20CN网络安全小组 - Red Hat 安全公告 RHSA-2002:148-06 (Linux,补丁)

您当前的位置 >> 首页

Red Hat 安全公告 RHSA-2002:148-06 (Linux,补丁)

/ns/ld/unix/data/20020820025835.htm

Red Hat 安全公告 RHSA-2002:148-06 (Linux,补丁)

涉及程序：
Tcl/Tk

描述：
Red Hat 安全公告升级 Tcl/Tk 软件包

详细：
Tcl/Tk 是Xwindows下比较流行的制作图形界面的软件之一,与GTK, QT相比,在软件编写和调试上比较有优势. 另外也具有很强的扩展功能. 用户可以自己书写函数和编写各种库.

Tcl/Tk 开发环境是由像tcl, tk, tix, tclX, expect, 和 itcl 等相当数量的应用程序构成的。

Tcl/Tk 5.32 以前版本在搜索其它目录前需要先在当前工作目录 /var/tmp 中先搜索它的库（library）。但是这却允许本地用户通过在用户控制目录下建立一个Trojan horse library ，在有缺陷机器上执行任意代码和指令，并获得 root 权限。

受影响系统:

Red Hat Linux 7.0 - alpha, i386

Red Hat Linux 7.1 - alpha, i386, ia64

在最近发布的软件包中都已得到修复，建议用户立即升级。

攻击方法：
暂无有效攻击代码

解决方案：
升级软件包

rpm -Fvh [filenames]

[filenames] 代表你要用来更新的 RPMs。只有目前有安装的 RPMs 才可更新，那些没有安装过但是包含在 filenames 内的 RPMs 将不会被更新。注意，如果你目前所在目录下只包含想要的RPMs，你也可以使用万用字符(*.rpm)请注意，你也可以由Red Hat Network 取得
更新，有各种更新的方式，要使用 Red Hat Network，可由以下指令激活 Red Hat Update Agent:

up2date

这将激活一个互动的程序将您系统上适当的RPMs升级。

取得这些更新后，需要重新激活服务器。

RPMs 需求：
Red Hat Linux 7.0:

SRPMS:
ftp://updates.redhat.com/7.0/en/os/SRPMS/tcltk-8.3.3-69.src.rpm

alpha:
ftp://updates.redhat.com/7.0/en/os/alpha/expect-5.32.2-69.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/itcl-3.2-69.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/tcl-8.3.3-69.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/tcllib-1.0-69.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/tclx-8.3-69.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/tix-8.2.0b1-69.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/tk-8.3.3-69.alpha.rpm

i386:
ftp://updates.redhat.com/7.0/en/os/i386/expect-5.32.2-69.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/itcl-3.2-69.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/tcl-8.3.3-69.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/tcllib-1.0-69.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/tclx-8.3-69.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/tix-8.2.0b1-69.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/tk-8.3.3-69.i386.rpm

Red Hat Linux 7.1:

SRPMS:
ftp://updates.redhat.com/7.1/en/os/SRPMS/tcltk-8.3.3-69.src.rpm

alpha:
ftp://updates.redhat.com/7.1/en/os/alpha/expect-5.32.2-69.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/itcl-3.2-69.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/tcl-8.3.3-69.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/tcllib-1.0-69.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/tclx-8.3-69.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/tix-8.2.0b1-69.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/tk-8.3.3-69.alpha.rpm

i386:
ftp://updates.redhat.com/7.1/en/os/i386/expect-5.32.2-69.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/itcl-3.2-69.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/tcl-8.3.3-69.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/tcllib-1.0-69.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/tclx-8.3-69.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/tix-8.2.0b1-69.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/tk-8.3.3-69.i386.rpm

ia64:
ftp://updates.redhat.com/7.1/en/os/ia64/expect-5.32.2-69.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/itcl-3.2-69.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/tcl-8.3.3-69.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/tcllib-1.0-69.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/tclx-8.3-69.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/tix-8.2.0b1-69.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/tk-8.3.3-69.ia64.rpm

验证:

MD5 sum Package Name
--------------------------------------------------------------------------
adec70c2d906c13782c9462835bcb568 7.0/en/os/SRPMS/tcltk-8.3.3-69.src.rpm
6e2a36672ceef7ecd9be90993d46679b 7.0/en/os/alpha/expect-5.32.2-69.alpha.rpm
32420f94e7876a8c1c46795f96d2b3f9 7.0/en/os/alpha/itcl-3.2-69.alpha.rpm
c086576545a7b6789c95c23ecc9a44dd 7.0/en/os/alpha/tcl-8.3.3-69.alpha.rpm
647fc45508dc32e00eacfcc7f2ecb22a 7.0/en/os/alpha/tcllib-1.0-69.alpha.rpm
0bc39c958f673431649d5c36c227fdd6 7.0/en/os/alpha/tclx-8.3-69.alpha.rpm
a6c34edcbc69746e48cff7576bd2f92e 7.0/en/os/alpha/tix-8.2.0b1-69.alpha.rpm
681916d751c2acea124b3e49a6a5b667 7.0/en/os/alpha/tk-8.3.3-69.alpha.rpm
17fc0a224980f80820d6072265a57944 7.0/en/os/i386/expect-5.32.2-69.i386.rpm
bf38ebd1b1f2e61f7187c3556a6b3c67 7.0/en/os/i386/itcl-3.2-69.i386.rpm
c1cfaad79572c2a52446b220405642a2 7.0/en/os/i386/tcl-8.3.3-69.i386.rpm
d1f002a59db0fc345111b5a2ea2e45f9 7.0/en/os/i386/tcllib-1.0-69.i386.rpm
541717fae007069c1e3df90caaf8a390 7.0/en/os/i386/tclx-8.3-69.i386.rpm
e83d7cfed36ab99faca57d7ae2dcc6d2 7.0/en/os/i386/tix-8.2.0b1-69.i386.rpm
40704d033da7dcdbbc5dbf1166d4f3b2 7.0/en/os/i386/tk-8.3.3-69.i386.rpm
adec70c2d906c13782c9462835bcb568 7.1/en/os/SRPMS/tcltk-8.3.3-69.src.rpm
6e2a36672ceef7ecd9be90993d46679b 7.1/en/os/alpha/expect-5.32.2-69.alpha.rpm
32420f94e7876a8c1c46795f96d2b3f9 7.1/en/os/alpha/itcl-3.2-69.alpha.rpm
c086576545a7b6789c95c23ecc9a44dd 7.1/en/os/alpha/tcl-8.3.3-69.alpha.rpm
647fc45508dc32e00eacfcc7f2ecb22a 7.1/en/os/alpha/tcllib-1.0-69.alpha.rpm
0bc39c958f673431649d5c36c227fdd6 7.1/en/os/alpha/tclx-8.3-69.alpha.rpm
a6c34edcbc69746e48cff7576bd2f92e 7.1/en/os/alpha/tix-8.2.0b1-69.alpha.rpm
681916d751c2acea124b3e49a6a5b667 7.1/en/os/alpha/tk-8.3.3-69.alpha.rpm
17fc0a224980f80820d6072265a57944 7.1/en/os/i386/expect-5.32.2-69.i386.rpm
bf38ebd1b1f2e61f7187c3556a6b3c67 7.1/en/os/i386/itcl-3.2-69.i386.rpm
c1cfaad79572c2a52446b220405642a2 7.1/en/os/i386/tcl-8.3.3-69.i386.rpm
d1f002a59db0fc345111b5a2ea2e45f9 7.1/en/os/i386/tcllib-1.0-69.i386.rpm
541717fae007069c1e3df90caaf8a390 7.1/en/os/i386/tclx-8.3-69.i386.rpm
e83d7cfed36ab99faca57d7ae2dcc6d2 7.1/en/os/i386/tix-8.2.0b1-69.i386.rpm
40704d033da7dcdbbc5dbf1166d4f3b2 7.1/en/os/i386/tk-8.3.3-69.i386.rpm
91c7536265c60db657d451a04ab25f4a 7.1/en/os/ia64/expect-5.32.2-69.ia64.rpm
b9c7f8fa6afce2180b2fdf0b216bf7ba 7.1/en/os/ia64/itcl-3.2-69.ia64.rpm
2690748c462c2f22df37f2a1804e16b1 7.1/en/os/ia64/tcl-8.3.3-69.ia64.rpm
7134aff4dfc015140db686ea59d83ca4 7.1/en/os/ia64/tcllib-1.0-69.ia64.rpm
1c8c775ecff0a9798cef15f936bdbd22 7.1/en/os/ia64/tclx-8.3-69.ia64.rpm
261c381cb2b0f6fb632e7a5e29afb548 7.1/en/os/ia64/tix-8.2.0b1-69.ia64.rpm
d1b2e5cca077041312ca64b9d38c9e8e 7.1/en/os/ia64/tk-8.3.3-69.ia64.rpm

这些套件基于安全理由，均由 Red Hat 公司使用 GPG 签章，可至下列网址取得key：
http://www.redhat.com/about/contact.html

你可以用以下指令来进行验证:
rpm --checksig <filename>

如果你只想验证软件没有被更改或者损坏的话，可用以下指令检查md5sum：
rpm --checksig --nogpg <filename>

附加信息：
CVE Names: CAN-2001-1374 CAN-2001-1375