[CLA-2003:741] Conectiva Security Announcement - openssh

From: Conectiva Updates (secure_at_conectiva.com.br)
Date: 09/17/03

  • Next message: Damaged Industries: "Re: Verisign abusing .COM/.NET monopoly, BIND releases new"
    Date: Wed, 17 Sep 2003 18:49:35 -0300
    To: conectiva-updates@papaleguas.conectiva.com.br, lwn@lwn.net, bugtraq@securityfocus.com, security-alerts@linuxsecurity.com, linsec@lists.seifried.org
    
    

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    - --------------------------------------------------------------------------
    CONECTIVA LINUX SECURITY ANNOUNCEMENT
    - --------------------------------------------------------------------------

    PACKAGE : openssh
    SUMMARY : Remote vulnerabilities
    DATE : 2003-09-17 18:48:00
    ID : CLA-2003:741
    RELEVANT
    RELEASES : 7.0, 8, 9

    - -------------------------------------------------------------------------

    DESCRIPTION
     OpenSSH[1] is a very popular and versatile tool that uses encrypted
     connections between hosts and is commonly used for remote
     administration.
     
     This update fixes new vulnerabilities found in the code that handles
     buffers in OpenSSH. These vulnerabilities are similiar to the ones
     fixed in the CLSA-2003:739 announcement[2] (CAN-2003-0693) and can be
     exploited by a remote attacker to cause a denial of service condition
     and potentially execute arbitrary code (although there is still no
     concrete evidence of that).
     
     The Common Vulnerabilities and Exposures project (cve.mitre.org) has
     assigned the name CAN-2003-0695 to this additional issue[3].
     
     The OpenSSH team released the version 3.7.1 which fixes this
     vulnerability[4]. This update contains the versions originally
     distributed with Conectiva Linux added of backported patches.
     
     Additionally, patches made by Solar Designer to fix memory bugs in
     other parts of the code are being added. Althought it is unlikely
     that these bugs are exploitable, they are being treatead as security
     fixes by now and have the name CAN-2003-0682 assigned[5] by The
     Common Vulnerabilities and Exposures project (cve.mitre.org).

    SOLUTION
     It is recommended that all OpenSSH users upgrade their packages.
     
     The ssh service will be automatically restarted during the upgrade if
     it is already running. Current ssh sessions will remain open during
     the restart.
     
     
     REFERENCES:
     1.http://www.openssh.org
     2.http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000739&idioma=en
     3.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0695
     4.http://www.openssh.com/txt/buffer.adv
     5.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0682

    UPDATED PACKAGES
    ftp://atualizacoes.conectiva.com.br/7.0/RPMS/openssh-3.4p1-1U70_3cl.i386.rpm
    ftp://atualizacoes.conectiva.com.br/7.0/RPMS/openssh-askpass-3.4p1-1U70_3cl.i386.rpm
    ftp://atualizacoes.conectiva.com.br/7.0/RPMS/openssh-askpass-gnome-3.4p1-1U70_3cl.i386.rpm
    ftp://atualizacoes.conectiva.com.br/7.0/RPMS/openssh-clients-3.4p1-1U70_3cl.i386.rpm
    ftp://atualizacoes.conectiva.com.br/7.0/RPMS/openssh-server-3.4p1-1U70_3cl.i386.rpm
    ftp://atualizacoes.conectiva.com.br/7.0/SRPMS/openssh-3.4p1-1U70_3cl.src.rpm
    ftp://atualizacoes.conectiva.com.br/8/RPMS/openssh-3.4p1-1U80_3cl.i386.rpm
    ftp://atualizacoes.conectiva.com.br/8/RPMS/openssh-askpass-3.4p1-1U80_3cl.i386.rpm
    ftp://atualizacoes.conectiva.com.br/8/RPMS/openssh-askpass-gnome-3.4p1-1U80_3cl.i386.rpm
    ftp://atualizacoes.conectiva.com.br/8/RPMS/openssh-clients-3.4p1-1U80_3cl.i386.rpm
    ftp://atualizacoes.conectiva.com.br/8/RPMS/openssh-server-3.4p1-1U80_3cl.i386.rpm
    ftp://atualizacoes.conectiva.com.br/8/SRPMS/openssh-3.4p1-1U80_3cl.src.rpm
    ftp://atualizacoes.conectiva.com.br/9/RPMS/openssh-3.5p1-27767U90_2cl.i386.rpm
    ftp://atualizacoes.conectiva.com.br/9/RPMS/openssh-askpass-3.5p1-27767U90_2cl.i386.rpm
    ftp://atualizacoes.conectiva.com.br/9/RPMS/openssh-askpass-gnome-3.5p1-27767U90_2cl.i386.rpm
    ftp://atualizacoes.conectiva.com.br/9/RPMS/openssh-clients-3.5p1-27767U90_2cl.i386.rpm
    ftp://atualizacoes.conectiva.com.br/9/RPMS/openssh-server-3.5p1-27767U90_2cl.i386.rpm
    ftp://atualizacoes.conectiva.com.br/9/SRPMS/openssh-3.5p1-27767U90_2cl.src.rpm

    ADDITIONAL INSTRUCTIONS
     The apt tool can be used to perform RPM packages upgrades:

     - run: apt-get update
     - after that, execute: apt-get upgrade

     Detailed instructions reagarding the use of apt and upgrade examples
     can be found at http://distro.conectiva.com.br/atualizacoes/#apt?idioma=en

    - -------------------------------------------------------------------------
    All packages are signed with Conectiva's GPG key. The key and instructions
    on how to import it can be found at
    http://distro.conectiva.com.br/seguranca/chave/?idioma=en
    Instructions on how to check the signatures of the RPM packages can be
    found at http://distro.conectiva.com.br/seguranca/politica/?idioma=en

    - -------------------------------------------------------------------------
    All our advisories and generic update instructions can be viewed at
    http://distro.conectiva.com.br/atualizacoes/?idioma=en

    - -------------------------------------------------------------------------
    Copyright (c) 2003 Conectiva Inc.
    http://www.conectiva.com

    - -------------------------------------------------------------------------
    subscribe: conectiva-updates-subscribe@papaleguas.conectiva.com.br
    unsubscribe: conectiva-updates-unsubscribe@papaleguas.conectiva.com.br
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.0.6 (GNU/Linux)
    Comment: For info see http://www.gnupg.org

    iD8DBQE/aNbu42jd0JmAcZARAnByAJ4la1+ZTsDPuuQoFcu4ygjk406b5wCg11KG
    KWI0pS7VlyuaHtgastTIZrA=
    =QKv8
    -----END PGP SIGNATURE-----


  • Next message: Damaged Industries: "Re: Verisign abusing .COM/.NET monopoly, BIND releases new"

    Relevant Pages

    • [CLA-2004:821] Conectiva Security Announcement - XFree86
      ... Greg MacManus from iDEFENSE Labs discoveredtwo vulnerabilities ... in the way the X server deals with font files. ... It is recommended that all XFree86 users upgrade their packages. ... Detailed instructions regarding the use of apt and upgrade examples ...
      (Bugtraq)
    • [CLA-2004:866] Conectiva Security Announcement - qt3
      ... Fixes for image loader vulnerabilities ... It is recommended that all qt users upgrade their packages. ... Detailed instructions regarding the use of apt and upgrade examples ...
      (Bugtraq)
    • [CLA-2003:662] Conectiva Security Announcement - ethereal
      ... These vulnerabilities can be exploited ... All ethereal users should upgrade their packages. ... Detailed instructions reagarding the use of apt and upgrade examples ...
      (Bugtraq)
    • [CLA-2003:751] Conectiva Security Announcement - openssl
      ... SUMMARY: Remote vulnerabilities ... in the OpenSSL implementation: ... It is recommended that all users upgrade their openssl packages. ... Detailed instructions reagarding the use of apt and upgrade examples ...
      (Bugtraq)
    • [CLA-2003:738] Conectiva Security Announcement - pine
      ... Pine is a mail and news text based client developed by the Washington ... This update fixes two pine remote vulnerabilities found by ... The apt tool can be used to perform RPM packages upgrades: ... Detailed instructions reagarding the use of apt and upgrade examples ...
      (Bugtraq)