From security@caldera.com Fri Apr 5 12:09:26 2002 From: security@caldera.com To: bugtraq@securityfocus.com, announce@lists.caldera.com, security-alerts@linuxsecurity.com Date: Thu, 4 Apr 2002 16:38:11 -0800 Subject: Security Update: [CSSA-2002-015.0] Linux: Double free in zlib (libz) vulnerability To: bugtraq@securityfocus.com announce@lists.caldera.com security-alerts@linuxsecurity.com ______________________________________________________________________________ Caldera International, Inc. Security Advisory Subject: Linux: Double free in zlib (libz) vulnerability Advisory number: CSSA-2002-015.0 Issue date: 2002, April 04 Cross reference: ______________________________________________________________________________ 1. Problem Description From CERT CA-2002-07: There is a bug in the zlib compression library that may manifest itself as a vulnerability in programs that are linked with zlib. This may allow an attacker to conduct a denial-of-service attack, gather information, or execute arbitrary code. 2. Vulnerable Supported Versions System Package ---------------------------------------------------------------------- OpenLinux 3.1.1 Server prior to dump-0.4b22-5.i386.rpm prior to libz-1.1.3-12.i386.rpm prior to linux-source-cris-2.4.13-15S.i386.rpm prior to linux-source-i386-2.4.13-15S.i386.rpm prior to linux-source-ia64-2.4.13-15S.i386.rpm prior to linux-source-m68k-2.4.13-15S.i386.rpm prior to linux-source-mips-2.4.13-15S.i386.rpm prior to linux-source-parisc-2.4.13-15S.i386.rpm prior to linux-source-ppc-2.4.13-15S.i386.rpm prior to linux-source-s390-2.4.13-15S.i386.rpm prior to linux-source-sparc-2.4.13-15S.i386.rpm prior to linux-source-superH-2.4.13-15S.i386.rpm prior to libz-devel-1.1.3-12.i386.rpm prior to rpm-3.0.6-9.i386.rpm prior to rpm-devel-3.0.6-9.i386.rpm prior to rsync-2.5.0-5.i386.rpm prior to dump-0.4b22-5.src.rpm prior to libz-1.1.3-12.src.rpm prior to linux-2.4.13-15.src.rpm prior to rpm-3.0.6-9.src.rpm prior to rsync-2.5.0-5.src.rpm prior to libz-devel-static-1.1.3-12.i386.rpm prior to linux-kernel-binary-2.4.13-15S.i386.rpm prior to linux-kernel-include-2.4.13-15S.i386.rpm prior to linux-source-UserMode-2.4.13-15S.i386.rpm prior to linux-source-alpha-2.4.13-15S.i386.rpm prior to linux-source-arm-2.4.13-15S.i386.rpm prior to linux-source-common-2.4.13-15S.i386.rpm OpenLinux 3.1.1 Workstation prior to dump-0.4b22-5.i386.rpm prior to libz-1.1.3-12.i386.rpm prior to libz-devel-1.1.3-12.i386.rpm prior to libz-devel-static-1.1.3-12.i386.rpm prior to linux-kernel-binary-2.4.13-15S.i386.rpm prior to linux-kernel-include-2.4.13-15S.i386.rpm prior to linux-source-UserMode-2.4.13-15S.i386.rpm prior to linux-source-alpha-2.4.13-15S.i386.rpm prior to linux-source-arm-2.4.13-15S.i386.rpm prior to linux-source-common-2.4.13-15S.i386.rpm prior to linux-source-cris-2.4.13-15S.i386.rpm prior to linux-source-i386-2.4.13-15S.i386.rpm prior to linux-source-ia64-2.4.13-15S.i386.rpm prior to linux-source-m68k-2.4.13-15S.i386.rpm prior to linux-source-mips-2.4.13-15S.i386.rpm prior to linux-source-parisc-2.4.13-15S.i386.rpm prior to linux-source-ppc-2.4.13-15S.i386.rpm prior to linux-source-s390-2.4.13-15S.i386.rpm prior to linux-source-sparc-2.4.13-15S.i386.rpm prior to linux-source-superH-2.4.13-15S.i386.rpm prior to rpm-3.0.6-9.i386.rpm prior to rpm-devel-3.0.6-9.i386.rpm prior to rsync-2.5.0-5.i386.rpm prior to dump-0.4b22-5.src.rpm prior to libz-1.1.3-12.src.rpm prior to linux-2.4.13-15.src.rpm prior to rpm-3.0.6-9.src.rpm prior to rsync-2.5.0-5.src.rpm 3. Solution The proper solution is to install the latest packages. 4. OpenLinux 3.1.1 Server 4.1 Package Location ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Server/current/RPMS 4.2 Packages 69cd9425bd8d6463a8d7e65271b826d7 dump-0.4b22-5.i386.rpm f2e35b07ceb6c7d0b4b0e258892780f7 libz-1.1.3-12.i386.rpm 56b0d76a38823ee9b6897c02ee879285 linux-source-cris-2.4.13-15S.i386.rpm b50863ae6ca6708ac8a3fe24dbcab091 linux-source-i386-2.4.13-15S.i386.rpm ce11d939e8bde711453746b27ff87bf5 linux-source-ia64-2.4.13-15S.i386.rpm 1d3265ddab10d19e089d36f0d72fa5c9 linux-source-m68k-2.4.13-15S.i386.rpm 931bdbd27db23c9a4093fac97400d031 linux-source-mips-2.4.13-15S.i386.rpm 3eccb9efc9639a18dbfe4dadffc19687 linux-source-parisc-2.4.13-15S.i386.rpm 9187ea14d95e8f2b386b9cacce45e437 linux-source-ppc-2.4.13-15S.i386.rpm 6747fe6c69ffe4dd806b1e70c324abdb linux-source-s390-2.4.13-15S.i386.rpm 9b0f08824d11cfa02c3668c6d447a836 linux-source-sparc-2.4.13-15S.i386.rpm 5bd38d7f07b96ce0d07d4f64665de0ef linux-source-superH-2.4.13-15S.i386.rpm e22682ade4ebac2d7a02d3ac8653ef8f libz-devel-1.1.3-12.i386.rpm 7479f0409a80030bd897f9e0d1dc400d rpm-3.0.6-9.i386.rpm 9470b7f9e89302a9861385233265ebf9 rpm-devel-3.0.6-9.i386.rpm 9c9f5311858606bf9e87e3d7c25093f9 rsync-2.5.0-5.i386.rpm 82621db45e27ab47446851018a0f2d4f libz-devel-static-1.1.3-12.i386.rpm a5987dd17e564007bfb3948fe2af7abf linux-kernel-binary-2.4.13-15S.i386.rpm 23cd4031e65b1d0a2a7747f0d28ee89d linux-kernel-include-2.4.13-15S.i386.rpm 0679c645b73eb3db5869e1b8c2830ffb linux-source-UserMode-2.4.13-15S.i386.rpm b565e1be88e50f66591ed59ed7be2fda linux-source-alpha-2.4.13-15S.i386.rpm 12397356ef12cb3cd6c9502bba9c7786 linux-source-arm-2.4.13-15S.i386.rpm 3ec69747d552234318086c3455586b9b linux-source-common-2.4.13-15S.i386.rpm 4.3 Installation rpm -Fvh libz-1.1.3-12.i386.rpm rpm -Fvh dump-0.4b22-5.i386.rpm rpm -Fvh linux-source-cris-2.4.13-15S.i386.rpm rpm -Fvh linux-source-i386-2.4.13-15S.i386.rpm rpm -Fvh linux-source-ia64-2.4.13-15S.i386.rpm rpm -Fvh linux-source-m68k-2.4.13-15S.i386.rpm rpm -Fvh linux-source-mips-2.4.13-15S.i386.rpm rpm -Fvh linux-source-parisc-2.4.13-15S.i386.rpm rpm -Fvh linux-source-ppc-2.4.13-15S.i386.rpm rpm -Fvh linux-source-s390-2.4.13-15S.i386.rpm rpm -Fvh linux-source-sparc-2.4.13-15S.i386.rpm rpm -Fvh linux-source-superH-2.4.13-15S.i386.rpm rpm -Fvh libz-devel-1.1.3-12.i386.rpm rpm -Fvh rpm-3.0.6-9.i386.rpm rpm -Fvh rpm-devel-3.0.6-9.i386.rpm rpm -Fvh rsync-2.5.0-5.i386.rpm rpm -Fvh libz-devel-static-1.1.3-12.i386.rpm rpm -Fvh linux-kernel-binary-2.4.13-15S.i386.rpm rpm -Fvh linux-kernel-include-2.4.13-15S.i386.rpm rpm -Fvh linux-source-UserMode-2.4.13-15S.i386.rpm rpm -Fvh linux-source-alpha-2.4.13-15S.i386.rpm rpm -Fvh linux-source-arm-2.4.13-15S.i386.rpm rpm -Fvh linux-source-common-2.4.13-15S.i386.rpm 4.4 Source Package Location ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Server/current/SRPMS 4.5 Source Packages 23cb4c1deb9a5253305d59796b39559e dump-0.4b22-5.src.rpm 01c6767ca6920892e3761d94c268677c libz-1.1.3-12.src.rpm 899cd9d83876602c0beb11833f89ef69 linux-2.4.13-15.src.rpm 84985de23b84a62b05fa97b10acaf3a3 rpm-3.0.6-9.src.rpm 51ffe946113ccc27f5125b25b408669c rsync-2.5.0-5.src.rpm 5. OpenLinux 3.1.1 Workstation 5.1 Package Location ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Workstation/current/RPMS 5.2 Packages 69cd9425bd8d6463a8d7e65271b826d7 dump-0.4b22-5.i386.rpm f2e35b07ceb6c7d0b4b0e258892780f7 libz-1.1.3-12.i386.rpm e22682ade4ebac2d7a02d3ac8653ef8f libz-devel-1.1.3-12.i386.rpm 82621db45e27ab47446851018a0f2d4f libz-devel-static-1.1.3-12.i386.rpm a5987dd17e564007bfb3948fe2af7abf linux-kernel-binary-2.4.13-15S.i386.rpm 23cd4031e65b1d0a2a7747f0d28ee89d linux-kernel-include-2.4.13-15S.i386.rpm 0679c645b73eb3db5869e1b8c2830ffb linux-source-UserMode-2.4.13-15S.i386.rpm b565e1be88e50f66591ed59ed7be2fda linux-source-alpha-2.4.13-15S.i386.rpm 12397356ef12cb3cd6c9502bba9c7786 linux-source-arm-2.4.13-15S.i386.rpm 3ec69747d552234318086c3455586b9b linux-source-common-2.4.13-15S.i386.rpm 56b0d76a38823ee9b6897c02ee879285 linux-source-cris-2.4.13-15S.i386.rpm b50863ae6ca6708ac8a3fe24dbcab091 linux-source-i386-2.4.13-15S.i386.rpm ce11d939e8bde711453746b27ff87bf5 linux-source-ia64-2.4.13-15S.i386.rpm 1d3265ddab10d19e089d36f0d72fa5c9 linux-source-m68k-2.4.13-15S.i386.rpm 931bdbd27db23c9a4093fac97400d031 linux-source-mips-2.4.13-15S.i386.rpm 3eccb9efc9639a18dbfe4dadffc19687 linux-source-parisc-2.4.13-15S.i386.rpm 9187ea14d95e8f2b386b9cacce45e437 linux-source-ppc-2.4.13-15S.i386.rpm 6747fe6c69ffe4dd806b1e70c324abdb linux-source-s390-2.4.13-15S.i386.rpm 9b0f08824d11cfa02c3668c6d447a836 linux-source-sparc-2.4.13-15S.i386.rpm 5bd38d7f07b96ce0d07d4f64665de0ef linux-source-superH-2.4.13-15S.i386.rpm 7479f0409a80030bd897f9e0d1dc400d rpm-3.0.6-9.i386.rpm 9470b7f9e89302a9861385233265ebf9 rpm-devel-3.0.6-9.i386.rpm 9c9f5311858606bf9e87e3d7c25093f9 rsync-2.5.0-5.i386.rpm 5.3 Installation rpm -Fvh libz-1.1.3-12.i386.rpm rpm -Fvh libz-devel-1.1.3-12.i386.rpm rpm -Fvh libz-devel-static-1.1.3-12.i386.rpm rpm -Fvh dump-0.4b22-5.i386.rpm rpm -Fvh linux-kernel-binary-2.4.13-15S.i386.rpm rpm -Fvh linux-kernel-include-2.4.13-15S.i386.rpm rpm -Fvh linux-source-UserMode-2.4.13-15S.i386.rpm rpm -Fvh linux-source-alpha-2.4.13-15S.i386.rpm rpm -Fvh linux-source-arm-2.4.13-15S.i386.rpm rpm -Fvh linux-source-common-2.4.13-15S.i386.rpm rpm -Fvh linux-source-cris-2.4.13-15S.i386.rpm rpm -Fvh linux-source-i386-2.4.13-15S.i386.rpm rpm -Fvh linux-source-ia64-2.4.13-15S.i386.rpm rpm -Fvh linux-source-m68k-2.4.13-15S.i386.rpm rpm -Fvh linux-source-mips-2.4.13-15S.i386.rpm rpm -Fvh linux-source-parisc-2.4.13-15S.i386.rpm rpm -Fvh linux-source-ppc-2.4.13-15S.i386.rpm rpm -Fvh linux-source-s390-2.4.13-15S.i386.rpm rpm -Fvh linux-source-sparc-2.4.13-15S.i386.rpm rpm -Fvh linux-source-superH-2.4.13-15S.i386.rpm rpm -Fvh rpm-3.0.6-9.i386.rpm rpm -Fvh rpm-devel-3.0.6-9.i386.rpm rpm -Fvh rsync-2.5.0-5.i386.rpm 5.4 Source Package Location ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Workstation/current/SRPMS 5.5 Source Packages 23cb4c1deb9a5253305d59796b39559e dump-0.4b22-5.src.rpm 01c6767ca6920892e3761d94c268677c libz-1.1.3-12.src.rpm 899cd9d83876602c0beb11833f89ef69 linux-2.4.13-15.src.rpm 84985de23b84a62b05fa97b10acaf3a3 rpm-3.0.6-9.src.rpm 51ffe946113ccc27f5125b25b408669c rsync-2.5.0-5.src.rpm 6. References Specific references for this advisory: http://www.cert.org/advisories/CA-2002-07.html http://www.gzip.org/zlib/advisory-2002-03-11.txt Caldera OpenLinux security resources: http://www.caldera.com/support/security/index.html Caldera UNIX security resources: http://stage.caldera.com/support/security/ This security fix closes Caldera incidents sr860749, fz520215, and erg711966. 7. Disclaimer Caldera International, Inc. is not responsible for the misuse of any of the information we provide on this website and/or through our security advisories. Our advisories are a service to our customers intended to promote secure installation and use of Caldera products. 8. Acknowledgements Owen Taylor announced this on February 6, 2002, after Matthias Clasen found an invalid PNG file that crashed zlib. ______________________________________________________________________________ [Part 2, Application/PGP-SIGNATURE 245bytes] [Unable to print this part]