-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2009:124-1 http://www.mandriva.com/security/ _______________________________________________________________________ Package : apache Date : July 8, 2009 Affected: 2008.1 _______________________________________________________________________ Problem Description: Multiple vulnerabilities has been found and corrected in apache: Memory leak in the zlib_stateful_init function in crypto/comp/c_zlib.c in libssl in OpenSSL 0.9.8f through 0.9.8h allows remote attackers to cause a denial of service (memory consumption) via multiple calls, as demonstrated by initial SSL client handshakes to the Apache HTTP Server mod_ssl that specify a compression algorithm (CVE-2008-1678). Note that this security issue does not really apply as zlib compression is not enabled in the openssl build provided by Mandriva, but apache is patched to address this issue anyway (conserns 2008.1 only). Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to inject arbitrary web script or HTML via wildcards in a pathname in an FTP URI (CVE-2008-2939). Note that this security issue was initially addressed with MDVSA-2008:195 but the patch fixing the issue was added but not applied in 2009.0. The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not properly handle Options=IncludesNOEXEC in the AllowOverride directive, which allows local users to gain privileges by configuring (1) Options Includes, (2) Options +Includes, or (3) Options +IncludesNOEXEC in a .htaccess file, and then inserting an exec element in a .shtml file (CVE-2009-1195). This update provides fixes for these vulnerabilities. Update: The patch for fixing CVE-2009-1195 for Mandriva Linux 2008.1 was incomplete, this update addresses the problem. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1678 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1195 _______________________________________________________________________ Updated Packages: Mandriva Linux 2008.1: d7522600c193783ccb5f41447175a331 2008.1/i586/apache-base-2.2.8-6.4mdv2008.1.i586.rpm 9ca131724b9fd905f7ac864d4511b459 2008.1/i586/apache-devel-2.2.8-6.4mdv2008.1.i586.rpm e7750b82d83fdd68225f663679ac4460 2008.1/i586/apache-htcacheclean-2.2.8-6.4mdv2008.1.i586.rpm e28b73346363d5183bf43b9a894703eb 2008.1/i586/apache-mod_authn_dbd-2.2.8-6.4mdv2008.1.i586.rpm 03d7b234afa3a83f04fd2dd951359961 2008.1/i586/apache-mod_cache-2.2.8-6.4mdv2008.1.i586.rpm 506e31a2a592818cb6b9ca9417902562 2008.1/i586/apache-mod_dav-2.2.8-6.4mdv2008.1.i586.rpm 1f79c942c9f477eb7af43fa0bbf7f75d 2008.1/i586/apache-mod_dbd-2.2.8-6.4mdv2008.1.i586.rpm 942abf88d6fa0b73b587c3cf2920c55b 2008.1/i586/apache-mod_deflate-2.2.8-6.4mdv2008.1.i586.rpm d3b92574868f79d02a5189fdcd6df425 2008.1/i586/apache-mod_disk_cache-2.2.8-6.4mdv2008.1.i586.rpm cf6ce38ae0f100a35e39fb3b09be7507 2008.1/i586/apache-mod_file_cache-2.2.8-6.4mdv2008.1.i586.rpm c5ed7754beb38dd51b68bbd6604a0ca9 2008.1/i586/apache-mod_ldap-2.2.8-6.4mdv2008.1.i586.rpm 9d29c79f0b889aeca78c7b426073cd3e 2008.1/i586/apache-mod_mem_cache-2.2.8-6.4mdv2008.1.i586.rpm 84a1b51f4d8be06ab763bb95b572909f 2008.1/i586/apache-mod_proxy-2.2.8-6.4mdv2008.1.i586.rpm 78723bd3586753bcb37ac83a9f8449f7 2008.1/i586/apache-mod_proxy_ajp-2.2.8-6.4mdv2008.1.i586.rpm 5418461f01217d6567ce4cc27e8b95bf 2008.1/i586/apache-mod_ssl-2.2.8-6.4mdv2008.1.i586.rpm 439787696a120705c0b79ac7f8a5c538 2008.1/i586/apache-modules-2.2.8-6.4mdv2008.1.i586.rpm 8275595502f0ad78166b8d060e2d9b3c 2008.1/i586/apache-mod_userdir-2.2.8-6.4mdv2008.1.i586.rpm 0b3edd8559484552cdad948faef19203 2008.1/i586/apache-mpm-event-2.2.8-6.4mdv2008.1.i586.rpm 1fa2b3101a3b34c2d0f9fc817bc1a1df 2008.1/i586/apache-mpm-itk-2.2.8-6.4mdv2008.1.i586.rpm 2b6e72b32712a335b1678f492842d2fc 2008.1/i586/apache-mpm-prefork-2.2.8-6.4mdv2008.1.i586.rpm 3c1e840a0fa813e1057effba641959b7 2008.1/i586/apache-mpm-worker-2.2.8-6.4mdv2008.1.i586.rpm 043d5127cea48a3eeab8faa4875cf084 2008.1/i586/apache-source-2.2.8-6.4mdv2008.1.i586.rpm da999274b381e43a575829d178c8bf6d 2008.1/SRPMS/apache-2.2.8-6.4mdv2008.1.src.rpm Mandriva Linux 2008.1/X86_64: 30fbbec5b54767fb1163d24a85caa017 2008.1/x86_64/apache-base-2.2.8-6.4mdv2008.1.x86_64.rpm 8998a37f170228812f7335a6d1c137ed 2008.1/x86_64/apache-devel-2.2.8-6.4mdv2008.1.x86_64.rpm e0a8fbfe76fa2c8cb16ef4726155bf0b 2008.1/x86_64/apache-htcacheclean-2.2.8-6.4mdv2008.1.x86_64.rpm a8bfb98f0354d15b1e5b33df2a06079a 2008.1/x86_64/apache-mod_authn_dbd-2.2.8-6.4mdv2008.1.x86_64.rpm 97ce6d10fea3d251f0a1a6038dcc04e3 2008.1/x86_64/apache-mod_cache-2.2.8-6.4mdv2008.1.x86_64.rpm efe82f8b6e60ab89bb6a043bebd47973 2008.1/x86_64/apache-mod_dav-2.2.8-6.4mdv2008.1.x86_64.rpm 7acf0e9e13cd0a442c32dc33427569e5 2008.1/x86_64/apache-mod_dbd-2.2.8-6.4mdv2008.1.x86_64.rpm 71a503f117bebfda8db53b929499b6d8 2008.1/x86_64/apache-mod_deflate-2.2.8-6.4mdv2008.1.x86_64.rpm 098266a9b737c0aa974e9818bc843531 2008.1/x86_64/apache-mod_disk_cache-2.2.8-6.4mdv2008.1.x86_64.rpm 2d90465f7a75a794bf333129b8e105c7 2008.1/x86_64/apache-mod_file_cache-2.2.8-6.4mdv2008.1.x86_64.rpm 6778a8746ba0b543dc3aebdab9fc6f08 2008.1/x86_64/apache-mod_ldap-2.2.8-6.4mdv2008.1.x86_64.rpm 2a9d64c016f1beb2ccbbd5c5b9e0b8df 2008.1/x86_64/apache-mod_mem_cache-2.2.8-6.4mdv2008.1.x86_64.rpm 3777616f0f0771c96921b83af29c9fa8 2008.1/x86_64/apache-mod_proxy-2.2.8-6.4mdv2008.1.x86_64.rpm 657dfd4b249cb59834957373acca4f89 2008.1/x86_64/apache-mod_proxy_ajp-2.2.8-6.4mdv2008.1.x86_64.rpm e05f1450a507379bd4f394f739e0fc60 2008.1/x86_64/apache-mod_ssl-2.2.8-6.4mdv2008.1.x86_64.rpm 1832c96d6d0a1bff8bc84f7463f92ccf 2008.1/x86_64/apache-modules-2.2.8-6.4mdv2008.1.x86_64.rpm ef96e999154ac771c47e760a7a978460 2008.1/x86_64/apache-mod_userdir-2.2.8-6.4mdv2008.1.x86_64.rpm 0312ba63abb5816f8077a14b201ee989 2008.1/x86_64/apache-mpm-event-2.2.8-6.4mdv2008.1.x86_64.rpm 0fc10dbdcc127018954280312e6ddd2b 2008.1/x86_64/apache-mpm-itk-2.2.8-6.4mdv2008.1.x86_64.rpm 1178cf5ee9c13d0320f8d334707240f7 2008.1/x86_64/apache-mpm-prefork-2.2.8-6.4mdv2008.1.x86_64.rpm b52a6d91a14cfda1080af5fe16cbb479 2008.1/x86_64/apache-mpm-worker-2.2.8-6.4mdv2008.1.x86_64.rpm 909f1aeafcf101c0af655c13809731d6 2008.1/x86_64/apache-source-2.2.8-6.4mdv2008.1.x86_64.rpm da999274b381e43a575829d178c8bf6d 2008.1/SRPMS/apache-2.2.8-6.4mdv2008.1.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFKU9d5mqjQ0CJFipgRAlzsAJ0Zpu0rH8JBOfgOJFqA9Tl3H1eJTwCfeA+M +JKiXIAM+zbCDRymCVguXjo= =66R9 -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/