Date: Fri, 25 May 2007 11:08:54 +0100
From: Trustix Security Advisor <tsl@trustix.org.>
To: [email protected]Subject: TSLSA-2007-0019 - multi
Message-ID: <20070525100854.GA23275@tsunami.trustix.net.>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.4.2.1i
X-Virus-Scanned: antivirus-gw at tyumen.ru
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- --------------------------------------------------------------------------
Trustix Secure Linux Security Advisory #2007-0019
Package names: fetchmail, freetype, gd, libpng, python24
Summary: Multiple vulnerabilities
Date: 2007-05-25
Affected versions: Trustix Secure Linux 2.2
Trustix Secure Linux 3.0
Trustix Secure Linux 3.0.5
Trustix Operating System - Enterprise Server 2
- --------------------------------------------------------------------------
Package description:
fetchmail
Fetchmail is a remote mail retrieval and forwarding utility intended
for use over on-demand TCP/IP links, like SLIP or PPP connections.
Fetchmail supports every remote-mail protocol currently in use on the
Internet (POP2, POP3, RPOP, APOP, KPOP, all IMAPs, ESMTP ETRN, IPv6,
and IPSEC) for retrieval. Then Fetchmail forwards the mail through
SMTP so you can read it through your favorite mail client.
freetype
The FreeType engine is a free and portable TrueType font rendering
engine, developed to provide TrueType support for a variety of
platforms and environments. FreeType is a library which can open
and manages font files as well as efficiently load, hint and render
individual glyphs. FreeType is not a font server or a complete
text-rendering library.
gd
gd is a graphics library. It allows your code to quickly draw images
complete with lines, arcs, text, multiple colors, cut and paste from
other images, and flood fills, and write out the result as a PNG or
JPEG file. This is particularly useful in World Wide Web applications,
where PNG and JPEG are two of the formats accepted for inline images
by most browsers.
libpng
libpng is a library of functions for creating and manipulating PNG
(Portable Network Graphics) image format files.
python24
Python is an interpreted, interactive, object-oriented programming
language often compared to Tcl, Perl, Scheme or Java. Python includes
modules, classes, exceptions, very high level dynamic data types and
dynamic typing. Python supports interfaces to many system calls and
libraries.
Problem description:
fetchmail < TSL 3.0.5 > < TSL 3.0 >
- New upsteam.
- SECURITY Fix: A weakness has been identified which is caused
by an error in the APOP protocol that fails to properly prevent
MD5 collisions, which could be exploited via man-in-the-middle
attacks and specially crafted message-IDs to potentially disclose
the first three characters of passwords.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2007-1558 to this issue.
freetype < TSL 3.0.5 > < TSL 3.0 > < TSL 2.2 >
- SECURITY Fix: Victor Stinner has reported a vulnerability in
FreeType, caused due to an error when parsing malformed TTF
fonts in src/truetype/ttgload.c and may be exploited when
processing a specially crafted TTF font.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2007-2754 to this issue.
gd < TSL 3.0.5 > < TSL 3.0 > < TSL 2.2 >
- SECURITY Fix: Xavier Roche has reported a vulnerability in GD
Graphics Library caused due to the incorrect use of libpng within
the function "gdPngReadData()" when processing truncated data.
This can be exploited to cause an infinite loop by e.g. tricking
an application using the library to process a specially crafted file.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2007-2756 to this issue.
libpng < TSL 3.0.5 > < TSL 3.0 >< TSL 2.2 > < TSEL 2>
- SECURITY Fix: A vulnerability has been reported in libpng, caused
due to an error in the "png_handle_tRNS" function in pngrutil.c.
This can be exploited by tricking an application using the library
to process a specially crafted PNG file containing a malformed
tRNS chunk.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2007-2445 to this issue.
python24 < TSL 3.0.5 >
- SECURITY Fix: A vulnerability has been identified, which could
be exploited by attackers to gain knowledge of potentially
sensitive information. This issue is caused by an off-by-one
error in the "PyLocale_strxfrm()" [Modules/_localemodule.c]
function when calculating the "n2" buffer size, which could be
exploited by attackers to disclose and read portions of memory.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2007-2052 to this issue.
Action:
We recommend that all systems with this package installed be upgraded.
Please note that if you do not need the functionality provided by this
package, you may want to remove it from your system.
Location:
All Trustix Secure Linux updates are available from
<URI:http://http.trustix.org/pub/trustix/updates/>
<URI:ftp://ftp.trustix.org/pub/trustix/updates/>
About Trustix Secure Linux:
Trustix Secure Linux is a small Linux distribution for servers. With focus
on security and stability, the system is painlessly kept safe and up to
date from day one using swup, the automated software updater.
Automatic updates:
Users of the SWUP tool can enjoy having updates automatically
installed using 'swup --upgrade'.
Questions?
Check out our mailing lists:
<URI:http://www.trustix.org/support/>
Verification:
This advisory along with all Trustix packages are signed with the
TSL sign key.
This key is available from:
<URI:http://www.trustix.org/TSL-SIGN-KEY>
The advisory itself is available from the errata pages at
<URI:http://www.trustix.org/errata/trustix-2.2/>
<URI:http://www.trustix.org/errata/trustix-3.0/> and
<URI:http://www.trustix.org/errata/trustix-3.0.5/>
or directly at
<URI:http://www.trustix.org/errata/2007/0019/>
MD5sums of the packages:
- --------------------------------------------------------------------------
7e7fca1269d3cef8364255068ca0f0eb 3.0.5/rpms/fetchmail-6.3.8-1tr.i586.rpm
b8253ea826e589446d340459bc0c8e19 3.0.5/rpms/freetype-2.2.1-4tr.i586.rpm
f3f5bc6cd33b050f3b20132ed962c569 3.0.5/rpms/freetype-devel-2.2.1-4tr.i586.rpm
25cb794e2a82cd79cbbacbc5b9a37e90 3.0.5/rpms/gd-2.0.33-9tr.i586.rpm
3ad81c1bb37200a1512548098cc058c5 3.0.5/rpms/gd-devel-2.0.33-9tr.i586.rpm
9ca0451a302ceb6ad281a1387aa0858c 3.0.5/rpms/gd-utils-2.0.33-9tr.i586.rpm
7ef7ade271351a872d36d07474a5df1c 3.0.5/rpms/libpng-1.2.8-7tr.i586.rpm
1f4800a01ce727e0762a03d6111e87e7 3.0.5/rpms/libpng-devel-1.2.8-7tr.i586.rpm
61ad38f6a3575f36373fce0a590a99c4 3.0.5/rpms/libpng-tools-1.2.8-7tr.i586.rpm
190ad056b4845b0a55871ba2a4dc0415 3.0.5/rpms/python24-2.4.3-3tr.i586.rpm
c9f6db6204a43e1dced98335ef2e707e 3.0.5/rpms/python24-devel-2.4.3-3tr.i586.rpm
cf8bc6fad6d1ebe2cbdcd82fa73cb7a5 3.0.5/rpms/python24-docs-2.4.3-3tr.i586.rpm
306f3bb8368df63bfc8d26f943086ed2 3.0.5/rpms/python24-gdbm-2.4.3-3tr.i586.rpm
2efe519b245c7a7ac0d3bf39658ae844 3.0.5/rpms/python24-idle-2.4.3-3tr.i586.rpm
f67994c30577317cd00cc2c7fa12b36e 3.0.5/rpms/python24-modules-2.4.3-3tr.i586.rpm
95d9d0b13dcf5eb4be9e6a244c103073 3.0/rpms/fetchmail-6.3.8-1tr.i586.rpm
4b3632b42bd1f44831553f7e6c0e18d0 3.0/rpms/freetype-2.2.1-3tr.i586.rpm
e8525aeb5dcd9b74803da0ca8cf5a038 3.0/rpms/freetype-devel-2.2.1-3tr.i586.rpm
1b3cc6c8410795d4f0928a00ee21a56e 3.0/rpms/gd-2.0.33-8tr.i586.rpm
74bb9464d9cdf55864d7b9107b411742 3.0/rpms/gd-devel-2.0.33-8tr.i586.rpm
4ddc9896fec17c94f493461a56da0c20 3.0/rpms/gd-utils-2.0.33-8tr.i586.rpm
86ebb35e3ac771671381c57dfa47499a 3.0/rpms/libpng-1.2.8-6tr.i586.rpm
be14341a8c739f36518a9c9be0b1aae3 3.0/rpms/libpng-devel-1.2.8-6tr.i586.rpm
6cdfac28461801d5017364aa3acfe9d7 3.0/rpms/libpng-tools-1.2.8-6tr.i586.rpm
999941386f1af1854592aaeb2527738d 2.2/rpms/freetype-2.2.1-3tr.i586.rpm
2c8e070510dc431d4912d4fd7a718e72 2.2/rpms/freetype-devel-2.2.1-3tr.i586.rpm
75fe49d9388dcd718419d9c7fa295f62 2.2/rpms/gd-2.0.33-6tr.i586.rpm
ffb27b795f47bae1b270d0602b9a8961 2.2/rpms/gd-devel-2.0.33-6tr.i586.rpm
8926492e1dad737d05de5703fa37dfae 2.2/rpms/gd-utils-2.0.33-6tr.i586.rpm
136a054c65e5106c00c1f6e39bb7614c 2.2/rpms/libpng-1.2.7-3tr.i586.rpm
c3f5efe104098c7484f704a6cc52f728 2.2/rpms/libpng-devel-1.2.7-3tr.i586.rpm
29c0926024f2b122073bf96955f3a46b 2.2/rpms/libpng-tools-1.2.7-3tr.i586.rpm
- --------------------------------------------------------------------------
Trustix Security Team
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
iD8DBQFGVrPfi8CEzsK9IksRAvPqAJ0Yjfv2b9+KBwnxfPboznlr/V0XJQCcCmha
/Ok1CVATXlidPmuSa5X6cDg=
=TaL6
-----END PGP SIGNATURE-----