-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- --------------------------------------------------------------------------
Trustix Secure Linux Security Advisory #2006-0020
Package names: clamav, freeradius, kernel, php4
Summary: Multiple vulnerabilities
Date: 2006-04-07
Affected versions: Trustix Secure Linux 2.2
Trustix Secure Linux 3.0
- --------------------------------------------------------------------------
Package description:
clamav
Clam AntiVirus is a GPL anti-virus toolkit for UNIX. The main purpose of
this software is the integration with mail servers (attachment scanning).
The package provides a flexible and scalable multi-threaded daemon, a
command line scanner, and a tool for automatic updating via Internet.
The programs are based on a shared library distributed with package,
which you can use with your own software.
freeradius
The FreeRADIUS Server Project is a high performance and highly configurable
GPL'd free RADIUS server. The server is similar in some respects to
Livingston's 2.0 server. While FreeRADIUS started as a variant of the
Cistron RADIUS server, they don't share a lot in common any more. It now has
many more features than Cistron or Livingston, and is much more configurable.
kernel
The kernel package contains the Linux kernel (vmlinuz), the core of your
Trustix Secure Linux operating system. The kernel handles the basic
functions of the operating system: memory allocation, process allocation,
device input and output, etc.
php4
PHP is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated web pages. PHP
also offers built-in database integration for several commercial
and non-commercial database management systems, so writing a
database-enabled web page with PHP is fairly simple. The most
common use of PHP coding is probably as a replacement for CGI
scripts. The mod_php module enables the Apache web server to
understand and process the embedded PHP language in web pages.
Problem description:
clamav < TSL 3.0 > < TSL 2.2 >
- New Upstream
- Minor bugfixes done.
- SECURITY Fix: Some vulnerabilities have been reported in ClamAV,
which potentially can be exploited by malicious people to cause a
DoS and compromise a vulnerable system.
- Damian Put discovered integer overflow error in the PE header parser
in "libclamav/pe.c". Successful exploitation requires that the
ArchiveMaxFileSize option is disabled.
- Some format string errors in the logging handling in "shared/output.c"
may be exploited to execute arbitrary code.
- David Luyer discovered an out-of-bounds memory access error in the
"cli_bitset_test()" function in "ibclamav/others.c" which may be
exploited to cause a crash.
The Common Vulnerabilities and Exposures project has assigned the
names CVE-2006-1614, CVE-2006-1615 and CVE-2006-1630 to these issues.
freeradius < TSL 3.0 >
- New upstream.
- SECURITY Fix: A vulnerability has been reported in FreeRADIUS
caused due to an input validation error in the EAP-MSCHAPv2 state
machine. This can be exploited by manipulating the state machine
on a client system to bypass server authentication checks. Successful
exploitation may allow the attacker to gain network access without
requiring knowledge of logon credentials or cause the server to crash.
The Common Vulnerabilities and Exposures project has assigned the
name CVE-2006-1354 to this issue.
kernel < TSL 3.0 >
- SECURITY Fix: The fill_write_buffer function in sysfs/file.c does
not zero terminate a buffer when a length of PAGE_SIZE or more is
requested, which might allow local users to cause a denial of
service (crash) by causing an out-of-bounds read.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2006-1055 to this issue.
php4 < TSL 2.2 >
- SECURITY Fix: A vulnerability has been discovered in PHP, caused due
to the "html_entity_decode()" PHP function not being binary safe. This
can be exploited to disclose certain part of the memory via a script
calling the "html_entity_decode()" function with input controlled by
the attacker and where the result is sent to the attacker.
The Common Vulnerabilities and Exposures project has assigned the
name CVE-2006-1490 this issue.
Action:
We recommend that all systems with this package installed be upgraded.
Please note that if you do not need the functionality provided by this
package, you may want to remove it from your system.
Location:
All Trustix Secure Linux updates are available from
<URI:http://http.trustix.org/pub/trustix/updates/>
<URI:ftp://ftp.trustix.org/pub/trustix/updates/>
About Trustix Secure Linux:
Trustix Secure Linux is a small Linux distribution for servers. With focus
on security and stability, the system is painlessly kept safe and up to
date from day one using swup, the automated software updater.
Automatic updates:
Users of the SWUP tool can enjoy having updates automatically
installed using 'swup --upgrade'.
Questions?
Check out our mailing lists:
<URI:http://www.trustix.org/support/>
Verification:
This advisory along with all Trustix packages are signed with the
TSL sign key.
This key is available from:
<URI:http://www.trustix.org/TSL-SIGN-KEY>
The advisory itself is available from the errata pages at
<URI:http://www.trustix.org/errata/trustix-2.2/> and
<URI:http://www.trustix.org/errata/trustix-3.0/>
or directly at
<URI:http://www.trustix.org/errata/2006/0020/>
MD5sums of the packages:
- --------------------------------------------------------------------------
38d4f9dc89bea24c96bbd4517819cf2b 3.0/rpms/clamav-0.88.1-1tr.i586.rpm
ef3626a0575a380eb9a52f215b930fd5 3.0/rpms/clamav-devel-0.88.1-1tr.i586.rpm
3be0a4c026bca81ccb21350882ec8f02 3.0/rpms/freeradius-1.1.1-1tr.i586.rpm
0aff2807eede62e1fbb55a4b1566f6ef 3.0/rpms/freeradius-devel-1.1.1-1tr.i586.rpm
3651228f51e7bee81ea8bba1175b7263 3.0/rpms/freeradius-libs-1.1.1-1tr.i586.rpm
5db77536ee9f719e3433d1041a8f563e 3.0/rpms/freeradius-mysql-1.1.1-1tr.i586.rpm
bbab73b001ce1a5a577455032da5eee9
3.0/rpms/freeradius-postgresql-1.1.1-1tr.i586.rpm
dc3f8b39d22e9fd02ffe45d3248243c7 3.0/rpms/kernel-2.6.16.1-2tr.i586.rpm
f2d1ed4a4b4a6308b3b075d9da8fe3fa 3.0/rpms/kernel-doc-2.6.16.1-2tr.i586.rpm
adcb8a8a715cbcd482d61f0a57d37c71 3.0/rpms/kernel-headers-2.6.16.1-2tr.i586.rpm
014028cef8ae3b9ccec00a9d44d2a6c8 3.0/rpms/kernel-smp-2.6.16.1-2tr.i586.rpm
7d0b621ca9de20fd3e3e8820cb69ad54
3.0/rpms/kernel-smp-headers-2.6.16.1-2tr.i586.rpm
158a796e2fab4bb7487aed0025c225cb 3.0/rpms/kernel-source-2.6.16.1-2tr.i586.rpm
51b74dd79ac1be7a08e0bd05cdd34c93 3.0/rpms/kernel-utils-2.6.16.1-2tr.i586.rpm
a0c7bf9444cae998387a6840ecdb993d 2.2/rpms/clamav-0.88.1-1tr.i586.rpm
38a042ca58d30cb683c2b969fda92852 2.2/rpms/clamav-devel-0.88.1-1tr.i586.rpm
849dc43801723da5406adae733196e7a 2.2/rpms/php4-4.4.2-2tr.i586.rpm
cafe2edeb7fd62e45ba922cbd966134f 2.2/rpms/php4-cli-4.4.2-2tr.i586.rpm
4173f1a52ad435f892e26b80e915f4a8 2.2/rpms/php4-curl-4.4.2-2tr.i586.rpm
920dfbc1068ed06224905f473e10f0b7 2.2/rpms/php4-devel-4.4.2-2tr.i586.rpm
48956c89dad7be77d470d830ba51e167 2.2/rpms/php4-domxml-4.4.2-2tr.i586.rpm
8be42eed933c5c5ea98463f5fe31c297 2.2/rpms/php4-exif-4.4.2-2tr.i586.rpm
24c4eeab0158445f586950a85880fc81 2.2/rpms/php4-fcgi-4.4.2-2tr.i586.rpm
1bcfbb3eb2fb1b93eeaa31361d727f70 2.2/rpms/php4-gd-4.4.2-2tr.i586.rpm
db53ab1ce0fa6c6cbab9c44b22b98de8 2.2/rpms/php4-imap-4.4.2-2tr.i586.rpm
4724513e132696ccad9185381a2c212c 2.2/rpms/php4-ldap-4.4.2-2tr.i586.rpm
7aadc9cc315fcaa2c45e083b76354d7e 2.2/rpms/php4-mhash-4.4.2-2tr.i586.rpm
1951d1819c28de1377bee3aba4cb2bb1 2.2/rpms/php4-mysql-4.4.2-2tr.i586.rpm
406bc367169f66bc294218360c43e612 2.2/rpms/php4-pgsql-4.4.2-2tr.i586.rpm
7630da70fed34bf0fbef1f770911047f 2.2/rpms/php4-test-4.4.2-2tr.i586.rpm
- --------------------------------------------------------------------------
Trustix Security Team
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFENn/Ci8CEzsK9IksRAirZAKCzG/cr1JmKk0nRpO/EYNIS5ptSOgCgrAYs
1jBV6xJ4epdgCI76PY4Jzro=
=d2Vm
-----END PGP SIGNATURE-----
_______________________________________________
tsl-announce mailing list
[email protected]
http://lists.trustix.org/mailman/listinfo/tsl-announce
_______________________________________________
tsl-discuss mailing list
[email protected]
http://lists.trustix.org/mailman/listinfo/tsl-discuss
