Security Advisory Updated stunnel packages fix signal vulnerability

Advisory: RHSA-2003:221-07
Type: Security Advisory
Severity: N/A
Issued on: 2003-07-25
Last updated on: 2003-07-25
Affected Products: Red Hat Linux 7.1
Red Hat Linux 7.2
Red Hat Linux 7.3
Red Hat Linux 8.0
OVAL: N/A
CVEs (cve.mitre.org): CVE-2002-1563

Details

Updated stunnel packages are now available for Red Hat Linux 7.1, 7.2, 7.3,
and 8.0. These updates correct a potential vulnerability in stunnel's
signal handling.

Stunnel is a wrapper for network connections. It can be used to tunnel an
unencrypted network connection over a secure connection (encrypted using
SSL or TLS) or to provide a secure means of connecting to services that do
not natively support encryption.

When configured to listen for incoming connections (instead of being
invoked by xinetd), stunnel can be configured to either start a thread or a
child process to handle each new connection. If Stunnel is configured to
start a new child process to handle each connection, it will receive a
SIGCHLD signal when that child exits.

Stunnel versions prior to 4.04 would perform tasks in the SIGCHLD signal
handler which, if interrupted by another SIGCHLD signal, could be unsafe.
This could lead to a denial of service.

All users are urged to upgrade to these errata packages, which modify
stunnel's signal handler so that it is not vulnerable to this issue.

NOTE: After upgrading, any instances of stunnel configured to run in daemon
mode should be restarted, and any active network connections that are
currently being serviced by stunnel should be terminated and reestablished.


Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade. Only those
RPMs which are currently installed will be updated. Those RPMs which are
not installed but included in the list will not be updated. Note that you
can also use wildcards (*.rpm) if your current directory *only* contains the
desired RPMs.

Please note that this update is also available via Red Hat Network. Many
people find this an easier way to apply updates. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

Updated packages

Red Hat Linux 7.1
SRPMS:
ftp://updates.redhat.com/7.1/en/os/SRPMS/stunnel-3.22-5.7.1.src.rpm
Missing file		     e20a6bcf06735897d4b9f7a05b9ded3f
 
IA-32:
stunnel-3.22-5.7.1.i386.rpm
File outdated by:  RHSA-2003:296		     38a38be900e55173493db34a1d0fdddd
 
Red Hat Linux 7.2
SRPMS:
ftp://updates.redhat.com/7.2/en/os/SRPMS/stunnel-3.22-5.7.3.src.rpm
Missing file		     d74e461c13ccb49a48bac85560b40287
 
IA-32:
stunnel-3.22-5.7.3.i386.rpm
File outdated by:  RHSA-2003:296		     bc60108d725ce1b88bfdc16db0b9ee6f
 
IA-64:
stunnel-3.22-5.7.3.ia64.rpm
File outdated by:  RHSA-2003:296		     f017a9e4373a8478342961e430c8405f
 
Red Hat Linux 7.3
SRPMS:
ftp://updates.redhat.com/7.3/en/os/SRPMS/stunnel-3.22-5.7.3.src.rpm
Missing file		     d74e461c13ccb49a48bac85560b40287
 
IA-32:
stunnel-3.22-5.7.3.i386.rpm
File outdated by:  RHSA-2003:296		     bc60108d725ce1b88bfdc16db0b9ee6f
 
Red Hat Linux 8.0
SRPMS:
ftp://updates.redhat.com/8.0/en/os/SRPMS/stunnel-3.22-5.8.0.src.rpm
Missing file		     37e3c19c87b1c47a3a503823ce19a687
 
IA-32:
stunnel-3.22-5.8.0.i386.rpm
File outdated by:  RHSA-2003:296		     10a5bac0cf90d31b6db4b49abc74ca4b
 

Bugs fixed (see bugzilla for more information)

82325 - stunnel security errata required


References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1563
http://marc.theaimsgroup.com/?l=stunnel-users&m=103600188215117

Keywords

DoS, handler, reentrancy, signal, stunnel

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/