DSA 580-1: New iptables packages fix modprobe failure
Posted on: 11/01/2004 04:27 PM

An iptables update has been released for Debian GNU/Linux

---------------------------------------------------------------------------
Debian Security Advisory DSA 580-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
November 1st, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------

Package : iptables
Vulnerability : missing initialisation
Problem-Type : local
Debian-specific: no
CVE ID : CAN-2004-0986
Debian Bug : 219686

Faheem Mitha noticed that the iptables command, an administration tool for IPv4 packet filtering and NAT, did not always load the required modules on it own as it was supposed to. This could lead to firewall rules not being loaded on system startup. This caused a failure in connection with rules provided by lokkit at least.

For the stable distribution (woody) this problem has been fixed in version 1.2.6a-5.0woody2.

For the unstable distribution (sid) this problem has been fixed in version 1.2.11-4.

We recommend that you upgrade your iptables package.

Upgrade Instructions
---------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
---------------------------------

Source archives:

http://security.debian.org/pool/updates/main/i/iptables/iptables_1.2.6a-5.0woody2.dsc
Size/MD5 checksum: 639 03ce7ecd0cc462b0b0bef08d400f5a39
http://security.debian.org/pool/updates/main/i/iptables/iptables_1.2.6a-5.0woody2.diff.gz
Size/MD5 checksum: 82136 6c6305ebf8da551d7cbdfc4fe1149d87
http://security.debian.org/pool/updates/main/i/iptables/iptables_1.2.6a.orig.tar.gz
Size/MD5 checksum: 422313 84aed37b27830c1a74ece6765db0c31c

Alpha architecture:

http://security.debian.org/pool/updates/main/i/iptables/iptables_1.2.6a-5.0woody2_alpha.deb
Size/MD5 checksum: 377404 4adc7c8e3b71d6732fe36a223d044fc7
http://security.debian.org/pool/updates/main/i/iptables/iptables-dev_1.2.6a-5.0woody2_alpha.deb
Size/MD5 checksum: 110230 c0e0ecb43614186556adcd714e4d1272

ARM architecture:

http://security.debian.org/pool/updates/main/i/iptables/iptables_1.2.6a-5.0woody2_arm.deb
Size/MD5 checksum: 314110 8d0b4d2e6d7af1377cccf91898a7bda6
http://security.debian.org/pool/updates/main/i/iptables/iptables-dev_1.2.6a-5.0woody2_arm.deb
Size/MD5 checksum: 99130 aff30c9fc49fed3c4b21f418b43c4e65

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/i/iptables/iptables_1.2.6a-5.0woody2_i386.deb
Size/MD5 checksum: 287114 b0ff0f6ab787a136d7ef6f8819b04f96
http://security.debian.org/pool/updates/main/i/iptables/iptables-dev_1.2.6a-5.0woody2_i386.deb
Size/MD5 checksum: 96442 1c2d7ec853da4fdca2ca4e5bddd6740f

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/i/iptables/iptables_1.2.6a-5.0woody2_ia64.deb
Size/MD5 checksum: 446814 e9ea93b92e97a66164411be155b93598
http://security.debian.org/pool/updates/main/i/iptables/iptables-dev_1.2.6a-5.0woody2_ia64.deb
Size/MD5 checksum: 116386 42deb79a474dd9d78bddfe723b4ee6c4

HP Precision architecture:

http://security.debian.org/pool/updates/main/i/iptables/iptables_1.2.6a-5.0woody2_hppa.deb
Size/MD5 checksum: 345212 4866e88ca61f8ac2778cc3ce44d142ac
http://security.debian.org/pool/updates/main/i/iptables/iptables-dev_1.2.6a-5.0woody2_hppa.deb
Size/MD5 checksum: 95430 c60ef8c05e0c238d8ac7682626f3972d

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/i/iptables/iptables_1.2.6a-5.0woody2_m68k.deb
Size/MD5 checksum: 289032 f7748d7e5cc9726b7142d918712abd6d
http://security.debian.org/pool/updates/main/i/iptables/iptables-dev_1.2.6a-5.0woody2_m68k.deb
Size/MD5 checksum: 91232 37e6e304f0b4ebf666c4ffc860253a73

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/i/iptables/iptables_1.2.6a-5.0woody2_mips.deb
Size/MD5 checksum: 326050 713a2efd308c98a3a48135664c7a385c
http://security.debian.org/pool/updates/main/i/iptables/iptables-dev_1.2.6a-5.0woody2_mips.deb
Size/MD5 checksum: 106754 f44458bc89644ddb91a63caa498456ad

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/i/iptables/iptables_1.2.6a-5.0woody2_mipsel.deb
Size/MD5 checksum: 327082 731e9de4f81d6ecc114c89b2c54e99c7
http://security.debian.org/pool/updates/main/i/iptables/iptables-dev_1.2.6a-5.0woody2_mipsel.deb
Size/MD5 checksum: 106898 25d89525b8d158f12eaaf2db6635fd14

PowerPC architecture:

http://security.debian.org/pool/updates/main/i/iptables/iptables_1.2.6a-5.0woody2_powerpc.deb
Size/MD5 checksum: 321422 a73bf7a5f4696a44abe4dc19d9508cc8
http://security.debian.org/pool/updates/main/i/iptables/iptables-dev_1.2.6a-5.0woody2_powerpc.deb
Size/MD5 checksum: 101350 e81ceac78d6a38cfdd6b8f09e0cb176e

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/i/iptables/iptables_1.2.6a-5.0woody2_s390.deb
Size/MD5 checksum: 307826 1092ceb008461ac0323b2ddfc2327c22
http://security.debian.org/pool/updates/main/i/iptables/iptables-dev_1.2.6a-5.0woody2_s390.deb
Size/MD5 checksum: 97020 c5079802be1fed9934527371cf6a99d8

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/i/iptables/iptables_1.2.6a-5.0woody2_sparc.deb
Size/MD5 checksum: 323322 b33b11c7b474c50a84087f99580c122c
http://security.debian.org/pool/updates/main/i/iptables/iptables-dev_1.2.6a-5.0woody2_sparc.deb
Size/MD5 checksum: 98876 dc0ed1d555df1abb1868514fa307a88c


These files will probably be moved into the stable distribution on its next update.


Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/dsa_580_1_new_iptables_packages_fix_modprobe_failure.html)