Red Hat Linux Errata Advisory
back
 
Synopsis Updated SANE and XSane packages fix temporary file handling vulnerabilities
Advisory ID RHSA-2001:172-11
Issue Date 2001-12-12
Updated On 2002-01-05
Product Red Hat Powertools
Keywords xsane sane temporary files
Cross References RHSA-2001:171
Obsoletes
Visit the new Red Hat Network
 


1. Topic:

Updated SANE and XSane packages are available, which fix insecure handling
of temporary files.

2. Problem description:

XSane is an X-based interface providing access to scanners, digital
cameras, and other capture devices. When XSane creates temporary files, it
does so with predictable filenames in a manner that would follow symbolic
links. This could allow a local user to overwrite files
written by the user running XSane.

Additionally, the SANE library that XSane uses also has some similar
problems. When some SANE backend drivers created temporary files they
did so in a manner that would follow symbolic links. These packages
prevent that kind of attack. The default configuration had one of these
backends enabled. These packages update XSane to version 0.82 and turn off
the vulnerable backend in the default configuration.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the names CAN-2001-0887 and CAN-2001-0890 to these issues.

3. Bug IDs fixed: (see bugzilla for more information)

4. Relevant releases/architectures:

Red Hat Powertools 6.0 - alpha, i386, sparc
Red Hat Powertools 6.1 - alpha, i386, sparc
Red Hat Powertools 6.2 - alpha, i386, sparc

5. RPMs required:

Red Hat Powertools 6.2:

SRPMS:
ftp://updates.redhat.com/6.2/en/powertools/SRPMS/xsane-0.82-1.1.src.rpm
ftp://updates.redhat.com/6.2/en/powertools/SRPMS/sane-1.0.1-4.1.src.rpm

alpha:
ftp://updates.redhat.com/6.2/en/powertools/alpha/xsane-0.82-1.1.alpha.rpm
ftp://updates.redhat.com/6.2/en/powertools/alpha/xsane-gimp-0.82-1.1.alpha.rpm
ftp://updates.redhat.com/6.2/en/powertools/alpha/sane-1.0.1-4.1.alpha.rpm
ftp://updates.redhat.com/6.2/en/powertools/alpha/sane-devel-1.0.1-4.1.alpha.rpm

i386:
ftp://updates.redhat.com/6.2/en/powertools/i386/xsane-0.82-1.1.i386.rpm
ftp://updates.redhat.com/6.2/en/powertools/i386/xsane-gimp-0.82-1.1.i386.rpm
ftp://updates.redhat.com/6.2/en/powertools/i386/sane-1.0.1-4.1.i386.rpm
ftp://updates.redhat.com/6.2/en/powertools/i386/sane-devel-1.0.1-4.1.i386.rpm

sparc:
ftp://updates.redhat.com/6.2/en/powertools/sparc/xsane-0.82-1.1.sparc.rpm
ftp://updates.redhat.com/6.2/en/powertools/sparc/xsane-gimp-0.82-1.1.sparc.rpm
ftp://updates.redhat.com/6.2/en/powertools/sparc/sane-1.0.1-4.1.sparc.rpm
ftp://updates.redhat.com/6.2/en/powertools/sparc/sane-devel-1.0.1-4.1.sparc.rpm

6. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade. Only those
RPMs which are currently installed will be updated. Those RPMs which are
not installed but included in the list will not be updated. Note that you
can also use wildcards (*.rpm) if your current directory *only* contains the
desired RPMs.

Please note that this update is also available via Red Hat Network. Many
people find this an easier way to apply updates. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

7. Verification:

MD5 sum                           Package Name
-------------------------------------------------------------------------
b1b66938a070ad5e8bf53f6e014e9049 6.2/en/powertools/SRPMS/sane-1.0.1-4.1.src.rpm
729200175af0991d9facfadea32d99bc 6.2/en/powertools/SRPMS/xsane-0.82-1.1.src.rpm
7a8f6ed7d9a5032b702742ec44e64e6c 6.2/en/powertools/alpha/sane-1.0.1-4.1.alpha.rpm
c000681d14885a507204ddc519ce6b4e 6.2/en/powertools/alpha/sane-devel-1.0.1-4.1.alpha.rpm
4a08bc7cb2334f664144e428549af2eb 6.2/en/powertools/alpha/xsane-0.82-1.1.alpha.rpm
f13efa82546de8b4257c2aee78523030 6.2/en/powertools/alpha/xsane-gimp-0.82-1.1.alpha.rpm
b450c3646e52afb1038e82b6b62446fe 6.2/en/powertools/i386/sane-1.0.1-4.1.i386.rpm
f83f8335429601765f60a0596d3537af 6.2/en/powertools/i386/sane-devel-1.0.1-4.1.i386.rpm
538d57adf43dded0d789898f44d957bf 6.2/en/powertools/i386/xsane-0.82-1.1.i386.rpm
368f2994c770875f0f693d49f17cc2e9 6.2/en/powertools/i386/xsane-gimp-0.82-1.1.i386.rpm
92cb9e18184efe36746a6755be3ec6ba 6.2/en/powertools/sparc/sane-1.0.1-4.1.sparc.rpm
4ff61b697ab7000650248c8d2161bf32 6.2/en/powertools/sparc/sane-devel-1.0.1-4.1.sparc.rpm
47416e0bca7c4845c17d61ee10c790af 6.2/en/powertools/sparc/xsane-0.82-1.1.sparc.rpm
60bd5e3ef524bf574fb2b07ea0ef38c8 6.2/en/powertools/sparc/xsane-gimp-0.82-1.1.sparc.rpm
These packages are GPG signed by Red Hat, Inc. for security. Our key is available at:
http://www.redhat.com/about/contact.html

You can verify each package with the following command: rpm --checksig filename

If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg filename

Note that you need RPM >= 3.0 to check GnuPG keys.

8. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0887
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0890
http://www.securityfocus.com/bid/3700

Copyright© 2000 Red Hat, Inc.


 
Copyright © 2000-2002 Red Hat, Inc. All rights reserved.      Legal statement : Privacy statement : Your Account : Contact Red Hat

 

   
Search by Google