Sponsored link
Vyatta –
Linux & Open Source
Alternative to Cisco –
Advanced Routing,
Firewall, VPN, QoS..
Free Download ->
| |||||||||||||
TSL-2004-0038 - multi
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- --------------------------------------------------------------------------
Trustix Secure Linux Bugfix Advisory #2004-0038
Package name: apache, libpng, python
Summary: Several bugfixes
Date: 2004-06-30
Affected versions: Trustix Secure Linux 2.0
Trustix Secure Linux 2.1
Trustix Operating System - Enterprise Server 2
- --------------------------------------------------------------------------
Package description:
apache:
Apache is a full featured web server that is freely available, and also
happens to be the most widely used.
libpng:
libpng is a library of functions for creating and manipulating PNG
(Portable Network Graphics) image format files.
python:
Python is an interpreted, interactive, object-oriented programming
language often compared to Tcl, Perl, Scheme or Java. Python includes
modules, classes, exceptions, very high level dynamic data types and
dynamic typing. Python supports interfaces to many system calls and
libraries.
Problem description:
apache:
A DoS attack that could make the web server consume a lot of memory
and eventually crash was discovered. See CAN-2004-0493 on
http://cve.mitre.org/ for more information.
libpng:
The patch used for our libpng update on 2004-06-23 was discovered not
to be complete. An improved patch was provided by Josh Bressers of
Red Hat software.
python:
A bug in CacheFTPHandler stopped swup from working properly with ftp
repositories. This bug only affects Trustix Secure Linux 2.0.
Action:
We recommend that all systems with this package installed be upgraded.
Please note that if you do not need the functionality provided by this
package, you may want to remove it from your system.
Location:
All Trustix Secure Linux updates are available from
<URI:http://http.trustix.org/pub/trustix/updates/>
<URI:ftp://ftp.trustix.org/pub/trustix/updates/>
About Trustix Secure Linux:
Trustix Secure Linux is a small Linux distribution for servers. With focus
on security and stability, the system is painlessly kept safe and up to
date from day one using swup, the automated software updater.
Automatic updates:
Users of the SWUP tool can enjoy having updates automatically
installed using 'swup --upgrade'.
Public testing:
Most updates for Trustix Secure Linux are made available for public
testing some time before release.
If you want to contribute by testing the various packages in the
testing tree, please feel free to share your findings on the
tsl-discuss mailinglist.
The testing tree is located at
<URI:http://tsldev.trustix.org/horizon/>
You may also use swup for public testing of updates:
site {
class = 0
location = "http://tsldev.trustix.org/horizon/rdfs/latest.rdf"
regexp = ".*"
}
Questions?
Check out our mailing lists:
<URI:http://www.trustix.org/support/>
Verification:
This advisory along with all Trustix packages are signed with the
TSL sign key.
This key is available from:
<URI:http://www.trustix.org/TSL-SIGN-KEY>
The advisory itself is available from the errata pages at
<URI:http://www.trustix.org/errata/trustix-2.0/> and
<URI:http://www.trustix.org/errata/trustix-2.1/>
or directly at
<URI:http://www.trustix.org/errata/2004/0038>
MD5sums of the packages:
- --------------------------------------------------------------------------
7965199464de30bb350795035399d0db 2.1/rpms/apache-2.0.49-9tr.i586.rpm
174463c74c9ced7186e3a98dafbca80d 2.1/rpms/apache-dbm-2.0.49-9tr.i586.rpm
254da14f55b9c232015e59d0d23777b2 2.1/rpms/apache-devel-2.0.49-9tr.i586.rpm
f540316cf19dde1e934a7027259a8aea 2.1/rpms/apache-manual-2.0.49-9tr.i586.rpm
e2a076679ca4329c6b26a38795f17812 2.1/rpms/libpng-1.2.5-11tr.i586.rpm
4b6b26e54a177043e4b6eac2ec39680a 2.1/rpms/libpng-devel-1.2.5-11tr.i586.rpm
1715bb2580d8d284de9197978a61d96a 2.1/rpms/libpng-tools-1.2.5-11tr.i586.rpm
512ad5cd3716657c8d40b341b448fe2a 2.0/rpms/apache-2.0.49-4tr.i586.rpm
c83c0358631b9e7d5b0a38285f370dfb 2.0/rpms/apache-devel-2.0.49-4tr.i586.rpm
369aa2b4a1c3e157d137d8b7350a768a 2.0/rpms/apache-manual-2.0.49-4tr.i586.rpm
c1f0a307339f23a30741d0a143d097b9 2.0/rpms/libpng12-1.2.5-6tr.i586.rpm
29d7d26d4d333473a516d96691b188d1 2.0/rpms/libpng12-devel-1.2.5-6tr.i586.rpm
c7215e641ba87adcb0a6b6a8ca343cf2 2.0/rpms/python-2.2.3-9tr.i586.rpm
af4f9fab383bd5cf451bb41e854871ec 2.0/rpms/python-dbm-2.2.3-9tr.i586.rpm
8521f8989c722bafaba23d23d2175e69 2.0/rpms/python-devel-2.2.3-9tr.i586.rpm
8f1afd77dc72469c6b9ddeb9842e2687 2.0/rpms/python-docs-2.2.3-9tr.i586.rpm
563836cc7a27da2d6abcbf88ce24eac1 2.0/rpms/python-gdbm-2.2.3-9tr.i586.rpm
efff83f4dfe8bf1c41974b4e43d453f7 2.0/rpms/python-modules-2.2.3-9tr.i586.rpm
0d36290b2f76c9a77af186f68693f7b1 e2/rpms/apache-2.0.49-9tr.i586.rpm
d2432ff1463ebb00f767c92191e08823 e2/rpms/apache-dbm-2.0.49-9tr.i586.rpm
f96a38ec47eb3a16da66e716bbcae63b e2/rpms/apache-devel-2.0.49-9tr.i586.rpm
4174492054384147ae59d0e66081e88f e2/rpms/apache-manual-2.0.49-9tr.i586.rpm
8452347b07ceee8ea4de76788fd50894 e2/rpms/libpng-1.2.5-11tr.i586.rpm
ae7741280f84d4e7c526f6b437be06d5 e2/rpms/libpng-devel-1.2.5-11tr.i586.rpm
851a8874bd8a9282d575bf51d99135db e2/rpms/libpng-tools-1.2.5-11tr.i586.rpm
- --------------------------------------------------------------------------
Trustix Security Team
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
iD4DBQFA4qsoi8CEzsK9IksRApIBAJ98tn4+uhR1a/u3x3xwTOvzPK/cWQCXaztL
mUWm2g7H47RFK/5xmEwk/Q==
=fiqX
-----END PGP SIGNATURE-----
_______________________________________________
tsl-announce mailing list
tsl-announce@lists.trustix.org
http://lists.trustix.org/mailman/listinfo/tsl-announce
(Log in to post comments)
|
|||||||||||||