diff options
author | tamcap <tamcap> | 2004-03-24 13:47:29 +0000 |
---|---|---|
committer | tamcap <tamcap> | 2004-03-24 13:47:29 +0000 |
commit | ea307c63127894f3f02cebd0afca0bfee61b4256 (patch) | |
tree | 4e6d1516da79711aca56933a5a71f3ca092f404e | |
parent | d13c34e60eeab5a9750f76bb87c2a57e8ceb1961 (diff) |
New translations by arteek / PDDP Group.
CVS version numbers
polish/security/2004/dsa-450.wml: INITIAL -> 1.1
polish/security/2004/dsa-451.wml: INITIAL -> 1.1
polish/security/2004/dsa-452.wml: INITIAL -> 1.1
polish/security/2004/dsa-453.wml: INITIAL -> 1.1
polish/security/2004/dsa-454.wml: INITIAL -> 1.1
polish/security/2004/dsa-455.wml: INITIAL -> 1.1
polish/security/2004/dsa-456.wml: INITIAL -> 1.1
polish/security/2004/dsa-457.wml: INITIAL -> 1.1
polish/security/2004/dsa-458.wml: INITIAL -> 1.1
polish/security/2004/dsa-459.wml: INITIAL -> 1.1
polish/security/2004/dsa-460.wml: INITIAL -> 1.1
polish/security/2004/dsa-461.wml: INITIAL -> 1.1
polish/security/2004/dsa-462.wml: INITIAL -> 1.1
polish/security/2004/dsa-463.wml: INITIAL -> 1.1
polish/security/2004/dsa-464.wml: INITIAL -> 1.1
polish/security/2004/dsa-465.wml: INITIAL -> 1.1
polish/security/2004/dsa-466.wml: INITIAL -> 1.1
-rw-r--r-- | polish/security/2004/dsa-450.wml | 50 | ||||
-rw-r--r-- | polish/security/2004/dsa-451.wml | 19 | ||||
-rw-r--r-- | polish/security/2004/dsa-452.wml | 21 | ||||
-rw-r--r-- | polish/security/2004/dsa-453.wml | 87 | ||||
-rw-r--r-- | polish/security/2004/dsa-454.wml | 47 | ||||
-rw-r--r-- | polish/security/2004/dsa-455.wml | 25 | ||||
-rw-r--r-- | polish/security/2004/dsa-456.wml | 29 | ||||
-rw-r--r-- | polish/security/2004/dsa-457.wml | 33 | ||||
-rw-r--r-- | polish/security/2004/dsa-458.wml | 22 | ||||
-rw-r--r-- | polish/security/2004/dsa-459.wml | 23 | ||||
-rw-r--r-- | polish/security/2004/dsa-460.wml | 20 | ||||
-rw-r--r-- | polish/security/2004/dsa-461.wml | 23 | ||||
-rw-r--r-- | polish/security/2004/dsa-462.wml | 20 | ||||
-rw-r--r-- | polish/security/2004/dsa-463.wml | 22 | ||||
-rw-r--r-- | polish/security/2004/dsa-464.wml | 22 | ||||
-rw-r--r-- | polish/security/2004/dsa-465.wml | 40 | ||||
-rw-r--r-- | polish/security/2004/dsa-466.wml | 36 |
17 files changed, 539 insertions, 0 deletions
diff --git a/polish/security/2004/dsa-450.wml b/polish/security/2004/dsa-450.wml new file mode 100644 index 00000000000..722a9a73285 --- /dev/null +++ b/polish/security/2004/dsa-450.wml @@ -0,0 +1,50 @@ +#use wml::debian::translation-check translation="1.3" +#pddp arteek +<define-tag description>several vulnerabilities</define-tag> +<define-tag moreinfo> +<p>Several local root exploits have been discovered recently in the Linux +kernel. This security advisory updates the mips kernel 2.4.19 for +Debian GNU/Linux. The Common Vulnerabilities and Exposures project +identifies the following problems that are fixed with this update:</p> + +<ul> + +<li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0961">CAN-2003-0961</a>: + + <p>An integer overflow in brk() system call (do_brk() function) for + Linux allows a local attacker to gain root privileges. Fixed + upstream in Linux 2.4.23.</p> + +<li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0985">CAN-2003-0985</a>: + + <p>Paul Starzetz <a + href="http://isec.pl/vulnerabilities/isec-0013-mremap.txt">discovered</a> + a flaw in bounds checking in mremap() in + the Linux kernel (present in version 2.4.x and 2.6.x) which may + allow a local attacker to gain root privileges. Version 2.2 is not + affected by this bug. Fixed upstream in Linux 2.4.24.</p> + +<li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0077">CAN-2004-0077</a>: + + <p>Paul Starzetz and Wojciech Purczynski of isec.pl <a + href="http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt">discovered</a> a + critical security vulnerability in the memory management code of + Linux inside the mremap(2) system call. Due to missing function + return value check of internal functions a local attacker can gain + root privileges. Fixed upstream in Linux 2.4.25 and 2.6.3.</p> + +</ul> + +<p>For the stable distribution (woody) these problems have been fixed in +version 2.4.19-0.020911.1.woody3 of mips images and version +2.4.19-4.woody1 of kernel source.</p> + +<p>For the unstable distribution (sid) this problem will be fixed soon +with the next upload of a 2.4.19 kernel image and in version +2.4.22-0.030928.3 for 2.4.22.</p> + +<p>We recommend that you upgrade your Linux kernel packages immediately.</p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2004/dsa-450.data" diff --git a/polish/security/2004/dsa-451.wml b/polish/security/2004/dsa-451.wml new file mode 100644 index 00000000000..6f38b7efab4 --- /dev/null +++ b/polish/security/2004/dsa-451.wml @@ -0,0 +1,19 @@ +#use wml::debian::translation-check translation="1.1" +#pddp arteek +<define-tag description>buffer overflows</define-tag> +<define-tag moreinfo> +<p>Steve Kemp discovered a number of buffer overflow vulnerabilities in +xboing, a game, which could be exploited by a local attacker to gain +gid "games".</p> + +<p>For the current stable distribution (woody) these problems have been +fixed in version 2.4-26woody1.</p> + +<p>For the unstable distribution (sid), these problems have been fixed in +version 2.4-26.1.</p> + +<p>We recommend that you update your xboing package.</p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2004/dsa-451.data" diff --git a/polish/security/2004/dsa-452.wml b/polish/security/2004/dsa-452.wml new file mode 100644 index 00000000000..502a93eb895 --- /dev/null +++ b/polish/security/2004/dsa-452.wml @@ -0,0 +1,21 @@ +#use wml::debian::translation-check translation="1.1" +#pddp arteek +<define-tag description>denial of service</define-tag> +<define-tag moreinfo> +<p>The Apache Software Foundation announced that some versions of +mod_python contain a bug which, when processing a request with a +malformed query string, could cause the corresponding Apache child to +crash. This bug could be exploited by a remote attacker to cause a +denial of service.</p> + +<p>For the current stable distribution (woody) this problem has been +fixed in version 2:2.7.8-0.0woody2.</p> + +<p>For the unstable distribution (sid), this problem has been fixed in +version 2:2.7.10-1.</p> + +<p>We recommend that you update your libapache-mod-python package.</p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2004/dsa-452.data" diff --git a/polish/security/2004/dsa-453.wml b/polish/security/2004/dsa-453.wml new file mode 100644 index 00000000000..60ce7e42adb --- /dev/null +++ b/polish/security/2004/dsa-453.wml @@ -0,0 +1,87 @@ +#use wml::debian::translation-check translation="1.4" +#pddp arteek +<define-tag description>failing function and TLB flush</define-tag> +<define-tag moreinfo> +<p>Paul Starzetz and Wojciech Purczynski of isec.pl <a +href="http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt">discovered</a> a critical +security vulnerability in the memory management code of Linux inside +the mremap(2) system call. Due to flushing the TLB (Translation +Lookaside Buffer, an address cache) too early it is possible for an +attacker to trigger a local root exploit.</p> + +<p>The attack vectors for 2.4.x and 2.2.x kernels are exclusive for the +respective kernel series, though. We formerly believed that the +exploitable vulnerability in 2.4.x does not exist in 2.2.x which is +still true. However, it turned out that a second (sort of) +vulnerability is indeed exploitable in 2.2.x, but not in 2.4.x, with a +different exploit, of course.</p> + +<p>For the stable distribution (woody) this problem has been fixed in +the following versions and architectures:</p> + +<table> + <tr> + <th>package</th> + <th>arch</th> + <th>version</th> + </tr> + <tr> + <td>kernel-source-2.2.20</td> + <td>source</td> + <td>2.2.20-5woody3</td> + </tr> + <tr> + <td>kernel-image-2.2.20-i386</td> + <td>i386</td> + <td>2.2.20-5woody5</td> + </tr> + <tr> + <td>kernel-image-2.2.20-reiserfs-i386</td> + <td>i386</td> + <td>2.2.20-4woody1</td> + </tr> + <tr> + <td>kernel-image-2.2.20-amiga</td> + <td>m68k</td> + <td>2.20-4</td> + </tr> + <tr> + <td>kernel-image-2.2.20-atari</td> + <td>m68k</td> + <td>2.2.20-3</td> + </tr> + <tr> + <td>kernel-image-2.2.20-bvme6000</td> + <td>m68k</td> + <td>2.2.20-3</td> + </tr> + <tr> + <td>kernel-image-2.2.20-mac</td> + <td>m68k</td> + <td>2.2.20-3</td> + </tr> + <tr> + <td>kernel-image-2.2.20-mvme147</td> + <td>m68k</td> + <td>2.2.20-3</td> + </tr> + <tr> + <td>kernel-image-2.2.20-mvme16x</td> + <td>m68k</td> + <td>2.2.20-3</td> + </tr> + <tr> + <td>kernel-patch-2.2.20-powerpc</td> + <td>powerpc</td> + <td>2.2.20-3woody1</td> + </tr> +</table> + +<p>For the unstable distribution (sid) this problem will be fixed soon +for the architectures that still ship a 2.2.x kernel package.</p> + +<p>We recommend that you upgrade your Linux kernel package.</p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2004/dsa-453.data" diff --git a/polish/security/2004/dsa-454.wml b/polish/security/2004/dsa-454.wml new file mode 100644 index 00000000000..c062006cb48 --- /dev/null +++ b/polish/security/2004/dsa-454.wml @@ -0,0 +1,47 @@ +#use wml::debian::translation-check translation="1.6" +#pddp arteek +<define-tag description>failing function and TLB flush</define-tag> +<define-tag moreinfo> +<p>Paul Starzetz and Wojciech Purczynski of isec.pl <a +href="http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt">discovered</a> a critical +security vulnerability in the memory management code of Linux inside +the mremap(2) system call. Due to flushing the TLB (Translation +Lookaside Buffer, an address cache) too early it is possible for an +attacker to trigger a local root exploit.</p> + +<p>The attack vectors for 2.4.x and 2.2.x kernels are exclusive for the +respective kernel series, though. We formerly believed that the +exploitable vulnerability in 2.4.x does not exist in 2.2.x which is +still true. However, it turned out that a second (sort of) +vulnerability is indeed exploitable in 2.2.x, but not in 2.4.x, with a +different exploit, of course.</p> + +<p>For the stable distribution (woody) this problem has been fixed in +the following versions and architectures:</p> + +<table> + <tr> + <th>package</th> + <th>arch</th> + <th>version</th> + </tr> + <tr> + <td>kernel-source-2.2.22</td> + <td>source</td> + <td>2.2.22-1woody1</td> + </tr> + <tr> + <td>kernel-image-2.2.22-alpha</td> + <td>alpha</td> + <td>2.2.22-2</td> + </tr> +</table> + +<p>For the unstable distribution (sid) this problem will be fixed soon +for the architectures that still ship a 2.2.x kernel package.</p> + +<p>We recommend that you upgrade your Linux kernel package.</p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2004/dsa-454.data" diff --git a/polish/security/2004/dsa-455.wml b/polish/security/2004/dsa-455.wml new file mode 100644 index 00000000000..d857c6ccdfc --- /dev/null +++ b/polish/security/2004/dsa-455.wml @@ -0,0 +1,25 @@ +#use wml::debian::translation-check translation="1.2" +#pddp arteek +<define-tag description>buffer overflows</define-tag> +<define-tag moreinfo> +<p>libxml2 is a library for manipulating XML files.</p> + +<p>Yuuichi Teranishi (寺西 裕一) +discovered a flaw in libxml, the GNOME XML library. +When fetching a remote resource via FTP or HTTP, the library uses +special parsing routines which can overflow a buffer if passed a very +long URL. If an attacker is able to find an application using libxml1 +or libxml2 that parses remote resources and allows the attacker to +craft the URL, then this flaw could be used to execute arbitrary code.</p> + +<p>For the stable distribution (woody) this problem has been fixed in +version 1.8.17-2woody1 of libxml and version 2.4.19-4woody1 of libxml2.</p> + +<p>For the unstable distribution (sid) this problem has been fixed in +version 1.8.17-5 of libxml and version 2.6.6-1 of libxml2.</p> + +<p>We recommend that you upgrade your libxml1 and libxml2 packages.</p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2004/dsa-455.data" diff --git a/polish/security/2004/dsa-456.wml b/polish/security/2004/dsa-456.wml new file mode 100644 index 00000000000..7f456c3e04f --- /dev/null +++ b/polish/security/2004/dsa-456.wml @@ -0,0 +1,29 @@ +#use wml::debian::translation-check translation="1.3" +#pddp arteek +<define-tag description>failing function and TLB flush</define-tag> +<define-tag moreinfo> +<p>Paul Starzetz and Wojciech Purczynski of isec.pl <a +href="http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt">discovered</a> a critical +security vulnerability in the memory management code of Linux inside +the mremap(2) system call. Due to flushing the TLB (Translation +Lookaside Buffer, an address cache) too early it is possible for an +attacker to trigger a local root exploit.</p> + +<p>The attack vectors for 2.4.x and 2.2.x kernels are exclusive for the +respective kernel series, though. We formerly believed that the +exploitable vulnerability in 2.4.x does not exist in 2.2.x which is +still true. However, it turned out that a second (sort of) +vulnerability is indeed exploitable in 2.2.x, but not in 2.4.x, with a +different exploit, of course.</p> + +<p>For the stable distribution (woody) this problem has been fixed in +version 20040303 of 2.2 kernel images for the arm architecture.</p> + +<p>For the unstable distribution (sid) this problem will be fixed soon +for the architectures that still ship a 2.2.x kernel package.</p> + +<p>We recommend that you upgrade your Linux kernel package.</p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2004/dsa-456.data" diff --git a/polish/security/2004/dsa-457.wml b/polish/security/2004/dsa-457.wml new file mode 100644 index 00000000000..5096fe474fa --- /dev/null +++ b/polish/security/2004/dsa-457.wml @@ -0,0 +1,33 @@ +#use wml::debian::translation-check translation="1.1" +#pddp arteek +<define-tag description>several vulnerabilities</define-tag> +<define-tag moreinfo> +<p>Two vulnerabilities were discovered in wu-ftpd:</p> + +<ul> +<li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0148">CAN-2004-0148</a> + + <p>Glenn Stewart discovered that users could bypass the + directory access restrictions imposed by the restricted-gid option by + changing the permissions on their home directory. On a subsequent + login, when access to the user's home directory was denied, wu-ftpd + would fall back to the root directory.</p> + +<li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0185">CAN-2004-0185</a> + + <p>A buffer overflow existed in wu-ftpd's code which + deals with S/key authentication.</p> + +</ul> + +<p>For the stable distribution (woody) these problems have been fixed in +version 2.6.2-3woody4.</p> + +<p>For the unstable distribution (sid) these problems have been fixed in +version 2.6.2-17.1.</p> + +<p>We recommend that you update your wu-ftpd package.</p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2004/dsa-457.data" diff --git a/polish/security/2004/dsa-458.wml b/polish/security/2004/dsa-458.wml new file mode 100644 index 00000000000..adf293ab32a --- /dev/null +++ b/polish/security/2004/dsa-458.wml @@ -0,0 +1,22 @@ +#use wml::debian::translation-check translation="1.2" +#pddp arteek +<define-tag description>buffer overflow</define-tag> +<define-tag moreinfo> +<p>Sebastian Schmidt discovered a buffer overflow bug in Python's +getaddrinfo function, which could allow an IPv6 address, supplied by a +remote attacker via DNS, to overwrite memory on the stack.</p> + +<p>This bug only exists in python 2.2 and 2.2.1, and only when IPv6 +support is enabled. The python2.2 package in Debian woody meets +these conditions (the 'python' package does not).</p> + +<p>For the stable distribution (woody), this bug has been fixed in +version 2.2.1-4.3.</p> + +<p>The unstable distribution (sid) is not affected by this bug.</p> + +<p>We recommend that you update your python2.2 package.</p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2004/dsa-458.data" diff --git a/polish/security/2004/dsa-459.wml b/polish/security/2004/dsa-459.wml new file mode 100644 index 00000000000..7a26c847571 --- /dev/null +++ b/polish/security/2004/dsa-459.wml @@ -0,0 +1,23 @@ +#use wml::debian::translation-check translation="1.1" +#pddp arteek +<define-tag description>cookie path traversal</define-tag> +<define-tag moreinfo> +<p>A vulnerability was discovered in KDE where the path restrictions on +cookies could be bypassed using encoded relative path components +(e.g., "/../"). This means that a cookie which should only be sent by +the browser to an application running at /app1, the browser could +inadvertently include it with a request sent to /app2 on the same +server.</p> + +<p>For the current stable distribution (woody) this problem has been +fixed in kdelibs version 4:2.2.2-6woody3 and kdelibs-crypto version +4:2.2.2-13.woody.9.</p> + +<p>For the unstable distribution (sid) this problem was fixed in kdelibs +version 4:3.1.3-1.</p> + +<p>We recommend that you update your kdelibs and kdelibs-crypto packages.</p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2004/dsa-459.data" diff --git a/polish/security/2004/dsa-460.wml b/polish/security/2004/dsa-460.wml new file mode 100644 index 00000000000..c9558496c5d --- /dev/null +++ b/polish/security/2004/dsa-460.wml @@ -0,0 +1,20 @@ +#use wml::debian::translation-check translation="1.1" +#pddp arteek +<define-tag description>insecure temporary file</define-tag> +<define-tag moreinfo> +<p>Alan Cox discovered that the isag utility (which graphically displays +data collected by the sysstat tools), creates a temporary file without +taking proper precautions. This vulnerability could allow a local +attacker to overwrite files with the privileges of the user invoking +isag.</p> + +<p>For the current stable distribution (woody) this problem has been +fixed in version 5.0.1-1.</p> + +<p>For the unstable distribution (sid) this problem will be fixed soon.</p> + +<p>We recommend that you update your sysstat package.</p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2004/dsa-460.data" diff --git a/polish/security/2004/dsa-461.wml b/polish/security/2004/dsa-461.wml new file mode 100644 index 00000000000..b6642d93fc7 --- /dev/null +++ b/polish/security/2004/dsa-461.wml @@ -0,0 +1,23 @@ +#use wml::debian::translation-check translation="1.2" +#pddp arteek +<define-tag description>buffer overflow</define-tag> +<define-tag moreinfo> +<p>Leon Juranic discovered a buffer overflow related to the +getpass(3) library function in +calife, a program which provides super user privileges to specific +users. A local attacker could potentially +exploit this vulnerability, given knowledge of a local user's password +and the presence of at least one entry in /etc/calife.auth, to execute +arbitrary code with root privileges.</p> + +<p>For the current stable distribution (woody) this problem has been +fixed in version 2.8.4c-1woody1.</p> + +<p>For the unstable distribution (sid) this problem has been fixed in +version 2.8.6-1.</p> + +<p>We recommend that you update your calife package.</p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2004/dsa-461.data" diff --git a/polish/security/2004/dsa-462.wml b/polish/security/2004/dsa-462.wml new file mode 100644 index 00000000000..003e12bcd23 --- /dev/null +++ b/polish/security/2004/dsa-462.wml @@ -0,0 +1,20 @@ +#use wml::debian::translation-check translation="1.1" +#pddp arteek +<define-tag description>missing privilege release</define-tag> +<define-tag moreinfo> +<p>Steve Kemp from the GNU/Linux audit project discovered a problem in +xitalk, a talk intercept utility for the X Window System. A local +user can exploit this problem and execute arbitrary commands under the +GID utmp. This could be used by an attacker to remove traces from the +utmp file.</p> + +<p>For the stable distribution (woody) this problem has been fixed in +version 1.1.11-9.1woody1.</p> + +<p>For the unstable distribution (sid) this problem will be fixed soon.</p> + +<p>We recommend that you upgrade your xitalk package.</p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2004/dsa-462.data" diff --git a/polish/security/2004/dsa-463.wml b/polish/security/2004/dsa-463.wml new file mode 100644 index 00000000000..4bce2c1ead9 --- /dev/null +++ b/polish/security/2004/dsa-463.wml @@ -0,0 +1,22 @@ +#use wml::debian::translation-check translation="1.1" +#pddp arteek +<define-tag description>privilege escalation</define-tag> +<define-tag moreinfo> +<p>Samba, a LanManager-like file and printer server for Unix, was found +to contain a vulnerability whereby a local user could use the "smbmnt" +utility, which is setuid root, to mount a file share from a remote +server which contained setuid programs under the control of the user. +These programs could then be executed to gain privileges on the local +system.</p> + +<p>For the current stable distribution (woody) this problem has been +fixed in version 2.2.3a-13.</p> + +<p>For the unstable distribution (sid) this problem has been fixed in +version 3.0.2-2.</p> + +<p>We recommend that you update your samba package.</p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2004/dsa-463.data" diff --git a/polish/security/2004/dsa-464.wml b/polish/security/2004/dsa-464.wml new file mode 100644 index 00000000000..52e7cf23822 --- /dev/null +++ b/polish/security/2004/dsa-464.wml @@ -0,0 +1,22 @@ +#use wml::debian::translation-check translation="1.2" +#pddp arteek +<define-tag description>broken image handling</define-tag> +<define-tag moreinfo> +<p>Thomas Kristensen discovered a vulnerability in gdk-pixbuf (binary +package libgdk-pixbuf2), the GdkPixBuf image library for Gtk, that can +cause the surrounding application to crash. To exploit this problem, +a remote attacker could send a carefully-crafted BMP file via mail, +which would cause e.g. Evolution to crash but is probably not limited +to Evolution.</p> + +<p>For the stable distribution (woody) this problem has been fixed in +version 0.17.0-2woody1.</p> + +<p>For the unstable distribution (sid) this problem has been fixed in +version 0.22.0-3.</p> + +<p>We recommend that you upgrade your libgdk-pixbuf2 package.</p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2004/dsa-464.data" diff --git a/polish/security/2004/dsa-465.wml b/polish/security/2004/dsa-465.wml new file mode 100644 index 00000000000..d2c928efdbb --- /dev/null +++ b/polish/security/2004/dsa-465.wml @@ -0,0 +1,40 @@ +#use wml::debian::translation-check translation="1.3" +#pddp arteek +<define-tag description>several vulnerabilities</define-tag> +<define-tag moreinfo> +<p>Two vulnerabilities were discovered in openssl, an implementation of +the SSL protocol, using the Codenomicon TLS Test Tool. More +information can be found in the following <a +href="http://www.uniras.gov.uk/vuls/2004/224012/index.htm">NISCC +Vulnerability Advisory</a> and this <a +href="http://www.openssl.org/news/secadv_20040317.txt">OpenSSL +advisory</a>. The Common Vulnerabilities and Exposures project +identified the following vulnerabilities:</p> + +<ul> + +<li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0079">CAN-2004-0079</a> + <p>Null-pointer assignment in the + do_change_cipher_spec() function. A remote attacker could perform + a carefully crafted SSL/TLS handshake against a server that used + the OpenSSL library in such a way as to cause OpenSSL to crash. + Depending on the application this could lead to a denial of + service.</p> + +<li><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0081">CAN-2004-0081</a> + <p>A bug in older versions of OpenSSL 0.9.6 that + can lead to a Denial of Service attack (infinite loop).</p> + +</ul> + +<p>For the stable distribution (woody) these problems have been fixed in +openssl version 0.9.6c-2.woody.6, openssl094 version 0.9.4-6.woody.4 +and openssl095 version 0.9.5a-6.woody.5.</p> + +<p>For the unstable distribution (sid) these problems will be fixed soon.</p> + +<p>We recommend that you update your openssl package.</p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2004/dsa-465.data" diff --git a/polish/security/2004/dsa-466.wml b/polish/security/2004/dsa-466.wml new file mode 100644 index 00000000000..856fd07defe --- /dev/null +++ b/polish/security/2004/dsa-466.wml @@ -0,0 +1,36 @@ +#use wml::debian::translation-check translation="1.2" +#pddp arteek +<define-tag description>failing function and TLB flush</define-tag> +<define-tag moreinfo> +<p>Paul Starzetz and Wojciech Purczynski of isec.pl +<a href="http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt">\ +discovered</a> a critical +security vulnerability in the memory management code of Linux inside +the mremap(2) system call. Due to flushing the TLB (Translation +Lookaside Buffer, an address cache) too early it is possible for an +attacker to trigger a local root exploit.</p> + +<p>The attack vectors for 2.4.x and 2.2.x kernels are exclusive for the +respective kernel series, though. We formerly believed that the +exploitable vulnerability in 2.4.x does not exist in 2.2.x which is +still true. However, it turned out that a second (sort of) +vulnerability is indeed exploitable in 2.2.x, but not in 2.4.x, with a +different exploit, of course.</p> + +<p>For the stable distribution (woody) this problem has been fixed in +version 2.2.10-13woody1 of 2.2 kernel images for the powerpc/apus +architecture and in version 2.2.10-2 of Linux 2.2.10 source.</p> + +<p>For the unstable distribution (sid) this problem will be fixed soon +with the 2.4.20 kernel-image package for powerpc/apus. The old 2.2.10 +kernel image will be removed from Debian unstable.</p> + +<p>You are strongly advised to switch to the fixed 2.4.17 kernel-image +package for powerpc/apus from woody until the 2.4.20 kernel-image +package is fixed in the unstable distribution.</p> + +<p>We recommend that you upgrade your Linux kernel package.</p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2004/dsa-466.data" |