Use Gentoo glsa-check to keep your system up to date

aero · #1 (**permalink**) 11-02-2006, 10:44 AM

For all the gentoo users, there's a simple utility that you can use to make sure the packages in your system is free of known vulnerabilities.

This is basically a repeat of the wiki page http://wiki.vpslink.com/index.php?ti...ity_Essentials which I wrote a while ago.

Install glsa-check (comes with gentoolkit)

Code:

# emerge gentoolkit

the glsa advisories comes with the portage tree, so make sure your portage tree is current:

Code:

# emerge --sync

then you can start using glsa-check. glsa-check checks each advisory in its database against all the packages you've installed:

Code:

# glsa-check -l affected
[A] means this GLSA was already applied,
[U] means the system is not affected and
[N] indicates that the system might be affected.

200610-03 [N] ncompress: Buffer Underflow ( app-arch/ncompress )
200610-06 [N] Mozilla Network Security Service (NSS): RSA signature forgery ( dev-libs/nss )
200610-14 [N] PHP: Integer overflow ( dev-lang/php )

you can expand all the affected to show their details with

Code:

# glsa-check -d affected

or an specific one by doing

Code:

# glsa-check -d 200610-14
PHP: Integer overflow
============================================================================
Synopsis:          PHP is vulnerable to an integer overflow potentially
                   allowing the remote execution of arbitrary code.
Announced on:      October 30, 2006
Last revised on:   October 30, 2006: 01

Affected package:  dev-lang/php
Affected archs:    All
Vulnerable:        <5.1.6-r6
Unaffected:        >=~4.4.4-r6 >=5.1.6-r6


Related bugs:      150261

Background:        PHP is a widely-used general-purpose scripting language
                   that is especially suited for Web development and can be
                   embedded into HTML.

Description:       A flaw in the PHP memory handling routines allows an
                   unserialize() call to be executed on non-allocated memory
                   due to a previous integer overflow.

Impact:            An attacker could execute arbitrary code with the rights
                   of the web server user or the user running a vulnerable
                   PHP script.

Workaround:        There is no known workaround at this time.

Resolution:        All PHP 5.x users should upgrade to the latest version:

                   # emerge --sync
                   # emerge --ask --oneshot --verbose
                   ">=dev-lang/php-5.1.6-r6"
                   All PHP 4.x users should upgrade to the latest version:

                   # emerge --sync
                   # emerge --ask --oneshot --verbose
                   ">=dev-lang/php-4.4.4-r6"

References:
                   CVE-2006-4812: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4812

inside the advisories, it'll tell you which versions are affected and which versions are not, simply upgrade to a version that's not ie.

Code:

# emerge -a ">=dev-lang/php-5.1.6-r6"

hope this is useful to someone

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode