linux, säkerhet

6143463 2001-02-26 09:35 -0800  /75 rader/ Greg KH <greg@WIREX.COM>
Sänt av: joel@lysator.liu.se
Importerad: 2001-02-26  21:56  av Brevbäraren (som är implementerad i) Python
Extern mottagare: BUGTRAQ@SECURITYFOCUS.COM
Externa svar till: greg@WIREX.COM
Mottagare: Bugtraq (import) <15615>
Ärende: Immunix OS 6.2 Security updates for php, dump, and lpr
------------------------------------------------------------

-----------------------------------------------------------------------
	Immunix OS Security Advisory

Packages updated:	php, dump, lpr
Affected products:	Immunix OS 6.2
Bugs Fixed:		immunix/1327
Date:			February 26, 2001
Advisory ID:		IMNX-2001-62-002-01
Author:			Greg Kroah-Hartman <greg@wirex.com>
-----------------------------------------------------------------------

Description:
  WireX was recently notified that three packages had not been updated
  for which there had been security updates for in the past.  We regret
  this error, and thank Mario Lorenz for notifying us of this.

  The dump package shipped with Immunix OS 6.2 had setuid bits set on
  it.  Also a buffer overflow was found in dump, but was stopped by
  StackGuard.  A new package has been released.

  The lpr package shipped with Immunix OS 6.2 had a format string
  security bug, a potential race condition, and a few LPRng
  compatibility issues.  A new package has been released fixing these
  problems.
  
  The php3 package shipped with Immunix OS 6.2 had a number of logic
  bugs, which this 3.0.18 release should solve.

Package names and locations:
  Precompiled binary packages for Immunix 6.2 are available at:
    http://immunix.org/ImmunixOS/6.2/updates/RPMS/dump-0.4b19-5.6x_StackGuard.i386.rpm
    http://immunix.org/ImmunixOS/6.2/updates/RPMS/dump-static-0.4b19-5.6x_StackGuard.i386.rpm
    http://immunix.org/ImmunixOS/6.2/updates/RPMS/rmt-0.4b19-5.6x_StackGuard.i386.rpm

    http://immunix.org/ImmunixOS/6.2/updates/RPMS/lpr-0.50-7.6.x_StackGuard.i386.rpm

    http://immunix.org/ImmunixOS/6.2/updates/RPMS/php-3.0.18-1.6.x_StackGuard.i386.rpm
    http://immunix.org/ImmunixOS/6.2/updates/RPMS/php-imap-3.0.18-1.6.x_StackGuard.i386.rpm
    http://immunix.org/ImmunixOS/6.2/updates/RPMS/php-ldap-3.0.18-1.6.x_StackGuard.i386.rpm
    http://immunix.org/ImmunixOS/6.2/updates/RPMS/php-manual-3.0.18-1.6.x_StackGuard.i386.rpm
    http://immunix.org/ImmunixOS/6.2/updates/RPMS/php-pgsql-3.0.18-1.6.x_StackGuard.i386.rpm


  Source packages for Immunix 6.2 are available at:
    http://immunix.org/ImmunixOS/6.2/updates/SRPMS/dump-0.4b19-5.6x_StackGuard.src.rpm
    http://immunix.org/ImmunixOS/6.2/updates/SRPMS/lpr-0.50-7.6.x_StackGuard.src.rpm
    http://immunix.org/ImmunixOS/6.2/updates/SRPMS/php-3.0.18-1.6.x_StackGuard.src.rpm

md5sums of the packages:
  910d99fedbdc98920c9eac3009e4b701  RPMS/dump-0.4b19-5.6x_StackGuard.i386.rpm
  e16624080196103d0f12708548ad8ff4  RPMS/dump-static-0.4b19-5.6x_StackGuard.i386.rpm
  84679604e26208e702d7ab6679e6204d  RPMS/rmt-0.4b19-5.6x_StackGuard.i386.rpm
  2a629d1d5c8d796acc1a69288f702bc0  RPMS/lpr-0.50-7.6.x_StackGuard.i386.rpm
  2e44623464733c91091100e2a61c6c5e  RPMS/php-3.0.18-1.6.x_StackGuard.i386.rpm
  c7eeffb9782db48201978991ac893155  RPMS/php-imap-3.0.18-1.6.x_StackGuard.i386.rpm
  cb6682aab19a64b0f325c8c5ad753f1c  RPMS/php-ldap-3.0.18-1.6.x_StackGuard.i386.rpm
  92e2469b2a53eed5170e9afaf514ce1f  RPMS/php-manual-3.0.18-1.6.x_StackGuard.i386.rpm
  cd7f34a91b0452514b5af50d3401ed3b  RPMS/php-pgsql-3.0.18-1.6.x_StackGuard.i386.rpm
  5d3e250426e15e5648aec947a16883b2  SRPMS/dump-0.4b19-5.6x_StackGuard.src.rpm
  ae7431f8a6677a682e1b0fc52a08ccb1  SRPMS/lpr-0.50-7.6.x_StackGuard.src.rpm
  ea4b490547db00905866c07e331dd6ff  SRPMS/php-3.0.18-1.6.x_StackGuard.src.rpm


Online version of all Immunix 6.2 updates and advisories:
  http://immunix.org/ImmunixOS/6.2/updates/

NOTE:
  Ibiblio is graciously mirroring our updates, so if the links above are
  slow, please try:
    ftp://ftp.ibiblio.org/pub/Linux/distributions/immunix/
  or one of the many mirrors available at:
    http://www.ibiblio.org/pub/Linux/MIRRORS.html
(6143463) --------------------------------(Ombruten)
Bilaga (application/pgp-signature) i text 6143464
6143464 2001-02-26 09:35 -0800  /10 rader/ Greg KH <greg@WIREX.COM>
Importerad: 2001-02-26  21:56  av Brevbäraren (som är implementerad i) Python
Extern mottagare: BUGTRAQ@SECURITYFOCUS.COM
Externa svar till: greg@WIREX.COM
Mottagare: Bugtraq (import) <15616>
Bilaga (text/plain) till text 6143463
Ärende: Bilaga till: Immunix OS 6.2 Security updates for php, dump, and lpr
------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.3 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE6mpPXAl5ylTeuKpURApbGAKCrq6f/sAZEAeAh/WPgwrVXODDQnwCcDXHd
+N1+c6xK1i18VkjxUU1vy4s=
=YbmJ
-----END PGP SIGNATURE-----
(6143464) ------------------------------------------