- --------------------------------------------------------------------------Debian Security Advisory DSA 761-1                     security@debian.org
http://www.debian.org/security/                             Martin Schulze
July 19th, 2005                         http://www.debian.org/security/faq
- --------------------------------------------------------------------------Package        : heartbeat
Vulnerability  : insecure temporary files
Problem-Type   : local
Debian-specific: no
CVE ID         : CAN-2005-2231

Eric Romang discovered several insecure temporary file creations in
heartbeat, the subsystem for High-Availability Linux.

For the old stable distribution (woody) these problems have been fixed in
version 0.4.9.0l-7.3.

For the stable distribution (sarge) these problems have been fixed in
version 1.2.3-9sarge2.

For the unstable distribution (sid) these problems have been fixed in
version 1.2.3-12.

We recommend that you upgrade your heartbeat package.


Upgrade Instructions
- --------------------wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
- --------------------------------  Source archives:

          Size/MD5 checksum:      658 2de794d2f0c7bbeafa08ecca95a47a12
          Size/MD5 checksum:    47040 1376087e2548ffea01f1fa05f0644952
          Size/MD5 checksum:   308033 1dcae9e87ad2e5c2113e91a884c1ca8e

  Architecture independent components:

          Size/MD5 checksum:    33196 1555855937e539691c90d0922c5b4723

  Alpha architecture:

          Size/MD5 checksum:   207842 2ac37764f43c65cb2c52ccbcb01c200c
          Size/MD5 checksum:    15528 09da0f1657f0cecdd5a61e64d427d2cd
          Size/MD5 checksum:    14166 68f4624f3ab15fdb40ca5c03509801a9
          Size/MD5 checksum:    63996 e6be61aaf9968a45279836d2c0ccfe06

  ARM architecture:

          Size/MD5 checksum:   194086 c844f2f1b2229158a9f957a35692a9b7
          Size/MD5 checksum:    15192 553019cc16dca110440b1ff71b89c41a
          Size/MD5 checksum:    13514 3f0388253daf988d1130e3ca85b22466
          Size/MD5 checksum:    53664 fa8d400ac60493dcb9a532d8267aa2a7

  Intel IA-32 architecture:

          Size/MD5 checksum:   185258 f31317301ac9a8c059e1198604e3501f
          Size/MD5 checksum:    14860 231f74af0884ca03735c775ad382e8b9
          Size/MD5 checksum:    13370 6c003c7a78a50aee134f5e0fb80afca3
          Size/MD5 checksum:    51094 4699c73994b6f5ec39f9ece83dbcfc81

  Intel IA-64 architecture:

          Size/MD5 checksum:   259426 34814d6a05215a9cbd3e5c96420d16dd
          Size/MD5 checksum:    16156 65ff55faefafac7d4283ce57441d7d00
          Size/MD5 checksum:    15240 ff38757ef93dc3bf1027062c6f3bc06e
          Size/MD5 checksum:   100186 cc86feab05680b136abd9730a42c49c7

  HP Precision architecture:

          Size/MD5 checksum:   195524 56abbe7f95d60d060417a6ec48c12483
          Size/MD5 checksum:    15340 9e20f4711e2eea62b7af29ff66e73410
          Size/MD5 checksum:    13712 87b566f57390860362f28e1d36fabd39
          Size/MD5 checksum:    55302 d578c7989b3ee7e817bbc4f7a1747aca

  Motorola 680x0 architecture:

          Size/MD5 checksum:   187656 7659d4d20a0497e6fcd392f748876c79
          Size/MD5 checksum:    15026 d13593c6bc76f66760a1a158665f3bff
          Size/MD5 checksum:    13560 36324500270366b1e96b229857d53273
          Size/MD5 checksum:    53844 805cb90d55db38fbf63491097525af2d

  Big endian MIPS architecture:

          Size/MD5 checksum:   185602 346bd385318eb68b07fb6e46923ba497
          Size/MD5 checksum:    15274 9c621d34da8824d136ebdd4936fe222b
          Size/MD5 checksum:    13478 335a654e6d4419517ba0ac9f1f616d93
          Size/MD5 checksum:    51264 a7f3dd6afb7e8783bef2c112f0c05f5c

  Little endian MIPS architecture:

          Size/MD5 checksum:   185328 ee8e33a8fc55f5c1b40a4124627c9809
          Size/MD5 checksum:    15290 6f4b59bf0e457b0a1c4ab1ff3906056a
          Size/MD5 checksum:    13458 5b315945a4488e867304bbb30dbc5ccb
          Size/MD5 checksum:    50692 c47d7b8ea66b7adab97f71451632d82e

  PowerPC architecture:

          Size/MD5 checksum:   187646 a5a6db6f8bdcf231c19967f83825ab2f
          Size/MD5 checksum:    14998 215f2585d66fa25d75caa9a58ae4f814
          Size/MD5 checksum:    13512 cb16f3b5d02d62cd26b97c64f2328a33
          Size/MD5 checksum:    52968 1dd68c1e52f0baafe093c1479d0ecfd1

  IBM S/390 architecture:

          Size/MD5 checksum:   192078 78473e34aa764f4928a99ec072976a2f
          Size/MD5 checksum:    15002 18e2a84299bc88cee8368c2450834152
          Size/MD5 checksum:    13594 447c803912d89fcaf0f99cea1dc34b65
          Size/MD5 checksum:    50648 6fd38fc07695cefc9d6f2c5af4457781

  Sun Sparc architecture:

          Size/MD5 checksum:   204660 701227fa11d9a1cae8beb2cc2cd68bd4
          Size/MD5 checksum:    15332 e2f9b50afc00eb526b4f0c71a32f4240
          Size/MD5 checksum:    13526 ead73a8645f1729fa08d245b2e672938
          Size/MD5 checksum:    68402 a0f407908bb7e5fe31c5bc7075a924f3


Debian GNU/Linux 3.1 alias sarge
- --------------------------------  Source archives:

          Size/MD5 checksum:      881 d4d3d4d3ffdb81c703e193d1418bdf94
          Size/MD5 checksum:   267336 448b159ad198b3e5aaa660fa4ba6b018
          Size/MD5 checksum:  1772513 9fd126e5dff51cc8c1eee223c252a4af

  Architecture independent components:

          Size/MD5 checksum:    45260 1712cab7c30f489ab160d5f7d06a3716

  Alpha architecture:

          Size/MD5 checksum:   574418 1ac2659439d0671361f3162eddd347b3
          Size/MD5 checksum:   150546 c31bf25636f891049cb053044a570aaf
          Size/MD5 checksum:    70828 75ff910609f049c38bccaa54aef64fe3
          Size/MD5 checksum:    53860 2b730ffadbd9acf789622e3388eb1b03
          Size/MD5 checksum:    31016 334717fd25592ce2b643b3ae7616975e
          Size/MD5 checksum:    94036 a7616bfe7d88fb048836ccd8cf993987
          Size/MD5 checksum:    31472 7d264c0cb86bf84a3ec624d487589a04

  ARM architecture:

          Size/MD5 checksum:   498330 c7efb45f68781a939308a72526f89384
          Size/MD5 checksum:   123540 d5ada0bb40732f0600e214109b82fb65
          Size/MD5 checksum:    63128 c34a0b395cf9ff89f9d900d7922553a0
          Size/MD5 checksum:    48984 e61af3427c0fa8b91d3da816fb56ca03
          Size/MD5 checksum:    29752 26269c283c1d25dadc460646db6328cb
          Size/MD5 checksum:    77326 9762feec9177b5f25fb7a27df2343797
          Size/MD5 checksum:    30182 31d4ef55c09e15c7216b45b9fba8d7c0

  Intel IA-32 architecture:

          Size/MD5 checksum:   493576 aa1036e1d88d4ed7e427c41c59b4c299
          Size/MD5 checksum:   117480 bdac3d64829390a9f1d4e9f072cedcd2
          Size/MD5 checksum:    58838 e02009ab5394e1c6c8e23f6b82ce27ed
          Size/MD5 checksum:    48020 897a098bf7c4eb050b9bbb25f4b4cb51
          Size/MD5 checksum:    29484 4c6cf357f0f3f9489148e371101b5158
          Size/MD5 checksum:    79082 7e0fed09db38b4aa952b49c504c1e2e9
          Size/MD5 checksum:    30334 934b99ffd0c64cbaa93d98924dec7ce9

  Intel IA-64 architecture:

          Size/MD5 checksum:   648240 9fa7f6229d090538201900967ae19b98
          Size/MD5 checksum:   152596 6420045a3eca23f837b95afc764b441e
          Size/MD5 checksum:    74092 0696213e6ae465f94895fd8bfce04e06
          Size/MD5 checksum:    62356 a7188eaa4220e15d66e68d25b81ef8f5
          Size/MD5 checksum:    31158 503f77fe0a202131271d5c7bd5644154
          Size/MD5 checksum:   104520 e67cde820023abd4d3f972fe5b382786
          Size/MD5 checksum:    32408 0b523cf39ff5637d3a1a77087acfc568

  HP Precision architecture:

          Size/MD5 checksum:   550526 04644d7961eb113e73df5421aa95c2ec
          Size/MD5 checksum:   135838 305b84e50925aa9649c6d1bc85a01b4d
          Size/MD5 checksum:    68118 6003de303229ac0d7620ad186e37feb8
          Size/MD5 checksum:    55496 f3a577742b3f36f7930da7a0be4834b9
          Size/MD5 checksum:    30262 7491e3eee8f09a3e4c4182e52188b8b6
          Size/MD5 checksum:    92738 4bbd6be9256859def562f7bc2ce609c2
          Size/MD5 checksum:    31342 043d19ec3865b81da9a4614c871598d7

  Motorola 680x0 architecture:

          Size/MD5 checksum:   480546 52de98aa76b73fc50f3c76320134f162
          Size/MD5 checksum:   113396 1fabe1ce369c9598fc54c3dd98ea7c4c
          Size/MD5 checksum:    56432 d29cde3792cdf7f87f82555fc73a0017
          Size/MD5 checksum:    48172 938a4dff2081fc7b0e3b2b3a2682be76
          Size/MD5 checksum:    29382 ac7c0249dec626802b288a47f8453550
          Size/MD5 checksum:    81846 947c019eadd0d23c7035d55797e84020
          Size/MD5 checksum:    30176 2b79abf07dd5ccf750e24d8c340f2936

  Big endian MIPS architecture:

          Size/MD5 checksum:   536356 34cc0c834822a400940f0f8ce35fbba3
          Size/MD5 checksum:   132518 73ed368f00343201e2b8aae24b16bc2e
          Size/MD5 checksum:    65420 d5c9dc962b061e87df0b2c1de8e17b52
          Size/MD5 checksum:    48294 09c0de4f6afe635b343ae267f9c8479a
          Size/MD5 checksum:    30092 3af323a0a152ebdb35e874aa46ad2153
          Size/MD5 checksum:    80576 e5b762cba06123a188d8b702ab1ea426
          Size/MD5 checksum:    32554 af522fc1d263d87b3e4990f90d6fe0f9

  Little endian MIPS architecture:

          Size/MD5 checksum:   536930 cd16e4657be6e5e80b6d42e083b0b59e
          Size/MD5 checksum:   132626 f3cebb2630ca5fabed9c2d7dd85b718f
          Size/MD5 checksum:    65190 1de3a22e027cf649c38ed3ee6e306fff
          Size/MD5 checksum:    48504 a1a5790879c230ae02e34d0e8dff66fb
          Size/MD5 checksum:    30118 686a83f067d915355659a1b7de6fcb79
          Size/MD5 checksum:    80490 9f2c86dcab0d151ef75df431dad1016a
          Size/MD5 checksum:    32542 06cf7d8f2f62346771da7205a0c2ba68

  PowerPC architecture:

          Size/MD5 checksum:   554912 ffda2ab8ed9fbd870f39ca12ec7ce51b
          Size/MD5 checksum:   127456 0a82ec5198eeca8f10db33a14ff78ed3
          Size/MD5 checksum:    61698 68ec3aea447a88a2d1b3939ce3d0cc49
          Size/MD5 checksum:    53354 c655c0674036cfb81474381bf5e24bcd
          Size/MD5 checksum:    29970 138543206d3ff9ce4c329e2d3bf1f3a1
          Size/MD5 checksum:    98528 55a8e99ad199ea6d08cbfe25ccb5fcfe
          Size/MD5 checksum:    33138 8e049d3fd4863eb717a03c22acc12855

  IBM S/390 architecture:

          Size/MD5 checksum:   530408 719bec59d58bf3b4a0ade578d2f43d43
          Size/MD5 checksum:   126590 7822fa62f40cdd4759cd6e0fff682b7e
          Size/MD5 checksum:    62282 6837ea537550f5acc19f0bbcb3b1ff17
          Size/MD5 checksum:    52798 8298af9cff07a7bdc24afb31cb750a12
          Size/MD5 checksum:    29864 1bb5ab18a77f5ad667c3c5ad850f5dae
          Size/MD5 checksum:    84714 bb3ee107874ee4bd21957d4cdfc899cb
          Size/MD5 checksum:    30832 cb960d90b91d2f2ae3c25cf66900531e

  Sun Sparc architecture:

          Size/MD5 checksum:   500806 402c337b801c3fd473efa6215ab057b4
          Size/MD5 checksum:   121060 9e80b92c79d823c227a1faa00744eefb
          Size/MD5 checksum:    62868 8fe8d18f0988fc58c6e42af1b4fd6cb7
          Size/MD5 checksum:    49962 ff349f6dd6d4afd784b9313b60e08876
          Size/MD5 checksum:    29724 81ed86ebcfd7e4bd2a45d9210e6e9618
          Size/MD5 checksum:    81058 54d0183a7a4dc65672a543900b525cf6
          Size/MD5 checksum:    30268 e420c028e3a64d063327fc28e3dd193b


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp:  dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org

Debian: heartbeat fix insecure temporary files DSA-761-1

July 19, 2005
Eric Romang discovered several insecure temporary file creations in heartbeat, the subsystem for High-Availability Linux.

Summary

Severity

Related News

23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved