Date: Fri, 3 Nov 2006 15:02:12 +0000
From: Trustix Security Advisor <tsl@trustix.org.>
To: [email protected]Subject: TSLSA-2006-0061 - multi
Message-ID: <20061103150212.GA5917@tsunami.trustix.net.>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.4.2.1i
X-Virus-Scanned: antivirus-gw at tyumen.ru
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- --------------------------------------------------------------------------
Trustix Secure Linux Security Advisory #2006-0061
Package names: mutt, pam_ldap, php
Summary: Multiple vulnerabilities
Date: 2006-11-03
Affected versions: Trustix Secure Linux 2.2
Trustix Secure Linux 3.0
Trustix Operating System - Enterprise Server 2
- --------------------------------------------------------------------------
Package description:
mutt
Mutt is a text mode mail user agent. Mutt supports color, threading,
arbitrary key remapping, and a lot of customization.
pam_ldap
Pam_ldap is a module for Linux-PAM that supports password changes,
V2/V3 clients, Netscapes SSL/OpenSSL, ypldapd, Netscape Directory
Server password policies, access authorization, crypted hashes, etc.
php
PHP is an HTML-embedded scripting language. PHP attempts to
make it easy for developers to write dynamically generated web
pages. PHP also offers built-in database integration for several
commercial and non-commercial database management systems, so
writing a database-enabled web page with PHP is fairly simple.
The most common use of PHP coding is probably as a replacement
for CGI scripts. The mod_php module enables the Apache web server
to understand and process the embedded PHP language in web pages.
Problem description:
mutt < TSL 3.0 > < TSL 2.2 > < TSEL 2 >
- SECURITY Fix: A race condition in the safe_open function, when
creating temporary files in an NFS filesystem, allows local users
to overwrite arbitrary files due to limitations of the use of the
O_EXCL flag on NFS filesystems.
- The mutt_adv_mktemp function does not properly verify that temporary
files that have been created with restricted permissions, which might
allow local users to create files with weak permissions via a race
condition between the mktemp and safe_fopen function calls.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the names CVE-2006-5297 and CVE-2006-5298 to these issue.
pam_ldap < TSL 3.0 > < TSL 2.2 >
- New upstream.
- SECURITY Fix: Steve Rigler has reported a security issue which
can be exploited by malicious people to bypass certain security
restrictions. The issue is caused due to an error within the
handling of "PasswordPolicyResponse" control messages when
authenticating against an LDAP server. This causes the
"pam_authenticate()" function to always succeed, even if the
previous authentication failed.
The common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2006-5170 to this issue.
php < TSL 3.0 > < TSL 2.2 >
- New Upstream.
- SECURITY Fix: Some vulnerabilities have been reported in PHP,
caused due to boundary errors within the "htmlentities()" and
"htmlspecialchars()" functions. If a PHP application uses these
functions to process user-supplied input, this can be exploited
to cause buffer overflows by passing specially crafted data to
the affected application.
The Common Vulnerabilities and Exposures project has assigned the
name CVE-2006-5465 to this issue.
- Added support for mcrypt, Bug #1956.
- Added support for pdo-sqlite, pdo-mysql and sqlite, Bug #1959.
- Included openssl support, Bug #1958.
- Added buildrequires expat-devel and fontconfig-devel, Bug #2011.
Action:
We recommend that all systems with this package installed be upgraded.
Please note that if you do not need the functionality provided by this
package, you may want to remove it from your system.
Location:
All Trustix Secure Linux updates are available from
<URI:http://http.trustix.org/pub/trustix/updates/>
<URI:ftp://ftp.trustix.org/pub/trustix/updates/>
About Trustix Secure Linux:
Trustix Secure Linux is a small Linux distribution for servers. With focus
on security and stability, the system is painlessly kept safe and up to
date from day one using swup, the automated software updater.
Automatic updates:
Users of the SWUP tool can enjoy having updates automatically
installed using 'swup --upgrade'.
Questions?
Check out our mailing lists:
<URI:http://www.trustix.org/support/>
Verification:
This advisory along with all Trustix packages are signed with the
TSL sign key.
This key is available from:
<URI:http://www.trustix.org/TSL-SIGN-KEY>
The advisory itself is available from the errata pages at
<URI:http://www.trustix.org/errata/trustix-2.2/> and
<URI:http://www.trustix.org/errata/trustix-3.0/>
or directly at
<URI:http://www.trustix.org/errata/2006/0061/>
MD5sums of the packages:
- --------------------------------------------------------------------------
d96dae8b76785537380e77396b81c3c6 3.0/rpms/ldapclients-common-183-1tr.i586.rpm
7e4101d0079ef3d20aec6cd9a0ee47fc 3.0/rpms/mutt-1.4.2.1-10tr.i586.rpm
a1a0ef53c02871c63a0f889d52e56464 3.0/rpms/pam_ldap-183-1tr.i586.rpm
4487f0d0030f498c44cf1d45155438a4 3.0/rpms/php-5.2.0-1tr.i586.rpm
8790cdab5c153ea7090094f087de4f5b 3.0/rpms/php-calendar-5.2.0-1tr.i586.rpm
defc4df433d315c3ac62366a48488521 3.0/rpms/php-cli-5.2.0-1tr.i586.rpm
3e30ef02c25387efee91b8893f42466d 3.0/rpms/php-curl-5.2.0-1tr.i586.rpm
4649d8952fb57ca7302984a2856cc10d 3.0/rpms/php-dba-5.2.0-1tr.i586.rpm
1ddee19991c0ae59d95cbf69b860e51c 3.0/rpms/php-devel-5.2.0-1tr.i586.rpm
a1bbb8c982f584e50a3766e88176ddc9 3.0/rpms/php-exif-5.2.0-1tr.i586.rpm
310b88dfd33504e4cd74540335f74bb8 3.0/rpms/php-fcgi-5.2.0-1tr.i586.rpm
110bbba14cfb114c8fc75187df8425b3 3.0/rpms/php-gd-5.2.0-1tr.i586.rpm
84f8038f7d71b67677a0ecfa48daf2d5 3.0/rpms/php-imap-5.2.0-1tr.i586.rpm
24a8943637f6b3a845ecc2bf6676a503 3.0/rpms/php-ldap-5.2.0-1tr.i586.rpm
7bf59655d5fce309d789d30250323dcc 3.0/rpms/php-mcrypt-5.2.0-1tr.i586.rpm
0a61d575c497bd60d4b06fbd59240969 3.0/rpms/php-mhash-5.2.0-1tr.i586.rpm
a260a6ee8ca1cd8ef7340795a43dd1a3 3.0/rpms/php-mysql-5.2.0-1tr.i586.rpm
d7129d80c1f43a8ff722075e57a727d6 3.0/rpms/php-mysqli-5.2.0-1tr.i586.rpm
1e31b7f9cde26a3c31d1dff592c6f00e 3.0/rpms/php-openssl-5.2.0-1tr.i586.rpm
057c15c14e211fd27eb31d3eea3567c4 3.0/rpms/php-pdo-mysql-5.2.0-1tr.i586.rpm
0b731bab170fdd4529388edf2e4f8950 3.0/rpms/php-pdo-sqlite-5.2.0-1tr.i586.rpm
8fe1b3dfb552d10a1a8e70290a89029c 3.0/rpms/php-pgsql-5.2.0-1tr.i586.rpm
b935f7be44a227c7c31a053e0a2560d2 3.0/rpms/php-pspell-5.2.0-1tr.i586.rpm
22451557386aea07e25d45634d67725c 3.0/rpms/php-snmp-5.2.0-1tr.i586.rpm
b88eef1abfe3800df8bd609441765d99 3.0/rpms/php-sqlite-5.2.0-1tr.i586.rpm
6d885b65f6b9164f9e3abbab355d581a 3.0/rpms/php-xslt-5.2.0-1tr.i586.rpm
4bef2d6673e269ef5564b1d60dabc9ed 3.0/rpms/php-zlib-5.2.0-1tr.i586.rpm
b4b6e1d65b18b7be38343176d987bc1e 2.2/rpms/ldapclients-common-183-1tr.i586.rpm
0cf605ece23c48ac9f96b036ead7c12e 2.2/rpms/mutt-1.4.2.1-6tr.i586.rpm
af0003f6290c968305ed59b96f33d9eb 2.2/rpms/pam_ldap-183-1tr.i586.rpm
9356c0eff6fa982e1e6b1a5557161328 2.2/rpms/php-5.2.0-1tr.i586.rpm
83ec93582363bf78c886ef246b76980e 2.2/rpms/php-cli-5.2.0-1tr.i586.rpm
19e0ba13d52129dc21ba6a645846569f 2.2/rpms/php-curl-5.2.0-1tr.i586.rpm
33bf33f853794d32a21c851ae7de1f98 2.2/rpms/php-devel-5.2.0-1tr.i586.rpm
43628cdb25431cb06a16a65591b2220a 2.2/rpms/php-exif-5.2.0-1tr.i586.rpm
a95a77bdfb6d80c28a18346198929f66 2.2/rpms/php-fcgi-5.2.0-1tr.i586.rpm
567d73bc467bbaff223b7363293a22cd 2.2/rpms/php-gd-5.2.0-1tr.i586.rpm
3d609748d897006c21a2af5554f96eda 2.2/rpms/php-imap-5.2.0-1tr.i586.rpm
d681d5010b77725c08891067d5224deb 2.2/rpms/php-ldap-5.2.0-1tr.i586.rpm
35cfde759d614c0cbfa05947e1be8ce6 2.2/rpms/php-mcrypt-5.2.0-1tr.i586.rpm
2da2d79481488eaec92aeb3a5ba33a80 2.2/rpms/php-mhash-5.2.0-1tr.i586.rpm
72c05352ae6d9cd8d4d443421e1b3f79 2.2/rpms/php-mysql-5.2.0-1tr.i586.rpm
8afbd4b3c4bc021ac99f3adcc860e0e2 2.2/rpms/php-mysqli-5.2.0-1tr.i586.rpm
62bca20622f348b1898d3d7cca541847 2.2/rpms/php-openssl-5.2.0-1tr.i586.rpm
6e18746564365472ceedab08cb692440 2.2/rpms/php-pdo-mysql-5.2.0-1tr.i586.rpm
c0688f00635eebab0e197b374dcac9c7 2.2/rpms/php-pdo-sqlite-5.2.0-1tr.i586.rpm
b91c77a4d9016f74699b214b0a7e8549 2.2/rpms/php-pgsql-5.2.0-1tr.i586.rpm
fee0431b47cb04f2359d29490e327265 2.2/rpms/php-sqlite-5.2.0-1tr.i586.rpm
ec4c19faca69e22029e1884578ff88a2 2.2/rpms/php-zlib-5.2.0-1tr.i586.rpm
- --------------------------------------------------------------------------
Trustix Security Team
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
iD8DBQFFS1g+i8CEzsK9IksRAkitAKCpv8hzYyD6WmIaTitvnFMidGCJNwCfbYZy
1/Tz992xAAzrG1DFuIuLtWM=
=IVIw
-----END PGP SIGNATURE-----