Security Advisory Moderate: Red Hat Network Satellite Server Solaris client security update

Advisory: RHSA-2008:0264-3
Type: Security Advisory
Severity: Moderate
Issued on: 2008-05-20
Last updated on: 2008-05-20
Affected Products: Red Hat Network Satellite (v. 5.0 for RHEL 4)
OVAL: N/A
CVEs (cve.mitre.org): CVE-2005-1849
CVE-2005-2096
CVE-2005-2969
CVE-2006-1542
CVE-2006-2937
CVE-2006-2940
CVE-2006-3738
CVE-2006-4339
CVE-2006-4343
CVE-2006-4980
CVE-2007-2052
CVE-2007-4965

Details

Red Hat Network Satellite Server version 5.0.2 is now available. This
update includes fixes for a number of security issues in Red Hat Network
Satellite Server Solaris client components.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

This release corrects several security vulnerabilities in various
components shipped as part of the Red Hat Network Satellite Server Solaris
client. In a typical operating environment, these components are not used
by the Satellite Server in a vulnerable manner. These security updates will
reduce risk should these components be used by other applications.

Two denial-of-service flaws were fixed in ZLib. (CVE-2005-2096,
CVE-2005-1849)

Multiple flaws were fixed in OpenSSL. (CVE-2006-4343, CVE-2006-4339,
CVE-2006-3738, CVE-2006-2940, CVE-2006-2937, CVE-2005-2969)

Multiple flaws were fixed in Python. (CVE-2007-4965, CVE-2007-2052,
CVE-2006-4980, CVE-2006-1542)

Users of Red Hat Network Satellite Server 5.0.1 are advised to upgrade to
5.0.2, which resolves these issues.


Solution

This update is available via Red Hat Network. Details on how to use the
Red Hat Network to apply this update are available at
http://www.redhat.com/docs/manuals/satellite/Red_Hat_Network_Satellite-5.0.0/html/Installation_Guide/s1-maintenance-update.html

Updated packages

Red Hat Network Satellite (v. 5.0 for RHEL 4)
IA-32:
rhn-solaris-bootstrap-5.0.2-3.noarch.rpm     12c3c00aecde7391f5b23c9bf8ae3ee2
rhn_solaris_bootstrap_5_0_2_3-1-0.noarch.rpm     8959c737505d136b10ffa1580e185c93
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

235093 - CVE-2007-2052 python off-by-one locale.strxfrm() (possible memory disclosure)
295971 - CVE-2007-4965 python imageop module heap corruption
430640 - CVE-2006-1542 python buffer overflow
430641 - CVE-2006-4980 python repr unicode buffer overflow
430649 - CVE-2005-1849 zlib DoS
430651 - CVE-2006-4343 openssl sslv2 client code
430652 - CVE-2006-3738 openssl get_shared_ciphers overflow
430654 - CVE-2006-2940 openssl public key DoS
430655 - CVE-2006-2937 openssl ASN.1 DoS
430659 - CVE-2006-4339 openssl signature forgery
430660 - CVE-2005-2969 openssl mitm downgrade attack


References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1849
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2096
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2969
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1542
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2052
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4965
http://www.redhat.com/security/updates/classification/#moderate

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/