Skip Navigation

  • Home
  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
  • Protecting your assets
  • Products and services
    • CSIRTUK advisories
      • Advisories archive
    • General protective security publications
    • InfoSec briefings
    • InfoSec technical notes
    • InfoSec vulnerability disclosures
    • Good practice guidelines
    • Viewpoints
    • Information exchanges
    • Risk Management Delivery Group
  • Research
Home > Products and services > CSIRTUK advisories > Advisories archive > April 2005 > Five Mandriva Linux Security Update Advisories: 1. MDKSA-2005:073 - cvs 2. MDKSA-2005:074 - gnome-vfs2 3. MDKSA-2005:075 - libcdaudio1 4. MDKSA-2005:076 - xli 5. MDKSA-2005:077 - cdrecord

April 2005

Five Mandriva Linux Security Update Advisories: 1. MDKSA-2005:073 - cvs 2. MDKSA-2005:074 - gnome-vfs2 3. MDKSA-2005:075 - libcdaudio1 4. MDKSA-2005:076 - xli 5. MDKSA-2005:077 - cdrecord

ID: 00344
Ref: 318/2005
Date: 21 April 2005:11:38:28
Version: 1
Title: Five Mandriva Linux Security Update Advisories: 1. MDKSA-2005:073 - cvs 2. MDKSA-2005:074 - gnome-vfs2 3. MDKSA-2005:075 - libcdaudio1 4. MDKSA-2005:076 - xli 5. MDKSA-2005:077 - cdrecord
Abstract:
Vendors affected: Mandriva
Operating systems affected: Mandriva
Applications affected: Mandriva
Title
=====

Five Mandriva Linux Security Update Advisories:

1. MDKSA-2005:073 - cvs

2. MDKSA-2005:074 - gnome-vfs2

3. MDKSA-2005:075 - libcdaudio1

4. MDKSA-2005:076 - xli

5. MDKSA-2005:077 - cdrecord


Detail
======

1. A buffer overflow and memory access problem in CVS have been
discovered by the CVS maintainer. The updated packages have been
patched to correct the problem.

2. A buffer overflow bug was found by Joseph VanAndel in the way that grip
handles data returned by CDDB servers. If a user connected to a
malicious CDDB server, an attacker could execute arbitrary code on the
user's machine. This same vulnerability is present in the gnome-vfs2
code.

3. A buffer overflow bug was found by Joseph VanAndel in the way that grip
handles data returned by CDDB servers. If a user connected to a
malicious CDDB server, an attacker could execute arbitrary code on the
user's machine. This same vulnerability is present in the libcdaudio1
code.

4. A number of vulnerabilities have been found in the xli image viewer.
Tavis Ormandy of the Gentoo Linux Security Audit Team discovered a flaw
in the handling of compressed images where shell meta-characters are
not properly escaped (CAN-2005-0638). It was also found that
insufficient validation of image properties could potentially result
in buffer management errors (CAN-2005-0639).

5. Javier Fernandez-Sanguino Pena discovered that cdrecord created
temporary files in an insecure manner if DEBUG was enabled in
/etc/cdrecord/rscsi. If the default value was used (which stored
the debug output file in /tmp), a symbolic link attack could be used
to create or overwrite arbitrary files with the privileges of the
user invoking cdrecord. Please note that by default this configuration
file does not exist in Mandriva Linux so unless you create it and
enable DEBUG, this does not affect you.



1.




- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Update Advisory
_______________________________________________________________________

Package name: cvs
Advisory ID: MDKSA-2005:073
Date: April 20th, 2005

Affected versions: 10.0, 10.1, 10.2, Corporate 3.0,
Corporate Server 2.1
______________________________________________________________________

Problem Description:

A buffer overflow and memory access problem in CVS have been
discovered by the CVS maintainer. The updated packages have been
patched to correct the problem.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0753
______________________________________________________________________

Updated Packages:

Mandrakelinux 10.0:
fcca52a87c10c21980b5bb82e4146cd7 10.0/RPMS/cvs-1.11.17-1.2.100mdk.i586.rpm
3a8336cdfb01ebac7238dd2a90557cd0 10.0/SRPMS/cvs-1.11.17-1.2.100mdk.src.rpm

Mandrakelinux 10.0/AMD64:
ebc0e0ca427a6a4af5e8cb3a02be6d10 amd64/10.0/RPMS/cvs-1.11.17-1.2.100mdk.amd64.rpm
3a8336cdfb01ebac7238dd2a90557cd0 amd64/10.0/SRPMS/cvs-1.11.17-1.2.100mdk.src.rpm

Mandrakelinux 10.1:
26f8c84536a69f008748013d58fa9731 10.1/RPMS/cvs-1.11.17-2.1.101mdk.i586.rpm
a78c97927dbf5531c72170c41a1b848c 10.1/SRPMS/cvs-1.11.17-2.1.101mdk.src.rpm

Mandrakelinux 10.1/X86_64:
fc4c1cf58191170ddc0e0c3d93c943b4 x86_64/10.1/RPMS/cvs-1.11.17-2.1.101mdk.x86_64.rpm
a78c97927dbf5531c72170c41a1b848c x86_64/10.1/SRPMS/cvs-1.11.17-2.1.101mdk.src.rpm

Mandrakelinux 10.2:
bde89da06e586ed4b1540c74758b16be 10.2/RPMS/cvs-1.11.19-1.1.102mdk.i586.rpm
3fbedcddb4d39abf1ea4197ab3ab8458 10.2/SRPMS/cvs-1.11.19-1.1.102mdk.src.rpm

Mandrakelinux 10.2/X86_64:
4363551cd317f849f3a456ab6175db1e x86_64/10.2/RPMS/cvs-1.11.19-1.1.102mdk.x86_64.rpm
3fbedcddb4d39abf1ea4197ab3ab8458 x86_64/10.2/SRPMS/cvs-1.11.19-1.1.102mdk.src.rpm

Corporate Server 2.1:
2f8c375ffdf2a5c842fa28f317c50a62 corporate/2.1/RPMS/cvs-1.11.17-1.2.C21mdk.i586.rpm
71bf64c5d64b7e7d8a051120f6fa3ea3 corporate/2.1/SRPMS/cvs-1.11.17-1.2.C21mdk.src.rpm

Corporate Server 2.1/X86_64:
0bbb0a61241de7ea552a22f1bcee49e2 x86_64/corporate/2.1/RPMS/cvs-1.11.17-1.2.C21mdk.x86_64.rpm
71bf64c5d64b7e7d8a051120f6fa3ea3 x86_64/corporate/2.1/SRPMS/cvs-1.11.17-1.2.C21mdk.src.rpm

Corporate 3.0:
64346680df70221e6c8340fecdd383a1 corporate/3.0/RPMS/cvs-1.11.17-1.2.C30mdk.i586.rpm
1c5fd32822539582ce9f513f827d7697 corporate/3.0/SRPMS/cvs-1.11.17-1.2.C30mdk.src.rpm

Corporate 3.0/X86_64:
66cd15abb301b08dc0c00c06829e6d2e x86_64/corporate/3.0/RPMS/cvs-1.11.17-1.2.C30mdk.x86_64.rpm
1c5fd32822539582ce9f513f827d7697 x86_64/corporate/3.0/SRPMS/cvs-1.11.17-1.2.C30mdk.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team


- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFCZ05PmqjQ0CJFipgRAja0AKClud6aVXXzLf9H+4rKvmThSfueOACeMV9z
ycCUcaUBp3qQvvnfQoZzZTA=
=xn3B
- -----END PGP SIGNATURE-----

2.

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Update Advisory
_______________________________________________________________________

Package name: gnome-vfs2
Advisory ID: MDKSA-2005:074
Date: April 20th, 2005

Affected versions: 10.1, 10.2, Corporate 3.0
______________________________________________________________________

Problem Description:

A buffer overflow bug was found by Joseph VanAndel in the way that grip
handles data returned by CDDB servers. If a user connected to a
malicious CDDB server, an attacker could execute arbitrary code on the
user's machine. This same vulnerability is present in the gnome-vfs2
code.

The updated packages have been patched to correct these issues.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0706
______________________________________________________________________

Updated Packages:

Mandrakelinux 10.1:
5239e6ab9f4a24c2989ff2317c743cb0 10.1/RPMS/gnome-vfs2-2.6.2-7.1.101mdk.i586.rpm
08d6d7dcebd62773620441ef1c35eb58 10.1/RPMS/libgnome-vfs2_0-2.6.2-7.1.101mdk.i586.rpm
2a7241618cf989091dcf75e60e2a1041 10.1/RPMS/libgnome-vfs2_0-devel-2.6.2-7.1.101mdk.i586.rpm
765d4f62ab8e314a96e419b5c51d540b 10.1/SRPMS/gnome-vfs2-2.6.2-7.1.101mdk.src.rpm

Mandrakelinux 10.1/X86_64:
4251d3ab183bbfbd0ef4a79b65740004 x86_64/10.1/RPMS/gnome-vfs2-2.6.2-7.1.101mdk.x86_64.rpm
c2b54afacf29f7148561a3e7f8bc3695 x86_64/10.1/RPMS/lib64gnome-vfs2_0-2.6.2-7.1.101mdk.x86_64.rpm
8c64c5379d83bf9e001617bae1935376 x86_64/10.1/RPMS/lib64gnome-vfs2_0-devel-2.6.2-7.1.101mdk.x86_64.rpm
765d4f62ab8e314a96e419b5c51d540b x86_64/10.1/SRPMS/gnome-vfs2-2.6.2-7.1.101mdk.src.rpm

Mandrakelinux 10.2:
f60b317e9d82a64311e8fa76db389fea 10.2/RPMS/gnome-vfs2-2.8.4-6.1.102mdk.i586.rpm
83aaa09f41d650de8c216fca5eb1b854 10.2/RPMS/libgnome-vfs2_0-2.8.4-6.1.102mdk.i586.rpm
a74279c606173fd42e83e6507a7c206b 10.2/RPMS/libgnome-vfs2_0-devel-2.8.4-6.1.102mdk.i586.rpm
ea5d978ff12a70686c29fd84c461558a 10.2/SRPMS/gnome-vfs2-2.8.4-6.1.102mdk.src.rpm

Mandrakelinux 10.2/X86_64:
aa889240e8867ec7289578036104c623 x86_64/10.2/RPMS/gnome-vfs2-2.8.4-6.1.102mdk.x86_64.rpm
e7224a715c8ea987c077adea71e29279 x86_64/10.2/RPMS/lib64gnome-vfs2_0-2.8.4-6.1.102mdk.x86_64.rpm
9e681bf74cb71e378e9eb1307159e2ce x86_64/10.2/RPMS/lib64gnome-vfs2_0-devel-2.8.4-6.1.102mdk.x86_64.rpm
ea5d978ff12a70686c29fd84c461558a x86_64/10.2/SRPMS/gnome-vfs2-2.8.4-6.1.102mdk.src.rpm

Corporate 3.0:
216b2f6d3459328b757d03336da09d38 corporate/3.0/RPMS/gnome-vfs2-2.4.2-5.1.C30mdk.i586.rpm
af59a9db5ce5ededd91d3b6dff4e7c39 corporate/3.0/RPMS/libgnome-vfs2_0-2.4.2-5.1.C30mdk.i586.rpm
2d1516b9c4ff998116c1dac5dabe95a5 corporate/3.0/RPMS/libgnome-vfs2_0-devel-2.4.2-5.1.C30mdk.i586.rpm
03ba3b26530b88ca8c18fb41f9681018 corporate/3.0/SRPMS/gnome-vfs2-2.4.2-5.1.C30mdk.src.rpm

Corporate 3.0/X86_64:
5645d370f2a7b81c17bff2c70a4a91c0 x86_64/corporate/3.0/RPMS/gnome-vfs2-2.4.2-5.1.C30mdk.x86_64.rpm
b78fb0708a038607dbb1f3d970a13bff x86_64/corporate/3.0/RPMS/lib64gnome-vfs2_0-2.4.2-5.1.C30mdk.x86_64.rpm
5afd9d1f2c4193d72a0b2780c011bbf7 x86_64/corporate/3.0/RPMS/lib64gnome-vfs2_0-devel-2.4.2-5.1.C30mdk.x86_64.rpm
03ba3b26530b88ca8c18fb41f9681018 x86_64/corporate/3.0/SRPMS/gnome-vfs2-2.4.2-5.1.C30mdk.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team


- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFCZ1AFmqjQ0CJFipgRAku4AKDA72sSbNu90ACROKkbd5ePrPiXRwCdHJBe
bGLmzBiW6hphFqqgXjt9oVw=
=oblf
- -----END PGP SIGNATURE-----



3.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Update Advisory
_______________________________________________________________________

Package name: libcdaudio1
Advisory ID: MDKSA-2005:075
Date: April 20th, 2005

Affected versions: 10.1, 10.2, Corporate 3.0
______________________________________________________________________

Problem Description:

A buffer overflow bug was found by Joseph VanAndel in the way that grip
handles data returned by CDDB servers. If a user connected to a
malicious CDDB server, an attacker could execute arbitrary code on the
user's machine. This same vulnerability is present in the libcdaudio1
code.

The updated packages have been patched to correct these issues.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0706
______________________________________________________________________

Updated Packages:

Mandrakelinux 10.1:
6b6b43013c8594c16da0cf2a9ec2f2fd 10.1/RPMS/libcdaudio1-0.99.10-1.1.101mdk.i586.rpm
229ee3bc3f3ebfb85a482380d32a63c7 10.1/RPMS/libcdaudio1-devel-0.99.10-1.1.101mdk.i586.rpm
b4986769b509c34bbf80a465cd628261 10.1/SRPMS/libcdaudio1-0.99.10-1.1.101mdk.src.rpm

Mandrakelinux 10.1/X86_64:
e7cb79b96945b05b6d65f7dc1f0823aa x86_64/10.1/RPMS/lib64cdaudio1-0.99.10-1.1.101mdk.x86_64.rpm
434e689a7ced3a5592f1c519e6f3e3ad x86_64/10.1/RPMS/lib64cdaudio1-devel-0.99.10-1.1.101mdk.x86_64.rpm
b4986769b509c34bbf80a465cd628261 x86_64/10.1/SRPMS/libcdaudio1-0.99.10-1.1.101mdk.src.rpm

Mandrakelinux 10.2:
ee21e09a1917573c3af0cd27dd5a4dbd 10.2/RPMS/libcdaudio1-0.99.10-2.1.102mdk.i586.rpm
f045fee3533042555b6f59a813f345de 10.2/RPMS/libcdaudio1-devel-0.99.10-2.1.102mdk.i586.rpm
b7d2b5021a3d5a86a65f46590107461c 10.2/SRPMS/libcdaudio1-0.99.10-2.1.102mdk.src.rpm

Mandrakelinux 10.2/X86_64:
febb2d2983baf1fd010c366ea6d9eba8 x86_64/10.2/RPMS/lib64cdaudio1-0.99.10-2.1.102mdk.x86_64.rpm
b6fa99c0e8ad0352200b8294215193ef x86_64/10.2/RPMS/lib64cdaudio1-devel-0.99.10-2.1.102mdk.x86_64.rpm
b7d2b5021a3d5a86a65f46590107461c x86_64/10.2/SRPMS/libcdaudio1-0.99.10-2.1.102mdk.src.rpm

Corporate 3.0:
49fa757ff390c91bbe7a4e0b7a680896 corporate/3.0/RPMS/libcdaudio1-0.99.9-1.1.C30mdk.i586.rpm
fd66c86e5c78d3f62972ade197ee853f corporate/3.0/RPMS/libcdaudio1-devel-0.99.9-1.1.C30mdk.i586.rpm
cbfab4f961b261dfed335d754e2d29d3 corporate/3.0/SRPMS/libcdaudio1-0.99.9-1.1.C30mdk.src.rpm

Corporate 3.0/X86_64:
f0898885e18312e1b7fb7db408543a76 x86_64/corporate/3.0/RPMS/libcdaudio1-0.99.9-1.1.C30mdk.x86_64.rpm
211e09953905bb39582e80f73f26863e x86_64/corporate/3.0/RPMS/libcdaudio1-devel-0.99.9-1.1.C30mdk.x86_64.rpm
cbfab4f961b261dfed335d754e2d29d3 x86_64/corporate/3.0/SRPMS/libcdaudio1-0.99.9-1.1.C30mdk.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team


- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFCZ1EsmqjQ0CJFipgRAmiUAKCQUmIC86E2fwyCm8rWr1EmRZOiFQCfdPuM
HFP8umjYjQ2IDmP01fsD48E=
=cDPi
- -----END PGP SIGNATURE-----



4.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Update Advisory
_______________________________________________________________________

Package name: xli
Advisory ID: MDKSA-2005:076
Date: April 20th, 2005

Affected versions: 10.1, 10.2, Corporate 3.0,
Corporate Server 2.1
______________________________________________________________________

Problem Description:

A number of vulnerabilities have been found in the xli image viewer.
Tavis Ormandy of the Gentoo Linux Security Audit Team discovered a flaw
in the handling of compressed images where shell meta-characters are
not properly escaped (CAN-2005-0638). It was also found that
insufficient validation of image properties could potentially result
in buffer management errors (CAN-2005-0639).

The updated packages have been patched to correct these problems.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0638
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0639
______________________________________________________________________

Updated Packages:

Mandrakelinux 10.1:
f5ad03e5bb1c8b93fc1ebca1d7e2e111 10.1/RPMS/xli-1.17.0-8.1.101mdk.i586.rpm
757220d489a0cbafd393140ea7d5e205 10.1/SRPMS/xli-1.17.0-8.1.101mdk.src.rpm

Mandrakelinux 10.1/X86_64:
e798f226cabe865cd3b0a8f3f9292b6d x86_64/10.1/RPMS/xli-1.17.0-8.1.101mdk.x86_64.rpm
757220d489a0cbafd393140ea7d5e205 x86_64/10.1/SRPMS/xli-1.17.0-8.1.101mdk.src.rpm

Mandrakelinux 10.2:
5e5bbac4a40ffc0f7156e671eb920ea0 10.2/RPMS/xli-1.17.0-8.1.102mdk.i586.rpm
d6ee5ee583d8415f0028b2854ed19b3b 10.2/SRPMS/xli-1.17.0-8.1.102mdk.src.rpm

Mandrakelinux 10.2/X86_64:
b49c19725cbc2850ead82731758fe8d8 x86_64/10.2/RPMS/xli-1.17.0-8.1.102mdk.x86_64.rpm
d6ee5ee583d8415f0028b2854ed19b3b x86_64/10.2/SRPMS/xli-1.17.0-8.1.102mdk.src.rpm

Corporate Server 2.1:
c89d695075c7117381d50301745bc82e corporate/2.1/RPMS/xli-1.17.0-4.1.C21mdk.i586.rpm
c219935cd3fb090af95d6467919faff1 corporate/2.1/SRPMS/xli-1.17.0-4.1.C21mdk.src.rpm

Corporate Server 2.1/X86_64:
8b4a39d741f4eb8fde469411359cad5b x86_64/corporate/2.1/RPMS/xli-1.17.0-4.1.C21mdk.x86_64.rpm
c219935cd3fb090af95d6467919faff1 x86_64/corporate/2.1/SRPMS/xli-1.17.0-4.1.C21mdk.src.rpm

Corporate 3.0:
fdbf0745aeb6733d6894afa089ac7dd2 corporate/3.0/RPMS/xli-1.17.0-8.2.C30mdk.i586.rpm
88043776962e4a8bed6b538ae8d28824 corporate/3.0/SRPMS/xli-1.17.0-8.2.C30mdk.src.rpm

Corporate 3.0/X86_64:
ac33b6d6d9475104bb25c2bde9dfe0c7 x86_64/corporate/3.0/RPMS/xli-1.17.0-8.2.C30mdk.x86_64.rpm
88043776962e4a8bed6b538ae8d28824 x86_64/corporate/3.0/SRPMS/xli-1.17.0-8.2.C30mdk.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team


- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFCZ1IJmqjQ0CJFipgRAjuRAKC+hW1sMUuM5yJN5UfSQ4nny/aFmgCeJ5zb
7no1gaq2GPMYobcTEPhHiAU=
=NSEJ
- -----END PGP SIGNATURE-----


5.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Update Advisory
_______________________________________________________________________

Package name: cdrecord
Advisory ID: MDKSA-2005:077
Date: April 20th, 2005

Affected versions: 10.0, 10.1, 10.2, Corporate 3.0,
Corporate Server 2.1
______________________________________________________________________

Problem Description:

Javier Fernandez-Sanguino Pena discovered that cdrecord created
temporary files in an insecure manner if DEBUG was enabled in
/etc/cdrecord/rscsi. If the default value was used (which stored
the debug output file in /tmp), a symbolic link attack could be used
to create or overwrite arbitrary files with the privileges of the
user invoking cdrecord. Please note that by default this configuration
file does not exist in Mandriva Linux so unless you create it and
enable DEBUG, this does not affect you.

The updated packages have been patched to correct these issues.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0866
http://bugs.debian.org/291376
______________________________________________________________________

Updated Packages:

Mandrakelinux 10.0:
b76b1f88a021c51f2ed0e01e1655cced 10.0/RPMS/cdrecord-2.01-0.a28.3.100mdk.i586.rpm
647980c29121e4cb656e0786007e6e5c 10.0/RPMS/cdrecord-cdda2wav-2.01-0.a28.3.100mdk.i586.rpm
31e3ed2e746db7f53914d063c4cb1ad0 10.0/RPMS/cdrecord-devel-2.01-0.a28.3.100mdk.i586.rpm
7715dc6d38cf9f89be7ec823ce3ae80a 10.0/RPMS/mkisofs-2.01-0.a28.3.100mdk.i586.rpm
ba546809bbddf8d3034e19a9eb7b302d 10.0/SRPMS/cdrecord-2.01-0.a28.3.100mdk.src.rpm

Mandrakelinux 10.0/AMD64:
1bc7d6c833f4457fd95f17f98d79015a amd64/10.0/RPMS/cdrecord-2.01-0.a28.3.100mdk.amd64.rpm
1ddb746abc3a1330b4807a024b3ca9ee amd64/10.0/RPMS/cdrecord-cdda2wav-2.01-0.a28.3.100mdk.amd64.rpm
ddf466f2357364d42486693b4532240f amd64/10.0/RPMS/cdrecord-devel-2.01-0.a28.3.100mdk.amd64.rpm
e899df2f7be3e50b0bd59aef795ffa52 amd64/10.0/RPMS/mkisofs-2.01-0.a28.3.100mdk.amd64.rpm
ba546809bbddf8d3034e19a9eb7b302d amd64/10.0/SRPMS/cdrecord-2.01-0.a28.3.100mdk.src.rpm

Mandrakelinux 10.1:
794bf04c820b0260d0e694f062c905f2 10.1/RPMS/cdrecord-2.01-1.1.101mdk.i586.rpm
42ec8777385b893d8251599570c36c73 10.1/RPMS/cdrecord-cdda2wav-2.01-1.1.101mdk.i586.rpm
3d058e44f07c83879278baaa495e8450 10.1/RPMS/cdrecord-devel-2.01-1.1.101mdk.i586.rpm
e6a9c9c198b54ea22adc0bd7911cffaf 10.1/RPMS/cdrecord-isotools-2.01-1.1.101mdk.i586.rpm
c1c45207be3fd2ca3aefb58a644bc82a 10.1/RPMS/cdrecord-vanilla-2.01-1.1.101mdk.i586.rpm
37ab3e2083acb6faa1e7b36afe2165a7 10.1/RPMS/mkisofs-2.01-1.1.101mdk.i586.rpm
768f4f60b9790fac5b557746c98e3505 10.1/SRPMS/cdrecord-2.01-1.1.101mdk.src.rpm

Mandrakelinux 10.1/X86_64:
e8480e54f0ceb69ad4b24ef8a708a9b9 x86_64/10.1/RPMS/cdrecord-2.01-1.1.101mdk.x86_64.rpm
6599dacd7cc7f2348afc4b163f958364 x86_64/10.1/RPMS/cdrecord-cdda2wav-2.01-1.1.101mdk.x86_64.rpm
1701e03afa8804c5c98322a90af10ba5 x86_64/10.1/RPMS/cdrecord-devel-2.01-1.1.101mdk.x86_64.rpm
2cfb1b7cd36e366f9f869934a580a996 x86_64/10.1/RPMS/cdrecord-isotools-2.01-1.1.101mdk.x86_64.rpm
77cbb47faa8da69d4757043a50163c97 x86_64/10.1/RPMS/cdrecord-vanilla-2.01-1.1.101mdk.x86_64.rpm
1ecb8362b876ba63d81bafc0079db541 x86_64/10.1/RPMS/mkisofs-2.01-1.1.101mdk.x86_64.rpm
768f4f60b9790fac5b557746c98e3505 x86_64/10.1/SRPMS/cdrecord-2.01-1.1.101mdk.src.rpm

Mandrakelinux 10.2:
e88cb26c11fa7db8cc0d635dc3f09746 10.2/RPMS/cdrecord-2.01.01-0.a01.6.1.102mdk.i586.rpm
d581a2787035515872382465d5a0b52d 10.2/RPMS/cdrecord-cdda2wav-2.01.01-0.a01.6.1.102mdk.i586.rpm
96f46be6665c42b4a24f03cdfecda60f 10.2/RPMS/cdrecord-devel-2.01.01-0.a01.6.1.102mdk.i586.rpm
a7abba59fdf0e767c2d6029ea681c457 10.2/RPMS/cdrecord-isotools-2.01.01-0.a01.6.1.102mdk.i586.rpm
51a00a1b64e8ec4ea09b399ebfce1da1 10.2/RPMS/cdrecord-vanilla-2.01.01-0.a01.6.1.102mdk.i586.rpm
33bab4de7eced57809cb3e88fd4da58c 10.2/RPMS/mkisofs-2.01.01-0.a01.6.1.102mdk.i586.rpm
f3fb0008491fe53605279f76b218cb8d 10.2/SRPMS/cdrecord-2.01.01-0.a01.6.1.102mdk.src.rpm

Mandrakelinux 10.2/X86_64:
15a112f392f250ea82a2bc54bb74f32f x86_64/10.2/RPMS/cdrecord-2.01.01-0.a01.6.1.102mdk.x86_64.rpm
7c872b9867899f5b7f4c30c37ca1c4e0 x86_64/10.2/RPMS/cdrecord-cdda2wav-2.01.01-0.a01.6.1.102mdk.x86_64.rpm
06ebe0c9e9f8c1366d19122d77841270 x86_64/10.2/RPMS/cdrecord-devel-2.01.01-0.a01.6.1.102mdk.x86_64.rpm
fe2c5214b8e5765326177a606afd8995 x86_64/10.2/RPMS/cdrecord-isotools-2.01.01-0.a01.6.1.102mdk.x86_64.rpm
3f16d1f23475953132c39e73d5a5eb36 x86_64/10.2/RPMS/cdrecord-vanilla-2.01.01-0.a01.6.1.102mdk.x86_64.rpm
d41ca3a964192961a8df1ebc51d74b14 x86_64/10.2/RPMS/mkisofs-2.01.01-0.a01.6.1.102mdk.x86_64.rpm
f3fb0008491fe53605279f76b218cb8d x86_64/10.2/SRPMS/cdrecord-2.01.01-0.a01.6.1.102mdk.src.rpm

Corporate Server 2.1:
41f690bdc4e9ed38a5e07b441dc68e2e corporate/2.1/RPMS/cdrecord-1.11-0.a32.1.2.C21mdk.i586.rpm
21fd0a4f61d96d8099bfc7e420078997 corporate/2.1/RPMS/cdrecord-cdda2wav-1.11-0.a32.1.2.C21mdk.i586.rpm
a88c902c395ab6922bd187bdb89f9f37 corporate/2.1/RPMS/cdrecord-devel-1.11-0.a32.1.2.C21mdk.i586.rpm
a256764d4fa4206aa252b6abb9826a07 corporate/2.1/RPMS/cdrecord-dvdhack-1.11-0.a32.1.2.C21mdk.i586.rpm
3afc5d3ae2642fc622ba33a70982f22b corporate/2.1/RPMS/mkisofs-1.15-0.a32.1.2.C21mdk.i586.rpm
9d0ad887fde0366818d4efd867a024c3 corporate/2.1/SRPMS/cdrecord-1.11-0.a32.1.2.C21mdk.src.rpm

Corporate Server 2.1/X86_64:
3a2e0f073569f2b3cfebc2048894515a x86_64/corporate/2.1/RPMS/cdrecord-1.11-0.a32.1.2.C21mdk.x86_64.rpm
71680076240e7ec0166416eb73e7af7a x86_64/corporate/2.1/RPMS/cdrecord-cdda2wav-1.11-0.a32.1.2.C21mdk.x86_64.rpm
7395c0654192b3bc1cf2ba298c82df46 x86_64/corporate/2.1/RPMS/cdrecord-devel-1.11-0.a32.1.2.C21mdk.x86_64.rpm
9f2de918b15db99cf89e1e6d3c86c24f x86_64/corporate/2.1/RPMS/cdrecord-dvdhack-1.11-0.a32.1.2.C21mdk.x86_64.rpm
2644ac211232f9a10aa1519b00f5e364 x86_64/corporate/2.1/RPMS/mkisofs-1.15-0.a32.1.2.C21mdk.x86_64.rpm
9d0ad887fde0366818d4efd867a024c3 x86_64/corporate/2.1/SRPMS/cdrecord-1.11-0.a32.1.2.C21mdk.src.rpm

Corporate 3.0:
3352fc19b054b565996b0322db3ced25 corporate/3.0/RPMS/cdrecord-2.01-0.a28.3.C30mdk.i586.rpm
46df5e69acd47306efcb732942a0365b corporate/3.0/RPMS/cdrecord-cdda2wav-2.01-0.a28.3.C30mdk.i586.rpm
8addf58eff5059b2f10daab5766db805 corporate/3.0/RPMS/cdrecord-devel-2.01-0.a28.3.C30mdk.i586.rpm
70c2e71dfaa1f44962a123becf6ec988 corporate/3.0/RPMS/mkisofs-2.01-0.a28.3.C30mdk.i586.rpm
5f772fbe88aab2ae890b71e46c83976f corporate/3.0/SRPMS/cdrecord-2.01-0.a28.3.C30mdk.src.rpm

Corporate 3.0/X86_64:
11a0aaf96ba4ea707fdbe421ad0dd9ad x86_64/corporate/3.0/RPMS/cdrecord-2.01-0.a28.3.C30mdk.x86_64.rpm
a8ea5673da05ec4bdbbd95e4c85b91e1 x86_64/corporate/3.0/RPMS/cdrecord-cdda2wav-2.01-0.a28.3.C30mdk.x86_64.rpm
384896d7b6ad11ad8eafac6db166ef8e x86_64/corporate/3.0/RPMS/cdrecord-devel-2.01-0.a28.3.C30mdk.x86_64.rpm
07615c675d0a11b2f4b78db6d2ba2736 x86_64/corporate/3.0/RPMS/mkisofs-2.01-0.a28.3.C30mdk.x86_64.rpm
5f772fbe88aab2ae890b71e46c83976f x86_64/corporate/3.0/SRPMS/cdrecord-2.01-0.a28.3.C30mdk.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team


- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFCZ1OAmqjQ0CJFipgRAideAJ9YPKcVLcK7lfsggj8X28ELtETxtQCffkye
K2ljRmUOow003gkCohr01X8=
=hGQi
- -----END PGP SIGNATURE-----
  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |