Red Hat Product Errata RHSA-2007:0203 - Security Advisory

Issued:: 2007-05-01
Updated:: 2007-05-01

RHSA-2007:0203 - Security Advisory

Overview
Updated Packages

Synopsis

Low: unzip security and bug fix update

Type/Severity

Security Advisory: Low

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated unzip packages that fix two security issues and various bugs are
now available.

This update has been rated as having low security impact by the Red Hat
Security Response Team.

Description

The unzip utility is used to list, test, or extract files from a zip archive.

A race condition was found in Unzip. Local users could use this flaw to
modify permissions of arbitrary files via a hard link attack on a file
while it was being decompressed (CVE-2005-2475)

A buffer overflow was found in Unzip command line argument handling.
If a user could be tricked into running Unzip with a specially crafted long
file name, an attacker could execute arbitrary code with that user's
privileges. (CVE-2005-4667)

As well, this update adds support for files larger than 2GB.

All users of unzip should upgrade to these updated packages, which
contain backported patches that resolve these issues.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:

http://www.redhat.com/docs/manuals/enterprise/

Affected Products

Red Hat Enterprise Linux Server 4 x86_64
Red Hat Enterprise Linux Server 4 ia64
Red Hat Enterprise Linux Server 4 i386
Red Hat Enterprise Linux Workstation 4 x86_64
Red Hat Enterprise Linux Workstation 4 ia64
Red Hat Enterprise Linux Workstation 4 i386
Red Hat Enterprise Linux Desktop 4 x86_64
Red Hat Enterprise Linux Desktop 4 i386
Red Hat Enterprise Linux for IBM z Systems 4 s390x
Red Hat Enterprise Linux for IBM z Systems 4 s390
Red Hat Enterprise Linux for Power, big endian 4 ppc

Fixes

BZ - 164927 - CVE-2005-2475 TOCTOU issue in unzip
BZ - 178960 - CVE-2005-4667 unzip long filename buffer overflow
BZ - 199104 - unzip has not been compiled with large file support and cannot unzip files > 2G
BZ - 230558 - unzip-5.51-8 leaves files as read-only (400)

CVEs

References

http://www.redhat.com/security/updates/classification/#low

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 4

SRPM
unzip-5.51-9.EL4.5.src.rpm	SHA-256: a0e5151ccd10f59a8f75699a932fc00abc26e445a322dd3e6c43f147b3276cac
x86_64
unzip-5.51-9.EL4.5.x86_64.rpm	SHA-256: b0dea0e520a3855186ee28a107d5030c52091e6867ce690d7062e3d8340d3aa7
unzip-5.51-9.EL4.5.x86_64.rpm	SHA-256: b0dea0e520a3855186ee28a107d5030c52091e6867ce690d7062e3d8340d3aa7
ia64
unzip-5.51-9.EL4.5.ia64.rpm	SHA-256: b65ea325407e31eb69d90e0ac9803b4e37755287d6ae27f1cd66045aca98938b
unzip-5.51-9.EL4.5.ia64.rpm	SHA-256: b65ea325407e31eb69d90e0ac9803b4e37755287d6ae27f1cd66045aca98938b
i386
unzip-5.51-9.EL4.5.i386.rpm	SHA-256: b63576fe00fc73677eda03f759bd34c1dcf967dbbe1f1717d92106c484fcf936
unzip-5.51-9.EL4.5.i386.rpm	SHA-256: b63576fe00fc73677eda03f759bd34c1dcf967dbbe1f1717d92106c484fcf936

Red Hat Enterprise Linux Workstation 4

SRPM
unzip-5.51-9.EL4.5.src.rpm	SHA-256: a0e5151ccd10f59a8f75699a932fc00abc26e445a322dd3e6c43f147b3276cac
x86_64
unzip-5.51-9.EL4.5.x86_64.rpm	SHA-256: b0dea0e520a3855186ee28a107d5030c52091e6867ce690d7062e3d8340d3aa7
ia64
unzip-5.51-9.EL4.5.ia64.rpm	SHA-256: b65ea325407e31eb69d90e0ac9803b4e37755287d6ae27f1cd66045aca98938b
i386
unzip-5.51-9.EL4.5.i386.rpm	SHA-256: b63576fe00fc73677eda03f759bd34c1dcf967dbbe1f1717d92106c484fcf936

Red Hat Enterprise Linux Desktop 4

SRPM
unzip-5.51-9.EL4.5.src.rpm	SHA-256: a0e5151ccd10f59a8f75699a932fc00abc26e445a322dd3e6c43f147b3276cac
x86_64
unzip-5.51-9.EL4.5.x86_64.rpm	SHA-256: b0dea0e520a3855186ee28a107d5030c52091e6867ce690d7062e3d8340d3aa7
i386
unzip-5.51-9.EL4.5.i386.rpm	SHA-256: b63576fe00fc73677eda03f759bd34c1dcf967dbbe1f1717d92106c484fcf936

Red Hat Enterprise Linux for IBM z Systems 4

SRPM
unzip-5.51-9.EL4.5.src.rpm	SHA-256: a0e5151ccd10f59a8f75699a932fc00abc26e445a322dd3e6c43f147b3276cac
s390x
unzip-5.51-9.EL4.5.s390x.rpm	SHA-256: 50b363c519fad4f41ed24dbe5520957f3cc516dad3a731b4755e2688d23156eb
s390
unzip-5.51-9.EL4.5.s390.rpm	SHA-256: a1dd94b325aacdd7fcae7a15dd2ff6294f3bbc5b51955122c4d345d2a67da73d

Red Hat Enterprise Linux for Power, big endian 4

SRPM
unzip-5.51-9.EL4.5.src.rpm	SHA-256: a0e5151ccd10f59a8f75699a932fc00abc26e445a322dd3e6c43f147b3276cac
ppc
unzip-5.51-9.EL4.5.ppc.rpm	SHA-256: 723fe2920e5046e648cffe88ee039c3288cdcb55e22868dac51b2cebcf439d2e

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation

Services

Tools

Red Hat Insights

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories