From security@mandriva.com Wed Aug 10 15:20:57 2005 From: Mandriva Security Team To: full-disclosure@lists.grok.org.uk Date: Wed, 10 Aug 2005 13:16:42 -0600 Subject: [Full-disclosure] MDKSA-2005:132 - Updated heartbeat packages fix temporary file vulnerabilities -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Update Advisory _______________________________________________________________________ Package name: heartbeat Advisory ID: MDKSA-2005:132 Date: August 9th, 2005 Affected versions: Corporate 3.0 ______________________________________________________________________ Problem Description: Eric Romang discovered that Heartbeat would create temporary files with predictable filenames. This could allow a local attacker to create symbolic links in the temporary file directory pointing to a valid file on the filesystem which could lead to the file being overwritten by the rights of the user running the vulnerable script. The updated packages have been patched to correct this problem. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2231 ______________________________________________________________________ Updated Packages: Corporate 3.0: 988b71b1018f73f77a94f9ac4d736ad1 corporate/3.0/RPMS/heartbeat-1.2.3-2.1.C30mdk.i586.rpm 6afa9bcec600cba453e97cfb8910eb66 corporate/3.0/RPMS/heartbeat-ldirectord-1.2.3-2.1.C30mdk.i586.rpm 02d4854a8683c467debb9a56a44123ac corporate/3.0/RPMS/heartbeat-pils-1.2.3-2.1.C30mdk.i586.rpm 23618a86f47b4289e9c85732569cfc1b corporate/3.0/RPMS/heartbeat-stonith-1.2.3-2.1.C30mdk.i586.rpm c515a12308e088d3aa322de379040d0a corporate/3.0/RPMS/libheartbeat-pils0-1.2.3-2.1.C30mdk.i586.rpm cd30d48b40ed4d9c4e2e86d6fcb0d9c9 corporate/3.0/RPMS/libheartbeat-pils0-devel-1.2.3-2.1.C30mdk.i586.rpm cf2081419d50b42044a69de786b3e059 corporate/3.0/RPMS/libheartbeat-stonith0-1.2.3-2.1.C30mdk.i586.rpm f2cef6941e6d635f1f21fe651e9646b4 corporate/3.0/RPMS/libheartbeat-stonith0-devel-1.2.3-2.1.C30mdk.i586.rpm 6da3d9489adc023b552116324c70f35a corporate/3.0/RPMS/libheartbeat0-1.2.3-2.1.C30mdk.i586.rpm 67f33aac7c08767c5b2df9fb71ad64aa corporate/3.0/RPMS/libheartbeat0-devel-1.2.3-2.1.C30mdk.i586.rpm 0f9dc2960afa29d70f57aff6573a0559 corporate/3.0/SRPMS/heartbeat-1.2.3-2.1.C30mdk.src.rpm Corporate 3.0/X86_64: 1c1a953510c8d5a82c9d5774c12b915a x86_64/corporate/3.0/RPMS/heartbeat-1.2.3-2.1.C30mdk.x86_64.rpm 7c9f07341f2d7e9e68df078365c05334 x86_64/corporate/3.0/RPMS/heartbeat-ldirectord-1.2.3-2.1.C30mdk.x86_64.rpm 5cc9ef2dbf09da3b5bad12387b9d94a0 x86_64/corporate/3.0/RPMS/heartbeat-pils-1.2.3-2.1.C30mdk.x86_64.rpm 972307d2bdf4396e2df0b4fd0c3f8007 x86_64/corporate/3.0/RPMS/heartbeat-stonith-1.2.3-2.1.C30mdk.x86_64.rpm d2287fd3e7d1ce3cbabc8331f9f8bfea x86_64/corporate/3.0/RPMS/lib64heartbeat-pils0-1.2.3-2.1.C30mdk.x86_64.rpm 5e523b3319eb3519420b9f651f6c5c01 x86_64/corporate/3.0/RPMS/lib64heartbeat-pils0-devel-1.2.3-2.1.C30mdk.x86_64.rpm e3276d0abb8c2c79287fe50bf6934a8a x86_64/corporate/3.0/RPMS/lib64heartbeat-stonith0-1.2.3-2.1.C30mdk.x86_64.rpm c636cc202c0ffdb8132bcfbb5d2ed142 x86_64/corporate/3.0/RPMS/lib64heartbeat-stonith0-devel-1.2.3-2.1.C30mdk.x86_64.rpm de2a839582b402dd63d9b435a956c103 x86_64/corporate/3.0/RPMS/lib64heartbeat0-1.2.3-2.1.C30mdk.x86_64.rpm e05f6de07919d8dc994a83951ebf0794 x86_64/corporate/3.0/RPMS/lib64heartbeat0-devel-1.2.3-2.1.C30mdk.x86_64.rpm 0f9dc2960afa29d70f57aff6573a0559 x86_64/corporate/3.0/SRPMS/heartbeat-1.2.3-2.1.C30mdk.src.rpm _______________________________________________________________________ To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFC+lKZmqjQ0CJFipgRAiCRAKCEiLCa1CtuxcbWTjlTXtITcgsqJwCgl7Qp Inpxe+m9REv2u+kqZLGQIT8= =G34L -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/