date:20040220

[SECURITY] [DSA 443-1] New xfree86 packages fix multiple vulnerabilities

2004-02-20 Thread Matt Zimmerman

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

- --
Debian Security Advisory DSA 443-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Matt Zimmerman
February 19th, 2004 http://www.debian.org/security/faq
- --

Package: xfree86
Vulnerability  : several
Problem-Type   : remote
Debian-specific: no
CVE Ids: CAN-2003-0690 CAN-2004-0083 CAN-2004-0084 CAN-2004-0106 
CAN-2004-0093 CAN-2004-0094

A number of vulnerabilities have been discovered in XFree86:

 CAN-2004-0083: Buffer overflow in ReadFontAlias from dirfile.c of
XFree86 4.1.0 through 4.3.0 allows local users and remote attackers to
execute arbitrary code via a font alias file (font.alias) with a long
token, a different vulnerability than CAN-2004-0084.

 CAN-2004-0084: Buffer overflow in the ReadFontAlias function in XFree86
4.1.0 to 4.3.0, when using the CopyISOLatin1Lowered function, allows
local or remote authenticated users to execute arbitrary code via a
malformed entry in the font alias (font.alias) file, a different
vulnerability than CAN-2004-0083.

 CAN-2004-0106: Miscellaneous additional flaws in XFree86's handling of
font files.

 CAN-2003-0690: xdm does not verify whether the pam_setcred function call
succeeds, which may allow attackers to gain root privileges by
triggering error conditions within PAM modules, as demonstrated in
certain configurations of the MIT pam_krb5 module.

 CAN-2004-0093, CAN-2004-0094: Denial-of-service attacks against the X
server by clients using the GLX extension and Direct Rendering
Infrastructure are possible due to unchecked client data (out-of-bounds
array indexes [CAN-2004-0093] and integer signedness errors
[CAN-2004-0094]).

Exploitation of CAN-2004-0083, CAN-2004-0084, CAN-2004-0106,
CAN-2004-0093 and CAN-2004-0094 would require a connection to the X
server.  By default, display managers in Debian start the X server
with a configuration which only accepts local connections, but if the
configuration is changed to allow remote connections, or X servers are
started by other means, then these bugs could be exploited remotely.
Since the X server usually runs with root privileges, these bugs could
potentially be exploited to gain root privileges.

No attack vector for CAN-2003-0690 is known at this time.

For the stable distribution (woody) these problems have been fixed in
version 4.1.0-16woody3.

For the unstable distribution (sid) these problems have been fixed in
version 4.3.0-2.

We recommend that you update your xfree86 package.

Upgrade Instructions
- 

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody
- 

  Source archives:


http://security.debian.org/pool/updates/main/x/xfree86/xfree86_4.1.0-16woody3.dsc
  Size/MD5 checksum: 1512 596b339b1a1ab8c1aeebe949a7e77076

http://security.debian.org/pool/updates/main/x/xfree86/xfree86_4.1.0-16woody3.diff.gz
  Size/MD5 checksum:  1600904 d0ab158eaf2b1a49d17470b138e99fe8

http://security.debian.org/pool/updates/main/x/xfree86/xfree86_4.1.0.orig.tar.gz
  Size/MD5 checksum: 54433247 ea7a32e6a81a850e9f19428f3104c300

  Architecture independent components:


http://security.debian.org/pool/updates/main/x/xfree86/x-window-system_4.1.0-16woody3_all.deb
  Size/MD5 checksum:60486 27fbccef0a1e87466eae49534b492f32

http://security.debian.org/pool/updates/main/x/xfree86/xfonts-100dpi-transcoded_4.1.0-16woody3_all.deb
  Size/MD5 checksum:  8333716 23dcab5cbf8daffe02eb6cded5da96b4

http://security.debian.org/pool/updates/main/x/xfree86/xfonts-100dpi_4.1.0-16woody3_all.deb
  Size/MD5 checksum:  4442612 379489c2b77427f1640525568e5ba4c0

http://security.debian.org/pool/updates/main/x/xfree86/xfonts-75dpi-transcoded_4.1.0-16woody3_all.deb
  Size/MD5 checksum:  7225924 0e2b47660cbe103fbd67275e55c7da53

http://security.debian.org/pool/updates/main/x/xfree86/xfonts-75dpi_4.1.0-16woody3_all.deb
  Size/MD5 checksum:  3931790 eb3ecbf1e2a453af48de6b9fb8e23f2f

http://security.debian.org/pool/updates/main/x/xfree86/xfonts-base-transcoded_4.1.0-16woody3_all.deb
  Size/MD5 checksum:  1105542 30257b1f4ff435f24a1a96f0820f0119

http://security.debian.org/pool/updates/main/x/xfree86/xfonts-base_4.1.0-16woody3_all.deb
  Size/MD5 checksum:  5028916 f0e09d48bd43a2ebdcb0da701a67ce7f

[SECURITY] [DSA 444-1] New Linux 2.4.17 packages fix local root exploit (ia64)

2004-02-20 Thread Martin Schulze

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

- --
Debian Security Advisory DSA 444-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
February 20th, 2004 http://www.debian.org/security/faq
- --

Package: kernel-image-2.4.17-ia64
Vulnerability  : missing function return value check
Problem-Type   : local
Debian-specific: no
CVE ID : CAN-2004-0077

Paul Starzetz and Wojciech Purczynski of isec.pl discovered a critical
security vulnerability in the memory management code of Linux inside
the mremap(2) system call.  Due to missing function return value check
of internal functions a local attacker can gain root privileges.

For the stable distribution (woody) this problem has been fixed in
version 011226.16 of ia64 kernel source and images.

Other architectures are or will be mentioned in a separate advisory
respectively or are not affected (m68k).

For the unstable distribution (sid) this problem will be fixed in version
2.4.24-3.

This problem is also fixed in the upstream version of Linux 2.4.25 and
2.6.3.

We recommend that you upgrade your Linux kernel packages immediately.


Upgrade Instructions
- 

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
- 

  Source archives:


http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-image-2.4.17-ia64_011226.16.dsc
  Size/MD5 checksum:  736 ce2c07cdef967852affbded0c3b87d07

http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-image-2.4.17-ia64_011226.16.tar.gz
  Size/MD5 checksum: 25404148 fc05010d0a2597556ade2725bd9964ba

  Architecture independent components:


http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-source-2.4.17-ia64_011226.16_all.deb
  Size/MD5 checksum: 24735276 62b217b8063eee0e7bcc0dab7cf1d436

  Intel IA-64 architecture:


http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-headers-2.4.17-ia64_011226.16_ia64.deb
  Size/MD5 checksum:  3635878 a80b582cac7154d87a683d3fb26504a9

http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-image-2.4.17-itanium_011226.16_ia64.deb
  Size/MD5 checksum:  7019622 55c55179d90f2f65b855a6ae4190cc70

http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-image-2.4.17-itanium-smp_011226.16_ia64.deb
  Size/MD5 checksum:  7168586 8f95a26976bcedae6bece27dd60237e1

http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-image-2.4.17-mckinley_011226.16_ia64.deb
  Size/MD5 checksum:  7011682 001c6f5ed436bfcd42acbb6d6046b11c

http://security.debian.org/pool/updates/main/k/kernel-image-2.4.17-ia64/kernel-image-2.4.17-mckinley-smp_011226.16_ia64.deb
  Size/MD5 checksum:  7161374 586b7f6a4912694036df7dfadd4a57ca


  These files will probably be moved into the stable distribution on
  its next revision.

- -
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: [EMAIL PROTECTED]
Package info: `apt-cache show ' and http://packages.debian.org/

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFANcSBW5ql+IAeqTIRAlGGAJwJd1GA9MC3dFwDWGz5u0WErsSvswCcDJe8
DUfyiky20+a5+xx7IocHj+w=
=1rXE
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

[SECURITY] [DSA 443-1] New xfree86 packages fix multiple vulnerabilities

[SECURITY] [DSA 444-1] New Linux 2.4.17 packages fix local root exploit (ia64)

2 matches

Site Navigation

Mail list logo

Footer information