MDKSA-2004:125 - Updated iptables packages fix vulnerability
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: iptables
Advisory ID: MDKSA-2004:125
Date: November 4th, 2004
Affected versions: 10.0, 10.1, 9.2, Corporate Server 2.1,
Multi Network Firewall 8.2
______________________________________________________________________
Problem Description:
Faheem Mitha discovered that the iptables tool would not always load
the required modules on its own as it should have, which could in turn
lead to firewall rules not being loaded on system startup in some
cases.
The updated packages are patched to prevent this problem.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0986
______________________________________________________________________
Updated Packages:
Mandrakelinux 10.0:
ea5d957312f3ce57b3dcda010ede3945 10.0/RPMS/iptables-1.2.9-5.1.100mdk.i586.rpm
8b13818315416baa6b34db7f1926c07b
10.0/RPMS/iptables-ipv6-1.2.9-5.1.100mdk.i586.rpm
ed24e4e4252bbbed9c2d105e2ac8bce4 10.0/SRPMS/iptables-1.2.9-5.1.100mdk.src.rpm
Mandrakelinux 10.0/AMD64:
b7a602a98403aa1ff0f88537c585fd8b
amd64/10.0/RPMS/iptables-1.2.9-5.1.100mdk.amd64.rpm
2dcdb1f57d1314e6981fb87b538e7714
amd64/10.0/RPMS/iptables-ipv6-1.2.9-5.1.100mdk.amd64.rpm
ed24e4e4252bbbed9c2d105e2ac8bce4
amd64/10.0/SRPMS/iptables-1.2.9-5.1.100mdk.src.rpm
Mandrakelinux 10.1:
2fd6b28386f1f10145bec9cbe9adcc80 10.1/RPMS/iptables-1.2.9-7.1.101mdk.i586.rpm
df337d09fcb6a9bd950650f323ed5deb
10.1/RPMS/iptables-devel-1.2.9-7.1.101mdk.i586.rpm
6d84f2165b614aadb36507a3e2165c74
10.1/RPMS/iptables-ipv6-1.2.9-7.1.101mdk.i586.rpm
37b973770f7ee0ed05b9a1b2ecc363f2 10.1/SRPMS/iptables-1.2.9-7.1.101mdk.src.rpm
Mandrakelinux 10.1/X86_64:
36ea253f918855f8ea5f0cccb9c71d69
x86_64/10.1/RPMS/iptables-1.2.9-7.1.101mdk.x86_64.rpm
67293e555ec345d9f8df2c98b359d7ab
x86_64/10.1/RPMS/iptables-devel-1.2.9-7.1.101mdk.x86_64.rpm
39ba0b1ddf4d3325398b92f2559916fe
x86_64/10.1/RPMS/iptables-ipv6-1.2.9-7.1.101mdk.x86_64.rpm
37b973770f7ee0ed05b9a1b2ecc363f2
x86_64/10.1/SRPMS/iptables-1.2.9-7.1.101mdk.src.rpm
Corporate Server 2.1:
d0d1946847f4355fa4505a139f6c5284
corporate/2.1/RPMS/iptables-1.2.6a-1.1.C21mdk.i586.rpm
98316b73c9942a166f031d07cac35492
corporate/2.1/RPMS/iptables-ipv6-1.2.6a-1.1.C21mdk.i586.rpm
77ffcb45d7b001faec0e283bb0987064
corporate/2.1/SRPMS/iptables-1.2.6a-1.1.C21mdk.src.rpm
Corporate Server 2.1/x86_64:
a2ffbb9e0b2b20edc4354529bb18ec29
x86_64/corporate/2.1/RPMS/iptables-1.2.6a-1.1.C21mdk.x86_64.rpm
b8484b1932147eba656de6573b94b112
x86_64/corporate/2.1/RPMS/iptables-ipv6-1.2.6a-1.1.C21mdk.x86_64.rpm
77ffcb45d7b001faec0e283bb0987064
x86_64/corporate/2.1/SRPMS/iptables-1.2.6a-1.1.C21mdk.src.rpm
Mandrakelinux 9.2:
6a888b74c8d6b0491d5e365b100735d7 9.2/RPMS/iptables-1.2.8-2.1.92mdk.i586.rpm
01ad9046156cd1621214891ed9f239eb
9.2/RPMS/iptables-ipv6-1.2.8-2.1.92mdk.i586.rpm
86e7d2322395547ca0e3d68ebf783dd3 9.2/SRPMS/iptables-1.2.8-2.1.92mdk.src.rpm
Mandrakelinux 9.2/AMD64:
961b11f6868a9101609891cb51d2d245
amd64/9.2/RPMS/iptables-1.2.8-2.1.92mdk.amd64.rpm
955bf909b3c4d7b460037f8f55f23513
amd64/9.2/RPMS/iptables-ipv6-1.2.8-2.1.92mdk.amd64.rpm
86e7d2322395547ca0e3d68ebf783dd3
amd64/9.2/SRPMS/iptables-1.2.8-2.1.92mdk.src.rpm
Multi Network Firewall 8.2:
3bae3f63666aeba5939cfaed2c861405
mnf8.2/RPMS/iptables-1.2.5-1.1.M82mdk.i586.rpm
0422c6867fec60ca167d6aeddfd30fbf
mnf8.2/RPMS/iptables-ipv6-1.2.5-1.1.M82mdk.i586.rpm
acc628f4f4582e794a29d0044d0617d3
mnf8.2/SRPMS/iptables-1.2.5-1.1.M82mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandrakesoft for security. You can obtain
the GPG public key of the Mandrakelinux Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandrakelinux at:
http://www.mandrakesoft.com/security/advisories
If you want to report vulnerabilities, please contact
security_linux-mandrake.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team
<security linux-mandrake.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQFBisI9mqjQ0CJFipgRAozsAJsGIeQhHWzrNpLa1Ikv3jWSDYFQjgCg10gv
/VV+PgUPqBC/7KaE0Zhkdbs=
=99CC
-----END PGP SIGNATURE-----