Moderate: rpm security and bug fix update
| Advisory: | RHSA-2010:0679-1 |
|---|---|
| Type: | Security Advisory |
| Severity: | Moderate |
| Issued on: | 2010-09-07 |
| Last updated on: | 2010-09-07 |
| Affected Products: | RHEL Desktop Workstation (v. 5 client) Red Hat Enterprise Linux (v. 5 server) Red Hat Enterprise Linux Desktop (v. 5 client) |
| CVEs (cve.mitre.org): |
CVE-2010-2059 |
Details
Updated rpm packages that fix one security issue and one bug are now
available for Red Hat Enterprise Linux 5.
The Red Hat Security Response Team has rated this update as having moderate
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.
The RPM Package Manager (RPM) is a command line driven package management
system capable of installing, uninstalling, verifying, querying, and
updating software packages.
It was discovered that RPM did not remove setuid and setgid bits set on
binaries when upgrading packages. A local attacker able to create hard
links to binaries could use this flaw to keep those binaries on the system,
at a specific version level and with the setuid or setgid bit set, even if
the package providing them was upgraded by a system administrator. This
could have security implications if a package was upgraded because of a
security flaw in a setuid or setgid program. (CVE-2010-2059)
This update also fixes the following bug:
* A memory leak in the communication between RPM and the Security-Enhanced
Linux (SELinux) subsystem, which could have caused extensive memory
consumption. In reported cases, this issue was triggered by running
rhn_check when errata were scheduled to be applied. (BZ#627630)
All users of rpm are advised to upgrade to these updated packages, which
contain backported patches to correct these issues.
Solution
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259
Updated packages
| RHEL Desktop Workstation (v. 5 client) | |
| SRPMS: | |
| rpm-4.4.2.3-20.el5_5.1.src.rpm File outdated by: RHSA-2011:1349 |
MD5: 9310b536e45f3f1ba748d1d3b25c3be0 SHA-256: 869d80aa7515908038c5f01381be092899e8820040157e1cb9d1191a61ab6a05 |
| IA-32: | |
| rpm-apidocs-4.4.2.3-20.el5_5.1.i386.rpm File outdated by: RHSA-2011:1349 |
MD5: 41042338481853cf5c8a5b7f7b7b1738 SHA-256: 979e4cec5d8331a7b37fb9677d18608538ac32b60751d6edd434a50a9f450398 |
| rpm-build-4.4.2.3-20.el5_5.1.i386.rpm File outdated by: RHSA-2011:1349 |
MD5: 2f4f32b7fcf79ce4e1e6db108ab39bda SHA-256: 3fc4750741ebc1e98c5f68dc6e15f6b396e8686de45d481188d916334e5aa9bc |
| rpm-devel-4.4.2.3-20.el5_5.1.i386.rpm File outdated by: RHSA-2011:1349 |
MD5: f7c25590c4fc90a95ebdef7087ceaab2 SHA-256: fe7278b4820f01e3f8ac45ed93dd06f16773c9f59c2a023a3a354c008e6bb24d |
| x86_64: | |
| rpm-apidocs-4.4.2.3-20.el5_5.1.x86_64.rpm File outdated by: RHSA-2011:1349 |
MD5: e5d14a77a98de75ead8a4ef06c7da4e7 SHA-256: c87dbc0f47acf3bad9942d5b0de6a4a087580278dc5043a96eb590cb8ea834c5 |
| rpm-build-4.4.2.3-20.el5_5.1.x86_64.rpm File outdated by: RHSA-2011:1349 |
MD5: 6795fa9da8d0486d8f09bf7305b8e4cf SHA-256: fc9157d2492b2611dd9a6bd5601226a7e0f915106b1d74fbe5855939ec893afa |
| rpm-devel-4.4.2.3-20.el5_5.1.i386.rpm File outdated by: RHSA-2011:1349 |
MD5: f7c25590c4fc90a95ebdef7087ceaab2 SHA-256: fe7278b4820f01e3f8ac45ed93dd06f16773c9f59c2a023a3a354c008e6bb24d |
| rpm-devel-4.4.2.3-20.el5_5.1.x86_64.rpm File outdated by: RHSA-2011:1349 |
MD5: fb7eecee162d9e55e42a4d861e9483ef SHA-256: bd521d09467339619672fce5561a30fe95e569e7d445f630fb1531def20042a5 |
| Red Hat Enterprise Linux (v. 5 server) | |
| SRPMS: | |
| rpm-4.4.2.3-20.el5_5.1.src.rpm File outdated by: RHSA-2011:1349 |
MD5: 9310b536e45f3f1ba748d1d3b25c3be0 SHA-256: 869d80aa7515908038c5f01381be092899e8820040157e1cb9d1191a61ab6a05 |
| IA-32: | |
| popt-1.10.2.3-20.el5_5.1.i386.rpm File outdated by: RHSA-2011:1349 |
MD5: fb3cfb7259613314237c4244c75c4024 SHA-256: c879318615763f9ad0479f4e5a003b44c133d05e7ffcac8f26917d6fc036ede7 |
| rpm-4.4.2.3-20.el5_5.1.i386.rpm File outdated by: RHSA-2011:1349 |
MD5: ccd0d822e3e565487368d193ee8da70f SHA-256: 0fd80611e6889777a500c2afe32c60b36ce1f062819914ec6d7b914ccd5370ef |
| rpm-apidocs-4.4.2.3-20.el5_5.1.i386.rpm File outdated by: RHSA-2011:1349 |
MD5: 41042338481853cf5c8a5b7f7b7b1738 SHA-256: 979e4cec5d8331a7b37fb9677d18608538ac32b60751d6edd434a50a9f450398 |
| rpm-build-4.4.2.3-20.el5_5.1.i386.rpm File outdated by: RHSA-2011:1349 |
MD5: 2f4f32b7fcf79ce4e1e6db108ab39bda SHA-256: 3fc4750741ebc1e98c5f68dc6e15f6b396e8686de45d481188d916334e5aa9bc |
| rpm-devel-4.4.2.3-20.el5_5.1.i386.rpm File outdated by: RHSA-2011:1349 |
MD5: f7c25590c4fc90a95ebdef7087ceaab2 SHA-256: fe7278b4820f01e3f8ac45ed93dd06f16773c9f59c2a023a3a354c008e6bb24d |
| rpm-libs-4.4.2.3-20.el5_5.1.i386.rpm File outdated by: RHSA-2011:1349 |
MD5: 7568eccead16fa13a62115e8276cbad0 SHA-256: 1baf45c607050ef89f147565717aeb8b91b691ca1dff344ef6464e45a9f9d1c0 |
| rpm-python-4.4.2.3-20.el5_5.1.i386.rpm File outdated by: RHSA-2011:1349 |
MD5: e71e30265e37bb347fbaebbbb6e31a00 SHA-256: 3ebc12fe7630ae79c0e6d5a9fd79be8bdd93c34c426b89a8a0f3c67c9a210bf6 |
| IA-64: | |
| popt-1.10.2.3-20.el5_5.1.ia64.rpm File outdated by: RHSA-2011:1349 |
MD5: 92f2507297299ec13476963c591745ad SHA-256: dbc6c34dca038b95ef8997f5dbaa719ebc3d19d1db06778089bb25b461ba89b9 |
| rpm-4.4.2.3-20.el5_5.1.ia64.rpm File outdated by: RHSA-2011:1349 |
MD5: 659acf75e0d99818b0287d45109df700 SHA-256: 6e2af994d8f0402d05018c57221a3c8de603d2925745a10ea6da1ff76ad08144 |
| rpm-apidocs-4.4.2.3-20.el5_5.1.ia64.rpm File outdated by: RHSA-2011:1349 |
MD5: 8a21054ddca8bc3ede784bfe5c9b9aec SHA-256: 1f18403f7aec44fc3b1b344269aeb95a175970d57e693f0de264c08e4c3777ae |
| rpm-build-4.4.2.3-20.el5_5.1.ia64.rpm File outdated by: RHSA-2011:1349 |
MD5: a8e1a0b5da4d4f7c92a7947a3e4596a8 SHA-256: a22ae7b48a73abdfb19c7697a0b1d4a540ecb6f2a9b83757ed12403aa6089e51 |
| rpm-devel-4.4.2.3-20.el5_5.1.ia64.rpm File outdated by: RHSA-2011:1349 |
MD5: 4cee5d5c7a252b6fe94f71a82c9acd9e SHA-256: bcd8eb46d1c99d9d809fc3ad8e79dca1af53bd93c6fe1526240fe17413a26a02 |
| rpm-libs-4.4.2.3-20.el5_5.1.ia64.rpm File outdated by: RHSA-2011:1349 |
MD5: 7bc2e8cbac6361507be69490c8fd420c SHA-256: 8a41bc2385763f3c84159ba8b9d730ddd0952b8bd90aa7dd6501b374c32c2eb7 |
| rpm-python-4.4.2.3-20.el5_5.1.ia64.rpm File outdated by: RHSA-2011:1349 |
MD5: 72410d232c788c22df2993ae7055acec SHA-256: 1da071a80446c1048f49d13645714062d76a2e9a285ad02e69a41edae0a70f58 |
| PPC: | |
| popt-1.10.2.3-20.el5_5.1.ppc.rpm File outdated by: RHSA-2011:1349 |
MD5: bc1eba6d8554333acf9bdc3a2e623d53 SHA-256: df519b65d2b95b5938cabadc979058479e487aa7ad55cd0a130d890a1c2796d6 |
| popt-1.10.2.3-20.el5_5.1.ppc64.rpm File outdated by: RHSA-2011:1349 |
MD5: c47fe00608740a2941626681d761794e SHA-256: 0b7dde6776cbf550fd4dbaeb39a722c95e32603cb2ce6fbb7465bc05aa0683c3 |
| rpm-4.4.2.3-20.el5_5.1.ppc.rpm File outdated by: RHSA-2011:1349 |
MD5: 00bb775b92343bcaba2e63026c354e56 SHA-256: d250c8cefa8a96cfb17cdee25468df9160ce7256ed0185d29ea6a8310de1730c |
| rpm-apidocs-4.4.2.3-20.el5_5.1.ppc.rpm File outdated by: RHSA-2011:1349 |
MD5: a221c7703b6ca078dee8c9142a4d3a98 SHA-256: 6db851f9af55b592b535e022a23a2a2ed9783a21350e7a9726d9ea73cb9b8f81 |
| rpm-build-4.4.2.3-20.el5_5.1.ppc.rpm File outdated by: RHSA-2011:1349 |
MD5: c07abc4a5331ba4f4938011ea062fc5c SHA-256: f46e36ec24ba04271e21fde235eada78d0249d3c8213e92f880ff8f6474cb647 |
| rpm-devel-4.4.2.3-20.el5_5.1.ppc.rpm File outdated by: RHSA-2011:1349 |
MD5: 216e975d7e7af72f56a47dd94ecddd54 SHA-256: 824aadcb10893b5f623e2d4be4e2abb35234d87444884f3b206ccd210363fa4a |
| rpm-devel-4.4.2.3-20.el5_5.1.ppc64.rpm File outdated by: RHSA-2011:1349 |
MD5: 3143e4c91163b2e0ce1ab89241390351 SHA-256: ec901fdb164c504016cd3e93993cfd9f4d131b5b44c44637312add3462b81dcc |
| rpm-libs-4.4.2.3-20.el5_5.1.ppc.rpm File outdated by: RHSA-2011:1349 |
MD5: c5d13756f855c0acca0ae5d99fee41b1 SHA-256: de830acdb89adf305b581937e4112c279b1b6c9359cf02ce1aae1c41642c7ddd |
| rpm-libs-4.4.2.3-20.el5_5.1.ppc64.rpm File outdated by: RHSA-2011:1349 |
MD5: a567c79c3bd0745c33f5f256066db10c SHA-256: 22d9b4230e0639e4303666c9cd19e17fc1e1a19b0983317b5cde466249ba3f56 |
| rpm-python-4.4.2.3-20.el5_5.1.ppc.rpm File outdated by: RHSA-2011:1349 |
MD5: 881343c81837dd28197ac0836c4831d8 SHA-256: e7333582f9f27cac749dc0375cce53acd84161a73db0470c2ea711ffb961dfef |
| s390x: | |
| popt-1.10.2.3-20.el5_5.1.s390.rpm File outdated by: RHSA-2011:1349 |
MD5: ae59d95068cca583ead2c298f362681b SHA-256: 2d9b8da4a716f92c45f9b0dc5750e24c17c4a817974676b64bd480885a567841 |
| popt-1.10.2.3-20.el5_5.1.s390x.rpm File outdated by: RHSA-2011:1349 |
MD5: f3e2d01442171c0e698c3e52ace4644e SHA-256: a578ee2fe6b6523aa2ac54698bf331d4e3a31398472aa4f9af3c309ee25f7b4f |
| rpm-4.4.2.3-20.el5_5.1.s390x.rpm File outdated by: RHSA-2011:1349 |
MD5: c49e6247ab550348320168c7b0dc0c3f SHA-256: bcf23e71d133fd5199fd409bd57875f1c62dd52c66369292a9bf52514b6bb445 |
| rpm-apidocs-4.4.2.3-20.el5_5.1.s390x.rpm File outdated by: RHSA-2011:1349 |
MD5: 961285f1fa79f6f5b273145c48255665 SHA-256: d6508c43de384c5efe2af649f6c0bb225ee76f7735151f539546ca8dc39aab94 |
| rpm-build-4.4.2.3-20.el5_5.1.s390x.rpm File outdated by: RHSA-2011:1349 |
MD5: 42ab81269b88a1993ee29959db641669 SHA-256: 417cccd2d7cb18621c1ff4c14f064d8217465845815c02b0b888d81957459c13 |
| rpm-devel-4.4.2.3-20.el5_5.1.s390.rpm File outdated by: RHSA-2011:1349 |
MD5: 0609be7851edec5a8dc40dda5d3ac84d SHA-256: eeef108bc795fd3201754c5d010fb8ccf6c05ed705f35fccbf75d505ca887a92 |
| rpm-devel-4.4.2.3-20.el5_5.1.s390x.rpm File outdated by: RHSA-2011:1349 |
MD5: 7cc8016fdfd84df603867f9dc7a04f51 SHA-256: e3cf7bacd3a619a7c917f19a437adfd44fabb9a54e336a7bd4f0f9cc4ab9f1cd |
| rpm-libs-4.4.2.3-20.el5_5.1.s390.rpm File outdated by: RHSA-2011:1349 |
MD5: 17ecb880e5ae9bfe1129b67cd8f987e7 SHA-256: 5f04a81d74ee7795089859a3703fe7d253d85a5dcd7dcb57346e9af751a0c867 |
| rpm-libs-4.4.2.3-20.el5_5.1.s390x.rpm File outdated by: RHSA-2011:1349 |
MD5: b4ee1b63b56315ca5ce53fedfcd81a80 SHA-256: b896388eff9c8b0d2031775275f133031f6f5fb7bbfa79d3f4530123cf4cac57 |
| rpm-python-4.4.2.3-20.el5_5.1.s390x.rpm File outdated by: RHSA-2011:1349 |
MD5: 71dad104f693475b90d84f7a45c7d055 SHA-256: 57c39e497be228f5905eb47b70609d907107135231e300c4a9d5551e7b7ef630 |
| x86_64: | |
| popt-1.10.2.3-20.el5_5.1.i386.rpm File outdated by: RHSA-2011:1349 |
MD5: fb3cfb7259613314237c4244c75c4024 SHA-256: c879318615763f9ad0479f4e5a003b44c133d05e7ffcac8f26917d6fc036ede7 |
| popt-1.10.2.3-20.el5_5.1.x86_64.rpm File outdated by: RHSA-2011:1349 |
MD5: fbc3859605ab654c8998636057833049 SHA-256: 5ac0dcec6fcf4ecbbfa82e3b3a69fd67047929336dbd71835c15f0e1b2ae5a8a |
| rpm-4.4.2.3-20.el5_5.1.x86_64.rpm File outdated by: RHSA-2011:1349 |
MD5: 4a515477106d826a4e00a8091921947d SHA-256: c1e97c9bd27608178bf5e66af4ff54bf33b3c373cea6edeffbfabc24714126ce |
| rpm-apidocs-4.4.2.3-20.el5_5.1.x86_64.rpm File outdated by: RHSA-2011:1349 |
MD5: e5d14a77a98de75ead8a4ef06c7da4e7 SHA-256: c87dbc0f47acf3bad9942d5b0de6a4a087580278dc5043a96eb590cb8ea834c5 |
| rpm-build-4.4.2.3-20.el5_5.1.x86_64.rpm File outdated by: RHSA-2011:1349 |
MD5: 6795fa9da8d0486d8f09bf7305b8e4cf SHA-256: fc9157d2492b2611dd9a6bd5601226a7e0f915106b1d74fbe5855939ec893afa |
| rpm-devel-4.4.2.3-20.el5_5.1.i386.rpm File outdated by: RHSA-2011:1349 |
MD5: f7c25590c4fc90a95ebdef7087ceaab2 SHA-256: fe7278b4820f01e3f8ac45ed93dd06f16773c9f59c2a023a3a354c008e6bb24d |
| rpm-devel-4.4.2.3-20.el5_5.1.x86_64.rpm File outdated by: RHSA-2011:1349 |
MD5: fb7eecee162d9e55e42a4d861e9483ef SHA-256: bd521d09467339619672fce5561a30fe95e569e7d445f630fb1531def20042a5 |
| rpm-libs-4.4.2.3-20.el5_5.1.i386.rpm File outdated by: RHSA-2011:1349 |
MD5: 7568eccead16fa13a62115e8276cbad0 SHA-256: 1baf45c607050ef89f147565717aeb8b91b691ca1dff344ef6464e45a9f9d1c0 |
| rpm-libs-4.4.2.3-20.el5_5.1.x86_64.rpm File outdated by: RHSA-2011:1349 |
MD5: c39aae6cc2f7451dc945c74ee2181095 SHA-256: 344065896b9e1444563827810cf1e881cfd6acf7abcfc9cc1676a69864679eba |
| rpm-python-4.4.2.3-20.el5_5.1.x86_64.rpm File outdated by: RHSA-2011:1349 |
MD5: 6ef15568df7139409425ce2305401a09 SHA-256: 7e75b19a27f2dab2ad6fbc31f7b09dd7b6d9adc4dd5f96ef0ae4449014d27efe |
| Red Hat Enterprise Linux Desktop (v. 5 client) | |
| SRPMS: | |
| rpm-4.4.2.3-20.el5_5.1.src.rpm File outdated by: RHSA-2011:1349 |
MD5: 9310b536e45f3f1ba748d1d3b25c3be0 SHA-256: 869d80aa7515908038c5f01381be092899e8820040157e1cb9d1191a61ab6a05 |
| IA-32: | |
| popt-1.10.2.3-20.el5_5.1.i386.rpm File outdated by: RHSA-2011:1349 |
MD5: fb3cfb7259613314237c4244c75c4024 SHA-256: c879318615763f9ad0479f4e5a003b44c133d05e7ffcac8f26917d6fc036ede7 |
| rpm-4.4.2.3-20.el5_5.1.i386.rpm File outdated by: RHSA-2011:1349 |
MD5: ccd0d822e3e565487368d193ee8da70f SHA-256: 0fd80611e6889777a500c2afe32c60b36ce1f062819914ec6d7b914ccd5370ef |
| rpm-libs-4.4.2.3-20.el5_5.1.i386.rpm File outdated by: RHSA-2011:1349 |
MD5: 7568eccead16fa13a62115e8276cbad0 SHA-256: 1baf45c607050ef89f147565717aeb8b91b691ca1dff344ef6464e45a9f9d1c0 |
| rpm-python-4.4.2.3-20.el5_5.1.i386.rpm File outdated by: RHSA-2011:1349 |
MD5: e71e30265e37bb347fbaebbbb6e31a00 SHA-256: 3ebc12fe7630ae79c0e6d5a9fd79be8bdd93c34c426b89a8a0f3c67c9a210bf6 |
| x86_64: | |
| popt-1.10.2.3-20.el5_5.1.i386.rpm File outdated by: RHSA-2011:1349 |
MD5: fb3cfb7259613314237c4244c75c4024 SHA-256: c879318615763f9ad0479f4e5a003b44c133d05e7ffcac8f26917d6fc036ede7 |
| popt-1.10.2.3-20.el5_5.1.x86_64.rpm File outdated by: RHSA-2011:1349 |
MD5: fbc3859605ab654c8998636057833049 SHA-256: 5ac0dcec6fcf4ecbbfa82e3b3a69fd67047929336dbd71835c15f0e1b2ae5a8a |
| rpm-4.4.2.3-20.el5_5.1.x86_64.rpm File outdated by: RHSA-2011:1349 |
MD5: 4a515477106d826a4e00a8091921947d SHA-256: c1e97c9bd27608178bf5e66af4ff54bf33b3c373cea6edeffbfabc24714126ce |
| rpm-libs-4.4.2.3-20.el5_5.1.i386.rpm File outdated by: RHSA-2011:1349 |
MD5: 7568eccead16fa13a62115e8276cbad0 SHA-256: 1baf45c607050ef89f147565717aeb8b91b691ca1dff344ef6464e45a9f9d1c0 |
| rpm-libs-4.4.2.3-20.el5_5.1.x86_64.rpm File outdated by: RHSA-2011:1349 |
MD5: c39aae6cc2f7451dc945c74ee2181095 SHA-256: 344065896b9e1444563827810cf1e881cfd6acf7abcfc9cc1676a69864679eba |
| rpm-python-4.4.2.3-20.el5_5.1.x86_64.rpm File outdated by: RHSA-2011:1349 |
MD5: 6ef15568df7139409425ce2305401a09 SHA-256: 7e75b19a27f2dab2ad6fbc31f7b09dd7b6d9adc4dd5f96ef0ae4449014d27efe |
| (The unlinked packages above are only available from the Red Hat Network) | |
Bugs fixed (see bugzilla for more information)
598775 - CVE-2010-2059 rpm: fails to drop SUID/SGID bits on package upgrade
627630 - rpm: selinux context initialization memory leak
References
https://www.redhat.com/security/data/cve/CVE-2010-2059.html
http://www.redhat.com/security/updates/classification/#moderate
http://www.redhat.com/security/updates/classification/#moderate
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package
The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/
