Debian GNU/Linux
Debian Security Advisory DSA 1109-1 security@debian.org
http://www.debian.org/security/
Moritz Muehlenhoff
July 16th, 2006 http://www.debian.org/security/faq
Package : rssh
Vulnerability : programming error
Problem-Type : remote
Debian-specific: no
CVE ID : CVE-2006-1320
Debian Bug : 346322
Russ Allbery discovered that rssh, a restricted shell, performs
insufficient checking of incoming commands, which might lead to a
bypass of access restrictions.
For the stable distribution (sarge) this problem has been fixed
in version 2.2.3-1.sarge.2.
For the unstable distribution (sid) this problem has been fixed
in version 2.3.0-1.1.
We recommend that you upgrade your rssh package.
Upgrade Instructions
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
Source archives:
http://security.debian.org/pool/updates/main/r/rssh/rssh_2.2.3-1.sarge.2.dsc
Size/MD5 checksum: 589
a8ccbaa1d14d0aa30b3eb0bb1aefd4e5
http://security.debian.org/pool/updates/main/r/rssh/rssh_2.2.3-1.sarge.2.diff.gz
Size/MD5 checksum: 52207
00e3ad8c7944ed55e1316e414ab3d388
http://security.debian.org/pool/updates/main/r/rssh/rssh_2.2.3.orig.tar.gz
Size/MD5 checksum: 107216
74f40a4fd5d2b097af34a817e21a33cf
Alpha architecture:
http://security.debian.org/pool/updates/main/r/rssh/rssh_2.2.3-1.sarge.2_alpha.deb
Size/MD5 checksum: 48782
0388514b947030f42219c9a615527dd9
AMD64 architecture:
http://security.debian.org/pool/updates/main/r/rssh/rssh_2.2.3-1.sarge.2_amd64.deb
Size/MD5 checksum: 44472
021a58e5c2591e2a15e4f1804816aa7b
ARM architecture:
http://security.debian.org/pool/updates/main/r/rssh/rssh_2.2.3-1.sarge.2_arm.deb
Size/MD5 checksum: 41974
98eb40b5011e7868b02edfc07591f005
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/r/rssh/rssh_2.2.3-1.sarge.2_i386.deb
Size/MD5 checksum: 42596
7236c31d25f8b4cbbb8894112aa585aa
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/r/rssh/rssh_2.2.3-1.sarge.2_ia64.deb
Size/MD5 checksum: 55530
9c61a904a78c4c6d93763cdb73f9c009
HP Precision architecture:
http://security.debian.org/pool/updates/main/r/rssh/rssh_2.2.3-1.sarge.2_hppa.deb
Size/MD5 checksum: 44098
334ae1019286051be323bf6994d51c99
Motorola 680×0 architecture:
http://security.debian.org/pool/updates/main/r/rssh/rssh_2.2.3-1.sarge.2_m68k.deb
Size/MD5 checksum: 41522
0efafd5a441d6d392d1a2490bfb2dcc4
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/r/rssh/rssh_2.2.3-1.sarge.2_mips.deb
Size/MD5 checksum: 49520
7126170731d1b5ad12d7afb6d68c16b7
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/r/rssh/rssh_2.2.3-1.sarge.2_mipsel.deb
Size/MD5 checksum: 49546
7d8859c87eeb09f3b2502cfbed3c3f66
PowerPC architecture:
http://security.debian.org/pool/updates/main/r/rssh/rssh_2.2.3-1.sarge.2_powerpc.deb
Size/MD5 checksum: 42936
f68184985e1ec6c27518ac74404afbec
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/r/rssh/rssh_2.2.3-1.sarge.2_s390.deb
Size/MD5 checksum: 42596
29243bae45e1dca2c07ca609617c0bfa
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/r/rssh/rssh_2.2.3-1.sarge.2_sparc.deb
Size/MD5 checksum: 42532
59db16aa282bc182f79418fdd99341c0
These files will probably be moved into the stable distribution
on its next update.
Debian Security Advisory DSA 1110-1 security@debian.org
http://www.debian.org/security/
Moritz Muehlenhoff
July 16th, 2006 http://www.debian.org/security/faq
Package : samba
Vulnerability : missing input sanitising
Problem-Type : remote
Debian-specific: no
CVE ID : CVE-2006-3403
Gerald Carter discovered that the smbd daemon from Samba, a free
implementation of the SMB/CIFS protocol, imposes insufficient
limits in the code to handle shared connections, which can be
exploited to exhaust system memory by sending maliciously crafted
requests, leading to denial of service.
For the stable distribution (sarge) this problem has been fixed
in version 3.0.14a-3sarge2.
For the unstable distribution (sid) this problem will be fixed
soon.
We recommend that you upgrade your samba package.
Upgrade Instructions
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
Source archives:
http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge2.dsc
Size/MD5 checksum: 1081
228209482ce7dcac4555cf01ad5accd8
http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge2.diff.gz
Size/MD5 checksum: 113550
e67c59189e5392bf968a09b3e63aa43f
http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a.orig.tar.gz
Size/MD5 checksum: 15605851
ebee37e66a8b5f6fd328967dc09088e8
Architecture independent components:
http://security.debian.org/pool/updates/main/s/samba/samba-doc_3.0.14a-3sarge2_all.deb
Size/MD5 checksum: 12116952
608638d037d8a05c239f3c70895859cb
Alpha architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge2_alpha.deb
Size/MD5 checksum: 400918
852fc85f08e4ff63839d1b4bd0008fd4
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge2_alpha.deb
Size/MD5 checksum: 658976
a2f7e86a86ebe74c54b6bb727db9b3e4
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge2_alpha.deb
Size/MD5 checksum: 1013504
6afc19c9e57b590fb09dea414cafe08a
http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge2_alpha.deb
Size/MD5 checksum: 5231692
888f7bd021e8a21f726c2c3fe01adb47
http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge2_alpha.deb
Size/MD5 checksum: 3125638
71a82dbbb4ef5029bd82be7a13788f92
http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge2_alpha.deb
Size/MD5 checksum: 2407250
acd9a61f6870885319c8adda0e79c1f5
http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge2_alpha.deb
Size/MD5 checksum: 20255462
3b681c348c574fc10acc32dcc5a6bb43
http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge2_alpha.deb
Size/MD5 checksum: 3249320
97c3ecf25d8e9842015d76609375bd9e
http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge2_alpha.deb
Size/MD5 checksum: 458262
ce8892211dea63f3818eef16a6249695
http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge2_alpha.deb
Size/MD5 checksum: 4208926
f404643bcd0e7bebe0b97f95dbcf11d7
http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge2_alpha.deb
Size/MD5 checksum: 1821200
9d04569a90d1fa3f57b4f4e58dbb6eb8
AMD64 architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge2_amd64.deb
Size/MD5 checksum: 380658
6089628ccb0a8f91b2e54d40e82a2f1e
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge2_amd64.deb
Size/MD5 checksum: 599178
a0a004d08f13cc346d627c24a308fd12
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge2_amd64.deb
Size/MD5 checksum: 794994
fafa89b19c13207c331994c307e4df60
http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge2_amd64.deb
Size/MD5 checksum: 5197634
a8df0f079437b988a4e7c1118e355e40
http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge2_amd64.deb
Size/MD5 checksum: 2806504
dece478b364af2f17976d8300a7d1f7b
http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge2_amd64.deb
Size/MD5 checksum: 2192376
a76155737241f77529b52befc234f191
http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge2_amd64.deb
Size/MD5 checksum: 6480526
b78909efe789289753d28b78bea98df2
http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge2_amd64.deb
Size/MD5 checksum: 2864878
dea1791f6efe210df3001576d1464138
http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge2_amd64.deb
Size/MD5 checksum: 410010
58a1f1bd47877454883dfe8cec9ec926
http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge2_amd64.deb
Size/MD5 checksum: 4121796
4161904fa80702158be375497bb66ba1
http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge2_amd64.deb
Size/MD5 checksum: 1649614
52d62c2c0b5b6de97d4371e0b8847e81
ARM architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge2_arm.deb
Size/MD5 checksum: 340852
eb775ed696d71bf2a864e08ae8386c9a
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge2_arm.deb
Size/MD5 checksum: 544220
03ca4bef2fe35ccfae1c79db0591bc18
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge2_arm.deb
Size/MD5 checksum: 822150
04e9f32488696bd89d766074128f5fb7
http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge2_arm.deb
Size/MD5 checksum: 4644590
75b69ac60a0ba851c1c5fb424cb1985b
http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge2_arm.deb
Size/MD5 checksum: 2556172
13f91637bcb3213f27df469fefe221b5
http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge2_arm.deb
Size/MD5 checksum: 2008514
d662f9b3dde4fe359dd8ea9fde868e82
http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge2_arm.deb
Size/MD5 checksum: 6654354
72907a5842606569499ed0d2b407822a
http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge2_arm.deb
Size/MD5 checksum: 2595458
995dffb36fe7f70d86cbc0b8cf290e1b
http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge2_arm.deb
Size/MD5 checksum: 375374
9849b230af610bc2248a064be6b062de
http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge2_arm.deb
Size/MD5 checksum: 4063548
4286264d2d9abe9d2449ad3d881d16b1
http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge2_arm.deb
Size/MD5 checksum: 1482218
00834fa3ed6a8ec2907231bb86ebfd5b
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge2_i386.deb
Size/MD5 checksum: 346572
31e84bc9bfed19228ac0099579573c1d
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge2_i386.deb
Size/MD5 checksum: 548542
afce1f6147b0b292c0686c02af7c9836
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge2_i386.deb
Size/MD5 checksum: 736496
25f6c6fc37e0751e2ca600a8b714b5b3
http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge2_i386.deb
Size/MD5 checksum: 4740562
b27084883241b9993ebe7082800f6ab2
http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge2_i386.deb
Size/MD5 checksum: 2514472
ad60a2b42e93202d5d0581be63a32b9f
http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge2_i386.deb
Size/MD5 checksum: 1983672
0d48f6cdf53e74bf890d764c4bc5198c
http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge2_i386.deb
Size/MD5 checksum: 6590700
1431e3b3d8226ec1d0eb047ec6935e98
http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge2_i386.deb
Size/MD5 checksum: 2528838
158b542984366361d0c37642820a04bb
http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge2_i386.deb
Size/MD5 checksum: 370000
0f46a22668a6d18a9af7c9b8fa70ee51
http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge2_i386.deb
Size/MD5 checksum: 4052526
588824ddf752d13c994ff18df54380bd
http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge2_i386.deb
Size/MD5 checksum: 1459782
a1ea9a665172a6fd7b76aef952ebf8fb
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge2_ia64.deb
Size/MD5 checksum: 472318
385a165554819c05836d64c8176158fb
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge2_ia64.deb
Size/MD5 checksum: 753816
227368ecb40bda106944a488c814fbcb
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge2_ia64.deb
Size/MD5 checksum: 1034568
9141077269b90c88d0dbe8cec6406b77
http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge2_ia64.deb
Size/MD5 checksum: 6619312
6aa4f763d5b4671f816efc1ca8370f23
http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge2_ia64.deb
Size/MD5 checksum: 3813420
153637549fb1df5d4d8e68e9a1113225
http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge2_ia64.deb
Size/MD5 checksum: 2850344
183db0d9c68a98bb48fbb3df547c8b9b
http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge2_ia64.deb
Size/MD5 checksum: 674256
2e832a72821e496658a8428267e4511d
http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge2_ia64.deb
Size/MD5 checksum: 3920730
3e9c83ed8f819060e673ce88fadf0cb1
http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge2_ia64.deb
Size/MD5 checksum: 547032
2b253de1c2576b645aadd5558af59718
http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge2_ia64.deb
Size/MD5 checksum: 4361378
b249ad148caef201e0c79b87927d805b
http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge2_ia64.deb
Size/MD5 checksum: 2210656
b42d5e11c34f8508d754c879a1bcae3f
HP Precision architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge2_hppa.deb
Size/MD5 checksum: 403318
d35dbec6170147cfcd97ff2d6c34fda6
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge2_hppa.deb
Size/MD5 checksum: 643206
15563a27917582002e5d833fa1c88c33
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge2_hppa.deb
Size/MD5 checksum: 893816
c601f379423e1b5427a7e33805a50850
http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge2_hppa.deb
Size/MD5 checksum: 5548592
695e1660029bc16c85625c5424a4b975
http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge2_hppa.deb
Size/MD5 checksum: 2862386
bf140bc989b0dc315e59f3e5ece5c695
http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge2_hppa.deb
Size/MD5 checksum: 2213078
2327685dedfc7e6af4e750d6132c8e3d
http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge2_hppa.deb
Size/MD5 checksum: 6461584
4df39667311665026081a3495aaa7ef9
http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge2_hppa.deb
Size/MD5 checksum: 2913000
5b71911c495a4221f60264a8b669d837
http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge2_hppa.deb
Size/MD5 checksum: 416272
6317995f536010b98d2ad22c25e4c2c6
http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge2_hppa.deb
Size/MD5 checksum: 4133896
d9948e4dbaf3c9d0ec6a8e941ad2be2c
http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge2_hppa.deb
Size/MD5 checksum: 1689264
687056df597c39cd9047c5d49994a663
Motorola 680×0 architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge2_m68k.deb
Size/MD5 checksum: 328958
a0ec99f5e41fe16cd37b94dc387fd9f4
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge2_m68k.deb
Size/MD5 checksum: 519064
a3f71819baa191083e26346db7dcf4b5
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge2_m68k.deb
Size/MD5 checksum: 655030
5f2437b8f5009757e74b0ca77d0af82e
http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge2_m68k.deb
Size/MD5 checksum: 4533394
23196b797b2fd65f447078e0d5eddab0
http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge2_m68k.deb
Size/MD5 checksum: 2212368
6ff6be53825b382fd07ea39c4c2991ea
http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge2_m68k.deb
Size/MD5 checksum: 1778020
da382dfa9a4c170650f26b6322305a5e
http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge2_m68k.deb
Size/MD5 checksum: 6223478
103f34a372074f99b29cb6583cdcb6be
http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge2_m68k.deb
Size/MD5 checksum: 2228662
0d91206dba0ea500614fc73521d85195
http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge2_m68k.deb
Size/MD5 checksum: 333468
d6035ca16b5b20d732847340f6b4a8a7
http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge2_m68k.deb
Size/MD5 checksum: 3970444
4d443f6ee9ba2c592bcc3d306dab079c
http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge2_m68k.deb
Size/MD5 checksum: 1310298
7bc4ab658988648b1c1cc2c5368124c2
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge2_mips.deb
Size/MD5 checksum: 356048
0ec87e6a38c9840bb4acb2f8389f6c60
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge2_mips.deb
Size/MD5 checksum: 555362
341b70c7c189833f65b47e00b52f1c1c
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge2_mips.deb
Size/MD5 checksum: 820632
bfcdfb3efefb72e849ea9df194615bef
http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge2_mips.deb
Size/MD5 checksum: 4665250
e035f6790f43246f36c56894b4f40176
http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge2_mips.deb
Size/MD5 checksum: 2775088
c9fba09f74a5e4b7e10801489551c337
http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge2_mips.deb
Size/MD5 checksum: 2154964
72153064df634500804a71e85c880d75
http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge2_mips.deb
Size/MD5 checksum: 6759884
a0c1a2969d67aa9e9b752c8ebef8e40d
http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge2_mips.deb
Size/MD5 checksum: 2821300
f6bb5f9d7fb968e9148bf05abfdb2290
http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge2_mips.deb
Size/MD5 checksum: 411716
5e2f768ed006c91568ecf9d4d38d5f0a
http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge2_mips.deb
Size/MD5 checksum: 4104042
30ae5abceadfbb2ef8db9fe2d09f5a29
http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge2_mips.deb
Size/MD5 checksum: 1603590
cd8d2bd174f3e0fc3a1375469ab822cf
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge2_mipsel.deb
Size/MD5 checksum: 354928
d9684a30bb451bd7263ffa35854e85b6
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge2_mipsel.deb
Size/MD5 checksum: 553110
6cb3f8342d60314ff7844bee5d96b321
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge2_mipsel.deb
Size/MD5 checksum: 812272
8c34889caffb4798aad6737cb5744e82
http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge2_mipsel.deb
Size/MD5 checksum: 4650594
c2b0a934db7ee76398c58b8033a3d253
http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge2_mipsel.deb
Size/MD5 checksum: 2776104
a849991d021bae04ab147fbea1480ec3
http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge2_mipsel.deb
Size/MD5 checksum: 2151798
688269491d565d7b3ab6aee567e44439
http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge2_mipsel.deb
Size/MD5 checksum: 6573420
3c54698380e16e7516f0bd461eb08570
http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge2_mipsel.deb
Size/MD5 checksum: 2816450
66eb1db3216073ebeff64e94c6dcb346
http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge2_mipsel.deb
Size/MD5 checksum: 410558
bbf090442aafbc3992037737ab89a831
http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge2_mipsel.deb
Size/MD5 checksum: 4102530
82baabe604497a82bfb4e977fb4e2e01
http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge2_mipsel.deb
Size/MD5 checksum: 1601286
e09d23096cb468d88f1f496e31aa429b
PowerPC architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge2_powerpc.deb
Size/MD5 checksum: 367664
1e40365846fada575689d99562cb0184
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge2_powerpc.deb
Size/MD5 checksum: 590810
9b1bb98709bfb747c5e9197c523df90f
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge2_powerpc.deb
Size/MD5 checksum: 736464
1d8effb449d41e6d806665bc2c3f4819
http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge2_powerpc.deb
Size/MD5 checksum: 5009294
dc691e5fbf2bbce1aaa695f252babec4
http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge2_powerpc.deb
Size/MD5 checksum: 2771790
7e50dd86689342c16e3f37bcb8aa4901
http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge2_powerpc.deb
Size/MD5 checksum: 2153632
4f09423d91f89c2c3cee11dd2ab04d73
http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge2_powerpc.deb
Size/MD5 checksum: 6855374
a10c211192a4a4b36344ce847edf7a46
http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge2_powerpc.deb
Size/MD5 checksum: 2824120
80d93c353292c3844823319a412d7ace
http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge2_powerpc.deb
Size/MD5 checksum: 406166
8b1f63a9e51b78e6640398aa481acbab
http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge2_powerpc.deb
Size/MD5 checksum: 4112048
2b8da6d7c63c292490e87ca824da279a
http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge2_powerpc.deb
Size/MD5 checksum: 1612260
efc37671c3b75ef897643af0325e7b2f
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge2_s390.deb
Size/MD5 checksum: 385426
f41fa70a53200bcf1a17458a3ae931f4
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge2_s390.deb
Size/MD5 checksum: 603514
b3e04e873310500477539a1b10c582a7
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge2_s390.deb
Size/MD5 checksum: 796152
0c2531601f57aa5f8c0e14488edf5612
http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge2_s390.deb
Size/MD5 checksum: 5282522
30153dc5a798094bedec8d9fe18a4feb
http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge2_s390.deb
Size/MD5 checksum: 2723168
e85981c8fed6e80d62330fa97681c49f
http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge2_s390.deb
Size/MD5 checksum: 2122320
0746503c40729997c7a8fcb00a4cf593
http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge2_s390.deb
Size/MD5 checksum: 6831912
917d1ab96f5f831eda20bb395ee37988
http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge2_s390.deb
Size/MD5 checksum: 2773008
7b282a8a1cbf13099462e2dc14ce4ed5
http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge2_s390.deb
Size/MD5 checksum: 404050
edd870452f9494c1d7b19da727a519e8
http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge2_s390.deb
Size/MD5 checksum: 4091850
7614eeddcbbef8aa708b5f77ea6f5e7e
http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge2_s390.deb
Size/MD5 checksum: 1613004
1fd09e96a3f44302d1572eb0caaca69d
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/s/samba/libpam-smbpass_3.0.14a-3sarge2_sparc.deb
Size/MD5 checksum: 355346
89428c09223531e7f8cc945dc9c13a07
http://security.debian.org/pool/updates/main/s/samba/libsmbclient_3.0.14a-3sarge2_sparc.deb
Size/MD5 checksum: 560772
56c2c1805517d821f7f085fca0c5c06a
http://security.debian.org/pool/updates/main/s/samba/libsmbclient-dev_3.0.14a-3sarge2_sparc.deb
Size/MD5 checksum: 795102
6e19608711d27da59e209f48e5240e4c
http://security.debian.org/pool/updates/main/s/samba/python2.3-samba_3.0.14a-3sarge2_sparc.deb
Size/MD5 checksum: 4861812
19771c3fcb5a325a01261c6ea8963a68
http://security.debian.org/pool/updates/main/s/samba/samba_3.0.14a-3sarge2_sparc.deb
Size/MD5 checksum: 2520738
4cc2394804add7461418cc24c391b6cd
http://security.debian.org/pool/updates/main/s/samba/samba-common_3.0.14a-3sarge2_sparc.deb
Size/MD5 checksum: 1977870
71f3d37dc7e3f6945d45f412ce459127
http://security.debian.org/pool/updates/main/s/samba/samba-dbg_3.0.14a-3sarge2_sparc.deb
Size/MD5 checksum: 6344016
a2c8ea58a1f0f0787df1271bb7e6b5f6
http://security.debian.org/pool/updates/main/s/samba/smbclient_3.0.14a-3sarge2_sparc.deb
Size/MD5 checksum: 2539690
bb26c65d740909f845f6b13e8877d748
http://security.debian.org/pool/updates/main/s/samba/smbfs_3.0.14a-3sarge2_sparc.deb
Size/MD5 checksum: 371346
e2d95f4244e8f93f676a271fa4be0e06
http://security.debian.org/pool/updates/main/s/samba/swat_3.0.14a-3sarge2_sparc.deb
Size/MD5 checksum: 4049368
7dd1458831ab65925550e37a42ce7bd7
http://security.debian.org/pool/updates/main/s/samba/winbind_3.0.14a-3sarge2_sparc.deb
Size/MD5 checksum: 1475928
4ba1e79eb6793abcce51f68efd43db17
These files will probably be moved into the stable distribution
on its next update.
Debian Security Advisory DSA 1111-1 security@debian.org
http://www.debian.org/security/
Dann Frazier
Jul 16th, 2006 http://www.debian.org/security/faq
Package : kernel-source-2.6.8 et. al.
Vulnerability : race condition
Problem-Type : local
Debian-specific: no
CVE ID : CVE-2006-3625
It was discovered that a race condition in the process
filesystem can lead to privilege escalation.
The following matrix explains which kernel version for which
architecture fixes the problem mentioned above:
Debian 3.1 (sarge) Source 2.6.8-16sarge4 Alpha architecture 2.6.8-16sarge4 AMD64 architecture 2.6.8-16sarge4 Intel IA-32 architecture 2.6.8-16sarge4 Intel IA-64 architecture 2.6.8-14sarge4 PowerPC architecture 2.6.8-12sarge4 Sun Sparc architecture 2.6.8-15sarge4
As an exploit for this issue in the wild, this advisory was sent
out without builds for the IBM S/390, Motorola 680×0 and HP
Precision architectures being available. They will be released in a
followup-advisory as soon as they are available. Also, the kernels
for the FAI installer haven’t been updated yet. As a workaround we
recommend to mount proc with the nosuid and noexec options.
We recommend that you upgrade your kernel package immediately
and reboot the machine. If you have built a custom kernel from the
kernel source package, you will need to rebuild to take advantage
of these fixes.
Upgrade Instructions
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
Source archives:
Size/MD5 checksum: 812
ff4792fd28cadb6774ae4310ce38e301
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-alpha/kernel-image-2.6.8-alpha_2.6.8-16sarge4.tar.gz
Size/MD5 checksum: 38839
e4d527c319269df165cc23fd6fb54a68
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-amd64_2.6.8-16sarge4.dsc
Size/MD5 checksum: 1103
7dc33f6d9079af9d79b05d6ece3dfdc5
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-amd64/kernel-image-2.6.8-amd64_2.6.8-16sarge4.tar.gz
Size/MD5 checksum: 75714
264ee72864b022045cc4b0820fe062db
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-ia64_2.6.8-14sarge4.dsc
Size/MD5 checksum: 1191
0fb79cfacfc5581263710440357ed5ce
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-ia64/kernel-image-2.6.8-ia64_2.6.8-14sarge4.tar.gz
Size/MD5 checksum: 64204
02b5b536eebb207995ef3a754de1c87e
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-i386_2.6.8-16sarge4.dsc
Size/MD5 checksum: 1047
62f42ea9f118d911a8f215af2f3e586d
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-i386/kernel-image-2.6.8-i386_2.6.8-16sarge4.tar.gz
Size/MD5 checksum: 90861
885cb72bd69153dcd6512db147caa173
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-sparc_2.6.8-15sarge4.dsc
Size/MD5 checksum: 1036
00d330ff015d713c4652ea05c5555f91
http://security.debian.org/pool/updates/main/k/kernel-image-2.6.8-sparc/kernel-image-2.6.8-sparc_2.6.8-15sarge4.tar.gz
Size/MD5 checksum: 24447
393b640388a78dd98c727a08f972214c
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-16sarge4.dsc
Size/MD5 checksum: 1002
bca4e80e8a10ba3c0884e3fab032772b
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-16sarge4.diff.gz
Size/MD5 checksum: 1044761
b6675f6ac09f5d31f780650798c5609c
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8.orig.tar.gz
Size/MD5 checksum: 43929719
0393c05ffa4770c3c5178b74dc7a4282
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-patch-powerpc-2.6.8_2.6.8-12sarge4.dsc
Size/MD5 checksum: 1071
4bb132bef3f8f2a220ad9e74ab76500e
http://security.debian.org/pool/updates/main/k/kernel-patch-powerpc-2.6.8/kernel-patch-powerpc-2.6.8_2.6.8-12sarge4.tar.gz
Size/MD5 checksum: 27031
59fb7f129abc85794829e1e777b540a0
Architecture independent components:
Size/MD5 checksum: 6183402
a4efe296e5fd14d33c6b1ae1f40265c3
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-patch-debian-2.6.8_2.6.8-16sarge4_all.deb
Size/MD5 checksum: 1081512
562d408fa5cd936f557eceb74621bff2
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-source-2.6.8_2.6.8-16sarge4_all.deb
Size/MD5 checksum: 34943124
7b65a57ca6a2376d8042143244b8f5ab
http://security.debian.org/pool/updates/main/k/kernel-source-2.6.8/kernel-tree-2.6.8_2.6.8-16sarge4_all.deb
Size/MD5 checksum: 35134
80f1a94b1542bf3f89b