tcp_wrappers enhancement update
| Advisory: | RHEA-2011:1676-2 |
|---|---|
| Type: | Product Enhancement Advisory |
| Severity: | N/A |
| Issued on: | 2011-12-06 |
| Last updated on: | 2011-12-06 |
| Affected Products: | Red Hat Enterprise Linux Desktop (v. 6) Red Hat Enterprise Linux HPC Node (v. 6) Red Hat Enterprise Linux Server (v. 6) Red Hat Enterprise Linux Workstation (v. 6) |
Details
Enhanced tcp_wrappers packages are now available for Red Hat Enterprise Linux 6.
The tcp_wrappers packages provide small daemon programs which can monitor and
filter incoming requests for systat, finger, FTP, telnet, rlogin, rsh, exec,
tftp, talk and other network services. These packages also contain the libwrap
library, which adds the same filtering capabilities to programs linked against
it, such as to sshd among others.
This update adds the following enhancement:
* Previously, the tcp_wrappers packages were compiled without the RELRO
(read-only relocations) flag. Programs provided by this package and also
programs built against the tcp_wrappers libraries were thus vulnerable to
various attacks based on overwriting the ELF section of a program. To increase
the security of tcp_wrappers programs and libraries, the tcp_wrappers spec file
has been modified to use the "-Wl,-z,relro" flags when compiling the packages.
As a result, the tcp_wrappers packages are now provided with partial RELRO
protection. (BZ#727287)
Users of tcp_wrappers are advised to upgrade to these updated packages, which
add this enhancement.
Solution
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259
Updated packages
| Red Hat Enterprise Linux Desktop (v. 6) | |
| SRPMS: | |
| tcp_wrappers-7.6-57.el6.src.rpm | MD5: e708c0b5c36831e479c7cfad993abc71 SHA-256: 3c4da2315a63f1bae8a9c57c202b6fe609af28f260a35b51cd904947aa585859 |
| IA-32: | |
| tcp_wrappers-7.6-57.el6.i686.rpm | MD5: 0c675339f4ac57f9f30ed5abe088ee5f SHA-256: a9416896f6dcdcfd3a8b190ad6cd5c6246e0b8004205ff083fe3cf4b56800d5c |
| tcp_wrappers-debuginfo-7.6-57.el6.i686.rpm | MD5: b80af550c767eb39bd64d613949f5fcc SHA-256: fcd1ae2b5371e231babaedd623dbc16dc7e76909293cb9679c9fba5d6dd905d7 |
| tcp_wrappers-devel-7.6-57.el6.i686.rpm | MD5: e0472df2f8013e6e202e29754df961a9 SHA-256: db031f3ab64e4d4a077231104afab177bea0dd704a3de4994704672bfed1463d |
| tcp_wrappers-libs-7.6-57.el6.i686.rpm | MD5: dbed0409287d9abe710fa8303cfabd53 SHA-256: eef19018597cbc1c8d52f63584e52f219f0e478ac13ec4e8e149db735b9b83eb |
| x86_64: | |
| tcp_wrappers-7.6-57.el6.x86_64.rpm | MD5: 0446af12595d29c512a6588011cc7ea4 SHA-256: a1ba29fb271a06ebd355c23996ef0124c146234a83bb8e4051c32aecc6ccb641 |
| tcp_wrappers-debuginfo-7.6-57.el6.i686.rpm | MD5: b80af550c767eb39bd64d613949f5fcc SHA-256: fcd1ae2b5371e231babaedd623dbc16dc7e76909293cb9679c9fba5d6dd905d7 |
| tcp_wrappers-debuginfo-7.6-57.el6.x86_64.rpm | MD5: b569151c12d8ba7890ef986a9501c30f SHA-256: d392a178fd1250807c12ff6fbe0d14244dd50abf8164c06b57cb7810af1b864a |
| tcp_wrappers-devel-7.6-57.el6.i686.rpm | MD5: e0472df2f8013e6e202e29754df961a9 SHA-256: db031f3ab64e4d4a077231104afab177bea0dd704a3de4994704672bfed1463d |
| tcp_wrappers-devel-7.6-57.el6.x86_64.rpm | MD5: f6a4b87f70e4d8952130794b04bf3830 SHA-256: 16dd8e1d1252acd0020874ad9f34d61e963dc2602315b16f57d570c46a1b8943 |
| tcp_wrappers-libs-7.6-57.el6.i686.rpm | MD5: dbed0409287d9abe710fa8303cfabd53 SHA-256: eef19018597cbc1c8d52f63584e52f219f0e478ac13ec4e8e149db735b9b83eb |
| tcp_wrappers-libs-7.6-57.el6.x86_64.rpm | MD5: 418c63377fde9781bcb1fffb896ca427 SHA-256: 5c0b5b9daf4380b87d277be4b331cff8afaf060dc3b7ef12d302ba45c290325d |
| Red Hat Enterprise Linux HPC Node (v. 6) | |
| SRPMS: | |
| tcp_wrappers-7.6-57.el6.src.rpm | MD5: e708c0b5c36831e479c7cfad993abc71 SHA-256: 3c4da2315a63f1bae8a9c57c202b6fe609af28f260a35b51cd904947aa585859 |
| x86_64: | |
| tcp_wrappers-7.6-57.el6.x86_64.rpm | MD5: 0446af12595d29c512a6588011cc7ea4 SHA-256: a1ba29fb271a06ebd355c23996ef0124c146234a83bb8e4051c32aecc6ccb641 |
| tcp_wrappers-debuginfo-7.6-57.el6.i686.rpm | MD5: b80af550c767eb39bd64d613949f5fcc SHA-256: fcd1ae2b5371e231babaedd623dbc16dc7e76909293cb9679c9fba5d6dd905d7 |
| tcp_wrappers-debuginfo-7.6-57.el6.x86_64.rpm | MD5: b569151c12d8ba7890ef986a9501c30f SHA-256: d392a178fd1250807c12ff6fbe0d14244dd50abf8164c06b57cb7810af1b864a |
| tcp_wrappers-devel-7.6-57.el6.i686.rpm | MD5: e0472df2f8013e6e202e29754df961a9 SHA-256: db031f3ab64e4d4a077231104afab177bea0dd704a3de4994704672bfed1463d |
| tcp_wrappers-devel-7.6-57.el6.x86_64.rpm | MD5: f6a4b87f70e4d8952130794b04bf3830 SHA-256: 16dd8e1d1252acd0020874ad9f34d61e963dc2602315b16f57d570c46a1b8943 |
| tcp_wrappers-libs-7.6-57.el6.i686.rpm | MD5: dbed0409287d9abe710fa8303cfabd53 SHA-256: eef19018597cbc1c8d52f63584e52f219f0e478ac13ec4e8e149db735b9b83eb |
| tcp_wrappers-libs-7.6-57.el6.x86_64.rpm | MD5: 418c63377fde9781bcb1fffb896ca427 SHA-256: 5c0b5b9daf4380b87d277be4b331cff8afaf060dc3b7ef12d302ba45c290325d |
| Red Hat Enterprise Linux Server (v. 6) | |
| SRPMS: | |
| tcp_wrappers-7.6-57.el6.src.rpm | MD5: e708c0b5c36831e479c7cfad993abc71 SHA-256: 3c4da2315a63f1bae8a9c57c202b6fe609af28f260a35b51cd904947aa585859 |
| IA-32: | |
| tcp_wrappers-7.6-57.el6.i686.rpm | MD5: 0c675339f4ac57f9f30ed5abe088ee5f SHA-256: a9416896f6dcdcfd3a8b190ad6cd5c6246e0b8004205ff083fe3cf4b56800d5c |
| tcp_wrappers-debuginfo-7.6-57.el6.i686.rpm | MD5: b80af550c767eb39bd64d613949f5fcc SHA-256: fcd1ae2b5371e231babaedd623dbc16dc7e76909293cb9679c9fba5d6dd905d7 |
| tcp_wrappers-devel-7.6-57.el6.i686.rpm | MD5: e0472df2f8013e6e202e29754df961a9 SHA-256: db031f3ab64e4d4a077231104afab177bea0dd704a3de4994704672bfed1463d |
| tcp_wrappers-libs-7.6-57.el6.i686.rpm | MD5: dbed0409287d9abe710fa8303cfabd53 SHA-256: eef19018597cbc1c8d52f63584e52f219f0e478ac13ec4e8e149db735b9b83eb |
| PPC: | |
| tcp_wrappers-7.6-57.el6.ppc64.rpm | MD5: e5fc8e03e09f2e3de1d56bce2a36e063 SHA-256: be244b76ba1563834ec74eee85252c6db1af7c516b2f3ecc4b3f828b944d0661 |
| tcp_wrappers-debuginfo-7.6-57.el6.ppc.rpm | MD5: e87cbfc9cc472926bb5e3216f830caff SHA-256: 7c1a632a5e20eba9ef5c2e0d52cd9b58572fa47253ad2aaa5d3969fa70f6a031 |
| tcp_wrappers-debuginfo-7.6-57.el6.ppc64.rpm | MD5: 81f0358eba797b9498c5949262df0829 SHA-256: f80d0d90acecbefe1f936c6d7c3aa41bdd73950d1423e82ba527efa0212d279e |
| tcp_wrappers-devel-7.6-57.el6.ppc.rpm | MD5: 3c44ed2d9c6ec484ef8c9554daed339e SHA-256: 1bbb0d88e10b3a4707b464acec7a18e29b1c786e165679f4cbe34211f9e7d3b8 |
| tcp_wrappers-devel-7.6-57.el6.ppc64.rpm | MD5: a9cf2f7e21f71238e540d5f3e9a3235d SHA-256: 7ce7203a23d6890d38901ae5889811adc146a7f0df0262592a20750ed575cefd |
| tcp_wrappers-libs-7.6-57.el6.ppc.rpm | MD5: 2996bcf9d431ede9a56b7e08fc311975 SHA-256: d0a68598574eb755b7f0185396c73a939f7a21e3aa84317afc83742a697a7960 |
| tcp_wrappers-libs-7.6-57.el6.ppc64.rpm | MD5: c445b89073af96cb981beea29e3de0f8 SHA-256: 11f5230ae44de9573011b0a3b03a849696a41d7ce8462e5f8f17990a6a0747dd |
| s390x: | |
| tcp_wrappers-7.6-57.el6.s390x.rpm | MD5: 38238bbcd2c3ed628e3a5e699d13f380 SHA-256: e84701495ab312028f22119e41b54ace194f75a886058cb9c452d788ae10138d |
| tcp_wrappers-debuginfo-7.6-57.el6.s390.rpm | MD5: d188158c993ede39c2f12c0f5784dede SHA-256: 82563bce74057ee051a3bc417f1577ad0f68acbb42c010c427451477dae18701 |
| tcp_wrappers-debuginfo-7.6-57.el6.s390x.rpm | MD5: 98d0b8293901efde7c6855a95f0fa296 SHA-256: 403484f815b089f57e709840c4d9b2685c90fecdcd3cce9632f69a219721831f |
| tcp_wrappers-devel-7.6-57.el6.s390.rpm | MD5: 0438498cd2d9b431ab50a401c7531933 SHA-256: 6e758bb13df588104a561720b956e9ad17ad3a88641498e25d793ed4aa590ffe |
| tcp_wrappers-devel-7.6-57.el6.s390x.rpm | MD5: 4ff508fcffe1fe219c75fcc951171e7e SHA-256: 4b10d410879212c43e5bfe3b242d57a3da54472e0ea24de6b7be6456ab20a9cc |
| tcp_wrappers-libs-7.6-57.el6.s390.rpm | MD5: 86c4603e50a052e7cc42282cb0e64c02 SHA-256: f5d2a8c3ebb88883d36936f5dc81faa85d28c3d50d956b9ae76e39f770209adb |
| tcp_wrappers-libs-7.6-57.el6.s390x.rpm | MD5: 4b8a8a417533c4cc0e5febdc5f783dfa SHA-256: 3f2ba68a7a89957a1e6c44a1868f54056eb6d76299cbeb7fe2d86f5d7b668d15 |
| x86_64: | |
| tcp_wrappers-7.6-57.el6.x86_64.rpm | MD5: 0446af12595d29c512a6588011cc7ea4 SHA-256: a1ba29fb271a06ebd355c23996ef0124c146234a83bb8e4051c32aecc6ccb641 |
| tcp_wrappers-debuginfo-7.6-57.el6.i686.rpm | MD5: b80af550c767eb39bd64d613949f5fcc SHA-256: fcd1ae2b5371e231babaedd623dbc16dc7e76909293cb9679c9fba5d6dd905d7 |
| tcp_wrappers-debuginfo-7.6-57.el6.x86_64.rpm | MD5: b569151c12d8ba7890ef986a9501c30f SHA-256: d392a178fd1250807c12ff6fbe0d14244dd50abf8164c06b57cb7810af1b864a |
| tcp_wrappers-devel-7.6-57.el6.i686.rpm | MD5: e0472df2f8013e6e202e29754df961a9 SHA-256: db031f3ab64e4d4a077231104afab177bea0dd704a3de4994704672bfed1463d |
| tcp_wrappers-devel-7.6-57.el6.x86_64.rpm | MD5: f6a4b87f70e4d8952130794b04bf3830 SHA-256: 16dd8e1d1252acd0020874ad9f34d61e963dc2602315b16f57d570c46a1b8943 |
| tcp_wrappers-libs-7.6-57.el6.i686.rpm | MD5: dbed0409287d9abe710fa8303cfabd53 SHA-256: eef19018597cbc1c8d52f63584e52f219f0e478ac13ec4e8e149db735b9b83eb |
| tcp_wrappers-libs-7.6-57.el6.x86_64.rpm | MD5: 418c63377fde9781bcb1fffb896ca427 SHA-256: 5c0b5b9daf4380b87d277be4b331cff8afaf060dc3b7ef12d302ba45c290325d |
| Red Hat Enterprise Linux Workstation (v. 6) | |
| SRPMS: | |
| tcp_wrappers-7.6-57.el6.src.rpm | MD5: e708c0b5c36831e479c7cfad993abc71 SHA-256: 3c4da2315a63f1bae8a9c57c202b6fe609af28f260a35b51cd904947aa585859 |
| IA-32: | |
| tcp_wrappers-7.6-57.el6.i686.rpm | MD5: 0c675339f4ac57f9f30ed5abe088ee5f SHA-256: a9416896f6dcdcfd3a8b190ad6cd5c6246e0b8004205ff083fe3cf4b56800d5c |
| tcp_wrappers-debuginfo-7.6-57.el6.i686.rpm | MD5: b80af550c767eb39bd64d613949f5fcc SHA-256: fcd1ae2b5371e231babaedd623dbc16dc7e76909293cb9679c9fba5d6dd905d7 |
| tcp_wrappers-devel-7.6-57.el6.i686.rpm | MD5: e0472df2f8013e6e202e29754df961a9 SHA-256: db031f3ab64e4d4a077231104afab177bea0dd704a3de4994704672bfed1463d |
| tcp_wrappers-libs-7.6-57.el6.i686.rpm | MD5: dbed0409287d9abe710fa8303cfabd53 SHA-256: eef19018597cbc1c8d52f63584e52f219f0e478ac13ec4e8e149db735b9b83eb |
| x86_64: | |
| tcp_wrappers-7.6-57.el6.x86_64.rpm | MD5: 0446af12595d29c512a6588011cc7ea4 SHA-256: a1ba29fb271a06ebd355c23996ef0124c146234a83bb8e4051c32aecc6ccb641 |
| tcp_wrappers-debuginfo-7.6-57.el6.i686.rpm | MD5: b80af550c767eb39bd64d613949f5fcc SHA-256: fcd1ae2b5371e231babaedd623dbc16dc7e76909293cb9679c9fba5d6dd905d7 |
| tcp_wrappers-debuginfo-7.6-57.el6.x86_64.rpm | MD5: b569151c12d8ba7890ef986a9501c30f SHA-256: d392a178fd1250807c12ff6fbe0d14244dd50abf8164c06b57cb7810af1b864a |
| tcp_wrappers-devel-7.6-57.el6.i686.rpm | MD5: e0472df2f8013e6e202e29754df961a9 SHA-256: db031f3ab64e4d4a077231104afab177bea0dd704a3de4994704672bfed1463d |
| tcp_wrappers-devel-7.6-57.el6.x86_64.rpm | MD5: f6a4b87f70e4d8952130794b04bf3830 SHA-256: 16dd8e1d1252acd0020874ad9f34d61e963dc2602315b16f57d570c46a1b8943 |
| tcp_wrappers-libs-7.6-57.el6.i686.rpm | MD5: dbed0409287d9abe710fa8303cfabd53 SHA-256: eef19018597cbc1c8d52f63584e52f219f0e478ac13ec4e8e149db735b9b83eb |
| tcp_wrappers-libs-7.6-57.el6.x86_64.rpm | MD5: 418c63377fde9781bcb1fffb896ca427 SHA-256: 5c0b5b9daf4380b87d277be4b331cff8afaf060dc3b7ef12d302ba45c290325d |
| (The unlinked packages above are only available from the Red Hat Network) | |
Bugs fixed (see bugzilla for more information)
727287 - Request to recompile libraries with -Wl,-z,relro flags
Keywords
RELRO
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package
The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/
