---

Advisories, June 8, 2006

Debian GNU/Linux


Debian Security Advisory DSA 1091-1 security@debian.org
http://www.debian.org/security/
Martin Schulze
June 8th, 2006 http://www.debian.org/security/faq


Package : tiff
Vulnerability : buffer overflows
Problem type : none or remote
Debian-specific: no
CVE ID : CVE-2006-2656 CVE-2006-2193
Debian Bug : 369819

Several problems have been discovered in the TIFF library. The
Common Vulnerabilities and Exposures project identifies the
following issues:

CVE-2006-2193

SuSE discovered a buffer overflow in the conversion of TIFF
files into PDF documents which could be exploited when tiff2pdf is
used e.g. in a printer filter.

CVE-2006-2656

The tiffsplit command from the TIFF library contains a buffer
overflow in the commandline handling which could be exploited when
the program is executed automatically on unknown filenames.

For the old stable distribution (woody) this problem has been
fixed in version 3.5.5-7woody2.

For the stable distribution (sarge) this problem has been fixed
in version 3.7.2-5.

For the unstable distribution (sid) this problem has been fixed
in version 3.8.2-4.

We recommend that you upgrade your tiff packages.

Upgrade Instructions


wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given at the end of this advisory:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody


Source archives:

    http://security.debian.org/pool/updates/main/t/tiff/tiff_3.5.5-7woody2.dsc

      Size/MD5 checksum: 635
63c05c844a00a57f87f1804dc668ccbf
    http://security.debian.org/pool/updates/main/t/tiff/tiff_3.5.5-7woody2.diff.gz

      Size/MD5 checksum: 38682
5905ba8ea39b409b4aa2893b697f35bc
    http://security.debian.org/pool/updates/main/t/tiff/tiff_3.5.5.orig.tar.gz

      Size/MD5 checksum: 693641
3b7199ba793dec6ca88f38bb0c8cc4d8

Alpha architecture:

    http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-7woody2_alpha.deb

      Size/MD5 checksum: 141478
2e995b46f312ecf35858f06e50c2ae2e
    http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-7woody2_alpha.deb

      Size/MD5 checksum: 106182
c383b1a1f292525e60efa68750bda5ae
    http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-7woody2_alpha.deb

      Size/MD5 checksum: 423868
da0015dd297de4f4128488fca92c3a88

ARM architecture:

    http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-7woody2_arm.deb

      Size/MD5 checksum: 117012
fe039271e5e9a94f56a2ca4c8a38a373
    http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-7woody2_arm.deb

      Size/MD5 checksum: 91610
d52006c179bfc3a13a779dfab1afa8fd
    http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-7woody2_arm.deb

      Size/MD5 checksum: 404850
69dd0252a4e15f0bc84ddb0d53ce5c96

Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-7woody2_i386.deb

      Size/MD5 checksum: 112058
cc978252d32d2e853ed08a655940b15b
    http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-7woody2_i386.deb

      Size/MD5 checksum: 82070
22733411e25f7fac444f148dcfb685a7
    http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-7woody2_i386.deb

      Size/MD5 checksum: 387442
dc8f36b0bfed0cc69d53c14f6b6e2fd4

Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-7woody2_ia64.deb

      Size/MD5 checksum: 158834
dda97df687d64fef045e7dd425a9b01e
    http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-7woody2_ia64.deb

      Size/MD5 checksum: 136678
e43c8ca8bcbdb54d09cee79f7c2f5665
    http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-7woody2_ia64.deb

      Size/MD5 checksum: 447048
100db6566cc42766d93fd67913834096

HP Precision architecture:

    http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-7woody2_hppa.deb

      Size/MD5 checksum: 128284
43c94055d54efb3d3d0708f527617ca8
    http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-7woody2_hppa.deb

      Size/MD5 checksum: 107708
089f41dfe3629250ddc02cbe1c76c649
    http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-7woody2_hppa.deb

      Size/MD5 checksum: 420730
018d785c7890016dfab3cba41e949dc5

Motorola 680×0 architecture:

    http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-7woody2_m68k.deb

      Size/MD5 checksum: 107282
1719b7463ef81d07075c39453f793080
    http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-7woody2_m68k.deb

      Size/MD5 checksum: 80748
2020a4999f141c2b5ba47090c551de36
    http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-7woody2_m68k.deb

      Size/MD5 checksum: 380718
d75aa876cef53d488178caae1dc160f2

Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-7woody2_mips.deb

      Size/MD5 checksum: 124022
7deeb5d1d0b5eb2c536143949e507fb0
    http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-7woody2_mips.deb

      Size/MD5 checksum: 88820
ef4eed05b2bb2f853c74997141bab9e6
    http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-7woody2_mips.deb

      Size/MD5 checksum: 411210
d9a0dd8ae266524ff80efcd88e74365a

Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-7woody2_mipsel.deb

      Size/MD5 checksum: 123536
88738fa15be0cb199c006503a12e13df
    http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-7woody2_mipsel.deb

      Size/MD5 checksum: 89122
beaf555e5d72f290852777b750a676cc
    http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-7woody2_mipsel.deb

      Size/MD5 checksum: 411326
61a6b79d2fd527d1c3fcd41eac1bd408

PowerPC architecture:

    http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-7woody2_powerpc.deb

      Size/MD5 checksum: 116102
5bb725af64e1f4c2d4a9bc90ab2cc8e0
    http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-7woody2_powerpc.deb

      Size/MD5 checksum: 90618
2e4cfb7cd4e2dee6418fa7f88f01c68f
    http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-7woody2_powerpc.deb

      Size/MD5 checksum: 403142
39f179238a6d70f1a755c7a7751c6b1d

IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-7woody2_s390.deb

      Size/MD5 checksum: 116912
a4c1ef170588a8be47985338e6f99074
    http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-7woody2_s390.deb

      Size/MD5 checksum: 92814
c33810f1cae1535ceb0d2f06a2cc4875
    http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-7woody2_s390.deb

      Size/MD5 checksum: 395670
0925a01ed6e686c24aecba121ee12a7f

Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-7woody2_sparc.deb

      Size/MD5 checksum: 132896
653921fed0879588e859ec05555d25ad
    http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-7woody2_sparc.deb

      Size/MD5 checksum: 89798
7097a2950a1a40f46c91cccd97e9fef3
    http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-7woody2_sparc.deb

      Size/MD5 checksum: 397444
82752cc23951fc4e26838a704fd18561

Debian GNU/Linux 3.1 alias sarge


Source archives:

    http://security.debian.org/pool/updates/main/t/tiff/tiff_3.7.2-5.dsc

      Size/MD5 checksum: 736
a818c1d8f13bba145e33b79f5b476707
    http://security.debian.org/pool/updates/main/t/tiff/tiff_3.7.2-5.diff.gz

      Size/MD5 checksum: 11836
91da082b84456d159fcea664b99012d2
    http://security.debian.org/pool/updates/main/t/tiff/tiff_3.7.2.orig.tar.gz

      Size/MD5 checksum: 1252995
221679f6d5c15670b3c242cbfff79a00

Alpha architecture:

    http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.7.2-5_alpha.deb

      Size/MD5 checksum: 46922
0c35a8df000764e528ae384ac325b8ad
    http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.7.2-5_alpha.deb

      Size/MD5 checksum: 243676
b8745078cb5af1773f1b28e97a787343
    http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.7.2-5_alpha.deb

      Size/MD5 checksum: 478368
6aa0652b69c62bfc7e51c6781d06fa19
    http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.7.2-5_alpha.deb

      Size/MD5 checksum: 309918
adb7022423ccd165188e8071e19cc442
    http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0_3.7.2-5_alpha.deb

      Size/MD5 checksum: 41048
72d163b97923c66a8b632e1907bc0865

AMD64 architecture:

    http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.7.2-5_amd64.deb

      Size/MD5 checksum: 45848
f79893646f9c74fdef624f949fea88ad
    http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.7.2-5_amd64.deb

      Size/MD5 checksum: 217914
b4abe50b4c24e899cbb961612ff3bdb2
    http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.7.2-5_amd64.deb

      Size/MD5 checksum: 459378
d01fdb8c0c066e5e4503b006b696658d
    http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.7.2-5_amd64.deb

      Size/MD5 checksum: 266960
a13564cc4b1ab7cfe8e956a556c8ee25
    http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0_3.7.2-5_amd64.deb

      Size/MD5 checksum: 40618
9114caa1d68c7197f9fa24c1747cd99d

ARM architecture:

    http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.7.2-5_arm.deb

      Size/MD5 checksum: 45362
fce43634a68f4a8867764f9b8649f07a
    http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.7.2-5_arm.deb

      Size/MD5 checksum: 208490
64553848b27faef1fc6072623904db18
    http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.7.2-5_arm.deb

      Size/MD5 checksum: 453542
16cde56a8e4d74ff39fec6f1cc664171
    http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.7.2-5_arm.deb

      Size/MD5 checksum: 265224
c1e43bfa93d33ea20c970485c2559ec1
    http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0_3.7.2-5_arm.deb

      Size/MD5 checksum: 40112
835f54888f47687d80bd283956b6a433

Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.7.2-5_i386.deb

      Size/MD5 checksum: 45226
fb6a72018e538b9c01be4f1d7b83f5ee
    http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.7.2-5_i386.deb

      Size/MD5 checksum: 206256
bc2113c8fa422bfa43770aff225ef6a2
    http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.7.2-5_i386.deb

      Size/MD5 checksum: 452596
ecd7de1fd8b95c90a20e8418781c129b
    http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.7.2-5_i386.deb

      Size/MD5 checksum: 251726
5d7ab853c833dbf09fecb7da82a90f1d
    http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0_3.7.2-5_i386.deb

      Size/MD5 checksum: 40666
94f82a8a5aa26e51e6cb5d8dd2b2d6d7

Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.7.2-5_ia64.deb

      Size/MD5 checksum: 48314
eced941bad1e44163b1732e7d140e47f
    http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.7.2-5_ia64.deb

      Size/MD5 checksum: 268978
791e5bdfdc7ffc390156b80715c76511
    http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.7.2-5_ia64.deb

      Size/MD5 checksum: 511152
6c74c5b71ae314d7332e5c717edb4a0b
    http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.7.2-5_ia64.deb

      Size/MD5 checksum: 330884
e73f9cd34760e6e90705a22a082e701b
    http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0_3.7.2-5_ia64.deb

      Size/MD5 checksum: 42252
6b66dd7679be12ffe5927e6fb4fea6df

HP Precision architecture:

    http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.7.2-5_hppa.deb

      Size/MD5 checksum: 46654
d8f619cfa26dde8579513f6d0b81a0f1
    http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.7.2-5_hppa.deb

      Size/MD5 checksum: 230166
1321bf6e1d105ddd339b7e5557aa5719
    http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.7.2-5_hppa.deb

      Size/MD5 checksum: 473080
ab55bbf0033b1b650ee927d21ce9c738
    http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.7.2-5_hppa.deb

      Size/MD5 checksum: 281620
93cf9c2dfa23e2c20e8795dd62dfc1ff
    http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0_3.7.2-5_hppa.deb

      Size/MD5 checksum: 41294
6ff9f727d5da771f334f75d58e118bfe

Motorola 680×0 architecture:

    http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.7.2-5_m68k.deb

      Size/MD5 checksum: 45238
4020963162aeba32e183855003f5282c
    http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.7.2-5_m68k.deb

      Size/MD5 checksum: 193466
dd132dae95518b681b29f18dc72b5126
    http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.7.2-5_m68k.deb

      Size/MD5 checksum: 442750
64ec9d1c9e3cc0bcf916b685437af60d
    http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.7.2-5_m68k.deb

      Size/MD5 checksum: 234514
7a50d86d056760ff37bbd585b136df14
    http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0_3.7.2-5_m68k.deb

      Size/MD5 checksum: 40270
491986255b51eaccb5ddcece25ecc732

Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.7.2-5_mips.deb

      Size/MD5 checksum: 46118
2a6f6b1f5e1557c3ef4297ee0eabc985
    http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.7.2-5_mips.deb

      Size/MD5 checksum: 252258
a21f9c0fc9c53b13b14efd641a3cb8ae
    http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.7.2-5_mips.deb

      Size/MD5 checksum: 458604
30db35156ea16a19a75edfb35ad2a14d
    http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.7.2-5_mips.deb

      Size/MD5 checksum: 280506
53f30322a6fc900b4f0ebc5f3d492676
    http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0_3.7.2-5_mips.deb

      Size/MD5 checksum: 40894
170ea7645a3c5543cc5caae43ad5c0a6

Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.7.2-5_mipsel.deb

      Size/MD5 checksum: 46080
43c5a8ea470cb03a0d2ef8b9933c7857
    http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.7.2-5_mipsel.deb

      Size/MD5 checksum: 252690
857f1625966dbc12f508700a471ac831
    http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.7.2-5_mipsel.deb

      Size/MD5 checksum: 458972
6f4c7d7ffe16f8c99ab81924da944985
    http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.7.2-5_mipsel.deb

      Size/MD5 checksum: 280370
cd2a531fa482b3e48c539e2dd3561494
    http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0_3.7.2-5_mipsel.deb

      Size/MD5 checksum: 40880
a81fef82f1d0a9d7d1001e7a325fee30

PowerPC architecture:

    http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.7.2-5_powerpc.deb

      Size/MD5 checksum: 47288
24f1d1ac568afd55118a1fc57f903394
    http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.7.2-5_powerpc.deb

      Size/MD5 checksum: 235464
69addcbeaeeba30abe98dcb1efc1a285
    http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.7.2-5_powerpc.deb

      Size/MD5 checksum: 460614
651e56b2fd88160d3a43b92aba8875eb
    http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.7.2-5_powerpc.deb

      Size/MD5 checksum: 272120
17b13db9ffe5f47941db64522210a26e
    http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0_3.7.2-5_powerpc.deb

      Size/MD5 checksum: 42466
eaa2cce3db4913037c21d73e59cfed63

IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.7.2-5_s390.deb

      Size/MD5 checksum: 46240
826c2293b0729b990ee4e78f5d44d5c4
    http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.7.2-5_s390.deb

      Size/MD5 checksum: 213880
b4caf3c3eec6f7261af4eaff0f764bbf
    http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.7.2-5_s390.deb

      Size/MD5 checksum: 466012
2371e8d875c366fe532d447f9e4d185a
    http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.7.2-5_s390.deb

      Size/MD5 checksum: 266758
7b6b6981382dccaede04ffef2f5cfea1
    http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0_3.7.2-5_s390.deb

      Size/MD5 checksum: 40886
9e4f621bc83ac85dcf2a56fa7aa59e88

Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/t/tiff/libtiff-opengl_3.7.2-5_sparc.deb

      Size/MD5 checksum: 45530
a6cc6e6db7136497800635f5cd991381
    http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.7.2-5_sparc.deb

      Size/MD5 checksum: 205358
8f72175e2f33bc5ab15ea5e9b5c77b91
    http://security.debian.org/pool/updates/main/t/tiff/libtiff4_3.7.2-5_sparc.deb

      Size/MD5 checksum: 454782
229cc03ccc4397b839a9545cbe6e6500
    http://security.debian.org/pool/updates/main/t/tiff/libtiff4-dev_3.7.2-5_sparc.deb

      Size/MD5 checksum: 257914
f99730a57980cf56a28dc1ce2a74e016
    http://security.debian.org/pool/updates/main/t/tiff/libtiffxx0_3.7.2-5_sparc.deb

      Size/MD5 checksum: 40616
8d38793d5c79a5498f7c5e0e2f9c37fe

These files will probably be moved into the stable distribution
on its next update.



Debian Security Advisory DSA 1092-1 security@debian.org
http://www.debian.org/security/
Martin Schulze
June 8th, 2006 http://www.debian.org/security/faq


Package : mysql-dfsg-4.1
Vulnerability : programming error
Problem type : remote
Debian-specific: no
CVE ID : CVE-2006-2753
BugTraq ID : 18219

Josh Berkus and Tom Lane discovered that MySQL 4.1, a popular
SQL database, incorrectly parses astring escaped with
mysql_real_escape() which could lead to SQL injection. This problem
does only exist in versions 4.1 and 5.0.

The old stable distribution (woody) is not affected by this
problem.

For the stable distribution (sarge) this problem has been fixed
in version 4.1.11a-4sarge4.

For the unstable distribution (sid) this problem has been fixed
in version 5.0.21-4.

Version 4.0 in the stable distribution (sarge) is also not
affected by this problem.

We recommend that you upgrade your mysql packages.

Upgrade Instructions


wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given at the end of this advisory:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.1 alias sarge


Source archives:

    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-dfsg-4.1_4.1.11a-4sarge4.dsc

      Size/MD5 checksum: 1021
af71d3e6da11441dfd8ed93c20ca8729
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-dfsg-4.1_4.1.11a-4sarge4.diff.gz

      Size/MD5 checksum: 167558
438fd6709d74cb614901d0ea9a965745
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-dfsg-4.1_4.1.11a.orig.tar.gz

      Size/MD5 checksum: 15771855
3c0582606a8903e758c2014c2481c7c3

Architecture independent components:

    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-common-4.1_4.1.11a-4sarge4_all.deb

      Size/MD5 checksum: 36302
abaa8025885618451c598493b41d10bb

Alpha architecture:

    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge4_alpha.deb

      Size/MD5 checksum: 1590578
754d9c9d253ba8488ee66efc92dcb1ca
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge4_alpha.deb

      Size/MD5 checksum: 7965338
b623f43445b37b8af9f91c09ed31d4ae
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge4_alpha.deb

      Size/MD5 checksum: 1000754
32ed105998bb4a23d52d861fac54e840
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge4_alpha.deb

      Size/MD5 checksum: 17488018
d3cda036d9920c18de5849ab3dc024c8

AMD64 architecture:

    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge4_amd64.deb

      Size/MD5 checksum: 1451828
06f3945b95051a12f9f155a268094dcf
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge4_amd64.deb

      Size/MD5 checksum: 5551444
3663f19adb6b38a61682619ef19cfbc8
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge4_amd64.deb

      Size/MD5 checksum: 849336
42c8d15b1329e901a845dc74626a0f3e
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge4_amd64.deb

      Size/MD5 checksum: 14711198
aa976778d4cfdbfaab96fe4bcbeb8cb5

ARM architecture:

    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge4_arm.deb

      Size/MD5 checksum: 1388714
4786d6136ff3d5d9d4258754eb64b356
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge4_arm.deb

      Size/MD5 checksum: 5558586
796c478d90a750e0a577434512fdaeb6
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge4_arm.deb

      Size/MD5 checksum: 836542
d62795e99b44d319626c15446c962d44
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge4_arm.deb

      Size/MD5 checksum: 14557476
ac7a7d39805b00b27872cdc339f688d5

Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge4_i386.deb

      Size/MD5 checksum: 1417826
f8d012cb6a85554c0d94bfcac7f78791
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge4_i386.deb

      Size/MD5 checksum: 5643870
d02bb09d6cb1ba6b8014055eec3fc3be
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge4_i386.deb

      Size/MD5 checksum: 830518
f603306a8fec1c63b6e3ecc17107bd98
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge4_i386.deb

      Size/MD5 checksum: 14558102
591c67e79d72dd63e02dc166d0cb5300

Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge4_ia64.deb

      Size/MD5 checksum: 1713084
09db38b7f9ff3567ef4d4ccc4c46ae3f
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge4_ia64.deb

      Size/MD5 checksum: 7782286
0c75c782e7873a327d69421933f36732
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge4_ia64.deb

      Size/MD5 checksum: 1050436
91bf76af1e2d978eb5472ddb84031bf1
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge4_ia64.deb

      Size/MD5 checksum: 18475506
7d96940c7e7a0623de3702651cf8c8a2

HP Precision architecture:

    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge4_hppa.deb

      Size/MD5 checksum: 1550998
e4c6ae38e9a5dc7aae7cc15dff9bc0c0
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge4_hppa.deb

      Size/MD5 checksum: 6249966
91443fde830a3cbb343849afd6a2d0d8
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge4_hppa.deb

      Size/MD5 checksum: 909886
3ed733077d25aefe18bcf1cc21ad2215
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge4_hppa.deb

      Size/MD5 checksum: 15790412
bb7a33201295e66224bf4c491f0c56b9

Motorola 680×0 architecture:

    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge4_m68k.deb

      Size/MD5 checksum: 1397768
e3c536ac8323986b4165abe26928f36f
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge4_m68k.deb

      Size/MD5 checksum: 5283732
bb01937d6e79d23947a89312cf160aa6
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge4_m68k.deb

      Size/MD5 checksum: 803692
2613a1adb8174a24efa485ade794db85
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge4_m68k.deb

      Size/MD5 checksum: 14071656
677a2a213c3fb5fe363f76625fe5e1c7

Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge4_mips.deb

      Size/MD5 checksum: 1478750
48583310a2c865cc938566c6cd08a824
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge4_mips.deb

      Size/MD5 checksum: 6052854
dad954fb5c1cd13ad73cfd21c2819e5f
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge4_mips.deb

      Size/MD5 checksum: 904326
44f8ae166e7b30694eaad583eba40666
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge4_mips.deb

      Size/MD5 checksum: 15409878
5180ef322b2f6d4aa7dcc4fd60a521d4

Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge4_mipsel.deb

      Size/MD5 checksum: 1446178
bd5a7f2d224da45b1e24a6a23038744f
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge4_mipsel.deb

      Size/MD5 checksum: 5971330
bedb92b0edc6e18dc83e504690c863c6
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge4_mipsel.deb

      Size/MD5 checksum: 889962
c75f34bfc318ac4cca4c04cd0bbe2c10
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge4_mipsel.deb

      Size/MD5 checksum: 15105354
e8100b4c7ba1de3c9e3b1afbaac0b825

PowerPC architecture:

    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge4_powerpc.deb

      Size/MD5 checksum: 1476650
035fa1c4995fbc57d9b7ee6e20e85fde
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge4_powerpc.deb

      Size/MD5 checksum: 6027482
98a9b182121a9747a0e6e9c8ef1531b2
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge4_powerpc.deb

      Size/MD5 checksum: 907256
c8a0e5668a15b68aff1c108e7fc6afad
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge4_powerpc.deb

      Size/MD5 checksum: 15402696
3e020285d43a361111278d558d95bd6d

IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge4_s390.deb

      Size/MD5 checksum: 1538332
604b1be5b4ca49165113d200cd3415c0
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge4_s390.deb

      Size/MD5 checksum: 5461442
b5b4bfa92a5c7d4269238a00fc320057
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge4_s390.deb

      Size/MD5 checksum: 884106
c1c2e15c37217bcbf96dfff23f19d5ab
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge4_s390.deb

      Size/MD5 checksum: 15055316
2fe79ed0e0242a75f4ecb016d39e491d

Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14_4.1.11a-4sarge4_sparc.deb

      Size/MD5 checksum: 1460442
72b9ef109c9ef1951d8002b1dbe72735
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/libmysqlclient14-dev_4.1.11a-4sarge4_sparc.deb

      Size/MD5 checksum: 6207904
dd3e6e35dab09a603344a36b28916514
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-client-4.1_4.1.11a-4sarge4_sparc.deb

      Size/MD5 checksum: 868066
0cec4df9b02b3550fdf4a7c5f35af51b
    http://security.debian.org/pool/updates/main/m/mysql-dfsg-4.1/mysql-server-4.1_4.1.11a-4sarge4_sparc.deb

      Size/MD5 checksum: 15391878
8f056ef97deef926d4b1ff843f762ced

These files will probably be moved into the stable distribution
on its next update.



Debian Security Advisory DSA 1093-1 security@debian.org
http://www.debian.org/security/
Martin Schulze
June 8th, 2006 http://www.debian.org/security/faq


Package : xine-ui
Vulnerability : format string
Problem type : local (remote)
Debian-specific: no
CVE ID : CVE-2006-2230

Several format string vulnerabilities have been discovered in
xine-ui, the user interface of the xine video player, which may
cause a denial of service.

The old stable distribution (woody) is not affected by these
problems.

For the stable distribution (sarge) these problems have been
fixed in version 0.99.3-1sarge1.

For the unstable distribution (sid) these problems will be fixed
soon.

We recommend that you upgrade your xine-ui package.

Upgrade Instructions


wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given at the end of this advisory:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.1 alias sarge


Source archives:

    http://security.debian.org/pool/updates/main/x/xine-ui/xine-ui_0.99.3-1sarge1.dsc

      Size/MD5 checksum: 746
527be88be68d5710bf5e0a5b09ffc839
    http://security.debian.org/pool/updates/main/x/xine-ui/xine-ui_0.99.3-1sarge1.diff.gz

      Size/MD5 checksum: 1288
64415eeb7634cc0dca6d7a44e7a8f404
    http://security.debian.org/pool/updates/main/x/xine-ui/xine-ui_0.99.3.orig.tar.gz

      Size/MD5 checksum: 2610080
aa7805a93e511e3d67dc1bf09a71fcdd

Alpha architecture:

    http://security.debian.org/pool/updates/main/x/xine-ui/xine-ui_0.99.3-1sarge1_alpha.deb

      Size/MD5 checksum: 1877496
56392abc6057d656c041bfbad49976ad

AMD64 architecture:

    http://security.debian.org/pool/updates/main/x/xine-ui/xine-ui_0.99.3-1sarge1_amd64.deb

      Size/MD5 checksum: 1766792
b093fcc76082ac6e95518f2ec9a27bd9

ARM architecture:

    http://security.debian.org/pool/updates/main/x/xine-ui/xine-ui_0.99.3-1sarge1_arm.deb

      Size/MD5 checksum: 1711066
856ce425a4db60d0d043b95ad0a7ec18

Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/x/xine-ui/xine-ui_0.99.3-1sarge1_i386.deb

      Size/MD5 checksum: 1731748
5f971967308012850fecd3c9362cec9b

Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/x/xine-ui/xine-ui_0.99.3-1sarge1_ia64.deb

      Size/MD5 checksum: 2041594
6f37253dad654f31f5bd12c2109e5726

HP Precision architecture:

    http://security.debian.org/pool/updates/main/x/xine-ui/xine-ui_0.99.3-1sarge1_hppa.deb

      Size/MD5 checksum: 1682926
1ac6f7faa43469e805c01be3d8756a2b

Motorola 680×0 architecture:

    http://security.debian.org/pool/updates/main/x/xine-ui/xine-ui_0.99.3-1sarge1_m68k.deb

      Size/MD5 checksum: 1588564
baea2fa096194f491dcf2438cfa489c7

Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/x/xine-ui/xine-ui_0.99.3-1sarge1_mips.deb

      Size/MD5 checksum: 1762350
fbbaa304745c86021a0ffe463530a573

Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/x/xine-ui/xine-ui_0.99.3-1sarge1_mipsel.deb

      Size/MD5 checksum: 1762594
6399a62f5e919c04333a2c5533e64cc0

PowerPC architecture:

    http://security.debian.org/pool/updates/main/x/xine-ui/xine-ui_0.99.3-1sarge1_powerpc.deb

      Size/MD5 checksum: 1776176
387dfa9a66f0fa3e26e9d26b5cc3aed0

IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/x/xine-ui/xine-ui_0.99.3-1sarge1_s390.deb

      Size/MD5 checksum: 1742376
b41686f1d871c498d6f4185736317ff2

Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/x/xine-ui/xine-ui_0.99.3-1sarge1_sparc.deb

      Size/MD5 checksum: 1761044
f37b88d9d0a99ee2a6be783e403d634c

These files will probably be moved into the stable distribution
on its next update.


For apt-get: deb http://security.debian.org/
stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security
dists/stable/updates/main
Mail

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis