Home / vulnerabilitiesPDF  

dsa-1629-2.txt

Posted on 20 August 2008
Source : packetstormsecurity.org Link

 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1629-2 security@debian.org
http://www.debian.org/security/ Thijs Kinkhorst
August 19, 2008 http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package : postfix
Vulnerability : programming error
Problem type : local
Debian-specific: no
CVE Id(s) : CVE-2008-2936

Due to a version numbering problem, the Postfix update for DSA 1629 was
not installable on the i386 (Intel ia32) architecture. This update
increases the version number to make it installable on i386 aswell.
For reference the original advisory text is below.

Sebastian Krahmer discovered that Postfix, a mail transfer agent,
incorrectly checks the ownership of a mailbox. In some configurations,
this allows for appending data to arbitrary files as root.

Note that only specific configurations are vulnerable; the default
Debian installation is not affected. Only a configuration meeting
the following requirements is vulnerable:
* The mail delivery style is mailbox, with the Postfix built-in
local(8) or virtual(8) delivery agents.
* The mail spool directory (/var/spool/mail) is user-writeable.
* The user can create hardlinks pointing to root-owned symlinks
located in other directories.

For a detailed treating of the issue, please refer to the upstream
author's announcement:
http://article.gmane.org/gmane.mail.postfix.announce/110

For the stable distribution (etch), this problem has been fixed in
version 2.3.8-2+etch1.

For the testing distribution (lenny), this problem has been fixed in
version 2.5.2-2lenny1.

For the unstable distribution (sid), this problem has been fixed
in version 2.5.4-1.

We recommend that you upgrade your postfix package.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch
- -------------------------------

Source archives:

http://security.debian.org/pool/updates/main/p/postfix/postfix_2.3.8-2+etch1.diff.gz
Size/MD5 checksum: 187783 06817c1a9ac78db520c4a9856e1f606f
http://security.debian.org/pool/updates/main/p/postfix/postfix_2.3.8.orig.tar.gz
Size/MD5 checksum: 2787761 a6c560657788fc7a5444fa9ea32f5513
http://security.debian.org/pool/updates/main/p/postfix/postfix_2.3.8-2+etch1.dsc
Size/MD5 checksum: 1201 67cfbe6d62f54b03248610decf23430c

Architecture independent packages:

http://security.debian.org/pool/updates/main/p/postfix/postfix-doc_2.3.8-2+etch1_all.deb
Size/MD5 checksum: 784924 be2dfaabc9e4346fb211be9383c6b7b0
http://security.debian.org/pool/updates/main/p/postfix/postfix-dev_2.3.8-2+etch1_all.deb
Size/MD5 checksum: 130964 ee83b6a25f458aa3fe785202db29763c

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/p/postfix/postfix-pcre_2.3.8-2+etch1_amd64.deb
Size/MD5 checksum: 38398 7a1047488b79e2e02f624d11014eeecf
http://security.debian.org/pool/updates/main/p/postfix/postfix-mysql_2.3.8-2+etch1_amd64.deb
Size/MD5 checksum: 38426 a016eeaf7033d0ac5eb07b999f2e6af7
http://security.debian.org/pool/updates/main/p/postfix/postfix-cdb_2.3.8-2+etch1_amd64.deb
Size/MD5 checksum: 36466 e0e5537af489daac95e2d74fdee07a6e
http://security.debian.org/pool/updates/main/p/postfix/postfix_2.3.8-2+etch1_amd64.deb
Size/MD5 checksum: 1148900 f631d16e8027a78c47ac6ab2c6503e56
http://security.debian.org/pool/updates/main/p/postfix/postfix-ldap_2.3.8-2+etch1_amd64.deb
Size/MD5 checksum: 43348 1daae02f16464e366f2386e4b82de1d9
http://security.debian.org/pool/updates/main/p/postfix/postfix-pgsql_2.3.8-2+etch1_amd64.deb
Size/MD5 checksum: 38532 63a6da1adb632be43c7118e48ef6f5a6

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/p/postfix/postfix-ldap_2.3.8-2+etch1_hppa.deb
Size/MD5 checksum: 45392 6d5ac13f7d0cd38c4568f5dce3b2de18
http://security.debian.org/pool/updates/main/p/postfix/postfix-pcre_2.3.8-2+etch1_hppa.deb
Size/MD5 checksum: 39720 89ed20f277270f74b7b6f7e92bb5b2b1
http://security.debian.org/pool/updates/main/p/postfix/postfix-pgsql_2.3.8-2+etch1_hppa.deb
Size/MD5 checksum: 40194 8635fee29c0e8b661ea8cbd3bf6093e9
http://security.debian.org/pool/updates/main/p/postfix/postfix_2.3.8-2+etch1_hppa.deb
Size/MD5 checksum: 1174188 fee76ba8167cdffacd22445eca7396b2
http://security.debian.org/pool/updates/main/p/postfix/postfix-cdb_2.3.8-2+etch1_hppa.deb
Size/MD5 checksum: 37600 c3cddbeefe87b66277dccd6e2bd52f64
http://security.debian.org/pool/updates/main/p/postfix/postfix-mysql_2.3.8-2+etch1_hppa.deb
Size/MD5 checksum: 39922 572e0d5c09d39a34373d8340c2326b2b

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/p/postfix/postfix_2.3.8-2+etch1_i386.deb
Size/MD5 checksum: 1090008 e38c0784774c29bb313b8b7d77719782
http://security.debian.org/pool/updates/main/p/postfix/postfix-cdb_2.3.8-2+etch1_i386.deb
Size/MD5 checksum: 36596 88af7c1ebb9d6ef8ff1ae1fe82892ca5
http://security.debian.org/pool/updates/main/p/postfix/postfix-pcre_2.3.8-2+etch1_i386.deb
Size/MD5 checksum: 38456 3fd5eb9b366ff22b4a8c46b621a216df
http://security.debian.org/pool/updates/main/p/postfix/postfix-mysql_2.3.8-2+etch1_i386.deb
Size/MD5 checksum: 38772 049c34f8a10e283505978c6be7255a7b
http://security.debian.org/pool/updates/main/p/postfix/postfix-pgsql_2.3.8-2+etch1_i386.deb
Size/MD5 checksum: 38864 440cb71e2a26168a938896ff2af1adc2
http://security.debian.org/pool/updates/main/p/postfix/postfix-ldap_2.3.8-2+etch1_i386.deb
Size/MD5 checksum: 43250 f5432050f81caf7e58f52cb48c22e7e1

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/p/postfix/postfix-ldap_2.3.8-2+etch1_ia64.deb
Size/MD5 checksum: 47956 915c2fab14248e142187e5a613f274c9
http://security.debian.org/pool/updates/main/p/postfix/postfix-cdb_2.3.8-2+etch1_ia64.deb
Size/MD5 checksum: 38050 4b9c7bda45177283e157153d43633e43
http://security.debian.org/pool/updates/main/p/postfix/postfix-pcre_2.3.8-2+etch1_ia64.deb
Size/MD5 checksum: 40858 0cdb4f975d9a630f8df58c9cf124fbd1
http://security.debian.org/pool/updates/main/p/postfix/postfix-pgsql_2.3.8-2+etch1_ia64.deb
Size/MD5 checksum: 41164 f0a564de59c461d0e0b667848a18a3f5
http://security.debian.org/pool/updates/main/p/postfix/postfix-mysql_2.3.8-2+etch1_ia64.deb
Size/MD5 checksum: 40856 3e9ad3317bf31270eaa686f84f7fb8bb
http://security.debian.org/pool/updates/main/p/postfix/postfix_2.3.8-2+etch1_ia64.deb
Size/MD5 checksum: 1439632 c341d7a699bbe6b13dc560e6f5b4cbbd

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/p/postfix/postfix-ldap_2.3.8-2+etch1_powerpc.deb
Size/MD5 checksum: 44290 4c9c2a9c614643bfe983d13b6423d423
http://security.debian.org/pool/updates/main/p/postfix/postfix-pgsql_2.3.8-2+etch1_powerpc.deb
Size/MD5 checksum: 40060 4804a7f44b861b6dbeb1a7294709c5ed
http://security.debian.org/pool/updates/main/p/postfix/postfix-cdb_2.3.8-2+etch1_powerpc.deb
Size/MD5 checksum: 37822 11ba1ae93492801dc9de16b6130288d1
http://security.debian.org/pool/updates/main/p/postfix/postfix_2.3.8-2+etch1_powerpc.deb
Size/MD5 checksum: 1167796 7a24c4ea8588e62178a5d2a1c4817f85
http://security.debian.org/pool/updates/main/p/postfix/postfix-mysql_2.3.8-2+etch1_powerpc.deb
Size/MD5 checksum: 39902 363e664c54605ee838c6cf0c8fd9f790
http://security.debian.org/pool/updates/main/p/postfix/postfix-pcre_2.3.8-2+etch1_powerpc.deb
Size/MD5 checksum: 39758 a33b97afba4cfe193884cdf4a3543e03

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/p/postfix/postfix-ldap_2.3.8-2+etch1_s390.deb
Size/MD5 checksum: 43392 1318549e29ce2585850562abb98b07f7
http://security.debian.org/pool/updates/main/p/postfix/postfix-mysql_2.3.8-2+etch1_s390.deb
Size/MD5 checksum: 38836 a76263d1e6715aa1294307bf581b6424
http://security.debian.org/pool/updates/main/p/postfix/postfix-pcre_2.3.8-2+etch1_s390.deb
Size/MD5 checksum: 38454 00b3e98eb57590201dfe4d8775ce298b
http://security.debian.org/pool/updates/main/p/postfix/postfix-pgsql_2.3.8-2+etch1_s390.deb
Size/MD5 checksum: 39010 2d3a02a0e7c7a8ddbe9d0619fe4f8c7d
http://security.debian.org/pool/updates/main/p/postfix/postfix-cdb_2.3.8-2+etch1_s390.deb
Size/MD5 checksum: 36654 82b473e570eff711781cc384e86636e2
http://security.debian.org/pool/updates/main/p/postfix/postfix_2.3.8-2+etch1_s390.deb
Size/MD5 checksum: 1154442 64bf33d9dc4f14badb1c6397a74713f4


These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iQEVAwUBSKqL/mz0hbPcukPfAQIg7AgAn5lFhCJdK7Av9S8XCNypwO5Tj6zl16Qd
VUISIV0YgujevJmdPm+BTFtLgg9VOZvLiTEVzOWtrVQJmCpM8D5m57BYtqb6zq+n
X822BdWDzxVnFeM5aJhTrWRkC9DOcXos99MUNhiwcVJkE5/Gb+VxZfi/lmn6K/SJ
GumR0re3llHV+1NJd7XQQ4XPh/7x8dp611cxTRghX8lvNhtelN6bDacFMKAWkDkW
BmYZEZym3sOREVgaOxK3Xg/yfAT0mS9aSUO73nfAXBkw67KuP0tE0GTrIAvTJiz8
9PEbk9LNsOm7UzgovQs7CooIkA4IB/ZG5NzDGeGf1pO+11t0RQ1awQ==
=MqRN
-----END PGP SIGNATURE-----

 

TOP