歡迎使用「東吳大學電算中心資通安全管理系統」!
2024-06-26 14:51:46
編號 | 公告主旨 | 公告單位 | 公告人員 | 公告時間 |
---|---|---|---|---|
編號364 | 公告主旨公告主旨 Akira Test | 公告單位 | 公告人員顏晴美 | 公告時間2024-06-25 04:02:45 |
公告內容 Akira Test
|
||||
編號363 | 公告主旨6/24測試 | 公告單位通識教育中心 | 公告人員顏晴美 | 公告時間2024-06-24 05:30:54 |
6/24測試新增最新消息-測試修改最新消息
|
||||
編號362 | 公告主旨公告主旨 akira test 0619 | 公告單位全球華商研究中心(二級) | 公告人員陳淑月 | 公告時間2024-06-19 05:00:40 |
公告內容
akira test 0619 |
||||
編號361 | 公告主旨公告主旨 akira test 213121 adasdas 0619 | 公告單位資科系 | 公告人員陳淑月 | 公告時間2024-06-18 07:22:04 |
akira test 1 0619
公告內容 131312311 scsdasd |
||||
編號360 | 公告主旨新增測試公告主旨123 | 公告單位資科系 | 公告人員陳淑月 | 公告時間2024-06-17 04:09:04 |
新增測試公告內容公告內容公告內容公告內容公告內容123
|
||||
編號359 | 公告主旨news_list | 公告單位資科系 | 公告人員陳淑月 | 公告時間2024-06-14 00:30:05 |
unit_codenews-model-closenews-list-reload
|
||||
編號358 | 公告主旨可更新 | 公告單位巨資學士學程 | 公告人員陳淑月 | 公告時間2024-06-13 07:16:12 |
form-control
|
||||
編號357 | 公告主旨測試 公告主旨user_id | 公告單位 | 公告人員陳淑月 | 公告時間2024-06-12 06:44:51 |
測試 公告內容user_id
|
||||
編號356 | 公告主旨測試 公告主旨 | 公告單位 | 公告人員陳淑月 | 公告時間2024-06-12 06:39:29 |
測試 公告內容
|
||||
編號355 | 公告主旨20240530測試-0604修改 | 公告單位 | 公告人員顏晴美 | 公告時間2024-05-30 02:52:52 |
我在測試 網路暨維修組 (scu.edu.tw)
-0604修改 |
||||
編號354 | 公告主旨公告結束時間 | 公告單位 | 公告人員 | 公告時間2023-11-22 09:59:45 |
公告結束時間
|
||||
編號353 | 公告主旨a | 公告單位 | 公告人員 | 公告時間2023-11-22 09:49:05 |
b
|
||||
編號256 | 公告主旨Flash Player任意執行代碼弱點通告 | 公告單位 | 公告人員 | 公告時間2023-11-10 10:42:18 |
國家資通安全會報 技術服務中心
漏洞/資安訊息通告 發佈編號 ICST-ANA-2006-0022 發佈日期 2006/03/16 通告名稱 Flash Player任意執行代碼弱點通告 內容說明 Macromedia的Flash Player產品中被發現存在一些漏洞,可以允許\遠端攻擊者在具有漏洞的系統上執行任意程式碼。由於Flash為目前全球最普遍的網站動畫格式,絕大部份的個人電腦都安裝了免費的Flash Player 用以瀏覽網站上的 Flash 動畫,因此 Flash Player漏洞可能成為駭客攻擊的重要目標。 此漏洞存在於 Flash Player 8.0.22.0 及其以前之版本。由於瀏覽器需要安裝 Flash Player 才能瀏覽網站 Flash 動畫,因此只要瀏覽器能正確顯示 Flash 動畫,不論瀏覽器種類(Internet Explorer、Opera、Firefox)都應進行更新。 技服中心強烈呼籲各政府單位若使用這些版本的Flash Player,應儘速升級至最新版本,且持續注意Flash Player之安全漏洞。 影響平台 所有安裝 Flash Player的使用者 影響等級 中 建議措施 技服中心建議所有使用 Flash Player的相關單位: 1.應儘速升級 Flash Player 至最新版本(目前為 8.0.24.0),並注意後續版本持續進行系統升級動作。 參考資料 [1] Flash Player最新版本下載:http://www.macromedia.com/shockwave/download/download.cgi?P1_Prod_Version=ShockwaveFlash(可選擇不安裝 Yahoo Toolbar) |
||||
編號257 | 公告主旨微軟DACLs服務權限提昇弱點更新通知 | 公告單位 | 公告人員 | 公告時間2023-11-10 10:42:18 |
國家資通安全會報 技術服務中心
漏洞/資安訊息通告 發佈編號 ICST-ANA-2006-0023 發佈日期 2006/03/16 通告名稱 DACLs服務權限提昇弱點更新通知 內容說明 Microsoft 於3月15日公佈了 MS06-011弱點通告,公佈Windows Service DACLs (discretionary access control lists)具有可能導致提昇權限的弱點。此項弱點可能讓擁有效登入憑證的使用者在Windows 上取得完全的系統控制權。惡意人士可能利用此弱點修改受影響服務預設的檔案,進而能夠停止及重新啟動服務以執行惡意應用程式,達到在受駭系統上安裝惡意程式、瀏覽、修改或刪除檔案。 此弱點存在於 Windows XP SP1及Windows Server 2003,技服中心呼籲使用所有使用微軟 Windows 平台的使用者儘快採取以下建議措施。 影響平台 所有使用微軟 Windows SP1及Windows Server 2003平台的使用者 影響等級 高 建議措施 技服中心建議所有相關單位: 1.儘速安裝更新程式,對 MS06-011進行漏洞修補。 2.Windows XP使用者應安裝 Windows XP Service Pack 2,並利用Windows Update 及設定「自動更新」功\能定時進行漏洞修補程式下載及安裝,並且開啟 Windows 防火牆設定。 |
||||
編號258 | 公告主旨Microsoft Office多項安全性弱點更新通知 | 公告單位 | 公告人員 | 公告時間2023-11-10 10:42:18 |
國家資通安全會報 技術服務中心
漏洞/資安訊息通告 發佈編號 ICST-ANA-2006-0024 發佈日期 2006/03/16 通告名稱 Microsoft Office多項安全性弱點更新通知 內容說明 Microsoft 於3月15日公佈了 MS06-012弱點通告。此弱點為微軟Microsoft Office軟體可能導致允許\執行任意程式碼的安全性弱點。分別為未適當處理含有格式錯誤的檔案、未適當處理含有錯誤BOOLERR記錄的\".BIFF\"檔案格式、未適當處理含有錯誤描述的檔案、未適當處理含有惡意圖形的檔案、未適當處理含有惡意記錄的檔案。當使用開啟遭到這些惡意竄改的文件時,可能會出現執行任意程式碼的安全性弱點。 此弱點存在於 Office2003、Works Suite 2006 與之前的版本,技服中心呼籲使用所有使用微軟 Office軟體的使用者儘快採取以下建議措施。 影響平台 所有使用Microsoft Office軟體的使用者 影響等級 高 建議措施 技服中心建議所有相關單位: 1.儘速安裝更新程式,對 MS06-012進行漏洞修補。 2.Windows XP使用者應安裝 Windows XP Service Pack 2,並利用Windows Update 及設定「自動更新」功\能定時進行漏洞修補程式下載及安裝,並且開啟 Windows 防火牆設定。 參考資料 [1] 微軟漏洞更新通告資訊網址:http://www.microsoft.com/taiwan/security/bulletin/ms06-012.mspx |
||||
編號259 | 公告主旨更新 Red Hat kdegraphics 套件,以完整修正安全漏洞。 | 公告單位 | 公告人員 | 公告時間2023-11-10 10:42:18 |
TW-CA-2006-033-[RHSA-2006:0262-01: Important: kdegraphics security update]
──────────────────────────────────────── TWCERT/CC發布日期:2006-03-23 原漏洞發布日期:2006-03-09 原漏洞最新更新日期:-- 通用安全漏洞編號:CVE-2006-0746 分類:Miscellaneous 來源參考:RHSA-2006:0262-01 ──── 簡述 ───────────────────────────────── 更新 kdegraphics 套件,以完整修正安全漏洞。 此更新動作被 Red Hat Security Response Team 列為重要性安全影響。 ──── 說明 ───────────────────────────────── kdegraphics 套件中有許\多 KDE 的應用程式,包括觀看 PDF 檔的軟體 kpdf。 kpdf 的安全性修正 CVE-2005-3627 不完全,Red Hat 發布的 RHSA-2005:868 含有修正 不完整的 kdegraphics 套件。攻擊者特別設計的 PDF檔,可造成 kpdf 運作不正常或被 執行任意程式碼。CVE (cve.mitre.org) 已將這些問題命名為 CVE-2006-0746。 建議 kpdf 的使用者升級至此勘誤套件,內含可修正這些問題的修補程式。 ──── 影響平台 ─────────────────────────────── ‧Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 ‧Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 ‧Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 ‧Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 ──── 修正方式 ─────────────────────────────── 在安裝更新之前,確定已安裝之前所有跟系統相關的錯誤修正。使用 Red Hat Network 來 下載及更新套件,輸入以下指令啟動 Red Hat Update Agent: up2date 這將啟動一個互動的程序升級您系統上適當的 RPM。 已修正 Bug ID(詳見 http://bugzilla.redhat.com/): 184307 - CVE-2006-0746 kpdf buffer overflow RPM 需求: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/kdegraphics-3.3.1-3.9.src.rp m 2122c40615954e8afc7f52a6f630885b kdegraphics-3.3.1-3.9.src.rpm i386: 61262d041570015941825522d4c52d6f kdegraphics-3.3.1-3.9.i386.rpm 99a093aef5554bcb04ebd288938b8598 kdegraphics-devel-3.3.1-3.9.i386.rpm ia64: e79b5a98bbceedf04652037eaf08b712 kdegraphics-3.3.1-3.9.ia64.rpm 0ac83c2dc0edfaed4049975bcdde8875 kdegraphics-devel-3.3.1-3.9.ia64.rpm ppc: e29d12dc045af9bba805a60c8348f839 kdegraphics-3.3.1-3.9.ppc.rpm b9ea1232be57e9a1cd16816f1ff23dc1 kdegraphics-devel-3.3.1-3.9.ppc.rpm s390: e4dd3d1e48c4c5cb1ef8c4176ce63af5 kdegraphics-3.3.1-3.9.s390.rpm 6eea4a51102edc69754260551e973550 kdegraphics-devel-3.3.1-3.9.s390.rpm s390x: efa16030f3945a7665559183d4fbb2c2 kdegraphics-3.3.1-3.9.s390x.rpm 04e7d043636a7df2fe69c19f2f57ee99 kdegraphics-devel-3.3.1-3.9.s390x.rpm x86_64: 9efeda23490049fea1957f07c340d9c8 kdegraphics-3.3.1-3.9.x86_64.rpm c74d43b414e511e26e8b8d5f78e3cf0c kdegraphics-devel-3.3.1-3.9.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/kdegraphics-3.3.1-3.9.s rc.rpm 2122c40615954e8afc7f52a6f630885b kdegraphics-3.3.1-3.9.src.rpm i386: 61262d041570015941825522d4c52d6f kdegraphics-3.3.1-3.9.i386.rpm 99a093aef5554bcb04ebd288938b8598 kdegraphics-devel-3.3.1-3.9.i386.rpm x86_64: 9efeda23490049fea1957f07c340d9c8 kdegraphics-3.3.1-3.9.x86_64.rpm c74d43b414e511e26e8b8d5f78e3cf0c kdegraphics-devel-3.3.1-3.9.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/kdegraphics-3.3.1-3.9.src.rp m 2122c40615954e8afc7f52a6f630885b kdegraphics-3.3.1-3.9.src.rpm i386: 61262d041570015941825522d4c52d6f kdegraphics-3.3.1-3.9.i386.rpm 99a093aef5554bcb04ebd288938b8598 kdegraphics-devel-3.3.1-3.9.i386.rpm ia64: e79b5a98bbceedf04652037eaf08b712 kdegraphics-3.3.1-3.9.ia64.rpm 0ac83c2dc0edfaed4049975bcdde8875 kdegraphics-devel-3.3.1-3.9.ia64.rpm x86_64: 9efeda23490049fea1957f07c340d9c8 kdegraphics-3.3.1-3.9.x86_64.rpm c74d43b414e511e26e8b8d5f78e3cf0c kdegraphics-devel-3.3.1-3.9.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/kdegraphics-3.3.1-3.9.src.rp m 2122c40615954e8afc7f52a6f630885b kdegraphics-3.3.1-3.9.src.rpm i386: 61262d041570015941825522d4c52d6f kdegraphics-3.3.1-3.9.i386.rpm 99a093aef5554bcb04ebd288938b8598 kdegraphics-devel-3.3.1-3.9.i386.rpm ia64: e79b5a98bbceedf04652037eaf08b712 kdegraphics-3.3.1-3.9.ia64.rpm 0ac83c2dc0edfaed4049975bcdde8875 kdegraphics-devel-3.3.1-3.9.ia64.rpm x86_64: 9efeda23490049fea1957f07c340d9c8 kdegraphics-3.3.1-3.9.x86_64.rpm c74d43b414e511e26e8b8d5f78e3cf0c kdegraphics-devel-3.3.1-3.9.x86_64.rpm 這些套件基於安全理由,均由 Red Hat 公司使用 GPG 簽章,可至下列網址取得 key: https://www.redhat.com/security/team/key/#package ──── 影響結果 ─────────────────────────────── ──── 聯絡TWCERT/CC ───────────────────────────── Tel: 886-7-5250211 FAX: 886-7-5250212 886-2-23563303 886-2-23924082 Email: twcert@cert.org.tw URL: http://www.cert.org.tw/ PGP key: http://www.cert.org.tw/eng/pgp.htm ──────────────────────────────────────── 附件:[Important: kdegraphics security update] ──── 原文 ───────────────────────────────── - - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: python security update Advisory ID: RHSA-2006:0197-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0197.html Issue date: 2006-03-09 Updated on: 2006-03-09 Product: Red Hat Enterprise Linux CVE Names: CVE-2005-2491 - - --------------------------------------------------------------------- 1. Summary: Updated Python packages are now available to correct a security issue. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: Python is an interpreted, interactive, object-oriented programming language. An integer overflow flaw was found in Pythons PCRE library that could be triggered by a maliciously crafted regular expression. On systems that accept arbitrary regular expressions from untrusted users, this could be exploited to execute arbitrary code with the privileges of the application using the library. The Common Vulnerabilities and Exposures project assigned the name CVE-2005-2491 to this issue. Users of Python should upgrade to these updated packages, which contain a backported patch that is not vulnerable to this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 166335 - CVE-2005-2491 PCRE heap overflow 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/python-1.5.2-43.72.1.src.r pm 73b95280ec62d80c3f008c279b48d8e1 python-1.5.2-43.72.1.src.rpm i386: 0f61c0e64c1c55ba51995f7d4cd2041a python-1.5.2-43.72.1.i386.rpm 109bda6f553ab2f1f7744c0d7c08f7c7 python-devel-1.5.2-43.72.1.i386.rpm 5a0e085579668fc56f99d49ed9e24e27 python-docs-1.5.2-43.72.1.i386.rpm 89e44bb7cee5d62528314681187a727c python-tools-1.5.2-43.72.1.i386.rpm 92a1bd1a87f2c3a06bf076407cc9efe5 tkinter-1.5.2-43.72.1.i386.rpm ia64: 35440c0c7525d3538c9b85db25c85ba9 python-1.5.2-43.72.1.ia64.rpm b2f0acf9206db13d53c9d6537ca38887 python-devel-1.5.2-43.72.1.ia64.rpm 044e2d59c10510eb14a76ec6eb595794 python-docs-1.5.2-43.72.1.ia64.rpm 36e36f4446cd8ee12e86ff1ff409c87b python-tools-1.5.2-43.72.1.ia64.rpm f22c83beb9c706d5ba84407a6a5d9e81 tkinter-1.5.2-43.72.1.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/python-1.5.2-43.72.1.src.r pm 73b95280ec62d80c3f008c279b48d8e1 python-1.5.2-43.72.1.src.rpm ia64: 35440c0c7525d3538c9b85db25c85ba9 python-1.5.2-43.72.1.ia64.rpm b2f0acf9206db13d53c9d6537ca38887 python-devel-1.5.2-43.72.1.ia64.rpm 044e2d59c10510eb14a76ec6eb595794 python-docs-1.5.2-43.72.1.ia64.rpm 36e36f4446cd8ee12e86ff1ff409c87b python-tools-1.5.2-43.72.1.ia64.rpm f22c83beb9c706d5ba84407a6a5d9e81 tkinter-1.5.2-43.72.1.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/python-1.5.2-43.72.1.src.r pm 73b95280ec62d80c3f008c279b48d8e1 python-1.5.2-43.72.1.src.rpm i386: 0f61c0e64c1c55ba51995f7d4cd2041a python-1.5.2-43.72.1.i386.rpm 109bda6f553ab2f1f7744c0d7c08f7c7 python-devel-1.5.2-43.72.1.i386.rpm 5a0e085579668fc56f99d49ed9e24e27 python-docs-1.5.2-43.72.1.i386.rpm 89e44bb7cee5d62528314681187a727c python-tools-1.5.2-43.72.1.i386.rpm 92a1bd1a87f2c3a06bf076407cc9efe5 tkinter-1.5.2-43.72.1.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/python-1.5.2-43.72.1.src.r pm 73b95280ec62d80c3f008c279b48d8e1 python-1.5.2-43.72.1.src.rpm i386: 0f61c0e64c1c55ba51995f7d4cd2041a python-1.5.2-43.72.1.i386.rpm 109bda6f553ab2f1f7744c0d7c08f7c7 python-devel-1.5.2-43.72.1.i386.rpm 5a0e085579668fc56f99d49ed9e24e27 python-docs-1.5.2-43.72.1.i386.rpm 89e44bb7cee5d62528314681187a727c python-tools-1.5.2-43.72.1.i386.rpm 92a1bd1a87f2c3a06bf076407cc9efe5 tkinter-1.5.2-43.72.1.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/python-2.2.3-6.2.src.rpm ea0a594a03ff35318f6a3d3bdd9a1ff2 python-2.2.3-6.2.src.rpm i386: 46d0d18e436bb2bf42c34fb0da65cdf6 python-2.2.3-6.2.i386.rpm 40e37a5986f7f88186ca468bcd974ba2 python-devel-2.2.3-6.2.i386.rpm dd7a9164c3f54865af36131cb38bce80 python-tools-2.2.3-6.2.i386.rpm 841a5da3cd4c7d8a2c7ec0b497f73597 tkinter-2.2.3-6.2.i386.rpm ia64: f2814a1da58066eb9560f7900fa6292a python-2.2.3-6.2.ia64.rpm 88f6f071af2de3e2689e49db6b78bc34 python-devel-2.2.3-6.2.ia64.rpm d5abbc27fabe7ea02a4a9a26431ec48e python-tools-2.2.3-6.2.ia64.rpm e8e347fda6ed101646699a878a2dc85e tkinter-2.2.3-6.2.ia64.rpm ppc: a0d56e413962137c52c2d4567354b992 python-2.2.3-6.2.ppc.rpm ddcd62cb48ef70bd72ec9b760beb6a4c python-devel-2.2.3-6.2.ppc.rpm 4760085d9a3956ca198f15b7f60838c8 python-tools-2.2.3-6.2.ppc.rpm 975f6d98e087c877510c7f2ca3f579b2 tkinter-2.2.3-6.2.ppc.rpm s390: 728864e38fdc365f3835c02059e36346 python-2.2.3-6.2.s390.rpm 3e7e29dbc7ecafa23e2c2a25aaecc2f9 python-devel-2.2.3-6.2.s390.rpm 21dfae7a7ed849b31304246e4a88b397 python-tools-2.2.3-6.2.s390.rpm 841f9571e4be7374dcc705b1fb4dba62 tkinter-2.2.3-6.2.s390.rpm s390x: 057e717a9ad4b649cdc3c2fcd57168b7 python-2.2.3-6.2.s390x.rpm 12939bfd3893742f7f4fad01deb50c35 python-devel-2.2.3-6.2.s390x.rpm 8f30447cafdace1e9428b3939240303f python-tools-2.2.3-6.2.s390x.rpm 1247bdca0ea840ba341ed7d997b7fb07 tkinter-2.2.3-6.2.s390x.rpm x86_64: 46fa69fbcd41b500462ae09f25a13b1a python-2.2.3-6.2.x86_64.rpm 983cd05768622425281f641690a33391 python-devel-2.2.3-6.2.x86_64.rpm 4c7ff3fe321a79229c0e0dce72984d99 python-tools-2.2.3-6.2.x86_64.rpm 08deff0b89091c57f0144c5aaf927226 tkinter-2.2.3-6.2.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/python-2.2.3-6.2.src.rp m ea0a594a03ff35318f6a3d3bdd9a1ff2 python-2.2.3-6.2.src.rpm i386: 46d0d18e436bb2bf42c34fb0da65cdf6 python-2.2.3-6.2.i386.rpm 40e37a5986f7f88186ca468bcd974ba2 python-devel-2.2.3-6.2.i386.rpm dd7a9164c3f54865af36131cb38bce80 python-tools-2.2.3-6.2.i386.rpm 841a5da3cd4c7d8a2c7ec0b497f73597 tkinter-2.2.3-6.2.i386.rpm x86_64: 46fa69fbcd41b500462ae09f25a13b1a python-2.2.3-6.2.x86_64.rpm 983cd05768622425281f641690a33391 python-devel-2.2.3-6.2.x86_64.rpm 4c7ff3fe321a79229c0e0dce72984d99 python-tools-2.2.3-6.2.x86_64.rpm 08deff0b89091c57f0144c5aaf927226 tkinter-2.2.3-6.2.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/python-2.2.3-6.2.src.rpm ea0a594a03ff35318f6a3d3bdd9a1ff2 python-2.2.3-6.2.src.rpm i386: 46d0d18e436bb2bf42c34fb0da65cdf6 python-2.2.3-6.2.i386.rpm 40e37a5986f7f88186ca468bcd974ba2 python-devel-2.2.3-6.2.i386.rpm dd7a9164c3f54865af36131cb38bce80 python-tools-2.2.3-6.2.i386.rpm 841a5da3cd4c7d8a2c7ec0b497f73597 tkinter-2.2.3-6.2.i386.rpm ia64: f2814a1da58066eb9560f7900fa6292a python-2.2.3-6.2.ia64.rpm 88f6f071af2de3e2689e49db6b78bc34 python-devel-2.2.3-6.2.ia64.rpm d5abbc27fabe7ea02a4a9a26431ec48e python-tools-2.2.3-6.2.ia64.rpm e8e347fda6ed101646699a878a2dc85e tkinter-2.2.3-6.2.ia64.rpm x86_64: 46fa69fbcd41b500462ae09f25a13b1a python-2.2.3-6.2.x86_64.rpm 983cd05768622425281f641690a33391 python-devel-2.2.3-6.2.x86_64.rpm 4c7ff3fe321a79229c0e0dce72984d99 python-tools-2.2.3-6.2.x86_64.rpm 08deff0b89091c57f0144c5aaf927226 tkinter-2.2.3-6.2.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/python-2.2.3-6.2.src.rpm ea0a594a03ff35318f6a3d3bdd9a1ff2 python-2.2.3-6.2.src.rpm i386: 46d0d18e436bb2bf42c34fb0da65cdf6 python-2.2.3-6.2.i386.rpm 40e37a5986f7f88186ca468bcd974ba2 python-devel-2.2.3-6.2.i386.rpm dd7a9164c3f54865af36131cb38bce80 python-tools-2.2.3-6.2.i386.rpm 841a5da3cd4c7d8a2c7ec0b497f73597 tkinter-2.2.3-6.2.i386.rpm ia64: f2814a1da58066eb9560f7900fa6292a python-2.2.3-6.2.ia64.rpm 88f6f071af2de3e2689e49db6b78bc34 python-devel-2.2.3-6.2.ia64.rpm d5abbc27fabe7ea02a4a9a26431ec48e python-tools-2.2.3-6.2.ia64.rpm e8e347fda6ed101646699a878a2dc85e tkinter-2.2.3-6.2.ia64.rpm x86_64: 46fa69fbcd41b500462ae09f25a13b1a python-2.2.3-6.2.x86_64.rpm 983cd05768622425281f641690a33391 python-devel-2.2.3-6.2.x86_64.rpm 4c7ff3fe321a79229c0e0dce72984d99 python-tools-2.2.3-6.2.x86_64.rpm 08deff0b89091c57f0144c5aaf927226 tkinter-2.2.3-6.2.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/python-2.3.4-14.2.src.rpm 42246fb8585568f21ecf335026122cc6 python-2.3.4-14.2.src.rpm i386: df466645c2b9d03c10142dd42300c683 python-2.3.4-14.2.i386.rpm ab486a34fb5153be5d8b6412ead9920e python-devel-2.3.4-14.2.i386.rpm 811a706ed8c3cfb9a0f9cdf202853143 python-docs-2.3.4-14.2.i386.rpm 3a062588a56a13ca30654d8a67bb97a3 python-tools-2.3.4-14.2.i386.rpm fcdfa8bbaeb5050c016001b3fefe7cd6 tkinter-2.3.4-14.2.i386.rpm ia64: 26c9831130c8626f38ae84e496f6cca9 python-2.3.4-14.2.ia64.rpm 2c5a9b6d51bce7e980169b709a1237da python-devel-2.3.4-14.2.ia64.rpm 2777ec9136a5c1c0110cb2f392e3ffa1 python-docs-2.3.4-14.2.ia64.rpm cb1232712381552d537f1c6083227b2a python-tools-2.3.4-14.2.ia64.rpm 4863fdbc3a593680bd0d73b51b9c7087 tkinter-2.3.4-14.2.ia64.rpm ppc: 5b394c4331164f44ca78e4765dcafa15 python-2.3.4-14.2.ppc.rpm 0b6dd3a7b075565c96311a0d1911b2f0 python-devel-2.3.4-14.2.ppc.rpm 7459f354f19a04d319782a2c36154f9e python-docs-2.3.4-14.2.ppc.rpm 8c89c25c09351e3bf4f65413a0a69a1e python-tools-2.3.4-14.2.ppc.rpm b3df223f69f097ef61316196d17ddb89 tkinter-2.3.4-14.2.ppc.rpm s390: 133dcaf2d283fd4b30edffff334f438a python-2.3.4-14.2.s390.rpm 5e274bbe1038ef1e83685a73f7572db7 python-devel-2.3.4-14.2.s390.rpm ca90dc87cd01cdde917db21af892e274 python-docs-2.3.4-14.2.s390.rpm f253e43910631e1c52f34b3cde491b8c python-tools-2.3.4-14.2.s390.rpm 31045fca98c7c5e43b13f6a1cfe3a1dc tkinter-2.3.4-14.2.s390.rpm s390x: 201785855ee123fb0acb668d01103569 python-2.3.4-14.2.s390x.rpm 800c98b7ad8d8de9ebe976acbf5f3a03 python-devel-2.3.4-14.2.s390x.rpm 585b25e9f5455b1d35844c45dead9a09 python-docs-2.3.4-14.2.s390x.rpm eb16cb00ab306f57d44142694c366811 python-tools-2.3.4-14.2.s390x.rpm 16a1018ef58c4febe6df4992a81b5853 tkinter-2.3.4-14.2.s390x.rpm x86_64: 6dc9edca56b561260f537627d46638e1 python-2.3.4-14.2.x86_64.rpm 3353ff1d1e4431840cd8494c3f5e1e1f python-devel-2.3.4-14.2.x86_64.rpm c7cf61a793b60840105b7e0cec85fbbe python-docs-2.3.4-14.2.x86_64.rpm 0a37ac1cc547a04030cd7125618bc639 python-tools-2.3.4-14.2.x86_64.rpm 0356f53a411b0459c2aa84d9aadfcaef tkinter-2.3.4-14.2.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/python-2.3.4-14.2.src.r pm 42246fb8585568f21ecf335026122cc6 python-2.3.4-14.2.src.rpm i386: df466645c2b9d03c10142dd42300c683 python-2.3.4-14.2.i386.rpm ab486a34fb5153be5d8b6412ead9920e python-devel-2.3.4-14.2.i386.rpm 811a706ed8c3cfb9a0f9cdf202853143 python-docs-2.3.4-14.2.i386.rpm 3a062588a56a13ca30654d8a67bb97a3 python-tools-2.3.4-14.2.i386.rpm fcdfa8bbaeb5050c016001b3fefe7cd6 tkinter-2.3.4-14.2.i386.rpm x86_64: 6dc9edca56b561260f537627d46638e1 python-2.3.4-14.2.x86_64.rpm 3353ff1d1e4431840cd8494c3f5e1e1f python-devel-2.3.4-14.2.x86_64.rpm c7cf61a793b60840105b7e0cec85fbbe python-docs-2.3.4-14.2.x86_64.rpm 0a37ac1cc547a04030cd7125618bc639 python-tools-2.3.4-14.2.x86_64.rpm 0356f53a411b0459c2aa84d9aadfcaef tkinter-2.3.4-14.2.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/python-2.3.4-14.2.src.rpm 42246fb8585568f21ecf335026122cc6 python-2.3.4-14.2.src.rpm i386: df466645c2b9d03c10142dd42300c683 python-2.3.4-14.2.i386.rpm ab486a34fb5153be5d8b6412ead9920e python-devel-2.3.4-14.2.i386.rpm 811a706ed8c3cfb9a0f9cdf202853143 python-docs-2.3.4-14.2.i386.rpm 3a062588a56a13ca30654d8a67bb97a3 python-tools-2.3.4-14.2.i386.rpm fcdfa8bbaeb5050c016001b3fefe7cd6 tkinter-2.3.4-14.2.i386.rpm ia64: 26c9831130c8626f38ae84e496f6cca9 python-2.3.4-14.2.ia64.rpm 2c5a9b6d51bce7e980169b709a1237da python-devel-2.3.4-14.2.ia64.rpm 2777ec9136a5c1c0110cb2f392e3ffa1 python-docs-2.3.4-14.2.ia64.rpm cb1232712381552d537f1c6083227b2a python-tools-2.3.4-14.2.ia64.rpm 4863fdbc3a593680bd0d73b51b9c7087 tkinter-2.3.4-14.2.ia64.rpm x86_64: 6dc9edca56b561260f537627d46638e1 python-2.3.4-14.2.x86_64.rpm 3353ff1d1e4431840cd8494c3f5e1e1f python-devel-2.3.4-14.2.x86_64.rpm c7cf61a793b60840105b7e0cec85fbbe python-docs-2.3.4-14.2.x86_64.rpm 0a37ac1cc547a04030cd7125618bc639 python-tools-2.3.4-14.2.x86_64.rpm 0356f53a411b0459c2aa84d9aadfcaef tkinter-2.3.4-14.2.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/python-2.3.4-14.2.src.rpm 42246fb8585568f21ecf335026122cc6 python-2.3.4-14.2.src.rpm i386: df466645c2b9d03c10142dd42300c683 python-2.3.4-14.2.i386.rpm ab486a34fb5153be5d8b6412ead9920e python-devel-2.3.4-14.2.i386.rpm 811a706ed8c3cfb9a0f9cdf202853143 python-docs-2.3.4-14.2.i386.rpm 3a062588a56a13ca30654d8a67bb97a3 python-tools-2.3.4-14.2.i386.rpm fcdfa8bbaeb5050c016001b3fefe7cd6 tkinter-2.3.4-14.2.i386.rpm ia64: 26c9831130c8626f38ae84e496f6cca9 python-2.3.4-14.2.ia64.rpm 2c5a9b6d51bce7e980169b709a1237da python-devel-2.3.4-14.2.ia64.rpm 2777ec9136a5c1c0110cb2f392e3ffa1 python-docs-2.3.4-14.2.ia64.rpm cb1232712381552d537f1c6083227b2a python-tools-2.3.4-14.2.ia64.rpm 4863fdbc3a593680bd0d73b51b9c7087 tkinter-2.3.4-14.2.ia64.rpm x86_64: 6dc9edca56b561260f537627d46638e1 python-2.3.4-14.2.x86_64.rpm 3353ff1d1e4431840cd8494c3f5e1e1f python-devel-2.3.4-14.2.x86_64.rpm c7cf61a793b60840105b7e0cec85fbbe python-docs-2.3.4-14.2.x86_64.rpm 0a37ac1cc547a04030cd7125618bc639 python-tools-2.3.4-14.2.x86_64.rpm 0356f53a411b0459c2aa84d9aadfcaef tkinter-2.3.4-14.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2491 8. Contact: The Red Hat security contact is details at https://www.redhat.com/security/team/contact/ - ------------------------------ Message: 2 Date: Thu, 9 Mar 2006 15:56:57 -0500 From: bugzilla@redhat.com Subject: [RHSA-2006:0262-01] Important: kdegraphics security update To: enterprise-watch-list@redhat.com Message-ID: <200603092056.k29Kuwcd023409@porkchop.devel.redhat.com> Content-Type: text/plain; charset=\"iso-8859-1\" - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: kdegraphics security update Advisory ID: RHSA-2006:0262-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0262.html Issue date: 2006-03-09 Updated on: 2006-03-09 Product: Red Hat Enterprise Linux Obsoletes: RHSA-2005:868 CVE Names: CVE-2006-0746 - - --------------------------------------------------------------------- 1. Summary: Updated kdegraphics packages that fully resolve a security issue in kpdf are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: The kdegraphics packages contain applications for the K Desktop Environment including kpdf, a PDF file viewer. Marcelo Ricardo Leitner discovered that a kpdf security fix, CVE-2005-3627, was incomplete. Red Hat issued kdegraphics packages with this incomplete fix in RHSA-2005:868. An attacker could construct a carefully crafted PDF file that could cause kpdf to crash or possibly execute arbitrary code when opened. The Common Vulnerabilities and Exposures project assigned the name CVE-2006-0746 to this issue. Users of kpdf should upgrade to these updated packages, which contain a backported patch to resolve this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 184307 - CVE-2006-0746 kpdf buffer overflow 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/kdegraphics-3.3.1-3.9.src.rp m 2122c40615954e8afc7f52a6f630885b kdegraphics-3.3.1-3.9.src.rpm i386: 61262d041570015941825522d4c52d6f kdegraphics-3.3.1-3.9.i386.rpm 99a093aef5554bcb04ebd288938b8598 kdegraphics-devel-3.3.1-3.9.i386.rpm ia64: e79b5a98bbceedf04652037eaf08b712 kdegraphics-3.3.1-3.9.ia64.rpm 0ac83c2dc0edfaed4049975bcdde8875 kdegraphics-devel-3.3.1-3.9.ia64.rpm ppc: e29d12dc045af9bba805a60c8348f839 kdegraphics-3.3.1-3.9.ppc.rpm b9ea1232be57e9a1cd16816f1ff23dc1 kdegraphics-devel-3.3.1-3.9.ppc.rpm s390: e4dd3d1e48c4c5cb1ef8c4176ce63af5 kdegraphics-3.3.1-3.9.s390.rpm 6eea4a51102edc69754260551e973550 kdegraphics-devel-3.3.1-3.9.s390.rpm s390x: efa16030f3945a7665559183d4fbb2c2 kdegraphics-3.3.1-3.9.s390x.rpm 04e7d043636a7df2fe69c19f2f57ee99 kdegraphics-devel-3.3.1-3.9.s390x.rpm x86_64: 9efeda23490049fea1957f07c340d9c8 kdegraphics-3.3.1-3.9.x86_64.rpm c74d43b414e511e26e8b8d5f78e3cf0c kdegraphics-devel-3.3.1-3.9.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/kdegraphics-3.3.1-3.9.s rc.rpm 2122c40615954e8afc7f52a6f630885b kdegraphics-3.3.1-3.9.src.rpm i386: 61262d041570015941825522d4c52d6f kdegraphics-3.3.1-3.9.i386.rpm 99a093aef5554bcb04ebd288938b8598 kdegraphics-devel-3.3.1-3.9.i386.rpm x86_64: 9efeda23490049fea1957f07c340d9c8 kdegraphics-3.3.1-3.9.x86_64.rpm c74d43b414e511e26e8b8d5f78e3cf0c kdegraphics-devel-3.3.1-3.9.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/kdegraphics-3.3.1-3.9.src.rp m 2122c40615954e8afc7f52a6f630885b kdegraphics-3.3.1-3.9.src.rpm i386: 61262d041570015941825522d4c52d6f kdegraphics-3.3.1-3.9.i386.rpm 99a093aef5554bcb04ebd288938b8598 kdegraphics-devel-3.3.1-3.9.i386.rpm ia64: e79b5a98bbceedf04652037eaf08b712 kdegraphics-3.3.1-3.9.ia64.rpm 0ac83c2dc0edfaed4049975bcdde8875 kdegraphics-devel-3.3.1-3.9.ia64.rpm x86_64: 9efeda23490049fea1957f07c340d9c8 kdegraphics-3.3.1-3.9.x86_64.rpm c74d43b414e511e26e8b8d5f78e3cf0c kdegraphics-devel-3.3.1-3.9.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/kdegraphics-3.3.1-3.9.src.rp m 2122c40615954e8afc7f52a6f630885b kdegraphics-3.3.1-3.9.src.rpm i386: 61262d041570015941825522d4c52d6f kdegraphics-3.3.1-3.9.i386.rpm 99a093aef5554bcb04ebd288938b8598 kdegraphics-devel-3.3.1-3.9.i386.rpm ia64: e79b5a98bbceedf04652037eaf08b712 kdegraphics-3.3.1-3.9.ia64.rpm 0ac83c2dc0edfaed4049975bcdde8875 kdegraphics-devel-3.3.1-3.9.ia64.rpm x86_64: 9efeda23490049fea1957f07c340d9c8 kdegraphics-3.3.1-3.9.x86_64.rpm c74d43b414e511e26e8b8d5f78e3cf0c kdegraphics-devel-3.3.1-3.9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3627 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0746 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ |
||||
編號260 | 公告主旨蘋果電腦2006-001 安全更新公告 | 公告單位 | 公告人員 | 公告時間2023-11-10 10:42:18 |
TW-CA-2006-032-[TA06-062A: Apple Mac Products are Affected by Multiple
Vulnerabilities] ──────────────────────────────────────── TWCERT/CC發布日期:2006-03-23 原漏洞發布日期:2006-03-03 原漏洞最新更新日期:-- 通用安全漏洞編號:, 分類:Dos,Miscellaneous 來源參考:TA06-062A ──── 簡述 ───────────────────────────────── 蘋果電腦公司釋出的 2006-001 安全更新公告已解決數個在 Mac OS X、Mac OS X 伺服器 、Safari 瀏覽器,和其他多項產品上的重大漏洞。最嚴重的漏洞可能允許\遠端攻擊者執 行任意程式碼。其他相關影響包含繞過安全驗證以及阻斷服務攻擊等。 ──── 說明 ───────────────────────────────── 蘋果電腦公司釋出的 2006-001 安全更新公告已解決數個在 Mac OS X、Mac OS X 伺服器 、Safari 瀏覽器,和其他多項產品上的重大漏洞。詳細資訊可參考下列公告: VU#999708 - 蘋果 Safari 瀏覽器自動執行任意 shell 指令或程式碼 蘋果 Safari 瀏覽器未能適當決定檔案安全,將可能導致遠端未經認證的攻擊者執行任意 程式或指令。(CVE-2006-0848) VU#351217 - 蘋果 Safari 瀏覽器的 Webkit 組件存在緩衝區溢位的弱點 蘋果 Safari 瀏覽器的 Webkit 組件存在緩衝區溢位的弱點。該漏洞可能允許\遠端攻擊者 執行任意程式碼或發起阻斷服務攻擊。(CVE-2005-4504) VU#176732 - 蘋果 Safari 瀏覽器的緩衝區溢位弱點 蘋果 Safari 瀏覽器存在堆疊式緩衝區溢位弱點。該漏洞可能允許\遠端攻擊者於受感染主 機上執行任意程式。(CVE-2006-0387) 除上述所列之弱點外,亦請多留意蘋果電腦公司釋出的 2006-001 安全更新通知。 ──── 影響平台 ─────────────────────────────── * Apple Mac OS X 10.3.9 版本(Panther) 和 10.4.5 版本(Tiger) * Apple Mac OS X 伺服器 10.3.9 版本,和 10.4.5 版本 * Apple Safari 瀏覽器 Mac OX S 的先前版本亦有可能有影響。請參照蘋果電腦公司釋出的 2006-001 安全更新 公告以獲得更詳盡資訊。 ──── 修正方式 ─────────────────────────────── 安裝更新 安裝蘋果電腦公司 2006-001 安全更新公告上所描述之更新檔案。此外,這些更新檔案亦 可透過蘋果電腦更新服務取得。 ──── 影響結果 ─────────────────────────────── 這些弱點所造成之影響可能有多種變化。欲得知特殊影響之相關資訊,請參照弱點公告。 潛在影響後果包含有遠端程式或指令執行、繞過安全驗證以及阻斷服務攻擊。 ──── 聯絡TWCERT/CC ───────────────────────────── Tel: 886-7-5250211 FAX: 886-7-5250212 886-2-23563303 886-2-23924082 Email: twcert@cert.org.tw URL: http://www.cert.org.tw/ PGP key: http://www.cert.org.tw/eng/pgp.htm ──────────────────────────────────────── 附件:[ Apple Mac Products are Affected by Multiple Vulnerabilities] ──── 原文 ───────────────────────────────── Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA06-062A Apple Mac Products are Affected by Multiple Vulnerabilities Original release date: March 3, 2006 Last revised: -- Source: US-CERT Systems Affected * Apple Mac OS X version 10.3.9 (Panther) and version 10.4.5 (Tiger) * Apple Mac OS X Server version 10.3.9 and version 10.4.5 * Apple Safari web browser Previous versions of Mac OS X may also be affected.Please see Apple Security Update 2006-001 for further information. Overview Apple has released Security Update 2006-001 to correct multiple vulnerabilities affecting Mac OS X, Mac OS X Server, Safari web browser, and other products. The most serious of these vulnerabilities may allow a remote attacker to execute arbitrary code. Impacts of other vulnerabilities include bypassing security restrictions and denial of service. I. Description Apple Security Update 2006-001 resolves a number of vulnerabilities affecting Mac OS X, OS X Server, Safari web browser, and other products. Further details are available in the following Vulnerability Notes: VU#999708 - Apple Safari automatically executes arbitrary shell commands or code Apple Safari fails to properly determine file safety, allowing a remote unauthenticated attacker to execute arbitrary commands or code. (CVE-2006-0848) VU#351217 - Apple Safari WebKit component vulnerable to buffer overflow Apple Safari WebKit component is vulnerable to buffer overflow. This vulnerability may allow are remote attacker to execute arbitrary code or cause a denial-of-service condition. (CVE-2005-4504) VU#176732 - Apple Safari vulnerable to buffer overflow Apple Safari is vulnerable to a stack-based buffer overflow. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. (CVE-2006-0387) Please note that Apple Security Update 2006-001 addresses additional vulnerabilities not described above. As further information becomes available, we will publish individual Vulnerability Notes. In addition, more information about VU#999708 is available in US-CERT Technical Cyber Security Alert TA06-053A. II. Impact The impacts of these vulnerabilities vary. For information about specific impacts, please see the Vulnerability Notes. Potential consequences include remote execution of arbitrary code or commands, bypass of security restrictions, and denial of service. III. Solution Install an update Install the update as described in Apple Security Update 2006-001. In addition, this update is available via Apple Update. Appendix A. References * US-CERT Vulnerability Note VU#999708 - * US-CERT Vulnerability Note VU#351217 - * US-CERT Vulnerability Note VU#176732 - * US-CERT Technical Cyber Security Alert TA06-053A - * Securing Your Web Browser - * Apple Security Update 2006-001 - * Mac OS X: Updating your software - ____________________________________________________________________ The most recent version of this document can be found at: ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit ____________________________________________________________________ Produced 2006 by US-CERT, a government organization. Terms of use: ____________________________________________________________________ Revision History March 3, 2006: Initial release |
||||
編號261 | 公告主旨office 以及 Excel 軟體上的重大弱點更新 | 公告單位 | 公告人員 | 公告時間2023-11-10 10:42:18 |
TW-CA-2006-037-[TA06-073A: Microsoft Office and Excel Vulnerabilities]
──────────────────────────────────────── TWCERT/CC發布日期:2006-03-23 原漏洞發布日期:2006-03-14 原漏洞最新更新日期:-- 通用安全漏洞編號:, 分類:Dos,Miscellaneous 來源參考:TA06-073A ──── 簡述 ───────────────────────────────── 微軟已釋出其於 office 以及 Excel 軟體上的重大弱點更新。若成功\利用這些弱點可能 允許\遠端未經授權攻擊者於受害主機執行任意程式或發起阻斷服務攻擊。 ──── 說明 ───────────────────────────────── 微軟於 2006 年 3 月之安全性公告摘錄了其在 office 及 Excel 上之弱點。若欲得知更詳 細資訊請參考 US-CERT 的弱點公告: VU#339878 - 微軟 Excel 在處理解析格式時之變形會造成記憶體損毀 微軟 Excel 有一個記憶體損毀的弱點存在。該弱點可能導致遠端執行者可在受害主機上執 行任意程式。(CVE-2006-0028) VU#104302 - 微軟 Excel 的變形資料可能有記憶體損毀弱點存在 微軟 Excel 未適當檢查資料的有效性。該弱點可能導致遠端執行者可在受害主機上執行任 意程式。(CVE-2006-0031) VU#123222 - 微軟 Excel 變形圖檔引起的記憶體損毀漏洞 微軟 Excel 未適當檢查圖形資料的有效性。該弱點可能導致遠端執行者可在受害主機上執 行任意程式。(CVE-2006-0030) VU#235774 - 微軟 Excel 變形描述引起的記憶體損毀漏洞 微軟 Excel 未適當檢查描述欄位的有效性。該弱點可能導致遠端執行者可在受害主機上執 行任意程式。(CVE-2006-0029) VU#642428 - 微軟 Excel 於解析檔案時,未適當處理有效範圍的弱點 微軟 Excel 存在一個範圍驗證的弱點,將可能導致遠端未經授權攻擊者於受害主機上執行 任意程式。(CVE-2005-4131) VU#682820 - 微軟 office 上 routing slip 的緩衝區溢位問題 微軟 office 於解析 routing slip 存在一個緩衝區溢位問題,將可能導致遠端攻擊者於受 感染主機上執行任意程式。(CVE-2006-0009) ──── 影響平台 ─────────────────────────────── * Microsoft Office for Windows and Mac OS X * Microsoft Excel for Windows and Mac OS X * Microsoft Works Suite for Windows 欲得知更完整資訊,請參考微軟於 2006 年 3 月發佈之安全性公告。 ──── 修正方式 ─────────────────────────────── ‧安裝更新 微軟已經釋出這些弱點的更新於安全佈告上和其更新網站上 ‧暫時修補方式 請參考如下之 US-CERT 安全佈告以進行修補 ──── 影響結果 ─────────────────────────────── 遠端未經授權攻擊者可以以使用者之權限執行任意程式。如果使用者是以管理者權限登錄, 攻擊者將可以取得受感染系統的完整控制。攻擊者亦可以發起阻斷服務攻擊。 ──── 聯絡TWCERT/CC ───────────────────────────── Tel: 886-7-5250211 FAX: 886-7-5250212 886-2-23563303 886-2-23924082 Email: twcert@cert.org.tw URL: http://www.cert.org.tw/ PGP key: http://www.cert.org.tw/eng/pgp.htm ──────────────────────────────────────── 附件:[ Microsoft Office and Excel Vulnerabilities Precedence: list] ──── 原文 ───────────────────────────────── Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA06-073A Microsoft Office and Excel Vulnerabilities Original release date: March 14, 2006 Last revised: -- Source: US-CERT Systems Affected * Microsoft Office for Windows and Mac OS X * Microsoft Excel for Windows and Mac OS X * Microsoft Works Suite for Windows For more complete information, refer to the Microsoft Security Bulletin Summary for March 2006. Overview Microsoft has released updates that address critical vulnerabilities in Microsoft Office and Excel. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system. I. Description Microsoft Security Bulletin Summary for March 2006 addresses vulnerabilities in Microsoft Office and Excel. Further information is available in the following US-CERT Vulnerability Notes: VU#339878 - Microsoft Excel malformed parsing format file memory corruption vulnerability Microsoft Excel contains a memory corruption vulnerability. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. (CVE-2006-0028) VU#104302 - Microsoft Excel malformed record memory corruption vulnerability Microsoft Excel fails to properly validate records. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. (CVE-2006-0031) VU#123222 - Microsoft Excel malformed graphic memory corruption vulnerability Microsoft Excel fails to properly validate graphics. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. (CVE-2006-0030) VU#235774 - Microsoft Excel malformed description memory corruption vulnerability Microsoft Excel fails to properly validate the description field. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. (CVE-2006-0029) VU#642428 - Microsoft Excel fails to properly perform range validation when parsing document files Microsoft Excel contains an error in range validation, which may allow a remote unauthenticated, attacker to execute arbitrary code on a vulnerable system. (CVE-2005-4131) VU#682820 - Microsoft Office routing slip buffer overflow Microsoft Office contains a buffer overflow in the parsing of routing slips, which may allow an attacker to execute arbitrary code on a vulnerable system. (CVE-2006-0009) II. Impact A remote, unauthenticated attacker could execute arbitrary code with the privileges of the user. If the user is logged on with administrative privileges, the attacker could take complete control of an affected system. An attacker may also be able to cause a denial of service. III. Solution Apply Updates Microsoft has provided the updates for these vulnerabilities in the Security Bulletins and on the Microsoft Update site. Workarounds Please see the following US-CERT Vulnerability Notes for workarounds. Appendix A. References * Microsoft Security Bulletin Summary for March 2006 - * US-CERT Vulnerability Note VU#339878 - * US-CERT Vulnerability Note VU#104302 - * US-CERT Vulnerability Note VU#123222 - * US-CERT Vulnerability Note VU#235774 - * US-CERT Vulnerability Note VU#642428 - * US-CERT Vulnerability Note VU#682820 - * CVE-2005-4131 - * CVE-2006-0009 - * CVE-2006-0028 - * CVE-2006-0029 - * CVE-2006-0030 - * CVE-2006-0031 - * Microsoft Update - ____________________________________________________________________ The most recent version of this document can be found at: ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit ____________________________________________________________________ Produced 2006 by US-CERT, a government organization. Terms of use: ____________________________________________________________________ Revision History March 14, 2006: Initial release |
||||
編號262 | 公告主旨 Red Hat Enterprise Linux 3 | 公告單位 | 公告人員 | 公告時間2023-11-10 10:42:18 |
TW-CA-2006-036-[RHSA-2006:0144-01: Updated kernel packages available for Red
Hat Enterprise Linux 3 Update 7] ──────────────────────────────────────── TWCERT/CC發布日期:2006-03-23 原漏洞發布日期:2006-03-15 原漏洞最新更新日期:-- 通用安全漏洞編號:CVE-2005-2458,CVE-2005-2801,CVE-2005-3276 分類:Dos,Gain Privilege,Info Leak 來源參考:RHSA-2006:0144-01 ──── 簡述 ───────────────────────────────── 更新 kernel 套件,為針對 Red Hat Enterprise Linux 3 持續支援與維護的一部分。 本次為第七次定期更新。 本安全通報被 Red Hat Security Response Team 列為中等安全影響。 ──── 說明 ───────────────────────────────── Linux kernel 處理作業系統的基本功\能。 這是 Red Hat Enterprise Linux 3 第七次定期核心更新。 本次更新介紹的新特性包含: -- 增加 bnx2, dell_rbu, and megaraid_sas 驅動程式。 -- 支援多核心、多執行緒的 Intel Itanium 處理器。 -- 升級 SATA subsystem 使其能支援 ATAPI 與 SMART。 -- 透過新的 numa_memory_allocator、arp_announce 與 printk_ratelimit 選擇調整核心參數設定值 (sysctls)。 核心中不同部份有許\多 bug fix,對於解決這些問題的持續性努力讓 Red Hat Enterprise Linux 3 在可靠度與延展性帶來顯著的改善。 下面將詳細列出許\多驅動程式更新與安全性修正,本次更新中其他受 bug fix 影響的主要 部分包括:網路子系統、VM 子系統、NPTL handling、autofs4、USB 系統、CPU enumeration 以及在 64-bit 的機器上處理 32-bit-exec-mode。 下列驅動程式已升級到新版本: aacraid -------- 1.1.5-2412 bnx2 ----------- 1.4.30 (new) dell_rbu ------- 2.1 (new) e1000 ---------- 6.1.16-k3 emulex --------- 7.3.3 fusion --------- 2.06.16.02 ipmi ----------- 35.11 megaraid2 ------ v2.10.10.1 megaraid_sas --- 00.00.02.00 (new) tg3 ------------ 3.43RH 下列安全上的漏洞已在本次更新修正: - gzip/zlib 處理核心內部存在的漏洞,允許\本地端使用者造成阻斷服務攻擊。 (CVE-2005-2458,為低度安全性影響)。 - ext3 EA/ACL 處理 attribute sharing 存在的漏洞,允許\本地端使用者取得權限。 (CVE-2005-2801,為中度安全性影響)。 - get_thread_area() 系統呼叫的輕微資訊洩漏,允許\本地端使用者檢視未初始化的核心 堆疊資料。(CVE-2005-3276,為低度安全性影響)。 請注意:未支援核心的套件包含各種不同的驅動程式與模組,由於未支援因此可能存在尚 未公開的安全性問題。 建議所有 Red Hat Enterprise Linux 3 使用者升級相對應的 kernel 套件,如此即不受 這些問題影響。 ──── 影響平台 ─────────────────────────────── ‧Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 ‧Red Hat Desktop version 3 - i386, x86_64 ‧Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 ‧Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 ──── 修正方式 ─────────────────────────────── 在安裝更新之前,確定已安裝之前所有跟系統相關的錯誤修正。使用 Red Hat Network 來 下載及更新套件,輸入以下指令啟動 Red Hat Update Agent: up2date 這將啟動一個互動的程序升級您系統上適當的 RPM。 已修正 Bug ID(詳見 http://bugzilla.redhat.com/): 112004 - pppd receives error \"Couldn\'t get channel number: bad address\" 112066 - RHEL3 U5: Support for SATA features of ICH6R (for U3, AHCI only) 117067 - RHEL3 U3: ICH6 SATA support in ACHI mode 122256 - RHEL3 U6: SATA ATAPI support (HW) 125642 - kernel\'s Makefile not suited for long directory paths 128015 - RHEL3 U4: SATA AHCI (ICH6) 129265 - kernel panic when repeatedly accessing /proc/bus/usb/devices and hot-swapping usb device 130387 - Processes with Large memory requirment causes swap usage with free memory is present. 130489 - kernel kills db2 processes because of OOM error on RHEL Update2 and Update3 130712 - RHEL3 U7: Add SMART capabilities to libata. 131295 - Hugepages configured on kernel boot line causes x86_64 kernel boot to fail with OOM. 132547 - oops when \"scsi add-single-device\" sent to /proc/scsi/scsi using aic7 9xx 134506 - [RHEL3 U3] kernel BUG at exit.c:620! 136583 - LTC18371- [RHEL3 U4]cpu_sibling_map[] is incorrect on x445/x440 137101 - \'noht\' does not work for ia32e 137344 - Cannot disable hyperthreading on x86_64 platform 137998 - autofs removes leading path components of /net mounts on timeout 138730 - LTC12369-In RHEL 3 U4 -- top command gave segmentation fault 142579 - Viper: install kernel panics on DP system with 4GB all on cpu#2 144033 - [RHEL3] poll() seems to ignore large timeout 145596 - SMART support in SATA driver 146663 - pl2303 kernel module doesn\'t work with \'Aten UC-232A\' 147870 - O_DIRECT to sparse areas of files give incomplete writes 150559 - Can\'t install RHEL3 on system with Adaptec AAR 1210SA SATA controller (sata_sil - siimage problem) 152103 - RHEL3 U5: rhgb-client shows illegal instruction and fails. 152650 - aacraid driver in RHEL 3 U4 em64t causes kernel panic 154028 - megaraid2 driver causes panic if loaded for a second time 154385 - Crash on relocated automounts with --bind 156396 - System crash when dump or tar 64k blocksize to tape from raid 156397 - LTC13414-32-bit ping6 on 64-bit kernel not working 156645 - [RHEL3 U5] fails to boot installer on multiple platforms 156987 - FEAT: RHEL3 U5: need hint pause in ia64 spinloops 156988 - FEAT RHEL3 U7 IPF - performance improvement for the system which CPEI occur continuously. 156999 - RHEL 3 U6: Support for cache identification through \'Deterministic Cache Parameters\' [cpuid(4)] 157006 - [ CRM 488904 ] driver update for Adaptec 2410SA needed (1.1.5-2361 > 1. 1.5-2371 or higher) 158819 - RHEL3 does not support USBDEVFS 32-bit ioctls on x86_64 158821 - Advanced server 3 ARP timeout messages 159326 - RSS limited to 1.8GB if process pinned to one CPU 159523 - [RHEL3] Does not boot on system with ACPI table crossing page boundary 159874 - [RHEL 3 U5] adding hotplug drive causes kernel panic 159977 - [RHEL3] vi --- files getting deleted 160009 - agpgart will not load for kernel 2.4.21-32 on tyan S2885 motherboard with AMD-8151 agp tunnel 160337 - Keyboard \"jammed\" during smp runlevel 5 boot on IBM HS20-8843 BladeServer 160539 - [RHEL3] hidden bomb of kmap_atomic/kunmap_atomic bug? 161056 - CVE-2005-2801 Lost ACLs on ext3 161160 - Reproducable panic in mdadm multipathing 161188 - Sometimes data/bss can be executable 161336 - xserver issue on blade center 161866 - Race condition accessing PCI config space 161875 - autofs doesn\'t remount if nfs server is unreachable at expire time 162065 - aacraid driver hangs if Adaptec 2230SLP array not optimal 162212 - st causes system hang and kernel panic when writing to tape on x86_64 162271 - Problem with b44: SIOCSIFFLAGS: Cannot allocate memory 162417 - (VM) Excessive swapping when free memory is ample 162683 - [RHEL3 and RHEL2.1] ps command core dump 162735 - LTC8356-LSB runtime testcase T.c_oflag_X failed [PATCH] 163176 - Endless loop printing traceback during kernel OOPs 163184 - Explain why the SCSI inquiry is not being returned from the sd for nearly 5 minutes 163239 - [RHEL3] change_page_attr may set _PAGE_NX for kernel code pages 163307 - LTC13178-panic on i5 - sys_ppc32.c 32 bit sys_recvmsg corrupting kernel data structures 163381 - RHEL3U5 x86-64 : xw9300 & numa=on swaps behaviour is unexpected 163901 - FEAT: RHEL3 U6: ia64 multi-core and multi-threading detection 163929 - [RHEL3] [x86_64/ia64] sys_time and sys_gettimeofday disagree 164206 - U5 beta encounters NMI watchdog on Celestica Quartet with 4 Opteron 875 dualcores 164304 - [RHEL3 U5] __wtd_down_from_wakeup not in EL3 ia64 tree 164438 - LTC12403-CMVC482920:I/O errors caused by eeh error injection-drive unavailable 164580 - NFS lockd deadlock 164795 - /usr/src/linux-2.4.21-32.EL/Documentation/networking/e100.txt contians bad info 164828 - RHEL 3 - request to add bnx2 driver 165006 - acct does not have Large File Support 165119 - FEAT RHEL3U7: Need Intel e1000 driver update for the Dell Ophir/Rimon based PCI-E NICs 165364 - SMP kernel does not honor boot parameter \"noht\" 165412 - [RHEL3] The system hangs when SysRq + c is pressed 165453 - Panic after ENXIO with usb-uhci 165475 - Problem removing a USB device 165680 - CVE-2005-2458 gzip/zlib flaws 165825 - Inquiry (sg) command hang after a write to tape with mptscsi driver 165989 - The msync(MS_SYNC) call should fail after cable pulled from scsi disk 166345 - HA NFS Cluster Problem 166363 - cciss disk dump hangs if module is ever unloaded/reloaded 166364 - Erratic behaviour when system fd limit reached 166578 - aacraid driver needs to be updated to support IBM ServeRAID 8i 166583 - aacraid driver needs to be updated to support IBM ServeRAID 8i 166600 - CRM619504: setrlimit RLIMIT_FSIZE limited to 32-bit values, even on 64- bit kernels 166669 - [RHEL3 U5] waitpid() returns unexpected ECHILD 167674 - RHEL3: need updated forcedeth.o driver? 167800 - CRM648268: kernel reporting init process cutime as very large negative value 167942 - FEAT RHEL3 U7: Need \'bnx2\' driver inclusion to support Broadcom 5708C B0 NIC and 5708S BO LOM 168226 - FEAT RHEL3 U7: LSI megaraid_sas driver 168293 - Potential netconsole regression in transmit path 168315 - LTC17567-Fields \'system_potential_processor\' and \'partition_max_entiteled_capacity\' fields are missing from lparcfg file 168358 - FEAT RHEL3 U7: ipmi driver speedup patch 168359 - FEAT RHEL3 U7: ipmi_poweroff driver update for Dell <8G servers 168390 - Large O_DIRECT write will hang system (MPT fusion) 168392 - kill -6 of multi-threaded application takes 30 minutes to finish 168474 - FEAT RHEL3-U7: Support for HT1000 IDE chipset needed 168541 - RHEL3 U7: x86_64: Remove unique APIC/IO-APIC ID check 168581 - RH EL 3 U7: add support for Broadcom 5714 and 5715C NICs 168597 - FEAT RHEL3 U7: add dell_rbu driver for Dell BIOS updates 168603 - FEAT RHEL3 U7: Need TG3 update to support Broadcom 5721 C1 stepping 168681 - kernel BUG at page_alloc.c:391! 168780 - CVE-2005-3276 sys_get_thread_area minor info leak 168795 - RHEL3U7: ipmi driver fix for PE2650 168896 - LSI MegaRAID RHEL3 Feature - Updated SCSI driver submission 169230 - nfs client: handle long symlinks properly 169294 - [RHEL3 U6] __copy_user/memcpy causes random kernel panic on IA-64 systems 169393 - CRM# 685278 scsi scan not seeing all luns when one lun removed 169511 - [RHEL3] \'getpriority/setpriority\' broken with PRIO_USER, who=0 169662 - [RHEL3 U5] Performance problem while extracting tarballs on Fujitsu Siemens Computing D1409, Adaptec S30 array, connected to an aacraid controller. 169992 - LTC18779-Lost dirty bit in kernel memory managment [PATCH] 170429 - RHEL-3: \'physical id\' field in /proc/cpuinfo incorrect on AMD-64 hosts 170440 - [RHEL3 U5] Kernel crashing, multiple panics in aacraid driver 170446 - [RHEL3 U7] netdump hangs in processing of CPU stop after diskdump failed. 170529 - LTC17955-82222: Support for Serverworks chipset HT2000 Ethernet Driver (BCM5700 & TG3) 170561 - Broadcom 5706/5708 support 170633 - System Stops responding with \"queue 6 full\" messages 171129 - RedHat / XW9300 / system panic when logout from GNOME with USB mouse 171377 - LTC18818-pfault interupt race 172233 - rename(2) onto an empty directory fails on NFS file systems 172334 - Invalid message \'Aieee!!! Remote IRR still set after unlock\' 172664 - Updated header file with modified author permissions 173280 - New icache prune export 174005 - Update Emulex lpfc driver for RHEL 3 175017 - Assertion failed! idx >= ARRAY_SIZE(xfer_mode_str),libata-core.c,ata_dev_set_mode,line=1673 175154 - [RHEL3 U6] IOs hang in __wait_on_buffer when segments > 170 175211 - Multicast domain membership doesn\'t follow bonding failover 175365 - LTC19816-Cannot see a concho adapter on U7 kernel 175624 - [RHEL3 U7 PATCH] LSI PCI Express chips to operate properly 175625 - [RHEL3 U7] x86-64: Can\'t boot with 16 logical processors 175767 - Installer appears to hang when loading mptbase module 176264 - x366 NMI error logged in infinite loop - [crm#769552] Possible regression U7 beta 177023 - CRM 724200: when an active USB serial port device is removed, the system panics and locks up. 177573 - autofs doesn\'t attempt to remount failed mount points 177691 - negative dentry caching causes long delay when dentry becomes valid 179168 - RHEL3U7Beta-32: Booting/Installing with SATA ATAPI Optical panics RPM 需求: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/kernel-2.4.21-40.EL.src.rpm e2e271472a3605dcef9f8b48ddb7cfe9 kernel-2.4.21-40.EL.src.rpm i386: 14e451648c26efc912a3480708afee6f kernel-2.4.21-40.EL.athlon.rpm 67b81d592f5f1d9118c0b4aa98747c90 kernel-2.4.21-40.EL.i686.rpm cfed1327615c0e1456824b605c9b3469 kernel-BOOT-2.4.21-40.EL.i386.rpm 408e8ce5096ab61b75207e32085345f7 kernel-doc-2.4.21-40.EL.i386.rpm 31d4f639796879e49778e1bd01410a44 kernel-hugemem-2.4.21-40.EL.i686.rpm 719d373fed84087a92493140cd1456f2 kernel-hugemem-unsupported-2.4.21-40.EL.i686.rpm e550c1f5343851f18e1e5d7123b16926 kernel-smp-2.4.21-40.EL.athlon.rpm 8060d4e95fa2b7d5978ac482a8494046 kernel-smp-2.4.21-40.EL.i686.rpm 7a1eba47dadfb769ab5dd21e87544dcb kernel-smp-unsupported-2.4.21-40.EL.athlon.rpm 2f169daf9e95f6f602415d50a24befb9 kernel-smp-unsupported-2.4.21-40.EL.i686.rpm 07436903a9cc39b8efc50be1e4abd2b5 kernel-source-2.4.21-40.EL.i386.rpm 40c1b82a9b3666833ef51f842adce559 kernel-unsupported-2.4.21-40.EL.athlon.rpm 23e18c3df38f90ea739e96b575c66a2a kernel-unsupported-2.4.21-40.EL.i686.rpm ia64: 33b14be75af35da7f94a563221eacc38 kernel-2.4.21-40.EL.ia64.rpm 2b2bc1f22c92a4fe7f71e3968d813b78 kernel-doc-2.4.21-40.EL.ia64.rpm 49362afb80039e121aebe71eb5241324 kernel-source-2.4.21-40.EL.ia64.rpm ccbc19bdd003091f169a81785f4a4c9f kernel-unsupported-2.4.21-40.EL.ia64.rpm ppc: 0c884c5fe5e68a6cca7c3e231c76acf1 kernel-2.4.21-40.EL.ppc64iseries.rpm 727ba8f6af1e68e5273de1ac5d3a9171 kernel-2.4.21-40.EL.ppc64pseries.rpm db8ff98e0171858cc05844054b41acdb kernel-doc-2.4.21-40.EL.ppc64.rpm 4ce9594cc5ed4d04377dbab4c5311ab8 kernel-source-2.4.21-40.EL.ppc64.rpm 61160a740f2cb4524a7158c88ec3cfd6 kernel-unsupported-2.4.21-40.EL.ppc64iseries.rpm 10ad4f084a88852c7ffec55f1f3bc070 kernel-unsupported-2.4.21-40.EL.ppc64pseries.rpm s390: 0e7dba799a5ed476da0da336e7625e16 kernel-2.4.21-40.EL.s390.rpm dc94a3fdb3835f8048809f555c890610 kernel-doc-2.4.21-40.EL.s390.rpm 5e6eb60def92b2868e8239c792e48494 kernel-source-2.4.21-40.EL.s390.rpm f9fa02a27db6f9965e4a0ba5f47ea649 kernel-unsupported-2.4.21-40.EL.s390.rpm s390x: b50d69f24f9a62f849166f1ccd13ca9b kernel-2.4.21-40.EL.s390x.rpm 37d3e304a14f3d242d9039a322540cc7 kernel-doc-2.4.21-40.EL.s390x.rpm a86d006944328ae7e367a9a8c2ef3047 kernel-source-2.4.21-40.EL.s390x.rpm b0421eb10246317025cde9f58615a81b kernel-unsupported-2.4.21-40.EL.s390x.rpm x86_64: 01537d12eb0a242c0cf0ff267bcd5510 kernel-2.4.21-40.EL.ia32e.rpm a1f13fd01729150df9d9a9d9aeac2e1c kernel-2.4.21-40.EL.x86_64.rpm f5dc5548051bb90856f9307254234124 kernel-doc-2.4.21-40.EL.x86_64.rpm 1e4526ceb8f3d7f24628e1de2aaea3d5 kernel-smp-2.4.21-40.EL.x86_64.rpm d2973934a286be55ff03aa79b1af75aa kernel-smp-unsupported-2.4.21-40.EL.x86_64.rpm a6035139fb318a72cea565cd6e2202e0 kernel-source-2.4.21-40.EL.x86_64.rpm ca0ca2170dc264dfbadf10f069075ac7 kernel-unsupported-2.4.21-40.EL.ia32e.rpm 3291254144c2a125e2ee84d6e20e02a8 kernel-unsupported-2.4.21-40.EL.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/kernel-2.4.21-40.EL.src .rpm e2e271472a3605dcef9f8b48ddb7cfe9 kernel-2.4.21-40.EL.src.rpm i386: 14e451648c26efc912a3480708afee6f kernel-2.4.21-40.EL.athlon.rpm 67b81d592f5f1d9118c0b4aa98747c90 kernel-2.4.21-40.EL.i686.rpm cfed1327615c0e1456824b605c9b3469 kernel-BOOT-2.4.21-40.EL.i386.rpm 408e8ce5096ab61b75207e32085345f7 kernel-doc-2.4.21-40.EL.i386.rpm 31d4f639796879e49778e1bd01410a44 kernel-hugemem-2.4.21-40.EL.i686.rpm 719d373fed84087a92493140cd1456f2 kernel-hugemem-unsupported-2.4.21-40.EL.i686.rpm e550c1f5343851f18e1e5d7123b16926 kernel-smp-2.4.21-40.EL.athlon.rpm 8060d4e95fa2b7d5978ac482a8494046 kernel-smp-2.4.21-40.EL.i686.rpm 7a1eba47dadfb769ab5dd21e87544dcb kernel-smp-unsupported-2.4.21-40.EL.athlon.rpm 2f169daf9e95f6f602415d50a24befb9 kernel-smp-unsupported-2.4.21-40.EL.i686.rpm 07436903a9cc39b8efc50be1e4abd2b5 kernel-source-2.4.21-40.EL.i386.rpm 40c1b82a9b3666833ef51f842adce559 kernel-unsupported-2.4.21-40.EL.athlon.rpm 23e18c3df38f90ea739e96b575c66a2a kernel-unsupported-2.4.21-40.EL.i686.rpm x86_64: 01537d12eb0a242c0cf0ff267bcd5510 kernel-2.4.21-40.EL.ia32e.rpm a1f13fd01729150df9d9a9d9aeac2e1c kernel-2.4.21-40.EL.x86_64.rpm f5dc5548051bb90856f9307254234124 kernel-doc-2.4.21-40.EL.x86_64.rpm 1e4526ceb8f3d7f24628e1de2aaea3d5 kernel-smp-2.4.21-40.EL.x86_64.rpm d2973934a286be55ff03aa79b1af75aa kernel-smp-unsupported-2.4.21-40.EL.x86_64.rpm a6035139fb318a72cea565cd6e2202e0 kernel-source-2.4.21-40.EL.x86_64.rpm ca0ca2170dc264dfbadf10f069075ac7 kernel-unsupported-2.4.21-40.EL.ia32e.rpm 3291254144c2a125e2ee84d6e20e02a8 kernel-unsupported-2.4.21-40.EL.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/kernel-2.4.21-40.EL.src.rpm e2e271472a3605dcef9f8b48ddb7cfe9 kernel-2.4.21-40.EL.src.rpm i386: 14e451648c26efc912a3480708afee6f kernel-2.4.21-40.EL.athlon.rpm 67b81d592f5f1d9118c0b4aa98747c90 kernel-2.4.21-40.EL.i686.rpm cfed1327615c0e1456824b605c9b3469 kernel-BOOT-2.4.21-40.EL.i386.rpm 408e8ce5096ab61b75207e32085345f7 kernel-doc-2.4.21-40.EL.i386.rpm 31d4f639796879e49778e1bd01410a44 kernel-hugemem-2.4.21-40.EL.i686.rpm 719d373fed84087a92493140cd1456f2 kernel-hugemem-unsupported-2.4.21-40.EL.i686.rpm e550c1f5343851f18e1e5d7123b16926 kernel-smp-2.4.21-40.EL.athlon.rpm 8060d4e95fa2b7d5978ac482a8494046 kernel-smp-2.4.21-40.EL.i686.rpm 7a1eba47dadfb769ab5dd21e87544dcb kernel-smp-unsupported-2.4.21-40.EL.athlon.rpm 2f169daf9e95f6f602415d50a24befb9 kernel-smp-unsupported-2.4.21-40.EL.i686.rpm 07436903a9cc39b8efc50be1e4abd2b5 kernel-source-2.4.21-40.EL.i386.rpm 40c1b82a9b3666833ef51f842adce559 kernel-unsupported-2.4.21-40.EL.athlon.rpm 23e18c3df38f90ea739e96b575c66a2a kernel-unsupported-2.4.21-40.EL.i686.rpm ia64: 33b14be75af35da7f94a563221eacc38 kernel-2.4.21-40.EL.ia64.rpm 2b2bc1f22c92a4fe7f71e3968d813b78 kernel-doc-2.4.21-40.EL.ia64.rpm 49362afb80039e121aebe71eb5241324 kernel-source-2.4.21-40.EL.ia64.rpm ccbc19bdd003091f169a81785f4a4c9f kernel-unsupported-2.4.21-40.EL.ia64.rpm x86_64: 01537d12eb0a242c0cf0ff267bcd5510 kernel-2.4.21-40.EL.ia32e.rpm a1f13fd01729150df9d9a9d9aeac2e1c kernel-2.4.21-40.EL.x86_64.rpm f5dc5548051bb90856f9307254234124 kernel-doc-2.4.21-40.EL.x86_64.rpm 1e4526ceb8f3d7f24628e1de2aaea3d5 kernel-smp-2.4.21-40.EL.x86_64.rpm d2973934a286be55ff03aa79b1af75aa kernel-smp-unsupported-2.4.21-40.EL.x86_64.rpm a6035139fb318a72cea565cd6e2202e0 kernel-source-2.4.21-40.EL.x86_64.rpm ca0ca2170dc264dfbadf10f069075ac7 kernel-unsupported-2.4.21-40.EL.ia32e.rpm 3291254144c2a125e2ee84d6e20e02a8 kernel-unsupported-2.4.21-40.EL.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/kernel-2.4.21-40.EL.src.rpm e2e271472a3605dcef9f8b48ddb7cfe9 kernel-2.4.21-40.EL.src.rpm i386: 14e451648c26efc912a3480708afee6f kernel-2.4.21-40.EL.athlon.rpm 67b81d592f5f1d9118c0b4aa98747c90 kernel-2.4.21-40.EL.i686.rpm cfed1327615c0e1456824b605c9b3469 kernel-BOOT-2.4.21-40.EL.i386.rpm 408e8ce5096ab61b75207e32085345f7 kernel-doc-2.4.21-40.EL.i386.rpm 31d4f639796879e49778e1bd01410a44 kernel-hugemem-2.4.21-40.EL.i686.rpm 719d373fed84087a92493140cd1456f2 kernel-hugemem-unsupported-2.4.21-40.EL.i686.rpm e550c1f5343851f18e1e5d7123b16926 kernel-smp-2.4.21-40.EL.athlon.rpm 8060d4e95fa2b7d5978ac482a8494046 kernel-smp-2.4.21-40.EL.i686.rpm 7a1eba47dadfb769ab5dd21e87544dcb kernel-smp-unsupported-2.4.21-40.EL.athlon.rpm 2f169daf9e95f6f602415d50a24befb9 kernel-smp-unsupported-2.4.21-40.EL.i686.rpm 07436903a9cc39b8efc50be1e4abd2b5 kernel-source-2.4.21-40.EL.i386.rpm 40c1b82a9b3666833ef51f842adce559 kernel-unsupported-2.4.21-40.EL.athlon.rpm 23e18c3df38f90ea739e96b575c66a2a kernel-unsupported-2.4.21-40.EL.i686.rpm ia64: 33b14be75af35da7f94a563221eacc38 kernel-2.4.21-40.EL.ia64.rpm 2b2bc1f22c92a4fe7f71e3968d813b78 kernel-doc-2.4.21-40.EL.ia64.rpm 49362afb80039e121aebe71eb5241324 kernel-source-2.4.21-40.EL.ia64.rpm ccbc19bdd003091f169a81785f4a4c9f kernel-unsupported-2.4.21-40.EL.ia64.rpm x86_64: 01537d12eb0a242c0cf0ff267bcd5510 kernel-2.4.21-40.EL.ia32e.rpm a1f13fd01729150df9d9a9d9aeac2e1c kernel-2.4.21-40.EL.x86_64.rpm f5dc5548051bb90856f9307254234124 kernel-doc-2.4.21-40.EL.x86_64.rpm 1e4526ceb8f3d7f24628e1de2aaea3d5 kernel-smp-2.4.21-40.EL.x86_64.rpm d2973934a286be55ff03aa79b1af75aa kernel-smp-unsupported-2.4.21-40.EL.x86_64.rpm a6035139fb318a72cea565cd6e2202e0 kernel-source-2.4.21-40.EL.x86_64.rpm ca0ca2170dc264dfbadf10f069075ac7 kernel-unsupported-2.4.21-40.EL.ia32e.rpm 3291254144c2a125e2ee84d6e20e02a8 kernel-unsupported-2.4.21-40.EL.x86_64.rpm 這些套件基於安全理由,均由 Red Hat 公司使用 GPG 簽章,可至下列網址取得 key: https://www.redhat.com/security/team/key/#package ──── 影響結果 ─────────────────────────────── ──── 聯絡TWCERT/CC ───────────────────────────── Tel: 886-7-5250211 FAX: 886-7-5250212 886-2-23563303 886-2-23924082 Email: twcert@cert.org.tw URL: http://www.cert.org.tw/ PGP key: http://www.cert.org.tw/eng/pgp.htm ──────────────────────────────────────── 附件:[Updated kernel packages available for Red Hat Enterprise Linux 3 Update 7] ──── 原文 ───────────────────────────────── - - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Updated kernel packages available for Red Hat Enterprise Linux 3 Update 7 Advisory ID: RHSA-2006:0144-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0144.html Issue date: 2006-03-15 Updated on: 2006-03-15 Product: Red Hat Enterprise Linux Obsoletes: RHSA-2006:0140 CVE Names: CVE-2005-2458 CVE-2005-2801 CVE-2005-3276 - - --------------------------------------------------------------------- 1. Summary: Updated kernel packages are now available as part of ongoing support and maintenance of Red Hat Enterprise Linux version 3. This is the seventh regular update. This security advisory has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: The Linux kernel handles the basic functions of the operating system. This is the seventh regular kernel update to Red Hat Enterprise Linux 3. New features introduced by this update include: - addition of the bnx2, dell_rbu, and megaraid_sas device drivers - support for multi-core, multi-threaded Intel Itanium processors - upgrade of the SATA subsystem to include ATAPI and SMART support - optional tuning via the new numa_memory_allocator, arp_announce, and printk_ratelimit sysctls There were many bug fixes in various parts of the kernel. The ongoing effort to resolve these problems has resulted in a marked improvement in the reliability and scalability of Red Hat Enterprise Linux 3. There were numerous driver updates and security fixes (elaborated below). Other key areas affected by fixes in this update include the networking subsystem, the VM subsystem, NPTL handling, autofs4, the USB subsystem, CPU enumeration, and 32-bit-exec-mode handling on 64-bit architectures. The following device drivers have been upgraded to new versions: aacraid -------- 1.1.5-2412 bnx2 ----------- 1.4.30 (new) dell_rbu ------- 2.1 (new) e1000 ---------- 6.1.16-k3 emulex --------- 7.3.3 fusion --------- 2.06.16.02 ipmi ----------- 35.11 megaraid2 ------ v2.10.10.1 megaraid_sas --- 00.00.02.00 (new) tg3 ------------ 3.43RH The following security bugs were fixed in this update: - a flaw in gzip/zlib handling internal to the kernel that allowed a local user to cause a denial of service (crash) (CVE-2005-2458,low) - a flaw in ext3 EA/ACL handling of attribute sharing that allowed a local user to gain privileges (CVE-2005-2801, moderate) - a minor info leak with the get_thread_area() syscall that allowed a local user to view uninitialized kernel stack data (CVE-2005-3276, low) Note: The kernel-unsupported package contains various drivers and modules that are unsupported and therefore might contain security problems that have not been addressed. All Red Hat Enterprise Linux 3 users are advised to upgrade their kernels to the packages associated with their machine architectures and configurations as listed in this erratum. 4. Solution: Before applying this update, make sure that all previously released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 112004 - pppd receives error \"Couldn get channel number: bad address\" 112066 - RHEL3 U5: Support for SATA features of ICH6R (for U3, AHCI only) 117067 - RHEL3 U3: ICH6 SATA support in ACHI mode 122256 - RHEL3 U6: SATA ATAPI support (HW) 125642 - kernels Makefile not suited for long directory paths 128015 - RHEL3 U4: SATA AHCI (ICH6) 129265 - kernel panic when repeatedly accessing /proc/bus/usb/devices and hot-swapping usb device 130387 - Processes with Large memory requirment causes swap usage with free memory is present. 130489 - kernel kills db2 processes because of OOM error on RHEL Update2 and Update3 130712 - RHEL3 U7: Add SMART capabilities to libata. 131295 - Hugepages configured on kernel boot line causes x86_64 kernel boot to fail with OOM. 132547 - oops when \"scsi add-single-device\" sent to /proc/scsi/scsi using aic7 9xx 134506 - [RHEL3 U3] kernel BUG at exit.c:620! 136583 - LTC18371- [RHEL3 U4]cpu_sibling_map[] is incorrect on x445/x440 137101 - oht does not work for ia32e 137344 - Cannot disable hyperthreading on x86_64 platform 137998 - autofs removes leading path components of /net mounts on timeout 138730 - LTC12369-In RHEL 3 U4 -- top command gave segmentation fault 142579 - Viper: install kernel panics on DP system with 4GB all on cpu#2 144033 - [RHEL3] poll() seems to ignore large timeout 145596 - SMART support in SATA driver 146663 - pl2303 kernel module doesn work with Aten UC-232A 147870 - O_DIRECT to sparse areas of files give incomplete writes 150559 - Can install RHEL3 on system with Adaptec AAR 1210SA SATA controller (sata_sil - siimage problem) 152103 - RHEL3 U5: rhgb-client shows illegal instruction and fails. 152650 - aacraid driver in RHEL 3 U4 em64t causes kernel panic 154028 - megaraid2 driver causes panic if loaded for a second time 154385 - Crash on relocated automounts with --bind 156396 - System crash when dump or tar 64k blocksize to tape from raid 156397 - LTC13414-32-bit ping6 on 64-bit kernel not working 156645 - [RHEL3 U5] fails to boot installer on multiple platforms 156987 - FEAT: RHEL3 U5: need hint@pause in ia64 spinloops 156988 - FEAT RHEL3 U7 IPF - performance improvement for the system which CPEI occur continuously. 156999 - RHEL 3 U6: Support for cache identification through Deterministic Cache Parameters [cpuid(4)] 157006 - [ CRM 488904 ] driver update for Adaptec 2410SA needed (1.1.5-2361 > 1. 1.5-2371 or higher) 158819 - RHEL3 does not support USBDEVFS 32-bit ioctls on x86_64 158821 - Advanced server 3 ARP timeout messages 159326 - RSS limited to 1.8GB if process pinned to one CPU 159523 - [RHEL3] Does not boot on system with ACPI table crossing page boundary 159874 - [RHEL 3 U5] adding hotplug drive causes kernel panic 159977 - [RHEL3] vi --- files getting deleted 160009 - agpgart will not load for kernel 2.4.21-32 on tyan S2885 motherboard with AMD-8151 agp tunnel 160337 - Keyboard \"jammed\" during smp runlevel 5 boot on IBM HS20-8843 BladeServer 160539 - [RHEL3] hidden bomb of kmap_atomic/kunmap_atomic bug? 161056 - CVE-2005-2801 Lost ACLs on ext3 161160 - Reproducable panic in mdadm multipathing 161188 - Sometimes data/bss can be executable 161336 - xserver issue on blade center 161866 - Race condition accessing PCI config space 161875 - autofs doesn remount if nfs server is unreachable at expire time 162065 - aacraid driver hangs if Adaptec 2230SLP array not optimal 162212 - st causes system hang and kernel panic when writing to tape on x86_64 162271 - Problem with b44: SIOCSIFFLAGS: Cannot allocate memory 162417 - (VM) Excessive swapping when free memory is ample 162683 - [RHEL3 and RHEL2.1] ps command core dump 162735 - LTC8356-LSB runtime testcase T.c_oflag_X failed [PATCH] 163176 - Endless loop printing traceback during kernel OOPs 163184 - Explain why the SCSI inquiry is not being returned from the sd for nearly 5 minutes 163239 - [RHEL3] change_page_attr may set _PAGE_NX for kernel code pages 163307 - LTC13178-panic on i5 - sys_ppc32.c 32 bit sys_recvmsg corrupting kernel data structures 163381 - RHEL3U5 x86-64 : xw9300 & numa=on swaps behaviour is unexpected 163901 - FEAT: RHEL3 U6: ia64 multi-core and multi-threading detection 163929 - [RHEL3] [x86_64/ia64] sys_time and sys_gettimeofday disagree 164206 - U5 beta encounters NMI watchdog on Celestica Quartet with 4 Opteron 875 dualcores 164304 - [RHEL3 U5] __wtd_down_from_wakeup not in EL3 ia64 tree 164438 - LTC12403-CMVC482920:I/O errors caused by eeh error injection-drive unavailable 164580 - NFS lockd deadlock 164795 - /usr/src/linux-2.4.21-32.EL/Documentation/networking/e100.txt contians bad info 164828 - RHEL 3 - request to add bnx2 driver 165006 - acct does not have Large File Support 165119 - FEAT RHEL3U7: Need Intel e1000 driver update for the Dell Ophir/Rimon based PCI-E NICs 165364 - SMP kernel does not honor boot parameter \"noht\" 165412 - [RHEL3] The system hangs when SysRq + c is pressed 165453 - Panic after ENXIO with usb-uhci 165475 - Problem removing a USB device 165680 - CVE-2005-2458 gzip/zlib flaws 165825 - Inquiry (sg) command hang after a write to tape with mptscsi driver 165989 - The msync(MS_SYNC) call should fail after cable pulled from scsi disk 166345 - HA NFS Cluster Problem 166363 - cciss disk dump hangs if module is ever unloaded/reloaded 166364 - Erratic behaviour when system fd limit reached 166578 - aacraid driver needs to be updated to support IBM ServeRAID 8i 166583 - aacraid driver needs to be updated to support IBM ServeRAID 8i 166600 - CRM619504: setrlimit RLIMIT_FSIZE limited to 32-bit values, even on 64- bit kernels 166669 - [RHEL3 U5] waitpid() returns unexpected ECHILD 167674 - RHEL3: need updated forcedeth.o driver? 167800 - CRM648268: kernel reporting init process cutime as very large negative value 167942 - FEAT RHEL3 U7: Need nx2 driver inclusion to support Broadcom 5708C B0 NIC and 5708S BO LOM 168226 - FEAT RHEL3 U7: LSI megaraid_sas driver 168293 - Potential netconsole regression in transmit path 168315 - LTC17567-Fields system_potential_processor and partition_max_entiteled_ capacity fields are missing from lparcfg file 168358 - FEAT RHEL3 U7: ipmi driver speedup patch 168359 - FEAT RHEL3 U7: ipmi_poweroff driver update for Dell <8G servers 168390 - Large O_DIRECT write will hang system (MPT fusion) 168392 - kill -6 of multi-threaded application takes 30 minutes to finish 168474 - FEAT RHEL3-U7: Support for HT1000 IDE chipset needed 168541 - RHEL3 U7: x86_64: Remove unique APIC/IO-APIC ID check 168581 - RH EL 3 U7: add support for Broadcom 5714 and 5715C NICs 168597 - FEAT RHEL3 U7: add dell_rbu driver for Dell BIOS updates 168603 - FEAT RHEL3 U7: Need TG3 update to support Broadcom 5721 C1 stepping 168681 - kernel BUG at page_alloc.c:391! 168780 - CVE-2005-3276 sys_get_thread_area minor info leak 168795 - RHEL3U7: ipmi driver fix for PE2650 168896 - LSI MegaRAID RHEL3 Feature - Updated SCSI driver submission 169230 - nfs client: handle long symlinks properly 169294 - [RHEL3 U6] __copy_user/memcpy causes random kernel panic on IA-64 systems 169393 - CRM# 685278 scsi scan not seeing all luns when one lun removed 169511 - [RHEL3] getpriority/setpriority broken with PRIO_USER, who=0 169662 - [RHEL3 U5] Performance problem while extracting tarballs on Fujitsu Siemens Computing D1409, Adaptec S30 array, connected to an aacraid controller. 169992 - LTC18779-Lost dirty bit in kernel memory managment [PATCH] 170429 - RHEL-3: physical id field in /proc/cpuinfo incorrect on AMD-64 hosts 170440 - [RHEL3 U5] Kernel crashing, multiple panics in aacraid driver 170446 - [RHEL3 U7] netdump hangs in processing of CPU stop after diskdump failed. 170529 - LTC17955-82222: Support for Serverworks chipset HT2000 Ethernet Driver (BCM5700 & TG3) 170561 - Broadcom 5706/5708 support 170633 - System Stops responding with \"queue 6 full\" messages 171129 - RedHat / XW9300 / system panic when logout from GNOME with USB mouse 171377 - LTC18818-pfault interupt race 172233 - rename(2) onto an empty directory fails on NFS file systems 172334 - Invalid message Aieee!!! Remote IRR still set after unlock 172664 - Updated header file with modified author permissions 173280 - New icache prune export 174005 - Update Emulex lpfc driver for RHEL 3 175017 - Assertion failed! idx >= ARRAY_SIZE(xfer_mode_str),libata-core.c,ata_dev_set_mode,line=1673 175154 - [RHEL3 U6] IOs hang in __wait_on_buffer when segments > 170 175211 - Multicast domain membership doesn follow bonding failover 175365 - LTC19816-Cannot see a concho adapter on U7 kernel 175624 - [RHEL3 U7 PATCH] LSI PCI Express chips to operate properly 175625 - [RHEL3 U7] x86-64: Can boot with 16 logical processors 175767 - Installer appears to hang when loading mptbase module 176264 - x366 NMI error logged in infinite loop - [crm#769552] Possible regression U7 beta 177023 - CRM 724200: when an active USB serial port device is removed, the system panics and locks up. 177573 - autofs doesn attempt to remount failed mount points 177691 - negative dentry caching causes long delay when dentry becomes valid 179168 - RHEL3U7Beta-32: Booting/Installing with SATA ATAPI Optical panics 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/kernel-2.4.21-40.EL.src.rpm e2e271472a3605dcef9f8b48ddb7cfe9 kernel-2.4.21-40.EL.src.rpm i386: 14e451648c26efc912a3480708afee6f kernel-2.4.21-40.EL.athlon.rpm 67b81d592f5f1d9118c0b4aa98747c90 kernel-2.4.21-40.EL.i686.rpm cfed1327615c0e1456824b605c9b3469 kernel-BOOT-2.4.21-40.EL.i386.rpm 408e8ce5096ab61b75207e32085345f7 kernel-doc-2.4.21-40.EL.i386.rpm 31d4f639796879e49778e1bd01410a44 kernel-hugemem-2.4.21-40.EL.i686.rpm 719d373fed84087a92493140cd1456f2 kernel-hugemem-unsupported-2.4.21-40.EL.i686.rpm e550c1f5343851f18e1e5d7123b16926 kernel-smp-2.4.21-40.EL.athlon.rpm 8060d4e95fa2b7d5978ac482a8494046 kernel-smp-2.4.21-40.EL.i686.rpm 7a1eba47dadfb769ab5dd21e87544dcb kernel-smp-unsupported-2.4.21-40.EL.athlon.rpm 2f169daf9e95f6f602415d50a24befb9 kernel-smp-unsupported-2.4.21-40.EL.i686.rpm 07436903a9cc39b8efc50be1e4abd2b5 kernel-source-2.4.21-40.EL.i386.rpm 40c1b82a9b3666833ef51f842adce559 kernel-unsupported-2.4.21-40.EL.athlon.rpm 23e18c3df38f90ea739e96b575c66a2a kernel-unsupported-2.4.21-40.EL.i686.rpm ia64: 33b14be75af35da7f94a563221eacc38 kernel-2.4.21-40.EL.ia64.rpm 2b2bc1f22c92a4fe7f71e3968d813b78 kernel-doc-2.4.21-40.EL.ia64.rpm 49362afb80039e121aebe71eb5241324 kernel-source-2.4.21-40.EL.ia64.rpm ccbc19bdd003091f169a81785f4a4c9f kernel-unsupported-2.4.21-40.EL.ia64.rpm ppc: 0c884c5fe5e68a6cca7c3e231c76acf1 kernel-2.4.21-40.EL.ppc64iseries.rpm 727ba8f6af1e68e5273de1ac5d3a9171 kernel-2.4.21-40.EL.ppc64pseries.rpm db8ff98e0171858cc05844054b41acdb kernel-doc-2.4.21-40.EL.ppc64.rpm 4ce9594cc5ed4d04377dbab4c5311ab8 kernel-source-2.4.21-40.EL.ppc64.rpm 61160a740f2cb4524a7158c88ec3cfd6 kernel-unsupported-2.4.21-40.EL.ppc64iseries.rpm 10ad4f084a88852c7ffec55f1f3bc070 kernel-unsupported-2.4.21-40.EL.ppc64pseries.rpm s390: 0e7dba799a5ed476da0da336e7625e16 kernel-2.4.21-40.EL.s390.rpm dc94a3fdb3835f8048809f555c890610 kernel-doc-2.4.21-40.EL.s390.rpm 5e6eb60def92b2868e8239c792e48494 kernel-source-2.4.21-40.EL.s390.rpm f9fa02a27db6f9965e4a0ba5f47ea649 kernel-unsupported-2.4.21-40.EL.s390.rpm s390x: b50d69f24f9a62f849166f1ccd13ca9b kernel-2.4.21-40.EL.s390x.rpm 37d3e304a14f3d242d9039a322540cc7 kernel-doc-2.4.21-40.EL.s390x.rpm a86d006944328ae7e367a9a8c2ef3047 kernel-source-2.4.21-40.EL.s390x.rpm b0421eb10246317025cde9f58615a81b kernel-unsupported-2.4.21-40.EL.s390x.rpm x86_64: 01537d12eb0a242c0cf0ff267bcd5510 kernel-2.4.21-40.EL.ia32e.rpm a1f13fd01729150df9d9a9d9aeac2e1c kernel-2.4.21-40.EL.x86_64.rpm f5dc5548051bb90856f9307254234124 kernel-doc-2.4.21-40.EL.x86_64.rpm 1e4526ceb8f3d7f24628e1de2aaea3d5 kernel-smp-2.4.21-40.EL.x86_64.rpm d2973934a286be55ff03aa79b1af75aa kernel-smp-unsupported-2.4.21-40.EL.x86_64.rpm a6035139fb318a72cea565cd6e2202e0 kernel-source-2.4.21-40.EL.x86_64.rpm ca0ca2170dc264dfbadf10f069075ac7 kernel-unsupported-2.4.21-40.EL.ia32e.rpm 3291254144c2a125e2ee84d6e20e02a8 kernel-unsupported-2.4.21-40.EL.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/kernel-2.4.21-40.EL.src .rpm e2e271472a3605dcef9f8b48ddb7cfe9 kernel-2.4.21-40.EL.src.rpm i386: 14e451648c26efc912a3480708afee6f kernel-2.4.21-40.EL.athlon.rpm 67b81d592f5f1d9118c0b4aa98747c90 kernel-2.4.21-40.EL.i686.rpm cfed1327615c0e1456824b605c9b3469 kernel-BOOT-2.4.21-40.EL.i386.rpm 408e8ce5096ab61b75207e32085345f7 kernel-doc-2.4.21-40.EL.i386.rpm 31d4f639796879e49778e1bd01410a44 kernel-hugemem-2.4.21-40.EL.i686.rpm 719d373fed84087a92493140cd1456f2 kernel-hugemem-unsupported-2.4.21-40.EL.i686.rpm e550c1f5343851f18e1e5d7123b16926 kernel-smp-2.4.21-40.EL.athlon.rpm 8060d4e95fa2b7d5978ac482a8494046 kernel-smp-2.4.21-40.EL.i686.rpm 7a1eba47dadfb769ab5dd21e87544dcb kernel-smp-unsupported-2.4.21-40.EL.athlon.rpm 2f169daf9e95f6f602415d50a24befb9 kernel-smp-unsupported-2.4.21-40.EL.i686.rpm 07436903a9cc39b8efc50be1e4abd2b5 kernel-source-2.4.21-40.EL.i386.rpm 40c1b82a9b3666833ef51f842adce559 kernel-unsupported-2.4.21-40.EL.athlon.rpm 23e18c3df38f90ea739e96b575c66a2a kernel-unsupported-2.4.21-40.EL.i686.rpm x86_64: 01537d12eb0a242c0cf0ff267bcd5510 kernel-2.4.21-40.EL.ia32e.rpm a1f13fd01729150df9d9a9d9aeac2e1c kernel-2.4.21-40.EL.x86_64.rpm f5dc5548051bb90856f9307254234124 kernel-doc-2.4.21-40.EL.x86_64.rpm 1e4526ceb8f3d7f24628e1de2aaea3d5 kernel-smp-2.4.21-40.EL.x86_64.rpm d2973934a286be55ff03aa79b1af75aa kernel-smp-unsupported-2.4.21-40.EL.x86_64.rpm a6035139fb318a72cea565cd6e2202e0 kernel-source-2.4.21-40.EL.x86_64.rpm ca0ca2170dc264dfbadf10f069075ac7 kernel-unsupported-2.4.21-40.EL.ia32e.rpm 3291254144c2a125e2ee84d6e20e02a8 kernel-unsupported-2.4.21-40.EL.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/kernel-2.4.21-40.EL.src.rpm e2e271472a3605dcef9f8b48ddb7cfe9 kernel-2.4.21-40.EL.src.rpm i386: 14e451648c26efc912a3480708afee6f kernel-2.4.21-40.EL.athlon.rpm 67b81d592f5f1d9118c0b4aa98747c90 kernel-2.4.21-40.EL.i686.rpm cfed1327615c0e1456824b605c9b3469 kernel-BOOT-2.4.21-40.EL.i386.rpm 408e8ce5096ab61b75207e32085345f7 kernel-doc-2.4.21-40.EL.i386.rpm 31d4f639796879e49778e1bd01410a44 kernel-hugemem-2.4.21-40.EL.i686.rpm 719d373fed84087a92493140cd1456f2 kernel-hugemem-unsupported-2.4.21-40.EL.i686.rpm e550c1f5343851f18e1e5d7123b16926 kernel-smp-2.4.21-40.EL.athlon.rpm 8060d4e95fa2b7d5978ac482a8494046 kernel-smp-2.4.21-40.EL.i686.rpm 7a1eba47dadfb769ab5dd21e87544dcb kernel-smp-unsupported-2.4.21-40.EL.athlon.rpm 2f169daf9e95f6f602415d50a24befb9 kernel-smp-unsupported-2.4.21-40.EL.i686.rpm 07436903a9cc39b8efc50be1e4abd2b5 kernel-source-2.4.21-40.EL.i386.rpm 40c1b82a9b3666833ef51f842adce559 kernel-unsupported-2.4.21-40.EL.athlon.rpm 23e18c3df38f90ea739e96b575c66a2a kernel-unsupported-2.4.21-40.EL.i686.rpm ia64: 33b14be75af35da7f94a563221eacc38 kernel-2.4.21-40.EL.ia64.rpm 2b2bc1f22c92a4fe7f71e3968d813b78 kernel-doc-2.4.21-40.EL.ia64.rpm 49362afb80039e121aebe71eb5241324 kernel-source-2.4.21-40.EL.ia64.rpm ccbc19bdd003091f169a81785f4a4c9f kernel-unsupported-2.4.21-40.EL.ia64.rpm x86_64: 01537d12eb0a242c0cf0ff267bcd5510 kernel-2.4.21-40.EL.ia32e.rpm a1f13fd01729150df9d9a9d9aeac2e1c kernel-2.4.21-40.EL.x86_64.rpm f5dc5548051bb90856f9307254234124 kernel-doc-2.4.21-40.EL.x86_64.rpm 1e4526ceb8f3d7f24628e1de2aaea3d5 kernel-smp-2.4.21-40.EL.x86_64.rpm d2973934a286be55ff03aa79b1af75aa kernel-smp-unsupported-2.4.21-40.EL.x86_64.rpm a6035139fb318a72cea565cd6e2202e0 kernel-source-2.4.21-40.EL.x86_64.rpm ca0ca2170dc264dfbadf10f069075ac7 kernel-unsupported-2.4.21-40.EL.ia32e.rpm 3291254144c2a125e2ee84d6e20e02a8 kernel-unsupported-2.4.21-40.EL.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/kernel-2.4.21-40.EL.src.rpm e2e271472a3605dcef9f8b48ddb7cfe9 kernel-2.4.21-40.EL.src.rpm i386: 14e451648c26efc912a3480708afee6f kernel-2.4.21-40.EL.athlon.rpm 67b81d592f5f1d9118c0b4aa98747c90 kernel-2.4.21-40.EL.i686.rpm cfed1327615c0e1456824b605c9b3469 kernel-BOOT-2.4.21-40.EL.i386.rpm 408e8ce5096ab61b75207e32085345f7 kernel-doc-2.4.21-40.EL.i386.rpm 31d4f639796879e49778e1bd01410a44 kernel-hugemem-2.4.21-40.EL.i686.rpm 719d373fed84087a92493140cd1456f2 kernel-hugemem-unsupported-2.4.21-40.EL.i686.rpm e550c1f5343851f18e1e5d7123b16926 kernel-smp-2.4.21-40.EL.athlon.rpm 8060d4e95fa2b7d5978ac482a8494046 kernel-smp-2.4.21-40.EL.i686.rpm 7a1eba47dadfb769ab5dd21e87544dcb kernel-smp-unsupported-2.4.21-40.EL.athlon.rpm 2f169daf9e95f6f602415d50a24befb9 kernel-smp-unsupported-2.4.21-40.EL.i686.rpm 07436903a9cc39b8efc50be1e4abd2b5 kernel-source-2.4.21-40.EL.i386.rpm 40c1b82a9b3666833ef51f842adce559 kernel-unsupported-2.4.21-40.EL.athlon.rpm 23e18c3df38f90ea739e96b575c66a2a kernel-unsupported-2.4.21-40.EL.i686.rpm ia64: 33b14be75af35da7f94a563221eacc38 kernel-2.4.21-40.EL.ia64.rpm 2b2bc1f22c92a4fe7f71e3968d813b78 kernel-doc-2.4.21-40.EL.ia64.rpm 49362afb80039e121aebe71eb5241324 kernel-source-2.4.21-40.EL.ia64.rpm ccbc19bdd003091f169a81785f4a4c9f kernel-unsupported-2.4.21-40.EL.ia64.rpm x86_64: 01537d12eb0a242c0cf0ff267bcd5510 kernel-2.4.21-40.EL.ia32e.rpm a1f13fd01729150df9d9a9d9aeac2e1c kernel-2.4.21-40.EL.x86_64.rpm f5dc5548051bb90856f9307254234124 kernel-doc-2.4.21-40.EL.x86_64.rpm 1e4526ceb8f3d7f24628e1de2aaea3d5 kernel-smp-2.4.21-40.EL.x86_64.rpm d2973934a286be55ff03aa79b1af75aa kernel-smp-unsupported-2.4.21-40.EL.x86_64.rpm a6035139fb318a72cea565cd6e2202e0 kernel-source-2.4.21-40.EL.x86_64.rpm ca0ca2170dc264dfbadf10f069075ac7 kernel-unsupported-2.4.21-40.EL.ia32e.rpm 3291254144c2a125e2ee84d6e20e02a8 kernel-unsupported-2.4.21-40.EL.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2458 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2801 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3276 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ |
||||
編號263 | 公告主旨 GnuPG 套件,修正簽章驗證漏洞與一些小錯誤 | 公告單位 | 公告人員 | 公告時間2023-11-10 10:42:18 |
TW-CA-2006-035-[RHSA-2006:0266-01: Important: gnupg security update]
──────────────────────────────────────── TWCERT/CC發布日期:2006-03-23 原漏洞發布日期:2006-03-15 原漏洞最新更新日期:-- 通用安全漏洞編號:CVE-2006-0049,CVE-2006-0455 分類:Gain Privilege,Miscellaneous 來源參考:RHSA-2006:0266-01 ──── 簡述 ───────────────────────────────── 更新 GnuPG 套件,修正簽章驗證漏洞與一些小錯誤。 此更新動作被 Red Hat Security Response Team 列為重要性安全影響。 ──── 說明 ───────────────────────────────── GnuPG 是用來加密資料與產生數位簽章的公用程式。 GunPG 在處理使用分離式簽章驗證秘密簽署資料 (cryptograph-ically signed data) 的方 式存有漏洞,攻擊者可產生看起來像是來自第三人的秘密簽署訊息,當受害者使用惡意的分 離式簽章處理 GnuPG 訊息時,GnuPG 會忽略惡意的簽章,處理並產出簽署資料,且回傳離 開狀態為 0 的值,就像簽章是合法的一樣。在此狀況下,GnuPG 的離開狀態並不表示簽章 驗證沒有發生。此問題主要的重心在於經由 automated script 處理 GnuPG 會有的結果。 CVE (cve.mitre.org) 已將這些問題命名為 CVE-2006-0455。 GnuPG 在處理使用內嵌式簽章驗證秘密簽署資料的方式存有漏洞,當受害者在處理訊息來復 原資料時,攻擊者可借某種方法將未簽署資料插入簽署的訊息中,未簽署的資料與簽署資料 依同產出,獲得已被簽署的假像。此問題會在 GnuPG 在Red Hat Enterprise Linux 中選項 為 --ignore-crc-error 的情形下緩和下來,此攻擊要成功\必須要通過 gpg executable。 CVE (cve.mitre.org) 已將這些問題命名為 CVE-2006-0049。 請注意這些問題不會影響到 RPM 或 up2date verify RPM 套件,RPM 也不會受到這些安全 弱點影響。建議所有 GnuPG 的使用者升級至此勘誤套件,內含可修正這些問題的修補程式。 ──── 影響平台 ─────────────────────────────── ‧Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 ‧Red Hat Linux Advanced Workstation 2.1 - ia64 ‧Red Hat Enterprise Linux ES version 2.1 - i386 ‧Red Hat Enterprise Linux WS version 2.1 - i386 ‧Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 ‧Red Hat Desktop version 3 - i386, x86_64 ‧Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 ‧Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 ‧Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 ‧Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 ‧Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 ‧Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 ──── 修正方式 ─────────────────────────────── 在安裝更新之前,確定已安裝之前所有跟系統相關的錯誤修正。使用 Red Hat Network 來 下載及更新套件,輸入以下指令啟動 Red Hat Update Agent: up2date 這將啟動一個互動的程序升級您系統上適當的 RPM。 已修正 Bug ID(詳見 http://bugzilla.redhat.com/): 167392 - initial gpg run doesn create .gnupg/secring.gpg 179506 - RHEL3, gnupg-1.2.1-10, gpg: Creates corrupt files (probably 2GB problem ) 183484 - CVE-2006-0455 gpg will quietly exit when attempting to verify a malformed message 184556 - CVE-2006-0049 Gnupg incorrect malformed message verification RPM 需求: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/gnupg-1.0.7-16.src.rpm d15956e38c9d217ac93f5ed0cd5ce4f3 gnupg-1.0.7-16.src.rpm i386: cfcc3babbfc6f972dabbbac06e685f7d gnupg-1.0.7-16.i386.rpm ia64: 8c1dddef36a9e45e9ae1444b82e28bea gnupg-1.0.7-16.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/gnupg-1.0.7-16.src.rpm d15956e38c9d217ac93f5ed0cd5ce4f3 gnupg-1.0.7-16.src.rpm ia64: 8c1dddef36a9e45e9ae1444b82e28bea gnupg-1.0.7-16.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/gnupg-1.0.7-16.src.rpm d15956e38c9d217ac93f5ed0cd5ce4f3 gnupg-1.0.7-16.src.rpm i386: cfcc3babbfc6f972dabbbac06e685f7d gnupg-1.0.7-16.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/gnupg-1.0.7-16.src.rpm d15956e38c9d217ac93f5ed0cd5ce4f3 gnupg-1.0.7-16.src.rpm i386: cfcc3babbfc6f972dabbbac06e685f7d gnupg-1.0.7-16.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/gnupg-1.2.1-15.src.rpm e37b4079cb0dc795de0019b14a363f2a gnupg-1.2.1-15.src.rpm i386: 8ef6ad0316bec8ede544c25cf7e30717 gnupg-1.2.1-15.i386.rpm ia64: 594517a016b7bc7bee68cbca40bd9ead gnupg-1.2.1-15.ia64.rpm ppc: ac5d223e4a840999eecb87bc2626f7f1 gnupg-1.2.1-15.ppc.rpm s390: 5bfa85eae3fda393ca1a80ef12107221 gnupg-1.2.1-15.s390.rpm s390x: a83363632fb9f9e77db7593f878c0136 gnupg-1.2.1-15.s390x.rpm x86_64: 0ec4f9ce23dc41ca9a0e17c40ba3fbd4 gnupg-1.2.1-15.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/gnupg-1.2.1-15.src.rpm e37b4079cb0dc795de0019b14a363f2a gnupg-1.2.1-15.src.rpm i386: 8ef6ad0316bec8ede544c25cf7e30717 gnupg-1.2.1-15.i386.rpm x86_64: 0ec4f9ce23dc41ca9a0e17c40ba3fbd4 gnupg-1.2.1-15.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/gnupg-1.2.1-15.src.rpm e37b4079cb0dc795de0019b14a363f2a gnupg-1.2.1-15.src.rpm i386: 8ef6ad0316bec8ede544c25cf7e30717 gnupg-1.2.1-15.i386.rpm ia64: 594517a016b7bc7bee68cbca40bd9ead gnupg-1.2.1-15.ia64.rpm x86_64: 0ec4f9ce23dc41ca9a0e17c40ba3fbd4 gnupg-1.2.1-15.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/gnupg-1.2.1-15.src.rpm e37b4079cb0dc795de0019b14a363f2a gnupg-1.2.1-15.src.rpm i386: 8ef6ad0316bec8ede544c25cf7e30717 gnupg-1.2.1-15.i386.rpm ia64: 594517a016b7bc7bee68cbca40bd9ead gnupg-1.2.1-15.ia64.rpm x86_64: 0ec4f9ce23dc41ca9a0e17c40ba3fbd4 gnupg-1.2.1-15.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/gnupg-1.2.6-3.src.rpm 174cd0720920c12354f2240722df75f9 gnupg-1.2.6-3.src.rpm i386: 355d8f416080f4630fde887d970aa5aa gnupg-1.2.6-3.i386.rpm ia64: d414315f567d1e29f59e0b39b94e067e gnupg-1.2.6-3.ia64.rpm ppc: 8b2400f89d1a5238988fd5d55cbc6ac6 gnupg-1.2.6-3.ppc.rpm s390: e6cc5d8bb6055da2bd328261485b1097 gnupg-1.2.6-3.s390.rpm s390x: ec581afb36353fb531634cb835f4f3e1 gnupg-1.2.6-3.s390x.rpm x86_64: a9b6b5a4051daa5cf86aa7a3279e54a4 gnupg-1.2.6-3.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/gnupg-1.2.6-3.src.rpm 174cd0720920c12354f2240722df75f9 gnupg-1.2.6-3.src.rpm i386: 355d8f416080f4630fde887d970aa5aa gnupg-1.2.6-3.i386.rpm x86_64: a9b6b5a4051daa5cf86aa7a3279e54a4 gnupg-1.2.6-3.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/gnupg-1.2.6-3.src.rpm 174cd0720920c12354f2240722df75f9 gnupg-1.2.6-3.src.rpm i386: 355d8f416080f4630fde887d970aa5aa gnupg-1.2.6-3.i386.rpm ia64: d414315f567d1e29f59e0b39b94e067e gnupg-1.2.6-3.ia64.rpm x86_64: a9b6b5a4051daa5cf86aa7a3279e54a4 gnupg-1.2.6-3.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/gnupg-1.2.6-3.src.rpm 174cd0720920c12354f2240722df75f9 gnupg-1.2.6-3.src.rpm i386: 355d8f416080f4630fde887d970aa5aa gnupg-1.2.6-3.i386.rpm ia64: d414315f567d1e29f59e0b39b94e067e gnupg-1.2.6-3.ia64.rpm x86_64: a9b6b5a4051daa5cf86aa7a3279e54a4 gnupg-1.2.6-3.x86_64.rpm 這些套件基於安全理由,均由 Red Hat 公司使用 GPG 簽章,可至下列網址取得 key: https://www.redhat.com/security/team/key/#package ──── 影響結果 ─────────────────────────────── ──── 聯絡TWCERT/CC ───────────────────────────── Tel: 886-7-5250211 FAX: 886-7-5250212 886-2-23563303 886-2-23924082 Email: twcert@cert.org.tw URL: http://www.cert.org.tw/ PGP key: http://www.cert.org.tw/eng/pgp.htm ──────────────────────────────────────── 附件:[Important: gnupg security update] ──── 原文 ───────────────────────────────── - - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: gnupg security update Advisory ID: RHSA-2006:0266-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0266.html Issue date: 2006-03-15 Updated on: 2006-03-15 Product: Red Hat Enterprise Linux CVE Names: CVE-2006-0049 CVE-2006-0455 - - --------------------------------------------------------------------- 1. Summary: An updated GnuPG package that fixes signature verification flaws as well as minor bugs is now available. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: GnuPG is a utility for encrypting data and creating digital signatures. Tavis Ormandy discovered a bug in the way GnuPG verifies cryptographically signed data with detached signatures. It is possible for an attacker to construct a cryptographically signed message which could appear to come from a third party. When a victim processes a GnuPG message with a malformed detached signature, GnuPG ignores the malformed signature, processes and outputs the signed data, and exits with status 0, just as it would if the signature had been valid. In this case, GnuPGs exit status would not indicate that no signature verification had taken place. This issue would primarily be of concern when processing GnuPG results via an automated script. The Common Vulnerabilities and Exposures project assigned the name CVE-2006-0455 to this issue. Tavis Ormandy also discovered a bug in the way GnuPG verifies cryptographically signed data with inline signatures. It is possible for an attacker to inject unsigned data into a signed message in such a way that when a victim processes the message to recover the data, the unsigned data is output along with the signed data, gaining the appearance of having been signed. This issue is mitigated in the GnuPG shipped with Red Hat Enterprise Linux as the --ignore-crc-error option must be passed to the gpg executable for this attack to be successful. The Common Vulnerabilities and Exposures project assigned the name CVE-2006-0049 to this issue. Please note that neither of these issues affect the way RPM or up2date verify RPM package files, nor is RPM vulnerable to either of these issues. All users of GnuPG are advised to upgrade to this updated package, which contains backported patches to correct these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 167392 - initial gpg run doesn create .gnupg/secring.gpg 179506 - RHEL3, gnupg-1.2.1-10, gpg: Creates corrupt files (probably 2GB problem ) 183484 - CVE-2006-0455 gpg will quietly exit when attempting to verify a malformed message 184556 - CVE-2006-0049 Gnupg incorrect malformed message verification 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/gnupg-1.0.7-16.src.rpm d15956e38c9d217ac93f5ed0cd5ce4f3 gnupg-1.0.7-16.src.rpm i386: cfcc3babbfc6f972dabbbac06e685f7d gnupg-1.0.7-16.i386.rpm ia64: 8c1dddef36a9e45e9ae1444b82e28bea gnupg-1.0.7-16.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/gnupg-1.0.7-16.src.rpm d15956e38c9d217ac93f5ed0cd5ce4f3 gnupg-1.0.7-16.src.rpm ia64: 8c1dddef36a9e45e9ae1444b82e28bea gnupg-1.0.7-16.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/gnupg-1.0.7-16.src.rpm d15956e38c9d217ac93f5ed0cd5ce4f3 gnupg-1.0.7-16.src.rpm i386: cfcc3babbfc6f972dabbbac06e685f7d gnupg-1.0.7-16.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/gnupg-1.0.7-16.src.rpm d15956e38c9d217ac93f5ed0cd5ce4f3 gnupg-1.0.7-16.src.rpm i386: cfcc3babbfc6f972dabbbac06e685f7d gnupg-1.0.7-16.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/gnupg-1.2.1-15.src.rpm e37b4079cb0dc795de0019b14a363f2a gnupg-1.2.1-15.src.rpm i386: 8ef6ad0316bec8ede544c25cf7e30717 gnupg-1.2.1-15.i386.rpm ia64: 594517a016b7bc7bee68cbca40bd9ead gnupg-1.2.1-15.ia64.rpm ppc: ac5d223e4a840999eecb87bc2626f7f1 gnupg-1.2.1-15.ppc.rpm s390: 5bfa85eae3fda393ca1a80ef12107221 gnupg-1.2.1-15.s390.rpm s390x: a83363632fb9f9e77db7593f878c0136 gnupg-1.2.1-15.s390x.rpm x86_64: 0ec4f9ce23dc41ca9a0e17c40ba3fbd4 gnupg-1.2.1-15.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/gnupg-1.2.1-15.src.rpm e37b4079cb0dc795de0019b14a363f2a gnupg-1.2.1-15.src.rpm i386: 8ef6ad0316bec8ede544c25cf7e30717 gnupg-1.2.1-15.i386.rpm x86_64: 0ec4f9ce23dc41ca9a0e17c40ba3fbd4 gnupg-1.2.1-15.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/gnupg-1.2.1-15.src.rpm e37b4079cb0dc795de0019b14a363f2a gnupg-1.2.1-15.src.rpm i386: 8ef6ad0316bec8ede544c25cf7e30717 gnupg-1.2.1-15.i386.rpm ia64: 594517a016b7bc7bee68cbca40bd9ead gnupg-1.2.1-15.ia64.rpm x86_64: 0ec4f9ce23dc41ca9a0e17c40ba3fbd4 gnupg-1.2.1-15.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/gnupg-1.2.1-15.src.rpm e37b4079cb0dc795de0019b14a363f2a gnupg-1.2.1-15.src.rpm i386: 8ef6ad0316bec8ede544c25cf7e30717 gnupg-1.2.1-15.i386.rpm ia64: 594517a016b7bc7bee68cbca40bd9ead gnupg-1.2.1-15.ia64.rpm x86_64: 0ec4f9ce23dc41ca9a0e17c40ba3fbd4 gnupg-1.2.1-15.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/gnupg-1.2.6-3.src.rpm 174cd0720920c12354f2240722df75f9 gnupg-1.2.6-3.src.rpm i386: 355d8f416080f4630fde887d970aa5aa gnupg-1.2.6-3.i386.rpm ia64: d414315f567d1e29f59e0b39b94e067e gnupg-1.2.6-3.ia64.rpm ppc: 8b2400f89d1a5238988fd5d55cbc6ac6 gnupg-1.2.6-3.ppc.rpm s390: e6cc5d8bb6055da2bd328261485b1097 gnupg-1.2.6-3.s390.rpm s390x: ec581afb36353fb531634cb835f4f3e1 gnupg-1.2.6-3.s390x.rpm x86_64: a9b6b5a4051daa5cf86aa7a3279e54a4 gnupg-1.2.6-3.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/gnupg-1.2.6-3.src.rpm 174cd0720920c12354f2240722df75f9 gnupg-1.2.6-3.src.rpm i386: 355d8f416080f4630fde887d970aa5aa gnupg-1.2.6-3.i386.rpm x86_64: a9b6b5a4051daa5cf86aa7a3279e54a4 gnupg-1.2.6-3.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/gnupg-1.2.6-3.src.rpm 174cd0720920c12354f2240722df75f9 gnupg-1.2.6-3.src.rpm i386: 355d8f416080f4630fde887d970aa5aa gnupg-1.2.6-3.i386.rpm ia64: d414315f567d1e29f59e0b39b94e067e gnupg-1.2.6-3.ia64.rpm x86_64: a9b6b5a4051daa5cf86aa7a3279e54a4 gnupg-1.2.6-3.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/gnupg-1.2.6-3.src.rpm 174cd0720920c12354f2240722df75f9 gnupg-1.2.6-3.src.rpm i386: 355d8f416080f4630fde887d970aa5aa gnupg-1.2.6-3.i386.rpm ia64: d414315f567d1e29f59e0b39b94e067e gnupg-1.2.6-3.ia64.rpm x86_64: a9b6b5a4051daa5cf86aa7a3279e54a4 gnupg-1.2.6-3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0049 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0455 8. Contact: The Red Hat security contact is details at https://www.redhat.com/security/team/contact/ ──────────────────────────────────────── |