-----BEGIN PGP SIGNED MESSAGE-----

Subject: Caldera Security Advisory SA-1998.09: Vulnerabilities in INN

Advisory issue date: 24-July-1998

Topic: Vulnerabilities in INN


I. Problem Description

Changes since 1.7.1

        - The fixinterpreter.pl script checks perl version required of the
          target.
        - The innmail script handles '%s' in the _PATH_SENDMAIL values
        - The innshellvars* scripts have sendmail variables in them.

Changes since 1.7

        - Logs for verification of pgp signed control messages were going
          to the wrong place.
        - A fix to underallocated buffers (the `buffset' fix)
        - A fix to prevent a bad pointer being passed to free() in
          expireover.c
        - Fixes to actsync to straighten out the '-I' command line option
          behaviour.
        - The script sendbatch had some hardcoded values removed.
        - The actsyncd script had some minor bugs fixed.
        - The Install.ms.* files have been fixed up.
        - The sucking-feed slowing mechanism has been tidied up a bit (but
          still isn't very clean so the default is now off in config.dist).
        - Responses to HEAD, BODY and ARTICLE commands have been fixed when
          requesting by message-id.
        - Makefile dependencies have been updated.
        - The innmail script (a replacement for UCB Mail) is included. Its
          use is highly recommended.


II. Impact

Description:

Vulnerable Systems:

	OpenLinux 1.0, 1.1, 1.2 systems using inn-1.5.1.

III. Solution

Correction:

        The proper solution is to Upgrade to the inn-1.7.2-1 package. 
        They can be found on Caldera's FTP site at:

	ftp://ftp.caldera.com/pub/OpenLinux/updates/1.2/current/RPMS

        The corresponding source code can be found at:

	ftp://ftp.caldera.com/pub/OpenLinux/updates/1.2/current/SRPMS

        The MD5 checksums (from the "md5sum" command) for these packages are:

	e03ca93325a661db6496f5c4d1efe849  RPMS/inn-1.7.2-1.i386.rpm
	9bc01afd4bb2b7c3892f9f8161bc665a  SRPMS/inn-1.7.2-1.src.rpm

        Upgrade with the following commands:

rpm -q inn && rpm -e --nodeps inn && rpm -i --nodeps inn-1.7.2-1.i386.rpm


IV. References


        This and other Caldera security resources are located at:
	http://www.caldera.com/news/security/index.html

        This security fix closes Caldera's internal Problem Report
	1831.

V. PGP Signature

	This message was signed with the PGP key for security@caldera.com.

	This key can be obtained from:
		ftp://ftp.caldera.com/pub/pgp-keys/

	Or on an OpenLinux CDROM under:
		/OpenLinux/pgp-keys/

	$Id: SA-1998.09.txt,v 1.3 1998/07/24 12:58:46 rf Exp $


-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv

iQCVAwUBNbiFBun+9R4958LpAQGW0gQAnqN9PTYwwiaDhZahuB+/MrUuZIltErbI
50hmZ/8/a8ByyYSyYFR0YS/u+2ap4emdY4GJi0s11VaRvQvhr4KHVnJxRMAfUIzz
WsmNvuqUp1OyeL6A/TdVHyubOtA1jS30dEi6Lh5s8JfFwr45rHp0BOIbSHgGX7Rv
UjtxVz+MZUY=
=bpv7
-----END PGP SIGNATURE-----