[PLDSA 36-1] New file packages fix buffer overflow
Krzysiek Taraszka
dzimi at pld.org.pl
Sat May 3 15:43:01 CEST 2003
- --------------------------------------------------------------------------
PLD Security Advisory PLDSA 36-1 security at pld.org.pl
http://www.pld.org.pl/security/ PLD Security Team
07 March 2003 http://www.pld.org.pl/security/faq
- --------------------------------------------------------------------------
Package : prior to file-3.39-1
Vulnerability : buffer overflow
Problem-Type : local
PLD-specific : no
CVE references : CAN-2003-0102
iDEFENSE discovered a buffer overflow vulnerability in the ELF format
parsing of the "file" command, one which can be used to execute
arbitrary code with the privileges of the user running the command. The
vulnerability can be exploited by crafting a special ELF binary which is
then input to file. This could be accomplished by leaving the binary on
the file system and waiting for someone to use file to identify it, or
by passing it to a service that uses file to classify input. (For
example, some printer filters run file to determine how to process input
going to a printer.)
The above problems have been fixed in version 3.41-1 for the
current stable distribution (ra).
We recommend that you upgrade your file packages.
wget -c url
will fetch the file for you
rpm -Uhv file(s)*.rpm
will upgrade the referenced file.
If you are using "poldek" - the package manager, use the line as given below
for upgrade packages
poldek --update
will update the internal database
poldek --upgrade 'file*'
will install corrected packages
If you are using "apt" - the package manager, use the line as given below
for upgrade packages
apt-get update
will update the internal database
apt-get upgrade 'file*'
will install corrected packages
PLD Linux 1.0 alias ra
- --------------------
Source archives:
ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/file-3.41-1.src.rpm
MD5 checksum: 434bb61edc719a52b891bc973bf34c71
I386 Architecture components:
ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/file-3.41-1.i386.rpm
MD5 checksum: 852a0a42edf5f8b0693317775c45ae01
I586 Architecture components:
ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/file-3.41-1.i586.rpm
MD5 checksum: 0b1145849bd15b8a83dd91792895df01
I686 Architecture components:
ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/file-3.41-1.i686.rpm
MD5 checksum: 440d39924f3a658dc5f2f43a1777a277
PowerPC Architecture components:
ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/file-3.41-1.ppc.rpm
MD5 checksum: c3ddb468e7391125a4f65771ec847d7b
-
--------------------------------------------------------------------------------
-
If you are using poldek add this line to poldek.conf.
If you are using apt-get add this line to sources.list.
For i386 architecture
poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/
apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i386 base updates-security
For i586 architecture
poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/
apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i586 base updates-security
For i686 architecture
poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/
apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i686 base updates-security
For ppc architecture
poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/
apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/ppc base updates-security
More information about the pld-security-announce
mailing list