<<< Date Index >>>     <<< Thread Index >>>

TSL-2005-0009 - multi



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Trustix Secure Linux Security Advisory #2005-0009

Package name:      kernel, mysql
Summary:           Multiple security holes fixed
Date:              2005-03-21
Affected versions: Trustix Secure Linux 2.1
                   Trustix Secure Linux 2.2
                   Trustix Operating System - Enterprise Server 2

- --------------------------------------------------------------------------
Package description:
  kernel:
  The kernel package contains the Linux kernel (vmlinuz), the core of your
  Trustix Secure Linux operating system.  The kernel handles the basic
  functions of the operating system:  memory allocation, process allocation,
  device input and output, etc.

  mysql:
  MySQL is a true multi-user, multi-threaded SQL (Structured Query
  Language) database server. MySQL is a client/server implementation
  that consists of a server daemon (mysqld) and many different client
  programs/libraries.

Problem description:
  kernel:
  Ben Martel and Stephen Blackheath discovered a denial of service bug
  in the ppp server handling where a client could hang the server.

  The Common Vulnerabilities and Exposures project (cve.mitre.org) has
  assigned the name CAN-2005-0384 to this issue.


  mysql:
  Stefano Di Paola discovered three bugs in MySQL:

  MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote
  authenticated users with INSERT and DELETE privileges to execute
  arbitrary code by using CREATE FUNCTION to access libc calls,
  as demonstrated by using strcat, on_exit, and exit.  

  The Common Vulnerabilities and Exposures project (cve.mitre.org) has
  assigned the name CAN-2005-0709 to this issue.


  MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote
  authenticated users with INSERT and DELETE privileges to bypass
  library path restrictions and execute arbitrary libraries by using
  INSERT INTO to modify the mysql.func table, which is processed by the
  udf_init function.

  The Common Vulnerabilities and Exposures project (cve.mitre.org) has
  assigned the name CAN-2005-0710 to this issue.


  MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file
  names when creating temporary tables, which allows local users with
  CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a
  symlink attack.

  The Common Vulnerabilities and Exposures project (cve.mitre.org) has
  assigned the name CAN-2005-0711 to this issue.


Action:
  We recommend that all systems with this package installed be upgraded.
  Please note that if you do not need the functionality provided by this
  package, you may want to remove it from your system.


Location:
  All Trustix Secure Linux updates are available from
  <URI:http://http.trustix.org/pub/trustix/updates/>
  <URI:ftp://ftp.trustix.org/pub/trustix/updates/>


About Trustix Secure Linux:
  Trustix Secure Linux is a small Linux distribution for servers. With focus
  on security and stability, the system is painlessly kept safe and up to
  date from day one using swup, the automated software updater.


Automatic updates:
  Users of the SWUP tool can enjoy having updates automatically
  installed using 'swup --upgrade'.


Questions?
  Check out our mailing lists:
  <URI:http://www.trustix.org/support/>


Verification:
  This advisory along with all Trustix packages are signed with the
  TSL sign key.
  This key is available from:
  <URI:http://www.trustix.org/TSL-SIGN-KEY>

  The advisory itself is available from the errata pages at
  <URI:http://www.trustix.org/errata/trustix-2.1/> and
  <URI:http://www.trustix.org/errata/trustix-2.2/>
  or directly at
  <URI:http://www.trustix.org/errata/2005/0009/>


MD5sums of the packages:
- --------------------------------------------------------------------------
71d33557d95c1b7713af5a6e5d63d148  2.2/rpms/kernel-2.4.29-4tr.i586.rpm
a3344d1caaa87ef1af6d3fd3cb9fac40  2.2/rpms/kernel-BOOT-2.4.29-4tr.i586.rpm
bad1eaf10795af3e576a95b020a930c3  2.2/rpms/kernel-doc-2.4.29-4tr.i586.rpm
cbfcfe63c6fade391592e503464dabc2  2.2/rpms/kernel-smp-2.4.29-4tr.i586.rpm
f09a63d6e69a65d224a2de73d1cd7e8b  2.2/rpms/kernel-source-2.4.29-4tr.i586.rpm
105379c950590f0488916f583859268a  2.2/rpms/kernel-utils-2.4.29-4tr.i586.rpm
47f78a5e460a19d4084015082a33cbc8  2.2/rpms/mysql-4.1.10a-2tr.i586.rpm
37e1c9b78bb4fa04a3a53a5fb4527b49  2.2/rpms/mysql-bench-4.1.10a-2tr.i586.rpm
0592d8cc0e7198d8a24188fc5b5fc208  2.2/rpms/mysql-client-4.1.10a-2tr.i586.rpm
9162e1eb8b89d14c131634fb9819772b  2.2/rpms/mysql-devel-4.1.10a-2tr.i586.rpm
c053da09c5790a3287bdac88b616e722  2.2/rpms/mysql-libs-4.1.10a-2tr.i586.rpm
c4666923513e794857e7b9947b1e6718  2.2/rpms/mysql-shared-4.1.10a-2tr.i586.rpm

cd1cf2f282385bfe90b3de816637c32e  2.1/rpms/kernel-2.4.29-1tr.i586.rpm
2994f5bca157bc36d119586316f2201b  2.1/rpms/kernel-BOOT-2.4.29-1tr.i586.rpm
2c428d7627fa8d1a381f536b113220de  2.1/rpms/kernel-doc-2.4.29-1tr.i586.rpm
8f9c5c78f6b55eedf2ed45bd03a6f7fc  2.1/rpms/kernel-firewall-2.4.29-1tr.i586.rpm
5aa8786126f2f55b3735ea4721616427  
2.1/rpms/kernel-firewallsmp-2.4.29-1tr.i586.rpm
7f2462b904d47260659575c6caa2c84c  2.1/rpms/kernel-smp-2.4.29-1tr.i586.rpm
b671653c5721ea3e79a05f54d0070970  2.1/rpms/kernel-source-2.4.29-1tr.i586.rpm
ed784d3c8a0c80b8a634c6687683cfc8  2.1/rpms/kernel-utils-2.4.29-1tr.i586.rpm
550fb7ba3f6a6f06ed98b5644741061c  2.1/rpms/mysql-4.0.24-1tr.i586.rpm
0ad72064ac9cfadd9db672f33b3dc5cb  2.1/rpms/mysql-bench-4.0.24-1tr.i586.rpm
4f6846b8c7a38705dbdac2409357c479  2.1/rpms/mysql-client-4.0.24-1tr.i586.rpm
caf084df98fb6fdbad8e0a0f7a2cd971  2.1/rpms/mysql-devel-4.0.24-1tr.i586.rpm
4dbcd3e8cffaf9ed4f89161ed19355e0  2.1/rpms/mysql-libs-4.0.24-1tr.i586.rpm
7870630cf5d1fcf12a1799f2e266693c  2.1/rpms/mysql-shared-4.0.24-1tr.i586.rpm
- --------------------------------------------------------------------------


Trustix Security Team

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFCPskpi8CEzsK9IksRAnbyAJ9xA0lDupc724ecrdovacbqk0/iMQCfbvoy
a2/kIM/xv8C21ENZ0p1Id/0=
=XPJj
-----END PGP SIGNATURE-----