New super packages are available for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 522-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
June 19th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : super
Vulnerability : format string
Problem-Type : remote
Debian-specific: no
CVE Ids : CAN-2004-0579
Max Vozeler discovered a format string vulnerability in super, a program to allow specified users to execute commands with root privileges. This vulnerability could potentially be exploited by a local user to execute arbitrary code with root privileges.
For the current stable distribution (woody), this problem has been fixed in version 3.16.1-1.2.
For the unstable distribution (sid), this problem will has been fixed in version 3.23.0-1.
We recommend that you update your super package.
New sub packages has been released for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 521-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
June 18th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : sup
Vulnerability : format string
Problem-Type : remote
Debian-specific: no
CVE Ids : CAN-2004-0451
jaguar@felinemenace.org discovered a format string vulnerability in sup, a set of programs to synchronize collections of files across a number of machines, whereby a remote attacker could potentially cause arbitrary code to be executed with the privileges of the supfilesrv process (this process does not run automatically by default).
CAN-2004-0451: format string vulnerabilities in sup via syslog(3) in logquit, logerr, loginfo functions
For the current stable distribution (woody), this problem has been fixed in version 1.8-8woody2.
For the unstable distribution (sid), this problem will be fixed soon.
We recommend that you update your sup package.
New krb5 packages has been released for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 520-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
June 16th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : krb5
Vulnerability : buffer overflows
Problem-Type : remote
Debian-specific: no
CVE Ids : CAN-2004-0523
In their advisory MITKRB5-SA-2004-001, the MIT Kerberos announced the existence of buffer overflow vulnerabilities in the krb5_aname_to_localname function. This function is only used if aname_to_localname is enabled in the configuration (this is not enabled by default).
For the current stable distribution (woody), this problem has been fixed in version 1.2.4-5woody5.
For the unstable distribution (sid), this problem has been fixed in version 1.3.3-2.
We recommend that you update your krb5 package.
New CVS packages has been released for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 519-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
June 15th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : cvs
Vulnerability : several
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2004-0416 CAN-2004-0417 CAN-2004-0418
Sebastian Krahmer and Stefan Esser discovered several vulnerabilities in the CVS server, which serves the popular Concurrent Versions System. The Common Vulnerability and Exposures project identifies the following problems:
CAN-2004-0416: double-free() in error_prog_name
CAN-2004-0417: argument integer overflow
CAN-2004-0418: out of bound writes in serve_notify()
For the stable distribution (woody) this problem has been fixed in version 1.11.1p1debian-9woody7.
For the unstable distribution (sid) this problem has been fixed in version 1.12.9-1.
We recommend that you upgrade your cvs package.
Updated kdelibs packages are available for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 518-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
June 14th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : kdelibs
Vulnerability : unsanitised input
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2004-0411
iDEFENSE identified a vulnerability in the Opera web browser that could be used by remote attackers to create or truncate arbitrary files on the victims machine. The KDE team discovered that a similar vulnerability exists in KDE.
A remote attacker could entice a user to open a carefully crafted telnet URI which may either create or truncate a file in the victims home directory. In KDE 3.2 and later versions the user is first explicitly asked to confirm the opening of the telnet URI.
For the stable distribution (woody) this problem has been fixed in version 2.2.2-13.woody.10.
We recommend that you upgrade your KDE libraries.
Debian Planet reports that Joey Hess has announced the availability of the Test Candidate 1 release for Debian-Installer.
Saw over at Debian Planet that Debian's AMD64 port is ready to be added to unstable
DotDeb has released PHP 5.0-rc3 packages for Debian GNU/Linux 3.0
New CVS packages has been released for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 517-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
June 10th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : cvs
Vulnerability : buffer overflow
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2004-0414
Derek Robert Price discovered a potential buffer overflow vulnerability in the CVS server, based on a malformed Entry, which serves the popular Concurrent Versions System.
For the stable distribution (woody) this problem has been fixed in version 1.11.1p1debian-9woody6.
For the unstable distribution (sid) this problem has been fixed in version 1.12.8-1.
DotDeb has released MySQL 4.0.20 packages for Debian GNU/Linux 3.0
DotDeb has released PHP 4.3.7 and 5 RC2 packages for Debian GNU/Linux 3.0
New odbc-postgresql packages has been released for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 516-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
June 7th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : postgresql
Vulnerability : buffer overflow
Problem-Type : remote
Debian-specific: no
Debian Bug : 247306
A buffer overflow has been discovered in the ODBC driver of PostgreSQL, an object-relational SQL database, descended from POSTGRES. It possible to exploit this problem and crash the surrounding application. Hence, a PHP script using php4-odbc can be utilised to crash the surrounding Apache webserver. Other parts of postgresql are not affected.
For the stable distribution (woody) this problem has been fixed in version 7.2.1-2woody5.
For the unstable distribution (sid) this problem has been fixed in version 07.03.0200-3.
We recommend that you upgrade your postgresql and related package.
A new lha package has been released for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 515-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
June 5th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : lha
Vulnerability : several
Problem-Type : local
Debian-specific: no
CVE Ids : CAN-2004-0234 CAN-2004-0235
Two vulnerabilities were discovered in lha:
- CAN-2004-0234 - Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14 allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive.
- CAN-2004-0235 - Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes ("//absolute/path").
For the current stable distribution (woody), these problems have been fixed in version 1.14i-2woody1.
For the unstable distribution (sid), these problems have been fixed in version 1.14i-8.
We recommend that you update your lha package.
Updated kernel 2.2.20 packages has been released for Debian GNU/Linux (sparc)
---------------------------------------------------------------------------
Debian Security Advisory DSA 514-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
June 4th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : kernel-source-2.2.20, kernel-image-2.2-sparc
Vulnerability : failing function and TLB flush
Problem-Type : local
Debian-specific: no
CVE ID : CAN-2004-0077
CERT advisory : VU#981222
Paul Starzetz and Wojciech Purczynski of isec.pl discovered a critical security vulnerability in the memory management code of Linux inside the mremap(2) system call. Due to flushing the TLB (Translation Lookaside Buffer, an address cache) too early it is possible for an attacker to trigger a local root exploit.
The attack vectors for 2.4.x and 2.2.x kernels are exclusive for the respective kernel series, though. We formerly believed that the exploitable vulnerability in 2.4.x does not exist in 2.2.x which is still true. However, it turned out that a second (sort of) vulnerability is indeed exploitable in 2.2.x, but not in 2.4.x, with a
different exploit, of course.
For the stable distribution (woody) these problems have been fixed in version 9woody1 of Linux 2.2 kernel images for the sparc architecture and in version 2.2.20-5woody3 of Linux 2.2.20 source.
For the unstable distribution (sid) these problems have been fixed in version 9.1 of Linux 2.2 kernel images for the sparc architecture.
This problem has been fixed for other architectures already.
We recommend that you upgrade your Linux kernel package.
New log2mail packages are available for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 513-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
June 3rd, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : log2mail
Vulnerability : format string
Problem-Type : local/remote
Debian-specific: no
CVE Ids : CAN-2004-0450
jaguar@felinemenace.org discovered a format string vulnerability in log2mail, whereby a user able to log a specially crafted message to a logfile monitored by log2mail (for example, via syslog) could cause arbitrary code to be executed with the privileges of the log2mail process. By default, this process runs as user 'log2mail', which is a member of group 'adm' (which has access to read system logfiles).
CAN-2004-0450: log2mail format string vulnerability via syslog(3) in printlog()
For the current stable distribution (woody), this problem has been fixed in version 0.2.5.2.
For the unstable distribution (sid), this problem will be fixed soon.
We recommend that you update your log2mail package.
FSU.hu has released new Debian GNU/Linux 3.1 Sarge (testing) and Debian GNU/Linux SID 20040601 (unstable) CD/DVD images
Debian SID includes now packages like GNOME 2.6, GIMP 2.0, MySQL 4.0.20, and Apache 1.3.31.
Debian GNU/Linux 20040601 "Sid" (unstable)CD images:
#1 #2 #3 #4 #5 #6 #7 #8 #9 #10 #11 #12 #13DVD images:
#1 #2 Package overviewDebian GNU/Linux 3.1 "Sarge" (testing)CD images:
#1 #2 #3 #4 #5 #6 #7 #8 #9 #10 #11 #12 #13 #14DVD images:
#1 #2 Package overview
Another rsync update has been released for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 499-2 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
June 2nd, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : rsync
Vulnerability : directory traversal
Problem-Type : remote
Debian-specific: no
CVE Ids : CAN-2004-0426
A vulnerability was discovered in rsync, a file transfer program, whereby a remote user could cause an rsync daemon to write files outside of the intended directory tree. This vulnerability is not exploitable when the daemon is configured with the 'chroot' option.
This update includes an additional fix related to the original vulnerability.
For the current stable distribution (woody) this problem has been fixed in version 2.5.5-0.5.
For the unstable distribution (sid), this problem has been fixed in version 2.6.1-1.
New gallery packages has been released for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 512-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
June 2nd, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : gallery
Vulnerability : unauthenticated access
Problem-Type : remote
Debian-specific: no
A vulnerability was discovered in gallery, a web-based photo album written in php, whereby a remote attacker could gain access to the gallery "admin" user without proper authentication. No CVE candidate was available for this vulnerability at the time of release.
For the current stable distribution (woody), these problems have been fixed in version 1.2.5-8woody2.
For the unstable distribution (sid), these problems have been fixed in version 1.4.3-pl2-1.
FootNotes reports that Gnome 2.6 is now included in Debian Unstable
New ethereal packages has been released for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 511-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
May 30th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : ethereal
Vulnerability : buffer overflows
Problem-Type : remote
Debian-specific: no
CVE Ids : CAN-2004-0176
Several buffer overflow vulnerabilities were discovered in ethereal, a network traffic analyzer. These vulnerabilites are described in the ethereal advisory "enpa-sa-00013". Of these, only some parts of CAN-2004-0176 affect the version of ethereal in Debian woody. CAN-2004-0367 and CAN-2004-0365 are not applicable to this version.
For the current stable distribution (woody), these problems have been fixed in version 0.9.4-1woody7.
For the unstable distribution (sid), these problems have been fixed in version 0.10.3-1.
