Date: 19 Apr 2004 18:50:40 -0000
From: Mandrake Linux Security Team <[email protected]>
To: [email protected]Subject: MDKSA-2004:031 - Updated utempter packages fix several vulnerabilities
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: utempter
Advisory ID: MDKSA-2004:031
Date: April 19th, 2004
Affected versions: 10.0, 9.1, 9.2, Corporate Server 2.1,
Multi Network Firewall 8.2
______________________________________________________________________
Problem Description:
Steve Grubb discovered two potential issues in the utempter program:
1) If the path to the device contained /../ or /./ or //, the
program was not exiting as it should. It would be possible to use something
like /dev/../tmp/tty0, and then if /tmp/tty0 were deleted and symlinked
to another important file, programs that have root privileges that do no
further validation can then overwrite whatever the symlink pointed to.
2) Several calls to strncpy without a manual termination of the string.
This would most likely crash utempter.
The updated packages are patched to correct these problems.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0233
______________________________________________________________________
Updated Packages:
Mandrakelinux 10.0:
e5458d8e68dd55b2dcface9f2ead71cd 10.0/RPMS/libutempter0-0.5.2-12.1.100mdk.i586.rpm
366d48de884799751c7110f84d835cc0 10.0/RPMS/libutempter0-devel-0.5.2-12.1.100mdk.i586.rpm
6eabf21bdf9d7eba1a86fac4589e5714 10.0/RPMS/utempter-0.5.2-12.1.100mdk.i586.rpm
52a5e2fa807981cba7156213684bb9ce 10.0/SRPMS/utempter-0.5.2-12.1.100mdk.src.rpm
Corporate Server 2.1:
c16478b61d52db976f712b5817bbf167 corporate/2.1/RPMS/libutempter0-0.5.2-11.1.C21mdk.i586.rpm
7f74bd805709457dfb71a3bdc91f2577 corporate/2.1/RPMS/libutempter0-devel-0.5.2-11.1.C21mdk.i586.rpm
eb25144f12a1d93d7d9634964a1d7bbd corporate/2.1/RPMS/utempter-0.5.2-11.1.C21mdk.i586.rpm
ef9fe684449e0faaf59be81ed63df284 corporate/2.1/SRPMS/utempter-0.5.2-11.1.C21mdk.src.rpm
Corporate Server 2.1/x86_64:
284d5f6f9bded143a8d26c8062eb9e70 x86_64/corporate/2.1/RPMS/libutempter0-0.5.2-11.1.C21mdk.x86_64.rpm
62ada7f5235b513c978dc8eea2184b8b x86_64/corporate/2.1/RPMS/libutempter0-devel-0.5.2-11.1.C21mdk.x86_64.rpm
8755f9214bb5412a204b24e6cce68ab5 x86_64/corporate/2.1/RPMS/utempter-0.5.2-11.1.C21mdk.x86_64.rpm
ef9fe684449e0faaf59be81ed63df284 x86_64/corporate/2.1/SRPMS/utempter-0.5.2-11.1.C21mdk.src.rpm
Mandrakelinux 9.1:
ff42f22d509bf90dc87c29acf970548b 9.1/RPMS/libutempter0-0.5.2-10.1.91mdk.i586.rpm
7f100656a81b88e2ddc0f1a3ffd6cc1d 9.1/RPMS/libutempter0-devel-0.5.2-10.1.91mdk.i586.rpm
ae56735580eaff60027404a27843b28f 9.1/RPMS/utempter-0.5.2-10.1.91mdk.i586.rpm
1f308d636a246978a66f79802467e09b 9.1/SRPMS/utempter-0.5.2-10.1.91mdk.src.rpm
Mandrakelinux 9.1/PPC:
1c72b8d5bf1e88e267fdd818094f1d52 ppc/9.1/RPMS/libutempter0-0.5.2-10.1.91mdk.ppc.rpm
45e56e24d73c0744460908206164bad6 ppc/9.1/RPMS/libutempter0-devel-0.5.2-10.1.91mdk.ppc.rpm
218199c662a394416a5b37ce95fe69fe ppc/9.1/RPMS/utempter-0.5.2-10.1.91mdk.ppc.rpm
1f308d636a246978a66f79802467e09b ppc/9.1/SRPMS/utempter-0.5.2-10.1.91mdk.src.rpm
Mandrakelinux 9.2:
90522a1350a48e3527ac5d62e9f42d02 9.2/RPMS/libutempter0-0.5.2-12.1.92mdk.i586.rpm
93cc7f6b06e932fb669cf4f6e76d219f 9.2/RPMS/libutempter0-devel-0.5.2-12.1.92mdk.i586.rpm
9295f7ce85188523ef2ddf02e2137d4b 9.2/RPMS/utempter-0.5.2-12.1.92mdk.i586.rpm
6bcb323d7d50949a1b4f8bae5bd84fd6 9.2/SRPMS/utempter-0.5.2-12.1.92mdk.src.rpm
Mandrakelinux 9.2/AMD64:
92b815911cfc95b1fe982b1e6d34fbe9 amd64/9.2/RPMS/lib64utempter0-0.5.2-12.1.92mdk.amd64.rpm
7e5c27d4817e8bd1cb661baf4fa2098d amd64/9.2/RPMS/lib64utempter0-devel-0.5.2-12.1.92mdk.amd64.rpm
d83101f51887fa4576ba70bd44dc96d4 amd64/9.2/RPMS/utempter-0.5.2-12.1.92mdk.amd64.rpm
6bcb323d7d50949a1b4f8bae5bd84fd6 amd64/9.2/SRPMS/utempter-0.5.2-12.1.92mdk.src.rpm
Multi Network Firewall 8.2:
4a73fd406115139f44a96595d7a7d636 mnf8.2/RPMS/libutempter0-0.5.2-5.1.M82mdk.i586.rpm
4ec3be7ee3b1afc20cee08edd699d88c mnf8.2/RPMS/libutempter0-devel-0.5.2-5.1.M82mdk.i586.rpm
6f88c9436293c120c90877f12d8426a9 mnf8.2/RPMS/utempter-0.5.2-5.1.M82mdk.i586.rpm
273359b6f93965a0995a6c11cf3a1d77 mnf8.2/SRPMS/utempter-0.5.2-5.1.M82mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
A list of FTP mirrors can be obtained from:
http://www.mandrakesecure.net/en/ftp.php
All packages are signed by Mandrakesoft for security. You can obtain
the GPG public key of the Mandrakelinux Security Team by executing:
gpg --recv-keys --keyserver www.mandrakesecure.net 0x22458A98
Please be aware that sometimes it takes the mirrors a few hours to
update.
You can view other update advisories for Mandrakelinux at:
http://www.mandrakesecure.net/en/advisories/
Mandrakesoft has several security-related mailing list services that
anyone can subscribe to. Information on these lists can be obtained by
visiting:
http://www.mandrakesecure.net/en/mlist.php
If you want to report vulnerabilities, please contact
security_linux-mandrake.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team
<security linux-mandrake.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQFAhB+AmqjQ0CJFipgRAph7AKDlya68fexJ14qf1DchzBMhGBA+0gCgsOEM
aRlgv9npCuiEhF7aWN+PaJg=
=5mCk
-----END PGP SIGNATURE-----