Updated SANE and XSane packages fix temporary file handling vulnerabilities

Advisory:	RHSA-2001:171-11
Type:	Security Advisory
Severity:	N/A
Issued on:	2001-12-11
Last updated on:	2002-01-05
Affected Products:	Red Hat Linux 7.0 Red Hat Linux 7.1 Red Hat Linux 7.2
OVAL:	N/A
CVEs (cve.mitre.org):	CVE-2001-0887 CVE-2001-0890

Details

Updated SANE and XSane packages are available, which fix insecure handling
of temporary files.

XSane is an X-based interface providing access to scanners, digital
cameras, and other capture devices. When XSane creates temporary files, it
does so with predictable filenames in a manner that would follow symbolic
links. This could allow a local user to overwrite files written by the user
running XSane.

Additionally, the SANE library that XSane uses also has some similar
problems. When some SANE backend drivers created temporary files they
did so in a manner that would follow symbolic links. These packages
prevent that kind of attack. The default configuration had one of these
dangerous backends enabled. These packages update XSane to version 0.82 and
turn off the vulnerable backend in the default configuration.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the names CAN-2001-0887 and CAN-2001-0890 to these issues.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade. Only those
RPMs which are currently installed will be updated. Those RPMs which are
not installed but included in the list will not be updated. Note that you
can also use wildcards (*.rpm) if your current directory *only* contains the
desired RPMs.

Please note that this update is also available via Red Hat Network. Many
people find this an easier way to apply updates. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

Updated packages

Red Hat Linux 7.0

SRPMS:
ftp://updates.redhat.com/7.0/en/os/SRPMS/sane-1.0.3-2.1.src.rpm Missing file	`fdbbfefb66a01042d8c48a72ef3eba3a`
ftp://updates.redhat.com/7.0/en/os/SRPMS/xsane-0.82-2.1.src.rpm Missing file	`ec39b14b76be7c20f409fc2e6ce3d9c4`

Alpha:
ftp://updates.redhat.com/7.0/en/os/alpha/sane-1.0.3-2.1.alpha.rpm Missing file	`df2ca46c55278455d5f78495b882bb15`
ftp://updates.redhat.com/7.0/en/os/alpha/sane-devel-1.0.3-2.1.alpha.rpm Missing file	`21f8eeca4d81b6000a2a8b50cad700be`
ftp://updates.redhat.com/7.0/en/os/alpha/xsane-0.82-2.1.alpha.rpm Missing file	`7a1f86435917c839dc687e5293b020c1`
ftp://updates.redhat.com/7.0/en/os/alpha/xsane-gimp-0.82-2.1.alpha.rpm Missing file	`a5ab413d053b2ba2d156dfb719a38904`

IA-32:
ftp://updates.redhat.com/7.0/en/os/i386/sane-1.0.3-2.1.i386.rpm Missing file	`b81eab65537a7fe390ee8b88deea6d15`
ftp://updates.redhat.com/7.0/en/os/i386/sane-devel-1.0.3-2.1.i386.rpm Missing file	`808d906065ceed911c02eb0b857aaeab`
ftp://updates.redhat.com/7.0/en/os/i386/xsane-0.82-2.1.i386.rpm Missing file	`919a802b0329167f9c29ac1896c30d09`
ftp://updates.redhat.com/7.0/en/os/i386/xsane-gimp-0.82-2.1.i386.rpm Missing file	`4f845d419cd5bc9f2e139e8aedbb3a18`

Red Hat Linux 7.1

SRPMS:
sane-1.0.3-10.1.src.rpm File outdated by: RHSA-2003:278	`584f42e891f1df0af0596d40d20fa65f`
ftp://updates.redhat.com/7.1/en/os/SRPMS/xsane-0.82-3.1.src.rpm Missing file	`527cd923eb36d8b8d5f419f54a66d953`

Alpha:
ftp://updates.redhat.com/7.1/en/os/alpha/sane-1.0.3-10.1.alpha.rpm Missing file	`1f907d411faa5d3ea405fced028b5ff8`
ftp://updates.redhat.com/7.1/en/os/alpha/sane-devel-1.0.3-10.1.alpha.rpm Missing file	`fc7ec82bbd647b22e0731553d38794d7`
ftp://updates.redhat.com/7.1/en/os/alpha/xsane-0.82-3.1.alpha.rpm Missing file	`b72e17c10b566b3e4095b282809dff79`
ftp://updates.redhat.com/7.1/en/os/alpha/xsane-gimp-0.82-3.1.alpha.rpm Missing file	`f243f0d4d753565603ce4c1c82f81b5b`

IA-32:
sane-1.0.3-10.1.i386.rpm File outdated by: RHSA-2003:278	`86c42a3de7a925ff17f5aa6da4a4c76d`
sane-devel-1.0.3-10.1.i386.rpm File outdated by: RHSA-2003:278	`dfc10654ff591bf2211f7fb506bea7a1`
ftp://updates.redhat.com/7.1/en/os/i386/xsane-0.82-3.1.i386.rpm Missing file	`9dd2a89ee8c0ded4769680290f4b7828`
ftp://updates.redhat.com/7.1/en/os/i386/xsane-gimp-0.82-3.1.i386.rpm Missing file	`99a63c47855a3c4cad9860c312be993b`

IA-64:
ftp://updates.redhat.com/7.1/en/os/ia64/sane-1.0.3-10.1.ia64.rpm Missing file	`719fc4bbf8aa1640819089d429ebe48c`
ftp://updates.redhat.com/7.1/en/os/ia64/sane-devel-1.0.3-10.1.ia64.rpm Missing file	`22c25cb7e3236a7a63cf25665722130c`
ftp://updates.redhat.com/7.1/en/os/ia64/xsane-0.82-3.1.ia64.rpm Missing file	`824592c070ae942f2abd524108e0fc77`
ftp://updates.redhat.com/7.1/en/os/ia64/xsane-gimp-0.82-3.1.ia64.rpm Missing file	`54dc74b15186604a02e510e61b689f9c`

Red Hat Linux 7.2

SRPMS:
sane-backends-1.0.5-4.1.src.rpm File outdated by: RHSA-2003:278	`4a7a1354595100ddcc520781c9e97650`
ftp://updates.redhat.com/7.2/en/os/SRPMS/xsane-0.82-3.1.src.rpm Missing file	`527cd923eb36d8b8d5f419f54a66d953`

IA-32:
sane-backends-1.0.5-4.1.i386.rpm File outdated by: RHSA-2003:278	`114b7a531b01b7ab62dbde4bbd362b10`
sane-backends-devel-1.0.5-4.1.i386.rpm File outdated by: RHSA-2003:278	`df5a788b98f6f40e71153b1308f30c95`
ftp://updates.redhat.com/7.2/en/os/i386/xsane-0.82-3.1.i386.rpm Missing file	`9dd2a89ee8c0ded4769680290f4b7828`
ftp://updates.redhat.com/7.2/en/os/i386/xsane-gimp-0.82-3.1.i386.rpm Missing file	`99a63c47855a3c4cad9860c312be993b`

IA-64:
sane-backends-1.0.5-4.1.ia64.rpm File outdated by: RHSA-2003:278	`b6489cb169ed65147fbdba1061cf4fd9`
sane-backends-devel-1.0.5-4.1.ia64.rpm File outdated by: RHSA-2003:278	`bcb40602e70cfda30ffa693e62dec13c`
ftp://updates.redhat.com/7.2/en/os/ia64/xsane-0.82-3.1.ia64.rpm Missing file	`824592c070ae942f2abd524108e0fc77`
ftp://updates.redhat.com/7.2/en/os/ia64/xsane-gimp-0.82-3.1.ia64.rpm Missing file	`54dc74b15186604a02e510e61b689f9c`

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0887
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0890
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0887
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0890
http://www.securityfocus.com/bid/3700

Keywords

files, sane, temporary, xsane

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/