Welcome to our website
To take full advantage of all features you need to login or register. Registration is completely free and takes only a few seconds.
DSA 994-1: New freeciv packages fix denial of service
Posted by Bob on: 03/13/2006 08:12 AM [ Print | 0 comment(s) ]
The Debian Security Team published a new security update for Debian GNU/Linux. Here the announcement:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- --------------------------------------------------------------------------
Debian Security Advisory DSA 994-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
March 13th, 2006 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Package : freeciv
Vulnerability : denial of service
Problem type : remote
Debian-specific: no
CVE ID : CVE-2006-0047
BugTraq ID : 16975
Debian Bug : 355211
Luigi Auriemma discovered a denial of service condition in the free
Civilization server that allows a remote user to trigger a server
crash.
The old stable distribution (woody) is not affected by this problem.
For the stable distribution (sarge) this problem has been fixed in
version 2.0.1-1sarge1.
For the unstable distribution (sid) this problem has been fixed in
version 2.0.8-1.
We recommend that you upgrade your freeciv-server package.
Upgrade Instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
- --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/f/freeciv/freeciv_2.0.1-1sarge1.dsc
Size/MD5 checksum: 997 bccef322ab4d8f0587818c489599133a
http://security.debian.org/pool/updates/main/f/freeciv/freeciv_2.0.1-1sarge1.diff.gz
Size/MD5 checksum: 44229 be1666c210b9d3e7e9161106b68abb10
http://security.debian.org/pool/updates/main/f/freeciv/freeciv_2.0.1.orig.tar.gz
Size/MD5 checksum: 11086541 2deea98d258138325f590ec52d530a96
Architecture independent components:
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-data_2.0.1-1sarge1_all.deb
Size/MD5 checksum: 3843498 fc7fd56c3c37efc8489be7880f5d2384
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-gtk_2.0.1-1sarge1_all.deb
Size/MD5 checksum: 11368 7edc101b169b712d3be5dc5433dc4bbb
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-xaw3d_2.0.1-1sarge1_all.deb
Size/MD5 checksum: 11372 d5d9e78a83c5a5d534d56a0ffc393acf
http://security.debian.org/pool/updates/main/f/freeciv/freeciv_2.0.1-1sarge1_all.deb
Size/MD5 checksum: 11360 7d948bf16bc697808e805e46211b4e08
Alpha architecture:
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-gtk_2.0.1-1sarge1_alpha.deb
Size/MD5 checksum: 590368 f9d6ab21f6341eaf0e3dacf87b59ad32
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-xaw3d_2.0.1-1sarge1_alpha.deb
Size/MD5 checksum: 514694 a6e39f77c6951b97b9befbec19d892bf
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-server_2.0.1-1sarge1_alpha.deb
Size/MD5 checksum: 591244 4c331477f15855f6eb488ac47ebd0c38
AMD64 architecture:
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-gtk_2.0.1-1sarge1_amd64.deb
Size/MD5 checksum: 476454 fbdb18b936d0cec1c3722162e8bd964a
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-xaw3d_2.0.1-1sarge1_amd64.deb
Size/MD5 checksum: 409102 7f2fa87b7ffd9ff84a85a35b3d82dc07
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-server_2.0.1-1sarge1_amd64.deb
Size/MD5 checksum: 465942 480cb2efba03369e28b77647841859e9
ARM architecture:
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-gtk_2.0.1-1sarge1_arm.deb
Size/MD5 checksum: 423194 0f7e6820a48890e8e82669ff0bbd4422
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-xaw3d_2.0.1-1sarge1_arm.deb
Size/MD5 checksum: 361728 7eb46efcc7bcc3f3a56c3a283dad1f97
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-server_2.0.1-1sarge1_arm.deb
Size/MD5 checksum: 419804 d9eb16ebbd1a601f2dbcf1bd03982316
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-gtk_2.0.1-1sarge1_i386.deb
Size/MD5 checksum: 440936 6c2ff70b8d5980f30662ee1ed23c6a59
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-xaw3d_2.0.1-1sarge1_i386.deb
Size/MD5 checksum: 366828 909f29a8fadf9241525f71c0f3e7c59f
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-server_2.0.1-1sarge1_i386.deb
Size/MD5 checksum: 430250 3a04f91ae1487a9b9624045426a54247
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-gtk_2.0.1-1sarge1_ia64.deb
Size/MD5 checksum: 659208 b3978c5c7bb952fdda9059af8bdd8612
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-xaw3d_2.0.1-1sarge1_ia64.deb
Size/MD5 checksum: 582310 dfde902996282da8078b869f6ce69cc8
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-server_2.0.1-1sarge1_ia64.deb
Size/MD5 checksum: 684484 f4a42e2515cacebde718027f055a934e
HP Precision architecture:
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-gtk_2.0.1-1sarge1_hppa.deb
Size/MD5 checksum: 497448 bfa552053725de0612d8985e7f3da68f
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-xaw3d_2.0.1-1sarge1_hppa.deb
Size/MD5 checksum: 430058 8a3bd826192787338a11dffe5d98567c
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-server_2.0.1-1sarge1_hppa.deb
Size/MD5 checksum: 491864 500c48e7feb5eabf76361f2ea01c9604
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-gtk_2.0.1-1sarge1_m68k.deb
Size/MD5 checksum: 373454 ab80a12c96119e65af540ad6961a97bc
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-xaw3d_2.0.1-1sarge1_m68k.deb
Size/MD5 checksum: 306790 9c6171d79840efca347afdb47504ad0c
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-server_2.0.1-1sarge1_m68k.deb
Size/MD5 checksum: 355082 67d5f503de17451723ed4d44bf830055
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-gtk_2.0.1-1sarge1_mips.deb
Size/MD5 checksum: 454596 92c5118afa6ca715ab6de9e886fd1780
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-xaw3d_2.0.1-1sarge1_mips.deb
Size/MD5 checksum: 425812 4241fcf1c604803888565ac22a03ec53
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-server_2.0.1-1sarge1_mips.deb
Size/MD5 checksum: 479606 2ce6439bbd523b7bb14ff77c4e157813
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-gtk_2.0.1-1sarge1_mipsel.deb
Size/MD5 checksum: 453728 bd7588ad3a7774b93c905dc2156e47c0
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-xaw3d_2.0.1-1sarge1_mipsel.deb
Size/MD5 checksum: 424614 1fffc34114eb06cdb09a3aa40c2cf6a6
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-server_2.0.1-1sarge1_mipsel.deb
Size/MD5 checksum: 481470 fe7ff9087069e0156c03589c7c32e3e5
PowerPC architecture:
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-gtk_2.0.1-1sarge1_powerpc.deb
Size/MD5 checksum: 456202 7b3324a6722ef40a414282b3f19379b7
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-xaw3d_2.0.1-1sarge1_powerpc.deb
Size/MD5 checksum: 393728 ef6794db6fff4b2049bec067a36109c6
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-server_2.0.1-1sarge1_powerpc.deb
Size/MD5 checksum: 460072 9e881955f26ca915d5859f6973ffe35e
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-gtk_2.0.1-1sarge1_s390.deb
Size/MD5 checksum: 460916 44043874065b36c8c3f4dfc674fa5c1e
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-xaw3d_2.0.1-1sarge1_s390.deb
Size/MD5 checksum: 395748 21e95cb3c4e7e4192870e513f38a81d4
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-server_2.0.1-1sarge1_s390.deb
Size/MD5 checksum: 448196 cb206354f1521ce0731ba5c38d7c3e47
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-gtk_2.0.1-1sarge1_sparc.deb
Size/MD5 checksum: 423450 8ca6b37a83242f19a62f3c5f492a92fe
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-xaw3d_2.0.1-1sarge1_sparc.deb
Size/MD5 checksum: 360102 98edd4f4caa9cdd52b98e4f93f0f2ade
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-server_2.0.1-1sarge1_sparc.deb
Size/MD5 checksum: 421234 f1d679237491847e9bddf75fa9c8b76f
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show lt;pkggt;' and http://packages.debian.org/lt;pkggt;
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFEFRVZW5ql+IAeqTIRAmmVAJ9jUiqEEb3MXxwgJyIbneTXYeamEQCglUdc
ZPULzlP5wd0itxgYhULpzrA=
=H/q+
-----END PGP SIGNATURE-----
Hash: SHA1
- --------------------------------------------------------------------------
Debian Security Advisory DSA 994-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
March 13th, 2006 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Package : freeciv
Vulnerability : denial of service
Problem type : remote
Debian-specific: no
CVE ID : CVE-2006-0047
BugTraq ID : 16975
Debian Bug : 355211
Luigi Auriemma discovered a denial of service condition in the free
Civilization server that allows a remote user to trigger a server
crash.
The old stable distribution (woody) is not affected by this problem.
For the stable distribution (sarge) this problem has been fixed in
version 2.0.1-1sarge1.
For the unstable distribution (sid) this problem has been fixed in
version 2.0.8-1.
We recommend that you upgrade your freeciv-server package.
Upgrade Instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
- --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/f/freeciv/freeciv_2.0.1-1sarge1.dsc
Size/MD5 checksum: 997 bccef322ab4d8f0587818c489599133a
http://security.debian.org/pool/updates/main/f/freeciv/freeciv_2.0.1-1sarge1.diff.gz
Size/MD5 checksum: 44229 be1666c210b9d3e7e9161106b68abb10
http://security.debian.org/pool/updates/main/f/freeciv/freeciv_2.0.1.orig.tar.gz
Size/MD5 checksum: 11086541 2deea98d258138325f590ec52d530a96
Architecture independent components:
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-data_2.0.1-1sarge1_all.deb
Size/MD5 checksum: 3843498 fc7fd56c3c37efc8489be7880f5d2384
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-gtk_2.0.1-1sarge1_all.deb
Size/MD5 checksum: 11368 7edc101b169b712d3be5dc5433dc4bbb
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-xaw3d_2.0.1-1sarge1_all.deb
Size/MD5 checksum: 11372 d5d9e78a83c5a5d534d56a0ffc393acf
http://security.debian.org/pool/updates/main/f/freeciv/freeciv_2.0.1-1sarge1_all.deb
Size/MD5 checksum: 11360 7d948bf16bc697808e805e46211b4e08
Alpha architecture:
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-gtk_2.0.1-1sarge1_alpha.deb
Size/MD5 checksum: 590368 f9d6ab21f6341eaf0e3dacf87b59ad32
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-xaw3d_2.0.1-1sarge1_alpha.deb
Size/MD5 checksum: 514694 a6e39f77c6951b97b9befbec19d892bf
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-server_2.0.1-1sarge1_alpha.deb
Size/MD5 checksum: 591244 4c331477f15855f6eb488ac47ebd0c38
AMD64 architecture:
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-gtk_2.0.1-1sarge1_amd64.deb
Size/MD5 checksum: 476454 fbdb18b936d0cec1c3722162e8bd964a
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-xaw3d_2.0.1-1sarge1_amd64.deb
Size/MD5 checksum: 409102 7f2fa87b7ffd9ff84a85a35b3d82dc07
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-server_2.0.1-1sarge1_amd64.deb
Size/MD5 checksum: 465942 480cb2efba03369e28b77647841859e9
ARM architecture:
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-gtk_2.0.1-1sarge1_arm.deb
Size/MD5 checksum: 423194 0f7e6820a48890e8e82669ff0bbd4422
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-xaw3d_2.0.1-1sarge1_arm.deb
Size/MD5 checksum: 361728 7eb46efcc7bcc3f3a56c3a283dad1f97
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-server_2.0.1-1sarge1_arm.deb
Size/MD5 checksum: 419804 d9eb16ebbd1a601f2dbcf1bd03982316
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-gtk_2.0.1-1sarge1_i386.deb
Size/MD5 checksum: 440936 6c2ff70b8d5980f30662ee1ed23c6a59
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-xaw3d_2.0.1-1sarge1_i386.deb
Size/MD5 checksum: 366828 909f29a8fadf9241525f71c0f3e7c59f
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-server_2.0.1-1sarge1_i386.deb
Size/MD5 checksum: 430250 3a04f91ae1487a9b9624045426a54247
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-gtk_2.0.1-1sarge1_ia64.deb
Size/MD5 checksum: 659208 b3978c5c7bb952fdda9059af8bdd8612
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-xaw3d_2.0.1-1sarge1_ia64.deb
Size/MD5 checksum: 582310 dfde902996282da8078b869f6ce69cc8
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-server_2.0.1-1sarge1_ia64.deb
Size/MD5 checksum: 684484 f4a42e2515cacebde718027f055a934e
HP Precision architecture:
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-gtk_2.0.1-1sarge1_hppa.deb
Size/MD5 checksum: 497448 bfa552053725de0612d8985e7f3da68f
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-xaw3d_2.0.1-1sarge1_hppa.deb
Size/MD5 checksum: 430058 8a3bd826192787338a11dffe5d98567c
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-server_2.0.1-1sarge1_hppa.deb
Size/MD5 checksum: 491864 500c48e7feb5eabf76361f2ea01c9604
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-gtk_2.0.1-1sarge1_m68k.deb
Size/MD5 checksum: 373454 ab80a12c96119e65af540ad6961a97bc
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-xaw3d_2.0.1-1sarge1_m68k.deb
Size/MD5 checksum: 306790 9c6171d79840efca347afdb47504ad0c
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-server_2.0.1-1sarge1_m68k.deb
Size/MD5 checksum: 355082 67d5f503de17451723ed4d44bf830055
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-gtk_2.0.1-1sarge1_mips.deb
Size/MD5 checksum: 454596 92c5118afa6ca715ab6de9e886fd1780
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-xaw3d_2.0.1-1sarge1_mips.deb
Size/MD5 checksum: 425812 4241fcf1c604803888565ac22a03ec53
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-server_2.0.1-1sarge1_mips.deb
Size/MD5 checksum: 479606 2ce6439bbd523b7bb14ff77c4e157813
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-gtk_2.0.1-1sarge1_mipsel.deb
Size/MD5 checksum: 453728 bd7588ad3a7774b93c905dc2156e47c0
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-xaw3d_2.0.1-1sarge1_mipsel.deb
Size/MD5 checksum: 424614 1fffc34114eb06cdb09a3aa40c2cf6a6
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-server_2.0.1-1sarge1_mipsel.deb
Size/MD5 checksum: 481470 fe7ff9087069e0156c03589c7c32e3e5
PowerPC architecture:
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-gtk_2.0.1-1sarge1_powerpc.deb
Size/MD5 checksum: 456202 7b3324a6722ef40a414282b3f19379b7
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-xaw3d_2.0.1-1sarge1_powerpc.deb
Size/MD5 checksum: 393728 ef6794db6fff4b2049bec067a36109c6
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-server_2.0.1-1sarge1_powerpc.deb
Size/MD5 checksum: 460072 9e881955f26ca915d5859f6973ffe35e
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-gtk_2.0.1-1sarge1_s390.deb
Size/MD5 checksum: 460916 44043874065b36c8c3f4dfc674fa5c1e
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-xaw3d_2.0.1-1sarge1_s390.deb
Size/MD5 checksum: 395748 21e95cb3c4e7e4192870e513f38a81d4
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-server_2.0.1-1sarge1_s390.deb
Size/MD5 checksum: 448196 cb206354f1521ce0731ba5c38d7c3e47
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-gtk_2.0.1-1sarge1_sparc.deb
Size/MD5 checksum: 423450 8ca6b37a83242f19a62f3c5f492a92fe
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-client-xaw3d_2.0.1-1sarge1_sparc.deb
Size/MD5 checksum: 360102 98edd4f4caa9cdd52b98e4f93f0f2ade
http://security.debian.org/pool/updates/main/f/freeciv/freeciv-server_2.0.1-1sarge1_sparc.deb
Size/MD5 checksum: 421234 f1d679237491847e9bddf75fa9c8b76f
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show lt;pkggt;' and http://packages.debian.org/lt;pkggt;
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFEFRVZW5ql+IAeqTIRAmmVAJ9jUiqEEb3MXxwgJyIbneTXYeamEQCglUdc
ZPULzlP5wd0itxgYhULpzrA=
=H/q+
-----END PGP SIGNATURE-----
