| Openwall Project | /home Owl JtR Pro crypt pam_passwdqc tcb phpass scanlogd popa3d msulogin / Linux BIND / advisories presentations / services donations / wordlists passwords / news community lists wiki CVSweb mirrors signatures | |
| bringing security into open environments | ||
|
|
Owl homepage
Other languages:
Concepts
Purchase CDs
Change logs: |
This file lists all changes made between Owl 2.0 and its corresponding
stable branch. Please note that the release itself remains fixed; it's
only the stable branch which has these changes.
The dates shown in braces indicate when an equivalent change went into Owl-current, where applicable.
Changes made between Owl 2.0 and Owl 2.0-stable.
(2009/05/24) 2009/05/24 kernel SECURITY FIX Severity: none to high, local, active Updated to Linux 2.4.37.1-ow1. Linux 2.4.37.1, compared to 2.4.35-ow2, adds numerous security-relevant fixes to various kernel subsystems.
(2009/05/09) 2009/05/23 Package: postfix Introduced a patch to prevent leaking of the install host's name into the aliases.db file.
(2009/04/08) 2009/04/11 Package: tcb In the new version 1.0.3 of the tcb package, child processes spawned by pam_tcb will now always use _exit(2) rather than exit(3) to avoid triggering side effects. When changing passwords, pam_tcb will now fsync(2) the temporary file prior to renaming it over the actual shadow file, as needed on filesystems with not entirely atomic rename(2) (XFS). Thanks to Pascal Terjan of Mandriva and to Ermanno Scaglione for reporting these two issues, respectively.
(2009/03/06) 2009/03/06 Package: bind
Dropped the root-delegation-only directive from the default named
configuration because the list of TLDs that are not delegation-only was
incomplete and wouldn't be maintained/updated on all installs, causing
some DNS lookups of valid records to fail.
Reference:
(2009/01/08) 2009/01/21 Packages: openssl, bind SECURITY FIX Severity: medium, remote, passive
Backported upstream fixes for multiple OpenSSL signature verification
API misuses.
References:
(2008/08/14) 2008/08/24 Package: postfix
Disabled the Solaris symlink hack that allowed local mail deliveries
through "root-owned" symlinks. Although this is a security update for
some other systems, on Owl the problem was avoided or mitigated in
several ways:
(2008/08/10) 2008/08/10 Package: bind Updated to 9.3.5-P2, added an OpenBSD-derived patch to implement support for more than 1024 simultaneous recursive queries.
(2008/07/08) 2008/07/11 Package: bind SECURITY FIX Severity: medium, remote, active
Updated to 9.3.5-P1, which additionally randomizes UDP query ports to
improve resilience to DNS cache poisoning attacks.
References:
(2008/05/27) 2008/05/30 Package: openssh
Implemented support for RSA/DSA key blacklisting in sshd based on
partial fingerprints, added a subpackage with blacklisted 48-bit partial
fingerprints for 1024-bit and 2048-bit RSA and 1024-bit DSA keys as
generated on vulnerable Debian, Ubuntu, and derived systems for PID
range 1 to 32767. Due to the encoding scheme used, the blacklist file
size is just 1.3 MB, which corresponds to less than 4.5 bytes per
fingerprint. This effort was supported by CivicActions. References:
(2008/03/26) 2008/03/26 Package: gnupg Updated to 1.4.9.
(2008/03/20) 2008/03/22 Package: bzip2
Updated to 1.0.5. This release fixes a potential buffer over-read bug,
which allowed user-assisted remote attackers to cause a crash in libbz2
via a crafted file.
Reference:
(2006/02/20) 2008/03/16 Package: sed Updated to 4.1.5.
(2008/01/01) 2008/01/04 Package: gnupg Updated to 1.4.8.
(2008/01/01) 2008/01/04 Package: e2fsprogs
Updated to 1.40.4. This release fixes multiple integer overflows
in libext2fs which allow user-assisted remote attacks via a crafted
filesystem image.
Reference:
(2007/10/07 - 2007/11/08) 2007/11/08 Package: bind Updated L.ROOT-SERVERS.NET address. Added "recursing-file" directive to option.conf file, to make "rndc recursing" work in "control bind-debug enabled" mode. Changed startup script to use /dev/urandom as a source of randomness during rndc key generation. Changed startup script to robustify stopping the server.
(2007/10/13) 2007/10/13 Package: openssl
Backported upstream fix for off-by-one bug in the SSL_get_shared_ciphers
function. It is unclear whether the bug had any security impact.
References:
(2007/08/30) 2007/08/30 Package: vim SECURITY FIX Severity: none to high, indirect, passive
Backported upstream fix to restrict dangerous functions in modelines.
Note that vim's modelines have always been disabled on Owl by default
(with a setting in /usr/share/vim/vimrc) and even this fix is no guarantee
modelines will be safe to use or the restricted mode safe to rely upon
in the future.
Backported upstream fix for format string vulnerability in the
helptags_one function, which allowed user-assisted remote attackers to
execute arbitrary code via format string specifiers in a help-tags tag
in a help file.
References:
(2007/08/18) 2007/08/18 kernel
Updated to Linux 2.4.35-ow2. The single known security-relevant change
added with Linux 2.4.35 is correction of the randomness pool update bug
discovered by the PaX Team. The -ow2 revision adds a fix for the parent
process death signal bug in the Linux kernel discovered by Wojciech
Purczynski of COSEINC PTE Ltd. and iSEC Security Research; this bug has
no security impact on Owl with no added SUID programs. Also added are
two security hardening features, both enabled by default: restricted
access to VM86 mode (specific to 32-bit x86) and restricted zero page
mappings (generic).
References:
(2007/07/30) 2007/07/30 Package: bind SECURITY FIX Severity: medium, remote, passive
Updated to 9.3.4-P1, which fixes a weakness in DNS query ids generator
when answering resolver questions or sending NOTIFY messages to slave
name servers. The weakness used to make it easier for remote attackers
to guess the next query id and perform DNS cache poisoning.
References:
(2007/05/31) 2007/05/31 Package: mutt
Updated to 1.4.2.3. This release fixes msgid validation in APOP
authentication and potential buffer overflow in passwd gecos field parser.
References:
(2007/03/25 - 2007/05/22) 2007/03/25 - 2007/05/23 Package: file SECURITY FIX Severity: high, indirect, passive
Fixed potential heap buffer overflow in the file_printf function of the
libmagic library.
Reference:
(2007/04/23) 2007/04/25 Package: grep Applied upstream fix for "grep -D skip". Fixed several potential NULL dereferences and reads beyond end of buffer. Applied "fgrep -w" fix by Pavel Kankovsky. Adopted Debian fix for big file handling.
(2007/03/06) 2007/03/06 Package: gnupg SECURITY FIX Severity: medium, indirect, passive
Updated to 1.4.7. This includes a fix for an unsigned data injection
vulnerability:
An attacker is able to add arbitrary content to a signed message, and
the receiver of the message may not be able to distinguish the forged
and the properly signed parts of the message.
References:
(2007/02/21) 2007/02/21 Package: bash Removed the duplicate "file locks" entries from "ulimit -a" and the bash(1) man page.
(2006/12/26) 2007/02/07 Package: crontabs Updated run-parts from debianutils-2.17.4. Restricted permissions to /etc/cron.* directories and /etc/crontab file to root only.
(2007/01/29) 2007/01/30 Package: bind SECURITY FIX Severity: low, remote, active
Updated to 9.3.4, which fixes two security issues.
The first issue is a "use after free" vulnerability which allowed remote
DoS attack via unspecified vectors that cause BIND to "dereference (read)
a freed fetch context".
The second issue allowed remote DoS attack via a type ANY DNS query
response that contains multiple RR sets in the answer section, which
triggers an assertion error if DNSSEC validation is enabled.
References:
(2006/12/27) 2006/12/27 kernel Updated to Linux 2.4.34-ow1.
(2006/12/06) 2006/12/07 Package: gnupg SECURITY FIX Severity: high, indirect, passive
Updated to 1.4.6. This includes a fix for a remotely controllable
function pointer vulnerability: using malformed OpenPGP packets an
attacker was able to modify and dereference a function pointer in gpg.
Reference:
(2006/11/28) 2006/11/29 Package: gnupg SECURITY FIX Severity: high, indirect, passive
Applied upstream fix for heap buffer overflow bug in gpg when running
gpg interactively.
References:
(2006/11/28) 2006/11/29 Package: tar SECURITY FIX Severity: high, indirect, passive
Disabled GNUTYPE_NAMES handling by default to avoid directory traversal
in GNU tar (where a malicious archive containing GNUTYPE_NAMES record
with a symbolic link could specify files to be extracted to outside of
the intended directory tree).
References:
(2006/11/19) 2006/11/19 Package: rpm
Backported upstream fix for potential heap buffer overflow in
showQueryPackage function. Although this particular bug is fixed,
it remains unsafe to invoke "rpm" queries on untrusted package files.
References:
(2006/11/09) 2006/11/09 Package: openssh
Backported upstream fix for a bug in the sshd privilege separation
monitor that weakened its verification of successful authentication.
References:
(2006/11/07) 2006/11/07 Package: texinfo SECURITY FIX Severity: high, indirect, passive
Applied upstream patch that fixes potential heap buffer overflow in
texindex utility.
Reference:
(2006/10/29) 2006/10/31 Package: screen SECURITY FIX Severity: low, remote, passive
Applied upstream patch that fixes two bugs in UTF-8 combining characters
handling. The bugs could be used to crash/hang screen by writing a
special string to a window.
References:
(2006/04/04) 2006/10/14 Package: vim Repaired ex, view and rview symlinks. Packaged rvim and vimdiff symlinks for completeness.
(2006/10/03) 2006/10/14 Package: openssh SECURITY FIX Severity: low/none to high, remote/local, active
Backported upstream fixes for sshd connection consumption vulnerability
(severity: low, remote, active), scp local arbitrary command execution
vulnerability (severity: none to high, local, active), CRC compensation
attack detector DoS (severity: low, remote, active), client NULL
dereference on protocol error (severity: low, remote, passive).
References:
(2006/09/29) 2006/10/01 Package: openssl SECURITY FIX Severity: none to low/high, remote, active/passive
Applied upstream fixes for DoS bugs in the ASN.1 parser (CVE-2006-2937,
CVE-2006-2940). Applied fixes for a buffer overflow in
SSL_get_shared_ciphers() and a DoS bug in the SSLv2 client code, both
discovered and patched by Tavis Ormandy and Will Drewry of Google
Security Team (CVE-2006-3738, CVE-2006-4343).
References:
(2006/09/19) 2006/09/19 Package: gzip SECURITY FIX Severity: high, indirect, passive
Fixed multiple vulnerabilities (stack buffer overflow, heap buffer
underflow, heap buffer overflow, infinite loop) discovered by Tavis
Ormandy of Google Security Team.
References:
(2006/09/06) 2006/09/09 Package: openssl SECURITY FIX Severity: none to medium, remote, passive to active
Applied upstream patch to avoid RSA signature forgery.
References:
(2006/09/06) 2006/09/09 Package: bind SECURITY FIX Severity: none to low, remote, active
Updated to 9.3.2-P1, which fixes a couple of bugs that allowed for DoS
attacks on certain BIND configurations.
References:
(2006/08/04) 2006/08/04 Package: gnupg SECURITY FIX Severity: high, remote, passive
Updated to 1.4.5. This includes fixes for two more possible memory
allocation bugs, similar to the problem fixed in gnupg-1.4.4.
References:
(2006/06/22 - 2006/06/28) 2006/06/28 Package: gnupg SECURITY FIX Severity: high, remote, passive
Updated to 1.4.4. This includes fix for integer overflow vulnerability in
packet processing that could allow a remote attacker to cause gpg to crash
and possibly overwrite memory via a message packet with a large length.
References:
(2006/06/27) 2006/06/28 Package: mutt SECURITY FIX Severity: high, remote, passive
Applied an upstream fix for potential stack-based buffer overflow when
processing an overly long namespace from IMAP server.
Reference:
(2006/03/11) 2006/03/25 Package: gnupg SECURITY FIX Severity: medium, indirect, passive
Updated to 1.4.2.2. This includes fixes for the signature verification
vulnerabilities discovered by Tavis Ormandy of Gentoo.
References:
(2006/02/27 - 2006/03/20) 2006/03/25 Package: john Applied many minor corrections, including for better handling of certain uncommon scenarios and improper uses of John. Added a "keyboard cracker" to the default john.conf that will try sequences of adjacent keys on a keyboard as passwords.
(2006/02/20) 2006/03/25 Package: tar SECURITY FIX Severity: high, local, passive
Backported upstream fix for potential heap buffer overrun in handling
extended headers.
References:
$Owl: Owl/doc/CHANGES-2.0-stable,v 1.1.2.65 2009/05/24 17:29:36 solar Exp $ |