Home Security

Advisories: October 10, 2005

By

October 11, 2005

Debian GNU/Linux

Debian Security Advisory DSA 846-1 security@debian.org
http://www.debian.org/security/
Martin Schulze
October 7th, 2005 http://www.debian.org/security/faq

Package : cpio
Vulnerability : several
Problem type : local (remote)
Debian-specific: no
CVE ID : CAN-2005-1111 CAN-2005-1229
Debian Bug : 306693 305372

Two vulnerabilities have been discovered in cpio, a program to
manage archives of files. The Common Vulnerabilities and Exposures
project identifies the following problems:

CAN-2005-1111

Imran Ghory discovered a race condition in setting the file
permissions of files extracted from cpio archives. A local attacker
with write access to the target directory could exploit this to
alter the permissions of arbitrary files the extracting user has
write permissions for.

CAN-2005-1229

Imran Ghory discovered that cpio does not sanitise the path of
extracted files even if the –no-absolute-filenames option was
specified. This can be exploited to install files in arbitrary
locations where the extracting user has write permissions to.

For the old stable distribution (woody) these problems have been
fixed in version 2.4.2-39woody2.

For the stable distribution (sarge) these problems have been
fixed in version 2.5-1.3.

For the unstable distribution (sid) these problems have been
fixed in version 2.6-6.

We recommend that you upgrade your cpio package.

Upgrade Instructions

wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody

Source archives:

http://security.debian.org/pool/updates/main/c/cpio/cpio_2.4.2-39woody2.dsc

Size/MD5 checksum: 549 15ede7cbecf63993116b4e6a6565a52a

http://security.debian.org/pool/updates/main/c/cpio/cpio_2.4.2-39woody2.diff.gz

Size/MD5 checksum: 23977 58175edde016c3ddb92804479697288f

http://security.debian.org/pool/updates/main/c/cpio/cpio_2.4.2.orig.tar.gz

Size/MD5 checksum: 181728 3e976db71229d52a8a135540698052df

Alpha architecture:

http://security.debian.org/pool/updates/main/c/cpio/cpio_2.4.2-39woody2_alpha.deb

Size/MD5 checksum: 72916 8a3c436670b93fe9d6c0d7b9c6620826

ARM architecture:

http://security.debian.org/pool/updates/main/c/cpio/cpio_2.4.2-39woody2_arm.deb

Size/MD5 checksum: 64050 96781e9c208d4629c9bad9fd489a6752

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/c/cpio/cpio_2.4.2-39woody2_i386.deb

Size/MD5 checksum: 61704 c4fd8a026047cd14a9516224d8319e13

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/c/cpio/cpio_2.4.2-39woody2_ia64.deb

Size/MD5 checksum: 84576 5d9d925c312a5a9f141949c134fd23d3

HP Precision architecture:

http://security.debian.org/pool/updates/main/c/cpio/cpio_2.4.2-39woody2_hppa.deb

Size/MD5 checksum: 69922 219bd8e8d9de88975eca8c8df4e9ddd9

Motorola 680×0 architecture:

http://security.debian.org/pool/updates/main/c/cpio/cpio_2.4.2-39woody2_m68k.deb

Size/MD5 checksum: 59998 b4ef64480db82238635e1c7f5b851eee

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/c/cpio/cpio_2.4.2-39woody2_mips.deb

Size/MD5 checksum: 69160 a3f333c7b10c4f06a37de29de89844c1

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/c/cpio/cpio_2.4.2-39woody2_mipsel.deb

Size/MD5 checksum: 68852 d704acf1b5d5c82ab024f6d45eab5686

PowerPC architecture:

http://security.debian.org/pool/updates/main/c/cpio/cpio_2.4.2-39woody2_powerpc.deb

Size/MD5 checksum: 64284 4227c627aa48dc40cacdde9cb866322a

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/c/cpio/cpio_2.4.2-39woody2_s390.deb

Size/MD5 checksum: 64190 975304691e816ea35e5b1a1edbaca8fc

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/c/cpio/cpio_2.4.2-39woody2_sparc.deb

Size/MD5 checksum: 65916 e9fcc403a99fa3c930c9a7ede7daeef4

Debian GNU/Linux 3.1 alias sarge

Source archives:

http://security.debian.org/pool/updates/main/c/cpio/cpio_2.5-1.3.dsc

Size/MD5 checksum: 533 ab5695c02739c74d12ceb5ccf15a2f9e

http://security.debian.org/pool/updates/main/c/cpio/cpio_2.5-1.3.diff.gz

Size/MD5 checksum: 26981 658f6330c2e56576251755f21291a22a

http://security.debian.org/pool/updates/main/c/cpio/cpio_2.5.orig.tar.gz

Size/MD5 checksum: 185480 e02859af1bbbbd73fcbf757acb57e0a4

Alpha architecture:

http://security.debian.org/pool/updates/main/c/cpio/cpio_2.5-1.3_alpha.deb

Size/MD5 checksum: 75340 e5f2db24ac4a7fa37e03299092e04869

AMD64 architecture:

http://security.debian.org/pool/updates/main/c/cpio/cpio_2.5-1.3_amd64.deb

Size/MD5 checksum: 68580 e04afdcd5c4cd7d4ae7b9314c91f2003

ARM architecture:

http://security.debian.org/pool/updates/main/c/cpio/cpio_2.5-1.3_arm.deb

Size/MD5 checksum: 65356 599f5449dcd3c6774becab5db930c1eb

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/c/cpio/cpio_2.5-1.3_i386.deb

Size/MD5 checksum: 64862 0af18766ab51b22276fe1458e19e6dfa

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/c/cpio/cpio_2.5-1.3_ia64.deb

Size/MD5 checksum: 85968 ec853bd84c3c86a86edd1eaab3daaed9

HP Precision architecture:

http://security.debian.org/pool/updates/main/c/cpio/cpio_2.5-1.3_hppa.deb

Size/MD5 checksum: 70918 7d189eac1083bf7171a3378e076bd41d

Motorola 680×0 architecture:

http://security.debian.org/pool/updates/main/c/cpio/cpio_2.5-1.3_m68k.deb

Size/MD5 checksum: 61566 5a1b92f6d84b61108c382f282541d4fd

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/c/cpio/cpio_2.5-1.3_mips.deb

Size/MD5 checksum: 73286 3e159d225f6ed5683206ee891e73e411

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/c/cpio/cpio_2.5-1.3_mipsel.deb

Size/MD5 checksum: 72982 593e2f05e139ff23ba448289dde24085

PowerPC architecture:

http://security.debian.org/pool/updates/main/c/cpio/cpio_2.5-1.3_powerpc.deb

Size/MD5 checksum: 67680 4fd0a44a984aa4dba6bde7144289fc82

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/c/cpio/cpio_2.5-1.3_s390.deb

Size/MD5 checksum: 68708 6ecc6f8ad9a1f5fd56eeea4fe421ef39

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/c/cpio/cpio_2.5-1.3_sparc.deb

Size/MD5 checksum: 64812 04cec657cd5681d4ab8c8e27f70d1653

These files will probably be moved into the stable distribution
on its next update.

Debian Security Advisory DSA 847-1 security@debian.org
http://www.debian.org/security/
Martin Schulze
October 8th, 2005 http://www.debian.org/security/faq

Package : dia
Vulnerability : missing input sanitising
Problem type : local (remote)
Debian-specific: no
CVE ID : CAN-2005-2966 BugTraq ID : 15000
Debian Bug : 330890

Joxean Koret discovered that the Python SVG import plugin in
dia, a vector-oriented diagram editor, does not properly sanitise
data read from an SVG file and is hence vulnerable to execute
arbitrary Python code.

The old stable distribution (woody) is not affected by this
problem.

For the stable distribution (sarge) this problem has been fixed
in version 0.94.0-7sarge1.

For the unstable distribution (sid) this problem has been fixed
in version 0.94.0-15.

We recommend that you upgrade your dia package.

Upgrade Instructions

wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.1 alias sarge

Source archives:

http://security.debian.org/pool/updates/main/d/dia/dia_0.94.0-7sarge1.dsc

Size/MD5 checksum: 1407 e852a784e57e6ccd455b4da297ae7c36

http://security.debian.org/pool/updates/main/d/dia/dia_0.94.0-7sarge1.diff.gz

Size/MD5 checksum: 15763 4704a9ac297063f937a27b669b4f9c7f

http://security.debian.org/pool/updates/main/d/dia/dia_0.94.0.orig.tar.gz

Size/MD5 checksum: 5241128 d2afdc10f55df29314250d98dbfd7a79

Architecture independent components:

http://security.debian.org/pool/updates/main/d/dia/dia-common_0.94.0-7sarge1_all.deb

Size/MD5 checksum: 2148988 a6aaf3822ae0323890b29fa9059b0185

Alpha architecture:

http://security.debian.org/pool/updates/main/d/dia/dia_0.94.0-7sarge1_alpha.deb

Size/MD5 checksum: 222846 e2a858944403aaf7e2be0b55213494a1

http://security.debian.org/pool/updates/main/d/dia/dia-gnome_0.94.0-7sarge1_alpha.deb

Size/MD5 checksum: 224378 49be5d481ac3b550c52422cdb1be6765

http://security.debian.org/pool/updates/main/d/dia/dia-libs_0.94.0-7sarge1_alpha.deb

Size/MD5 checksum: 729796 3b24c04e39a7c8b416dd504f4470be15

AMD64 architecture:

http://security.debian.org/pool/updates/main/d/dia/dia_0.94.0-7sarge1_amd64.deb

Size/MD5 checksum: 193428 5d7b0041a851b5af1cb6273368551154

http://security.debian.org/pool/updates/main/d/dia/dia-gnome_0.94.0-7sarge1_amd64.deb

Size/MD5 checksum: 195070 2c20715651206e8aadc5d1215ae03462

http://security.debian.org/pool/updates/main/d/dia/dia-libs_0.94.0-7sarge1_amd64.deb

Size/MD5 checksum: 659184 cd4ac2d216773979f2b03ec63976a6cb

ARM architecture:

http://security.debian.org/pool/updates/main/d/dia/dia_0.94.0-7sarge1_arm.deb

Size/MD5 checksum: 173002 4c5d220bb555d014bd5dd5e6928f1493

http://security.debian.org/pool/updates/main/d/dia/dia-gnome_0.94.0-7sarge1_arm.deb

Size/MD5 checksum: 174468 0c31ec33766fac82bf005c43b5f6a9ac

http://security.debian.org/pool/updates/main/d/dia/dia-libs_0.94.0-7sarge1_arm.deb

Size/MD5 checksum: 552166 a7aa7e3699ae090ab67ad9d3195755f3

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/d/dia/dia_0.94.0-7sarge1_i386.deb

Size/MD5 checksum: 184330 4f69a644c2ac8f97a5a81fdf3e1146b5

http://security.debian.org/pool/updates/main/d/dia/dia-gnome_0.94.0-7sarge1_i386.deb

Size/MD5 checksum: 185734 fc75348b11fe90abb7568c95ee3ba333

http://security.debian.org/pool/updates/main/d/dia/dia-libs_0.94.0-7sarge1_i386.deb

Size/MD5 checksum: 591844 06e9aad469c243ac472aac861ee98ef5

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/d/dia/dia_0.94.0-7sarge1_ia64.deb

Size/MD5 checksum: 263706 173b29cc71d5f815a251cd0054898c1e

http://security.debian.org/pool/updates/main/d/dia/dia-gnome_0.94.0-7sarge1_ia64.deb

Size/MD5 checksum: 265022 91db1802a98dcb9c199bbe60c3c7a377

http://security.debian.org/pool/updates/main/d/dia/dia-libs_0.94.0-7sarge1_ia64.deb

Size/MD5 checksum: 919608 0277be2023d768feb15e4b30941bc878

HP Precision architecture:

http://security.debian.org/pool/updates/main/d/dia/dia_0.94.0-7sarge1_hppa.deb

Size/MD5 checksum: 200672 7d122a717ef54af4dd7a96b8664ade44

http://security.debian.org/pool/updates/main/d/dia/dia-gnome_0.94.0-7sarge1_hppa.deb

Size/MD5 checksum: 202164 8215bf17aab46573dc1efec74610b4f4

http://security.debian.org/pool/updates/main/d/dia/dia-libs_0.94.0-7sarge1_hppa.deb

Size/MD5 checksum: 774842 852b861d4d643e13394521a86adbb227

Motorola 680×0 architecture:

http://security.debian.org/pool/updates/main/d/dia/dia_0.94.0-7sarge1_m68k.deb

Size/MD5 checksum: 160638 78a7eba8343578b099b72339664017ab

http://security.debian.org/pool/updates/main/d/dia/dia-gnome_0.94.0-7sarge1_m68k.deb

Size/MD5 checksum: 162340 0af833a6b2696562061030bf15dbbb8e

http://security.debian.org/pool/updates/main/d/dia/dia-libs_0.94.0-7sarge1_m68k.deb

Size/MD5 checksum: 583354 7e8ae3d03bcfff9ec1d0212ae95f9fdc

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/d/dia/dia_0.94.0-7sarge1_mips.deb

Size/MD5 checksum: 177636 8f160d6fa015e2ddb784fbdcc94a9228

http://security.debian.org/pool/updates/main/d/dia/dia-gnome_0.94.0-7sarge1_mips.deb

Size/MD5 checksum: 179200 6e35a36fba03daf21da687705d409633

http://security.debian.org/pool/updates/main/d/dia/dia-libs_0.94.0-7sarge1_mips.deb

Size/MD5 checksum: 642424 9769855484e5b221e5a78df2a70d4b7b

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/d/dia/dia_0.94.0-7sarge1_mipsel.deb

Size/MD5 checksum: 176076 3166639d7c5a90468fcdc36602186278

http://security.debian.org/pool/updates/main/d/dia/dia-gnome_0.94.0-7sarge1_mipsel.deb

Size/MD5 checksum: 177640 7d88dcd6bebb103e4f49981896301505

http://security.debian.org/pool/updates/main/d/dia/dia-libs_0.94.0-7sarge1_mipsel.deb

Size/MD5 checksum: 630812 a32265d64a09c7dae6d92f683e266a25

PowerPC architecture:

http://security.debian.org/pool/updates/main/d/dia/dia_0.94.0-7sarge1_powerpc.deb

Size/MD5 checksum: 183314 c2a98325c9b505d7dc05232d3872be2d

http://security.debian.org/pool/updates/main/d/dia/dia-gnome_0.94.0-7sarge1_powerpc.deb

Size/MD5 checksum: 184826 fc94a2ba1a9a9b6221134e92b549d239

http://security.debian.org/pool/updates/main/d/dia/dia-libs_0.94.0-7sarge1_powerpc.deb

Size/MD5 checksum: 674766 ee38feb593a6d53d3e45f67a1164400b

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/d/dia/dia_0.94.0-7sarge1_s390.deb

Size/MD5 checksum: 185236 ca4b69b30d59e32b435a41ac8159c89b

http://security.debian.org/pool/updates/main/d/dia/dia-gnome_0.94.0-7sarge1_s390.deb

Size/MD5 checksum: 187036 c9ecdde728a3abdab38e5f6ced018619

http://security.debian.org/pool/updates/main/d/dia/dia-libs_0.94.0-7sarge1_s390.deb

Size/MD5 checksum: 649000 b6028520487207f11eafc65df0d40548

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/d/dia/dia_0.94.0-7sarge1_sparc.deb

Size/MD5 checksum: 175274 276a178671668aa9d061202163e99576

http://security.debian.org/pool/updates/main/d/dia/dia-gnome_0.94.0-7sarge1_sparc.deb

Size/MD5 checksum: 176704 85851e8f38f05e527f67375868efa5bd

http://security.debian.org/pool/updates/main/d/dia/dia-libs_0.94.0-7sarge1_sparc.deb

Size/MD5 checksum: 610434 e18ecc88091f7b39c6edf906e9313f1c

These files will probably be moved into the stable distribution
on its next update.

Debian Security Advisory DSA 848-1 security@debian.org
http://www.debian.org/security/
Martin Schulze
October 8th, 2005 http://www.debian.org/security/faq

Package : masqmail
Vulnerability : several
Problem type : local
Debian-specific: no
CVE ID : CAN-2005-2662 CAN-2005-2663

Jens Steube discovered two vulnerabilities in masqmail, a mailer
for hosts without permanent internet connection. The Common
Vulnerabilities and Exposures project identifies the following
problems:

CAN-2005-2662

When sending failed mail messages, the address is not sanitised,
which allows a local attacker to execute arbitrary commands as the
mail user.

CAN-2005-2663

When opening the log file, masqmail does not relinquish
privileges, which allows a local attacker to overwrite arbitrary
files via a symlink attack.

For the old stable distribution (woody) these problems have been
fixed in version 0.1.16-2.2.

For the stable distribution (sarge) these problems have been
fixed in version 0.2.20-1sarge1.

For the unstable distribution (sid) these problems have been
fixed in version 0.2.20-1sarge1.

We recommend that you upgrade your masqmail package.

Upgrade Instructions

wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody

Source archives:

http://security.debian.org/pool/updates/main/m/masqmail/masqmail_0.1.16-2.2.dsc

Size/MD5 checksum: 616 c8e56189f4776243e9ac8216fe96eca9

http://security.debian.org/pool/updates/main/m/masqmail/masqmail_0.1.16-2.2.diff.gz

Size/MD5 checksum: 10607 fede79dec7ac68712cd6ca66ecd11b95

http://security.debian.org/pool/updates/main/m/masqmail/masqmail_0.1.16.orig.tar.gz

Size/MD5 checksum: 174634 0e391fd2d56d61b0a879f3c37b9e068d

Alpha architecture:

http://security.debian.org/pool/updates/main/m/masqmail/masqmail_0.1.16-2.2_alpha.deb

Size/MD5 checksum: 103730 9c5b4acb97b0ee7e2f0f5e0d7eb41f0d

ARM architecture:

http://security.debian.org/pool/updates/main/m/masqmail/masqmail_0.1.16-2.2_arm.deb

Size/MD5 checksum: 90844 c9d4a0931baa6dc4ff2b600768bbea87

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/m/masqmail/masqmail_0.1.16-2.2_i386.deb

Size/MD5 checksum: 88450 f384d634c4148d2a8349fbfa68aeaa03

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/m/masqmail/masqmail_0.1.16-2.2_ia64.deb

Size/MD5 checksum: 123742 2a3274281a32af576661b35d3f6460d2

HP Precision architecture:

http://security.debian.org/pool/updates/main/m/masqmail/masqmail_0.1.16-2.2_hppa.deb

Size/MD5 checksum: 99124 efd80fc98022573d9b7c4ca59458bce4

Motorola 680×0 architecture:

http://security.debian.org/pool/updates/main/m/masqmail/masqmail_0.1.16-2.2_m68k.deb

Size/MD5 checksum: 86290 584bd580fa155e0e7de620fcbe475781

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/m/masqmail/masqmail_0.1.16-2.2_mips.deb

Size/MD5 checksum: 97430 cfd5b01c3cea7a26114fa8ed823f2b36

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/m/masqmail/masqmail_0.1.16-2.2_mipsel.deb

Size/MD5 checksum: 97608 4bf6407d3799514f1a64428be64e1703

PowerPC architecture:

http://security.debian.org/pool/updates/main/m/masqmail/masqmail_0.1.16-2.2_powerpc.deb

Size/MD5 checksum: 92066 11278851463d715a78dd427c885d6c71

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/m/masqmail/masqmail_0.1.16-2.2_s390.deb

Size/MD5 checksum: 91252 41a3393aa6c556af480a0091f4859b3a

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/m/masqmail/masqmail_0.1.16-2.2_sparc.deb

Size/MD5 checksum: 92774 1e13a66f9a0e338304141d446c6a44c3

Debian GNU/Linux 3.1 alias sarge

Source archives:

http://security.debian.org/pool/updates/main/m/masqmail/masqmail_0.2.20-1sarge1.dsc

Size/MD5 checksum: 553 071de088ea2cf173f7df397f5b9a2e00

http://security.debian.org/pool/updates/main/m/masqmail/masqmail_0.2.20-1sarge1.tar.gz

Size/MD5 checksum: 243780 38ab6b58d99e93b6688ae958d92c0f3c

Alpha architecture:

http://security.debian.org/pool/updates/main/m/masqmail/masqmail_0.2.20-1sarge1_alpha.deb

Size/MD5 checksum: 143574 4a0e11af8b79ddb53e84f3e8f3e7d0e9

ARM architecture:

http://security.debian.org/pool/updates/main/m/masqmail/masqmail_0.2.20-1sarge1_arm.deb

Size/MD5 checksum: 121910 6c020669757396b5b9c959b5683228da

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/m/masqmail/masqmail_0.2.20-1sarge1_i386.deb

Size/MD5 checksum: 122054 696d177b8524e13a0de5da6be97a3c70

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/m/masqmail/masqmail_0.2.20-1sarge1_ia64.deb

Size/MD5 checksum: 162460 fffa1b99ace83cb1fbd55f93437e2132

HP Precision architecture:

http://security.debian.org/pool/updates/main/m/masqmail/masqmail_0.2.20-1sarge1_hppa.deb

Size/MD5 checksum: 131458 d0e0424020639e6971168d900ace0eb2

Motorola 680×0 architecture:

http://security.debian.org/pool/updates/main/m/masqmail/masqmail_0.2.20-1sarge1_m68k.deb

Size/MD5 checksum: 116914 a7ff06c51610f661e28166007a5ff835

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/m/masqmail/masqmail_0.2.20-1sarge1_mips.deb

Size/MD5 checksum: 132456 b51be0307d9498a5093343326e556957

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/m/masqmail/masqmail_0.2.20-1sarge1_mipsel.deb

Size/MD5 checksum: 132794 59a7ee664a2721b43b5b97dbb7462bc8

PowerPC architecture:

http://security.debian.org/pool/updates/main/m/masqmail/masqmail_0.2.20-1sarge1_powerpc.deb

Size/MD5 checksum: 131814 2298b05e9090956e9d977f96dfb470a2

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/m/masqmail/masqmail_0.2.20-1sarge1_s390.deb

Size/MD5 checksum: 129204 1c022f2ca6ff2b707b7412fb6cebe4a0

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/m/masqmail/masqmail_0.2.20-1sarge1_sparc.deb

Size/MD5 checksum: 122814 17e02dac3320ea6e4625fadad6e5a1e8

These files will probably be moved into the stable distribution
on its next update.

Debian Security Advisory DSA 849-1 security@debian.org
http://www.debian.org/security/
Martin Schulze
October 8th, 2005 http://www.debian.org/security/faq

Package : shorewall
Vulnerability : programming error
Problem type : remote
Debian-specific: no
CVE ID : CAN-2005-2317
Debian Bug : 318946

“Supernaut” noticed that shorewall, the Shoreline Firewall,
could generate an iptables configuration which is significantly
more permissive than the rule set given in the shorewall
configuration, if MAC verification are used in a non-default
manner.

When MACLIST_DISPOSITION is set to ACCEPT in the shorewall.conf
file, all packets from hosts which fail the MAC verification pass
through the firewall, without further checks. When MACLIST_TTL is
set to a non-zero value, packets from hosts which pass the MAC
verification pass through the firewall, again without further
checks.

The old stable distribution (woody) is not affected by this
problem.

For the stable distribution (sarge) this problem has been fixed
in version 2.2.3-2.

For the unstable distribution (sid) this problem has been fixed
in version 2.4.1-2.

We recommend that you upgrade your shorewall package.

Upgrade Instructions

wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.1 alias sarge

Source archives:

http://security.debian.org/pool/updates/main/s/shorewall/shorewall_2.2.3-2.dsc

Size/MD5 checksum: 656 a280401e705da1a93b31e2b0d6abafb9

http://security.debian.org/pool/updates/main/s/shorewall/shorewall_2.2.3-2.diff.gz

Size/MD5 checksum: 34181 e6d35af167daece754b263fb77285960

http://security.debian.org/pool/updates/main/s/shorewall/shorewall_2.2.3.orig.tar.gz

Size/MD5 checksum: 126841 df114b25a419d77915598de5844b423e

Architecture independent components:

http://security.debian.org/pool/updates/main/s/shorewall/shorewall_2.2.3-2_all.deb

Size/MD5 checksum: 151538 556f925a3f6393e1b7376686c1796d89

These files will probably be moved into the stable distribution
on its next update.

Debian Security Advisory DSA 850-1 security@debian.org
http://www.debian.org/security/
Martin Schulze
October 9th, 2005 http://www.debian.org/security/faq

Package : tcpdump
Vulnerability : infinite loop
Problem type : remote
Debian-specific: no
CVE ID : CAN-2005-1279

“Vade 79” discovered that the BGP dissector in tcpdump, a
powerful tool for network monitoring and data acquisition, does not
properly handle RT_ROUTING_INFO. A specially crafted BGP packet can
cause a denial of service via an infinite loop.

For the old stable distribution (woody) this problem has been
fixed in version 3.6.2-2.9.

For the stable distribution (sarge) this problem has been fixed
in version 3.8.3-4.

For the unstable distribution (sid) this problem has been fixed
in version 3.8.3-4.

We recommend that you upgrade your tcpdump package.

Upgrade Instructions

wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody

Source archives:

http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.9.dsc

Size/MD5 checksum: 587 fac8be69ffc0fc9e98f720df652c3b8b

http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.9.diff.gz

Size/MD5 checksum: 14189 09abe4d2c22c16aad175edf0e2d1e4a2

http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2.orig.tar.gz

Size/MD5 checksum: 380635 6bc8da35f9eed4e675bfdf04ce312248

Alpha architecture:

http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.9_alpha.deb

Size/MD5 checksum: 214820 9c3c9a0fb94f149144f4379c0f9b4071

ARM architecture:

http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.9_arm.deb

Size/MD5 checksum: 180762 bad61479d23cad44448f7fb91a9d6355

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.9_i386.deb

Size/MD5 checksum: 170594 4f94b2909aed2bc2a308cf08d2d16208

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.9_ia64.deb

Size/MD5 checksum: 253760 9c75cf903731d747f95a90b25f0a5de1

HP Precision architecture:

http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.9_hppa.deb

Size/MD5 checksum: 196882 61d38516880cae6a195120d09e866430

Motorola 680×0 architecture:

http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.9_m68k.deb

Size/MD5 checksum: 158494 a87ff72914ae89e87ad510993c162c8b

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.9_mips.deb

Size/MD5 checksum: 189980 11df907857746a04ca58a8a71ff53242

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.9_mipsel.deb

Size/MD5 checksum: 194374 6d8cf0ee59fc4da2b09dfde3cc1d74e8

PowerPC architecture:

http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.9_powerpc.deb

Size/MD5 checksum: 178012 3ad9b8f3a9df2732329ad98e3c156018

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.9_s390.deb

Size/MD5 checksum: 175390 892a544d87e3de60b2888b77442334da

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/t/tcpdump/tcpdump_3.6.2-2.9_sparc.deb

Size/MD5 checksum: 180826 0931640053a722312cd48ed47b2fbafd

These files will probably be moved into the stable distribution
on its next update.

Debian Security Advisory DSA 851-1 security@debian.org
http://www.debian.org/security/
Martin Schulze
October 9th, 2005 http://www.debian.org/security/faq

Package : openvpn
Vulnerability : programming errors
Problem type : remote
Debian-specific: no
CVE ID : CAN-2005-2531 CAN-2005-2532 CAN-2005-2533
CAN-2005-2534
Debian Bug : 324167

Several security related problems have been discovered in
openvpn, a Virtual Private Network daemon. The Common
Vulnerabilities and Exposures project identifies the following
problems:

CAN-2005-2531

Wrong processing of failed certificate authentication when
running with “verb 0” and without TLS authentication can lead to a
denial of service by disconnecting the wrong client.

CAN-2005-2532

Wrong handling of packets that can’t be decrypted on the server
can lead to the disconnection of unrelated clients.

CAN-2005-2533

When running in “dev tap” Ethernet bridging mode, openvpn can
exhaust its memory by receiving a large number of spoofed MAC
addresses and hence denying service.

CAN-2005-2534

Simultaneous TCP connections from multiple clients with the same
client certificate can cause a denial of service when
–duplicate-cn is not enabled.

The old stable distribution (woody) does not contain openvpn
packages.

For the stable distribution (sarge) these problems have been
fixed in version 2.0-1sarge1.

For the unstable distribution (sid) these problems have been
fixed in version 2.0.2-1.

We recommend that you upgrade your openvpn package.

Upgrade Instructions

wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.1 alias sarge

Source archives:

http://security.debian.org/pool/updates/main/o/openvpn/openvpn_2.0-1sarge1.dsc

Size/MD5 checksum: 629 1fee867074a153eac1f82d11e75aa833

http://security.debian.org/pool/updates/main/o/openvpn/openvpn_2.0-1sarge1.diff.gz

Size/MD5 checksum: 51566 578da11dd408ea72e4791646e700dac4

http://security.debian.org/pool/updates/main/o/openvpn/openvpn_2.0.orig.tar.gz

Size/MD5 checksum: 639201 7401faebc6baee9add32608709c54eec

Alpha architecture:

http://security.debian.org/pool/updates/main/o/openvpn/openvpn_2.0-1sarge1_alpha.deb

Size/MD5 checksum: 347184 ed8f3706d9f7af8b4baf148786141e5a

AMD64 architecture:

http://security.debian.org/pool/updates/main/o/openvpn/openvpn_2.0-1sarge1_amd64.deb

Size/MD5 checksum: 316422 3dfdd5a007c62ceb28153e63677a884a

ARM architecture:

http://security.debian.org/pool/updates/main/o/openvpn/openvpn_2.0-1sarge1_arm.deb

Size/MD5 checksum: 296464 20f23e0a9f251eedc340e926f455c8e0

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/o/openvpn/openvpn_2.0-1sarge1_i386.deb

Size/MD5 checksum: 302424 fe92352695fd5fdfa85a4ffea6b7cffe

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/o/openvpn/openvpn_2.0-1sarge1_ia64.deb

Size/MD5 checksum: 395514 04207a2bfd92cd56c79a4d434f514bee

HP Precision architecture:

http://security.debian.org/pool/updates/main/o/openvpn/openvpn_2.0-1sarge1_hppa.deb

Size/MD5 checksum: 316716 8065982ef523c653e8d25bedf716fb03

Motorola 680×0 architecture:

http://security.debian.org/pool/updates/main/o/openvpn/openvpn_2.0-1sarge1_m68k.deb

Size/MD5 checksum: 276388 33de460a73afad6cb44a6753ea862c27

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/o/openvpn/openvpn_2.0-1sarge1_mips.deb

Size/MD5 checksum: 317632 d8f4dd1ea4fce2c4c48a3e096d3da12c

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/o/openvpn/openvpn_2.0-1sarge1_mipsel.deb

Size/MD5 checksum: 319404 c9a918128a56462a98049b160bfeb9d0

PowerPC architecture:

http://security.debian.org/pool/updates/main/o/openvpn/openvpn_2.0-1sarge1_powerpc.deb

Size/MD5 checksum: 308772 1f7300816c44924fc10b5ba6e59ff00c

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/o/openvpn/openvpn_2.0-1sarge1_s390.deb

Size/MD5 checksum: 307220 bf9b59dab82ff1bd49ce7b4a3c9f2d7f

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/o/openvpn/openvpn_2.0-1sarge1_sparc.deb

Size/MD5 checksum: 294696 503317cf10f2976dffa8d25056517925

These files will probably be moved into the stable distribution
on its next update.

Debian Security Advisory DSA 852-1 security@debian.org
http://www.debian.org/security/
Martin Schulze
October 9th, 2005 http://www.debian.org/security/faq

Package : up-imapproxy
Vulnerability : format string vulnerability
Problem type : remote
Debian-specific: no
CVE ID : CAN-2005-2661

Steve Kemp discovered two format string vulnerabilities in
up-imapproxy, an IMAP protocol proxy, which may lead remote
attackers to the execution of arbitrary code.

The old stable distribution (woody) is not affected by these
problems.

For the stable distribution (sarge) this problem has been fixed
in version 1.2.3-1sarge1.

For the unstable distribution (sid) this problem has been fixed
in version 1.2.4-2.

We recommend that you upgrade your imapproxy package.

Upgrade Instructions

wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.1 alias sarge

Source archives:

http://security.debian.org/pool/updates/main/u/up-imapproxy/up-imapproxy_1.2.3-1sarge1.dsc

Size/MD5 checksum: 682 78dba7c28705cb90254b789abe2cc3a1

http://security.debian.org/pool/updates/main/u/up-imapproxy/up-imapproxy_1.2.3-1sarge1.diff.gz

Size/MD5 checksum: 7902 6e7e65e2e30c13f335e63ef7f0f48a25

http://security.debian.org/pool/updates/main/u/up-imapproxy/up-imapproxy_1.2.3.orig.tar.gz

Size/MD5 checksum: 122991 ad4dafd1417903feb1e09ec569ff1ad5

Alpha architecture:

http://security.debian.org/pool/updates/main/u/up-imapproxy/imapproxy_1.2.3-1sarge1_alpha.deb

Size/MD5 checksum: 54064 67b3d4d2ac2e723937470e69ba2d25a3

AMD64 architecture:

http://security.debian.org/pool/updates/main/u/up-imapproxy/imapproxy_1.2.3-1sarge1_amd64.deb

Size/MD5 checksum: 50824 d6b14cb566d18868646a4f3bdd3c5104

ARM architecture:

http://security.debian.org/pool/updates/main/u/up-imapproxy/imapproxy_1.2.3-1sarge1_arm.deb

Size/MD5 checksum: 49412 471d5f7d34c4ceea4b74918fe106645f

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/u/up-imapproxy/imapproxy_1.2.3-1sarge1_i386.deb

Size/MD5 checksum: 49214 bd66a0d4f2de5e2fa33172a278cc417e

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/u/up-imapproxy/imapproxy_1.2.3-1sarge1_ia64.deb

Size/MD5 checksum: 60708 4fd07ac2f2a2bed4d2d26dc7285b8f10

HP Precision architecture:

http://security.debian.org/pool/updates/main/u/up-imapproxy/imapproxy_1.2.3-1sarge1_hppa.deb

Size/MD5 checksum: 52104 815ce032df02d514b69736b8e8d96252

Motorola 680×0 architecture:

http://security.debian.org/pool/updates/main/u/up-imapproxy/imapproxy_1.2.3-1sarge1_m68k.deb

Size/MD5 checksum: 45480 6e9ee814ec65b0c76638ce2925bd4333

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/u/up-imapproxy/imapproxy_1.2.3-1sarge1_mips.deb

Size/MD5 checksum: 50688 51b9b737a702aa0c997ca7536e4a99f5

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/u/up-imapproxy/imapproxy_1.2.3-1sarge1_mipsel.deb

Size/MD5 checksum: 50808 6591b56e82523af03d3d3a5361fa30f9

PowerPC architecture:

http://security.debian.org/pool/updates/main/u/up-imapproxy/imapproxy_1.2.3-1sarge1_powerpc.deb

Size/MD5 checksum: 52096 87ec6e99203a2390e89c66f713875ef3

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/u/up-imapproxy/imapproxy_1.2.3-1sarge1_s390.deb

Size/MD5 checksum: 49916 94e2c29d3fc612f21cb26b8d32ca4bd3

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/u/up-imapproxy/imapproxy_1.2.3-1sarge1_sparc.deb

Size/MD5 checksum: 48326 d6795267e5b6f2263ad6538e8da70a14

These files will probably be moved into the stable distribution
on its next update.

Debian Security Advisory DSA 853-1 security@debian.org
http://www.debian.org/security/
Martin Schulze
October 9th, 2005 http://www.debian.org/security/faq

Package : ethereal
Vulnerability : several
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2005-2360 CAN-2005-2361 CAN-2005-2363 CAN-2005-2364
CAN-2005-2365 CAN-2005-2366 CAN-2005-2367

Several security problems have been discovered in ethereal, a
commonly used network traffic analyser. The Common Vulnerabilities
and Exposures project identifies the following problems:

CAN-2005-2360

Memory allocation errors in the LDAP dissector can cause a
denial of service.

CAN-2005-2361

Various errors in the AgentX, PER, DOCSIS, RADIUS, Telnet,
IS-IS, HTTP, DCERPC, DHCP and SCTP dissectors can cause a denial of
service.

CAN-2005-2363

Various errors in the SMPP, 802.3, H1 and DHCP dissectors can
cause a denial of service.

CAN-2005-2364

Null pointer dereferences in the WBXML and GIOP dissectors can
cause a denial of service.

CAN-2005-2365

A buffer overflow and null pointer dereferences in the SMB
dissector can cause a denial of service.

CAN-2005-2366

Wrong address calculation in the BER dissector can cause an
infinite loop or abortion.

CAN-2005-2367

Format string vulnerabilities in the several dissectors allow
remote attackers to write to arbitrary memory locations and thus
gain privileges.

For the old stable distribution (woody) these problems have been
fixed in version 0.9.4-1woody13.

For the stable distribution (sarge) these problems have been
fixed in version 0.10.10-2sarge3.

For the unstable distribution (sid) these problems have been
fixed in version 0.10.12-2.

We recommend that you upgrade your ethereal packages.

Upgrade Instructions

wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody

Source archives:

http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody13.dsc

Size/MD5 checksum: 681 a14972c16fc38134c821341149b15a5a

http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody13.diff.gz

Size/MD5 checksum: 45597 19cab69d49a02ad1edb539b25ea68c75

http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4.orig.tar.gz

Size/MD5 checksum: 3278908 42e999daa659820ee93aaaa39ea1e9ea

Alpha architecture:

Complete Story

Previous articleInfoWorld: Should Linux Vendors Think Differently?

Next articleLinux.com: CLI Magic: CheckInstall

Advisories: October 10, 2005

Debian GNU/Linux

Get the Free Newsletter!

Must Read

How to Run a Python Script on a PHP/HTML File

Nginx 1.26 Released with Experimental HTTP/3 Support

QEMU 9.0 Released with Raspberry Pi 4 Support, LoongArch KVM Acceleration

Ubuntu 24.04 LTS (Noble Numbat) Released, This Is What’s New

Fedora 40 Released as a Prettier and a More Secure Distro

Our Brands