244d5c6525382b342117ec2e72ee0f1c
http://security.debian.org/dists/stable/updates/main
/binary-powerpc/mgetty-voice_1.1.21-3potato1_po
werpc.deb
DSA-029-2 - ProFTPD - In Debian Security Advisory DSA 029-1 we have
reported several vulnerabilities in proftpd that have been fixed. For
details please read the main advisory. This upload fixes:
- - A memory leak which can result in a denial of service, as reported by
Wojciech Purczynski. The default configuration of proftpd in Debian is not
vulnerable.
- - A similar memory leak affects the USER command, also as reported by
Wojciech Purczynski.
- - Format string vulnerabilities reported by Przemyslaw Frasunek.
The most recent advisory covering proftpd missed one architecture that was
released with Debian GNU/Linux 2.2. Therefore this advisory is only an
addition to DSA 029-1 and only adds the relevant package for the Motorola
680x0 architecture.
96315bb133a487e81944e6cef2358d09
http://security.debian.org/dists/stable/updates/main
/binary-m68k/proftpd_1.2.0pre10-2potato1_m68k.
deb
DSA-031-2 - sudo - Todd Miller announced a new version of sudo which
corrects a buffer overflow that could potentially be used to gain root
privilages on the local system. This bugfix has been backported to the
version which was used in Debian GNU/Linux 2.2.
The most recent advisory covering sudo missed one architecture that was
released with 2.2. Therefore this advisory is only an addition to DSA 031-1
and only adds the relevant package for the powerpc architecture.
aed5d9d437b614ab8495cbafe2d421ac
http://security.debian.org/dists/stable/updates/main
/binary-powerpc/sudo_1.6.2p2-1potato1_powerpc.
deb
DSA-032-2 - ProFTPD - The following problems have been reported for the
version of proftpd in Debian 2.2 (potato):
- - There is a configuration error in the postinst script, when the user
enters 'yes', when asked if anonymous access should be enabled. The
postinst script wrongly leaves the 'run as uid/gid root' configuration
option in /etc/proftpd.conf, and adds a 'run as uid/gid nobody' option that
has no effect.
- - There is a bug that comes up when /var is a symlink, and proftpd is
restarted. When stopping proftpd, the /var symlink is removed; when it's
started again a file named /var is created.
The above problems have been corrected in proftpd-1.2.0pre10-2.0potato1. We
recommend you upgrade your proftpd package immediately.
This is an update to the DSA-032-1 advisory. The powerpc package that was
listed in that advisory was unfortunately compiled on the wrong system
which caused it to not work on a Debian GNU/Linux 2.2 system.
d75281d5332b005efd94ad0ff5ac3f63
http://security.debian.org/dists/stable/updates/main
/source/proftpd_1.2.0pre10-2.0potato1.diff.gz
8ff4de189c0b986ab4496ef7ae6467f4
http://security.debian.org/dists/stable/updates/main
/source/proftpd_1.2.0pre10-2.0potato1.dsc
a1c25e59bb4281e2f83000796dc52388
http://security.debian.org/dists/stable/updates/main/
source/proftpd_1.2.0pre10.orig.tar.gz
2e3d924a93692fc546f76fadf6e35cf7
http://security.debian.org/dists/stable/updates/main
/binary-alpha/proftpd_1.2.0pre10-2.0potato1_alph
a.deb
2e2e9a921f45c6c73f0c0a1ba2c7fb13
http://security.debian.org/dists/stable/updates/main
/binary-arm/proftpd_1.2.0pre10-2.0potato1_arm.d
eb
9c0ff3c87e4802316081775fcf80c5d2
http://security.debian.org/dists/stable/updates/main
/binary-i386/proftpd_1.2.0pre10-2.0potato1_i386.
deb
615709bf8777da7939217cf316c529b7
http://security.debian.org/dists/stable/updates/main
/binary-m68k/proftpd_1.2.0pre10-2.0potato1_m68
k.deb
710e1b324dc8962c14919d0e58078740
http://security.debian.org/dists/stable/updates/main
/binary-powerpc/proftpd_1.2.0pre10-2.0potato1.1_
powerpc.deb
c99f335bca49f98867b1a9c473c97edc
http://security.debian.org/dists/stable/updates/main
/binary-sparc/proftpd_1.2.0pre10-2.0potato1_spar
c.deb
DSA-033-1 - analog - The author of analog, Stephen Turner, has found a
buffer overflow bug in all versions of analog except of version 4.16. A
malicious user could use an ALIAS command to construct very long strings
which were not checked for length and boundaries. This bug is particularly
dangerous if the form interface (which allows unknown users to run the
program via a CGI script) has been installed. There doesn't seem to be a
known exploit.
7bfd2e731d39bf5073f2ca5d83f27c03
http://security.debian.org/dists/stable/updates/main/so
urce/analog_4.01.orig.tar.gz
943c6acbea97b7c2f36f45be947f4c7f
http://security.debian.org/dists/stable/updates/main/so
urce/analog_4.01-1potato1.dsc
ca589f176699884d97d8297a2bda2e38
http://security.debian.org/dists/stable/updates/main/so
urce/analog_4.01-1potato1.diff.gz
67250cafaeca7404a219a9ebf49f3e54
http://security.debian.org/dists/stable/updates/main
/binary-i386/analog_4.01-1potato1_i386.deb
06722f7b432bee16c99d24141e96d76c
http://security.debian.org/dists/stable/updates/main
/binary-m68k/analog_4.01-1potato1_m68k.deb
267891eda02bf3c54fc76645b7f093c2
http://security.debian.org/dists/stable/updates/main
/binary-sparc/analog_4.01-1potato1_sparc.deb
8c2312f9216cc20bd2495a7e9b8e9855
http://security.debian.org/dists/stable/updates/main
/binary-alpha/analog_4.01-1potato1_alpha.deb
deb1cbbafa9daac403b6f2e3ab024fc7
http://security.debian.org/dists/stable/updates/main
/binary-powerpc/analog_4.01-1potato1_powerpc.deb
a15022522f60a878958d5a3243fcc1c2
http://security.debian.org/dists/stable/updates/main
/binary-arm/analog_4.01-1potato1_arm.deb
DSA-034-1 - ePerl - Fumitoshi Ukai and Denis Barbier have found several
potential buffer overflow bugs in our version of ePerl as distributed in
all of our distributions.
When eperl is installed setuid root, it can switch to the UID/GID of the
scripts owner. Although Debian doesn't ship the program setuid root, this
is a useful feature which people may have activated locally. When the
program is used as /usr/lib/cgi-bin/nph-eperl the bugs could lead into a
remote vulnerability as well.
e15ca9f85d8b5265f5b992d6a3dc4ac6
http://security.debian.org/dists/stable/updates/main/so
urce/eperl_2.2.14-0.7potato2.diff.gz
260a3dd611c5a637460adca94d3929c0
http://security.debian.org/dists/stable/updates/main/so
urce/eperl_2.2.14-0.7potato2.dsc
0213580b6711b5312d1873f9732ae8d6
http://security.debian.org/dists/stable/updates/main/sou
rce/eperl_2.2.14.orig.tar.gz
9675e82dd0a6a04ce32dca5a30bed8bc
http://security.debian.org/dists/stable/updates/main
/binary-i386/eperl_2.2.14-0.7potato2_i386.deb
c6b4cf3e84020a3baf0f913edda039e3
http://security.debian.org/dists/stable/updates/main
/binary-m68k/eperl_2.2.14-0.7potato2_m68k.deb
0218aff205881cf26319c5d1a4dbf1eb
http://security.debian.org/dists/stable/updates/main
/binary-sparc/eperl_2.2.14-0.7potato2_sparc.deb
b1fcca3e86e223622c12c9c3d904a7e0
http://security.debian.org/dists/stable/updates/main
/binary-alpha/eperl_2.2.14-0.7potato2_alpha.deb
2ac8090cbbded6cc23459d0eae7f5431
http://security.debian.org/dists/stable/updates/main
/binary-powerpc/eperl_2.2.14-0.7potato2_powerpc.deb
acc616361b0974c0e7fe04605c8c16e9
http://security.debian.org/dists/stable/updates/main
/binary-arm/eperl_2.2.14-0.7potato2_arm.deb
DSA-035-1 - man2html - It has been reported that one can tweak man2html
remotely into consuming all available memory. This has been fixed by
Nicolás Lichtmaier with help of Stephan Kulow.
2fc4ee65395122b5552473cd62876924
http://security.debian.org/dists/stable/updates/main
/source/man2html_1.5.orig.tar.gz
b157e2207d5da25d71c74e64be46cd2f
http://security.debian.org/dists/stable/updates/main
/source/man2html_1.5-23.dsc
95081f3883dd7647227af148cf05da55
http://security.debian.org/dists/stable/updates/main
/source/man2html_1.5-23.diff.gz
706b70b961789cd15e32d1d7b53987e0
http://security.debian.org/dists/stable/updates/main
/binary-i386/man2html_1.5-23_i386.deb
74667dfc3f498c55f35d641f7f4dadbc
http://security.debian.org/dists/stable/updates/main
/binary-m68k/man2html_1.5-23_m68k.deb
0a25f12fd8f594582b3eda82d492235b
http://security.debian.org/dists/stable/updates/main
/binary-sparc/man2html_1.5-23_sparc.deb
71cef3d676484426f8568a9ea38cb0a2
http://security.debian.org/dists/stable/updates/main
/binary-alpha/man2html_1.5-23_alpha.deb
225e85f974d32a65f432b70cb037cfb3
http://security.debian.org/dists/stable/updates/main
/binary-powerpc/man2html_1.5-23_powerpc.deb
758deb08ce747c0756a567aeeac3c977
http://security.debian.org/dists/stable/updates/main
/binary-arm/man2html_1.5-23_arm.deb
DSA-036-1 - Midnight Commander - It has been reported that a local user
could tweak Midnight Commander of another user into executing a random
program under the user id of the person running Midnight Commander. This
behaviour has been fixed by Andrew V. Samoilov.
bd8823e83ef37ada13ad7fc4ca3479c8
http://security.debian.org/dists/stable/updates/main
/source/mc_4.5.42-11.potato.6.diff.gz
c0e84f877cc4b4da15269811f1a538b4
http://security.debian.org/dists/stable/updates/main
/source/mc_4.5.42-11.potato.6.dsc
0d2e63dd4b0c0a3d4d6c5933187ba222
http://security.debian.org/dists/stable/updates/main
/source/mc_4.5.42.orig.tar.gz
2d2eb51e9ae833b605fc54711cd229fc
http://security.debian.org/dists/stable/updates/main
/binary-i386/gmc_4.5.42-11.potato.6_i386.deb
5d65de62f5d7af29cf2ef3b9ab56fd8
http://security.debian.org/dists/stable/updates/main
/binary-i386/mc-common_4.5.42-11.potato.6_i386
..deb
c58a97f08556e18b6d7f4ff657aa62b0
http://security.debian.org/dists/stable/updates/main
/binary-i386/mc_4.5.42-11.potato.6_i386.deb
081bbbf191842c7d404fd3e62afa0f7a
http://security.debian.org/dists/stable/updates/main
/binary-m68k/gmc_4.5.42-11.potato.6_m68k.deb
61d25b2ef64d7d6adaa4e3a43813ac6
http://security.debian.org/dists/stable/updates/main
/binary-m68k/mc-common_4.5.42-11.potato.6_m6
8k.deb
574ef9ba296219900dc03463395c5171
http://security.debian.org/dists/stable/updates/main
/binary-m68k/mc_4.5.42-11.potato.6_m68k.deb
b435261f1f200c7058df7f400927453a
http://security.debian.org/dists/stable/updates/main
/binary-sparc/gmc_4.5.42-11.potato.6_sparc.deb
71809b28c58361a6864985d3ce4e3e63
http://security.debian.org/dists/stable/updates/main
/binary-sparc/mc-common_4.5.42-11.potato.6_spa
rc.deb
b1e4af8190f56d0548ca4bdff0136fbf
http://security.debian.org/dists/stable/updates/main
/binary-sparc/mc_4.5.42-11.potato.6_sparc.deb
7aa3bfac0ebf2e6c0cde6dc135d034e5
http://security.debian.org/dists/stable/updates/main
/binary-alpha/gmc_4.5.42-11.potato.6_alpha.deb
d97fffed31c62ef9d57a7887f89d8bb9
http://security.debian.org/dists/stable/updates/main
/binary-alpha/mc-common_4.5.42-11.potato.6_alp
ha.deb
3afa82d8e80787dc981d0b4e38ecd848
http://security.debian.org/dists/stable/updates/main
/binary-alpha/mc_4.5.42-11.potato.6_alpha.deb
32d8962f6bcb84b1ac85888a814e3030
http://security.debian.org/dists/stable/updates/main
/binary-powerpc/gmc_4.5.42-11.potato.6_powerp
c.deb
7c73edf0a6eb656b61688a636f8bd9de
http://security.debian.org/dists/stable/updates/main
/binary-powerpc/mc-common_4.5.42-11.potato.6_
powerpc.deb
c2a93b28fe53d9fb8f795382b5714b6c
http://security.debian.org/dists/stable/updates/main
/binary-powerpc/mc_4.5.42-11.potato.6_powerpc.
deb
768f61217a7d020855b6b459c48abd45
http://security.debian.org/dists/stable/updates/main
/binary-arm/mc_4.5.42-11.potato.6_arm.deb
051f01146c5053964039cf04b87365a1
http://security.debian.org/dists/stable/updates/main
/binary-arm/gmc_4.5.42-11.potato.6_arm.deb
023a2ee7f0915319fd33d9e5008533ec
http://security.debian.org/dists/stable/updates/main
/binary-arm/mc-common_4.5.42-11.potato.6_arm.
deb
DSA-037-1 - nextaw, xaw3d, xaw95 - It has been reported that the AsciiSrc
and MultiSrc widget in the Athena widget library handle temporary files
insecurely. Joey Hess has ported the bugfix from XFree86 to these Xaw
replacements libraries.
39f64281940612d3fcd9caab2e577aec
http://security.debian.org/dists/stable/updates/main/
source/nextaw_0.5.1-34potato1.diff.gz
8f4d5420ccb9a10eeba1bbbbf4039618
http://security.debian.org/dists/stable/updates/main/
source/nextaw_0.5.1-34potato1.dsc
ca6b7f0cd5929c67d31bec1cc85597fd
http://security.debian.org/dists/stable/updates/main/
source/nextaw_0.5.1.orig.tar.gz
a0253eff70f0e295471a57b085475b94
http://security.debian.org/dists/stable/updates/main
/source/xaw3d_1.3-6.9potato1.diff.gz
d058e2bcf84375b47237c731b2226ed6
http://security.debian.org/dists/stable/updates/main/
source/xaw3d_1.3-6.9potato1.dsc
9475773be43a669ef347bd5b99f9ff7c
http://security.debian.org/dists/stable/updates/main/
source/xaw3d_1.3.orig.tar.gz
8e2814e26829f8618407bddc2a8139a0
http://security.debian.org/dists/stable/updates/main/
source/xaw95_1.1-4.6potato1.diff.gz
e1e851e56e8bd55e7aa7ad75d53e1795
http://security.debian.org/dists/stable/updates/main/
source/xaw95_1.1-4.6potato1.dsc
e0983faf630fa74dfa2c0d5ed10635ea
http://security.debian.org/dists/stable/updates/main/
source/xaw95_1.1.orig.tar.gz
8d4c42a419d12058a81a4875c0482683
http://security.debian.org/dists/stable/updates/main
/binary-i386/nextaw_0.5.1-34potato1_i386.deb
b8d4405cf60e0cdae4a67078c3c5df54
http://security.debian.org/dists/stable/updates/main
/binary-i386/nextawg_0.5.1-34potato1_i386.deb
c2d82fd02430195fb2e2f63dea884b37
http://security.debian.org/dists/stable/updates/main
/binary-i386/xaw3d_1.3-6.9potato1_i386.deb
da8c800a7e533970914beea1288eac86
http://security.debian.org/dists/stable/updates/main
/binary-i386/xaw3dg-dev_1.3-6.9potato1_i386.deb
f44322639de2bcb5049fa3360602fb79
http://security.debian.org/dists/stable/updates/main
/binary-i386/xaw3dg_1.3-6.9potato1_i386.deb
ad465ec7dd6b7cdf155da49ed40fd0f1
http://security.debian.org/dists/stable/updates/main
/binary-i386/xaw95g_1.1-4.6potato1_i386.deb
0cecbd698a8f2c38d9853b8955375278
http://security.debian.org/dists/stable/updates/main
/binary-m68k/nextaw_0.5.1-34potato1_m68k.deb
80961f0094a9e150354a44c80a2aedcb
http://security.debian.org/dists/stable/updates/main
/binary-m68k/nextawg_0.5.1-34potato1_m68k.deb
48e1ab6da9de7decca460c4bcd0ed0db
http://security.debian.org/dists/stable/updates/main
/binary-m68k/xaw3d_1.3-6.9potato1_m68k.deb
bf128f7f8b208e65e40b66e39ad895c8
http://security.debian.org/dists/stable/updates/main
/binary-m68k/xaw3dg-dev_1.3-6.9potato1_m68k.deb
1a18260226eb093deb72a249b20c8dc4
http://security.debian.org/dists/stable/updates/main
/binary-m68k/xaw3dg_1.3-6.9potato1_m68k.deb
66bc729de8b5ac24e81679a223aab3c6
http://security.debian.org/dists/stable/updates/main
/binary-m68k/xaw95g_1.1-4.6potato1_m68k.deb
DSA-038-1 - sgml-tools - Former versions of sgml-tools created temporary
files directly in /tmp in an insecure fashion. Version 1.0.9-15 and higher
create a subdirectory first and open temporary files within that directory.
41187c94c4c112253543c50a834c223c
http://security.debian.org/dists/stable/updates/main/
source/sgml-tools_1.0.9.orig.tar.gz
5092e08e04f8ad13a594335a718490b4
http://security.debian.org/dists/stable/updates/main/
source/sgml-tools_1.0.9-15.dsc
72d55460634c4e7fb84e06e946989c7
http://security.debian.org/dists/stable/updates/main/
source/sgml-tools_1.0.9-15.diff.gz
bc2d3d8eea05c1b0495724390b2099a4
http://security.debian.org/dists/stable/updates/main
/binary-i386/sgml-tools_1.0.9-15_i386.deb
b387d59f20d79d0ac37375e5b009c7e1
http://security.debian.org/dists/stable/updates/main
/binary-m68k/sgml-tools_1.0.9-15_m68k.deb
4ca530c6d43a0d7bd05c9857316467db
http://security.debian.org/dists/stable/updates/main
/binary-sparc/sgml-tools_1.0.9-15_sparc.deb
52745714a737dd035f56c9952f356470
http://security.debian.org/dists/stable/updates/main
/binary-alpha/sgml-tools_1.0.9-15_alpha.deb
946a6aa2b2517cca2c35a6ec28eafabf
http://security.debian.org/dists/stable/updates/main
/binary-powerpc/sgml-tools_1.0.9-15_powerpc.deb
cc5f223311f462895e56cdf624a61367
http://security.debian.org/dists/stable/updates/main
/binary-arm/sgml-tools_1.0.9-15_arm.deb
DSA-039-1 - glibc - The version of GNU libc that was distributed with
Debian GNU/Linux 2.2 suffered from 2 security problems:
* It was possible to use LD_PRELOAD to load libraries that are listed
in /etc/ld.so.cache, even for suid programs. This could be used to create
(and overwrite) files which a user should not be allowed to.
* by using LD_PROFILE suid programs would write data to a file to /var/tmp,
which was not done safely. Again, this could be used to create (and
overwrite) files which a user should not have access to.
2d09dcf45482a2c4400e033c92112110
http://security.debian.org/dists/stable/updates/main
/source/glibc_2.1.3-17.diff.gz
0483ad39d31a54db8781fddb79240e5d
http://security.debian.org/dists/stable/updates/main
/source/glibc_2.1.3-17.dsc
aea1bb5c28f793013153d1b8f91eb746
http://security.debian.org/dists/stable/updates/main
/source/glibc_2.1.3.orig.tar.gz
06a18fbeee849642b48ff14cc0633984
http://security.debian.org/dists/stable/updates/main
/binary-all/glibc-doc_2.1.3-17_all.deb
272079ae1d3afe16b18cbc3d903a5685
http://security.debian.org/dists/stable/updates/main
/binary-all/i18ndata_2.1.3-17_all.deb
28e3d452aee9a89a7883885b76c7dc66
http://security.debian.org/dists/stable/updates/main
/binary-alpha/libc6.1-dbg_2.1.3-17_alpha.deb
452a709107c611efffb6e4ff3697eb10
http://security.debian.org/dists/stable/updates/main
/binary-alpha/libc6.1-dev_2.1.3-17_alpha.deb
68208d16954c2f81fe38a41fc6b83720
http://security.debian.org/dists/stable/updates/main
/binary-alpha/libc6.1-pic_2.1.3-17_alpha.deb
dc0ba72ff66b3e25213e6ab12c927941
http://security.debian.org/dists/stable/updates/main
/binary-alpha/libc6.1-prof_2.1.3-17_alpha.deb
3e75804a7de8a317304dc4b615e290d3
http://security.debian.org/dists/stable/updates/main
/binary-alpha/libc6.1_2.1.3-17_alpha.deb
f4bf6d43ef36117efe43bad15159dc4
http://security.debian.org/dists/stable/updates/main
/binary-alpha/libnss1-compat_2.1.3-17_alpha.deb
443417e614a33cf70d296fedb6733873
http://security.debian.org/dists/stable/updates/main
/binary-alpha/locales_2.1.3-17_alpha.deb
86edee3f212a0d4c769d37eb8e6de404
http://security.debian.org/dists/stable/updates/main
/binary-alpha/nscd_2.1.3-17_alpha.deb
63e3785e0c034ad086014a07a641b43d
http://security.debian.org/dists/stable/updates/main
/binary-arm/libc6-dbg_2.1.3-17_arm.deb
3cf45427598f3c92c5744b647f14a315
http://security.debian.org/dists/stable/updates/main
/binary-arm/libc6-dev_2.1.3-17_arm.deb
30ae1c962cae0d1df3fcd8924a7eb6d3
http://security.debian.org/dists/stable/updates/main
/binary-arm/libc6-pic_2.1.3-17_arm.deb
5e4b00337e8cf44cd94125a30decf409
http://security.debian.org/dists/stable/updates/main
/binary-arm/libc6-prof_2.1.3-17_arm.deb
0b4c9b9715d91fd9474a6a33775821b8
http://security.debian.org/dists/stable/updates/main
/binary-arm/libc6_2.1.3-17_arm.deb
fce2f8c6d697ed386557fcf92ef4ce47
http://security.debian.org/dists/stable/updates/main
/binary-arm/locales_2.1.3-17_arm.deb
946568baddaf2ef3430bc3e27c464079
http://security.debian.org/dists/stable/updates/main
/binary-arm/nscd_2.1.3-17_arm.deb
a11f04dc605f9e0692bad7c43f29b90a
http://security.debian.org/dists/stable/updates/main
/binary-i386/libc6-dbg_2.1.3-17_i386.deb
c92017b2d71066fb0ffada1090c72863
http://security.debian.org/dists/stable/updates/main
/binary-i386/libc6-dev_2.1.3-17_i386.deb
c4523e2dfa76352db81bb7c3852e52eb
http://security.debian.org/dists/stable/updates/main
/binary-i386/libc6-pic_2.1.3-17_i386.deb
f752ce83bdb45c106a564107727f4ac9
http://security.debian.org/dists/stable/updates/main
/binary-i386/libc6-prof_2.1.3-17_i386.deb
2e97ae1db914e6bf1bbf9f622668802a
http://security.debian.org/dists/stable/updates/main
/binary-i386/libc6_2.1.3-17_i386.deb
80592eeaf265a2fa5e4ec17429bd7a29
http://security.debian.org/dists/stable/updates/main
/binary-i386/libnss1-compat_2.1.3-17_i386.deb
95d336a17cbab782802304546b88f252
http://security.debian.org/dists/stable/updates/main
/binary-i386/locales_2.1.3-17_i386.deb
3ac365c22541b0322f3f7acd4487362f
http://security.debian.org/dists/stable/updates/main
/binary-i386/nscd_2.1.3-17_i386.deb
73c51ecef6cb349e1c05c94d98b7f08f
http://security.debian.org/dists/stable/updates/main
/binary-m68k/libc6-dbg_2.1.3-17_m68k.deb
fdb40a30e553dbda2928913e97869dac
http://security.debian.org/dists/stable/updates/main
/binary-m68k/libc6-dev_2.1.3-17_m68k.deb
4ac47fdd91bb3e74ffb88903f9aa2a2f
http://security.debian.org/dists/stable/updates/main
/binary-m68k/libc6-pic_2.1.3-17_m68k.deb
1ac2effcfa957fba33364f15a0e6a0ad
http://security.debian.org/dists/stable/updates/main
/binary-m68k/libc6-prof_2.1.3-17_m68k.deb
9fa4049d37577c6bf84b6c3b618a3cf7
http://security.debian.org/dists/stable/updates/main
/binary-m68k/libc6_2.1.3-17_m68k.deb
9e08e0912fb30238c888aa95f2ea5a2
http://security.debian.org/dists/stable/updates/main
/binary-m68k/libnss1-compat_2.1.3-17_m68k.deb
6d4ad26d19cf6309369c59279d243c2f
http://security.debian.org/dists/stable/updates/main
/binary-m68k/locales_2.1.3-17_m68k.deb
b553448be9a6b872d2c38a606476b154
http://security.debian.org/dists/stable/updates/main
/binary-m68k/nscd_2.1.3-17_m68k.deb
7737f33dab4073f2f068675d0290f2e2
http://security.debian.org/dists/stable/updates/main
/binary-powerpc/libc6-dbg_2.1.3-17_powerpc.deb
018fcbba3194cbf39617c17d769390ac
http://security.debian.org/dists/stable/updates/main
/binary-powerpc/libc6-dev_2.1.3-17_powerpc.deb
301d0bb507a617baeede970249eaad65
http://security.debian.org/dists/stable/updates/main
/binary-powerpc/libc6-pic_2.1.3-17_powerpc.deb
7a36a1dcdcf10b1ff5781f3a433eba7
http://security.debian.org/dists/stable/updates/main
/binary-powerpc/libc6-prof_2.1.3-17_powerpc.deb
80b640aa7d99456cb0fe394a25a9e36b
http://security.debian.org/dists/stable/updates/main
/binary-powerpc/libc6_2.1.3-17_powerpc.deb
9c44c79bf5c8767e3d144c6b9521b925
http://security.debian.org/dists/stable/updates/main
/binary-powerpc/locales_2.1.3-17_powerpc.deb
359dc2ec51ec194da9ad5f7fd808ccc4
http://security.debian.org/dists/stable/updates/main
/binary-powerpc/nscd_2.1.3-17_powerpc.deb
e63563d43a5e7e016e21c44b80ae530b
http://security.debian.org/dists/stable/updates/main
/binary-sparc/libc6-dbg_2.1.3-17_sparc.deb
32dd22813fe5db4e77ff9d0bc8df74ca
http://security.debian.org/dists/stable/updates/main
/binary-sparc/libc6-dev_2.1.3-17_sparc.deb
648c72da9cd496f265c8a8426fa47516
http://security.debian.org/dists/stable/updates/main
/binary-sparc/libc6-pic_2.1.3-17_sparc.deb
c664c5e1b2fd9d2a3d856130f7750c70
http://security.debian.org/dists/stable/updates/main
/binary-sparc/libc6-prof_2.1.3-17_sparc.deb
67123f10a4b04251c6922313c70102af
http://security.debian.org/dists/stable/updates/main
/binary-sparc/libc6_2.1.3-17_sparc.deb
895333e421ac054533b2cf3a989d2675
http://security.debian.org/dists/stable/updates/main
/binary-sparc/locales_2.1.3-17_sparc.deb
7be597a2a98e985bd2f9cca65049d16f
http://security.debian.org/dists/stable/updates/main
/binary-sparc/nscd_2.1.3-17_sparc.deb
DSA-040-1 - slrn - Bill Nottingham reported a problem in the
wrapping/unwrapping functions of the slrn newsreader. A long header in a
message might overflow a buffer and which could result into executing
arbitraty code encoded in the message.
The default configuration does not have wrapping enable, but it can easily
be enabled either by changing the configuration or pressing W while viewing
a message.
5dd13f483c2fa61d6fd6370f7813df82
http://security.debian.org/dists/stable/updates/main
/source/slrn_0.9.6.2-9potato1.diff.gz
813ad9482041914b484428281fc28ad8
http://security.debian.org/dists/stable/updates/main
/source/slrn_0.9.6.2-9potato1.dsc
7ce442af03aeafb88a636183955c270e
http://security.debian.org/dists/stable/updates/main
/source/slrn_0.9.6.2.orig.tar.gz
8329209a6aa996d1ae6d661f56dd3188
http://security.debian.org/dists/stable/updates/main
/binary-alpha/slrn_0.9.6.2-9potato1_alpha.deb
91cd53de5c2c8cd58fecbec3c703156b
http://security.debian.org/dists/stable/updates/main
/binary-alpha/slrnpull_0.9.6.2-9potato1_alpha.deb
25e04bc0fbf2f7d6f04005c2ecb4831d
http://security.debian.org/dists/stable/updates/main
/binary-arm/slrn_0.9.6.2-9potato1_arm.deb
eef5b32a35d8193cfbe7988f683f70bf
http://security.debian.org/dists/stable/updates/main
/binary-arm/slrnpull_0.9.6.2-9potato1_arm.deb
c871721245934e479a70fc712fa24021
http://security.debian.org/dists/stable/updates/main
/binary-i386/slrn_0.9.6.2-9potato1_i386.deb
2e8c43ac86e3a28ca5c65f40c47315d8
http://security.debian.org/dists/stable/updates/main
/binary-i386/slrnpull_0.9.6.2-9potato1_i386.deb
a30edb247ac6bed594a848421588e8bb
http://security.debian.org/dists/stable/updates/main
/binary-m68k/slrn_0.9.6.2-9potato1_m68k.deb
7aeeca1532ef2d384d98990aa51c5bc8
http://security.debian.org/dists/stable/updates/main
/binary-m68k/slrnpull_0.9.6.2-9potato1_m68k.deb
f7fdde7f8a5028812fb5d06779c0fb63
http://security.debian.org/dists/stable/updates/main
/binary-powerpc/slrn_0.9.6.2-9potato1_powerpc.d
eb
74a4648cdcfaf38243f7654a9b496832
http://security.debian.org/dists/stable/updates/main
/binary-powerpc/slrnpull_0.9.6.2-9potato1_powerp
c.deb
ac9f606cf5524dd1865e7b85314e7a3a
http://security.debian.org/dists/stable/updates/main
/binary-sparc/slrn_0.9.6.2-9potato1_sparc.deb
7b912bd3e7d406be4e041bea90d77439
http://security.debian.org/dists/stable/updates/main
/binary-sparc/slrnpull_0.9.6.2-9potato1_sparc.deb
DSA-041-1 - joe - Christer Öberg of Wkit Security AB found a problem in joe
(Joe's Own Editor). joe will look for a configuration file in three
locations: the current directory, the users homedirectory ($HOME) and
in /etc/joe. Since the configuration file can define commands joe will run
(for example to check spelling) reading it from the current directory can
be dangerous: an attacker can leave a .joerc file in a writable directory,
which would be read when a unsuspecting user starts joe in that directory.
cd6b006c8a2426ada62a6af1ddd001fe
http://security.debian.org/dists/stable/updates/main
/source/joe_2.8-15.3.diff.gz
4f3b3a027cd8baf4c3b1a282b31cb5ed
http://security.debian.org/dists/stable/updates/main
/source/joe_2.8-15.3.dsc
84c1aebfce7876b8639945da3c29f204
http://security.debian.org/dists/stable/updates/main
/source/joe_2.8.orig.tar.gz
bb4f2753fa7b05f5877b7bad353ac7a4
http://security.debian.org/dists/stable/updates/main
/binary-alpha/joe_2.8-15.3_alpha.deb
179c212d01bfaa898259028ce06a24a8
http://security.debian.org/dists/stable/updates/main
/binary-arm/joe_2.8-15.3_arm.deb
39f680f8fde72d0958431f617e774123
http://security.debian.org/dists/stable/updates/main
/binary-i386/joe_2.8-15.3_i386.deb
100db16eb2ff8aa43840cdde49d9b5a9
http://security.debian.org/dists/stable/updates/main
/binary-m68k/joe_2.8-15.3_m68k.deb
425019054e7eb9b104e96ff351132bf3
http://security.debian.org/dists/stable/updates/main
/binary-powerpc/joe_2.8-15.3_powerpc.deb
8f88ab48a61c0c9f5e955fdf0fc79d4e
http://security.debian.org/dists/stable/updates/main
/binary-sparc/joe_2.8-15.3_sparc.deb
DSA-042-1 - gnuserv, xemacs21 - Klaus Frank has found a vulnerability in
the way gnuserv handled remote connections. Gnuserv is a remote control
facility for Emacsen which is available as standalone program as well as
included in XEmacs21. Gnuserv has a buffer for which insufficient boundary
checks were made. Unfortunately this buffer affected access control to
gnuserv which is using a MIT-MAGIC-COOCKIE based system. It is possible to
overflow the buffer containing the cookie and foozle cookie comparison.
Gnuserv was derived from emacsserver which is part of GNU Emacs. It's was
reworked completely and not much is to be left over from its time as part
of GNU Emacs. Therefore the versions of emacssserver in both Emacs19 and
Emacs20 doesn't look vulnerable to this bug, they don't even provide a MIT-
MAGIC-COOKIE based mechanism.
This could lead into a remote user issue commands under the UID of the
person running gnuserv.
322ac99415fc18dff4fba89b7e9d33e2
http://security.debian.org/dists/stable/updates/main
/source/gnuserv_2.1alpha-5.1.diff.gz
1c32ce9a3b447a632405ff2fbf22e068
http://security.debian.org/dists/stable/updates/main
/source/gnuserv_2.1alpha-5.1.dsc
00295f97203b334c1e0866938a3ced2c
http://security.debian.org/dists/stable/updates/main
/source/gnuserv_2.1alpha.orig.tar.gz
73e8ebc9a0c3cb0dfaeb77a9b29c3d15
http://security.debian.org/dists/stable/updates/main
/source/xemacs21_21.1.10-5.diff.gz
9561ccc3dc9fa693f18d32899d7ea7fa
http://security.debian.org/dists/stable/updates/main
/source/xemacs21_21.1.10-5.dsc
f0d81a84f002bb7c055a0e821244bbbf
http://security.debian.org/dists/stable/updates/main
/source/xemacs21_21.1.10.orig.tar.gz
32e7d8ba231c46c81bf833407826de18
http://security.debian.org/dists/stable/updates/main
/binary-i386/xemacs21-support_21.1.10-5_all.deb
8aeb8891623ea08695acfe20c0e1bc59
http://security.debian.org/dists/stable/updates/main
/binary-i386/xemacs21-supportel_21.1.10-5_all.deb
3fd6e13ada6764e2d9022f7abd891d29
http://security.debian.org/dists/stable/updates/main
/binary-i386/xemacs21_21.1.10-5_all.deb
8ca49d40223b7957ceaa120c0389c452
http://security.debian.org/dists/stable/updates/main
/binary-i386/gnuserv_2.1alpha-5.1_i386.deb
49c3e9d6d458bcf872c8fdc9c5190d87
http://security.debian.org/dists/stable/updates/main
/binary-i386/xemacs21-bin_21.1.10-5_i386.deb
b5aa1fe986c19ca6de87fb8a9a0d54a9
http://security.debian.org/dists/stable/updates/main
/binary-i386/xemacs21-mule-canna-wnn_21.1.10-
5_i386.deb
7704f26ef1feba21b9efe6eeaa219188
http://security.debian.org/dists/stable/updates/main
/binary-i386/xemacs21-mule_21.1.10-5_i386.deb
908c624bdd867a503cdc11ca8a01b6d8
http://security.debian.org/dists/stable/updates/main
/binary-i386/xemacs21-nomule_21.1.10-5_i386.deb
0b75ebde7771cf528991ce628bf32237
http://security.debian.org/dists/stable/updates/main
/binary-m68k/gnuserv_2.1alpha-5.1_m68k.deb
dff7d55ef771e9473d3c74727082b608
http://security.debian.org/dists/stable/updates/main
/binary-sparc/gnuserv_2.1alpha-5.1_sparc.deb
69c0d27b079247d30e35807926d20dd2
http://security.debian.org/dists/stable/updates/main
/binary-sparc/xemacs21-bin_21.1.10-5_sparc.deb
d402e35fde19d61ceb3bafe11a28fa16
http://security.debian.org/dists/stable/updates/main
/binary-sparc/xemacs21-mule-canna-wnn_21.1.10-
5_sparc.deb
7865e5f17dc9dca1121935c95c6eae99
http://security.debian.org/dists/stable/updates/main
/binary-sparc/xemacs21-mule_21.1.10-5_sparc.deb
5fed990482ab774d27d32ca4b7308797
http://security.debian.org/dists/stable/updates/main
/binary-sparc/xemacs21-nomule_21.1.10-5_sparc.deb
c0c2769f62b22c8f24eed97bc47b350a
http://security.debian.org/dists/stable/updates/main
/binary-alpha/gnuserv_2.1alpha-5.1_alpha.deb
5b0bae2e1046d8fd1ffc2084a3fe2047
http://security.debian.org/dists/stable/updates/main
/binary-alpha/xemacs21-bin_21.1.10-5_alpha.deb
1f1761b6d4f959f8816b50e6c2e1a611
http://security.debian.org/dists/stable/updates/main
/binary-alpha/xemacs21-mule-canna-wnn_21.1.10-
5_alpha.deb
3066ed7a509e790854b953f99c753b5f
http://security.debian.org/dists/stable/updates/main
/binary-alpha/xemacs21-mule_21.1.10-5_alpha.deb
7b86887ccd3879ec6717395873a3b52c
http://security.debian.org/dists/stable/updates/main
/binary-alpha/xemacs21-nomule_21.1.10-5_alpha
..deb
128ba2bdd4f6b231af2275c919c9bbae
http://security.debian.org/dists/stable/updates/main
/binary-powerpc/gnuserv_2.1alpha-5.1_powerpc
..deb
1967a6162b77f32bf58f528990972f33
http://security.debian.org/dists/stable/updates/main
/binary-powerpc/xemacs21-bin_21.1.10-5_powerp
c.deb
51867ec12d1d08af8e212f722c3a9b9f
http://security.debian.org/dists/stable/updates/main
/binary-powerpc/xemacs21-mule-canna-wnn_21.1.
10-5_powerpc.deb
4e3898da9f797f4c571fa9929efdef22
http://security.debian.org/dists/stable/updates/main
/binary-powerpc/xemacs21-mule_21.1.10-5_powe
rpc.deb
910a72e5201fc31cff2887d9c6e654b8
http://security.debian.org/dists/stable/updates/main
/binary-powerpc/xemacs21-nomule_21.1.10-5_po
werpc.deb
d320a2e110eb02eeed570d61917c5ef5
http://security.debian.org/dists/stable/updates/main
/binary-arm/gnuserv_2.1alpha-5.1_arm.deb
7902fb226cdf3a19e39344fc308a6c14
http://security.debian.org/dists/stable/updates/main
/binary-arm/xemacs21-bin_21.1.10-5_arm.deb
51875500719629b32973455aa7e5a275
http://security.debian.org/dists/stable/updates/main
/binary-arm/xemacs21-mule-canpna-wnn_21.1.10-
5_arm.deb
9199cdd445d590a22368409c7781a4f1
http://security.debian.org/dists/stable/updates/main
/binary-arm/xemacs21-mule_21.1.10-5_arm.deb
88cb5511e1c5e4ee328dc233421c5731
http://security.debian.org/dists/stable/updates/main
/binary-arm/xemacs21-nomule_21.1.10-5_arm.deb
DSA-043-1 - zope - This advisory covers several vulnerabilities in Zope
that have been addressed.
- - Hotfix 08_09_2000 "Zope security alert and hotfix product"
The issue involves the fact that the getRoles method of user objects
contained in the default UserFolder implementation returns a mutable Python
type. Because the mutable object is still associated with the persistent
User object, users with the ability to edit DTML could arrange to give
themselves extra roles for the duration of a single request by mutating the
roles list as a part of the request processing.
- - Hotfix 2000-10-02 "ZPublisher security update" It is sometimes possible
to access, through an URL only, objects protected by a role which the user
has in some context, but not in the context of the accessed object.
- - Hotfix 2000-10-11 "ObjectManager subscripting" The issue involves the
fact that the 'subscript notation' that can be used to access items of
ObjectManagers (Folders) did not correctly restrict return values to only
actual sub items. This made it possible to access names that should be
private from DTML (objects with names beginning with the underscore '_'
character). This could allow DTML authors to see private implementation
data structures and in certain cases possibly call methods that they
shouldn't have access to from DTML.
- - Hotfix 2001-02-23 "Class attribute access" The issue is related to
ZClasses in that a user with through-the-web scripting capabilities on a
Zope site can view and assign class attributes to ZClasses, possibly
allowing them to make inappropriate changes to ZClass instances. A second
part fixes problems in the ObjectManager, PropertyManager, and
PropertySheet classes related to mutability of method return values which
could be perceived as a security problem.
c67a733688d9734030ba98b1910d5aa2
http://security.debian.org/dists/stable/updates/main
/source/zope_2.1.6-7.dsc
794015f6c537e579660f2748c83b1c7a
http://security.debian.org/dists/stable/updates/main
/source/zope_2.1.6-7.diff.gz
6ec4320afd6925c24f9f1b5cd7c4d7c5
http://security.debian.org/dists/stable/updates/main
/source/zope_2.1.6.orig.tar.gz
92bb0b4f05a9817ba6befcd9e05a3183
http://security.debian.org/dists/stable/updates/main
/binary-alpha/zope_2.1.6-7_alpha.deb
222e70c1ce79471233de7fd25b47137c
http://security.debian.org/dists/stable/updates/main
/binary-arm/zope_2.1.6-7_arm.deb
40d548dc5e6b8927baf59a6b0da7591c
http://security.debian.org/dists/stable/updates/main
/binary-i386/zope_2.1.6-7_i386.deb
a115a19b1b2ab88da3b6c71d8f355f0c
http://security.debian.org/dists/stable/updates/main
/binary-m68k/zope_2.1.6-7_m68k.deb
35690d55965968d4e6dcf1eae473beeb
http://security.debian.org/dists/stable/updates/main
/binary-powerpc/zope_2.1.6-7_powerpc.deb
f7569909daedc1bf8667405d57155e69
http://security.debian.org/dists/stable/updates/main
/binary-sparc/zope_2.1.6-7_sparc.deb
- -- ImmunixOS --
IMNX-2001-70-005-01 - joe - The version of joe shipped in Immunix OS 6.2
and 7.0-beta looks for a configuration file in the current working
directory, the user's home directory and in /etc/joe. A malicious user
could create their own .joerc configuration file and try to get other users
to use it. If this happens, the user could execute malicious commands with
their own user id and privilege. This problem was originally reported by
WKIT Security AB and more information on it can be found at
http://www.wkit.com/content/eng/advisories/wsir02
02.txt
Immunix 7.0 does not install the joe package by default but provides it in
the extras/unsupported directory so it is not vulnerable unless the joe
package has been installed manually by the system administrator.
af4179632fec1a6bf165f3c36323d1ec
http://immunix.org/ImmunixOS/6.2/updates/RPMS/joe
- -2.8-43.62_StackGuard.i386.rpm
70a5925864e02b8ac3118d20aec97d7f
http://immunix.org/ImmunixOS/6.2/updates/SRPMS/joe
- -2.8-43.62_StackGuard.src.rpm
ae0d34096476456ac3df90358d9b7723
http://immunix.org/ImmunixOS/7.0/updates/RPMS/joe
- -2.8-43.7_imnx.i386.rpm
5ca9476b3284b9d559dd786ea0c43dca
http://immunix.org/ImmunixOS/7.0/updates/SRPMS/jo
e-2.8-43.7_imnx.src.rpm
- -- LinuxPPC --
No patches issued.
- -- Mandrake --
MDKSA-2001:026 - joe - The joe text editor looks for configuration files in
the current working directory, the user's home directory, and finally
in /etc/joe. A malicious user could create their own .joerc configuration
file and attempt to get other users to use it. If this were to happen, the
user could potentially execute malicious commands with their own user ID
and privileges. This update removes joe's ability to use a .joerc
configuration file in the current working directory.
56d2f6a0631af8bd0e1277ff9ac61c79
6.0/RPMS/joe-2.8-21.6mdk.i586.rpm
43b6715da08c931174df9bdca65c5bd2
6.0/SRPMS/joe-2.8-21.6mdk.src.rpm
8d580b730449cd83cd3140ed5e85b711
6.1/RPMS/joe-2.8-21.6mdk.i586.rpm
43b6715da08c931174df9bdca65c5bd2
6.1/SRPMS/joe-2.8-21.6mdk.src.rpm
96713b9dbd1d08045de30a5d3325e0e1
7.0/RPMS/joe-2.8-21.6mdk.i586.rpm
43b6715da08c931174df9bdca65c5bd2
7.0/SRPMS/joe-2.8-21.6mdk.src.rpm
633c0600124591eb3a0d9f1299709b18
7.1/RPMS/joe-2.8-21.5mdk.i586.rpm
10fa82ea14185c6df59c2eb282b628ff
7.1/SRPMS/joe-2.8-21.5mdk.src.rpm
35c4075c50bf84dde42573f20f549772
7.2/RPMS/joe-2.8-21.4mdk.i586.rpm
c6ff0ce8ad7365cfd2795c178b5e5f01
7.2/SRPMS/joe-2.8-21.4mdk.src.rpm
633c0600124591eb3a0d9f1299709b18
1.0.1/RPMS/joe-2.8-21.5mdk.i586.rpm
10fa82ea14185c6df59c2eb282b628ff
1.0.1/SRPMS/joe-2.8-21.5mdk.src.rpm
MDKSA-2001:027 - ePerl - Several potential buffer overflows in the ePerl
package have been found by Fumitoshi Ukai and Denis Barbier. When eperl is
installed setuid root, it can switch to the UID/GID of the script's owner.
Although Linux-Mandrake does not ship the program setuid root, this is a
useful feature which some users may have activated locally on their own.
There is also the potential for a remote vulnerability as well.
29d22c99cf995c7dd90f34467e0ae202
7.1/RPMS/eperl-2.2.14-7.2mdk.i586.rpm
405b9b51f07abeb04809453c1b5eb7b6
7.1/SRPMS/eperl-2.2.14-7.2mdk.src.rpm
e48bdd9d10fadb000650592dc97c601d
7.2/RPMS/eperl-2.2.14-7.1mdk.i586.rpm
6c4caf6f01729418940a5b266ca34969
7.2/SRPMS/eperl-2.2.14-7.1mdk.src.rpm
29d22c99cf995c7dd90f34467e0ae202
1.0.1/RPMS/eperl-2.2.14-7.2mdk.i586.rpm
405b9b51f07abeb04809453c1b5eb7b6
1.0.1/SRPMS/eperl-2.2.14-7.2mdk.src.rpm
- -- Red Hat --
No patches issued.
- -- Slackware --
No patches issued.
- -- SuSE --
SuSE-SA:2001:05 - CUPS - CUPS is an implementation of the Internet Printing
Protocol (IPP) and is used as an alternative to the lpr and LPRng packages.
The CUPS package aims to be a comprehensive printing solution for UN*X-
systems. In SuSE-7.1 distribution, the cups package is not used by any
configuration utilities unless the admin has decided to configure the
package manually. The cups package has been introduced in the SuSE-7.1
distribution; enhanced support for future releases of the SuSE Linux
distribution is planned. A SuSE-internal security audit conducted by
Sebastian Krahmer and Thomas Biege revealed several overflows as well as
insecure file handling. These bugs have been fixed by adding length-checks
and securing the file-access.
For a temporary workaround, remove the suid-bit from the 'lppasswd' program.
Make sure nobody from outside your network can access the CUPS-server
running on port 631. Allowing access to this port from outside is a bad
idea regardless whether or not the used version is vulnerable. No remote-
exploits are known yet.
23c6484952ab0c1de81e2db38bcd3afc
ftp://ftp.suse.com/pub/suse/i386/update/7.1/d3/cups-dev
el-1.1.6-13.i386.rpm
812e0c47dcfe508eb9e8ccb38165b6d7
ftp://ftp.suse.com/pub/suse/i386/update/7.1/n2/cups-1.1.
6-13.i386.rpm
204cea2ad6a61293c191e70a2cacdc82
ftp://ftp.suse.com/pub/suse/i386/update/7.1/zq1/cups-1.1.
6-13.src.rpm
- -- TurboLinux --
No patches issued.
- -- Trustix --
No patches issued.
- -- YellowDog --
No patches issued.
.............................................................
Internet hyperlinks do not display well with all email programs, and some
longer addresses break into two lines. When following a hyperlink that is
split into two lines, copy both lines into the location field of your
browser. Be sure the entire address is copied, without extra spaces.
.............................................................
Please tell us how we are doing. Send any questions or comments to:
listmaster@securityportal.com
To change your subscriptions settings, visit the following URL:
http://securityportal.com/subscribe.html
You may unsubscribe from all SecurityPortal mailings at once by sending an
email to listserv@listserv.securityportal.com, with the text "SIGNOFF
SECURITYPORTAL-L" in the body of the email. If you do not wish to
unsubscribe from all SecurityPortal mailings, please use the URL listed
above to adjust your subscription options.
- --
This article has been digitally signed by the moderator, using PGP.
http://www.iki.fi/mjr/cola-public-key.asc has PGP key for validating signature.
Send submissions for comp.os.linux.announce to: linux-announce@news.ornl.gov
PLEASE remember a short description of the software and the LOCATION.
This group is archived at http://www.iki.fi/mjr/linux/cola.html
=====BEGIN PGP SIGNATURE=====
Version: 2.6.3ia
Charset: latin1
iQCVAgUBOrzSk1rUI/eHXJZ5AQGFmwP8C0XUIHE69SpNewvM3/bgRjBGL5ImhBoF
siOqosJJoEa1v4hFoDfFzKskPjQTSAWYrro1Ans5whBdWnqfwddUhy6lvbfiCGft
HmxxdlT+/kuLKbBVDmKDcr9McTgC6kfojND5EMIBRknzUeaqgDVRFfYkjhPS7iHI
J5qqzrfNEXk=
=wPwr
=====END PGP SIGNATURE=====
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: Linux-Announce-Request@NEWS-DIGESTS.MIT.EDU
You can submit announcements to be moderated via:
Internet: linux-announce@NEWS.ORNL.GOV
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Announce Digest
******************************
