TITLE: Trustix update for multiple packages SECUNIA ADVISORY ID: SA17288 VERIFY ADVISORY: http://secunia.com/advisories/17288/ CRITICAL: Highly critical IMPACT: Unknown, Security Bypass, Cross Site Scripting, Manipulation of data, Privilege escalation, DoS, System access WHERE: >From remote OPERATING SYSTEM: Trustix Secure Linux 2.2 http://secunia.com/product/4641/ DESCRIPTION: Trustix has issued updates for multiple packages. These fix some vulnerabilities, where the most critical ones can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system. For more information: SA12921 SA13904 SA14530 SA16559 SA16688 SA16700 SA16816 SA16971 SA17054 SA17062 SA17151 SA17192 SA17216 Multiple unspecified vulnerabilities in Squid have also been fixed. SOLUTION: Apply updated packages. Trustix Secure Linux 2.2: 2ec05ad15cf280b287d40a479af30fdc 2.2/rpms/cvs-1.12.13-1tr.i586.rpm 6c00f9b202ba36512cfc742398b545e3 2.2/rpms/cvs-contrib-1.12.13-1tr.i586.rpm f9df9140be0cb7cd2ba5159a954f3036 2.2/rpms/cvs-pserver-1.12.13-1tr.i586.rpm 97ea8846768d748cd2a662b142561a38 2.2/rpms/libimap-2002e-5tr.i586.rpm 151d535b53131bcb5d530f380a790786 2.2/rpms/rsync-2.6.6-1tr.i586.rpm 50407e1f98813181c1a296bc7ce6d3ca 2.2/rpms/rsync-server-2.6.6-1tr.i586.rpm c827dd526de65745a68a39396882624f 2.2/rpms/uw-imap-2002e-5tr.i586.rpm 439debbd5a80da9efda6972ead0c4af9 2.2/rpms/uw-imap-devel-2002e-5tr.i586.rpm 71996744ffdba603d36050fa341a6d61 2.2/rpms/cups-1.1.23-5tr.i586.rpm 4b4d5fe96512a50ae96686930681c95b 2.2/rpms/cups-devel-1.1.23-5tr.i586.rpm 39ec4d3d5d976165d0ab638e32d8b4e8 2.2/rpms/cups-libs-1.1.23-5tr.i586.rpm 99a4dd6ce9c0a663db4a89418be919de 2.2/rpms/openssl-0.9.7e-6tr.i586.rpm 8720b65174a2fe61433c9c8bb32ade65 2.2/rpms/openssl-devel-0.9.7e-6tr.i586.rpm a2dff79f4a9b831acff6af14c50c0469 2.2/rpms/openssl-python-0.9.7e-6tr.i586.rpm e16d089bba481621431beb04dfc0b55a 2.2/rpms/openssl-support-0.9.7e-6tr.i586.rpm 308b171c54af53ca69fbd311584ec724 2.2/rpms/apache-2.0.55-1tr.i586.rpm d22246cbb3e71354e6153902c8ec1fe9 2.2/rpms/apache-dbm-2.0.55-1tr.i586.rpm 5f4c3c81d43f0d5ca32ccb3c30f314c8 2.2/rpms/apache-devel-2.0.55-1tr.i586.rpm 2adad928656dd80b58cdfbf6ceea7c76 2.2/rpms/apache-html-2.0.55-1tr.i586.rpm c97a5903d9ee7111498937c2ec82915e 2.2/rpms/apache-manual-2.0.55-1tr.i586.rpm 9b5c3c1dc65a92539e93af9915f39177 2.2/rpms/apache-suexec-2.0.55-1tr.i586.rpm e21367f7e8eba231e780d592a46ac2ef 2.2/rpms/lynx-2.8.5-3tr.i586.rpm d7f72636202044256732cf5aa3f5a456 2.2/rpms/php-5.0.5-1tr.i586.rpm be9e6c6eef2e6cdb41d7284c78e2b215 2.2/rpms/php-cli-5.0.5-1tr.i586.rpm cb634e70926928e7e8fd44f72ccce560 2.2/rpms/php-curl-5.0.5-1tr.i586.rpm 459c599f18af14ad72328333131dee78 2.2/rpms/php-devel-5.0.5-1tr.i586.rpm e933a67389c55ee9b9bd22b114d1bb78 2.2/rpms/php-exif-5.0.5-1tr.i586.rpm 898cf72bed0e6efd1e7f8e56511056ac 2.2/rpms/php-fcgi-5.0.5-1tr.i586.rpm 7d2a3e09100f36ad3a0742ad193bfe77 2.2/rpms/php-gd-5.0.5-1tr.i586.rpm a29e527b3a1d6925a1ead30070c42c8a 2.2/rpms/php-imap-5.0.5-1tr.i586.rpm c4b2af1eb8ebd9fea150fb703b60238a 2.2/rpms/php-ldap-5.0.5-1tr.i586.rpm 8e58a96709c890d117a61083ca3cdca3 2.2/rpms/php-mhash-5.0.5-1tr.i586.rpm 80b2bc354ddfcbe1dabc7539ff2c4b01 2.2/rpms/php-mysql-5.0.5-1tr.i586.rpm 32d6befe9a92cd74462e7cef9bd6dd07 2.2/rpms/php-mysqli-5.0.5-1tr.i586.rpm 21005dd2d46c17ee43211da816fada73 2.2/rpms/php-pgsql-5.0.5-1tr.i586.rpm 003ea235528c40cbb201e2bb7233a264 2.2/rpms/php-zlib-5.0.5-1tr.i586.rpm 238e983cdf2456dd74be19aeb8632a28 2.2/rpms/php4-4.4.0-6tr.i586.rpm 11398dce9d02adc7db5cc5fd40522008 2.2/rpms/php4-cli-4.4.0-6tr.i586.rpm 0ebf0c95e1b0e837e7099e4f1cc37ca2 2.2/rpms/php4-curl-4.4.0-6tr.i586.rpm ceb17c5eb5125e657cc77f796ce8569a 2.2/rpms/php4-devel-4.4.0-6tr.i586.rpm bd4b900b4698b58682c791fc9594fcc4 2.2/rpms/php4-domxml-4.4.0-6tr.i586.rpm 676a8deb3b89c6ec0cb3335d1662b1a9 2.2/rpms/php4-exif-4.4.0-6tr.i586.rpm a30682de1a7496e00504a64d92805cf7 2.2/rpms/php4-fcgi-4.4.0-6tr.i586.rpm 51585b634c5f4fa8536dc6548c52b0c1 2.2/rpms/php4-gd-4.4.0-6tr.i586.rpm 42b97fbf30841216d14329de331def51 2.2/rpms/php4-imap-4.4.0-6tr.i586.rpm 4465021897297d2f77f6d7a305b77adc 2.2/rpms/php4-ldap-4.4.0-6tr.i586.rpm a0b1353fea968890386498f5bae5381f 2.2/rpms/php4-mhash-4.4.0-6tr.i586.rpm 4dd3ef7f1ff7c5eb17b179a803a25051 2.2/rpms/php4-mysql-4.4.0-6tr.i586.rpm 57a952d4a679c022eb6b068fc3eb8203 2.2/rpms/php4-pgsql-4.4.0-6tr.i586.rpm 38a7b2a2af002f7178f85dceee63a483 2.2/rpms/php4-test-4.4.0-6tr.i586.rpm bec3cba7e234674a113be8d9d8531a5c 2.2/rpms/squid-2.5.STABLE11-1tr.i586.rpm 109ff17cb00b7446c75bc48a529742a8 2.2/rpms/texinfo-4.7-2tr.i586.rpm 46343428fe4e0831098727f877020fdb 2.2/rpms/wget-1.10.2-1tr.i586.rpm ORIGINAL ADVISORY: http://www.trustix.org/errata/2005/0055/ http://www.trustix.org/errata/2005/0057/ http://www.trustix.org/errata/2005/0059/ OTHER REFERENCES: SA12921: http://secunia.com/advisories/12921/ SA13904: http://secunia.com/advisories/13904/ SA14530: http://secunia.com/advisories/14530/ SA16559: http://secunia.com/advisories/16559/ SA16688: http://secunia.com/advisories/16688/ SA16700: http://secunia.com/advisories/16700/ SA16816: http://secunia.com/advisories/16816/ SA16971: http://secunia.com/advisories/16971/ SA17054: http://secunia.com/advisories/17054/ SA17062: http://secunia.com/advisories/17062/ SA17151: http://secunia.com/advisories/17151/ SA17192: http://secunia.com/advisories/17192/ SA17216: http://secunia.com/advisories/17216/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------