From secure@conectiva.com.br Wed Oct 22 16:06:00 2003 From: Conectiva Updates To: conectiva-updates@papaleguas.conectiva.com.br, lwn@lwn.net, bugtraq@securityfocus.com, security-alerts@linuxsecurity.com, linsec@lists.seifried.org Date: Wed, 22 Oct 2003 17:55:57 -0200 Subject: [CLA-2003:769] Conectiva Security Announcement - sane -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- CONECTIVA LINUX SECURITY ANNOUNCEMENT - -------------------------------------------------------------------------- PACKAGE : sane SUMMARY : Vulnerabilities in saned and in temporary files handling DATE : 2003-10-22 17:55:00 ID : CLA-2003:769 RELEVANT RELEASES : 7.0, 8, 9 - ------------------------------------------------------------------------- DESCRIPTION SANE (Scanner Access Now Easy) is an interface to both local and networked scanners and other image acquisition devices. The sane package contains several scanner drivers, utilities and saned, a application that allows the sharing of scanners across a network. This update fixes several vulnerabilities in the sane package: - Remote vulnerabilities in saned. These vulnerabilities can be exploited by remote attackers to cause a denial of service or even execute arbitrary code with the privileges of the user running saned (which is usually root). The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned[1,2,3,4,5,6] the names CAN-2003-0773, CAN-2003-0774, CAN-2003-0775, CAN-2003-0776, CAN-2003-0777 and CAN-2003-0778 to these issues. - Temporary file handling vulnerabilities (does not affect Conectiva Linux 9). In several sane backends (drivers), temporary files are created in an unsafe manner. A local attacker can exploit these vulnerabilities to overwrite arbitrary system or user files. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2001-0890[7] to this issue. The Conectiva Linux 9 package (sane-1.0.9) also includes fixes for a bug[8] in the plustek driver which may cause hardware damage in EPSON 1260 scanners (previous versions do not contain the driver). SOLUTION All users of the sane package should upgrade. REFERENCES: 1.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0773 2.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0774 3.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0775 4.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0776 5.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0777 6.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0778 7.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0890 8.http://www.gjaeger.de/scanner/plustek.html#epson UPDATED PACKAGES ftp://atualizacoes.conectiva.com.br/7.0/RPMS/sane-1.0.4-3U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/sane-devel-1.0.4-3U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/sane-devel-static-1.0.4-3U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/SRPMS/sane-1.0.4-3U70_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/8/RPMS/sane-1.0.6-3U80_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/8/RPMS/sane-devel-1.0.6-3U80_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/8/RPMS/sane-devel-static-1.0.6-3U80_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/8/SRPMS/sane-1.0.6-3U80_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/9/RPMS/sane-1.0.9-23360U90_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/9/RPMS/sane-devel-1.0.9-23360U90_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/9/RPMS/sane-devel-static-1.0.9-23360U90_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/9/SRPMS/sane-1.0.9-23360U90_1cl.src.rpm ADDITIONAL INSTRUCTIONS The apt tool can be used to perform RPM packages upgrades: - run: apt-get update - after that, execute: apt-get upgrade Detailed instructions reagarding the use of apt and upgrade examples can be found at http://distro.conectiva.com.br/atualizacoes/#apt?idioma=en - ------------------------------------------------------------------------- All packages are signed with Conectiva's GPG key. The key and instructions on how to import it can be found at http://distro.conectiva.com.br/seguranca/chave/?idioma=en Instructions on how to check the signatures of the RPM packages can be found at http://distro.conectiva.com.br/seguranca/politica/?idioma=en - ------------------------------------------------------------------------- All our advisories and generic update instructions can be viewed at http://distro.conectiva.com.br/atualizacoes/?idioma=en - ------------------------------------------------------------------------- Copyright (c) 2003 Conectiva Inc. http://www.conectiva.com - ------------------------------------------------------------------------- subscribe: conectiva-updates-subscribe@papaleguas.conectiva.com.br unsubscribe: conectiva-updates-unsubscribe@papaleguas.conectiva.com.br -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE/luDM42jd0JmAcZARAqfJAJ9Ua/3VDbbbbASQFDe303KOMFdXyQCdGwz4 Fz1fwvgojBjRZSI4oODNbAE= =smmb -----END PGP SIGNATURE-----