Debian GNU/Linux
Debian Security Advisory DSA-1230-1 security@debian.org
http://www.debian.org/security/
Steve Kemp
December 08, 2006
Package : l2tpns (2.0.14-1sarge1)
Vulnerability : buffer overflow
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2006-5873
Debian Bug : 401742
Rhys Kidd discovered a vulnerability in l2tpns, a layer 2
tunnelling protocol network server, which could be triggered by a
remote user to execute arbitary code.
For the stable distribution (sarge), this problem has been fixed
in version 2.0.14-1sarge1.
For the unstable distribution (sid) this problem has been fixed
in version 2.1.21-1
We recommend that you upgrade your l2tpns package.
Upgrade instructions
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian 3.1 (stable)
Stable updates are available for alpha, amd64, arm, hppa, i386,
ia64, m68k, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/l/l2tpns/l2tpns_2.0.14.orig.tar.gz
Size/MD5 checksum: 149672
462bca675b5e27f40f5e5f92918911cb
http://security.debian.org/pool/updates/main/l/l2tpns/l2tpns_2.0.14-1sarge1.diff.gz
Size/MD5 checksum: 2760
21dd07043e996a6deb282ad9318ff523
http://security.debian.org/pool/updates/main/l/l2tpns/l2tpns_2.0.14-1sarge1.dsc
Size/MD5 checksum: 585
16faad913601881770b688f2fc8e8357
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/l/l2tpns/l2tpns_2.0.14-1sarge1_alpha.deb
Size/MD5 checksum: 195906
4d8481e9bf411cd71b3439fba8c65f4d
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/l/l2tpns/l2tpns_2.0.14-1sarge1_amd64.deb
Size/MD5 checksum: 152440
164d2205b4cd8fc99bc4763fb7ac9b38
arm architecture (ARM)
http://security.debian.org/pool/updates/main/l/l2tpns/l2tpns_2.0.14-1sarge1_arm.deb
Size/MD5 checksum: 151706
317794e1cbd89bf03a5276a5e0e6e946
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/l/l2tpns/l2tpns_2.0.14-1sarge1_hppa.deb
Size/MD5 checksum: 169062
80e4b651500315e6cfeae09cbd990cca
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/l/l2tpns/l2tpns_2.0.14-1sarge1_i386.deb
Size/MD5 checksum: 144584
4a447fcc5dae3781f84f21bc8a262937
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/l/l2tpns/l2tpns_2.0.14-1sarge1_ia64.deb
Size/MD5 checksum: 227898
e14fc8e036271566d4a9178e10650ad3
m68k architecture (Motorola Mc680x0)
http://security.debian.org/pool/updates/main/l/l2tpns/l2tpns_2.0.14-1sarge1_m68k.deb
Size/MD5 checksum: 128076
e30c757e00a9914890caeab4da5e364d
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/l/l2tpns/l2tpns_2.0.14-1sarge1_mips.deb
Size/MD5 checksum: 165256
c5eadfb746ff587e557241fcea756011
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/l/l2tpns/l2tpns_2.0.14-1sarge1_mipsel.deb
Size/MD5 checksum: 168406
b11641d83e799878de35512edb09dbfa
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/l/l2tpns/l2tpns_2.0.14-1sarge1_powerpc.deb
Size/MD5 checksum: 168706
9b4038dbfaa5fe14ac7df25857cc0e7f
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/l/l2tpns/l2tpns_2.0.14-1sarge1_s390.deb
Size/MD5 checksum: 155020
d4a196ecf8b13ae8d0830e45571cc29d
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/l/l2tpns/l2tpns_2.0.14-1sarge1_sparc.deb
Size/MD5 checksum: 160188
ab36083d96a6d5ca028d93032eccdec0
These files will probably be moved into the stable distribution
on its next update.
Debian Security Advisory DSA 1231-1 security@debian.org
http://www.debian.org/security/
Moritz Muehlenhoff
December 9th, 2006 http://www.debian.org/security/faq
Package : gnupg
Vulnerability : several
Problem-Type : local(remote)
Debian-specific: no
CVE ID : CVE-2006-6169 CVE-2006-6235
Debian Bug : 401894 401898 401914
Several remote vulnerabilities have been discovered in the GNU
privacy, a free PGP replacement, which may lead to the execution of
arbitrary code. The Common Vulnerabilities and Exposures project
identifies the following problems:
CVE-2006-6169
Werner Koch discovered that a buffer overflow in a sanitising
function may lead to execution of arbitrary code when running gnupg
interactively.
CVE-2006-6235
Tavis Ormandy discovered that parsing a carefully crafted
OpenPGP packet may lead to the execution of arbitrary code, as a
function pointer of an internal structure may be controlled through
the decryption routines.
For the stable distribution (sarge) these problems have been
fixed in version 1.4.1-1.sarge6.
For the upcoming stable distribution (etch) these problems have
been fixed in version 1.4.6-1.
For the unstable distribution (sid) these problems have been
fixed in version 1.4.6-1.
We recommend that you upgrade your gnupg packages.
Upgrade Instructions
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
Source archives:
http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge6.dsc
Size/MD5 checksum: 680
f99d9936fdb3d87b37f719d4f507702a
http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge6.diff.gz
Size/MD5 checksum: 22889
219b13435d4594c530614638590b65d3
http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1.orig.tar.gz
Size/MD5 checksum: 4059170
1cc77c6943baaa711222e954bbd785e5
Alpha architecture:
http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge6_alpha.deb
Size/MD5 checksum: 2156230
950520b2391eb6444593c66a8e96d6c3
AMD64 architecture:
http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge6_amd64.deb
Size/MD5 checksum: 1963738
589ab9ab433e000e919a38f558f54f5e
ARM architecture:
http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge6_arm.deb
Size/MD5 checksum: 1899822
158ed8fe21da9e2b8c730b3b2acce9a8
HP Precision architecture:
http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge6_hppa.deb
Size/MD5 checksum: 2004374
9daff80c38cf65bb299fb5ee370d44d6
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge6_i386.deb
Size/MD5 checksum: 1909194
8752d3578b55a7fd1535bba18ca0770c
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge6_ia64.deb
Size/MD5 checksum: 2325806
38fa7bb8def3d1a296aa6aa3432561a3
Motorola 680×0 architecture:
http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge6_m68k.deb
Size/MD5 checksum: 1811222
f51182d8badb7c2b0ef42b78c71be16d
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge6_mips.deb
Size/MD5 checksum: 2001184
cc087abacd572bed64a2ab191d863946
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge6_mipsel.deb
Size/MD5 checksum: 2007888
c42342dd898361ed9fcee1bdc8edc3e2
PowerPC architecture:
http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge6_powerpc.deb
Size/MD5 checksum: 1958036
ff8ee1d008561ce87732847e895024ec
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge6_s390.deb
Size/MD5 checksum: 1967406
693212d3c1b12bf7f6f204daa0531f6a
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge6_sparc.deb
Size/MD5 checksum: 1897740
3821e5e9e69241324d781fe78ed1ace7
These files will probably be moved into the stable distribution
on its next update.
Debian Security Advisory DSA 1232-1 security@debian.org
http://www.debian.org/security/
Moritz Muehlenhoff
December 9th, 2006 http://www.debian.org/security/faq
Package : clamav
Vulnerability : missing sanity checks
Problem-Type : remote
Debian-specific: no
CVE ID : CVE-2006-5874
Stephen Gran discovered that malformed base64-encoded MIME
attachments can lead to denial of service through a null pointer
dereference.
For the stable distribution (sarge) this problem has been fixed
in version 0.84-2.sarge.12.
For the upcoming stable distribution (etch) this problem has
been fixed in version 0.86-1.
For the unstable distribution (sid) this problem has been fixed
in version 0.86-1.
We recommend that you upgrade your clamav package.
Upgrade Instructions
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
Source archives:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.12.dsc
Size/MD5 checksum: 874
5b916037233c2d9d181ea83f1d42d712
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.12.diff.gz
Size/MD5 checksum: 177238
a782b435ee944e318fc88c4a0cdb67b2
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84.orig.tar.gz
Size/MD5 checksum: 4006624
c43213da01d510faf117daa9a4d5326c
Architecture independent components:
http://security.debian.org/pool/updates/main/c/clamav/clamav-base_0.84-2.sarge.12_all.deb
Size/MD5 checksum: 154928
b32d2d2ece27947abc7b7c6330abf2b1
http://security.debian.org/pool/updates/main/c/clamav/clamav-docs_0.84-2.sarge.12_all.deb
Size/MD5 checksum: 694464
eb184049df134a9006667e6785c24c25
http://security.debian.org/pool/updates/main/c/clamav/clamav-testfiles_0.84-2.sarge.12_all.deb
Size/MD5 checksum: 123944
62365dceb1d3080f1164ce0a972fdf25
Alpha architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.12_alpha.deb
Size/MD5 checksum: 74764
be1106a34f9f141c035e5944b515d698
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.12_alpha.deb
Size/MD5 checksum: 48832
16c19937df6b1e662518667bf0d0ee6f
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.12_alpha.deb
Size/MD5 checksum: 2176478
42c9a257d406924bd2fcac05be372969
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.12_alpha.deb
Size/MD5 checksum: 42112
19cf2cd6d553eba10a02ff592c12c94a
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.12_alpha.deb
Size/MD5 checksum: 255854
038f4ce242d6db3705a8baf832e0e12f
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.12_alpha.deb
Size/MD5 checksum: 285746
c0d001b91c29d95bd53737b2d7b5c547
AMD64 architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.12_amd64.deb
Size/MD5 checksum: 68848
c0e28ed5358d1f5ebff13d61d6eb1eb4
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.12_amd64.deb
Size/MD5 checksum: 44184
c88134266b22681595f3c7ed12334a4f
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.12_amd64.deb
Size/MD5 checksum: 2173274
64577d98f3d80cfc1e6e74ff4d81fcd5
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.12_amd64.deb
Size/MD5 checksum: 39996
b463aded3ec3448e8a577674cc257c31
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.12_amd64.deb
Size/MD5 checksum: 176586
eeb2004aab6cc21d10384e5ca036a87c
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.12_amd64.deb
Size/MD5 checksum: 259932
870f959c30fe9e7bcf48deac7fd6759b
ARM architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.12_arm.deb
Size/MD5 checksum: 63922
29edcdab52e56c2b72af6af97ca0c768
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.12_arm.deb
Size/MD5 checksum: 39584
a8afdb2046b166a1b1f5b8a3e9b82e5e
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.12_arm.deb
Size/MD5 checksum: 2171286
d8537b008fbb7bf022af9c388fd3e4ac
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.12_arm.deb
Size/MD5 checksum: 37322
fd8f26bcf782fefba3c5a0530dcf2ec2
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.12_arm.deb
Size/MD5 checksum: 174942
4e3f425067940ad951c5db80bedb1bde
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.12_arm.deb
Size/MD5 checksum: 249834
941fa21a688be04473a079fca7e8a3b4
HP Precision architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.12_hppa.deb
Size/MD5 checksum: 68282
2fb841851035efd52fefa7e724d590be
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.12_hppa.deb
Size/MD5 checksum: 43280
d3c20fdeb6f4aebaa0dbe8ae90a5d184
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.12_hppa.deb
Size/MD5 checksum: 2173744
4d0ea408992b3b0f96e7d17ff167a729
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.12_hppa.deb
Size/MD5 checksum: 39452
c9c873ee637518fa15725c8490bf09bc
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.12_hppa.deb
Size/MD5 checksum: 202738
457a65fb73cd55814e01dc86fe4e09d8
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.12_hppa.deb
Size/MD5 checksum: 283560
80e6985db13798376fa0bd037180347b
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.12_i386.deb
Size/MD5 checksum: 65210
e77f2ea59853a44c9de70078084818f7
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.12_i386.deb
Size/MD5 checksum: 40316
a6277fe555ed016b66e31a8f12ae5900
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.12_i386.deb
Size/MD5 checksum: 2171600
04bed8cc7a6fce37fadb00e7c3de0158
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.12_i386.deb
Size/MD5 checksum: 38040
8f2f1d793f711032130b79374a3fe92d
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.12_i386.deb
Size/MD5 checksum: 159766
ed10728241f21d9ca16958b69ef2835e
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.12_i386.deb
Size/MD5 checksum: 254628
7a3362570c412ce45fef6af9836dc5a9
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.12_ia64.deb
Size/MD5 checksum: 81826
d6ce185e7548aca1a6d9d5076dd02c62
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.12_ia64.deb
Size/MD5 checksum: 55238
2048e4d1efbd87de9ab0bb0af1aad258
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.12_ia64.deb
Size/MD5 checksum: 2180260
a2609594a563da9abfa754d24417a9c2
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.12_ia64.deb
Size/MD5 checksum: 49194
017e5a956c866dfbf3fb25ac9ae9af92
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.12_ia64.deb
Size/MD5 checksum: 252232
beb80dffdfc1bc355437f40b4694d783
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.12_ia64.deb
Size/MD5 checksum: 317956
006317c527eac48b0328d53dab68863f
Motorola 680×0 architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.12_m68k.deb
Size/MD5 checksum: 62522
7cbb98367bf49fcaaa4e17d740353fa1
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.12_m68k.deb
Size/MD5 checksum: 38214
23b7e1072c74ead32b3c4de2732d90a6
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.12_m68k.deb
Size/MD5 checksum: 2170512
24a34375e8aa0391b57695751778563c
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.12_m68k.deb
Size/MD5 checksum: 35076
0a65ea328e6f2a9b6682dd5124dea45d
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.12_m68k.deb
Size/MD5 checksum: 146374
257c0624826096b041dadfc21a722244
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.12_m68k.deb
Size/MD5 checksum: 250616
6e80c1cf4c8bb7289e277c74d415e187
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.12_mips.deb
Size/MD5 checksum: 67954
d241687159539050660a0b26e65ce420
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.12_mips.deb
Size/MD5 checksum: 43788
464b8562f10bcb127cebd37192daaac9
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.12_mips.deb
Size/MD5 checksum: 2173044
97ebd82f119d09500a4ff5ccd8c21cef
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.12_mips.deb
Size/MD5 checksum: 37672
f39f4ff08d44f7e7994faf23b439af96
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.12_mips.deb
Size/MD5 checksum: 195606
a206da343265cb7e8c780544036bd491
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.12_mips.deb
Size/MD5 checksum: 257714
3d81be01bbdb7c0d48b4c97c8657c112
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.12_mipsel.deb
Size/MD5 checksum: 67560
589421e196e11eb3536a2a8874af7d71
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.12_mipsel.deb
Size/MD5 checksum: 43588
4822a893c5c7f476b9991ed8ff9930e1
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.12_mipsel.deb
Size/MD5 checksum: 2173000
05c596728ad5d423d841522e5957e6e8
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.12_mipsel.deb
Size/MD5 checksum: 37962
432ecd8c78aaa8ce80cd385ad5a4f0d8
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.12_mipsel.deb
Size/MD5 checksum: 192076
77ab2250c971bb5f2a787cf904dc1176
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.12_mipsel.deb
Size/MD5 checksum: 255302
b2806442ee7af4103edec95f86ed4bec
PowerPC architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.12_powerpc.deb
Size/MD5 checksum: 69294
f737048437ce5bfc2843d757005bf902
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.12_powerpc.deb
Size/MD5 checksum: 44670
fc9c04bd42f2b377c85e1ca40c2889ba
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.12_powerpc.deb
Size/MD5 checksum: 2173674
a4b694e07e459765d2ba80471b83ef28
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.12_powerpc.deb
Size/MD5 checksum: 38876
0af124304eac3624be255d4e92dbc32b
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.12_powerpc.deb
Size/MD5 checksum: 187746
7b632f5ce2a16725010d83847031c992
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.12_powerpc.deb
Size/MD5 checksum: 265086
a81c89ca24d3fba3204278ec33ee3f2e
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.12_s390.deb
Size/MD5 checksum: 67892
9c6d6f8d31cfe729b0f14dc91f0111ed
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.12_s390.deb
Size/MD5 checksum: 43564
8f0b63348907e2a45b905c6c631a53a4
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.12_s390.deb
Size/MD5 checksum: 2172966
ac148963f872e961a99bda672d38bde4
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.12_s390.deb
Size/MD5 checksum: 38910
f9bc46b646faacf26f825aac7afd35f5
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.12_s390.deb
Size/MD5 checksum: 182718
cdce561be2f6cb23b1b29d834b2abac7
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.12_s390.deb
Size/MD5 checksum: 269694
168fdcd3e7231fac67facaffdbd30744
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.12_sparc.deb
Size/MD5 checksum: 64428
fc678da4d6ff9a60f1d0118857025c34
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.12_sparc.deb
Size/MD5 checksum: 39472
59309047f49d149d61dcaa64a7c1d261
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.12_sparc.deb
Size/MD5 checksum: 2171188
793f229374c70ed9f945effccaf4e18e
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.12_sparc.deb
Size/MD5 checksum: 36854
24fa5876984aa5e633781edf408dcda1
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.12_sparc.deb
Size/MD5 checksum: 175978
2fb86e8253a0f9a3da3bf1101f70168e
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.12_sparc.deb
Size/MD5 checksum: 265034
2a31297ba3c110c4398c1dd09377e24e
These files will probably be moved into the stable distribution
on its next update.
Debian Security Advisory DSA 1233-1 security@debian.org
http://www.debian.org/security/
Dann Frazier
v December 10th, 2006 http://www.debian.org/security/faq
Package : kernel-source-2.6.8
Vulnerability : several
Problem-Type : local/remote
Debian-specific: no
CVE ID : CVE-2006-3741 CVE-2006-4538 CVE-2006-4813 CVE-2006-4997
CVE-2006-5174 CVE-2006-5619 CVE-2006-5649 CVE-2006-5751
CVE-2006-5871
Several local and remote vulnerabilities have been discovered in
the Linux kernel that may lead to a denial of service or the
execution of arbitrary code. The Common Vulnerabilities and
Exposures project identifies the following problems:
CVE-2006-3741
Stephane Eranian discovered a local DoS (Denial of Service)
vulnerability on the ia64 architecture. A local user could exhaust
the available file descriptors by exploiting a counting error in
the permonctl() system call.
CVE-2006-4538
Kirill Korotaev reported a local DoS (Denial of Service)
vulnerability on the ia64 and sparc architectures. A user could
cause the system to crash by executing a malformed ELF binary due
to insufficient verification of the memory layout.
CVE-2006-4813
Dmitriy Monakhov reported a potential memory leak in the
__block_prepare_write function. __block_prepare_write does not
properly sanitize kernel buffers during error recovery, which could
be exploited by local users to gain access to sensitive kernel
memory.
CVE-2006-4997
ADLab Venustech Info Ltd reported a potential remote DoS (Denial
of Service) vulnerability in the IP over ATM subsystem. A remote
system could cause the system to crash by sending specially crafted
packets that would trigger an attempt to free an already-freed
pointer resulting in a system crash.
CVE-2006-5174
Martin Schwidefsky reported a potential leak of sensitive
information on s390 systems. The copy_from_user function did not
clear the remaining bytes of the kernel buffer after receiving a
fault on the userspace address, resulting in a leak of
uninitialized kernel memory. A local user could exploit this by
appending to a file from a bad address.
CVE-2006-5619
James Morris reported a potential local DoS (Denial of Service)
vulnerability that could be used to hang or oops a system. The
seqfile handling for /proc/net/ip6_flowlabel has a flaw that can be
exploited to cause an infinite loop by reading this file after
creating a flowlabel.
CVE-2006-5649
Fabio Massimo Di Nitto reported a potential remote DoS (Denial
of Service) vulnerability on powerpc systems. The alignment
exception only checked the exception table for -EFAULT, not for
other errors. This can be exploited by a local user to cause a
system crash (panic).
CVE-2006-5751
Eugene Teo reported a vulnerability in the get_fdb_entries
function that could potentially be exploited to allow arbitrary
code execution with escalated priveleges.
CVE-2006-5871
Bill Allombert reported that various mount options are ignored
by smbfs when UNIX extensions are enabled. This includes the uid,
gid and mode options. Client systems would silently use the
server-provided settings instead of honoring these options,
changing the security model. This update includes a fix from
Haroldo Gamal that forces the kernel to honor these mount options.
Note that, since the current versions of smbmount always pass
values for these options to the kernel, it is not currently
possible to activate unix extensions by omitting mount options.
However, this behavior is currently consistent with the current
behavior of the next Debian release, ‘etch’.
The following matrix explains which kernel version for which
architecture fix the problems mentioned above:
Debian 3.1 (sarge) | |
Source | 2.6.8-16sarge6 |
Alpha architecture | 2.6.8-16sarge6 |
AMD64 architecture | 2.6.8-16sarge6 |
HP Precision architecture | 2.6.8-6sarge6 |
Intel IA-32 architecture | 2.6.8-16sarge6 |
Intel IA-64 architecture | 2.6.8-14sarge6 |
Motorola 680×0 architecture | 2.6.8-4sarge6 |
PowerPC architecture | 2.6.8-12sarge6 |
IBM S/390 architecture | 2.6.8-5sarge6 |
Sun Sparc architecture | 2.6.8-15sarge6 |
The following matrix lists additional packages that were rebuilt
for compatibility with or to take advantage of this update:
Debian 3.1 (sarge) | |
fai-kernels | 1.9.1sarge5 |
We recommend that you upgrade your kernel package immediately
and reboot the machine. If you have built a custom kernel from the
kernel source package, you will need to rebuild to take advantage
of these fixes.
Upgrade Instructions
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
Source archives:
http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.9.1sarge5.dsc
Size/MD5 checksum: 621
011ee5100e419cb2f0c7bc1cc30ac84a
http://security.debian.org/pool/updates/main/f/fai-kernels/fai-kernels_1.9.1sarge5.tar.gz
Size/MD5 checksum: 29571
d148029e7fe13f42ab21c5eb43de8204
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-alpha_2.6.8-16sarge6.dsc
Size/MD5 checksum: 812
f693cfc9f2cd655d084ca005326c126e
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-alpha_2.6.8-16sarge6.tar.gz
Size/MD5 checksum: 40661
4e5045c3579ad31ff3ef6bc7c37bd292
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-amd64_2.6.8-16sarge6.dsc
Size/MD5 checksum: 1103
5f1ba98eda946487e954612202ebfd08
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-amd64_2.6.8-16sarge6.tar.gz
Size/MD5 checksum: 78113
c5a97681365085c2fe8e0434f87a99df
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-hppa_2.6.8-6sarge6.dsc
Size/MD5 checksum: 1013
a992f3eea9565bbad701e8b7b9de901e
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-hppa/kernel-image-2.6.8-hppa_2.6.8-6sarge6.tar.gz
Size/MD5 checksum: 69167
1eb1a08a3677ac93c3f2b881a6372830
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-i386_2.6.8-16sarge6.dsc
Size/MD5 checksum: 1047
371bc0e772a2de1e60d7c147779ee493
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-i386_2.6.8-16sarge6.tar.gz
Size/MD5 checksum: 92372
5bf576e9a0de27e48c54086ab65f6496
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-ia64_2.6.8-14sarge6.dsc
Size/MD5 checksum: 1191
a89cdab675fdfc739b3e7e45b79a8e79
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-ia64_2.6.8-14sarge6.tar.gz
Size/MD5 checksum: 65823
c026a5b58cd2126f7a5b7b49cd6871d0
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-m68k_2.6.8-4sarge6.dsc
Size/MD5 checksum: 874
e0b1a23eb96c7f518d5f6ebbf55de163
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-m68k/kernel-image-2.6.8-m68k_2.6.8-4sarge6.tar.gz
Size/MD5 checksum: 19011
ec0effc4a6dc039914338c10ef487de9
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-s390_2.6.8-5sarge6.dsc
Size/MD5 checksum: 846
359e3d309b037d46ea347dfa221b06fc
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-image-2.6.8-s390_2.6.8-5sarge6.tar.gz
Size/MD5 checksum: 14602
b9fade60d70a3149dfb975f46fa24876
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-sparc_2.6.8-15sarge6.dsc
Size/MD5 checksum: 1036
12556f5dfc700f91c58312c425df72e6
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-sparc_2.6.8-15sarge6.tar.gz
Size/MD5 checksum: 28517
d07e30138d6fb6f17664baaba77c2ac5
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-patch-powerpc-2.6.8_2.6.8-12sarge6.dsc
Size/MD5 checksum: 1072
30e4b72b36b22e307d597dcb3d4d20e5
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-patch-powerpc-2.6.8_2.6.8-12sarge6.tar.gz
Size/MD5 checksum: 28554
0022914d14f9ea691ac35d79b3cc1bb7
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-16sarge6.dsc
Size/MD5 checksum: 1002
9e5b12cb1d4c98cddc88e5c36bf7d951
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-16sarge6.diff.gz
Size/MD5 checksum: 1067572
1d83d174a3b2f5e6b03bcbf53c4d877f
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8.orig.tar.gz
Size/MD5 checksum: 43929719
0393c05ffa4770c3c5178b74dc7a4282
Architecture independent components:
Size/MD5 checksum: 6192778
9c16bf9ab5f0ecf6551812f3e0e693ac
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-patch-debian-2.6.8_2.6.8-16sarge6_all.deb
Size/MD5 checksum: 1116726
3156984be3fc859f717a4253bd0ea462
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-16sarge6_all.deb
Size/MD5 checksum: 34943318
4b4ecbf67cb066043d0d9447b5238d28
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-tree-2.6.8_2.6.8-16sarge6_all.deb
Size/MD5 checksum: 36670
67ed3f0138673fdf06494239a3531972
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-s390/kernel-patch-2.6.8-s390_2.6.8-5sarge6_all.deb
Size/MD5 checksum: 12640
482b528f209c1c2cae844c28d6b18ae3
Alpha architecture:
Size/MD5 checksum: 2761698
83f1d28bc308bc26af3d17abacfdd30f
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-3-generic_2.6.8-16sarge6_alpha.deb
Size/MD5 checksum: 233604
4043f87dd5ae9112e28a72094bea4a86
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-headers-2.6.8-3-smp_2.6.8-16sarge6_alpha.deb
Size/MD5 checksum: 228886
02018d26ea8bfd1e0b8af7580ba05113
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-3-generic_2.6.8-16sarge6_alpha.deb
Size/MD5 checksum: 20237958
816d6775108cf3e9515b5605849d3051
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-3-smp_2.6.8-16sarge6_alpha.deb
Size/MD5 checksum: 20097652
e66a50b7968d11f9a1951d544134ebd0
AMD64 architecture:
Size/MD5 checksum: 2724402
87e94eebbe634daa042e7b62a49b8aab
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-12-amd64-generic_2.6.8-16sarge6_amd64.deb
Size/MD5 checksum: 227732
e29cc25197c45b2cee30c7f1a957716f
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-headers-2.6.8-12-amd64-k8_2.6.8-16sarge6_amd64.de