Updates have been made to Slack/390 9.0. They're available from the main
download server. I suspect the mirrors will be caught up by tomorrow.
Mark Post
Wed Dec 21 18:10:00 EDT 2005
slackware/a/util-linux-2.11z-s390-2.tgz: Patched an issue with
umount where if the umount failed when the '-r' option was used, the
filesystem would be remounted read-only but without any extra flags
specified in /etc/fstab. This could allow an ordinary user able to
mount a floppy or CD (but with nosuid, noexec, nodev, etc in
/etc/fstab) to run a setuid binary from removable media and gain
root privileges.
Reported to BugTraq by David Watson:
http://www.securityfocus.com/archive/1/410333
(* Security fix *)
slackware/l/pcre-6.3-s390-1.tgz: Upgraded to pcre-6.3.
This fixes a buffer overflow that could be triggered by the processing of
a
specially crafted regular expression. Theoretically this could be a
security
issue if regular expressions are accepted from untrusted users to be
processed by a user with greater privileges, but this doesn't seem like a
common scenario (or, for that matter, a good idea). However, if you are
using an application that links to the shared PCRE library and accepts
outside input in such a manner, you will want to update to this new
package.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491
(* Security fix *)
slackware/n/apache-1.3.34-s390-1.tgz: Upgraded to apache-1.3.34.
Fixes this minor security bug: "If a request contains both
Transfer-Encoding
and Content-Length headers, remove the Content-Length, mitigating some
HTTP
Request Splitting/Spoofing attacks."
(* Security fix *)
slackware/n/dhcpcd-1.3.22pl4-s390-2.tgz: Patched an issue where a
remote attacker can cause dhcpcd to crash.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1848
(* Security fix *)
slackware/n/elm-2.5.8-s390-1.tgz: Upgraded to elm2.5.8.
This fixes a buffer overflow in the parsing of the Expires header that
could be used to execute arbitrary code as the user running Elm.
Thanks to Ulf Harnhammar for finding the bug and reminding me to get
out updated packages to address the issue.
A reference to the original advisory:
http://archives.neohapsis.com/archives/fulldisclosure/2005-08/0688.html
slackware/n/fetchmail-6.2.5.2-s390-1.tgz:
Upgraded to fetchmail-6.2.5.2.
This fixes an overflow by which malicious or compromised POP3 servers
may overflow fetchmail's stack.
For more information, see:
http://fetchmail.berlios.de/fetchmail-SA-2005-01.txt
(* Security fix *)
slackware/n/imapd-4.64-s390-1.tgz: Upgraded to imapd-4.64.
A buffer overflow was reported in the mail_valid_net_parse_work function.
However, this function in the c-client library does not appear to be
called
from anywhere in imapd. iDefense states that the issue is of LOW risk to
sites that allow users shell access, and LOW-MODERATE risk to other
servers.
I believe it's possible that it is of NIL risk if the function is indeed
dead code to imapd, but draw your own conclusions...
(* Security fix *)
slackware/n/lynx-2.8.5rel.5-s390-1.tgz: Upgraded to lynx-2.8.5rel.5.
Fixes an issue where the handling of Asian characters when using lynx to
connect to an NNTP server (is this a common use?) could result in a buffer
overflow causing the execution of arbitrary code.
For more details, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3120
(* Security fix *)
slackware/n/mod_ssl-2.8.25_1.3.34-s390-1.tgz:
Upgraded to mod_ssl-2.8.25-1.3.34.
patches/packages/pine-4.64-i386-1.tgz: Upgraded to pine-4.64.
patches/packages/wget-1.10.2-i386-1.tgz: Upgraded to wget-1.10.2.
This addresses a buffer overflow in wget's NTLM handling function that
could
have possible security implications.
For more details, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3185
(* Security fix *)
slackware/n/openssl-0.9.7d-s390-2.tgz: Patched.
Fixed a vulnerability that could, in rare circumstances, allow an attacker
acting as a "man in the middle" to force a client and a server to
negotiate
the SSL 2.0 protocol (which is known to be weak) even if these parties
both
support SSL 3.0 or TLS 1.0.
For more details, see:
http://www.openssl.org/news/secadv_20051011.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2969
(* Security fix *)
slackware/n/openssl-solibs-0.9.7d-s390-2.tgz: Patched.
(* Security fix *)
slackware/n/php-4.3.11-s390-2.tgz: Relinked with the system PCRE library,
as the builtin library has a buffer overflow that could be triggered by
the
processing of a specially crafted regular expression.
Note that this change requires the pcre package to be installed.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491
(* Security fix *)
Upgraded PEAR::XMLRPC to version 1.4.0, which eliminates the use of the
insecure eval() function.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2498
(* Security fix *)
slackware/n/pine-4.64-s390-1.tgz: Upgraded to pine-4.64.
slackware/n/tcpip-0.17-s390-2.tgz: Patched two overflows in
the telnet client that could allow the execution of arbitrary code
when connected to a malicious telnet server.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0468
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0469
(* Security fix *)
slackware/n/wget-1.10.2-s390-1.tgz: Upgraded to wget-1.10.2.
This addresses a buffer overflow in wget's NTLM handling function that
could
have possible security implications.
For more details, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3185
(* Security fix *)
+--------------------------+
Tue Dec 20 22:45:00 EDT 2005
slackware/a/infozip-5.52-s390-1.tgz: Upgraded to unzip552.tar.gz and
zip231.tar.gz. These fix some buffer overruns if deep directory paths are
packed into a Zip archive which could be a security vulnerability (for
example, in a case of automated archiving or backups that use Zip).
However,
it also appears that these now use certain assembly instructions that
might
not be available on older CPUs, so if you have an older machine you may
wish
to take this into account before deciding whether you should upgrade.
(* Security fix *)
slackware/a/sudo-1.6.8p9-s390-1.tgz: Upgraded to sudo-1.6.8p9.
This new version of Sudo fixes a race condition in command pathname
handling
that could allow a user with Sudo privileges to run arbitrary commands.
For full details, see the Sudo site:
http://www.courtesan.com/sudo/alerts/path_race.html
(* Security fix *)
slackware/k/kernel-source-2.4.21-s390-2.tgz: Upgraded to IBM's -30 patch
level, with
timer patch version -04.
slackware/n/tcpdump-3.9.3-s390-1.tgz: Upgraded to libpcap-0.9.3 and
tcpdump-3.9.3. This fixes an issue where an invalid BGP packet can
cause tcpdump to go into an infinate loop, effectively disabling network
monitoring.
(* Security fix *)
slackware/xap/gaim-1.5.0-s390-1.tgz: Upgraded to gaim-1.5.0.
This fixes some more security issues.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2103
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2102
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2370
(* Security fix *)
slackware/xap/xv-3.10a-s390-2.tgz: Upgraded to the latest XV jumbo
patches, xv-3.10a-jumbo-fix-patch-20050410 and
xv-3.10a-jumbo-enh-patch-20050501. These fix a number of format string
and other possible security issues in addition to providing many other
bugfixes and enhancements.
(Thanks to Greg Roelofs)
(* Security fix *)
+--------------------------+
Tue Dec 20 01:50:00 EDT 2005
slackware/a/kernel-default-2.4.21-s390-2.tgz: Upgraded to IBM's -30 patch
level, with
timer patch version -04.
slackware/a/kernel-modules-2.4.21-s390-2.tgz: Upgraded to IBM's -30 patch
level, with
timer patch version -04.
slackware/d/kernel-headers-2.4.21-s390-2.tgz: Upgraded to IBM's -30 patch
level, with
timer patch version -04.
----------------------------------------------------------------------
For LINUX-390 subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit
http://www.marist.edu/htbin/wlvindex?LINUX-390
