- Issued:
- 2007-05-01
- Updated:
- 2007-05-01
RHSA-2007:0244 - Security Advisory
Synopsis
Low: busybox security update
Type/Severity
Security Advisory: Low
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
Updated busybox packages that fix a security issue are now available.
This update has been rated as having low security impact by the Red Hat
Security Response Team.
Description
Busybox is a single binary which includes versions of a large number of
system commands, including a shell. This package can be useful for
recovering from certain types of system failures.
BusyBox did not use a salt when generating passwords. This made it
easier for local users to guess passwords from a stolen password file.
(CVE-2006-1058)
All users of busybox are advised to upgrade to these updated packages,
which contain a patch to resolve this issue.
Solution
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:
up2date
For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:
Affected Products
- Red Hat Enterprise Linux Server 4 x86_64
- Red Hat Enterprise Linux Server 4 ia64
- Red Hat Enterprise Linux Server 4 i386
- Red Hat Enterprise Linux Workstation 4 x86_64
- Red Hat Enterprise Linux Workstation 4 ia64
- Red Hat Enterprise Linux Workstation 4 i386
- Red Hat Enterprise Linux Desktop 4 x86_64
- Red Hat Enterprise Linux Desktop 4 i386
- Red Hat Enterprise Linux for IBM z Systems 4 s390x
- Red Hat Enterprise Linux for IBM z Systems 4 s390
- Red Hat Enterprise Linux for Power, big endian 4 ppc
Fixes
- BZ - 187385 - CVE-2006-1058 BusyBox passwd command fails to generate password with salt
CVEs
Red Hat Enterprise Linux Server 4
SRPM | |
---|---|
busybox-1.00.rc1-7.el4.src.rpm | SHA-256: 63680983ba608001e32cb1e9608594042c7a60ef6a6aded81575721c288a5e30 |
x86_64 | |
busybox-1.00.rc1-7.el4.x86_64.rpm | SHA-256: f9a9a9bde97de52eb0541badf690c01ca965204d6cf5a3652506acc572e7027f |
busybox-1.00.rc1-7.el4.x86_64.rpm | SHA-256: f9a9a9bde97de52eb0541badf690c01ca965204d6cf5a3652506acc572e7027f |
busybox-anaconda-1.00.rc1-7.el4.x86_64.rpm | SHA-256: bf0a5803811796d9e25387740ec7622eef0473e1dc00fc7aa93dc6bc3cacfe58 |
busybox-anaconda-1.00.rc1-7.el4.x86_64.rpm | SHA-256: bf0a5803811796d9e25387740ec7622eef0473e1dc00fc7aa93dc6bc3cacfe58 |
ia64 | |
busybox-1.00.rc1-7.el4.ia64.rpm | SHA-256: 2ebced3ac2a8853b62d62f20151e877bcbf472d555b7129e3e3b90a58f13d78b |
busybox-1.00.rc1-7.el4.ia64.rpm | SHA-256: 2ebced3ac2a8853b62d62f20151e877bcbf472d555b7129e3e3b90a58f13d78b |
busybox-anaconda-1.00.rc1-7.el4.ia64.rpm | SHA-256: b7848f20731e54f426a9d35a95db2fd5621566315c6d11a9047e72d6229a5e73 |
busybox-anaconda-1.00.rc1-7.el4.ia64.rpm | SHA-256: b7848f20731e54f426a9d35a95db2fd5621566315c6d11a9047e72d6229a5e73 |
i386 | |
busybox-1.00.rc1-7.el4.i386.rpm | SHA-256: 6f4ff466268ceea02a1850afcf09c01d8b7ae6b02a9c315563494a54f636cab5 |
busybox-1.00.rc1-7.el4.i386.rpm | SHA-256: 6f4ff466268ceea02a1850afcf09c01d8b7ae6b02a9c315563494a54f636cab5 |
busybox-anaconda-1.00.rc1-7.el4.i386.rpm | SHA-256: 838b075c5917f2ac8a8067259cbd80ca26c93dcc8be9389b6760523193481511 |
busybox-anaconda-1.00.rc1-7.el4.i386.rpm | SHA-256: 838b075c5917f2ac8a8067259cbd80ca26c93dcc8be9389b6760523193481511 |
Red Hat Enterprise Linux Workstation 4
SRPM | |
---|---|
busybox-1.00.rc1-7.el4.src.rpm | SHA-256: 63680983ba608001e32cb1e9608594042c7a60ef6a6aded81575721c288a5e30 |
x86_64 | |
busybox-1.00.rc1-7.el4.x86_64.rpm | SHA-256: f9a9a9bde97de52eb0541badf690c01ca965204d6cf5a3652506acc572e7027f |
busybox-anaconda-1.00.rc1-7.el4.x86_64.rpm | SHA-256: bf0a5803811796d9e25387740ec7622eef0473e1dc00fc7aa93dc6bc3cacfe58 |
ia64 | |
busybox-1.00.rc1-7.el4.ia64.rpm | SHA-256: 2ebced3ac2a8853b62d62f20151e877bcbf472d555b7129e3e3b90a58f13d78b |
busybox-anaconda-1.00.rc1-7.el4.ia64.rpm | SHA-256: b7848f20731e54f426a9d35a95db2fd5621566315c6d11a9047e72d6229a5e73 |
i386 | |
busybox-1.00.rc1-7.el4.i386.rpm | SHA-256: 6f4ff466268ceea02a1850afcf09c01d8b7ae6b02a9c315563494a54f636cab5 |
busybox-anaconda-1.00.rc1-7.el4.i386.rpm | SHA-256: 838b075c5917f2ac8a8067259cbd80ca26c93dcc8be9389b6760523193481511 |
Red Hat Enterprise Linux Desktop 4
SRPM | |
---|---|
busybox-1.00.rc1-7.el4.src.rpm | SHA-256: 63680983ba608001e32cb1e9608594042c7a60ef6a6aded81575721c288a5e30 |
x86_64 | |
busybox-1.00.rc1-7.el4.x86_64.rpm | SHA-256: f9a9a9bde97de52eb0541badf690c01ca965204d6cf5a3652506acc572e7027f |
busybox-anaconda-1.00.rc1-7.el4.x86_64.rpm | SHA-256: bf0a5803811796d9e25387740ec7622eef0473e1dc00fc7aa93dc6bc3cacfe58 |
i386 | |
busybox-1.00.rc1-7.el4.i386.rpm | SHA-256: 6f4ff466268ceea02a1850afcf09c01d8b7ae6b02a9c315563494a54f636cab5 |
busybox-anaconda-1.00.rc1-7.el4.i386.rpm | SHA-256: 838b075c5917f2ac8a8067259cbd80ca26c93dcc8be9389b6760523193481511 |
Red Hat Enterprise Linux for IBM z Systems 4
SRPM | |
---|---|
busybox-1.00.rc1-7.el4.src.rpm | SHA-256: 63680983ba608001e32cb1e9608594042c7a60ef6a6aded81575721c288a5e30 |
s390x | |
busybox-1.00.rc1-7.el4.s390x.rpm | SHA-256: ce124aade49e63b6d6d17da29e646248b0a0f037aba6a5a5cdf1457470d162d3 |
busybox-anaconda-1.00.rc1-7.el4.s390x.rpm | SHA-256: b461e59b3505526b44340f0547c9a74719059706b09dbfe281e88d6f8fb389cb |
s390 | |
busybox-1.00.rc1-7.el4.s390.rpm | SHA-256: 71bafa47fb2b98bb7fd04d79e28b221d32ef661d01cc30adf468fe86afd81f85 |
busybox-anaconda-1.00.rc1-7.el4.s390.rpm | SHA-256: 3f816c9140216a00d92a6ac621895827085c81f50978b147873d5478a6982bd6 |
Red Hat Enterprise Linux for Power, big endian 4
SRPM | |
---|---|
busybox-1.00.rc1-7.el4.src.rpm | SHA-256: 63680983ba608001e32cb1e9608594042c7a60ef6a6aded81575721c288a5e30 |
ppc | |
busybox-1.00.rc1-7.el4.ppc.rpm | SHA-256: 54ddb58a25335bf029d5ac55886d429c53b0a3daddaec7d83a85c0e82d1c977b |
busybox-anaconda-1.00.rc1-7.el4.ppc.rpm | SHA-256: 3c5ba198c5ca42ccc766891f23b828a4f92dc0e6901c5734448d7bda52012d61 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.