Linux Compatible
  • News
    • Channels
    • Archive
    • Search
    • Submit
  • Articles
    • Categories
  • Knowledgebase
  • Compatibility
    • Search
  • Links
  • Forums
  • Twitter
Advertisement

Latest News
[ Windows | Linux | Apple ]

· MySQL 8.0.11 released
· Popular YouTuber Says Apple Won't Fix His iMac Pro Damaged While Disassembled and more
· GD Update (SSA:2018-108-01) for Slackware
· Wieshark and Opencv Updates for Debian 7 LTS
· 16 Oracle Linux Updates
· WebKitGTK+ 2.21.1 released
· Dell XPS 13 (9370) Review and more
· macOS 10.13.5 beta 2 now available for developers
· Oracle Linux 7 Update 5 released
· GNOME 3.29.1 released

Upcoming News
· Samsung 860 Pro SSD Review @ Vortez
· Raijintek Orcus 240 @ TechPowerUp
· Team Group Cardea Zero 240 GB @ TechPowerUp
· Guru3D Rig of the Month - January 2018
· Cooler Master MK750 Review @ Vortez
· Seagate Skyhawk 10TB SATA III HDD Review
· Vulkan Continues To Show Its Gaming Strength On Low-End Hardware
· Seagate IronWolf ST12000VN0007 12TB Hard Drive Review @ APH Networks
· Sennheiser Game One @ TechPowerUp
· be quiet! Straight Power 11 1000W Power Supply Review

Linux Compatibility
· Brother DCP-L2540DN
· Sound Blaster E5
· WD Elements 500GB external hard drive
· Canon D660U Flatbad scanner
· Umax Astra 4500 USB Scanner
· Logitech QuickCam Pro 4000
· Dell Latitude E6420
· Creative Sound Blaster Z
· Photosmart 5520
· TB-5300 Slimline Design Tablet

New Forum Topics
· Dale
by: Dale Blinco
on: 2018-02-05 00:26
1 replies, 1187 views

· modem driver needed
by: jongiffen777
on: 2017-12-13 11:11
1 replies, 2361 views

· Need a decent browser for XP Pro!
by: percy
on: 2017-12-05 11:02
2 replies, 4245 views

· Comodo Time Machine + Faronics Deep Freeze
by: Jabberwocky
on: 2017-11-15 23:17
1 replies, 2853 views

· Linux compatablity
by: ibme
on: 2017-10-04 18:05
1 replies, 4767 views

News Channels
· Drivers
· Guides
· Reviews
· Security
· Software
· Press Release
· Updates
· Interviews
· Linux
· General
· Debian
· Red Hat
· Slackware
· Gentoo
· Mandriva
· White Box
· SUSE
· GNOME
· KDE
· CentOS
· Ubuntu
· MEPIS
· Android
· Oracle Linux
· Arch Linux

What's New
Login to see an overview of all news stories since your last visit.

Welcome to our website

To take full advantage of all features you need to login or register. Registration is completely free and takes only a few seconds.

Linux Compatible » News » August 2005 » DSA 761-2: New heartbeat packages fix insecure temporary files

DSA 761-2: New heartbeat packages fix insecure temporary files

Posted by Bob on: 08/15/2005 11:32 AM [ Print | 0 comment(s) ]

The Debian Security Team has published a new security update for Debian GNU/Linux. Here the announcement:




-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 761-2 security@debian.org
http://www.debian.org/security/ Martin Schulze
August 15th, 2005 http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package : heartbeat
Vulnerability : insecure temporary files
Problem-Type : local
Debian-specific: no
CVE ID : CAN-2005-2231

The security update DSA 761-1 for pdns contained a bug which caused a
regression. This problem is corrected with this advisory. For
completeness below please find the original advisory text:

Eric Romang discovered several insecure temporary file creations in
heartbeat, the subsystem for High-Availability Linux.

For the stable distribution (sarge) these problems have been fixed in
version 1.2.3-9sarge3.

We recommend that you upgrade your heartbeat package.


Upgrade Instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

Source archives:

http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_1.2.3-9sarge3.dsc
Size/MD5 checksum: 881 3544d0263e793b04ec3b893faa7d4358
http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_1.2.3-9sarge3.diff.gz
Size/MD5 checksum: 267445 c38c21332c83fbbc6f04b7a95923c52b
http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_1.2.3.orig.tar.gz
Size/MD5 checksum: 1772513 9fd126e5dff51cc8c1eee223c252a4af

Architecture independent components:

http://security.debian.org/pool/updates/main/h/heartbeat/ldirectord_1.2.3-9sarge3_all.deb
Size/MD5 checksum: 45276 af7385c286cf97611abc63694536f31b

Alpha architecture:

http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_1.2.3-9sarge3_alpha.deb
Size/MD5 checksum: 574458 0dbd8af2534f7f2097f3da75c6a4efb1
http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat-dev_1.2.3-9sarge3_alpha.deb
Size/MD5 checksum: 150592 66e74571efad4f25aa1f7ea3ed3a31a0
http://security.debian.org/pool/updates/main/h/heartbeat/libpils-dev_1.2.3-9sarge3_alpha.deb
Size/MD5 checksum: 70874 c1fe65aeda6313eff97e2f7a7e739a7f
http://security.debian.org/pool/updates/main/h/heartbeat/libpils0_1.2.3-9sarge3_alpha.deb
Size/MD5 checksum: 53904 cb69e40fd6a1de6e87a72bd6a72e6ebe
http://security.debian.org/pool/updates/main/h/heartbeat/libstonith-dev_1.2.3-9sarge3_alpha.deb
Size/MD5 checksum: 31064 cc3d581be9eba80478df3fb0dbbd2512
http://security.debian.org/pool/updates/main/h/heartbeat/libstonith0_1.2.3-9sarge3_alpha.deb
Size/MD5 checksum: 94070 202897bb3f00c9c890b6ab42585e5ed6
http://security.debian.org/pool/updates/main/h/heartbeat/stonith_1.2.3-9sarge3_alpha.deb
Size/MD5 checksum: 31516 f83006aa4c97225cb5a52178e9360e84

AMD64 architecture:

http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_1.2.3-9sarge3_amd64.deb
Size/MD5 checksum: 525780 8360b452456be24df79c7ae29c53277b
http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat-dev_1.2.3-9sarge3_amd64.deb
Size/MD5 checksum: 126042 8a3b8b4e6c22c6a0fb1f7b459d211117
http://security.debian.org/pool/updates/main/h/heartbeat/libpils-dev_1.2.3-9sarge3_amd64.deb
Size/MD5 checksum: 61684 ddba93c0e7d37b4714a6f52cdfd3c595
http://security.debian.org/pool/updates/main/h/heartbeat/libpils0_1.2.3-9sarge3_amd64.deb
Size/MD5 checksum: 52370 45c27593a16b94baf9647b6efca179d9
http://security.debian.org/pool/updates/main/h/heartbeat/libstonith-dev_1.2.3-9sarge3_amd64.deb
Size/MD5 checksum: 29892 d15f73d6ce9f43a56abf7817ccbf08a8
http://security.debian.org/pool/updates/main/h/heartbeat/libstonith0_1.2.3-9sarge3_amd64.deb
Size/MD5 checksum: 88908 1ad33906c529089fe40738304af1c1e0
http://security.debian.org/pool/updates/main/h/heartbeat/stonith_1.2.3-9sarge3_amd64.deb
Size/MD5 checksum: 30926 26ddc4fbea838b972065b38bd29d249a

ARM architecture:

http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_1.2.3-9sarge3_arm.deb
Size/MD5 checksum: 498386 d88b235816220da27c4f316c957f99f8
http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat-dev_1.2.3-9sarge3_arm.deb
Size/MD5 checksum: 123574 cf0088e68cc23bed1ac17d6e21715a73
http://security.debian.org/pool/updates/main/h/heartbeat/libpils-dev_1.2.3-9sarge3_arm.deb
Size/MD5 checksum: 63160 731e5e243017d9a40aaa89ef4dae492b
http://security.debian.org/pool/updates/main/h/heartbeat/libpils0_1.2.3-9sarge3_arm.deb
Size/MD5 checksum: 49016 171e6fdbf0f72c525ac8695381f6d523
http://security.debian.org/pool/updates/main/h/heartbeat/libstonith-dev_1.2.3-9sarge3_arm.deb
Size/MD5 checksum: 29790 d82e6a7fdd5def2bcb0614a9276e5f88
http://security.debian.org/pool/updates/main/h/heartbeat/libstonith0_1.2.3-9sarge3_arm.deb
Size/MD5 checksum: 77380 14c49b6f70827caa9391ecab91981b30
http://security.debian.org/pool/updates/main/h/heartbeat/stonith_1.2.3-9sarge3_arm.deb
Size/MD5 checksum: 30222 4fe0b9cb97d0721ed7b944c99bfffc0b

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_1.2.3-9sarge3_i386.deb
Size/MD5 checksum: 493636 af1e9089f5b799762ab2819a51557fde
http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat-dev_1.2.3-9sarge3_i386.deb
Size/MD5 checksum: 117570 2ae72b36cdb8b61a4dd411f738d53ae3
http://security.debian.org/pool/updates/main/h/heartbeat/libpils-dev_1.2.3-9sarge3_i386.deb
Size/MD5 checksum: 58876 38fc2cfb6d0f14e378b32e925d25a6db
http://security.debian.org/pool/updates/main/h/heartbeat/libpils0_1.2.3-9sarge3_i386.deb
Size/MD5 checksum: 48056 5d12b336be8605f155d549243c4e8deb
http://security.debian.org/pool/updates/main/h/heartbeat/libstonith-dev_1.2.3-9sarge3_i386.deb
Size/MD5 checksum: 29524 9b9e293795e1db55ca75c12e8c8aabf3
http://security.debian.org/pool/updates/main/h/heartbeat/libstonith0_1.2.3-9sarge3_i386.deb
Size/MD5 checksum: 79122 369ae7c1032c7ce9589149a0135354c7
http://security.debian.org/pool/updates/main/h/heartbeat/stonith_1.2.3-9sarge3_i386.deb
Size/MD5 checksum: 30374 8b4c4a4aa922a8d5fa213b431bcffe53

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_1.2.3-9sarge3_ia64.deb
Size/MD5 checksum: 648244 9356cd18494dce44a0f27ba9f3c76425
http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat-dev_1.2.3-9sarge3_ia64.deb
Size/MD5 checksum: 152630 b392e15e62434d99c8321e5efe8a5508
http://security.debian.org/pool/updates/main/h/heartbeat/libpils-dev_1.2.3-9sarge3_ia64.deb
Size/MD5 checksum: 74132 67f3e84093e5550ccc0f83aeebcd406f
http://security.debian.org/pool/updates/main/h/heartbeat/libpils0_1.2.3-9sarge3_ia64.deb
Size/MD5 checksum: 62390 70d3376d7002c9db165aa74d54961bbf
http://security.debian.org/pool/updates/main/h/heartbeat/libstonith-dev_1.2.3-9sarge3_ia64.deb
Size/MD5 checksum: 31194 99e6fb826d61ba6b720d02a3fcbfe976
http://security.debian.org/pool/updates/main/h/heartbeat/libstonith0_1.2.3-9sarge3_ia64.deb
Size/MD5 checksum: 104558 84c4e5c68b0273ef8be60c5f48628e29
http://security.debian.org/pool/updates/main/h/heartbeat/stonith_1.2.3-9sarge3_ia64.deb
Size/MD5 checksum: 32444 030f7f481056357ba4d8c10d3427e2a9

HP Precision architecture:

http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_1.2.3-9sarge3_hppa.deb
Size/MD5 checksum: 550550 f21382efe966438294ad461f09620acb
http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat-dev_1.2.3-9sarge3_hppa.deb
Size/MD5 checksum: 135880 86957e78d857d893755e3022ac1d648c
http://security.debian.org/pool/updates/main/h/heartbeat/libpils-dev_1.2.3-9sarge3_hppa.deb
Size/MD5 checksum: 68154 25d5a17fc0e3b63d5f3b02c659545d7b
http://security.debian.org/pool/updates/main/h/heartbeat/libpils0_1.2.3-9sarge3_hppa.deb
Size/MD5 checksum: 55528 f13105c363b0137240048e09bb9ae07f
http://security.debian.org/pool/updates/main/h/heartbeat/libstonith-dev_1.2.3-9sarge3_hppa.deb
Size/MD5 checksum: 30300 fc862d73793810ba0f5dcbf0ca11f1bb
http://security.debian.org/pool/updates/main/h/heartbeat/libstonith0_1.2.3-9sarge3_hppa.deb
Size/MD5 checksum: 92774 bf04ac77fa0eb7eebcd74fe2cdad355f
http://security.debian.org/pool/updates/main/h/heartbeat/stonith_1.2.3-9sarge3_hppa.deb
Size/MD5 checksum: 31380 2e379ced3aea02eea24640ce35dcf0ed

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_1.2.3-9sarge3_m68k.deb
Size/MD5 checksum: 480640 5a8df01756ad70aae2f0022b286f1970
http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat-dev_1.2.3-9sarge3_m68k.deb
Size/MD5 checksum: 113482 6c8947d7a9337589e5f0795f2b2bafaf
http://security.debian.org/pool/updates/main/h/heartbeat/libpils-dev_1.2.3-9sarge3_m68k.deb
Size/MD5 checksum: 56470 40a4e3f316137d2a77c0414e5f8c0170
http://security.debian.org/pool/updates/main/h/heartbeat/libpils0_1.2.3-9sarge3_m68k.deb
Size/MD5 checksum: 48254 6998bfa6ccb10114a9eb118d48075cbe
http://security.debian.org/pool/updates/main/h/heartbeat/libstonith-dev_1.2.3-9sarge3_m68k.deb
Size/MD5 checksum: 29418 dfa6314f2678a398be309767cea40623
http://security.debian.org/pool/updates/main/h/heartbeat/libstonith0_1.2.3-9sarge3_m68k.deb
Size/MD5 checksum: 81896 9d2b5c93cb079805802a25230e412654
http://security.debian.org/pool/updates/main/h/heartbeat/stonith_1.2.3-9sarge3_m68k.deb
Size/MD5 checksum: 30204 912a312571782a54275d1ea43c81f06f

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_1.2.3-9sarge3_mips.deb
Size/MD5 checksum: 536388 9e98c4c8d575ad8d1f3e5cd8ae1ad45e
http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat-dev_1.2.3-9sarge3_mips.deb
Size/MD5 checksum: 132540 ede0ee1b34414f6eeb1f4d45847356e3
http://security.debian.org/pool/updates/main/h/heartbeat/libpils-dev_1.2.3-9sarge3_mips.deb
Size/MD5 checksum: 65458 0a08a5ceccf9744ca4ead2d0be51fd9a
http://security.debian.org/pool/updates/main/h/heartbeat/libpils0_1.2.3-9sarge3_mips.deb
Size/MD5 checksum: 48326 cff2af32d2a51a98884947c98da6a3a3
http://security.debian.org/pool/updates/main/h/heartbeat/libstonith-dev_1.2.3-9sarge3_mips.deb
Size/MD5 checksum: 30128 5390bf7e0ac461eb12e0b9c11fb9ef5d
http://security.debian.org/pool/updates/main/h/heartbeat/libstonith0_1.2.3-9sarge3_mips.deb
Size/MD5 checksum: 80600 43d2f82e08ffd5f4ad6bf32d66fd7ade
http://security.debian.org/pool/updates/main/h/heartbeat/stonith_1.2.3-9sarge3_mips.deb
Size/MD5 checksum: 32594 db05fce36a3c9ba63dff462136457c84

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_1.2.3-9sarge3_mipsel.deb
Size/MD5 checksum: 537016 79a6f30758663e974f925d3afc0e3eeb
http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat-dev_1.2.3-9sarge3_mipsel.deb
Size/MD5 checksum: 132674 f4ad130febbe95b21e1e4f517324f53e
http://security.debian.org/pool/updates/main/h/heartbeat/libpils-dev_1.2.3-9sarge3_mipsel.deb
Size/MD5 checksum: 65236 378b548016fa5c4e2df45b1f0e7f97c6
http://security.debian.org/pool/updates/main/h/heartbeat/libpils0_1.2.3-9sarge3_mipsel.deb
Size/MD5 checksum: 48546 58a80e13f3d66595e785c3aca0feccce
http://security.debian.org/pool/updates/main/h/heartbeat/libstonith-dev_1.2.3-9sarge3_mipsel.deb
Size/MD5 checksum: 30166 e4c11c0f413db63ca3b76bc75ca39a38
http://security.debian.org/pool/updates/main/h/heartbeat/libstonith0_1.2.3-9sarge3_mipsel.deb
Size/MD5 checksum: 80524 4ce68cf47764f0092916fbfd74c91e0f
http://security.debian.org/pool/updates/main/h/heartbeat/stonith_1.2.3-9sarge3_mipsel.deb
Size/MD5 checksum: 32586 027dec3fbc1b16c5c7cb35c114aed1d3

PowerPC architecture:

http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_1.2.3-9sarge3_powerpc.deb
Size/MD5 checksum: 554938 5b72952dedccb187fb0db7438df7b019
http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat-dev_1.2.3-9sarge3_powerpc.deb
Size/MD5 checksum: 127506 aae35f8d1888ce532f3ca54a4d62da7f
http://security.debian.org/pool/updates/main/h/heartbeat/libpils-dev_1.2.3-9sarge3_powerpc.deb
Size/MD5 checksum: 61738 7f65568832507e6ff8e721f14f903367
http://security.debian.org/pool/updates/main/h/heartbeat/libpils0_1.2.3-9sarge3_powerpc.deb
Size/MD5 checksum: 53396 cb699f884c3a04703432e0b665154bd2
http://security.debian.org/pool/updates/main/h/heartbeat/libstonith-dev_1.2.3-9sarge3_powerpc.deb
Size/MD5 checksum: 30016 28c769722b7cb30630e729cfa403a3f0
http://security.debian.org/pool/updates/main/h/heartbeat/libstonith0_1.2.3-9sarge3_powerpc.deb
Size/MD5 checksum: 98590 816a4be11149be0b23ef71a83f8e8e63
http://security.debian.org/pool/updates/main/h/heartbeat/stonith_1.2.3-9sarge3_powerpc.deb
Size/MD5 checksum: 33170 a480a5e90263e088c61d2fd0c69b684c

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_1.2.3-9sarge3_s390.deb
Size/MD5 checksum: 530432 8cd269f9be98c289ff34daf10900002e
http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat-dev_1.2.3-9sarge3_s390.deb
Size/MD5 checksum: 126658 aba07d35c7128edb4de04afb60714a69
http://security.debian.org/pool/updates/main/h/heartbeat/libpils-dev_1.2.3-9sarge3_s390.deb
Size/MD5 checksum: 62370 08c42b465904968c333dbd0ba4a75a74
http://security.debian.org/pool/updates/main/h/heartbeat/libpils0_1.2.3-9sarge3_s390.deb
Size/MD5 checksum: 52828 5cc46349891c9343927606216ee37c17
http://security.debian.org/pool/updates/main/h/heartbeat/libstonith-dev_1.2.3-9sarge3_s390.deb
Size/MD5 checksum: 29904 5cf21f62deb179b7b7bf3d9f133a1ccd
http://security.debian.org/pool/updates/main/h/heartbeat/libstonith0_1.2.3-9sarge3_s390.deb
Size/MD5 checksum: 84810 0763f53019af2eaee8a40124d40002d5
http://security.debian.org/pool/updates/main/h/heartbeat/stonith_1.2.3-9sarge3_s390.deb
Size/MD5 checksum: 30878 9eed7728d9e74166b3ebe358d87e0f75

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_1.2.3-9sarge3_sparc.deb
Size/MD5 checksum: 500874 b2f9e4558a891a32f8589bab66229377
http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat-dev_1.2.3-9sarge3_sparc.deb
Size/MD5 checksum: 121122 7ea5e33cb775d6761ce5895ea81d2bfe
http://security.debian.org/pool/updates/main/h/heartbeat/libpils-dev_1.2.3-9sarge3_sparc.deb
Size/MD5 checksum: 62918 b832c80146fad1ba2792e58247a2eafc
http://security.debian.org/pool/updates/main/h/heartbeat/libpils0_1.2.3-9sarge3_sparc.deb
Size/MD5 checksum: 49994 b62c3a0612ae68351087f8dbb9575bc2
http://security.debian.org/pool/updates/main/h/heartbeat/libstonith-dev_1.2.3-9sarge3_sparc.deb
Size/MD5 checksum: 29756 56d9d3a1815670b063e7404a238fe52e
http://security.debian.org/pool/updates/main/h/heartbeat/libstonith0_1.2.3-9sarge3_sparc.deb
Size/MD5 checksum: 81156 395c0e3f7c9f26a40751d49f101293c6
http://security.debian.org/pool/updates/main/h/heartbeat/stonith_1.2.3-9sarge3_sparc.deb
Size/MD5 checksum: 30300 9bb0898aecf070952a06990a111a620d


These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFDAKkkW5ql+IAeqTIRAhiiAJ9+nzrjCMFQXrJH2a4PHxvpI+Xi1ACfS2Ai
/7FBVyXrLUbhYiJ82HBvE3I=
=qz5w
-----END PGP SIGNATURE-----


Bookmark and Share

« Microsoft adds to graphics software palette · Orange SPV C550 @ HEXUS »

Linux Compatible » News » August 2005 » DSA 761-2: New heartbeat packages fix insecure temporary files
All products mentioned are registered trademarks or trademarks of their respective owners.
© 2002-2018 Esselbach Internet Solutions - All Rights Reserved. Terms and privacy policy
Powered by Contentteller® Business Edition