LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Trustix alert TSLSA-2005-0018 (gzip)



From:
    	      Trustix Security Advisor <tsl@trustix.org>


To:
    	      tsl-announce@lists.trustix.org


Subject:
    	      TSLSA-2005-0018 - multi


Date:
    	      Fri, 6 May 2005 18:35:41 +0200


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Trustix Secure Linux Security Advisory #2005-0018

Package name:      gzip postgresql tcpdump vim
Summary:           Various security issues
Date:              2005-05-06
Affected versions: Trustix Secure Linux 2.1
                   Trustix Secure Linux 2.2
                   Trustix Operating System - Enterprise Server 2

- --------------------------------------------------------------------------
Package description:
  gzip:
  The gzip package contains the popular GNU gzip data compression
  program.  Gzipped files have a .gz extension.
  
  postgresql:
  PostgreSQL is an advanced Object-Relational database management system
  (DBMS) that supports almost all SQL constructs (including
  transactions, subselects and user-defined types and functions). The
  postgresql package includes the client programs and libraries that
  you'll need to access a PostgreSQL DBMS server.  These PostgreSQL
  client programs are programs that directly manipulate the internal
  structure of PostgreSQL databases on a PostgreSQL server. These client
  programs can be located on the same machine with the PostgreSQL
  server, or may be on a remote machine which accesses a PostgreSQL
  server over a network connection. This package contains the docs
  in HTML for the whole package, as well as command-line utilities for
  managing PostgreSQL databases on a PostgreSQL server.
  
  tcpdump:
  Tcpdump is a command-line tool for monitoring network traffic.
  Tcpdump can capture and display the packet headers on a particular
  network interface or on all interfaces.  Tcpdump can display all of
  the packet headers, or just the ones that match particular criteria.
  
  vim:
  VIM (VIsual editor iMproved) is an updated and improved version of the vi
  editor.  Vi was the first real screen-based editor for UNIX, and is still
  very popular.  VIM improves on vi by adding new features: multiple windows,
  multi-level undo, block highlighting and more.

  
Problem description:
  gzip:
  - Ulf Härnhammar <metaur@telia.com> has discovered a vulnerability in
    gunzip that allows a malicious zip file to extract to an arbitrary
    directory of the attackers choice when gunzip is used with the -N
    option.

    The Common Vulnerabilities and Exposures project (cve.mitre.org) has
    assigned the name CAN-2005-1228 to this issue.

  - A race condition error in the file permission restore code, which may 
    be exploited by a malicious local user, with write permissions, to gain 
    read or write access to files of other users.
  
    The Common Vulnerabilities and Exposures project (cve.mitre.org) has
    assigned the name CAN-2005-0988 to this issue.

  
  postgresql:
  - Fix Character Conversion Vulnerability, gives public EXECUTE access to 
    certain character conversion functions, which allows unprivileged 
    users to call those functions with malicious values, with unknown 
    impact.

    The Common Vulnerabilities and Exposures project (cve.mitre.org) has
    assigned the name CAN-2005-1409 to this issue.

  - Fix DOS Vulnerability, the (1) dex_init, (2) snb_en_init, (3) snb_ru_init,
    (4) spell_init, and (5) syn_init functions as "internal" even when they 
    do not take an internal argument, which allows attackers to cause a 
    denial of service (application crash).

    The Common Vulnerabilities and Exposures project (cve.mitre.org) has
    assigned the name CAN-2005-1410 to this issue.

  
  tcpdump:
  - Fixed Multiple DoS issues:
    
    From The Common Vulnerabilities and Exposures project (cve.mitre.org):
    
    CAN-2005-1278:
    The isis_print function, as called by isoclns_print, in tcpdump 3.9.1 and
    earlier allows remote attackers to cause a denial of service (infinite
    loop) via a zero length, as demonstrated using a GRE packet.
    
    CAN-2005-1279:
    tcpdump 3.8.3 and earlier allows remote attackers to cause a denial of
    service (infinite loop) via a crafted (1) BGP packet, which is not
properly
    handled by RT_ROUTING_INFO, or (2) LDP packet, which is not properly
    handled by the ldp_print function.
    
    CAN-2005-1280:
    The rsvp_print function in tcpdump 3.9.1 and earlier allows remote
    attackers to cause a denial of service (infinite loop) via a crafted RSVP
    packet of length 4.
  
  vim:
  - Fix tempfile creation bug,(CAN-2005-0069).
  
    The Common Vulnerabilities and Exposures project (cve.mitre.org) has
    assigned the name CAN-2005-0069 to this issue.

  - Fix paths in vim.1 and vimtutor manpage (Bug #586)

Action:
  We recommend that all systems with this package installed be upgraded.
  Please note that if you do not need the functionality provided by this
  package, you may want to remove it from your system.


Location:
  All Trustix Secure Linux updates are available from
  <URI:http://http.trustix.org/pub/trustix/updates/>>
  <URI:ftp://ftp.trustix.org/pub/trustix/updates/>>


About Trustix Secure Linux:
  Trustix Secure Linux is a small Linux distribution for servers. With focus
  on security and stability, the system is painlessly kept safe and up to
  date from day one using swup, the automated software updater.


Automatic updates:
  Users of the SWUP tool can enjoy having updates automatically
  installed using 'swup --upgrade'.


Questions?
  Check out our mailing lists:
  <URI:http://www.trustix.org/support/>>


Verification:
  This advisory along with all Trustix packages are signed with the
  TSL sign key.
  This key is available from:
  <URI:http://www.trustix.org/TSL-SIGN-KEY>>

  The advisory itself is available from the errata pages at
  <URI:http://www.trustix.org/errata/trustix-2.1/>> and
  <URI:http://www.trustix.org/errata/trustix-2.2/>>
  or directly at
  <URI:http://www.trustix.org/errata/2005/0018/>>


MD5sums of the packages:
- --------------------------------------------------------------------------
762c9b7d53b49efae421125a37712057  2.2/rpms/gzip-1.3.3-7tr.i586.rpm
ff9d2fae613f3561d2522bbae0c3c6d5  2.2/rpms/gzip-doc-1.3.3-7tr.i586.rpm
11ac691a4702b5304c34e53057928cca  2.2/rpms/postgresql-8.0.2-2tr.i586.rpm
d788f424f4d5ef7cd3bce32480a95f94
2.2/rpms/postgresql-contrib-8.0.2-2tr.i586.rpm
77878b8f57d9431a07ce0b42d12a9e64  2.2/rpms/postgresql-devel-8.0.2-2tr.i586.rpm
8be376cd2a87e5d1db64c99492aa0107  2.2/rpms/postgresql-docs-8.0.2-2tr.i586.rpm
c9af6c00f7bc9e8eb945f130c897c920  2.2/rpms/postgresql-libs-8.0.2-2tr.i586.rpm
a904613104d483385762ba0b218b3a9e
2.2/rpms/postgresql-plperl-8.0.2-2tr.i586.rpm
cc66650605e223e4d2afe86217c6405f
2.2/rpms/postgresql-python-8.0.2-2tr.i586.rpm
f8a16af349b3bc48671e007242ac3d80
2.2/rpms/postgresql-server-8.0.2-2tr.i586.rpm
bcebd2b16e88aa8f63d55bb6fb15509f  2.2/rpms/postgresql-test-8.0.2-2tr.i586.rpm
701d65cfe65063dee81e4152a1343e72  2.2/rpms/tcpdump-3.8.3-2tr.i586.rpm
e4e7d13d9922954690d429226188bc2a  2.2/rpms/vim-6.3.045-4tr.i586.rpm
80cedca045cddce512f82ee45beda55e  2.2/rpms/vim-doc-6.3.045-4tr.i586.rpm
2462f1b241ffad987e5afe23bc513ddc  2.2/rpms/vim-syntax-6.3.045-4tr.i586.rpm
d6875a0195817353c297db94031bbb39  2.2/rpms/vim-tools-6.3.045-4tr.i586.rpm

9b2883ead0eeae5e5bee7bc5cf33c554  2.1/rpms/gzip-1.2.4a-31tr.i586.rpm
b0e2e7095f7a22767e9bfe3aad3c43bf  2.1/rpms/gzip-doc-1.2.4a-31tr.i586.rpm
ee2ecfebacc9073a329d55b9a1f602ff  2.1/rpms/postgresql-7.4.7-3tr.i586.rpm
f1808dfd2f2c935a0aa6ba0b6525518c
2.1/rpms/postgresql-contrib-7.4.7-3tr.i586.rpm
d4109460f0e8c7654dea95600df0f216  2.1/rpms/postgresql-devel-7.4.7-3tr.i586.rpm
e2715ad2e7aaee96a9f01ed548748fd9  2.1/rpms/postgresql-docs-7.4.7-3tr.i586.rpm
173ba26305b70132724de5ee736a8019  2.1/rpms/postgresql-libs-7.4.7-3tr.i586.rpm
2f76eb3892d8e0c25af745de7891f816
2.1/rpms/postgresql-plperl-7.4.7-3tr.i586.rpm
91a839de2b811707bb08a6ccd520d206
2.1/rpms/postgresql-python-7.4.7-3tr.i586.rpm
66b49c3ea88bb85e7c6be2b72048ba1c
2.1/rpms/postgresql-server-7.4.7-3tr.i586.rpm
df80901db01f929ae858d0a37331f425  2.1/rpms/postgresql-test-7.4.7-3tr.i586.rpm
226af2d3b51a2de1143139c06bcfa711  2.1/rpms/tcpdump-3.8.2-3tr.i586.rpm
- --------------------------------------------------------------------------


Trustix Security Team

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFCe5v5i8CEzsK9IksRAqtvAJ9CAEbNoMBSOqkmwRLgJT4TmT0w/wCgsm4a
+RWkFgcl2h40f+y98YOFCwY=
=ZlU9
-----END PGP SIGNATURE-----
_______________________________________________
tsl-announce mailing list
tsl-announce@lists.trustix.org
http://lists.trustix.org/mailman/listinfo/tsl-announce
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds