Debians sikkerhedsbulletin
DSA-773-1 amd64 -- flere sårbarheder
- Rapporteret den:
- 11. aug 2005
- Berørte pakker:
- several
- Sårbar:
- Ja
- Referencer i sikkerhedsdatabaser:
- Der er pt. ingen tilgængelige eksterne sikkerhedsreferencer i andre databaser.
- Yderligere oplysninger:
-
Med denne bulletin får den stabile amd64-distribution sikkerhedsunderstøttelse. Bulletinen dækker alle opdateringer siden udgivelsen af "sarge", som manglede opdaterede pakker til den endnu ikke officielle tilpasning til amd64. Fremtidige sikkerhedsbulletiner vil desuden indeholde opdateringer vedrørende denne tilpasning.
- Rettet i:
-
Debian GNU/Linux 3.1 (sarge)
- DSA 762: several vulnerabilities
- http://security.debian.org/pool/updates/main/a/affix/affix_2.1.1-2_amd64.deb
- http://security.debian.org/pool/updates/main/a/affix/libaffix-dev_2.1.1-2_amd64.deb
- http://security.debian.org/pool/updates/main/a/affix/libaffix2_2.1.1-2_amd64.deb
- http://security.debian.org/pool/updates/main/a/affix/libaffix-dev_2.1.1-2_amd64.deb
- DSA 754: insecure temporary file
- http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge1_amd64.deb
- DSA 737: remote denial of service
- http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.1_amd64.deb
- http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.1_amd64.deb
- http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.1_amd64.deb
- http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.1_amd64.deb
- http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.1_amd64.deb
- http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.1_amd64.deb
- http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.1_amd64.deb
- DSA 733: insecure temporary files
- http://security.debian.org/pool/updates/main/c/crip/crip_3.5-1sarge2_amd64.deb
- DSA 742: buffer overflow
- http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-11_amd64.deb
- DSA 750: out-of-bound memory access
- http://security.debian.org/pool/updates/main/d/dhcpcd/dhcpcd_1.3.22pl4-21sarge1_amd64.deb
- DSA 760, DSA 767: several vulnerabilities
- http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-5_amd64.deb
- http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-5_amd64.deb
- http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-5_amd64.deb
- http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-5_amd64.deb
- DSA 749: format string error
- http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1-1sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/e/ettercap/ettercap-common_0.7.1-1sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/e/ettercap/ettercap-gtk_0.7.1-1sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/e/ettercap/ettercap-common_0.7.1-1sarge1_amd64.deb
- DSA 744: programming error
- http://security.debian.org/pool/updates/main/f/fuse/fuse-utils_2.2.1-4sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/f/fuse/libfuse-dev_2.2.1-4sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/f/fuse/libfuse2_2.2.1-4sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/f/fuse/libfuse-dev_2.2.1-4sarge2_amd64.deb
- DSA 734, DSA 7699: denial of service, memory alignment bug
- http://security.debian.org/pool/updates/main/g/gaim/gaim_1.2.1-1.4_amd64.deb
- http://security.debian.org/pool/updates/main/g/gaim/gaim-dev_1.2.1-1.4_amd64.deb
- http://security.debian.org/pool/updates/main/g/gaim/gaim-dev_1.2.1-1.4_amd64.deb
- DSA 753: format string
- http://security.debian.org/pool/updates/main/g/gedit/gedit_2.8.3-4sarge1_amd64.deb
- DSA 770: insecure tmpfile creation
- http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.7sarge1_amd64.deb
- DSA 761: insecure temporary files
- http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_1.2.3-9sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat-dev_1.2.3-9sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/h/heartbeat/libpils-dev_1.2.3-9sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/h/heartbeat/libpils0_1.2.3-9sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/h/heartbeat/libstonith-dev_1.2.3-9sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/h/heartbeat/libstonith0_1.2.3-9sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/h/heartbeat/stonith_1.2.3-9sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat-dev_1.2.3-9sarge2_amd64.deb
- DSA 758, DSA 765: buffer overflows
- http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.6.3-10sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.6.3-10sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.6.3-10sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.6.3-10sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.6.3-10sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.6.3-10sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/h/heimdal/libasn1-6-heimdal_0.6.3-10sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.6.3-10sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.6.3-10sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.6.3-10sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.6.3-10sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.6.3-10sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.6.3-10sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.6.3-10sarge1_amd64.deb
- DSA 743: buffer overflows, integer overflows
- http://security.debian.org/pool/updates/main/h/ht/ht_0.8.0-2sarge4_amd64.deb
- DSA 757: buffer overflow, double-free memory
- http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge2_amd64.deb
- DSA 771: several vulnerabilities
- http://security.debian.org/pool/updates/main/p/pdns/pdns_2.9.17-13sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-geo_2.9.17-13sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-ldap_2.9.17-13sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-mysql_2.9.17-13sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-pgsql_2.9.17-13sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-pipe_2.9.17-13sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-sqlite_2.9.17-13sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/p/pdns/pdns-recursor_2.9.17-13sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/p/pdns/pdns-server_2.9.17-13sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-geo_2.9.17-13sarge1_amd64.deb
- DSA 725: missing privilege release
- http://security.debian.org/pool/updates/main/p/ppxp/ppxp_0.2001080415-10sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/p/ppxp/ppxp-dev_0.2001080415-10sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/p/ppxp/ppxp-tcltk_0.2001080415-10sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/p/ppxp/ppxp-x11_0.2001080415-10sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/p/ppxp/ppxp-dev_0.2001080415-10sarge2_amd64.deb
- DSA 728: missing privilege release
- http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.5-4sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.0.5-4sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.0.5-4sarge1_amd64.deb
- DSA 738: remote denial of service
- http://security.debian.org/pool/updates/main/r/razor/razor_2.670-1sarge2_amd64.deb
- DSA 748: bad default value
- http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.2-7sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.2-7sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.2-7sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.2-7sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.2-7sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.2-7sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.2-7sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2-7sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.2-7sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.2-7sarge1_amd64.deb
- DSA 736: remote denial of service
- http://security.debian.org/pool/updates/main/s/spamassassin/spamc_3.0.3-2_amd64.deb
- DSA 735: pathname validation race
- http://security.debian.org/pool/updates/main/s/sudo/sudo_1.6.8p7-1.1sarge1_amd64.deb
- DSA-740, DSA 763: remote denial of service
- http://security.debian.org/pool/updates/main/z/zlib/zlib-bin_1.2.2-4.sarge.2_amd64.deb
- http://security.debian.org/pool/updates/main/z/zlib/zlib1g_1.2.2-4.sarge.2_amd64.deb
- http://security.debian.org/pool/updates/main/z/zlib/zlib1g-dev_1.2.2-4.sarge.2_amd64.deb
- http://security.debian.org/pool/updates/main/z/zlib/zlib1g_1.2.2-4.sarge.2_amd64.deb
MD5-kontrolsummer for de listede filer findes i den originale sikkerhedsbulletin.