<<< Date Index >>>     <<< Thread Index >>>

TSLSA-2007-0023 - multi



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Trustix Secure Linux Security Advisory #2007-0023

Package names:     bind, clamav, curl, mod_perl, perl-net-dns, php, tcpdump
Summary:           Multiple vulnerabilities
Date:              2007-07-28
Affected versions: Trustix Secure Linux 2.2
                   Trustix Secure Linux 3.0
                   Trustix Secure Linux 3.0.5
                   Trustix Operating System - Enterprise Server 2

- --------------------------------------------------------------------------
Package description:
  bind
  BIND (Berkeley Internet Name Domain) is an implementation of the DNS
  (Domain Name System) protocols. BIND includes a DNS server (named),
  which resolves host names to IP addresses, and a resolver library
  (routines for applications to use when interfacing with DNS). A DNS
  server allows clients to name resources or objects and share the
  information with other network machines. The named DNS server can be
  used on workstations as a caching name server, but is generally only
  needed on one machine for an entire network.

  clamav
  Clam AntiVirus is a GPL anti-virus toolkit for UNIX. The main purpose
  of this software is the integration with mail servers (attachment 
  scanning). The package provides a flexible and scalable multi-threaded
  daemon, a command line scanner, and a tool for automatic updating via
  Internet. The programs are based on a shared library distributed with
  package, which you can use with your own software.

  curl
  curl is a client to get documents/files from servers, using any of the
  supported protocols. The command is designed to work without user
  interaction or any kind of interactivity.

  mod_perl
  Mod_perl incorporates a Perl interpreter into the Apache web server,
  so that the Apache web server can directly execute Perl code. Mod_perl
  links the Perl runtime library into the Apache web server and provides
  an object-oriented Perl interface for Apache's C language API. The end
  result is a quicker CGI script turnaround process, since no external
  Perl interpreter has to be started.

  perl-net-dns
  Perl interface to the DNS resolver.

  php
  PHP is an HTML-embedded scripting language. PHP attempts to make it
  easy for developers to write dynamically generated web pages. PHP
  also offers built-in database integration for several commercial
  and non-commercial database management systems, so writing a
  database-enabled web page with PHP is fairly simple. The most common
  use of PHP coding is probably as a replacement for CGI scripts. The
  mod_php module enables the Apache web server to understand and process
  the embedded PHP language in web pages.

  tcpdump
  Tcpdump is a command-line tool for monitoring network traffic. Tcpdump
  can capture and display the packet headers on a particular network
  interface or on all interfaces. Tcpdump can display all of the packet
  headers, or just the ones that match particular criteria.

Problem description:
  bind < TSL 3.0.5 > < TSL 3.0 > < TSL 2.2 > < TSEL 2>
  - New upsteam.
  - SECURITY Fix: Amit Klein has reported a vulnerability in BIND,
    caused due to predictable query IDs in outgoing queries which can
    be exploited to poison the DNS cache when the query ID is guessed.

    The Common Vulnerabilities and Exposures project (cve.mitre.org) has
    assigned the name CVE-2007-2926 to this issue.

  clamav < TSL 3.0.5 > < TSL 3.0 > < TSL 2.2 >
  - New Upstream.
  - SECURITY Fix: Metaeye SG has reported a vulnerability in ClamAV,
    caused due to a NULL-pointer dereference error within
    libclamav/unrar/unrarvm.c when handling RAR archives. This can
    be exploited to cause a crash via a specially crafted RAR
    archive (SA26038).
 
  curl < TSL 3.0.5 > < TSL 3.0 > < TSL 2.2 >
  - New Upstream.
  - SECURITY Fix: A security issue has been reported in cURL/libcURL,
    when the validity period of SSL/TLS certificates presented by peers
    is not properly checked. This can be exploited to bypass access
    restrictions imposed by SSL/TLS certificates, but requires that
    cURL/libcURL is built with GnuTLS.

    The Common Vulnerabilities and Exposures project has assigned the
    name CVE-2007-3564 to this issue.  

  mod_perl < TSL 3.0.5 > < TSL 3.0 > < TSL 2.2 > 
  - SECURITY Fix: A vulnerability has been reported in mod_perl caused
    due to a regular expression in "RegistryCooker.pm" that uses the
    "path_info" variable without properly escaping it. This can be
    exploited to cause a DoS by sending requests with specially 
    crafted URLs to a vulnerable server.

    The Common Vulnerabilities and Exposures project (cve.mitre.org)
    has assigned the name CVE-2007-1349 to this issue. 

  perl-net-dns < TSL 3.0.5 > < TSL 3.0 > < TSL 2.2 >
  - SECURITY Fix: An error exists in the handling of DNS queries where
    IDs are incremented with a fixed value and are additionally used
    for child processes in a forking server. This can be exploited
    to poison the DNS cache of an application using the module if a
    valid ID is guessed.
  - An error in the PP implementation within the "dn_expand()" function
    can be exploited to cause a stack overflow due to an endless loop
    via a specially crafted DNS packet.

    The Common Vulnerabilities and Exposures project (cve.mitre.org)
    has assigned the names CVE-2007-3377 and CVE-2007-3409 to
    these issues.

  php < TSL 3.0.5 > < TSL 3.0 > < TSL 2.2 >
  - New Upstream.
  - Rebuilt with new cURL.
  - SECURITY Fix: Multiple security fixes.
  - Fixes an integer overflow inside chunk_split().
  - Fixes possible infinite loop in imagecreatefrompng.
  - Fixes ext/filter Email Validation Vulnerability.
  - Fixes an error in the "realpath()" function which allows bypassing
    of the "open_basedir" restriction and identifying the existence
    of files.

    The Common Vulnerabilities and Exposures project has assigned the
    names CVE-2007-2872, CVE-2007-2756, CVE-2007-1900 and CVE-2007-3007
    to these issues.

  tcpdump < TSL 3.0.5 > < TSL 3.0 > < TSL 2.2 > < TSEL 2>
  - SECURITY Fix: mu-b has reported a vulnerability in tcpdump, caused
    due to the incorrect use of the return value of "snprintf()" in
    print-bgp.c. This can be exploited to cause a buffer overflow by
    sending specially crafted BGP packets.

    The Common Vulnerabilities and Exposures project (cve.mitre.org)
    has assigned the name CVE-2007-3798 to this issue.

Action:
  We recommend that all systems with this package installed be upgraded.
  Please note that if you do not need the functionality provided by this
  package, you may want to remove it from your system.


Location:
  All Trustix Secure Linux updates are available from
  <URI:http://http.trustix.org/pub/trustix/updates/>
  <URI:ftp://ftp.trustix.org/pub/trustix/updates/>


About Trustix Secure Linux:
  Trustix Secure Linux is a small Linux distribution for servers. With focus
  on security and stability, the system is painlessly kept safe and up to
  date from day one using swup, the automated software updater.


Automatic updates:
  Users of the SWUP tool can enjoy having updates automatically
  installed using 'swup --upgrade'.


Questions?
  Check out our mailing lists:
  <URI:http://www.trustix.org/support/>


Verification:
  This advisory along with all Trustix packages are signed with the
  TSL sign key.
  This key is available from:
  <URI:http://www.trustix.org/TSL-SIGN-KEY>

  The advisory itself is available from the errata pages at
  <URI:http://www.trustix.org/errata/trustix-2.2/>
  <URI:http://www.trustix.org/errata/trustix-3.0/> and
  <URI:http://www.trustix.org/errata/trustix-3.0.5/>
  or directly at
  <URI:http://www.trustix.org/errata/2007/0023/>


MD5sums of the packages:
- --------------------------------------------------------------------------
385242c4da523acb7ecaff616901b223  3.0.5/rpms/bind-9.3.4-4tr.i586.rpm
4167a783f1c3411b5164ab9995e8113c  3.0.5/rpms/bind-devel-9.3.4-4tr.i586.rpm
3d2dc1d76c375cd4cf8e5f9e4a4ddf95  3.0.5/rpms/bind-libs-9.3.4-4tr.i586.rpm
f2d0cba38984af70e4f59f0d60ff2302  3.0.5/rpms/bind-light-9.3.4-4tr.i586.rpm
aff99e42d42a8b254daa4dd584be5f1e  3.0.5/rpms/bind-light-devel-9.3.4-4tr.i586.rpm
274cd85cad7ca003fb0f878340edb285  3.0.5/rpms/bind-utils-9.3.4-4tr.i586.rpm
6a99712b78627068aa0b7fa8f26b7e7d  3.0.5/rpms/clamav-0.91-1tr.i586.rpm
2ff6fcd209c53b53fc6c9206c300eec4  3.0.5/rpms/clamav-devel-0.91-1tr.i586.rpm
09e20d036d2b53c7a65624aa6882123e  3.0.5/rpms/curl-7.16.4-1tr.i586.rpm
9e2e4ef2609cf03088b9445bdab80631  3.0.5/rpms/curl-devel-7.16.4-1tr.i586.rpm
600b93c576cd56863475f24a0ecc3f4f  3.0.5/rpms/mod_perl-2.0.2-3tr.i586.rpm
c07c04028d2b514a463de72a875506db  3.0.5/rpms/mod_perl-devel-2.0.2-3tr.i586.rpm
cabcfcc1cfba5743ec30bb3e3eb318c2  3.0.5/rpms/perl-net-dns-0.48-9tr.i586.rpm
e20885f62af0966f141d816d5379acd0  3.0.5/rpms/php-5.2.3-2tr.i586.rpm
4e21162333b73d66dde4e52b2963b1b2  3.0.5/rpms/php-calendar-5.2.3-2tr.i586.rpm
9549f8f5a80e4bf8a2b39285eeb1fc9c  3.0.5/rpms/php-cli-5.2.3-2tr.i586.rpm
612598724164f92956a46dfd82519910  3.0.5/rpms/php-curl-5.2.3-2tr.i586.rpm
fa21e93e332faad2156b9981fcab0412  3.0.5/rpms/php-dba-5.2.3-2tr.i586.rpm
41248154da73754b2e239b76733cfe50  3.0.5/rpms/php-devel-5.2.3-2tr.i586.rpm
276c9d70f92c8ba4df771334b5c1c6c5  3.0.5/rpms/php-exif-5.2.3-2tr.i586.rpm
11b1dee7b0f395962001bd2b63155d1f  3.0.5/rpms/php-fcgi-5.2.3-2tr.i586.rpm
8a2bdc6d26c532ec1b42420315729f99  3.0.5/rpms/php-gd-5.2.3-2tr.i586.rpm
2fae9844d133102ffda34ff18564ca84  3.0.5/rpms/php-imap-5.2.3-2tr.i586.rpm
dec194258270480cd4b4d7bf43ae8fc2  3.0.5/rpms/php-ldap-5.2.3-2tr.i586.rpm
5a0dc23348b76defab4c24b2da562b5f  3.0.5/rpms/php-mcrypt-5.2.3-2tr.i586.rpm
1f695f95099d08d832697f517f806cf1  3.0.5/rpms/php-mhash-5.2.3-2tr.i586.rpm
c412e4fb7e16ef4ac71f399c41779deb  3.0.5/rpms/php-mssql-5.2.3-2tr.i586.rpm
b42f4883c03145d946ed6d869d22f72a  3.0.5/rpms/php-mysql-5.2.3-2tr.i586.rpm
35222a6bfe9e049f0a806b4a35015e79  3.0.5/rpms/php-mysqli-5.2.3-2tr.i586.rpm
f351b5011818d1415a5117bafc22eb4e  3.0.5/rpms/php-openssl-5.2.3-2tr.i586.rpm
f46ea8caa3dc48c7ea8c54964abc5152  3.0.5/rpms/php-pdo-mysql-5.2.3-2tr.i586.rpm
84344f18f94e2b97e5c77920c876f51c  3.0.5/rpms/php-pdo-sqlite-5.2.3-2tr.i586.rpm
622bdb0b15bf0bd00fecaedd2971f71b  3.0.5/rpms/php-pgsql-5.2.3-2tr.i586.rpm
cdaadbf37e4e4875cae29d314747be04  3.0.5/rpms/php-pspell-5.2.3-2tr.i586.rpm
bb957f6b81cf29dc8aec0b6d8f82e55c  3.0.5/rpms/php-snmp-5.2.3-2tr.i586.rpm
3e865b30e6b7b58e2bb09cc1eeb1c371  3.0.5/rpms/php-sqlite-5.2.3-2tr.i586.rpm
842fbe08b207b9a1fea602ed32f4b7b2  3.0.5/rpms/php-xslt-5.2.3-2tr.i586.rpm
0c7646b5d3e9206f019ffed95a9b4c41  3.0.5/rpms/php-zlib-5.2.3-2tr.i586.rpm
beb5bb381f3c2283cc79194ae0812822  3.0.5/rpms/tcpdump-3.8.3-9tr.i586.rpm

a391402b4cc09fdfa8fbb691c91b2b08  3.0/rpms/bind-9.3.4-3tr.i586.rpm
5de35bd610263cb60389245644a9fb8e  3.0/rpms/bind-devel-9.3.4-3tr.i586.rpm
e8a5943aa49d1fafa50b58e6421b2e9a  3.0/rpms/bind-libs-9.3.4-3tr.i586.rpm
1942f8178c7c9b56e62bad4fc309f976  3.0/rpms/bind-light-9.3.4-3tr.i586.rpm
fc3940a06e5415dd7f20d6e13b698938  3.0/rpms/bind-light-devel-9.3.4-3tr.i586.rpm
4a3e1e31aa6f4b97f1cdd68091d345ee  3.0/rpms/bind-utils-9.3.4-3tr.i586.rpm
706e7200ae5bdba1029f5b764de7839b  3.0/rpms/clamav-0.91-1tr.i586.rpm
7bcb48add43435ddc6844c8788838b78  3.0/rpms/clamav-devel-0.91-1tr.i586.rpm
4eb9d1ca7eb019819db2beb1c0345991  3.0/rpms/curl-7.16.4-1tr.i586.rpm
faeafe6f0ddb8dc82d050e1f652f9d2d  3.0/rpms/curl-devel-7.16.4-1tr.i586.rpm
8fdc1d78fcd94fde400413e892fd9e24  3.0/rpms/mod_perl-2.0.0-5tr.i586.rpm
45979e4b4f3c2cfc57d7ac31620825b1  3.0/rpms/mod_perl-devel-2.0.0-5tr.i586.rpm
929644b8b2092afb00b2de2eb7e407dc  3.0/rpms/perl-net-dns-0.48-8tr.i586.rpm
1209b0a10694606d18e74f89e18c4a03  3.0/rpms/php-5.2.3-2tr.i586.rpm
a11d6834c9ed3fff9bad1490dea865aa  3.0/rpms/php-calendar-5.2.3-2tr.i586.rpm
d2cc2b3a319ae3093a91b0f6570fe47a  3.0/rpms/php-cli-5.2.3-2tr.i586.rpm
0ebf7ad7a6b286d1385ba51b1817516c  3.0/rpms/php-curl-5.2.3-2tr.i586.rpm
98b72bc17b2c31021390197c4b06c89d  3.0/rpms/php-dba-5.2.3-2tr.i586.rpm
43e23f9064f04a02476ae13ef4f4d1be  3.0/rpms/php-devel-5.2.3-2tr.i586.rpm
f168fe8c914d57ee87d0649b01f97e77  3.0/rpms/php-exif-5.2.3-2tr.i586.rpm
ad8c9a6cf39987f899009976a16fb0a5  3.0/rpms/php-fcgi-5.2.3-2tr.i586.rpm
cfa1a50f86dfd87ec7cd8619152d4b71  3.0/rpms/php-gd-5.2.3-2tr.i586.rpm
da6f567e3c3e1ef8a7ed8f75bb437a05  3.0/rpms/php-imap-5.2.3-2tr.i586.rpm
05691bf3d3226fa05b0a2734583a7556  3.0/rpms/php-ldap-5.2.3-2tr.i586.rpm
8e3f6a0c74ebb806b10d8a863ac3ba13  3.0/rpms/php-mcrypt-5.2.3-2tr.i586.rpm
490351006a445007b04513876e1abed8  3.0/rpms/php-mhash-5.2.3-2tr.i586.rpm
ea375b107428a5a07df36af4138b225c  3.0/rpms/php-mssql-5.2.3-2tr.i586.rpm
621ab19d1951642fbe1039aa7dd4ee55  3.0/rpms/php-mysql-5.2.3-2tr.i586.rpm
081788130aa74b739f7a6f2f1672b6ac  3.0/rpms/php-mysqli-5.2.3-2tr.i586.rpm
98c91e97a36d76b054094c4aef8ba303  3.0/rpms/php-openssl-5.2.3-2tr.i586.rpm
a116f66211a0e41646d7bb057f93c994  3.0/rpms/php-pdo-mysql-5.2.3-2tr.i586.rpm
8f956f1d14920866c0699006471de2de  3.0/rpms/php-pdo-sqlite-5.2.3-2tr.i586.rpm
58e83e31a64595b671209aa2b032de9e  3.0/rpms/php-pgsql-5.2.3-2tr.i586.rpm
5e318866d6f8d8d654bcb940469fb25a  3.0/rpms/php-pspell-5.2.3-2tr.i586.rpm
7d4dc479904dcac651efe6c8307004c0  3.0/rpms/php-snmp-5.2.3-2tr.i586.rpm
7c2903bd5bde33b5194895932f2336eb  3.0/rpms/php-sqlite-5.2.3-2tr.i586.rpm
9dcfdcddbf8dfb3eb066893c7e184032  3.0/rpms/php-xslt-5.2.3-2tr.i586.rpm
2b22a6a4c46cf1dcc823d0be52a1ee6b  3.0/rpms/php-zlib-5.2.3-2tr.i586.rpm
3e5a930e898b69ff03d010bb4d50e3d0  3.0/rpms/tcpdump-3.8.3-8tr.i586.rpm

d3c601bd616c19da0da2180e7029cc2c  2.2/rpms/bind-9.3.4-3tr.i586.rpm
ba5ab37e1c1f98b73ecf7988cafafc10  2.2/rpms/bind-devel-9.3.4-3tr.i586.rpm
c5173096b50c73537bc149a24074ab47  2.2/rpms/bind-libs-9.3.4-3tr.i586.rpm
ec8157264cccbe97f111647682625ed0  2.2/rpms/bind-light-9.3.4-3tr.i586.rpm
e58d3dac7a5ed83a33291dc0493d07fc  2.2/rpms/bind-light-devel-9.3.4-3tr.i586.rpm
701f16b002778ca84844b85d2adff688  2.2/rpms/bind-utils-9.3.4-3tr.i586.rpm
d0f1c9fb436123f8d0a9d7e1af85c885  2.2/rpms/clamav-0.91-1tr.i586.rpm
f296443ddff0566e9d474643ff33b962  2.2/rpms/clamav-devel-0.91-1tr.i586.rpm
3f9a03adaa1171d960cdbfe08ea6795b  2.2/rpms/curl-7.15.3-3tr.i586.rpm
5332054611bdba805908521670783b96  2.2/rpms/curl-devel-7.15.3-3tr.i586.rpm
60489eeffd8bf5958fde66628a343974  2.2/rpms/mod_perl-2.0.0-5tr.i586.rpm
dd0202812215babf987e20525ec940db  2.2/rpms/mod_perl-devel-2.0.0-5tr.i586.rpm
5f1b350a7ea7ef3d7964259a179ebb3a  2.2/rpms/perl-net-dns-0.48-3tr.i586.rpm
6e4d88ef05463a6895bded9a04d6c417  2.2/rpms/php-5.2.3-1tr.i586.rpm
df38a5edbb2d8d5836173206fb4aa51e  2.2/rpms/php-cli-5.2.3-1tr.i586.rpm
b7358a367b60569d7198fea6d3d0f0cd  2.2/rpms/php-curl-5.2.3-1tr.i586.rpm
335875d9db23623630c8e7a2f7ff6b35  2.2/rpms/php-devel-5.2.3-1tr.i586.rpm
f445894ec53b9b0d7ec69c38e37db59f  2.2/rpms/php-exif-5.2.3-1tr.i586.rpm
6dfbf73af362155eb654b3bbf5900fe2  2.2/rpms/php-fcgi-5.2.3-1tr.i586.rpm
79dc33da7ef677c44241b4985acd6e0f  2.2/rpms/php-gd-5.2.3-1tr.i586.rpm
ac208d692c6868c07d787b72405b77ec  2.2/rpms/php-imap-5.2.3-1tr.i586.rpm
281562426b06aaa035569925354b08a3  2.2/rpms/php-ldap-5.2.3-1tr.i586.rpm
3aceb6b5e05e0949959a90f762172c6a  2.2/rpms/php-mcrypt-5.2.3-1tr.i586.rpm
7dc951138c0d5abf8a8437eec57d734e  2.2/rpms/php-mhash-5.2.3-1tr.i586.rpm
698e5c3b296094a84600673439a8ba2e  2.2/rpms/php-mssql-5.2.3-1tr.i586.rpm
f76695798ecf9f0c3c4005e309a97010  2.2/rpms/php-mysql-5.2.3-1tr.i586.rpm
063183e965f09e8c0581d4a21c31accb  2.2/rpms/php-mysqli-5.2.3-1tr.i586.rpm
f04605d40bfed9290308d47c3464ac0c  2.2/rpms/php-openssl-5.2.3-1tr.i586.rpm
227afb0b6004cd4e07d2e276cc639b34  2.2/rpms/php-pdo-mysql-5.2.3-1tr.i586.rpm
5854d898328e4446c3d4b36e7b454695  2.2/rpms/php-pdo-sqlite-5.2.3-1tr.i586.rpm
eed1a233aef2fdddd4d1961b2bc2a7c2  2.2/rpms/php-pgsql-5.2.3-1tr.i586.rpm
9ef05f267ba75169f28298783372a8ad  2.2/rpms/php-sqlite-5.2.3-1tr.i586.rpm
c20518aaa32dd4b9b2f906c96c99b0c8  2.2/rpms/php-zlib-5.2.3-1tr.i586.rpm
f9031f0f637cabfbf0113743a5d1ac8d  2.2/rpms/tcpdump-3.8.3-4tr.i586.rpm
- --------------------------------------------------------------------------


Trustix Security Team


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFGqui/i8CEzsK9IksRAn6cAJ9qo0oSAxR+cgO0NtX79PoKyndT4ACeIGvH
iVChPLuVjax/5kU9bFOCv74=
=qKb+
-----END PGP SIGNATURE-----