OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: White Vampire (whitevampiremindless.com)
Date: Wed Jun 26 2002 - 23:40:04 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    - ----- Forwarded message from Slackware Security Team <securityslackware.com> -----

    Return-Path: <owner-slackware-securityslackware.com>
    Delivered-To: whitvamplocalhost
    Received: (qmail 32199 invoked from network); 26 Jun 2002 22:35:58 -0000
    Received: from unknown (HELO localhost) (127.0.0.1)
      by 127.0.0.1 with SMTP; 26 Jun 2002 22:35:58 -0000
    Delivered-To: vampwhitlilly.csoft.net
    Received: from mail102.csoft.net [63.111.26.110]
            by localhost with POP3 (fetchmail-5.8.3)
            for whitvamplocalhost (single-drop); Wed, 26 Jun 2002 18:35:58 -0400 (EDT)
    Received: (qmail 58313 invoked from network); 26 Jun 2002 22:34:32 -0000
    Received: from 205-158-62-72.outblaze.com (HELO spf10.us4.outblaze.com) (205.158.62.72)
      by mail102.csoft.net with SMTP; 26 Jun 2002 22:34:32 -0000
    Received: from bob.slackware.com (slackware.com [207.173.11.34])
            by spf10.us4.outblaze.com (8.12.4/8.12.4) with ESMTP id g5QMW9gr049040
            for <whitevampiremindless.com>; Wed, 26 Jun 2002 22:32:09 GMT
    Received: (from daemonlocalhost)
            by bob.slackware.com (8.11.6/8.11.6) id g5QKjn631503
            for slackware-security-outgoing; Wed, 26 Jun 2002 13:45:49 -0700
    Received: from localhost (securitylocalhost)
            by bob.slackware.com (8.11.6/8.11.6) with ESMTP id g5QKjmB31500
            for <slackware-securityslackware.com>; Wed, 26 Jun 2002 13:45:48 -0700
    Date: Wed, 26 Jun 2002 13:45:48 -0700 (PDT)
    From: Slackware Security Team <securityslackware.com>
    To: slackware-securityslackware.com
    Subject: [slackware-security] New OpenSSH packages available
    Message-ID: <Pine.LNX.4.21.0206261345220.31468-100000bob.slackware.com>
    MIME-Version: 1.0
    Content-Type: TEXT/PLAIN; charset=US-ASCII
    Sender: owner-slackware-securityslackware.com
    Precedence: bulk
    Reply-To: Slackware Security Team <securityslackware.com>

    New OpenSSH 3.4p1 packages providing privilege separation for improved
    security are available for Slackware 7.1, 8.0, and 8.1. Here are the
    details from the Slackware 8.1 ChangeLog:

    - ----------------------------
    Wed Jun 26 12:03:06 PDT 2002
    patches/packages/openssh-3.4p1-i386-1.tgz: Upgraded to openssh-3.4p1.
      This version enables privilege separation by default. The
      README.privsep file says this about it:

         Privilege separation, or privsep, is method in OpenSSH by which
         operations that require root privilege are performed by a separate
         privileged monitor process. Its purpose is to prevent privilege
         escalation by containing corruption to an unprivileged process. More
         information is available at:
           http://www.citi.umich.edu/u/provos/ssh/privsep.html

      Note that ISS has released an advisory on OpenSSH (OpenSSH Remote
      Challenge Vulnerability). Slackware is not affected by this issue, as
      we have never included AUTH_BSD, S/KEY, or PAM. Unless at least one of
      these options is compiled into sshd, it is not vulnerable. Further note
      that none of these options are turned on in a default build from source
      code, so if you have built sshd yourself you should not be vulnerable
      unless you've enabled one of these options.

      Regardless, the security provided by privsep is unquestionably better.
      This time we (Slackware) were lucky, but next time we might not be.
      Therefore we recommend that all sites running the OpenSSH daemon (sshd,
      enabled by default in Slackware 8.1) upgrade to this new openssh
      package. After upgrading the package, restart the daemon like this:

      /etc/rc.d/rc.sshd restart

      We would like to thank Theo and the rest of the OpenSSH team for their
      quick handling of this issue, Niels Provos and Markus Friedl for
      implementing privsep, and Solar Designer for working out issues with
      privsep on 2.2 Linux kernels.
    - ----------------------------

    The text of the ISS Advisory may be found here:
      http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=20584

    WHERE TO FIND THE NEW PACKAGES:
    - -------------------------------
    Updated OpenSSH package for Slackware 8.1:
    ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/openssh-3.4p1-i386-1.tgz

    Updated OpenSSH package for Slackware 8.0:
    ftp://ftp.slackware.com/pub/slackware/slackware-8.0/patches/packages/openssh.tgz

    Updated OpenSSH package for Slackware 7.1:
    ftp://ftp.slackware.com/pub/slackware/slackware-7.1/patches/packages/openssh.tgz

    MD5 SIGNATURES:
    - ---------------

    Here are the md5sums for the packages:

    Slackware 8.1:
    bfd503d88144c62906deef4a1280f583 openssh-3.4p1-i386-1.tgz

    Slackware 8.0:
    a88c387e5261dd9ac90b113e85d054ed openssh.tgz

    Slackware 7.1:
    416b8e06b181ab01a975958a893688b3 openssh.tgz

    INSTALLATION INSTRUCTIONS:
    - --------------------------

    First upgrade the OpenSSH package:

       # upgradepkg openssh-3.4p1-i386-1.tgz

    Then, check the /etc/ssh/ directory where the new config files will be
    installed as ssh_config.new and sshd_config.new. Most sites will want
    to move these on top of the existing config files:

       # mv ssh_config.new ssh_config
       # mv sshd_config.new sshd_config

    Finally, restart the sshd daemon:

       # . /etc/rc.d/rc.sshd restart

    - - Slackware Linux Security Team
      http://www.slackware.com

    +------------------------------------------------------------------------+
    | HOW TO REMOVE YOURSELF FROM THIS MAILING LIST: |
    +------------------------------------------------------------------------+
    | Send an email to majordomoslackware.com with this text in the body of |
    | the email message: |
    | |
    | unsubscribe slackware-security |
    | |
    | You will get a confirmation message back. Follow the instructions to |
    | complete the unsubscription. Do not reply to this message to |
    | unsubscribe! |
    +------------------------------------------------------------------------+

    - ----- End forwarded message -----

    - --
    \ | \ / White Vampire\Rem | http://gammaforce.org/
     \|\| \/ whitevampiremindless.com | http://gammagear.com/
    "Silly hacker, root is for administrators." | http://webfringe.com/

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.0.5 (GNU/Linux)

    iD8DBQE9Gpck3+rxmnEDyl8RAvLsAJ49lr5w9jWucEd/3zWMysv2yfj/vACfTTlX
    ebWzoXoRVmTVsiLja5+MSWQ=
    =RqhO
    -----END PGP SIGNATURE-----