Aviso de seguridad de Debian
DSA-773-1 amd64 -- varias vulnerabilidades
- Fecha del informe:
- 11 de ago de 2005
- Paquetes afectados:
- several
- Vulnerable:
- Sí
- Referencias a bases de datos de seguridad:
- No se dispone, de momento, de referencias a otras bases de datos de seguridad externas.
- Información adicional:
-
Este aviso añade el soporte para seguridad en la distribución estable para amd64. Se hace extensible a todas las actualizaciones de seguridad desde la publicación de sarge, que carecía de paquetes actualizados para la arquitectura amd64, todavía no oficial. Los próximos avisos de seguridad también incluirán actualizaciones para esta arquitectura.
- Arreglado en:
-
Debian GNU/Linux 3.1 (sarge)
- DSA 762: several vulnerabilities
- http://security.debian.org/pool/updates/main/a/affix/affix_2.1.1-2_amd64.deb
- http://security.debian.org/pool/updates/main/a/affix/libaffix-dev_2.1.1-2_amd64.deb
- http://security.debian.org/pool/updates/main/a/affix/libaffix2_2.1.1-2_amd64.deb
- http://security.debian.org/pool/updates/main/a/affix/libaffix-dev_2.1.1-2_amd64.deb
- DSA 754: insecure temporary file
- http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge1_amd64.deb
- DSA 737: remote denial of service
- http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.1_amd64.deb
- http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.1_amd64.deb
- http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.1_amd64.deb
- http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.1_amd64.deb
- http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.1_amd64.deb
- http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.1_amd64.deb
- http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.1_amd64.deb
- DSA 733: insecure temporary files
- http://security.debian.org/pool/updates/main/c/crip/crip_3.5-1sarge2_amd64.deb
- DSA 742: buffer overflow
- http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-11_amd64.deb
- DSA 750: out-of-bound memory access
- http://security.debian.org/pool/updates/main/d/dhcpcd/dhcpcd_1.3.22pl4-21sarge1_amd64.deb
- DSA 760, DSA 767: several vulnerabilities
- http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-5_amd64.deb
- http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-5_amd64.deb
- http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-5_amd64.deb
- http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-5_amd64.deb
- DSA 749: format string error
- http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1-1sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/e/ettercap/ettercap-common_0.7.1-1sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/e/ettercap/ettercap-gtk_0.7.1-1sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/e/ettercap/ettercap-common_0.7.1-1sarge1_amd64.deb
- DSA 744: programming error
- http://security.debian.org/pool/updates/main/f/fuse/fuse-utils_2.2.1-4sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/f/fuse/libfuse-dev_2.2.1-4sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/f/fuse/libfuse2_2.2.1-4sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/f/fuse/libfuse-dev_2.2.1-4sarge2_amd64.deb
- DSA 734, DSA 7699: denial of service, memory alignment bug
- http://security.debian.org/pool/updates/main/g/gaim/gaim_1.2.1-1.4_amd64.deb
- http://security.debian.org/pool/updates/main/g/gaim/gaim-dev_1.2.1-1.4_amd64.deb
- http://security.debian.org/pool/updates/main/g/gaim/gaim-dev_1.2.1-1.4_amd64.deb
- DSA 753: format string
- http://security.debian.org/pool/updates/main/g/gedit/gedit_2.8.3-4sarge1_amd64.deb
- DSA 770: insecure tmpfile creation
- http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.7sarge1_amd64.deb
- DSA 761: insecure temporary files
- http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_1.2.3-9sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat-dev_1.2.3-9sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/h/heartbeat/libpils-dev_1.2.3-9sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/h/heartbeat/libpils0_1.2.3-9sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/h/heartbeat/libstonith-dev_1.2.3-9sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/h/heartbeat/libstonith0_1.2.3-9sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/h/heartbeat/stonith_1.2.3-9sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat-dev_1.2.3-9sarge2_amd64.deb
- DSA 758, DSA 765: buffer overflows
- http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.6.3-10sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.6.3-10sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.6.3-10sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.6.3-10sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.6.3-10sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.6.3-10sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/h/heimdal/libasn1-6-heimdal_0.6.3-10sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.6.3-10sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.6.3-10sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.6.3-10sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.6.3-10sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.6.3-10sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.6.3-10sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.6.3-10sarge1_amd64.deb
- DSA 743: buffer overflows, integer overflows
- http://security.debian.org/pool/updates/main/h/ht/ht_0.8.0-2sarge4_amd64.deb
- DSA 757: buffer overflow, double-free memory
- http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge2_amd64.deb
- DSA 771: several vulnerabilities
- http://security.debian.org/pool/updates/main/p/pdns/pdns_2.9.17-13sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-geo_2.9.17-13sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-ldap_2.9.17-13sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-mysql_2.9.17-13sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-pgsql_2.9.17-13sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-pipe_2.9.17-13sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-sqlite_2.9.17-13sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/p/pdns/pdns-recursor_2.9.17-13sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/p/pdns/pdns-server_2.9.17-13sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-geo_2.9.17-13sarge1_amd64.deb
- DSA 725: missing privilege release
- http://security.debian.org/pool/updates/main/p/ppxp/ppxp_0.2001080415-10sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/p/ppxp/ppxp-dev_0.2001080415-10sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/p/ppxp/ppxp-tcltk_0.2001080415-10sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/p/ppxp/ppxp-x11_0.2001080415-10sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/p/ppxp/ppxp-dev_0.2001080415-10sarge2_amd64.deb
- DSA 728: missing privilege release
- http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.5-4sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.0.5-4sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.0.5-4sarge1_amd64.deb
- DSA 738: remote denial of service
- http://security.debian.org/pool/updates/main/r/razor/razor_2.670-1sarge2_amd64.deb
- DSA 748: bad default value
- http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.2-7sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.2-7sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.2-7sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.2-7sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.2-7sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.2-7sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.2-7sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2-7sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.2-7sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.2-7sarge1_amd64.deb
- DSA 736: remote denial of service
- http://security.debian.org/pool/updates/main/s/spamassassin/spamc_3.0.3-2_amd64.deb
- DSA 735: pathname validation race
- http://security.debian.org/pool/updates/main/s/sudo/sudo_1.6.8p7-1.1sarge1_amd64.deb
- DSA-740, DSA 763: remote denial of service
- http://security.debian.org/pool/updates/main/z/zlib/zlib-bin_1.2.2-4.sarge.2_amd64.deb
- http://security.debian.org/pool/updates/main/z/zlib/zlib1g_1.2.2-4.sarge.2_amd64.deb
- http://security.debian.org/pool/updates/main/z/zlib/zlib1g-dev_1.2.2-4.sarge.2_amd64.deb
- http://security.debian.org/pool/updates/main/z/zlib/zlib1g_1.2.2-4.sarge.2_amd64.deb
Las sumas MD5 de los ficheros que se listan están disponibles en el aviso original.