From debian-security-announce@lists.debian.org Mon Apr 14 16:44:43 2003 From: debian-security-announce@lists.debian.org Resent-From: list@murphy.debian.org (SmartList) To: full-disclosure@lists.netsys.com Date: Mon, 14 Apr 2003 15:19:06 +0200 (CEST) Reply-To: full-disclosure@lists.netsys.com Subject: [Full-Disclosure] [SECURITY] [DSA 285-1] New lprng packages fix insecure temporary file creation -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 285-1 security@debian.org http://www.debian.org/security/ Martin Schulze April 14th, 2003 http://www.debian.org/security/faq - -------------------------------------------------------------------------- Package : lprng Vulnerability : insecure temporary file Problem-Type : local Debian-specific: no CVE Id : CAN-2003-0136 Karol Lewandowski discovered that psbanner, a printer filter that creates a PostScript format banner and is part of LPRng, insecurely creates a temporary file for debugging purpose when it is configured as filter. The program does not check whether this file already exists or is linked to another place writes its current environment and called arguments to the file unconditionally with the user id daemon. For the stable distribution (woody) this problem has been fixed in version 3.8.10-1.2. The old stable distribution (potato) is not affected by this problem. For the unstable distribution (sid) these problems have been fixed in version 3.8.20-4. We recommend that you upgrade your lprng package. Upgrade Instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.0 alias woody - -------------------------------- Source archives: http://security.debian.org/pool/updates/main/l/lprng/lprng_3.8.10-1.2.dsc Size/MD5 checksum: 656 5b675ef9bc39b470e3ec8cb1b88150b4 http://security.debian.org/pool/updates/main/l/lprng/lprng_3.8.10-1.2.diff.gz Size/MD5 checksum: 17298 53d5ce171d250135756bf4682a82737d http://security.debian.org/pool/updates/main/l/lprng/lprng_3.8.10.orig.tar.gz Size/MD5 checksum: 5125140 3127e3793b94bd4a403a3809b1d8467b Architecture independent components: http://security.debian.org/pool/updates/main/l/lprng/lprng-doc_3.8.10-1.2_all.deb Size/MD5 checksum: 1709460 2cec616424b93bfe9df97b0b378b0c6b Alpha architecture: http://security.debian.org/pool/updates/main/l/lprng/lprng_3.8.10-1.2_alpha.deb Size/MD5 checksum: 543788 2889fb7f5dcca329b03edc9f1489e1e6 ARM architecture: http://security.debian.org/pool/updates/main/l/lprng/lprng_3.8.10-1.2_arm.deb Size/MD5 checksum: 511150 becc4d3f2165ae49dfbf518ce488caea Intel IA-32 architecture: http://security.debian.org/pool/updates/main/l/lprng/lprng_3.8.10-1.2_i386.deb Size/MD5 checksum: 467568 b16f01e1ea4a1c458a6e32829a85c7b3 Intel IA-64 architecture: http://security.debian.org/pool/updates/main/l/lprng/lprng_3.8.10-1.2_ia64.deb Size/MD5 checksum: 631104 b34cf87d77dd353bf702d403e9561718 HP Precision architecture: http://security.debian.org/pool/updates/main/l/lprng/lprng_3.8.10-1.2_hppa.deb Size/MD5 checksum: 544364 b6e5e6f81c4d291c65b55fbe71ac6747 Motorola 680x0 architecture: http://security.debian.org/pool/updates/main/l/lprng/lprng_3.8.10-1.2_m68k.deb Size/MD5 checksum: 467846 2659f796ef5715191e6ab5919cdddb30 Big endian MIPS architecture: http://security.debian.org/pool/updates/main/l/lprng/lprng_3.8.10-1.2_mips.deb Size/MD5 checksum: 480194 93b19b4230658fa889315579da6d4db2 Little endian MIPS architecture: http://security.debian.org/pool/updates/main/l/lprng/lprng_3.8.10-1.2_mipsel.deb Size/MD5 checksum: 477314 9edafa58c5a2bf0f3dcbb1c1a1542a78 PowerPC architecture: http://security.debian.org/pool/updates/main/l/lprng/lprng_3.8.10-1.2_powerpc.deb Size/MD5 checksum: 512804 d0d141a47635f7c4ccf208489d14e6bb IBM S/390 architecture: http://security.debian.org/pool/updates/main/l/lprng/lprng_3.8.10-1.2_s390.deb Size/MD5 checksum: 505336 a897c14ef252fb998395d67c9eeab1cd Sun Sparc architecture: http://security.debian.org/pool/updates/main/l/lprng/lprng_3.8.10-1.2_sparc.deb Size/MD5 checksum: 513382 fc6769e619873033d73a3c7d9cb47fb9 These files will probably be moved into the stable distribution on its next revision. - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+mrVJW5ql+IAeqTIRAsflAJ4jINkbq1COUKsCT8dqwkZIAOmAkwCgoQSi 4p4dJzrdB7V1LUk5fhKPmvM= =Cwc7 -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html