Red Hat Linux Errata Advisory
back



Synopsis	Updated SANE and XSane packages fix temporary file handling vulnerabilities

Advisory ID	RHSA-2001:171-11

Issue Date	2001-12-11

Updated On	2002-01-05

Product	Red Hat Linux

Keywords	xsane sane temporary files

Cross References	RHSA-2001:172

Obsoletes

1. Topic:

Updated SANE and XSane packages are available, which fix insecure handling
of temporary files.

2. Problem description:

XSane is an X-based interface providing access to scanners, digital
cameras, and other capture devices. When XSane creates temporary files, it
does so with predictable filenames in a manner that would follow symbolic
links. This could allow a local user to overwrite files written by the user
running XSane.

Additionally, the SANE library that XSane uses also has some similar
problems. When some SANE backend drivers created temporary files they
did so in a manner that would follow symbolic links. These packages
prevent that kind of attack. The default configuration had one of these
dangerous backends enabled. These packages update XSane to version 0.82 and
turn off the vulnerable backend in the default configuration.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the names CAN-2001-0887 and CAN-2001-0890 to these issues.

3. Bug IDs fixed: (see bugzilla for more information)

4. Relevant releases/architectures:

Red Hat Linux 7.0 - alpha, i386
Red Hat Linux 7.1 - alpha, i386, ia64
Red Hat Linux 7.2 - i386, ia64

5. RPMs required:

6. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade. Only those
RPMs which are currently installed will be updated. Those RPMs which are
not installed but included in the list will not be updated. Note that you
can also use wildcards (*.rpm) if your current directory *only* contains the
desired RPMs.

Please note that this update is also available via Red Hat Network. Many
people find this an easier way to apply updates. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

7. Verification:

MD5 sum                           Package Name
-------------------------------------------------------------------------
fdbbfefb66a01042d8c48a72ef3eba3a 7.0/en/os/SRPMS/sane-1.0.3-2.1.src.rpm
ec39b14b76be7c20f409fc2e6ce3d9c4 7.0/en/os/SRPMS/xsane-0.82-2.1.src.rpm
df2ca46c55278455d5f78495b882bb15 7.0/en/os/alpha/sane-1.0.3-2.1.alpha.rpm
21f8eeca4d81b6000a2a8b50cad700be 7.0/en/os/alpha/sane-devel-1.0.3-2.1.alpha.rpm
7a1f86435917c839dc687e5293b020c1 7.0/en/os/alpha/xsane-0.82-2.1.alpha.rpm
a5ab413d053b2ba2d156dfb719a38904 7.0/en/os/alpha/xsane-gimp-0.82-2.1.alpha.rpm
b81eab65537a7fe390ee8b88deea6d15 7.0/en/os/i386/sane-1.0.3-2.1.i386.rpm
808d906065ceed911c02eb0b857aaeab 7.0/en/os/i386/sane-devel-1.0.3-2.1.i386.rpm
919a802b0329167f9c29ac1896c30d09 7.0/en/os/i386/xsane-0.82-2.1.i386.rpm
4f845d419cd5bc9f2e139e8aedbb3a18 7.0/en/os/i386/xsane-gimp-0.82-2.1.i386.rpm
584f42e891f1df0af0596d40d20fa65f 7.1/en/os/SRPMS/sane-1.0.3-10.1.src.rpm
527cd923eb36d8b8d5f419f54a66d953 7.1/en/os/SRPMS/xsane-0.82-3.1.src.rpm
1f907d411faa5d3ea405fced028b5ff8 7.1/en/os/alpha/sane-1.0.3-10.1.alpha.rpm
fc7ec82bbd647b22e0731553d38794d7 7.1/en/os/alpha/sane-devel-1.0.3-10.1.alpha.rpm
b72e17c10b566b3e4095b282809dff79 7.1/en/os/alpha/xsane-0.82-3.1.alpha.rpm
f243f0d4d753565603ce4c1c82f81b5b 7.1/en/os/alpha/xsane-gimp-0.82-3.1.alpha.rpm
86c42a3de7a925ff17f5aa6da4a4c76d 7.1/en/os/i386/sane-1.0.3-10.1.i386.rpm
dfc10654ff591bf2211f7fb506bea7a1 7.1/en/os/i386/sane-devel-1.0.3-10.1.i386.rpm
9dd2a89ee8c0ded4769680290f4b7828 7.1/en/os/i386/xsane-0.82-3.1.i386.rpm
99a63c47855a3c4cad9860c312be993b 7.1/en/os/i386/xsane-gimp-0.82-3.1.i386.rpm
719fc4bbf8aa1640819089d429ebe48c 7.1/en/os/ia64/sane-1.0.3-10.1.ia64.rpm
22c25cb7e3236a7a63cf25665722130c 7.1/en/os/ia64/sane-devel-1.0.3-10.1.ia64.rpm
824592c070ae942f2abd524108e0fc77 7.1/en/os/ia64/xsane-0.82-3.1.ia64.rpm
54dc74b15186604a02e510e61b689f9c 7.1/en/os/ia64/xsane-gimp-0.82-3.1.ia64.rpm
4a7a1354595100ddcc520781c9e97650 7.2/en/os/SRPMS/sane-backends-1.0.5-4.1.src.rpm
527cd923eb36d8b8d5f419f54a66d953 7.2/en/os/SRPMS/xsane-0.82-3.1.src.rpm
114b7a531b01b7ab62dbde4bbd362b10 7.2/en/os/i386/sane-backends-1.0.5-4.1.i386.rpm
df5a788b98f6f40e71153b1308f30c95 7.2/en/os/i386/sane-backends-devel-1.0.5-4.1.i386.rpm
9dd2a89ee8c0ded4769680290f4b7828 7.2/en/os/i386/xsane-0.82-3.1.i386.rpm
99a63c47855a3c4cad9860c312be993b 7.2/en/os/i386/xsane-gimp-0.82-3.1.i386.rpm
b6489cb169ed65147fbdba1061cf4fd9 7.2/en/os/ia64/sane-backends-1.0.5-4.1.ia64.rpm
bcb40602e70cfda30ffa693e62dec13c 7.2/en/os/ia64/sane-backends-devel-1.0.5-4.1.ia64.rpm
824592c070ae942f2abd524108e0fc77 7.2/en/os/ia64/xsane-0.82-3.1.ia64.rpm
54dc74b15186604a02e510e61b689f9c 7.2/en/os/ia64/xsane-gimp-0.82-3.1.ia64.rpm

These packages are GPG signed by Red Hat, Inc. for security. Our key is available at:
http://www.redhat.com/about/contact.html

You can verify each package with the following command: rpm --checksig filename

If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg filename

Note that you need RPM >= 3.0 to check GnuPG keys.

8. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0887
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0890
http://www.securityfocus.com/bid/3700

Search by Google