---

Advisories: October 11, 2005

Debian GNU/Linux


Debian Security Advisory DSA 860-1 [email protected]
http://www.debian.org/security/
Martin Schulze
October 11th, 2005 http://www.debian.org/security/faq


Package : ruby
Vulnerability : programming error
Problem type : local
Debian-specific: no
CVE ID : CAN-2005-2337
CERT advisory : VU#160012
Debian Bug : 332742

Yutaka Oiwa discovered a bug in Ruby, the interpreter for the
object-oriented scripting language, that can cause illegal program
code to bypass the safe level and taint flag protections check and
be executed. The following matrix lists the fixed versions in our
distributions:

  old stable (woody) stable (sarge) unstable (sid)
ruby 1.6.7-3woody5 n/a n/a
ruby1.6 n/a 1.6.8-12sarge1 1.6.8-13
ruby1.8 n/a 1.8.2-7sarge2 1.8.3-1

We recommend that you upgrade your ruby packages.

Upgrade Instructions


wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody


Source archives:

    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5.dsc

      Size/MD5 checksum: 952
551966d3fda510ab6609efc34d6bd8c3
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5.diff.gz

      Size/MD5 checksum: 45214
d4c661766b9dc68b5d242b132aacbf71
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7.orig.tar.gz

      Size/MD5 checksum: 996835
a8859c679ee9acbfdf5056cdf26fcad3

Architecture independent components:

    http://security.debian.org/pool/updates/main/r/ruby/irb_1.6.7-3woody5_all.deb

      Size/MD5 checksum: 51388
bdec8679bf80535ec7a3bbd49c4ed6e1
    http://security.debian.org/pool/updates/main/r/ruby/ruby-elisp_1.6.7-3woody5_all.deb

      Size/MD5 checksum: 30438
b172a832ca173372ababd59babf102cc
    http://security.debian.org/pool/updates/main/r/ruby/ruby-examples_1.6.7-3woody5_all.deb

      Size/MD5 checksum: 38018
4bb23549b9b4981886f37d70aa028993

Alpha architecture:

    http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody5_alpha.deb

      Size/MD5 checksum: 129594
5addf6eb42dde52eea7e0b7e0951be94
    http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody5_alpha.deb

      Size/MD5 checksum: 128700
16024eb4c9d88b3c1880a4f8bf792efc
    http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody5_alpha.deb

      Size/MD5 checksum: 130080
ac62e8e089060e2cd737840ad77ab271
    http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody5_alpha.deb

      Size/MD5 checksum: 134978
4e0df5a3e650ee59f755b3bf58c7d572
    http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody5_alpha.deb

      Size/MD5 checksum: 132018
aa03506125ab54056057d27a61af202e
    http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody5_alpha.deb

      Size/MD5 checksum: 128584
ed5002f3927814c0e08ab5f85d6ba9e5
    http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody5_alpha.deb

      Size/MD5 checksum: 644604
db64bd84fd323881f465a49d3179ff14
    http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody5_alpha.deb

      Size/MD5 checksum: 132470
802403def99ca35d674d808192cd146e
    http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody5_alpha.deb

      Size/MD5 checksum: 129070
6450e83dcf8c4ba3d794a04f1379b323
    http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody5_alpha.deb

      Size/MD5 checksum: 147602
d09ddb9cecb955a56fb7c42f4349b57f
    http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody5_alpha.deb

      Size/MD5 checksum: 161582
cd611b93c6e4220d0ffff99fb2556618
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5_alpha.deb

      Size/MD5 checksum: 142760
3622426c392f9fca540ff1a44d5deed1
    http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody5_alpha.deb

      Size/MD5 checksum: 626082
e08e2e93602ac95abd45833a2eb92821

ARM architecture:

    http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody5_arm.deb

      Size/MD5 checksum: 128584
43c7e57f3a4f5e594221d4bf4c7dfb7f
    http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody5_arm.deb

      Size/MD5 checksum: 127460
2eda8af9bb8b722d0e6bd1b50ad89f4d
    http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody5_arm.deb

      Size/MD5 checksum: 128420
f01f4da2eb89ec6c6ffd50c461177ffc
    http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody5_arm.deb

      Size/MD5 checksum: 134588
bf7ac7c6d01120e64bb4cb35aa9f3f5a
    http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody5_arm.deb

      Size/MD5 checksum: 131328
216e67b0e333c046fadc659b6ff4c397
    http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody5_arm.deb

      Size/MD5 checksum: 127470
b116cc920991c4188ec2226c39af1002
    http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody5_arm.deb

      Size/MD5 checksum: 602774
b9ff70c418ddbf3b1b620301b4c36c56
    http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody5_arm.deb

      Size/MD5 checksum: 130602
f2aaadd527b7daede43307e158f283dc
    http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody5_arm.deb

      Size/MD5 checksum: 128296
18492115821c42676e3d8a78e5db009e
    http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody5_arm.deb

      Size/MD5 checksum: 146828
535237cacf1940c3ebc7de247d113abc
    http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody5_arm.deb

      Size/MD5 checksum: 161390
ab9a10b1778b37db459addc5de1e4566
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5_arm.deb

      Size/MD5 checksum: 142410
204b041fff5bd5bc6e1bd294ae2bc892
    http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody5_arm.deb

      Size/MD5 checksum: 572716
e026e5c3452b42d455a2eec4d165d79e

Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody5_i386.deb

      Size/MD5 checksum: 128068
08725c4eb2ed019492b0341dd0a5330d
    http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody5_i386.deb

      Size/MD5 checksum: 127282
32a6e3ef5466ce4731d36461eaa17972
    http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody5_i386.deb

      Size/MD5 checksum: 128072
2755301286c11c942d990d4700df4d7f
    http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody5_i386.deb

      Size/MD5 checksum: 132820
16f1188a52b0066c782aac16d0066b2c
    http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody5_i386.deb

      Size/MD5 checksum: 131126
98f642c1695aa85660e01b85da94221b
    http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody5_i386.deb

      Size/MD5 checksum: 127234
425551af222de3aafefa24abbac7562b
    http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody5_i386.deb

      Size/MD5 checksum: 561442
6711cd3d3dfa633741763af9a937aa23
    http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody5_i386.deb

      Size/MD5 checksum: 130096
522ad7b8d2d01afc5967df01590945e8
    http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody5_i386.deb

      Size/MD5 checksum: 127540
17b99f9bb7656a84da6291d98de82d99
    http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody5_i386.deb

      Size/MD5 checksum: 146466
718cc8a23c00a6c17551e8cc32a635e3
    http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody5_i386.deb

      Size/MD5 checksum: 161430
86da7a51ab1d8670d0ba975b63a17599
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5_i386.deb

      Size/MD5 checksum: 142466
4c09dee6dca063b3a3129fba9ec5e2ff
    http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody5_i386.deb

      Size/MD5 checksum: 492656
870934b923271ea29f4dcd6d301a7230

Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody5_ia64.deb

      Size/MD5 checksum: 133220
e79b7c824bf1b4d35fd32fe9f7fa792b
    http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody5_ia64.deb

      Size/MD5 checksum: 132740
c4542e3a1b6e042f44b18c1aa1acc1f8
    http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody5_ia64.deb

      Size/MD5 checksum: 134746
0caff55bf479b72a3955225f8a0554b7
    http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody5_ia64.deb

      Size/MD5 checksum: 139956
845ddc646096f8b83c2b7a17349eadb5
    http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody5_ia64.deb

      Size/MD5 checksum: 134108
c2c54195aa3afde5240bb700495e431f
    http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody5_ia64.deb

      Size/MD5 checksum: 131684
0d2bce7ea27bb42c04c5e57c9d427eba
    http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody5_ia64.deb

      Size/MD5 checksum: 854376
f9bbc7a3e2c24e5feea248d83a33cf45
    http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody5_ia64.deb

      Size/MD5 checksum: 140440
65338e07df3a04450a3ce77b56e349e6
    http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody5_ia64.deb

      Size/MD5 checksum: 130830
2f798f1dd5d1bab5430e053886f16f1a
    http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody5_ia64.deb

      Size/MD5 checksum: 150428
f9a529ac7f458e2a8b955cf045ede5ef
    http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody5_ia64.deb

      Size/MD5 checksum: 162432
f0faff2a31be069bc3725d91e3dfcf5e
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5_ia64.deb

      Size/MD5 checksum: 143282
84ccf19fff6e067abacdeee5b53cfd62
    http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody5_ia64.deb

      Size/MD5 checksum: 755134
39d4e135ed7d41d7cf36c02fc65e40d8

HP Precision architecture:

    http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody5_hppa.deb

      Size/MD5 checksum: 130620
18824711592d38afb46c3bbe88b7000d
    http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody5_hppa.deb

      Size/MD5 checksum: 129342
b7604fa4086a3a2c087d22fce52d6926
    http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody5_hppa.deb

      Size/MD5 checksum: 130844
df54e9181c4cdb66b1eb3004757ed615
    http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody5_hppa.deb

      Size/MD5 checksum: 136100
66fa8cd3f735d490ac744ee8c8e065cc
    http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody5_hppa.deb

      Size/MD5 checksum: 132326
d7041eef1502d1f03800f36bf07c5d31
    http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody5_hppa.deb

      Size/MD5 checksum: 128682
153364a5308c6297d8ab052f58aede17
    http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody5_hppa.deb

      Size/MD5 checksum: 686092
c8c31e0dfd459134f4483c25ecb1605e
    http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody5_hppa.deb

      Size/MD5 checksum: 133000
e835d5bea37629a7c030f41f7727bd30
    http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody5_hppa.deb

      Size/MD5 checksum: 129138
fa5bd080276b3420e65e18dbf28b58db
    http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody5_hppa.deb

      Size/MD5 checksum: 148062
5438497f33bf13a89763ffcfad7e8307
    http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody5_hppa.deb

      Size/MD5 checksum: 161918
6a134229fe5bd8805a7eb1fb9f70fb7b
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5_hppa.deb

      Size/MD5 checksum: 142682
ad86a668a0fdce652f82ecbc860642d4
    http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody5_hppa.deb

      Size/MD5 checksum: 667184
75525766980d720ef9466dc5084f0aad

Motorola 680×0 architecture:

    http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody5_m68k.deb

      Size/MD5 checksum: 128462
8b53b52b9d172ec8a4c2ca273ad2e50c
    http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody5_m68k.deb

      Size/MD5 checksum: 127274
22ea934d90e831ecb7301f770e4d4e4c
    http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody5_m68k.deb

      Size/MD5 checksum: 128422
b481bb5dbf7d8a93d564bf8ce2d3c8c9
    http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody5_m68k.deb

      Size/MD5 checksum: 132854
0762b8fd6b1a854cc8f8019cea72a4be
    http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody5_m68k.deb

      Size/MD5 checksum: 131388
17cbfe8113ded65e73296458b6c55e43
    http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody5_m68k.deb

      Size/MD5 checksum: 127460
b57b7ce7916bd449155859a12d5f36e3
    http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody5_m68k.deb

      Size/MD5 checksum: 561566
20c1f429ce0801de8fbccc42af9070fe
    http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody5_m68k.deb

      Size/MD5 checksum: 129810
a2a33ad6f2e99e2b02bf2a54bab0e639
    http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody5_m68k.deb

      Size/MD5 checksum: 128268
063cfc2ede7a7ddd2c468af73c241a84
    http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody5_m68k.deb

      Size/MD5 checksum: 146694
2a19f465b91bb3437c8af442c59e6421
    http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody5_m68k.deb

      Size/MD5 checksum: 161466
649623cc5642cd95376dbd79c0f07526
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5_m68k.deb

      Size/MD5 checksum: 142414
c232d7bb1658e342ee111eacb36174bc
    http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody5_m68k.deb

      Size/MD5 checksum: 470866
59c178ae18b0b24f68ac9604251e3002

Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody5_mips.deb

      Size/MD5 checksum: 128320
aefd47e6723cc63ff4fbf7362c149c8f
    http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody5_mips.deb

      Size/MD5 checksum: 126996
a7cf134385bb6b9f4c7816efce108b75
    http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody5_mips.deb

      Size/MD5 checksum: 128158
8e41685e563713c121ccbc4bf402d9db
    http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody5_mips.deb

      Size/MD5 checksum: 133776
f58298154540c36c03034ec05fa47197
    http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody5_mips.deb

      Size/MD5 checksum: 131022
981dbeab5f95af5fbd03701d33dc78f9
    http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody5_mips.deb

      Size/MD5 checksum: 127268
00fb08327c8ec736425ac8bbb8a59602
    http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody5_mips.deb

      Size/MD5 checksum: 581962
ae286a7d6af2b63c32e5c83221e037a3
    http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody5_mips.deb

      Size/MD5 checksum: 130500
61ed7a947ed21291986c550e582e7893
    http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody5_mips.deb

      Size/MD5 checksum: 127880
df2365ad710056bf5adf583599553769
    http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody5_mips.deb

      Size/MD5 checksum: 146632
f14e29848521e87c99eb831fa38aeaea
    http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody5_mips.deb

      Size/MD5 checksum: 161494
91f17ebfc8f2312ccd8de4b48f044fc5
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5_mips.deb

      Size/MD5 checksum: 142794
6158778b805819770ae450c7be6cc636
    http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody5_mips.deb

      Size/MD5 checksum: 587476
56e3a663bed556c62245f44fb842a260

Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody5_mipsel.deb

      Size/MD5 checksum: 128270
51cdcfce40d81d6638dc5911a53af74f
    http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody5_mipsel.deb

      Size/MD5 checksum: 127010
0a920aa47f080a9b7a013d9be6c4893d
    http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody5_mipsel.deb

      Size/MD5 checksum: 128170
6754cef3b431913af6beadc9d6b5c992
    http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody5_mipsel.deb

      Size/MD5 checksum: 133782
c12e182534e982c17748052456d2c63b
    http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody5_mipsel.deb

      Size/MD5 checksum: 130994
30c478fdee5b2b816f5cde1de1c9ce9a
    http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody5_mipsel.deb

      Size/MD5 checksum: 127204
e3d3b6570b9e466cb00422894b89f272
    http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody5_mipsel.deb

      Size/MD5 checksum: 581506
b440b99e2f4e22def3fb16acb53c2789
    http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody5_mipsel.deb

      Size/MD5 checksum: 130492
61b91e3644804b7930ef242bd7eaec00
    http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody5_mipsel.deb

      Size/MD5 checksum: 127860
b79131a39645af7ff39d28a46caf2281
    http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody5_mipsel.deb

      Size/MD5 checksum: 146560
9217697a7f9d61e8fa7afde70b05cb46
    http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody5_mipsel.deb

      Size/MD5 checksum: 161480
e2fd66dc33a7fef5774c0e9e206439b1
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5_mipsel.deb

      Size/MD5 checksum: 142794
24f322a483564685309ec237564cb6d5
    http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody5_mipsel.deb

      Size/MD5 checksum: 578040
a3e73feefcefc2ba5a395d22988465ed

PowerPC architecture:

    http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody5_powerpc.deb

      Size/MD5 checksum: 128440
4aab33c5e3b67bb9587157ee92d54b59
    http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody5_powerpc.deb

      Size/MD5 checksum: 127652
43cea2b0744fb18d534a198ab378e56b
    http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody5_powerpc.deb

      Size/MD5 checksum: 128736
be8c8a5e89f4869b0cfb7fe2f459c0e0
    http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody5_powerpc.deb

      Size/MD5 checksum: 134484
41b2c0ac000cf39c6939044be278c901
    http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody5_powerpc.deb

      Size/MD5 checksum: 131380
9a9768cbd57fea5ffd213b5e3704477b
    http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody5_powerpc.deb

      Size/MD5 checksum: 127538
fd92851b186db9671b9f7ca5ae45becf
    http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody5_powerpc.deb

      Size/MD5 checksum: 607244
d8708b9ace56768e8d0f04fdaa73383d
    http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody5_powerpc.deb

      Size/MD5 checksum: 130610
ca66d341fa806e4134f28651d268a303
    http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody5_powerpc.deb

      Size/MD5 checksum: 128350
a15ae783638e26b5a8e304e1e5604ab5
    http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody5_powerpc.deb

      Size/MD5 checksum: 147064
91ca064abd335e40f9f4e78938031a06
    http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody5_powerpc.deb

      Size/MD5 checksum: 161490
0789a5a2db577b8a5e4f382ee021df5d
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5_powerpc.deb

      Size/MD5 checksum: 142502
2985b64774c866d8ea9d696caec05d2d
    http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody5_powerpc.deb

      Size/MD5 checksum: 529288
f1524421a9e6dc8e6923f75bfc8f7db5

IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody5_s390.deb

      Size/MD5 checksum: 128658
5e577aab56fda2c047e3dba9339c68e0
    http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody5_s390.deb

      Size/MD5 checksum: 127854
4339a54fcc69ea122b828823780f9898
    http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody5_s390.deb

      Size/MD5 checksum: 128914
81334959c6f199176b33f21dd7e78554
    http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody5_s390.deb

      Size/MD5 checksum: 133690
9dc2189e5874e459739a644add67adc6
    http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody5_s390.deb

      Size/MD5 checksum: 131850
8579274c8888e4a1d6fba0dd19118242
    http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody5_s390.deb

      Size/MD5 checksum: 127940
087559fad36518eeb6fd44a01ed912c4
    http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody5_s390.deb

      Size/MD5 checksum: 600770
3eeca259d6d6e5daf060048ae1c8c519
    http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody5_s390.deb

      Size/MD5 checksum: 130864
d2a839f6b33c2e7020218fd23ac7f6a1
    http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody5_s390.deb

      Size/MD5 checksum: 127924
72df0f116934d714d32def89277a970a
    http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody5_s390.deb

      Size/MD5 checksum: 147222
e6778fca82f71b5d43fb03d4cbb03fe9
    http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody5_s390.deb

      Size/MD5 checksum: 161560
668c35f9c33acdd9f3a994a0bc927d1a
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5_s390.deb

      Size/MD5 checksum: 142670
ae3246594cfa2e3285bcd636f984386f
    http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody5_s390.deb

      Size/MD5 checksum: 532308
445a8016212e5b787625097127b4a1a4

Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/r/ruby/libcurses-ruby_1.6.7-3woody5_sparc.deb

      Size/MD5 checksum: 128412
87c7feb58f11785c1af6f9a51d987a2f
    http://security.debian.org/pool/updates/main/r/ruby/libdbm-ruby_1.6.7-3woody5_sparc.deb

      Size/MD5 checksum: 127468
c34d8ed252a8d1ef5051a17e3fbd743e
    http://security.debian.org/pool/updates/main/r/ruby/libgdbm-ruby_1.6.7-3woody5_sparc.deb

      Size/MD5 checksum: 128918
b24361084a9998be8f7fb84393221c19
    http://security.debian.org/pool/updates/main/r/ruby/libnkf-ruby_1.6.7-3woody5_sparc.deb

      Size/MD5 checksum: 134320
9015a2988d0f5305d996f5fb387f2bc4
    http://security.debian.org/pool/updates/main/r/ruby/libpty-ruby_1.6.7-3woody5_sparc.deb

      Size/MD5 checksum: 131362
8272893400574f4f0934f2b04072ce09
    http://security.debian.org/pool/updates/main/r/ruby/libreadline-ruby_1.6.7-3woody5_sparc.deb

      Size/MD5 checksum: 127438
0b36fe5c0f86ba2334cc91013f366688
    http://security.debian.org/pool/updates/main/r/ruby/libruby_1.6.7-3woody5_sparc.deb

      Size/MD5 checksum: 603136
07188840adfada3ac0af455668f7a908
    http://security.debian.org/pool/updates/main/r/ruby/libsdbm-ruby_1.6.7-3woody5_sparc.deb

      Size/MD5 checksum: 130212
8d41c72d9695b44afe1e67369fd1ce46
    http://security.debian.org/pool/updates/main/r/ruby/libsyslog-ruby_1.6.7-3woody5_sparc.deb

      Size/MD5 checksum: 128284
3be2192cc38ab41907c7a2331069b286
    http://security.debian.org/pool/updates/main/r/ruby/libtcltk-ruby_1.6.7-3woody5_sparc.deb

      Size/MD5 checksum: 146774
3f65f580c669efb932f31411b58c4c4c
    http://security.debian.org/pool/updates/main/r/ruby/libtk-ruby_1.6.7-3woody5_sparc.deb

      Size/MD5 checksum: 161528
76ca94791c147efc9a7beb85c526cfdf
    http://security.debian.org/pool/updates/main/r/ruby/ruby_1.6.7-3woody5_sparc.deb

      Size/MD5 checksum: 142452
a606854f0cf791b868b2821d4bed54f2
    http://security.debian.org/pool/updates/main/r/ruby/ruby-dev_1.6.7-3woody5_sparc.deb

      Size/MD5 checksum: 561276
e1e23af9f2a36746bdcdf5f8e24769b6

These files will probably be moved into the stable distribution
on its next update.



Debian Security Advisory DSA 861-1 [email protected]
http://www.debian.org/security/
Martin Schulze
October 11th, 2005 http://www.debian.org/security/faq


Package : uw-imap
Vulnerability : buffer overflow
Problem type : remote
Debian-specific: no
CVE ID : CAN-2005-2933

“infamous41md” discovered a buffer overflow in uw-imap, the
University of Washington’s IMAP Server that allows attackers to
execute arbitrary code.

The old stable distribution (woody) is not affected by this
problem.

For the stable distribution (sarge) this problem has been fixed
in version 2002edebian1-11sarge1.

For the unstable distribution (sid) this problem has been fixed
in version 2002edebian1-11sarge1.

We recommend that you upgrade your uw-imap packages.

Upgrade Instructions


wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.1 alias sarge


Source archives:

    http://security.debian.org/pool/updates/main/u/uw-imap/uw-imap_2002edebian1-11sarge1.dsc

      Size/MD5 checksum: 785
bf3e532a78669fd66c329a46ea11809d
    http://security.debian.org/pool/updates/main/u/uw-imap/uw-imap_2002edebian1-11sarge1.diff.gz

      Size/MD5 checksum: 85400
b295b9c10972cb78f3b4d25394b4b31d
    http://security.debian.org/pool/updates/main/u/uw-imap/uw-imap_2002edebian1.orig.tar.gz

      Size/MD5 checksum: 1517069
8ff277e7831326988d0ee0bfeca7c8ff

Architecture independent components:

    http://security.debian.org/pool/updates/main/u/uw-imap/ipopd-ssl_2002edebian1-11sarge1_all.deb

      Size/MD5 checksum: 19982
ee7e9d78916253bef43c0513b1fa2df3
    http://security.debian.org/pool/updates/main/u/uw-imap/uw-imapd-ssl_2002edebian1-11sarge1_all.deb

      Size/MD5 checksum: 19968
01cd3a699013ba2679af4cd4c4c97ee7

Alpha architecture:

    http://security.debian.org/pool/updates/main/u/uw-imap/ipopd_2002edebian1-11sarge1_alpha.deb

      Size/MD5 checksum: 45316
8eff87a5d99f8514a97ba925f64cc29c
    http://security.debian.org/pool/updates/main/u/uw-imap/libc-client-dev_2002edebian1-11sarge1_alpha.deb

      Size/MD5 checksum: 1400536
508b3322c04aba6a16ccd8360bcb2c8f
    http://security.debian.org/pool/updates/main/u/uw-imap/libc-client2002edebian_2002edebian1-11sarge1_alpha.deb

      Size/MD5 checksum: 623866
007e483d0f71e26d88135ebd621cf913
    http://security.debian.org/pool/updates/main/u/uw-imap/mlock_2002edebian1-11sarge1_alpha.deb

      Size/MD5 checksum: 26112
1512b9c49a9e67222c42e1e1a3161f62
    http://security.debian.org/pool/updates/main/u/uw-imap/uw-imapd_2002edebian1-11sarge1_alpha.deb

      Size/MD5 checksum: 76068
d3f6e63d18eee660aec45970c75a1e9f
    http://security.debian.org/pool/updates/main/u/uw-imap/uw-mailutils_2002edebian1-11sarge1_alpha.deb

      Size/MD5 checksum: 50388
7915af40dc8454ed9c28b8210785b4b2

AMD64 architecture:

    http://security.debian.org/pool/updates/main/u/uw-imap/ipopd_2002edebian1-11sarge1_amd64.deb

      Size/MD5 checksum: 43842
9ee07ca885ad0a760624ee9ac3359573
    http://security.debian.org/pool/updates/main/u/uw-imap/libc-client-dev_2002edebian1-11sarge1_amd64.deb

      Size/MD5 checksum: 1241462
a04eea3b29ce844bd36e882c358ec589
    http://security.debian.org/pool/updates/main/u/uw-imap/libc-client2002edebian_2002edebian1-11sarge1_amd64.deb

      Size/MD5 checksum: 585262
43379b991740461a5247103be7bb481c
    http://security.debian.org/pool/updates/main/u/uw-imap/mlock_2002edebian1-11sarge1_amd64.deb

      Size/MD5 checksum: 25256
b46f5e4f874df2b1c64e46d4d179753f
    http://security.debian.org/pool/updates/main/u/uw-imap/uw-imapd_2002edebian1-11sarge1_amd64.deb

      Size/MD5 checksum: 71862
9ea5e627919c4dc40db2ed70047da69c
    http://security.debian.org/pool/updates/main/u/uw-imap/uw-mailutils_2002edebian1-11sarge1_amd64.deb

      Size/MD5 checksum: 47526
607377887f83ed71a87264bc85317bf3

ARM architecture:

    http://security.debian.org/pool/updates/main/u/uw-imap/ipopd_2002edebian1-11sarge1_arm.deb

      Size/MD5 checksum: 43908
cbb7163d6976c804f7f7dde0eba82e8f
    http://security.debian.org/pool/updates/main/u/uw-imap/libc-client-dev_2002edebian1-11sarge1_arm.deb

      Size/MD5 checksum: 1218296
e942c426a47bfa5fe43b269040dc259d
    http://security.debian.org/pool/updates/main/u/uw-imap/libc-client2002edebian_2002edebian1-11sarge1_arm.deb

      Size/MD5 checksum: 572074
325eab596c707493b112c4157192fd7d
    http://security.debian.org/pool/updates/main/u/uw-imap/mlock_2002edebian1-11sarge1_arm.deb

      Size/MD5 checksum: 25284
aeedc4004a68ceb78d705c44cce7bd2b
    http://security.debian.org/pool/updates/main/u/uw-imap/uw-imapd_2002edebian1-11sarge1_arm.deb

      Size/MD5 checksum: 71378
611cd65efdeebdc3aba327482a966109
    http://security.debian.org/pool/updates/main/u/uw-imap/uw-mailutils_2002edebian1-11sarge1_arm.deb

      Size/MD5 checksum: 46240
48f471e616eb16cb6682ef206eff68b5

Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/u/uw-imap/ipopd_2002edebian1-11sarge1_i386.deb

      Size/MD5 checksum: 42640
222b9d6cfae656aeb0995b6b742a8018
    http://security.debian.org/pool/updates/main/u/uw-imap/libc-client-dev_2002edebian1-11sarge1_i386.deb

      Size/MD5 checksum: 1192272
a641726681b49cbf4a59d15a992c3307
    http://security.debian.org/pool/updates/main/u/uw-imap/libc-client2002edebian_2002edebian1-11sarge1_i386.deb

      Size/MD5 checksum: 580390
70951fce39878d16e551d0a3d20b1396
    http://security.debian.org/pool/updates/main/u/uw-imap/mlock_2002edebian1-11sarge1_i386.deb

      Size/MD5 checksum: 25354
f72ec8b8f6c62b1c0185582387624fd3
    http://security.debian.org/pool/updates/main/u/uw-imap/uw-imapd_2002edebian1-11sarge1_i386.deb

      Size/MD5 checksum: 69812
9f7ef54531d8a7f98302526ba0395b93
    http://security.debian.org/pool/updates/main/u/uw-imap/uw-mailutils_2002edebian1-11sarge1_i386.deb

      Size/MD5 checksum: 46514
07f09150e567ab8628e66b81ac4eef45

Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/u/uw-imap/ipopd_2002edebian1-11sarge1_ia64.deb

      Size/MD5 checksum: 49584
cf5a3f4db538e69659eba3464ded819b
    http://security.debian.org/pool/updates/main/u/uw-imap/libc-client-dev_2002edebian1-11sarge1_ia64.deb

      Size/MD5 checksum: 1392282
8ad6f8db3031f8f312cdac57b423d9a6
    http://security.debian.org/pool/updates/main/u/uw-imap/libc-client2002edebian_2002edebian1-11sarge1_ia64.deb

      Size/MD5 checksum: 692648
0b9c67065ef7dc2bd19781778df56411