Operating System:

[Debian]

Published:

29 August 2002

Protect yourself against future threats.

-----BEGIN PGP SIGNED MESSAGE-----

===========================================================================
             AUSCERT External Security Bulletin Redistribution

            ESB-2002.477 -- Debian Security Advisory DSA 159-1
            New Python packages fix insecure temporary file use
                              29 August 2002

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:                python
Vendor:                 Debian
Operating System:       Debian GNU/Linux 2.2 alias potato
                        Debian GNU/Linux 3.0 alias woody
Impact:                 Execute Arbitrary Code/Commands

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - --------------------------------------------------------------------------
Debian Security Advisory DSA 159-1                     security@debian.org
http://www.debian.org/security/                             Martin Schulze
August 28th, 2002                       http://www.debian.org/security/faq
- - --------------------------------------------------------------------------

Package        : python
Vulnerability  : insecure temporary files
Problem-Type   : local
Debian-specific: no

Zack Weinberg discovered an insecure use of a temporary file in
os._execvpe from os.py.  It uses a predictable name which could lead
execution of arbitrary code.

This problem has been fixed in several versions of Python: For the
current stable distribution (woody) it has been fixed in version
1.5.2-23.1 of Python 1.5, in version 2.1.3-3.1 of Python 2.1 and in
version 2.2.1-4.1 of Python 2.2.  For the old stable distribution
(potato) this has been fixed in version 1.5.2-10potato12 for Python
1.5.  For the unstable distribution (sid) this has been fixed in
version 1.5.2-24 of Python 1.5, in version 2.1.3-6a of Python 2.1 and
in version 2.2.1-8 of Python 2.2.  Python 2.3 is not affected by this
problem.

We recommend that you upgrade your Python packages immediately.

wget url
	will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 2.2 alias potato
- - --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/p/python/python_1.5.2-10potato12.dsc
      Size/MD5 checksum:      814 d4368a244ae130c0a879dc583d74ebb6
    http://security.debian.org/pool/updates/main/p/python/python_1.5.2-10potato12.diff.gz
      Size/MD5 checksum:    85380 cef4ee264c041385d26a6e7a914f66cf
    http://security.debian.org/pool/updates/main/p/python/python_1.5.2.orig.tar.gz
      Size/MD5 checksum:  2533053 e9d677ae6d5a3efc6937627ed8a3e752

  Alpha architecture:

    http://security.debian.org/pool/updates/main/p/python/python-base_1.5.2-10potato12_alpha.deb
      Size/MD5 checksum:   928612 9cbc6a1fc341c7f5668da7f14ddfd336

  ARM architecture:

    http://security.debian.org/pool/updates/main/p/python/python-base_1.5.2-10potato12_arm.deb
      Size/MD5 checksum:   848442 778e22c98169028d94ba9fe3634dd113

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/p/python/python-base_1.5.2-10potato12_i386.deb
      Size/MD5 checksum:   825052 a2b34f89248287e5f61e1a9ae051b6ae

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/p/python/python-base_1.5.2-10potato12_m68k.deb
      Size/MD5 checksum:   837528 550655222273b7ed3b5f19ced5bb35cc

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/p/python/python-base_1.5.2-10potato12_powerpc.deb
      Size/MD5 checksum:   872370 6e45dfbc1694e89f4707e1803f65943a

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/p/python/python-base_1.5.2-10potato12_sparc.deb
      Size/MD5 checksum:   854034 3ef80fbe6213c198d713046a4405cdff


Debian GNU/Linux 3.0 alias woody
- - --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/p/python1.5/python1.5_1.5.2-23.1.dsc
      Size/MD5 checksum:      916 59cda94465a7108d34294050e141b0ba
    http://security.debian.org/pool/updates/main/p/python1.5/python1.5_1.5.2-23.1.diff.gz
      Size/MD5 checksum:   147550 0246bc4b24874e3c0f8b6c6af47b262d
    http://security.debian.org/pool/updates/main/p/python1.5/python1.5_1.5.2.orig.tar.gz
      Size/MD5 checksum:  2533570 d9ade0d7613466e0353561d277ff02fe
    http://security.debian.org/pool/updates/main/p/python2.1/python2.1_2.1.3-3.1.dsc
      Size/MD5 checksum:     1283 2193a191f73cac617edc851ce1dc0874
    http://security.debian.org/pool/updates/main/p/python2.1/python2.1_2.1.3-3.1.diff.gz
      Size/MD5 checksum:    70192 eacc3d64dd0717ecf47fb2793a6b94c2
    http://security.debian.org/pool/updates/main/p/python2.1/python2.1_2.1.3.orig.tar.gz
      Size/MD5 checksum:  6194246 1ae739aa5824de263923df3516eeaf80
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2_2.2.1-4.1.dsc
      Size/MD5 checksum:     1150 029ee1aa079f8884283d57d765889d37
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2_2.2.1-4.1.diff.gz
      Size/MD5 checksum:    91682 de92eb806eea24f0a00289a9179cce7a
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2_2.2.1.orig.tar.gz
      Size/MD5 checksum:  6536167 88aa07574673ccfaf35904253c78fc7d

  Alpha architecture:

    http://security.debian.org/pool/updates/main/p/python1.5/python1.5_1.5.2-23.1_alpha.deb
      Size/MD5 checksum:   993386 157f481ea4625e923668cf5bba1c7fe6
    http://security.debian.org/pool/updates/main/p/python2.1/python2.1_2.1.3-3.1_alpha.deb
      Size/MD5 checksum:  1804142 e02a244d71cfbe2f17c6bdf615c0d75e
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2_2.2.1-4.1_alpha.deb
      Size/MD5 checksum:  2139238 ee19156d488c1362a0035b005b2479f0

  ARM architecture:

    http://security.debian.org/pool/updates/main/p/python1.5/python1.5_1.5.2-23.1_arm.deb
      Size/MD5 checksum:   893284 b0f4521515c2fe08bddacea2ca58a6f1
    http://security.debian.org/pool/updates/main/p/python2.1/python2.1_2.1.3-3.1_arm.deb
      Size/MD5 checksum:  1646358 5d15c914dd3f0a6839357a40bd3badf7
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2_2.2.1-4.1_arm.deb
      Size/MD5 checksum:  1952280 ec6986def88675cc6c341a10108c4b34

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/p/python1.5/python1.5_1.5.2-23.1_i386.deb
      Size/MD5 checksum:   865684 475adc23a0cd7b706dfb50bd2beb4a61
    http://security.debian.org/pool/updates/main/p/python2.1/python2.1_2.1.3-3.1_i386.deb
      Size/MD5 checksum:  1592036 643613afe8b24e5cc808cfa6150cd15a
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2_2.2.1-4.1_i386.deb
      Size/MD5 checksum:  1888520 99ecda3fff482dfab2fa82b76b382161

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/p/python1.5/python1.5_1.5.2-23.1_ia64.deb
      Size/MD5 checksum:  1123586 2cdb6a3542e5bfa82fc39a106723643b
    http://security.debian.org/pool/updates/main/p/python2.1/python2.1_2.1.3-3.1_ia64.deb
      Size/MD5 checksum:  2080726 67ad0753eb9b7f55b990889f1c5eea9f
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2_2.2.1-4.1_ia64.deb
      Size/MD5 checksum:  2489592 239f5616f5a86868ba62015c689c6275

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/p/python1.5/python1.5_1.5.2-23.1_hppa.deb
      Size/MD5 checksum:   983136 caeb47a59a4b94c21b3e3bab307a6c90
    http://security.debian.org/pool/updates/main/p/python2.1/python2.1_2.1.3-3.1_hppa.deb
      Size/MD5 checksum:  1832554 1678109725d49f26cdf20c027ce422c5
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2_2.2.1-4.1_hppa.deb
      Size/MD5 checksum:  2356270 4ac290e72d4fc1a78f7a77932941592c

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/p/python1.5/python1.5_1.5.2-23.1_m68k.deb
      Size/MD5 checksum:   880018 83124846ed4bfb1752a79bcf8294c916
    http://security.debian.org/pool/updates/main/p/python2.1/python2.1_2.1.3-3.1_m68k.deb
      Size/MD5 checksum:  1608626 163fb049f8c148913431b10e69cdd375
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2_2.2.1-4.1_m68k.deb
      Size/MD5 checksum:  1894116 4133331c9f92c4ba241fbdf4ed96dff9

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/p/python1.5/python1.5_1.5.2-23.1_mips.deb
      Size/MD5 checksum:   893178 b47d25d678a577de7b514cab6c0f1740
    http://security.debian.org/pool/updates/main/p/python2.1/python2.1_2.1.3-3.1_mips.deb
      Size/MD5 checksum:  1661130 3d49c465ab6ed149e1f4edd6ef2321e1
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2_2.2.1-4.1_mips.deb
      Size/MD5 checksum:  1952404 35602b09e79c12d25de7f72d086b644b

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/p/python1.5/python1.5_1.5.2-23.1_mipsel.deb
      Size/MD5 checksum:   890722 dc11adcbff392676648f0a32c5edd32c
    http://security.debian.org/pool/updates/main/p/python2.1/python2.1_2.1.3-3.1_mipsel.deb
      Size/MD5 checksum:  1657780 a47a8747ddaaf7b47a5da069c0cc52b9
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2_2.2.1-4.1_mipsel.deb
      Size/MD5 checksum:  1947456 45dd211da13ae341437792454afa6f97

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/p/python1.5/python1.5_1.5.2-23.1_powerpc.deb
      Size/MD5 checksum:   913346 bbfa7acdd1aa2fd2adf659d2ff6ce00b
    http://security.debian.org/pool/updates/main/p/python2.1/python2.1_2.1.3-3.1_powerpc.deb
      Size/MD5 checksum:  1681090 baad001f04c58c6da323ff6c792ba6ea
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2_2.2.1-4.1_powerpc.deb
      Size/MD5 checksum:  1998924 c5de693417d368a11799adfdf16e7c44

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/p/python1.5/python1.5_1.5.2-23.1_s390.deb
      Size/MD5 checksum:   897040 1586ac7fbec0d26cc32e7d63f05871ce
    http://security.debian.org/pool/updates/main/p/python2.1/python2.1_2.1.3-3.1_s390.deb
      Size/MD5 checksum:  1647884 0c2674c851a48a2a661a78bd8aa19ca6
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2_2.2.1-4.1_s390.deb
      Size/MD5 checksum:  1929404 c20cbef3977c245f01ee9cf393b9b9b8

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/p/python1.5/python1.5_1.5.2-23.1_sparc.deb
      Size/MD5 checksum:   962856 dcdc974bf2301783ef2ab88b0062b246
    http://security.debian.org/pool/updates/main/p/python2.1/python2.1_2.1.3-3.1_sparc.deb
      Size/MD5 checksum:  1730870 292b2edf57377e5d43c6d2c4a57db1ae
    http://security.debian.org/pool/updates/main/p/python2.2/python2.2_2.2.1-4.1_sparc.deb
      Size/MD5 checksum:  2036542 5ff3106c8145ab392e0125f00dbff499


  Please note that python source package produces more binary packages
  than the ones listed above, which are note relevant for the fixed
  problems, though.

  These files will probably be moved into the stable distribution on
  its next revision.

- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQE9bLS5W5ql+IAeqTIRAk8UAJ0azNK3gS9e/vSLTtQiPQ9UAzANfwCeON1Q
q05uIteUt1rQaEKqo1RbTro=
=c0TY
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content.  The decision to use any or all of this information is
the responsibility of each user or organisation, and should be done so in
accordance with site policies and procedures.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the original authors to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/Information/advisories.html

If you believe that your system has been compromised, contact AusCERT or
your representative in FIRST (Forum of Incident Response and Security
Teams).

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business 
                hours which are GMT+10:00 (AEST).  On call after hours 
                for member emergencies only.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
Comment: ftp://ftp.auscert.org.au/pub/auscert/AUSCERT_PGP.key

iQCVAwUBPW5LfSh9+71yA2DNAQEyYQP/a1mwzvoU4EyJ03h+3e9TaluECS/TTYPM
vPIR8Ye/jvMTMRcw2mpGZoNsDEtBiZcx5KVIwy9+rnLL+nWQNCHvYppennNq6ZEP
UwoXs5jGInKK2BCKimyzaUNRgTwAFjo6e35fZSINOeEIyPUvsyjUeRASanO02uKR
aFah8IgtmHM=
=p6BG
-----END PGP SIGNATURE-----