Mandriva Linux Security Advisory - Sebastian Krahmer of the SUSE Security Team discovered a flaw in the way Postfix dereferenced symbolic links. If a local user had write access to a mail spool directory without a root mailbox file, it could be possible for them to append arbitrary data to files that root had write permissions to. The updated packages have been patched to correct this issue.
0dc99c6c3ab906e3b0709a979337a18647bdbcec87cc66e91e250ed08b60ca71
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2008:171
http://www.mandriva.com/security/
_______________________________________________________________________
Package : postfix
Date : August 15, 2008
Affected: 2007.1, 2008.0, 2008.1, Corporate 3.0, Corporate 4.0
_______________________________________________________________________
Problem Description:
Sebastian Krahmer of the SUSE Security Team discovered a flaw in
the way Postfix dereferenced symbolic links. If a local user had
write access to a mail spool directory without a root mailbox file,
it could be possible for them to append arbitrary data to files that
root had write permissions to (CVE-2008-2936).
The updated packages have been patched to correct this issue.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2936
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2007.1:
26e470b9c59a7f942865ff4c9a029f33 2007.1/i586/libpostfix1-2.3.8-1.1mdv2007.1.i586.rpm
886bae30f28144d5cd12330eadc29beb 2007.1/i586/postfix-2.3.8-1.1mdv2007.1.i586.rpm
4490c64a7b39685f04dff74ce114edd1 2007.1/i586/postfix-ldap-2.3.8-1.1mdv2007.1.i586.rpm
03bc15e8554bb5519bccc27147dc49c5 2007.1/i586/postfix-mysql-2.3.8-1.1mdv2007.1.i586.rpm
4ce6d3583264a3d9a89e99554d8f5334 2007.1/i586/postfix-pcre-2.3.8-1.1mdv2007.1.i586.rpm
1fa256a3a7306dc4711d2c1f394e4779 2007.1/i586/postfix-pgsql-2.3.8-1.1mdv2007.1.i586.rpm
585a32ed0e7d643bec4be76ca56e96a3 2007.1/SRPMS/postfix-2.3.8-1.1mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64:
c5b9aba41a5f7d4762e07611ab796ba9 2007.1/x86_64/lib64postfix1-2.3.8-1.1mdv2007.1.x86_64.rpm
34aaf8a7f5489382ae2fe752239c1ad3 2007.1/x86_64/postfix-2.3.8-1.1mdv2007.1.x86_64.rpm
c1bbbc34d1a6951dfea07b479e7546a6 2007.1/x86_64/postfix-ldap-2.3.8-1.1mdv2007.1.x86_64.rpm
72c368adfd81383032aee96564edd1dc 2007.1/x86_64/postfix-mysql-2.3.8-1.1mdv2007.1.x86_64.rpm
b6e9329425e1e4f6f1b591ca01c07527 2007.1/x86_64/postfix-pcre-2.3.8-1.1mdv2007.1.x86_64.rpm
858ac67feca2fae49be70f752a9f5688 2007.1/x86_64/postfix-pgsql-2.3.8-1.1mdv2007.1.x86_64.rpm
585a32ed0e7d643bec4be76ca56e96a3 2007.1/SRPMS/postfix-2.3.8-1.1mdv2007.1.src.rpm
Mandriva Linux 2008.0:
28f80755d3e08a050a3294f15bcdf0b0 2008.0/i586/libpostfix1-2.4.5-2.1mdv2008.0.i586.rpm
8e5a684b87309c502f34d76104e7291f 2008.0/i586/postfix-2.4.5-2.1mdv2008.0.i586.rpm
fd4bd15f398bb8f9a90e59216b4a01dc 2008.0/i586/postfix-ldap-2.4.5-2.1mdv2008.0.i586.rpm
63e5be0f5c1dc8b28f173726c1648831 2008.0/i586/postfix-mysql-2.4.5-2.1mdv2008.0.i586.rpm
75e6b126fd04ce8cbef1d024a8d4af94 2008.0/i586/postfix-pcre-2.4.5-2.1mdv2008.0.i586.rpm
3eb0a04a986f20d4771b774b0707d5ff 2008.0/i586/postfix-pgsql-2.4.5-2.1mdv2008.0.i586.rpm
d18e696ddd9948b311e84c1df3b4edfa 2008.0/SRPMS/postfix-2.4.5-2.1mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64:
25c8159e3a2b78ab281dcf6c7b5886d1 2008.0/x86_64/lib64postfix1-2.4.5-2.1mdv2008.0.x86_64.rpm
56bc517d9bb1cf9221ce8d35999ac7de 2008.0/x86_64/postfix-2.4.5-2.1mdv2008.0.x86_64.rpm
08af0c3454a642e57252180f6f8b8b1c 2008.0/x86_64/postfix-ldap-2.4.5-2.1mdv2008.0.x86_64.rpm
c8777d4816b661a2853df44228c97e26 2008.0/x86_64/postfix-mysql-2.4.5-2.1mdv2008.0.x86_64.rpm
08579717946ec5c32df7674286f9f45a 2008.0/x86_64/postfix-pcre-2.4.5-2.1mdv2008.0.x86_64.rpm
fda669add03041fa744d5738c7457c3a 2008.0/x86_64/postfix-pgsql-2.4.5-2.1mdv2008.0.x86_64.rpm
d18e696ddd9948b311e84c1df3b4edfa 2008.0/SRPMS/postfix-2.4.5-2.1mdv2008.0.src.rpm
Mandriva Linux 2008.1:
5a3804f2c3effc218f5c2e2e3df27564 2008.1/i586/libpostfix1-2.5.1-2.1mdv2008.1.i586.rpm
506d51b49e9c8c0e439fc8bc4c63ba29 2008.1/i586/postfix-2.5.1-2.1mdv2008.1.i586.rpm
34ef86dd70c956f2a99bdfac81183e09 2008.1/i586/postfix-ldap-2.5.1-2.1mdv2008.1.i586.rpm
1d07b91d48c60906f28b8a2eba99ca1c 2008.1/i586/postfix-mysql-2.5.1-2.1mdv2008.1.i586.rpm
70ba3c286521579fc49a54bba84472dd 2008.1/i586/postfix-pcre-2.5.1-2.1mdv2008.1.i586.rpm
dca57a1b0579a8418ad10aac03322b2e 2008.1/i586/postfix-pgsql-2.5.1-2.1mdv2008.1.i586.rpm
0f3cb76c3893354103745ee331942f0d 2008.1/SRPMS/postfix-2.5.1-2.1mdv2008.1.src.rpm
Mandriva Linux 2008.1/X86_64:
16d38a5b0b47edb0fc3395c63511bd6c 2008.1/x86_64/lib64postfix1-2.5.1-2.1mdv2008.1.x86_64.rpm
546f25ac9ea5aa167b9282bd8d4f537a 2008.1/x86_64/postfix-2.5.1-2.1mdv2008.1.x86_64.rpm
f1a917d26a5366044e570f6571c2fb10 2008.1/x86_64/postfix-ldap-2.5.1-2.1mdv2008.1.x86_64.rpm
4b2f2a4d53ef97dbd2c609afc9e61c77 2008.1/x86_64/postfix-mysql-2.5.1-2.1mdv2008.1.x86_64.rpm
266433d35cd238e9132b6225bc5d1258 2008.1/x86_64/postfix-pcre-2.5.1-2.1mdv2008.1.x86_64.rpm
78f8df45bf1c009701112a60294ccdeb 2008.1/x86_64/postfix-pgsql-2.5.1-2.1mdv2008.1.x86_64.rpm
0f3cb76c3893354103745ee331942f0d 2008.1/SRPMS/postfix-2.5.1-2.1mdv2008.1.src.rpm
Corporate 3.0:
7d6dc0a422fa43c691a6819a9954d29c corporate/3.0/i586/libpostfix1-2.1.1-0.4.C30mdk.i586.rpm
6c90a40a69bcd261d1fff8124d087d48 corporate/3.0/i586/postfix-2.1.1-0.4.C30mdk.i586.rpm
9e3468e37e512a5207a982ba606d8fb8 corporate/3.0/i586/postfix-ldap-2.1.1-0.4.C30mdk.i586.rpm
8018f6af47a5659396a3d903c27b33d4 corporate/3.0/i586/postfix-mysql-2.1.1-0.4.C30mdk.i586.rpm
ac40a515260bd75fe00c5e1610b11e7b corporate/3.0/i586/postfix-pcre-2.1.1-0.4.C30mdk.i586.rpm
f8675212bf047f8373846efe438d6e34 corporate/3.0/i586/postfix-pgsql-2.1.1-0.4.C30mdk.i586.rpm
0b9d6b89f64cf5c5ba64d4234ba958d3 corporate/3.0/SRPMS/postfix-2.1.1-0.4.C30mdk.src.rpm
Corporate 3.0/X86_64:
f695f71cf4e3cff94b76ffaa79e79276 corporate/3.0/x86_64/lib64postfix1-2.1.1-0.4.C30mdk.x86_64.rpm
479831782b7e851ee64b8686e5435742 corporate/3.0/x86_64/postfix-2.1.1-0.4.C30mdk.x86_64.rpm
a52bf688f3f842c8062ca1e43748a442 corporate/3.0/x86_64/postfix-ldap-2.1.1-0.4.C30mdk.x86_64.rpm
e286020374420577f7372bf98b3145f0 corporate/3.0/x86_64/postfix-mysql-2.1.1-0.4.C30mdk.x86_64.rpm
7c4d75cb5df1951918a3baf56aff0dcd corporate/3.0/x86_64/postfix-pcre-2.1.1-0.4.C30mdk.x86_64.rpm
e1b6ff7a49ab9dbd1cc8559ec9a747fe corporate/3.0/x86_64/postfix-pgsql-2.1.1-0.4.C30mdk.x86_64.rpm
0b9d6b89f64cf5c5ba64d4234ba958d3 corporate/3.0/SRPMS/postfix-2.1.1-0.4.C30mdk.src.rpm
Corporate 4.0:
c7e11fa492370b389f507fc3ae2b1d4a corporate/4.0/i586/libpostfix1-2.3.5-0.2.20060mlcs4.i586.rpm
f78b08147813d142dbebccfa3f2d1fc1 corporate/4.0/i586/postfix-2.3.5-0.2.20060mlcs4.i586.rpm
982fb6adba17ab2acfd477323a55db4c corporate/4.0/i586/postfix-ldap-2.3.5-0.2.20060mlcs4.i586.rpm
163b41ad32263b2a319720144153f5af corporate/4.0/i586/postfix-mysql-2.3.5-0.2.20060mlcs4.i586.rpm
7be21bfdc0f6e70d6da173d5005516f8 corporate/4.0/i586/postfix-pcre-2.3.5-0.2.20060mlcs4.i586.rpm
26c0b02352463bd5c33b67c146330701 corporate/4.0/i586/postfix-pgsql-2.3.5-0.2.20060mlcs4.i586.rpm
f9251f61013674ae03a5122d8c5cfd25 corporate/4.0/SRPMS/postfix-2.3.5-0.2.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
91d8789d61bc41409d96b0442ffb8d13 corporate/4.0/x86_64/lib64postfix1-2.3.5-0.2.20060mlcs4.x86_64.rpm
db6e1d07cd48fd215db13b6c0812629f corporate/4.0/x86_64/postfix-2.3.5-0.2.20060mlcs4.x86_64.rpm
6d57adb992f1903344a12c213116e2d9 corporate/4.0/x86_64/postfix-ldap-2.3.5-0.2.20060mlcs4.x86_64.rpm
c3217315a710dddef6addc566542dbef corporate/4.0/x86_64/postfix-mysql-2.3.5-0.2.20060mlcs4.x86_64.rpm
21db2224670acce491ff87269f21ec5e corporate/4.0/x86_64/postfix-pcre-2.3.5-0.2.20060mlcs4.x86_64.rpm
89d5796c4d94bb6ab1ef26de400d032f corporate/4.0/x86_64/postfix-pgsql-2.3.5-0.2.20060mlcs4.x86_64.rpm
f9251f61013674ae03a5122d8c5cfd25 corporate/4.0/SRPMS/postfix-2.3.5-0.2.20060mlcs4.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFIpbu8mqjQ0CJFipgRApsdAJ0XV7YMQObXpiNScy6r/ct8BPjTIACg0mow
TLWvKH+6JSz18dJfpEjIxFw=
=rHfX
-----END PGP SIGNATURE-----