Date: Fri, 16 Sep 2005 20:13:29 +0200
From: Trustix Security Advisor <tsl@trustix.org.>
To: bugtraq@securityfocus.com
Subject: TSLSA-2005-0049 - multi
Message-ID: <20050916181329.GA21724@tsunami.trustix.net.>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.4.2.1i
X-Virus-Scanned: antivirus-gw at tyumen.ru
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- --------------------------------------------------------------------------
Trustix Secure Linux Security Advisory #2005-0049
Package names: kernel, util-linux, xorg-x11
Summary: Multiple vulnerabilities
Date: 2005-09-16
Affected versions: Trustix Secure Linux 2.2
Trustix Secure Linux 3.0
Trustix Operating System - Enterprise Server 2
- --------------------------------------------------------------------------
Package description:
kernel
The kernel package contains the Linux kernel (vmlinuz), the core of your
Trustix Secure Linux operating system. The kernel handles the basic
functions of the operating system: memory allocation, process allocation,
device input and output, etc.
util-linux
The util-linux package contains a large variety of low-level system
utilities that are necessary for a Linux system to function. Among
many features, Util-linux contains the fdisk configuration tool and
the login program.
xorg-x11
X.org X11 is an open source implementation of the X Window System. It
provides the basic low level functionality which full fledged graphical
user interfaces (GUIs) such as GNOME and KDE are designed upon.
Problem description:
kernel < TSL 3.0 >
- SECURITY Fix: Fix unchecked __get_user that could be tricked into
generating a memory read on an arbitrary address. The result of the
read is not returned directly but you may be able to divine some
information about it, or use the read to cause a crash on some
architectures by reading hardware state.
The Common Vulnerabilities and Exposures project has assigned the
name CAN-2005-2492 to this issue.
- SECURITY Fix: Al Viro reported a flaw in sendmsg(). "When we copy
32bit ->msg_control contents to kernel, we walk the same userland data
twice without sanity checks on the second pass. Moreover, if original
looks small enough, we end up copying to on-stack array."
The Common Vulnerabilities and Exposures project has assigned the
name CAN-2005-2490 to this issue.
util-linux < TSL 3.0 > < TSL 2.2 > < TSEL-2 >
- SECURITY Fix: unintentional grant of privileges by umount in util-linux
allows local users with unmount permissions to gain privileges via the
-r (remount) option, which causes the file system to be remounted with
just the read-only flag, which effectively clears the nosuid, nodev,
and other flags. (SA16795)
xorg-x11 < TSL 3.0 >
- SECURITY Fix: Heap overflow in pixmap allocation, An integer overflow
in pixmap memory allocation potentially allows any xorg-x11 user to
execute arbitrary code with elevated privileges.
The Common Vulnerabilities and Exposures project has assigned the
name CAN-2005-2495 to this issue.
Action:
We recommend that all systems with this package installed be upgraded.
Please note that if you do not need the functionality provided by this
package, you may want to remove it from your system.
Location:
All Trustix Secure Linux updates are available from
<URI:http://http.trustix.org/pub/trustix/updates/>;
<URI:ftp://ftp.trustix.org/pub/trustix/updates/>;
About Trustix Secure Linux:
Trustix Secure Linux is a small Linux distribution for servers. With focus
on security and stability, the system is painlessly kept safe and up to
date from day one using swup, the automated software updater.
Automatic updates:
Users of the SWUP tool can enjoy having updates automatically
installed using 'swup --upgrade'.
Questions?
Check out our mailing lists:
<URI:http://www.trustix.org/support/>;
Verification:
This advisory along with all Trustix packages are signed with the
TSL sign key.
This key is available from:
<URI:http://www.trustix.org/TSL-SIGN-KEY>;
The advisory itself is available from the errata pages at
<URI:http://www.trustix.org/errata/trustix-2.2/>; and
<URI:http://www.trustix.org/errata/trustix-3.0/>;
or directly at
<URI:http://www.trustix.org/errata/2005/0049/>;
MD5sums of the packages:
- --------------------------------------------------------------------------
8de6ff8be742734fb85c3daf1f614f98 3.0/rpms/agetty-2.12q-4tr.i586.rpm
e825cc734e779b04f92bcf88b958eacf 3.0/rpms/bfsprogs-2.12q-4tr.i586.rpm
67ae6f1c3d4f194e13d380d68149f01a 3.0/rpms/cramfsprogs-2.12q-4tr.i586.rpm
4bbee025d5e4b6f99d2273d126acbb5d 3.0/rpms/kernel-2.6.12.6-2tr.i586.rpm
20996e0638342d541887443d57bd1eab 3.0/rpms/kernel-doc-2.6.12.6-2tr.i586.rpm
685078a46f6fab9177d976c660e48ede 3.0/rpms/kernel-headers-2.6.12.6-2tr.i586.rpm
084c99fb974347cb37dfb4a16c253938 3.0/rpms/kernel-smp-2.6.12.6-2tr.i586.rpm
d94b53365688200b8be5ea09009e7340 3.0/rpms/kernel-smp-headers-2.6.12.6-2tr.i586.rpm
ea7600c7b6eeb875d4fd0ca7dea800ba 3.0/rpms/kernel-source-2.6.12.6-2tr.i586.rpm
3b8ab9f431fd7087be44a0b038424217 3.0/rpms/kernel-utils-2.6.12.6-2tr.i586.rpm
cd25a41e7afe9fe87bab8729bb627acb 3.0/rpms/login-2.12q-4tr.i586.rpm
2886260d7f9119abbb37457f3fd1c16a 3.0/rpms/losetup-2.12q-4tr.i586.rpm
4df8998a130e88f7ae7302b6a0a79692 3.0/rpms/minixprogs-2.12q-4tr.i586.rpm
14c617257f76cd47418f61535c78c155 3.0/rpms/mount-2.12q-4tr.i586.rpm
d2dcfa8274455f054ffa0740a357670d 3.0/rpms/util-linux-2.12q-4tr.i586.rpm
b73575a628d02e7022b407c9fdcbf1e0 3.0/rpms/xorg-x11-6.8.2-9tr.i586.rpm
cdd13673c73e258e8b3d5146c53d74e3 3.0/rpms/xorg-x11-devel-6.8.2-9tr.i586.rpm
e2b05b0f9205dbdfd5dc739f675b3266 3.0/rpms/xorg-x11-doc-6.8.2-9tr.i586.rpm
2077a6737e8c02bb6384c038b64b062f 3.0/rpms/xorg-x11-fonts-100dpi-6.8.2-9tr.i586.rpm
da721531fed5aa57d6d7de31af0ec005 3.0/rpms/xorg-x11-fonts-6.8.2-9tr.i586.rpm
803908bd34dda6debd214169c61b9938 3.0/rpms/xorg-x11-fonts-75dpi-6.8.2-9tr.i586.rpm
cc92a568afb653b66b985481673ca169 3.0/rpms/xorg-x11-fonts-cid-6.8.2-9tr.i586.rpm3294ac394747eb7aacfb80664f802296 3.0/rpms/xorg-x11-fonts-cyrillic-6.8.2-9tr.i586.rpm
cab59f2305dcb2df4f1f960209d137ca 3.0/rpms/xorg-x11-fonts-otf-6.8.2-9tr.i586.rpm26b03a4ef89f7a8b75c46f14626f6423 3.0/rpms/xorg-x11-fonts-speedo-6.8.2-9tr.i586.rpm
4689468bd9ecf4e6054de45252e9cc06 3.0/rpms/xorg-x11-fonts-ttf-6.8.2-9tr.i586.rpm5f47e4cf2876afa70b3ae96e04cee9ab 3.0/rpms/xorg-x11-fonts-type1-6.8.2-9tr.i586.rpm
eb8835bebad76b4a9613de0ba8862a64 3.0/rpms/xorg-x11-libs-6.8.2-9tr.i586.rpm
ccda082ae90441cc62e18a4706bdab95 3.0/rpms/xorg-x11-sdk-6.8.2-9tr.i586.rpm
2bf6fc64f0be9155a5e6c7123d9173d6 2.2/rpms/agetty-2.12b-2tr.i586.rpm
8228eadc552dd2ac30a51bf360117609 2.2/rpms/bfsprogs-2.12b-2tr.i586.rpm
0bdff988dc5ab45fb6397f8a97ce2c53 2.2/rpms/cramfsprogs-2.12b-2tr.i586.rpm
62088c25c1180b08249f14ae22cf4e32 2.2/rpms/login-2.12b-2tr.i586.rpm
8f3a6d0705118645480ef83a5fecfa7a 2.2/rpms/losetup-2.12b-2tr.i586.rpm
8037a14f7a8b76348a3524592273b2f1 2.2/rpms/minixprogs-2.12b-2tr.i586.rpm
d513814edebcda5635248c1859423761 2.2/rpms/mount-2.12b-2tr.i586.rpm
1a1c94eb86be4b2afa1fdf143e86475e 2.2/rpms/util-linux-2.12b-2tr.i586.rpm
- --------------------------------------------------------------------------
Trustix Security Team
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFDKwqqi8CEzsK9IksRAuvsAKCcp0sft5mqfCwAXwYZQBwQqDtpSACgmLD4
QL1P5otuWZwXe3dXagOIjRc=
=4RQ8
-----END PGP SIGNATURE-----
