---

Advisories, April 26, 2006

Debian GNU/Linux


Debian Security Advisory DSA 1041-1 [email protected]
http://www.debian.org/security/
Martin Schulze
April 25th, 2006 http://www.debian.org/security/faq


Package : abc2ps
Vulnerability : buffer overflows
Problem type : local (remote)
Debian-specific: no
CVE ID : CVE-2006-1513

Erik Själund discovered that abc2ps, a translator for ABC
music description files into PostScript, does not check the
boundaries when reading in ABC music files resulting in buffer
overflows.

For the old stable distribution (woody) these problems have been
fixed in version 1.3.3-2woody1.

For the stable distribution (sarge) these problems have been
fixed in version 1.3.3-3sarge1.

For the unstable distribution (sid) these problems have been
fixed in version 1.3.3-3sarge1.

We recommend that you upgrade your abc2ps package.

Upgrade Instructions


wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody


Source archives:

    http://security.debian.org/pool/updates/main/a/abc2ps/abc2ps_1.3.3-2woody1.dsc

      Size/MD5 checksum: 574
2bf8bde7a186ba1d93794f76ca19a21a
    http://security.debian.org/pool/updates/main/a/abc2ps/abc2ps_1.3.3-2woody1.diff.gz

      Size/MD5 checksum: 12626
fc9f2d8362327652fbe36926a1011ea3
    http://security.debian.org/pool/updates/main/a/abc2ps/abc2ps_1.3.3.orig.tar.gz

      Size/MD5 checksum: 125327
720f41663251ea56c7d3456c09ccdb24

Alpha architecture:

    http://security.debian.org/pool/updates/main/a/abc2ps/abc2ps_1.3.3-2woody1_alpha.deb

      Size/MD5 checksum: 198302
48d72a8edd108a0e860a414ef71f4eed

ARM architecture:

    http://security.debian.org/pool/updates/main/a/abc2ps/abc2ps_1.3.3-2woody1_arm.deb

      Size/MD5 checksum: 133896
c31722490dd0068c1b7b31f5623889bf

Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/a/abc2ps/abc2ps_1.3.3-2woody1_i386.deb

      Size/MD5 checksum: 126224
1a7825d31788e2ce2d5611d026c035e8

Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/a/abc2ps/abc2ps_1.3.3-2woody1_ia64.deb

      Size/MD5 checksum: 248658
e4af663fc6bb5557bcbb5556671a0694

HP Precision architecture:

    http://security.debian.org/pool/updates/main/a/abc2ps/abc2ps_1.3.3-2woody1_hppa.deb

      Size/MD5 checksum: 151654
fb3434ac543a2b7351912fe9ac70a106

Motorola 680×0 architecture:

    http://security.debian.org/pool/updates/main/a/abc2ps/abc2ps_1.3.3-2woody1_m68k.deb

      Size/MD5 checksum: 118484
de9477e6ae7eef6bf004e03976a37e2f

Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/a/abc2ps/abc2ps_1.3.3-2woody1_mips.deb

      Size/MD5 checksum: 168336
e8506ab9625e17b37d88104fc329c576

Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/a/abc2ps/abc2ps_1.3.3-2woody1_mipsel.deb

      Size/MD5 checksum: 168412
06fd6748c5aed2b0671fd8948c25f5ac

PowerPC architecture:

    http://security.debian.org/pool/updates/main/a/abc2ps/abc2ps_1.3.3-2woody1_powerpc.deb

      Size/MD5 checksum: 159308
59bbf493d9d3aebb5cabd5514152cb7a

IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/a/abc2ps/abc2ps_1.3.3-2woody1_s390.deb

      Size/MD5 checksum: 130400
474abf4e655d73cc29dff7cab0e0caa3

Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/a/abc2ps/abc2ps_1.3.3-2woody1_sparc.deb

      Size/MD5 checksum: 156464
65ceb4dd51fcd074f2559e39cdfd72a3

Debian GNU/Linux 3.1 alias sarge


Source archives:

    http://security.debian.org/pool/updates/main/a/abc2ps/abc2ps_1.3.3-3sarge1.dsc

      Size/MD5 checksum: 574
0e501917b1f3eaae019b493a7d75e2ac
    http://security.debian.org/pool/updates/main/a/abc2ps/abc2ps_1.3.3-3sarge1.diff.gz

      Size/MD5 checksum: 12761
ef51821cc1e99f4c27d36f1563fd5939
    http://security.debian.org/pool/updates/main/a/abc2ps/abc2ps_1.3.3.orig.tar.gz

      Size/MD5 checksum: 125327
720f41663251ea56c7d3456c09ccdb24

Alpha architecture:

    http://security.debian.org/pool/updates/main/a/abc2ps/abc2ps_1.3.3-3sarge1_alpha.deb

      Size/MD5 checksum: 161382
5a61a8187469f45261e2861ef4131657

AMD64 architecture:

    http://security.debian.org/pool/updates/main/a/abc2ps/abc2ps_1.3.3-3sarge1_amd64.deb

      Size/MD5 checksum: 142244
cc3d5a9a34c7e74e4a62800d20595986

ARM architecture:

    http://security.debian.org/pool/updates/main/a/abc2ps/abc2ps_1.3.3-3sarge1_arm.deb

      Size/MD5 checksum: 133466
e86cec900cabbab1c9655240f7a87cfc

Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/a/abc2ps/abc2ps_1.3.3-3sarge1_i386.deb

      Size/MD5 checksum: 131446
1c28cd803285e045788c3fa7aa858c19

Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/a/abc2ps/abc2ps_1.3.3-3sarge1_ia64.deb

      Size/MD5 checksum: 194404
74c75445c63e99ee12037b7099b98611

HP Precision architecture:

    http://security.debian.org/pool/updates/main/a/abc2ps/abc2ps_1.3.3-3sarge1_hppa.deb

      Size/MD5 checksum: 148086
f07421a81c2a2f8b778beb2cbb0eac96

Motorola 680×0 architecture:

    http://security.debian.org/pool/updates/main/a/abc2ps/abc2ps_1.3.3-3sarge1_m68k.deb

      Size/MD5 checksum: 119956
81de406009470ac5f65a8405086a9a74

Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/a/abc2ps/abc2ps_1.3.3-3sarge1_mips.deb

      Size/MD5 checksum: 151294
d07363582856e4b798ab992e5369df6a

Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/a/abc2ps/abc2ps_1.3.3-3sarge1_mipsel.deb

      Size/MD5 checksum: 151556
62cce9b325a53dc0f1d32eb788fbbc4b

PowerPC architecture:

    http://security.debian.org/pool/updates/main/a/abc2ps/abc2ps_1.3.3-3sarge1_powerpc.deb

      Size/MD5 checksum: 140764
46152d575bf1945bef5f4dbf1bce3306

IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/a/abc2ps/abc2ps_1.3.3-3sarge1_s390.deb

      Size/MD5 checksum: 136302
b0a5f1a3d6cd14374dc4ee11d84a6481

Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/a/abc2ps/abc2ps_1.3.3-3sarge1_sparc.deb

      Size/MD5 checksum: 136524
89e570de8c755a45d0932c343f5edc20

These files will probably be moved into the stable distribution
on its next update.



Debian Security Advisory DSA 1042-1 [email protected]
http://www.debian.org/security/
Martin Schulze
April 25th, 2006 http://www.debian.org/security/faq


Package : cyrus-sasl2
Vulnerability : programming error
Problem type : remote
Debian-specific: no
CVE ID : CVE-2006-1721
BugTraq ID : 17446
Debian Bug : 361937

The Mu Security research team discovered a denial of service
condition in the Simple Authentication and Security Layer
authentication library (SASL) during DIGEST-MD5 negotiation. This
potentially affects multiple products that use SASL DIGEST-MD5
authentication including OpenLDAP, Sendmail, Postfix, etc.

The old stable distribution (woody) is not affected by this
problem.

For the stable distribution (sarge) this problem has been fixed
in version 2.1.19-1.5sarge1.

For the unstable distribution (sid) this problem has been fixed
in version 2.1.19.dfsg1-0.2.

We recommend that you upgrade your cyrus-sasl2 packages.

Upgrade Instructions


wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.1 alias sarge


Source archives:

    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/cyrus-sasl2_2.1.19-1.5sarge1.dsc

      Size/MD5 checksum: 1120
ec157beb1833036fd69e1d4ce8fda6fe
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/cyrus-sasl2_2.1.19-1.5sarge1.diff.gz

      Size/MD5 checksum: 31691
e0b3e61f2e6c67b580280b52f68bc2c5
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/cyrus-sasl2_2.1.19.orig.tar.gz

      Size/MD5 checksum: 1531667
670f9a0c0a99cf09d679cd5c859a3715

Alpha architecture:

    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2_2.1.19-1.5sarge1_alpha.deb

      Size/MD5 checksum: 277710
84af7feeb9a25d866b9f3d8fe72da959
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-dev_2.1.19-1.5sarge1_alpha.deb

      Size/MD5 checksum: 302280
ba5941366cae17028869a4d61a11ecd7
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules_2.1.19-1.5sarge1_alpha.deb

      Size/MD5 checksum: 218568
34fc9ff869fd10e3017516e61a9fb576
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-gssapi-heimdal_2.1.19-1.5sarge1_alpha.deb

      Size/MD5 checksum: 62528
d1ab909a0132fa1c809c8f18ea9e2e13
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-kerberos-heimdal_2.1.19-1.5sarge1_alpha.deb

      Size/MD5 checksum: 63634
83ff3877993d77444a5c19f1f34eafc8
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-sql_2.1.19-1.5sarge1_alpha.deb

      Size/MD5 checksum: 59818
93906682632e07771cd3e534dd4a9596
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/sasl2-bin_2.1.19-1.5sarge1_alpha.deb

      Size/MD5 checksum: 128948
8b5d55da1d3ce970b074809c1022c577

AMD64 architecture:

    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2_2.1.19-1.5sarge1_amd64.deb

      Size/MD5 checksum: 264912
a58a7a16b08d0b7c1123b337a9f50e9a
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-dev_2.1.19-1.5sarge1_amd64.deb

      Size/MD5 checksum: 258922
03d3660a31f00a448a95f265c5c376f7
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules_2.1.19-1.5sarge1_amd64.deb

      Size/MD5 checksum: 171340
772cf2196a1f1c10e4ab655c3db75e75
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-gssapi-heimdal_2.1.19-1.5sarge1_amd64.deb

      Size/MD5 checksum: 54642
6a8d8844d3fdf4ed907037efe423b6cb
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-kerberos-heimdal_2.1.19-1.5sarge1_amd64.deb

      Size/MD5 checksum: 54304
71fb9d1f3cad979bb3e752d8e57c616a
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-sql_2.1.19-1.5sarge1_amd64.deb

      Size/MD5 checksum: 52636
9cb4860537835b99c8869f4623e7be49
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/sasl2-bin_2.1.19-1.5sarge1_amd64.deb

      Size/MD5 checksum: 117754
8477190f7629a53205de940133af7b2c

ARM architecture:

    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2_2.1.19-1.5sarge1_arm.deb

      Size/MD5 checksum: 259912
782d897e4b30330b8a74b78d5c6ea3aa
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-dev_2.1.19-1.5sarge1_arm.deb

      Size/MD5 checksum: 258648
16aa2003619e2a98f92b04ad23de6853
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules_2.1.19-1.5sarge1_arm.deb

      Size/MD5 checksum: 159558
a2ac42639f3169d322a72946ad9102f3
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-gssapi-heimdal_2.1.19-1.5sarge1_arm.deb

      Size/MD5 checksum: 54000
2b343e405b32e22a62aa78393c1b512e
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-kerberos-heimdal_2.1.19-1.5sarge1_arm.deb

      Size/MD5 checksum: 52874
b478eeba34a49707c6fad085d969e7b0
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-sql_2.1.19-1.5sarge1_arm.deb

      Size/MD5 checksum: 51706
f6db6f3f11bd8dc8ebc222098b477a6d
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/sasl2-bin_2.1.19-1.5sarge1_arm.deb

      Size/MD5 checksum: 112084
1444944cf0446dff17da9e5fa0ef56c3

Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2_2.1.19-1.5sarge1_i386.deb

      Size/MD5 checksum: 259876
e6cc8a7e3239915675309e5008f35ec5
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-dev_2.1.19-1.5sarge1_i386.deb

      Size/MD5 checksum: 246848
f2fbaa545347aed2508037f88a4c8385
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules_2.1.19-1.5sarge1_i386.deb

      Size/MD5 checksum: 156428
ec8ee01062efdfa84743e3bb02cbf00b
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-gssapi-heimdal_2.1.19-1.5sarge1_i386.deb

      Size/MD5 checksum: 53460
30d9172803255a24c1a4878aed1bbf9d
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-kerberos-heimdal_2.1.19-1.5sarge1_i386.deb

      Size/MD5 checksum: 53120
1330bd6ab5dce0296ce7cc7dc4b71aa5
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-sql_2.1.19-1.5sarge1_i386.deb

      Size/MD5 checksum: 52480
2e65f736d78e55fc2339a6d3d7e6043c
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/sasl2-bin_2.1.19-1.5sarge1_i386.deb

      Size/MD5 checksum: 113298
7400189677cd72b56bf906af823ea6b8

Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2_2.1.19-1.5sarge1_ia64.deb

      Size/MD5 checksum: 297716
cc67d33162283258095da9f0865fe831
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-dev_2.1.19-1.5sarge1_ia64.deb

      Size/MD5 checksum: 319142
c4205ec75d76125ea7c8457207d030c0
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules_2.1.19-1.5sarge1_ia64.deb

      Size/MD5 checksum: 242876
109fdc9c9c894bf79ec8cd378013cf8d
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-gssapi-heimdal_2.1.19-1.5sarge1_ia64.deb

      Size/MD5 checksum: 68280
8029fcdb3edc6dd81f3276e9b05c468f
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-kerberos-heimdal_2.1.19-1.5sarge1_ia64.deb

      Size/MD5 checksum: 67812
274b3e33684a5640d7a62b59a8b82d0f
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-sql_2.1.19-1.5sarge1_ia64.deb

      Size/MD5 checksum: 64588
6f842207609383ff9dda5b2e38d3d876
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/sasl2-bin_2.1.19-1.5sarge1_ia64.deb

      Size/MD5 checksum: 148398
2873994829bd42aeb5a09c70a47674a8

HP Precision architecture:

    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2_2.1.19-1.5sarge1_hppa.deb

      Size/MD5 checksum: 273092
a04179c5abd2e520bd89a4c5fa92ab66
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-dev_2.1.19-1.5sarge1_hppa.deb

      Size/MD5 checksum: 276150
d6969caaf5f5779176c18e1506274700
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules_2.1.19-1.5sarge1_hppa.deb

      Size/MD5 checksum: 210004
5c638798cada3e9b628d208f2540b324
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-gssapi-heimdal_2.1.19-1.5sarge1_hppa.deb

      Size/MD5 checksum: 57982
9f63d82d6a4777a2b059180c59186088
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-kerberos-heimdal_2.1.19-1.5sarge1_hppa.deb

      Size/MD5 checksum: 58550
e003bd74957cb63d75699b629ba7c7e8
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-sql_2.1.19-1.5sarge1_hppa.deb

      Size/MD5 checksum: 57712
00b705982c0120c499e2e41907b19686
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/sasl2-bin_2.1.19-1.5sarge1_hppa.deb

      Size/MD5 checksum: 123150
49876b6d9cf76097550f5cb4c9f98929

Motorola 680×0 architecture:

    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2_2.1.19-1.5sarge1_m68k.deb

      Size/MD5 checksum: 253136
8792dba22eff19a881e50fc598591da2
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-dev_2.1.19-1.5sarge1_m68k.deb

      Size/MD5 checksum: 233110
d40c27b5e6e217af4d4f574d4159d269
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules_2.1.19-1.5sarge1_m68k.deb

      Size/MD5 checksum: 136948
127d83955edf6bc6d0021793c51509c9
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-gssapi-heimdal_2.1.19-1.5sarge1_m68k.deb

      Size/MD5 checksum: 49722
1c1ca1cf2fd22e3b978d0873b525f1c6
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-kerberos-heimdal_2.1.19-1.5sarge1_m68k.deb

      Size/MD5 checksum: 49512
a4161f57dcae5367beed0f6ed3c25dae
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-sql_2.1.19-1.5sarge1_m68k.deb

      Size/MD5 checksum: 48492
5f0f98cf3a81760e86a962399ae4d400
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/sasl2-bin_2.1.19-1.5sarge1_m68k.deb

      Size/MD5 checksum: 105356
88d4210937fc6e1cad69ba61d3226692

Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2_2.1.19-1.5sarge1_mips.deb

      Size/MD5 checksum: 260692
6fa8695720aaf000c5a74a1adbf9778a
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-dev_2.1.19-1.5sarge1_mips.deb

      Size/MD5 checksum: 269286
38cd6e18e4d7032d437c6e8c925ece5d
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules_2.1.19-1.5sarge1_mips.deb

      Size/MD5 checksum: 177830
087c0f90f9a70d9dda0e9a7c2471b99b
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-gssapi-heimdal_2.1.19-1.5sarge1_mips.deb

      Size/MD5 checksum: 54234
cd2fb0855c15fcde65e9e294a8976a02
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-kerberos-heimdal_2.1.19-1.5sarge1_mips.deb

      Size/MD5 checksum: 54886
8cfdd62413109cabb844f82236dd7331
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-sql_2.1.19-1.5sarge1_mips.deb

      Size/MD5 checksum: 52196
1fb746ebe9b2bec536b9846b0ddbc33a
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/sasl2-bin_2.1.19-1.5sarge1_mips.deb

      Size/MD5 checksum: 126510
e4c7cf5e55459ff8e932e111b058fa28

Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2_2.1.19-1.5sarge1_mipsel.deb

      Size/MD5 checksum: 260896
6918916804f2d1929b41f036358c290a
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-dev_2.1.19-1.5sarge1_mipsel.deb

      Size/MD5 checksum: 269964
23ee3aad5c0c2ae2f805a79289645283
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules_2.1.19-1.5sarge1_mipsel.deb

      Size/MD5 checksum: 178528
154e370f6faa5240d8c5e2d65c0fa5af
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-gssapi-heimdal_2.1.19-1.5sarge1_mipsel.deb

      Size/MD5 checksum: 54442
d15b320f606ab631bc6ab6f556ddcbf1
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-kerberos-heimdal_2.1.19-1.5sarge1_mipsel.deb

      Size/MD5 checksum: 55226
d7f0ced272892edbb34a13805780a035
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-sql_2.1.19-1.5sarge1_mipsel.deb

      Size/MD5 checksum: 52292
0b8ba7760913edfc221ae7f5935be561
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/sasl2-bin_2.1.19-1.5sarge1_mipsel.deb

      Size/MD5 checksum: 126764
c39c40a4d4f69424764643da39453ac9

PowerPC architecture:

    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2_2.1.19-1.5sarge1_powerpc.deb

      Size/MD5 checksum: 268216
9609635685078bfa80040a0842db0765
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-dev_2.1.19-1.5sarge1_powerpc.deb

      Size/MD5 checksum: 265048
a2c9327865d0ecfc4d579f2bc2f1c89e
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules_2.1.19-1.5sarge1_powerpc.deb

      Size/MD5 checksum: 194576
9942e421d09779f23ae98d005d5ce144
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-gssapi-heimdal_2.1.19-1.5sarge1_powerpc.deb

      Size/MD5 checksum: 56322
c118f3ef8f781722ab7e5d4a3a30a26c
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-kerberos-heimdal_2.1.19-1.5sarge1_powerpc.deb

      Size/MD5 checksum: 56518
97f7e147667728dedafdc93ee3860570
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-sql_2.1.19-1.5sarge1_powerpc.deb

      Size/MD5 checksum: 55410
a52fdbfd7f744bfafc985fea4fcbca4e
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/sasl2-bin_2.1.19-1.5sarge1_powerpc.deb

      Size/MD5 checksum: 122102
b5dfacb789f559c96e768cecfb7d2fb5

IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2_2.1.19-1.5sarge1_s390.deb

      Size/MD5 checksum: 265182
b6019e581e55e876242dd54b55c6627d
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-dev_2.1.19-1.5sarge1_s390.deb

      Size/MD5 checksum: 256402
171101ffa88b88a09b6806012d3521f1
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules_2.1.19-1.5sarge1_s390.deb

      Size/MD5 checksum: 182320
a14b25c0d38b89def63ebad809c64ee9
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-gssapi-heimdal_2.1.19-1.5sarge1_s390.deb

      Size/MD5 checksum: 54808
46d44a75512b8f9e4bee9f62a8dfa2f6
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-kerberos-heimdal_2.1.19-1.5sarge1_s390.deb

      Size/MD5 checksum: 54758
58ea99c844fe806bc097c789799f042d
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-sql_2.1.19-1.5sarge1_s390.deb

      Size/MD5 checksum: 53562
a2cde4aa65d96f74a2cc2b50b829d56f
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/sasl2-bin_2.1.19-1.5sarge1_s390.deb

      Size/MD5 checksum: 116234
39669d2ff5f193e575d84c8a2687cf2c

Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2_2.1.19-1.5sarge1_sparc.deb

      Size/MD5 checksum: 257486
016e71cb127a653139288de65cd60f0f
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-dev_2.1.19-1.5sarge1_sparc.deb

      Size/MD5 checksum: 248480
c1f8b0721ec4d4a46a4ce7626881297c
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules_2.1.19-1.5sarge1_sparc.deb

      Size/MD5 checksum: 148928
1f03dfcfd816ee0ec5fff26437d93120
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-gssapi-heimdal_2.1.19-1.5sarge1_sparc.deb

      Size/MD5 checksum: 50086
0cb3c64557d94ad9a1baf27986fe123e
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-kerberos-heimdal_2.1.19-1.5sarge1_sparc.deb

      Size/MD5 checksum: 50700
16b516a04caa6574fa5d48859af3d71d
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/libsasl2-modules-sql_2.1.19-1.5sarge1_sparc.deb

      Size/MD5 checksum: 50186
7f2d18aa1627d1ef06c956a4236f1f90
    http://security.debian.org/pool/updates/main/c/cyrus-sasl2/sasl2-bin_2.1.19-1.5sarge1_sparc.deb

      Size/MD5 checksum: 111594
373066473523fa54aab6cb36235450da

These files will probably be moved into the stable distribution
on its next update.



Debian Security Advisory DSA 1043-1 [email protected]
http://www.debian.org/security/
Martin Schulze
April 26th, 2006 http://www.debian.org/security/faq


Package : abcmidi
Vulnerability : buffer overflows
Problem type : local (remote)
Debian-specific: no
CVE ID : CVE-2006-1514

Erik Själund discovered that abcmidi-yaps, a translator for
ABC music description files into PostScript, does not check the
boundaries when reading in ABC music files resulting in buffer
overflows.

For the old stable distribution (woody) these problems have been
fixed in version 17-1woody1.

For the stable distribution (sarge) these problems have been
fixed in version 20050101-1sarge1.

For the unstable distribution (sid) these problems will be fixed
soon.

We recommend that you upgrade your abcmidi-yaps package.

Upgrade Instructions


wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody


Source archives:

    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi_17-1woody1.dsc

      Size/MD5 checksum: 583
107476dd4ad487defacfbfd8c3a96afa
    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi_17-1woody1.diff.gz

      Size/MD5 checksum: 16851
4ae528112f985ec0ba35550020beda18
    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi_17.orig.tar.gz

      Size/MD5 checksum: 163596
4f068a14669ad8933666224418390464

Alpha architecture:

    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi_17-1woody1_alpha.deb

      Size/MD5 checksum: 128232
c24867068caacbf84a41b2a9e7fa3c90
    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi-yaps_17-1woody1_alpha.deb

      Size/MD5 checksum: 75578
7409e8157cbde2b3c5ee992c63484ba2

ARM architecture:

    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi_17-1woody1_arm.deb

      Size/MD5 checksum: 101420
89bba26fa994a03b82673a37b2934691
    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi-yaps_17-1woody1_arm.deb

      Size/MD5 checksum: 66524
3d4f68d5cb0c8fe8e0abd5598d2fab8b

Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi_17-1woody1_i386.deb

      Size/MD5 checksum: 96428
17ccb81420aa822130bfefe3a269b011
    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi-yaps_17-1woody1_i386.deb

      Size/MD5 checksum: 62860
d556997bb5b1ade9384a5067c27901af

Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi_17-1woody1_ia64.deb

      Size/MD5 checksum: 156714
e494b5d790b98be710e5e0881421d0fb
    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi-yaps_17-1woody1_ia64.deb

      Size/MD5 checksum: 92746
d55a047620de10bdf6612831724078e7

HP Precision architecture:

    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi_17-1woody1_hppa.deb

      Size/MD5 checksum: 122528
513dcb5d2b61fc6a86bab96f3aa86e93
    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi-yaps_17-1woody1_hppa.deb

      Size/MD5 checksum: 78878
bf7ed13fb36210aefd1ed9a928980bd2

Motorola 680×0 architecture:

    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi_17-1woody1_m68k.deb

      Size/MD5 checksum: 92238
9c92fdcf7c16be04108a331d13483a00
    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi-yaps_17-1woody1_m68k.deb

      Size/MD5 checksum: 57360
d8bc9d12f57494c52af4cf15b2b07c85

Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi_17-1woody1_mips.deb

      Size/MD5 checksum: 125182
8cca3436e0aad25567e991e6a93d760f
    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi-yaps_17-1woody1_mips.deb

      Size/MD5 checksum: 71884
432c145bdb62f4cf743aa4124b4d89d4

Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi_17-1woody1_mipsel.deb

      Size/MD5 checksum: 124430
08213671a9ddaebe7fa858713fb3eb7f
    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi-yaps_17-1woody1_mipsel.deb

      Size/MD5 checksum: 71998
fe477ac117017a3d1bfd743f09d8095a

PowerPC architecture:

    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi_17-1woody1_powerpc.deb

      Size/MD5 checksum: 109436
30b7d3963c8fa8533886f121c3ed9692
    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi-yaps_17-1woody1_powerpc.deb

      Size/MD5 checksum: 68702
20a761960d5961cd8ca3a55767a0d34b

IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi_17-1woody1_s390.deb

      Size/MD5 checksum: 106662
f4d266bbc0d4a2dc29b49e3e8a185985
    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi-yaps_17-1woody1_s390.deb

      Size/MD5 checksum: 63428
27aa8cea376b93d31c6a54fe223ff1de

Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi_17-1woody1_sparc.deb

      Size/MD5 checksum: 116176
1109bc650b0f7acb938d7d6987e85249
    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi-yaps_17-1woody1_sparc.deb

      Size/MD5 checksum: 69802
4df26235ffc4ee56ea8c5e86f5161f5b

Debian GNU/Linux 3.1 alias sarge


Source archives:

    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi_20050101-1sarge1.dsc

      Size/MD5 checksum: 600
74cac04e7657e9ccf68bd67bcf035480
    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi_20050101-1sarge1.diff.gz

      Size/MD5 checksum: 4862
1af2c71fb21d7e0c3f2e60ab8b1d2fc7
    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi_20050101.orig.tar.gz

      Size/MD5 checksum: 258937
fc1c31f21787e9af297bc6f4c6f6c4c9

Alpha architecture:

    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi_20050101-1sarge1_alpha.deb

      Size/MD5 checksum: 210498
8ccc1bb8c6fcc40d63d0192ddf0d859b
    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi-yaps_20050101-1sarge1_alpha.deb

      Size/MD5 checksum: 120276
a6bb198acbdf3ca3f6d87ba265aa04e2

AMD64 architecture:

    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi_20050101-1sarge1_amd64.deb

      Size/MD5 checksum: 191240
c62ad4d06f2bb20c6dbbbd6304ec50d6
    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi-yaps_20050101-1sarge1_amd64.deb

      Size/MD5 checksum: 112368
3758f99ae7b5f42c466c051639ad2da4

ARM architecture:

    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi_20050101-1sarge1_arm.deb

      Size/MD5 checksum: 175272
b6bbac5297bce450d9d425859a3225dc
    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi-yaps_20050101-1sarge1_arm.deb

      Size/MD5 checksum: 108694
3784bb09cf9abbb5284b92fbae6a6a6b

Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi_20050101-1sarge1_i386.deb

      Size/MD5 checksum: 173644
663f6cd1fec90675a43b3d4b1552116b
    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi-yaps_20050101-1sarge1_i386.deb

      Size/MD5 checksum: 107938
41fb3cdba637d5a2a710ecb6672ed62b

Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi_20050101-1sarge1_ia64.deb

      Size/MD5 checksum: 240806
72dd903dc8388fb40a561f6ecf6feb69
    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi-yaps_20050101-1sarge1_ia64.deb

      Size/MD5 checksum: 140168
6553d95fdde031a11b7433296f24c39e

HP Precision architecture:

    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi_20050101-1sarge1_hppa.deb

      Size/MD5 checksum: 198396
5c68cf5d3810a82242a142d10b1fe890
    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi-yaps_20050101-1sarge1_hppa.deb

      Size/MD5 checksum: 118444
305f9b82434fc6ce1e2ab0def0eb126a

Motorola 680×0 architecture:

    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi_20050101-1sarge1_m68k.deb

      Size/MD5 checksum: 159550
146f2de69b6490e777170dcffdd2dc6f
    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi-yaps_20050101-1sarge1_m68k.deb

      Size/MD5 checksum: 98368
1063016a10f14a5be30a72345c5a0253

Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi_20050101-1sarge1_mips.deb

      Size/MD5 checksum: 211522
97878ba78e7b22aaeff4bd8132a0be98
    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi-yaps_20050101-1sarge1_mips.deb

      Size/MD5 checksum: 115374
06f9bc17f963527f2468b0031c319b68

Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi_20050101-1sarge1_mipsel.deb

      Size/MD5 checksum: 210546
4422fdc2847dbac9475860dfdd870d8c
    http://security.debian.org/pool/updates/main/a/abcmidi/abcmidi-yaps_20050101-1sarge1_mipsel.deb

     &nb