Home page logo
/

bugtraq logo Bugtraq mailing list archives

TSLSA-2006-0057 - multi
From: Trustix Security Advisor <tsl () trustix org>
Date: Wed, 18 Oct 2006 13:28:37 +0100

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Trustix Secure Linux Security Advisory #2006-0057

Package names:     clamav, kernel, php, php4, python, xorg-x11
Summary:           Multiple vulnerabilities
Date:              2006-10-18
Affected versions: Trustix Secure Linux 2.2
                   Trustix Secure Linux 3.0
                   Trustix Operating System - Enterprise Server 2

- --------------------------------------------------------------------------
Package description:
  clamav
  Clam AntiVirus is a GPL anti-virus toolkit for UNIX. The main purpose
  of this software is the integration with mail servers (attachment
  scanning). The package provides a flexible and scalable multi-threaded
  daemon, a command line scanner, and a tool for automatic updating via
  Internet. The programs are based on a shared library distributed with
  package, which you can use with your own software. Most importantly,
  the virus database is kept up to date .

  kernel
  The kernel package contains the Linux kernel (vmlinuz), the core of
  your Trustix Secure Linux operating system. The kernel handles the
  basic functions of the operating system: memory allocation, process
  allocation, device input and output, etc.

  php
  PHP is an HTML-embedded scripting language. PHP attempts to
  make it easy for developers to write dynamically generated web
  pages. PHP also offers built-in database integration for several
  commercial and non-commercial database management systems, so
  writing a database-enabled web page with PHP is fairly simple.
  The most common use of PHP coding is probably as a replacement
  for CGI scripts. The mod_php module enables the Apache web server
  to understand and process the embedded PHP language in web pages.

  php4
  PHP4 is an HTML-embedded scripting language. PHP4 attempts to 
  make it easy for developers to write dynamically generated web
  pages. PHP4 also offers built-in database integration for several
  commercial and non-commercial database management systems, so 
  writing a database-enabled web page with PHP is fairly simple.
  The most common use of PHP coding is probably as a replacement
  for CGI scripts. The mod_php module enables the Apache web server
  to understand and process the embedded PHP language in web pages.

  python
  Python is an interpreted, interactive, object-oriented programming
  language often compared to Tcl, Perl, Scheme or Java. Python includes
  modules, classes, exceptions, very high level dynamic data types and
  dynamic typing. Python supports interfaces to many system calls and
  libraries.

  xorg-x11
  X.org X11 is an open source implementation of the X Window System.
  It provides the basic low level functionality which full fledged
  graphical user interfaces (GUIs) such as GNOME and KDE are designed
  upon.

Problem description:
  clamav < TSL 3.0 > < TSL 2.2 >
  - New Upstream.
  - SECURITY Fix: Two vulnerabilities have been reported in Clam
    AntiVirus, which can be exploited by malicious people to cause
    a DoS (SA22370).
  - Fixes an unspecified error in the CHM unpacker in chmunpack.c which
    can be exploited to cause a DoS.
  - Fixes an unspecified error in rebuildpe.c when rebuilding PE files
    after unpacking which can be exploited to cause a heap-based buffer
    overflow.

  kernel < TSL 2.2 >
  - SECURITY Fix: A vulnerability has been reported in Linux Kernel,
    caused due to an error in the "clip_mkip()" function in the ATM
    subsystem and can be exploited to cause a kernel panic.

    The Common Vulnerabilities and Exposures project (cve.mitre.org)
    has assigned the name CVE-2006-4997 to this issue.
 
  kernel < TSL 3.0 >
  - New upstream.
  - SECURITY FIX: A vulnerability has been identified due to an error
    in the ULE (Unidirectional Lightweight Encapsulation) decapsulation
    code [drivers/media/dvb/dvb-core/dvb_net.c] that does not properly
    handle malformed packets with a SNDU (Sub Network Data Unit) length
    of 0, which could be exploited by attackers to crash a vulnerable
    system, creating a denial of service condition.

    The Common Vulnerabilities and Exposures project (cve.mitre.org)
    has assigned the name CVE-2006-4623 to this issue.

  php < TSL 3.0 > < TSL 2.2 > 
  - SECURITY Fix: Maksymilian Arciemowicz has reported a vulnerability
    in PHP, caused due to an error within the "ini_restore()" function,
    which can be exploited to reset certain options to their default
    value specified in php.ini.

    The Common Vulnerabilities and Exposures project has assigned the
    name CVE-2006-4625 to this issue.

  php4 < TSL 2.2 > 
  - SECURITY Fix: Maksymilian Arciemowicz has reported a vulnerability
    in PHP, caused due to an error within the "ini_restore()" function,
    which can be exploited to reset certain options to their default
    value specified in php.ini.

    The Common Vulnerabilities and Exposures project has assigned the
    name CVE-2006-4625 to this issue.

  python < TSL 3.0 > < TSL 2.2 > < TSEL 2 >
  - SECURITY FIX: Benjamin C. Wiley Sittler has reported a vulnerability
    in Python caused due to incorrect handling of UTF32/UCS-4 encoded
    strings within the "repr()" function. If an application uses the
    "repr()" function to process attacker supplied data, this can
    potentially be exploited to execute arbitrary code.

    The Common Vulnerabilities and Exposures project (cve.mitre.org)
    has assigned the name CVE-2006-4980 to this issue.

  xorg-x11 < TSL 3.0 >
  - Add patch to build against freetype 2.2.x.
  - SECURITY Fix: Some vulnerabilities have been reported in libXfont,
    which can be exploited by malicious, local users to gain escalated
    privileges. The vulnerabilities are caused due to integer overflows
    within the "scan_cid()" function when handling CMAP and CIDFont data
    and the "CIDADM()" function when parsing AFM (Adobe Font Metric)
    files. These can be exploited to cause buffer overflows via 
    specially crafted CID encoded Type1 fonts.
  - Another security issues have been reported in X.Org X11, caused
    due to missing checks whether the setuid() or similar calls have
    succeeded. This can be exploited to perform certain actions with
    root privileges if the calls fail due to e.g. resource limits.
  - An integer overflow flaw in the way the X.org server processes PCF
    files was discovered. This could be exploited to cause a denial of
    service or potentially execute arbitrary code with root privileges
    on the X.org server

    The Common Vulnerabilities and Exposures project has assigned the
    names CVE-2006-3740, CVE-2006-3739, CVE-2006-4447 and
    CVE-2006-3467 to these issues.

Action:
  We recommend that all systems with this package installed be upgraded.
  Please note that if you do not need the functionality provided by this
  package, you may want to remove it from your system.


Location:
  All Trustix Secure Linux updates are available from
  <URI:http://http.trustix.org/pub/trustix/updates/>
  <URI:ftp://ftp.trustix.org/pub/trustix/updates/>


About Trustix Secure Linux:
  Trustix Secure Linux is a small Linux distribution for servers. With focus
  on security and stability, the system is painlessly kept safe and up to
  date from day one using swup, the automated software updater.


Automatic updates:
  Users of the SWUP tool can enjoy having updates automatically
  installed using 'swup --upgrade'.


Questions?
  Check out our mailing lists:
  <URI:http://www.trustix.org/support/>


Verification:
  This advisory along with all Trustix packages are signed with the
  TSL sign key.
  This key is available from:
  <URI:http://www.trustix.org/TSL-SIGN-KEY>

  The advisory itself is available from the errata pages at
  <URI:http://www.trustix.org/errata/trustix-2.2/> and
  <URI:http://www.trustix.org/errata/trustix-3.0/>
  or directly at
  <URI:http://www.trustix.org/errata/2006/0057/>


MD5sums of the packages:
- --------------------------------------------------------------------------
068c6b56410cc486655ad88c301b03ce  3.0/rpms/clamav-0.88.5-1tr.i586.rpm
589e40de1fdd3b352e39dc6aadb7de45  3.0/rpms/clamav-devel-0.88.5-1tr.i586.rpm
e89fc19da0f34965aa12d4f821a34f63  3.0/rpms/kernel-2.6.17.14-1tr.i586.rpm
e489bb0bcedf98217f89374314de4ea9  3.0/rpms/kernel-doc-2.6.17.14-1tr.i586.rpm
2e0853c8d4240cbaa7b6b4d6ed9b77f7  3.0/rpms/kernel-headers-2.6.17.14-1tr.i586.rpm
c26c5874f277d68e2e78a22534432d2e  3.0/rpms/kernel-smp-2.6.17.14-1tr.i586.rpm
c74a566b3efd2a4f804e6f68711271fa  3.0/rpms/kernel-smp-headers-2.6.17.14-1tr.i586.rpm
1f481d8f87dd9bd83293eac166476a7b  3.0/rpms/kernel-source-2.6.17.14-1tr.i586.rpm
ae2070e990610e825d830f7a12c5187a  3.0/rpms/kernel-utils-2.6.17.14-1tr.i586.rpm
098cede5fa9ef74a536269b9d05b26bd  3.0/rpms/php-5.1.6-3tr.i586.rpm
b75a8e5b9fa044d7ad447e02db428a8c  3.0/rpms/php-calendar-5.1.6-3tr.i586.rpm
221d6af1df6af0e5e1ead800eff55c2e  3.0/rpms/php-cli-5.1.6-3tr.i586.rpm
a01fc039a746dd4683242682f706716a  3.0/rpms/php-curl-5.1.6-3tr.i586.rpm
b61f1011301a6e0701103e20919c6f59  3.0/rpms/php-dba-5.1.6-3tr.i586.rpm
a13985263d4300dd2aebb5d7c429c4a3  3.0/rpms/php-devel-5.1.6-3tr.i586.rpm
b9d2de1d757f78d348b50dcd92bcc06d  3.0/rpms/php-exif-5.1.6-3tr.i586.rpm
91b5f1731626cce128bf3c6e8b578e24  3.0/rpms/php-fcgi-5.1.6-3tr.i586.rpm
0c0e6148e06a576a0ddbf07233d531c2  3.0/rpms/php-gd-5.1.6-3tr.i586.rpm
1ad48e7d05bfe06ef9e9587ab750be5f  3.0/rpms/php-imap-5.1.6-3tr.i586.rpm
d0ac1ee27abd41d8eba8c58ea5482377  3.0/rpms/php-ldap-5.1.6-3tr.i586.rpm
e420c4296cc2952203b2bede00835415  3.0/rpms/php-mhash-5.1.6-3tr.i586.rpm
2037b0591cc87a9ad61cc6c5c097e25d  3.0/rpms/php-mysql-5.1.6-3tr.i586.rpm
229387a628b71e74882a77a8a50408a6  3.0/rpms/php-mysqli-5.1.6-3tr.i586.rpm
205842fe1b82aeb0d77abff65178ea98  3.0/rpms/php-pgsql-5.1.6-3tr.i586.rpm
654ea7c79733b3148a4ed3081019e5cf  3.0/rpms/php-pspell-5.1.6-3tr.i586.rpm
aa21d5b9b0aaed996c5ec49884b62b79  3.0/rpms/php-snmp-5.1.6-3tr.i586.rpm
593fedea9f4153715dd85851684d1168  3.0/rpms/php-xslt-5.1.6-3tr.i586.rpm
aeef80dd74b7d94e0af7d4f3056f210c  3.0/rpms/php-zlib-5.1.6-3tr.i586.rpm
5910c93d9fa24370ccf95812f4c7a97c  3.0/rpms/python-2.3.5-6tr.i586.rpm
0995a87fd636423657c1031658849981  3.0/rpms/python-devel-2.3.5-6tr.i586.rpm
a994362aef658ed3af1e60c0fc058d8a  3.0/rpms/python-docs-2.3.5-6tr.i586.rpm
cdd9c074a27a9346e9f7fc138e51082a  3.0/rpms/python-gdbm-2.3.5-6tr.i586.rpm
765e6ef85c647da37504f97cd9bc9c3f  3.0/rpms/python-idle-2.3.5-6tr.i586.rpm
d3f861b74f67967aad40be6af19411d7  3.0/rpms/python-modules-2.3.5-6tr.i586.rpm
7ef2e62deae525db3994f8549ec99b17  3.0/rpms/xorg-x11-6.8.2-12tr.i586.rpm
f5036bd03953842fdfb58586141de931  3.0/rpms/xorg-x11-devel-6.8.2-12tr.i586.rpm
e26db71bce0f9a759bc945d6b89414f1  3.0/rpms/xorg-x11-doc-6.8.2-12tr.i586.rpm
53fe7d3280dba8df09e974f2a7007f5e  3.0/rpms/xorg-x11-fonts-100dpi-6.8.2-12tr.i586.rpm
2f20603e45129789a19ca463b4142d64  3.0/rpms/xorg-x11-fonts-6.8.2-12tr.i586.rpm
3a0a92c24a0b5c1c5fe1a590a0efbd24  3.0/rpms/xorg-x11-fonts-75dpi-6.8.2-12tr.i586.rpm
500a6ab0c8644e6134dd39e6571b8299  3.0/rpms/xorg-x11-fonts-cid-6.8.2-12tr.i586.rpm
5c6e1febe3b55d55bc4e45a728a3f80f  3.0/rpms/xorg-x11-fonts-cyrillic-6.8.2-12tr.i586.rpm
08d4641dbad7de1a476924a15354f83d  3.0/rpms/xorg-x11-fonts-otf-6.8.2-12tr.i586.rpm
309356cd7920aec3d49357ed2cc5e226  3.0/rpms/xorg-x11-fonts-speedo-6.8.2-12tr.i586.rpm
5bc36c02e0ecdaf55111c6bef4439d09  3.0/rpms/xorg-x11-fonts-ttf-6.8.2-12tr.i586.rpm
1a3a423eb920b2c33412c12166067b78  3.0/rpms/xorg-x11-fonts-type1-6.8.2-12tr.i586.rpm
15af41e0946cbbed9830fddcad80aaa8  3.0/rpms/xorg-x11-libs-6.8.2-12tr.i586.rpm
411d23a10ca6134d32241462e8de97ae  3.0/rpms/xorg-x11-sdk-6.8.2-12tr.i586.rpm

d05b1f68e940cfa7c79fd0898603927d  2.2/rpms/clamav-0.88.5-1tr.i586.rpm
19769a8a1e84b59b2fc63d7b578916b9  2.2/rpms/clamav-devel-0.88.5-1tr.i586.rpm
33db0dff5b31d3c8790acdbdeb7d7c3a  2.2/rpms/kernel-2.4.33.3-3tr.i586.rpm
b77f2f01f1d1e033278db8babb523ac4  2.2/rpms/kernel-BOOT-2.4.33.3-3tr.i586.rpm
6b9c45217a3caa70f53a3cb6506ea3e2  2.2/rpms/kernel-doc-2.4.33.3-3tr.i586.rpm
9812c9f96d80952bca7da41f399dc208  2.2/rpms/kernel-smp-2.4.33.3-3tr.i586.rpm
a99277e62814eabd6f45ec743cee6c24  2.2/rpms/kernel-source-2.4.33.3-3tr.i586.rpm
72630ffb82c4b18384fbb27d1705c3cd  2.2/rpms/kernel-utils-2.4.33.3-3tr.i586.rpm
540d02515cb68a0339dfb9f512c92514  2.2/rpms/php-5.1.6-3tr.i586.rpm
f75c1ba56b7a7015d9435d2d7199b099  2.2/rpms/php-cli-5.1.6-3tr.i586.rpm
131043a8a367ce9884a8129bacbc0da8  2.2/rpms/php-curl-5.1.6-3tr.i586.rpm
fc094248ad6d6f5232f737ad7b179d71  2.2/rpms/php-devel-5.1.6-3tr.i586.rpm
379e788aaae006fa8b2263081099bce3  2.2/rpms/php-exif-5.1.6-3tr.i586.rpm
45f2c27bd64f2494c67bd09cda3c5f7e  2.2/rpms/php-fcgi-5.1.6-3tr.i586.rpm
a7e2b70635a71f27dd2d64bca4b3efd8  2.2/rpms/php-gd-5.1.6-3tr.i586.rpm
7d9ce66ca53c581a0b2d5a894f655ab7  2.2/rpms/php-imap-5.1.6-3tr.i586.rpm
51473909f433c3d99cc8ccecedf2fc48  2.2/rpms/php-ldap-5.1.6-3tr.i586.rpm
eddc80244b415b9613f26ee2cdfd2c41  2.2/rpms/php-mhash-5.1.6-3tr.i586.rpm
b78eca41b0db28168f17640dc235d57c  2.2/rpms/php-mysql-5.1.6-3tr.i586.rpm
b75ae56ad5854e57b1a93d05db9e09f0  2.2/rpms/php-mysqli-5.1.6-3tr.i586.rpm
de5a84343ed9c4d64056fad18cb79856  2.2/rpms/php-pgsql-5.1.6-3tr.i586.rpm
ce05ee8cc43af0090c8c35a3122eacb5  2.2/rpms/php-zlib-5.1.6-3tr.i586.rpm
6f7b4b32bd67db00801fe59414b3f548  2.2/rpms/php4-4.4.4-4tr.i586.rpm
d848a4f4cf9ce8808a150f6c3aaedb5e  2.2/rpms/php4-cli-4.4.4-4tr.i586.rpm
47372e4e557041ad2d69d4d9b4ac2fa0  2.2/rpms/php4-curl-4.4.4-4tr.i586.rpm
dd8317d691c5dbcbf1ecde69c185ab49  2.2/rpms/php4-devel-4.4.4-4tr.i586.rpm
a3124c7f698da43bc2ac71a80230a897  2.2/rpms/php4-domxml-4.4.4-4tr.i586.rpm
1c04d5b6e52743d7fb887afd439b159a  2.2/rpms/php4-exif-4.4.4-4tr.i586.rpm
683469508cf284ffc3a25bbf3f4d5bf1  2.2/rpms/php4-fcgi-4.4.4-4tr.i586.rpm
012ed7a21831442934c6190455f0e550  2.2/rpms/php4-gd-4.4.4-4tr.i586.rpm
b0f37cbeaa9c42eb9060280ee8e63481  2.2/rpms/php4-imap-4.4.4-4tr.i586.rpm
71ea59cd587397f38a4c3177ef3d7069  2.2/rpms/php4-ldap-4.4.4-4tr.i586.rpm
949c5e24210e7e88aff618f0b85cecdb  2.2/rpms/php4-mhash-4.4.4-4tr.i586.rpm
605b680196ba4b00a956064b1cb1364b  2.2/rpms/php4-mysql-4.4.4-4tr.i586.rpm
ab1dc2f77f69cb9d3c3955708984c65e  2.2/rpms/php4-pgsql-4.4.4-4tr.i586.rpm
77000b8dbd4712cec5f1ca9fd7a34b44  2.2/rpms/php4-test-4.4.4-4tr.i586.rpm
0b1998c3d8c444d6abf73f60708a9636  2.2/rpms/python-2.2.3-17tr.i586.rpm
0d19ea4f5154cad893aee698b2f43deb  2.2/rpms/python-dbm-2.2.3-17tr.i586.rpm
0eb7a049d1268ea5ad847f574473463b  2.2/rpms/python-devel-2.2.3-17tr.i586.rpm
6416f7fa76cffb71721b29780a78225a  2.2/rpms/python-docs-2.2.3-17tr.i586.rpm
81837a22ca24ec2a2cada3635b047d75  2.2/rpms/python-gdbm-2.2.3-17tr.i586.rpm
21e9612dc1f92dfdc6fc134530a3c7ba  2.2/rpms/python-modules-2.2.3-17tr.i586.rpm
- --------------------------------------------------------------------------


Trustix Security Team


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFFNhbhi8CEzsK9IksRAiG1AKCa7VAipEQOfCZh37Oy5oLFW64LPQCbBN5o
2Pm73/vbA5K9tqJYKaGyfJI=
=pwQP
-----END PGP SIGNATURE-----


  By Date           By Thread  

Current thread:
  • TSLSA-2006-0057 - multi Trustix Security Advisor (Oct 18)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault