From tsl@trustix.org Tue Nov 30 02:28:42 2004 From: Trustix Security Advisor To: bugtraq@securityfocus.com Date: Mon, 29 Nov 2004 11:14:27 +0100 Subject: TSL-2004-0063 - multi -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Trustix Secure Linux Advisory #2004-0063 Package name: amavisd-new, anaconda, courier-imap, cyrus-imapd, cyrus-sasl, file, kernel, mkbootdisk, mysql, rpm, samba, setup, swup Summary: Multiple bugfixes Date: 2004-11-26 Affected versions: Trustix Secure Linux 2.0 Trustix Secure Linux 2.1 Trustix Secure Linux 2.2 Trustix Operating System - Enterprise Server 2 - -------------------------------------------------------------------------- Package description: amavisd-new: AMaViS is a script that interfaces a mail transport agent (MTA) with one or more virus scanners. anaconda: The anaconda package contains portions of the Trustix Secure Linux installation program which can then be run by the user for reconfiguration and advanced installation options. courier-imap: Courier-IMAP is an IMAP server for Maildir mailboxes. cyrus-imapd: The Cyrus IMAP server is a scaleable enterprise mail system designed for use from small to large enterprise environments using standards-based technologies. cyrus-sasl: The cyrus-sasl package contains the Cyrus implementation of SASL. SASL is the Simple Authentication and Security Layer, a method for adding authentication support to connection-based protocols. file: The file command is used to identify a particular file according to the type of data contained by the file. File can identify many different file types, including ELF binaries, system libraries, RPM packages, and different graphics formats. kernel: The kernel package contains the Linux kernel (vmlinuz), the core of your Trustix Secure Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. mkbootdisk: The mkbootdisk program creates a standalone boot floppy disk for booting the running system. The created boot disk will look for the root filesystem on the device mentioned in /etc/fstab and includes an initial ramdisk image which will load any necessary SCSI modules for the system. mysql: MySQL is a true multi-user, multi-threaded SQL (Structured Query Language) database server. MySQL is a client/server implementation that consists of a server daemon (mysqld) and many different client programs/libraries. rpm: The RPM Package Manager is a powerful command line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. samba: Samba provides an SMB server which can be used to provide network services to SMB (sometimes called "Lan Manager") clients, including various versions of MS Windows, OS/2, and other Linux machines. Samba uses NetBIOS over TCP/IP (NetBT) protocols and does NOT need NetBEUI (Microsoft Raw NetBIOS frame) protocol. setup: The setup package contains a set of important system configuration and setup files, such as passwd, group, and profile. swup: SWUP - SoftWare UPdater is an extension for existing software packaging systems to facilitate automatic and secure update and install. SWUP handles dependencies between software packages, and is able to fetch additional required software when installing or upgrading. Problem description: amavisd-new: Fix amavis user creation on install. anaconda: Support kickstart files on FTP. Hyperthreading detection. courier-imap: Initscript fixups. cyrus-imapd: Fixes security holes CAN-2004-1011, CAN-2004-1012, and CAN-2004-1013 cyrus-sasl: Fix saslauthd man page. file: New upstream fixes a potential stack smash in elf header parsing code. kernel: No longer provide kernel-firewall. This fixes the issue where the previous kernel would be removed when installing a new kernel with swup. mkbootdisk: Require lilo. mysql: Add a conflict on older incompatible packages to help automatic upgrades. rpm: Now have --program-prefix= in %configure. samba: New upstream. setup: Add amavis group. swup: Optimize package resolving. Should make large upgrades significantly faster. Action: We recommend that all systems with this package installed be upgraded. Please note that if you do not need the functionality provided by this package, you may want to remove it from your system. Location: All Trustix Secure Linux updates are available from About Trustix Secure Linux: Trustix Secure Linux is a small Linux distribution for servers. With focus on security and stability, the system is painlessly kept safe and up to date from day one using swup, the automated software updater. Automatic updates: Users of the SWUP tool can enjoy having updates automatically installed using 'swup --upgrade'. Questions? Check out our mailing lists: Verification: This advisory along with all Trustix packages are signed with the TSL sign key. This key is available from: The advisory itself is available from the errata pages at , and or directly at MD5sums of the packages: - -------------------------------------------------------------------------- 2c17bbc66c30bfb3a88650a90cd44869 2.2/rpms/amavisd-new-2.2.0-6tr.i586.rpm e5a4379e73c96f49b4d5f81364e60145 2.2/rpms/amavisd-new-config-2.2.0-6tr.i586.rpm b68505deb1b5559b1660ab524af06246 2.2/rpms/anaconda-7.2.4-6tr.i586.rpm 5eb63364690105354f3522e55d63b57d 2.2/rpms/anaconda-runtime-7.2.4-6tr.i586.rpm 0689749687f055025d2b0d90f2b9355a 2.2/rpms/courier-imap-3.0.8-7tr.i586.rpm e255b57c9217d224b00c00ca72636fac 2.2/rpms/courier-imap-ldap-3.0.8-7tr.i586.rpm 4fc9519683c8db893ba2e77d31578190 2.2/rpms/courier-imap-mysql-3.0.8-7tr.i586.rpm 15b86abaa530171fa7625e19f85f6128 2.2/rpms/courier-imap-pgsql-3.0.8-7tr.i586.rpm deff18245f0dfc89cb392d54ee4ee8df 2.2/rpms/cyrus-imapd-2.2.10-1tr.i586.rpm fcef71c2d5e7be413f4020c73fa2888e 2.2/rpms/cyrus-imapd-devel-2.2.10-1tr.i586.rpm 2c148c573fc0068d215d3b02f13389ca 2.2/rpms/cyrus-sasl-2.1.20-3tr.i586.rpm c257e6b18641d9f72ebb5cc23c868775 2.2/rpms/cyrus-sasl-devel-2.1.20-3tr.i586.rpm 0deb70bec75020b8b48576e56a90a73d 2.2/rpms/cyrus-sasl-md5-2.1.20-3tr.i586.rpm e24aa55175e403d379c7a7c84c95f657 2.2/rpms/cyrus-sasl-otp-2.1.20-3tr.i586.rpm af33a71472fa2090fdce5da4ce851b37 2.2/rpms/cyrus-sasl-plain-2.1.20-3tr.i586.rpm 15f3ebf9b9832592abe85f4e6c6f2c62 2.2/rpms/cyrus-sasl-sql-2.1.20-3tr.i586.rpm 9992d38fdf131236511d05cb27714558 2.2/rpms/cyrus-sasl-utils-2.1.20-3tr.i586.rpm 5a99b0d0ba7942e6c9a6f1a3fae49644 2.2/rpms/file-4.12-1tr.i586.rpm 60625f47267d4883056ef380e588fe97 2.2/rpms/file-devel-4.12-1tr.i586.rpm 1457874998816cc8b5e8bf5a162a59dc 2.2/rpms/kernel-2.4.28-4tr.i586.rpm 5408057fdb4a17eca85ba005ca118a47 2.2/rpms/kernel-BOOT-2.4.28-4tr.i586.rpm effd78274a5e9a3d1f019e2e4990887f 2.2/rpms/kernel-doc-2.4.28-4tr.i586.rpm 7367dc7750e2ad69db0cce54ae244504 2.2/rpms/kernel-smp-2.4.28-4tr.i586.rpm 94b8224fa0d82316ee5f65c36fba3221 2.2/rpms/kernel-source-2.4.28-4tr.i586.rpm 2523c8fa498cd3a166a1b69d3b61bafe 2.2/rpms/kernel-utils-2.4.28-4tr.i586.rpm f6615b193ea278570199e95b444ab6c5 2.2/rpms/mkbootdisk-1.2.8-13tr.i586.rpm e443cc155f39a79df9d5b773e0e1b3fb 2.2/rpms/mysql-4.1.7-4tr.i586.rpm e443cc155f39a79df9d5b773e0e1b3fb 2.2/rpms/mysql-4.1.7-4tr.i586.rpm c08b412b9ab131f3c03e2eca43413691 2.2/rpms/mysql-bench-4.1.7-4tr.i586.rpm c08b412b9ab131f3c03e2eca43413691 2.2/rpms/mysql-bench-4.1.7-4tr.i586.rpm 862ec8d6145814cb938e7decf4807f10 2.2/rpms/mysql-client-4.1.7-4tr.i586.rpm 862ec8d6145814cb938e7decf4807f10 2.2/rpms/mysql-client-4.1.7-4tr.i586.rpm faa5cc6421fd9bf3398b28a981748cdd 2.2/rpms/mysql-devel-4.1.7-4tr.i586.rpm faa5cc6421fd9bf3398b28a981748cdd 2.2/rpms/mysql-devel-4.1.7-4tr.i586.rpm 81f8e92b2f5c8f9e1b97bcf6eec75fce 2.2/rpms/mysql-libs-4.1.7-4tr.i586.rpm 81f8e92b2f5c8f9e1b97bcf6eec75fce 2.2/rpms/mysql-libs-4.1.7-4tr.i586.rpm 9a79695399a6bf50f5691210535ade77 2.2/rpms/mysql-shared-4.1.7-4tr.i586.rpm 9a79695399a6bf50f5691210535ade77 2.2/rpms/mysql-shared-4.1.7-4tr.i586.rpm f3b1ae940c4004021c3d4977867b9278 2.2/rpms/popt-1.6.4.1-13tr.i586.rpm d56d336b87dc0dd23f6a5c855ca3c4a1 2.2/rpms/rpm-4.0.5-13tr.i586.rpm 4ecf27ae88fc6780a070543406d8b8b2 2.2/rpms/rpm-build-4.0.5-13tr.i586.rpm 5d90403f0c3d85eb0a354c80d7627605 2.2/rpms/rpm-devel-4.0.5-13tr.i586.rpm ea14d3a811452dfaa2ebef4e71414ef6 2.2/rpms/rpm-python-4.0.5-13tr.i586.rpm 57e793ea09f104d8ac92852ea6f82afe 2.2/rpms/samba-3.0.9-1tr.i586.rpm 390da139cf8c27d79486412ad2d2da74 2.2/rpms/samba-client-3.0.9-1tr.i586.rpm 79d977d0e3e16f1eee2af128be1df5b8 2.2/rpms/samba-common-3.0.9-1tr.i586.rpm 180227da87409feb5bbfd47b61b14bfa 2.2/rpms/samba-mysql-3.0.9-1tr.i586.rpm 378fb81ef2daf66c7f6d0c70327eecd6 2.2/rpms/setup-2.2.8-2tr.i586.rpm de4e7c9c94eadfc37f4ccf2a154b5d7e 2.2/rpms/swup-2.6.12-1tr.i586.rpm 5e81aad462bd6b2d29da711d6033998b 2.2/rpms/swup-conf-2.6.12-1tr.i586.rpm 64a9d0fc1165461e9793c801165156a6 2.2/rpms/swup-cron-2.6.12-1tr.i586.rpm 56d39d5a439a10bf347e17a21a06dd2c 2.2/rpms/swup-libs-2.6.12-1tr.i586.rpm dfd7aedb1fcbe28cf2430505556d7251 2.2/rpms/swup-rdfgen-2.6.12-1tr.i586.rpm 5929cb29a86e9a753ed11d3ce952ce16 e-2/rpms/cyrus-imapd-2.2.10-0.2tr.i586.rpm 9f369d7ac8139a3d2d0f3bf11555ccd5 e-2/rpms/cyrus-imapd-devel-2.2.10-0.2tr.i586.rpm 902af700f8d5b8e42f42fc980af7baf5 e-2/rpms/cyrus-sasl-2.1.15-9tr.i586.rpm b523bd6d33e3f403def7504ccd09d5bf e-2/rpms/cyrus-sasl-devel-2.1.15-9tr.i586.rpm bee5c941360f5e7ec2fbe028da109ad8 e-2/rpms/cyrus-sasl-md5-2.1.15-9tr.i586.rpm 56dc8561401a229c28fc390ef822fbd0 e-2/rpms/cyrus-sasl-mysql-2.1.15-9tr.i586.rpm 5c85271c3973e6de2a146d1c859399c3 e-2/rpms/cyrus-sasl-otp-2.1.15-9tr.i586.rpm e8b0ae2922863bb0a27cfad6e7940fb5 e-2/rpms/cyrus-sasl-plain-2.1.15-9tr.i586.rpm 625a62d5622c76fa7fa722df9f8a1137 e-2/rpms/cyrus-sasl-utils-2.1.15-9tr.i586.rpm b2524207554ec3890f7d7cef92714922 e-2/rpms/file-4.12-1tr.i586.rpm bc1474a6633be96b58b1206bfdc54691 e-2/rpms/file-devel-4.12-1tr.i586.rpm 4e20f3462e41312bc92257becd1b66a9 2.1/rpms/cyrus-imapd-2.2.10-0.2tr.i586.rpm 615418c01a4fd777a853979a201bc9e7 2.1/rpms/cyrus-imapd-devel-2.2.10-0.2tr.i586.rpm 121d7af26998e30aa1be65f64c6b4ea2 2.1/rpms/cyrus-sasl-2.1.15-10tr.i586.rpm df26aa7b0e350f97caf211c1638859a4 2.1/rpms/cyrus-sasl-devel-2.1.15-10tr.i586.rpm 828cce09cb439ba6d3b039e5e034f184 2.1/rpms/cyrus-sasl-md5-2.1.15-10tr.i586.rpm cfc0cb6678106b86a9c561927ac82ca3 2.1/rpms/cyrus-sasl-mysql-2.1.15-10tr.i586.rpm da43b8cc5488ed894b7ffb2e2a3e39c9 2.1/rpms/cyrus-sasl-otp-2.1.15-10tr.i586.rpm cce2715096e3a8590c52b61b5a23c3de 2.1/rpms/cyrus-sasl-plain-2.1.15-10tr.i586.rpm fa7545fef059b892d5a47ae3dcacd3e7 2.1/rpms/cyrus-sasl-utils-2.1.15-10tr.i586.rpm 97b58cb31276eeb86874fd2f374ed626 2.1/rpms/file-4.12-1tr.i586.rpm 5b6aadeb9f6c3d010d348f107778e57e 2.1/rpms/file-devel-4.12-1tr.i586.rpm 98f888cf313a29b9d3ecdaec9ada4ae2 2.1/rpms/samba-3.0.9-1tr.i586.rpm b4656644e49fded14321ca504c406270 2.1/rpms/samba-client-3.0.9-1tr.i586.rpm 796c6c4a3f1055ba705ca446fad9ef8c 2.1/rpms/samba-common-3.0.9-1tr.i586.rpm 535c036311e14d39c09c8e3e8ddcf78f 2.1/rpms/samba-mysql-3.0.9-1tr.i586.rpm 59aa5885413fdb07228a7a6846eab62b 2.0/rpms/cyrus-imapd-2.2.10-0.1tr.i586.rpm 30ede15fb9e19159bfd53107cea604ce 2.0/rpms/cyrus-imapd-devel-2.2.10-0.1tr.i586.rpm - -------------------------------------------------------------------------- Trustix Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) iD8DBQFBqvXqi8CEzsK9IksRAur4AJ9ecKElLLqDFnLSWrWtT0V1rz+HegCgjrtC 5+BLkS8i70szBDfbtBnz1Io= =W4WP -----END PGP SIGNATURE-----