|
This file lists the major changes made between Owl releases. While
some of the changes listed here may also be made to a stable branch,
the complete lists of stable branch changes are included with those
branches and as errata for the corresponding Owl releases only.
This is very far from an exhaustive list of changes. Small changes to
individual packages won't be mentioned here unless they fix a security
or a critical reliability problem. They are, however, mentioned in
change logs for the packages themselves.
Changes made between Owl 1.1 and Owl 2.0.
2006/01/18 Package: strace
Updated to 4.5.14.
2006/01/18 Package: pam
Updated to 0.99.3.0.
2006/01/18 Package: libutempter
Updated to 1.1.4.
2006/01/14 Package: nmap
Updated to 3.95.
2006/01/07 -
2006/01/11 Package: bash
Updated to 3.1 patchlevel 5.
2006/01/05 Package: postfix
Updated to 2.2.8.
2006/01/05 Package: glibc
SECURITY FIX Severity: none to low, N/A, N/A
Corrected a bug in the way salts for extended DES-based and for
MD5-based password hashes are generated with the crypt_gensalt*() family
of functions; thanks to Marko Kreen for discovering and reporting this.
The bug would result in a higher than expected number of matching salts
with large numbers of password hashes of the affected types generated on
an Owl system through a mechanism that uses the affected glibc functions
(such as pam_tcb). If the password hashes would ever be compromised
(e.g., by exploiting another vulnerability), it would be possible to
test candidate passwords against them at a faster effective rate because
of this bug. The Blowfish-based (bcrypt) hashes that Owl has always
been using by default and the traditional DES-based crypt(3) hashes were
not affected.
2005/12/30 Package: dialog
Updated to 1.0-20051219.
2005/12/27 Package: pam
Updated to 0.99.2.1. Moved pam_stack into a new pam-compat subpackage.
2005/12/27 Package: tcb
Implemented OpenPAM support. Updated pam_tcb to use new interfaces
provided by Linux-PAM >= 0.99.1.0.
2005/12/26 Package: diffstat
Updated to 1.41.
2005/12/26 Package: hdparm
Updated to 6.3.
2005/12/25 Package: man
Updated to 1.6b.
2005/12/24 Package: gcc
Updated to 3.4.5.
2005/12/24 Packages: db4, pam, perl, postfix;
Owl/build/{installorder.conf,installworld.sh}
Updated db4 to 4.2.52.
2005/12/24 Package: chkconfig
Updated to 1.3.25.
2005/12/23 Packages: libnet, libnids;
Owl/build/installorder.conf
Updated libnet to 1.1.3-RC-01 and libnids to 1.20.
2005/12/18 Package: vim
Updated to 6.4 patchlevel 4.
2005/10/09 -
2005/12/16 Package: john
The handling of LM hashes has been enhanced to use case insensitive
comparisons of the encodings when eliminating duplicate and
already-cracked hashes at load time and when displaying cracked
passwords. The way nouns ending in "z" and "h" are pluralized with the
"p" wordlist rules command has been corrected. A workaround for OpenAFS
has been added to unafs. Any charset file changes will now be detected
when restoring sessions. The supplied charset files and password.lst
have been updated. A new pre-defined "incremental" mode "Alnum" (for
alphanumeric) has been added. A bug with the handling of break
statements with nested loops in the external mode compiler has been
fixed.
2005/12/13 Package: postfix
Updated to 2.2.7.
2005/12/11 Package: man-pages;
Owl/build/installorder.conf
Updated to 2.16, including the addition of POSIX man pages in their own
subpackage.
2005/12/08 Package: findutils
Updated to 4.2.27.
2005/12/06 Package: perl
Backported upstream fix for a potential integer overflow in perl format
string functionality. Third-party software which passes untrusted input
into format strings may allow attackers to overwrite arbitrary memory
in the Perl interpreter and possibly execute arbitrary code via format
string specifiers with large values.
Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3962
2005/11/27 Package: vsftpd
Updated to 2.0.3.
2005/11/26 kernel
Updated to Linux 2.4.32-ow1.
2005/11/22 Package: gnupg
Updated to 1.4.2.
2005/11/18 Package: libpcap
Updated to 0.9.4.
2005/11/16 Package: cpio
SECURITY FIX Severity: high, local, passive
Backported upstream fix for a potential stack-based buffer overflow in
cpio. When cpio is used by a privileged user to archive files created
by a less privileged user, it is possible to overflow a buffer on the
stack with a very large sparse file. This issue only affects 64-bit
platforms.
Reference:
http://lists.gnu.org/archive/html/bug-cpio/2005-11/msg00004.html
2005/11/16 Package: grep
Updated to 2.5.1a.
2005/11/14 Packages: traceroute, iputils;
Owl/build/installorder.conf
Replaced traceroute with Olaf Kirch's implementation.
Packaged traceroute6 binary within traceroute package.
2005/11/14 Package: cvs
Updated to 1.11.21.
2005/11/13 Package: postfix
Introduced "postqueue" control(8) facility to restrict queue views
and runs.
2005/11/12 Package: tar
Updated to 1.15.1 with backported fixes from tar CVS and patches from
ALT Linux and Debian.
2005/11/12 Package: quota
Updated to 3.13.
2005/11/12 Package: patch
Updated to 2.5.9.
2005/11/12 Package: sed
Updated to 4.1.4.
2005/11/11 Package: indent
New package: a program for formatting C source code.
2005/11/09 Package: glibc
Updated to 2.3.6.
2005/11/08 Packages: tinycdb, pcre, postfix, nmap
New packages: constant database library, Perl-compatible regular
expression library. Enabled CDB database type and PCRE lookup tables
support in Postfix.
2005/11/07 Package: coreutils
Updated to 5.93.
2005/10/30 Package: procmail
Updated to 3.22 with patches from ALT Linux and Debian. Fixed a
procmail bug which could result in mailbox corruption when running into
a disk quota or a full partition.
2005/10/29 Packages: openssh, pam, popa3d, shadow-utils, SimplePAMApps,
vixie-cron, vsftpd
Changed PAM config files to use new "include" directive.
2005/10/26 Package: modutils
Integrated module-init-tools for Linux 2.6.x readiness, based on patches
from ALT Linux.
2005/10/24 Package: SysVinit
Updated to 2.86.
2005/10/23 Package: file
Updated to 4.16.
2005/10/23 Package: strace
SECURITY FIX Severity: high, local, passive
Applied upstream fix for a potential buffer overflow in printpathn().
When "strace -p" is used by a privileged user to attach to a less
privileged process, the latter may overflow a static fixed-size buffer
with arbitrary data of arbitrary length.
2005/10/23 Package: zlib
Updated to 1.2.3.
2005/10/23 Package: coreutils
Updated to 5.92.
2005/10/23 Package: net-tools
Updated to 1.60.
2005/10/22 Package: m4
Updated to 1.4.4.
2005/10/21 Package: lilo
Updated to 22.7.1 with added patches both to LILO itself and to the
mkrescue(8) script.
2005/10/20 Package: kbd
Updated to 1.12.
2005/10/20 Packages: openntpd, owl-etc;
Owl/build/installorder.conf
New package: OpenNTPD is an NTP time synchronization server and client.
2005/10/20 Packages: setarch, sparc32;
Owl/build/installorder.conf
sparc32 has been replaced with setarch, which is not limited to the
SPARC architecture. setarch is an utility to set machine
sub-architecture type and Linux kernel personality flags for individual
program invocations.
2005/10/20 Package: silo
Updated to 1.4.9.
2005/10/20 Package: elfutils-libelf
Updated to 0.115.
2005/10/17 Package: rpm
Changed package upgrade algorithm to remove old files on "-U --force"
even if package versions match. When comparing package versions on -U
or -F, take build dates into account.
2005/10/11 Package: openssl
SECURITY FIX Severity: low, remote, active
Applied upstream fix for potential SSL 2.0 rollback during SSL handshake.
Applications using either SSL_OP_MSIE_SSLV2_RSA_PADDING or SSL_OP_ALL
option miss a verification step in the SSL 2.0 server supposed to prevent
active protocol-version rollback attacks. With this verification step
disabled, an attacker acting as a "man in the middle" can force a client
and a server to negotiate the SSL 2.0 protocol even if these parties
both support SSL 3.0 or TLS 1.0. The SSL 2.0 protocol is known to have
severe cryptographic weaknesses and is supported as a fallback only.
References:
https://www.openssl.org/news/secadv_20051011.txt
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2969
2005/09/30 Package: tcsh
Updated to 6.14.00.
2005/09/29 Package: cvs
Updated to 1.11.20 with many patches, primarily from ALT Linux.
2005/09/24 Packages: bind, owl-etc;
Owl/build/installorder.conf
New package: the ISC BIND server.
2005/09/21 Package: cdk
New package: CDK is a widget set developed on top of ncurses.
2005/09/17 Package: findutils
Updated to 4.2.25.
2005/09/14 Package: util-linux
SECURITY FIX Severity: none to high, local, active
Applied upstream fix to umount(8) to avoid unintentional grant of
privileges by "umount -r". This only affected systems which made
umount available to non-root users with control(8) (by default, only
root can invoke umount) and specified any filesystems with restrictive
flags (such as nosuid or nodev) as user-mountable.
References:
https://marc.info/?l=bugtraq&m=112656096125857
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2876
2005/09/05 Package: john
All of the documentation has been updated to apply to the current
version. The old John the Ripper 1.6 documentation has been removed.
2005/08/30 Package: procps
Updated to 3.2.5.
2005/08/23 Packages: pam, tcb, SimplePAMApps;
Owl/build/installorder.conf
Updated PAM to 0.80. No longer build pam_pwdb, the tcb package will
provide compatibility symlinks instead.
2005/08/18 Package: libutempter
Updated to 1.1.3.
2005/08/18 Package: sysklogd
Applied fixes from CVS snapshot 20050525, imported a few patches from
ALT Linux.
2005/08/11 Package: postfix
Updated to 2.2.5.
2005/08/10 Package: strace
Updated to 4.5.13.
2005/08/08 Package: mtree
Updated to version from current OpenBSD (post-3.7). Fixed a number of
bugs in mtree spec file creation and parsing, including with processing
of filenames starting with the hash character ('#') or containing
glob(3) wildcard characters, of comment lines ending with a backslash
('\\'), and of files not ending with a linefeed.
2005/08/03 -
2005/08/08 Package: owl-setup; Owl/doc/INSTALL
The shell scripts based Owl setup utility has finally been replaced by
the new installer written in C++. There are two programs: "setup",
which may be used to (re-)configure the current system (whether
CD-booted or installed on a hard drive), and "settle", the Owl installer
to be run off an Owl CD to install Owl on a hard drive.
2005/07/28 Package: openssh
Added delayed compression support for SSH protocol 2 (a back-port of
the changes committed into the OpenBSD CVS repository recently),
enabled in sshd by default. With the new default setting, sshd will
only allow for compression to be enabled after authentication.
Unfortunately, this requires SSH client support as well, meaning that
old SSH protocol 2 clients will be unable to use compression with our
new sshd at its default setting. SSH protocol 1 has always insisted
on authentication prior to compression and thus is unaffected by this
change. The rationale for the change is to reduce the exposure of
potential vulnerabilities in the code associated with compression (in
OpenSSH itself and in zlib). Thanks to Markus Friedl for working on
this and for bringing it to our attention.
2005/07/07 Package: lilo
Updated to 22.7.
2005/06/30 Package: postfix
Updated to 2.2.4.
2005/06/28 Package: xinetd
Updated to 2.3.13.
2005/06/25 kernel
Updated to Linux 2.4.31-ow1.
2005/06/24 -
2005/06/25 Packages: elinks, lftp, mtree, mutt, nmap, openssh,
openssl
Updated openssl to 0.9.7g.
2005/06/21 Package: vixie-cron
Implemented PAM accounting and session management support.
2005/06/11 -
2005/06/21 Package: findutils
Updated to 4.2.23.
2005/06/14 Packages: elfutils-libelf, ltrace
New package: elfutils-libelf provides a library for reading and writing
ELF files on a high level. Updated ltrace to 0.3.36 (making use of
libelf). This makes ltrace work for program binaries built with recent
versions of binutils.
2005/06/11 Package: strace
Updated to 4.5.12.
2005/05/28 -
2005/05/29 Packages: binutils, gdb
SECURITY FIX Severity: high, local, passive
Updated binutils to 2.15.94.0.2.2 and gdb to 6.3. Added sanity
checks to BFD library and readelf utility to avoid integer overflows
(where a specially crafted object file may lead to a heap-based buffer
overflow), fixes for potential stack-based buffer overflows in
readelf utility, and a fix for the .gdbinit issue in gdb.
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1704
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1705
2005/05/26 Package: libtool
Updated to 1.5.18.
2005/05/26 Package: lftp
Updated to 2.6.12.
2005/05/20 Packages: gzip, bzip2;
Owl/build/installorder.conf
SECURITY FIX Severity: high, local, passive
Updated gzip to 1.3.5. Added fixes for directory traversal in
gunzip (where a malicious gzipped file could specify file name
to be extracted to outside of the intended directory tree when
gunzip was used with the -N option), for race condition in the file
permission handling code of gzip and gunzip, and fix of zgrep and
bzgrep utilities to properly sanitize arguments.
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1228
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0988
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0758
2005/05/17 Package: diffutils
Updated to 2.8.7.
2005/05/06 -
2005/05/16 Package: bzip2
Updated to 1.0.3.
2005/05/15 Package: glibc
Updated to 2.3.5 with post-release changes from 2.3-branch, patches
from ALT Linux, Red Hat Fedora, and SuSE, and with our modifications.
2005/04/16 -
2005/05/15 kernel
SECURITY FIX Severity: high, local, active
Updated to Linux 2.4.30-ow1 and later to 2.4.30-ow3. Linux 2.4.30
(and thus 2.4.30-ow1) includes a hardening change which makes the ELF
core dump vulnerability discovered by Paul Starzetz unexploitable.
Linux 2.4.30-ow3 includes a real fix for said vulnerability.
References:
https://isec.pl/en/vulnerabilities/isec-0023-coredump.txt
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1263
2005/05/05 -
2005/05/11 Package: cpio
SECURITY FIX Severity: high, local, passive
Updated to 2.6. Added fixes for directory traversal (where a
malicious archive could specify files to be extracted to outside of
the intended directory tree) and for certain race condition issues.
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1229
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1111
2005/05/07 Packages: coreutils, fileutils, sh-utils, textutils,
shadow-utils; Owl/build/installorder.conf
Replaced fileutils, sh-utils, and textutils with coreutils (a recent
CVS snapshot, post-5.3.0, with patches as maintained in ALT Linux
Sisyphus).
2005/04/30 Package: bison
Updated to 2.0.
2005/04/25 Packages: automake, patchutils
Updated automake to 1.9.5.
2005/04/25 Package: texinfo
Updated to 4.8.
2005/02/28 -
2005/04/20 Package: john
Implemented a number of bitslice DES set_key*() optimizations
resulting in speedups for LM hashes, as well as for traditional
DES-based crypt(3) hashes when only a handful of hashes are loaded.
2005/04/10 Package: dhcp
dhcpd(8) and dhcrelay(8) will now drop privileges by default (rather
than only when the appropriate command line options are given).
Previously, they would fail to work when no privilege reduction was
requested (a bug).
2005/03/28 Package: telnet
SECURITY FIX Severity: high, remote, passive
Corrected the slc_add_reply() and env_opt_add() buffer overflows which
might have allowed a malicious Telnet server to execute arbitrary
machine code within the context of the telnet client process used to
connect to the server.
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0469
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0468
2005/03/25 Package: e2fsprogs
Updated to 1.37.
2005/03/14 Package: vixie-cron
Updated to 4.1 as found in OpenBSD CVS snapshot dated 2004/09/16, with
further modifications by Owl and ALT Linux teams. This package now
also provides at(1) and related commands.
2005/03/05 Package: iproute2
Added a patch to support HTB qdisc, see tc-htb(8) man page.
Reference:
http://luxik.cdi.cz/~devik/qos/htb/
2005/02/22 -
2005/03/03 Package: glibc
The OpenBSD-derived strlcpy(3) and strlcat(3) functions are now
included in libc_nonshared.a such that they're available with dynamic
linking but are nevertheless linked in statically in order to make
sure that no programs become dependent on the presence of these
extensions in the shared library. The strlcpy(3) and strlcat(3) man
pages have been added.
2005/02/19 -
2005/02/21 Package: psmisc
Updated to 21.5.
2005/02/06 Package: perl
SECURITY FIX Severity: low, local, passive
Corrected File::Path::rmtree to never make directories and files
world-read/writable and updated its documentation to reflect the
remaining security and reliability problems. Thanks to Jeroen van
Wolffelaar for discovering this problem and reporting it to Debian.
Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0452
2005/02/06 Package: cpio
SECURITY FIX Severity: low, local, passive
Obey the current umask when creating output files; previously, the
files would be created with mode 666. Thanks to Mike O'Connor for
bringing this up.
Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-1572
2005/01/20 kernel
SECURITY FIX Severity: high, local, active
Updated to Linux 2.4.29-ow1. Linux 2.4.29, and thus 2.4.29-ow1, adds
a number of security fixes, including to the x86/SMP page fault
handler and the uselib(2) race conditions, both discovered by Paul
Starzetz. The potential of these bugs is a local root compromise.
The uselib(2) bug does not affect default builds of Linux kernels with
the Openwall patch applied since the vulnerable code is only compiled
in if one explicitly enables CONFIG_BINFMT_ELF_AOUT, an option
introduced by the patch.
References:
https://isec.pl/en/vulnerabilities/isec-0022-pagefault.txt
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0001
https://isec.pl/en/vulnerabilities/isec-0021-uselib.txt
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1235
2005/01/12 -
2005/01/20 Packages: gcc, glibc, SysVinit, crontabs, db4, dhcp,
fileutils, gpm, ipchains, lilo, ltrace, mtree,
net-tools, procps;
Owl/build/.rpmmacros;
Owl/build/{installorder.conf,installworld.sh}
Updated to GCC 3.4.3 and a post-2.3.3 glibc snapshot. Fixed whatever
packages this broke.
2005/01/15 Package: psmisc
In pstree(1), implemented support for displaying multiple accessible
subtrees when running with the "restricted /proc" kernel patch.
2004/12/04 Package: gnupg
Updated to 1.2.6.
2004/11/28 Package: hdparm
Updated to 5.8.
2004/11/26 Package: patchutils
New package: a collection of programs that operate on patch files.
2004/11/23 -
2004/11/28 kernel; Package: net-tools
SECURITY FIX Severity: low to high, local/remote, active/passive
Updated to Linux 2.4.28-ow1. Linux 2.4.28, and thus 2.4.28-ow1, fixes
a number of security-related bugs, including the ELF loader
vulnerabilities discovered by Paul Starzetz (confirmed: ability for
users to read +s-r binaries; potential: local root), a race condition
with reads from Unix domain sockets (potential local root), smbfs
support vulnerabilities discovered by Stefan Esser (confirmed: remote
DoS by a malicious smbfs server; potential: remote root by a malicious
server).
References:
https://isec.pl/en/vulnerabilities/isec-0017-binfmt_elf.txt
https://marc.info/?l=bugtraq&m=110091183206580
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0883
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0949
2004/11/11 Package: shadow-utils
"useradd" and related tools will now optionally allow user and group
names longer than 8 characters, even though these may not be fully
supported by the rest of Owl and by third-party software. This is
controlled with the added USERNAME_MAX and GROUPNAME_MAX settings in
/etc/login.defs, both of which are documented in login.defs(5).
2004/11/05 Package: modutils
Updated to 2.4.27.
2004/11/03 Owl/doc/REDHAT
New file: a list of known issues with using packages from or intended
for Red Hat Linux on Owl.
2004/09/02 -
2004/11/03 Packages: autoconf, automake, gcc, gettext, glibc,
libtool, rpm;
other affected packages;
Owl/build/*; Owl/doc/{BUILD,INSTALL,CONCEPTS}
Merged in updates to autoconf 2.59, automake 1.8.3, gcc 3.2.2, gettext
0.14.1, glibc 2.3.2 (with Red Hat's patches as of RHL9 but without
NPTL, and indeed updating all of our relevant patches), libtool 1.5.2,
rpm 4.2 (with support for db1-format packages database re-introduced
to allow for upgrades from older versions of Owl). Applied minor
fixes to around 50 other packages this broke. Migrated to FHS 2.2
(packages' documentation and man pages now go under /usr/share).
2004/09/10 -
2004/11/02 Packages: openssl, openssh
Updated OpenSSL to 0.9.7d.
2004/09/10 -
2004/09/28 Package: shadow-utils
Updated to 4.0.4.1, modified usermod(8) to update the last password
change field when invoked with the "-p" option.
2004/09/26 Package: make
Updated to 3.80.
2004/09/10 Package: db4
New package: the Berkeley DB version 4.
2004/09/10 Package: strace
Updated to 4.5.1.
2004/09/10 Package: quota
Updated to 3.11.
2004/08/16 Package: libnids
Updated to 1.19.
2004/08/04 -
2004/08/15 kernel
SECURITY FIX Severity: none to high, local, active
Updated to Linux 2.4.26-ow3 and further to 2.4.27-ow1. This corrects
the access control check which previously wrongly allowed any local
user to change the group ownership of arbitrary NFS-exported/imported
files and adds a workaround for the file offset pointer races
discovered by Paul Starzetz. The former is only exploitable when
files are NFS-exported from a server running a vulnerable version of
Linux 2.4.x, and the currently publicly known exploit for the latter
relies on code enabled with CONFIG_MTRR kernel build option which has
not been enabled in the default kernels on Owl CDs. However, as the
potential impact of both issues is a local root compromise, an upgrade
of older Linux 2.4.x installs to 2.4.26-ow3+ is highly recommended.
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0497
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0415
https://isec.pl/en/vulnerabilities/isec-0016-procleaks.txt
2004/07/27 Package: iptables
Updated to 1.2.11.
2004/07/16 -
2004/07/21 Packages: sed, acct, gdbm, man, sh-utils, slang, vim
Updated sed to 4.1.1 and other packages' build scripts to make use of
the new sed's ability of in-place editing ("sed -i").
2004/07/10 Package: gdb
Updated to 6.1.1.
2004/06/22 Package: dhcp
Added a bounds checking patch covering sprintf() calls with "%s"
format specifier and non-constant strings and forcing the use of
snprintf() and vsnprintf() in all places where that was previously
supported but not enabled. Thanks to Gregory Duchemin for discovering
that some of these actually resulted in a vulnerability in versions of
the DHCP suite newer than the one we're using in Owl.
2004/06/19 kernel
SECURITY FIX Severity: low to high, local, active
Updated to Linux 2.4.26-ow2. This fixes multiple security-related
bugs in the Linux kernel (those discovered by Al Viro using "Sparse",
fsave/frstor local DoS on x86, infoleak in the e1000 driver, and some
others) as well as two non-security bugs in the -ow patch itself.
Which of these bugs affect a particular build of the Linux kernel
depends on what drivers are compiled in (or loaded as modules). For
the default kernels on Owl CDs, it's only the Intel PRO/1000 Gigabit
Ethernet driver (e1000) which has a vulnerability allowing for more
than a DoS attack fixed with this update.
References:
http://www.openwall.com/lists/announce/2004/06/19/1
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0495
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0554
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0535
2004/06/09 Package: shadow-utils
SECURITY FIX Severity: none to low, local, active
Properly check the return value from pam_chauthtok(3) in chfn(1) and
chsh(1). Previously, if chfn and/or chsh commands would be enabled
for non-privileged users with control(8), it would have been possible
for a logged in user with an expired password to change their "Full
Name" and login shell without having to change the password. Thanks
to Steve Grubb and Martin Schulze for discovering this problem.
2004/05/18 -
2004/06/09 Package: cvs
SECURITY FIX Severity: none to high, remote, active
Added back-ports of fixes for multiple CVS server vulnerabilities,
some of which are known to be exploitable allowing for a malicious
client to execute arbitrary code within the CVS server. Thanks to
Stefan Esser, Sebastian Krahmer, and Derek Robert Price for finding
and fixing these bugs. Despite these fixes, it should not be assumed
that CVS server provides any security against a malicious client. If
required, any restrictions on the actions CVS server is allowed to
perform should be imposed at the OS level.
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0396
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0414
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0416
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0417
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0418
2004/06/07 Package: openssh
SECURITY FIX Severity: high, remote, passive
Fixed directory traversal vulnerability in scp which allowed malicious
SSH servers to overwrite arbitrary files on the client system.
Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0175
2004/06/02 Package: scanlogd
chroot to /var/empty to further reduce the impact of potential bugs in
scanlogd and the libraries that it uses.
2004/05/19 Packages: tcp_wrappers, openssh, xinetd
Added a patch to tcp_wrappers to also build a shared version of the
libwrap library.
2004/05/14 Packages: ncurses, procps
Updated ncurses to 5.4 with official patches up to 20040508.
2004/05/07 Package: binutils
Updated to 2.15.90.0.3.
2004/04/18 kernel; Package: owl-cdrom
SECURITY FIX Severity: high, local, active
Updated to Linux 2.4.26-ow1. Linux 2.4.26 (and thus 2.4.26-ow1) fixes
an integer overflow vulnerability in processing of the MCAST_MSFILTER
socket option discovered by Paul Starzetz. When properly exploited,
the bug would lead to a local root compromise. Also included in this
kernel release is a fix for the ext3/XFS information leak discovered
by Solar Designer and a number of other relatively minor fixes. As it
relates to Owl, the kernel image on Owl CDs will now include the
Broadcom Tigon3 Gigabit Ethernet driver and the BusLogic SCSI
controller driver, but will not include support for IrDA (had to drop
it to make room for the extra device drivers).
References:
https://isec.pl/en/vulnerabilities/isec-0015-msfilter.txt
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0424
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0177
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0133
2004/04/14 Package: cvs
SECURITY FIX Severity: high, remote, passive
Added a fix to the CVS client to ensure that pathnames provided by a
CVS server point to within the working directory. Without this fix, a
malicious CVS server could cause the CVS client to attempt to create
files at arbitrary locations thus gaining control over the user
account. This problem has been brought to the attention of CVS
developers and distribution vendors by Sebastian Krahmer of SuSE.
Additionally, CVS server has been further restricted to disallow the
use of relative pathnames to view files outside of the CVS repository.
However, despite this last fix, it should not be assumed that CVS
server provides any security against a malicious client being able to
access arbitrary files available under the privileges granted to the
CVS server at the OS level.
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0180
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0405
2004/03/18 Package: openssl
SECURITY FIX Severity: low, remote, passive to active
Updated to 0.9.6m. This release of OpenSSL fixes a NULL pointer
dereference during SSL handshake. If triggered, the bug would cause
the remote process or thread to crash. Depending on the application
this could lead to a denial of service. For the applications which
are a part of Owl, it's only individual invocations of network clients
which are affected and may be caused to crash by a malicious server.
References:
https://www.openssl.org/news/secadv_20040317.txt
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0079
2004/02/20 -
2004/02/24 Packages: readline, bash, bc, gdb, lftp
Updated readline to 4.3.
2004/02/18 Package: libnids
Added a patch to support Prism wireless cards, by Snax of AirSnort
project (http://airsnort.shmoo.com).
2004/02/15 Package: libpcap
Updated to 0.8.1
2004/02/13 Package: mutt
Updated to 1.4.2.1. This release of Mutt is a security fix, but Owl
was not affected with its current glibc because of the lack of UTF-8
locales support.
2004/02/08 Package: SimplePAMApps
In login(1) and su(1), generate ut_id's consistently with libutempter
and OpenSSH (patch from Dmitry V. Levin of ALT Linux). This will make
"su -" replace existing utmp entries for the duration of the su session.
2004/02/08 Package: chkconfig
Updated to 1.3.9.
2004/01/20 -
2004/01/29 Packages: perl, vim
Updated Perl to 5.8.3.
2004/01/21 -
2004/01/28 Packages: links, elinks
Links has been replaced with ELinks 0.9.0 and further with 0.9.1.
2004/01/18 Package: owl-startup
Added /sbin/service script for Red Hat Linux compatibility. Set
net.ipv4.tcp_timestamps = 0 to prevent leaks of the exact system's
uptime. There's a detailed comment in /etc/sysctl.conf explaining
this option and possible drawbacks of having it set one way or the
other.
2004/01/17 Package: procps
In top, handle ticks going backwards gracefully. This may happen due
to kernel and hardware issues and previously resulted in top reporting
absurd idle processor time percentages under high load on SMP systems.
2004/01/14 Package: screen
Updated to 4.0.2.
2004/01/10 Package: john
Corrected a segfault with --stdin introduced with John 1.6.34.2.
2004/01/05 Package: sysklogd
The startup script will now accept command-line options for syslogd
and klogd specified in /etc/sysconfig/syslog.
$Owl: Owl/doc/CHANGES-2.0,v 1.207 2018/05/23 19:32:15 solar Exp $
| 