New cyrus-imapd packages are available for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 597-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
November 25th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : cyrus-imapd
Vulnerability : buffer overflow
Problem-Type : local/remote
Debian-specific: no
CVE ID : CAN-2004-1012 CAN-2004-1013
Debian Bug : 282681
Stefan Esser discovered several security related problems in the Cyrus IMAP daemon. Due to a bug in the command parser it is possible to access memory beyond the allocated buffer in two places which could lead to the execution of arbitrary code.
For the stable distribution (woody) these problems have been fixed in version 1.5.19-9.2
For the unstable distribution (sid) these problems have been fixed in version 2.1.17-1.
We recommend that you upgrade your cyrus-imapd package immediately.
New sudo packages are available for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 596-2 security@debian.org
http://www.debian.org/security/ Martin Schulze
November 24th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : sudo
Vulnerability : missing input sanitising
Problem-Type : local
Debian-specific: no
CVE ID : CAN-2004-1051
Debian Bug : 281665
This update removes the debug output which was left over in the update from DSA 596-1. For completeness below is the original advisory text:
Liam Helmer noticed that sudo, a program that provides limited super user privileges to specific users, does not clean the environment sufficiently. Bash functions and the CDPATH variable are still passed through to the program running as privileged user, leaving possibilities to overload system routines. These vulnerabilities can only be exploited by users who have been granted limited super user privileges.
For the stable distribution (woody) these problems have been fixed in version 1.6.6-1.3.
For the unstable distribution (sid) these problems have been fixed in version 1.6.8p3.
New bnc packages are available for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 595-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
November 24th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : bnc
Vulnerability : buffer overflow
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2004-1052
Leon Juranic discovered that BNC, an IRC session bouncing proxy, does not always protect buffers from being overwritten. This could exploited by a malicious IRC server to overflow a buffer of limited size and execute arbitrary code on the client host.
For the stable distribution (woody) this problem has been fixed in version 2.6.4-3.3.
This package does not exist in the testing or unstable distributions.
We recommend that you upgrade your bnc package.
Release Candidate 2 of the new Debian-installer has been released
DotDeb.org has released MySQL 4.1.7 and updated PHP 5.0.2 packages for Debian GNU/Linux 3.0
An updated Apache packages has been released for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 594-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
November 17th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : apache
Vulnerability : buffer overflows
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2004-0940
Two vulnerabilities have been identified in the Apache 1.3 webserver:
CAN-2004-0940
"Crazy Einstein" has discovered a vulnerability in the
"mod_include" module, which can cause a buffer to be overflown and could lead to the execution of arbitrary code.
NO VULN ID
Larry Cashdollar has discovered a potential buffer overflow in the htpasswd utility, which could be exploited when user-supplied is passed to the program via a CGI (or PHP, or ePerl, ...) program.
For the stable distribution (woody) these problems have been fixed in version 1.3.26-0woody6.
For the unstable distribution (sid) these problems have been fixed in version 1.3.33-2.
We recommend that you upgrade your apache packages.
New imagemagick packages are available for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 593-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
November 16th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : imagemagick
Vulnerability : buffer overflow
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2004-0981
Debian Bug : 278401
A vulnerability has been reported for ImageMagick, a commonly used image manipulation library. Due to a boundary error within the EXIF parsing routine, a specially crafted graphic images could lead to the execution of arbitrary code.
For the stable distribution (woody) this problem has been fixed in version 5.4.4.5-1woody4.
For the unstable distribution (sid) this problem has been fixed in version 6.0.6.2-1.5.
We recommend that you upgrade your imagemagick packages.
New ez-ipupdate packages are available for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 592-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
November 12th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : ez-ipupdate
Vulnerability : format string
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2004-0980
Ulf Härnhammar from the Debian Security Audit Project discovered a format string vulnerability in ez-ipupdate, a client for many dynamic DNS services. This problem can only be exploited if ez-ipupdate is running in daemon mode (most likely) with many but not all service types.
For the stable distribution (woody) this problem has been fixed in version 3.0.11b5-1woody2.
For the unstable distribution (sid) this problem has been fixed in version 3.0.11b8-8.
We recommend that you upgrade your ez-ipupdate package.
New libgd2 packages are available for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 591-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
November 9th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : libgd2
Vulnerability : integer overflows
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2004-0990
BugTraq ID : 11523
"infamous41md" discovered several integer overflows in the PNG image decoding routines of the GD graphics library. This could lead to the execution of arbitrary code on the victim's machine.
For the stable distribution (woody) these problems have been fixed in version 1.8.4-17.woody3 of libgd1 and in version 2.0.1-10woody1 of libgd2.
For the unstable distribution (sid) these problems will be fixed soon.
We recommend that you upgrade your libgd2 packages.
New gnats packages are available for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 590-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
November 9th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : gnats
Vulnerability : format string vulnerability
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2004-0623
BugTraq ID : 10609
Debian Bug : 278577
Khan Shirani discovered a format string vulnerability in gnats, the GNU problem report management system. This problem may be exploited to execute arbitrary code.
For the stable distribution (woody) this problem has been fixed in version 3.999.beta1+cvs20020303-2.
For the unstable distribution (sid) this problem has been fixed in version 4.0-7.
We recommend that you upgrade your gnats package.
A libgd1 update has been released for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 589-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
November 9th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : libgd
Vulnerability : integer overflows
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2004-0990
BugTraq ID : 11523
"infamous41md" discovered several integer overflows in the PNG image decoding routines of the GD graphics library. This could lead to the execution of arbitrary code on the victim's machine.
For the stable distribution (woody) these problems have been fixed in version 1.8.4-17.woody3 of libgd1 and in version 2.0.1-10woody1 of libgd2.
For the unstable distribution (sid) these problems will be fixed soon.
We recommend that you upgrade your libgd1 packages.
New gzip packages are available for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 588-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
November 8th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : gzip
Vulnerability : insecure temporary files
Problem-Type : local
Debian-specific: no
CVE ID : CAN-2004-0970
BugTraq ID : 11288
Trustix developers discovered insecure temporary file creation in supplemental scripts in the gzip package which may allow local users to overwrite files via a symlink attack.
For the stable distribution (woody) these problems have been fixed in version 1.3.2-3woody3.
The unstable distribution (sid) is not affected by these problems.
We recommend that you upgrade your gzip package.
New freeam packages are available for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 587-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
November 8th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : freeamp
Vulnerability : buffer overflow
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2004-0964
Luigi Auriemma discovered a buffer overflow condition in the playlist module of freeamp which could lead to arbitrary code execution. Recent versions of freeamp were renamed into zinf.
For the stable distribution (woody) this problem has been fixed in version 2.1.1.0-4woody2.
For the unstable distribution (sid) this problem does not exist in the zinf packageas the code in question was rewritten.
We recommend that you upgrade your freeamp packages.
New ruby packages are available for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 586-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
November 8th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : ruby
Vulnerability : infinite loop
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2004-0983
The upstream developers of Ruby have corrected a problem in the CGI module for this language. Specially crafted requests could cause an infinite loop and thus cause the program to eat up cpu cycles.
For the stable distribution (woody) this problem has been fixed in version ruby_1.6.7-3woody4.
For the unstable distribution (sid) this problem has been fixed in version 1.6.8-12 of ruby1.6 and in version 1.8.1+1.8.2pre2-4 of ruby1.8.
We recommend that you upgrade your ruby packages.
DotDeb.org has released a MySQL 4.0.22 backport for Debian GNU/Linux 3.0
Updated shadow packages are available for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 585-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
November 5th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : shadow
Vulnerability : programming error
Problem-Type : local
Debian-specific: no
CVE ID : CAN-2004-1001
A vulnerability has been discovered in the shadow suite which provides programs like chfn and chsh. It is possible for a user, who is logged in but has an expired password to alter his account information with chfn or chsh without having to change the password. The problem was originally thought to be more severe.
For the stable distribution (woody) this problem has been fixed in version 20000902-12woody1.
For the unstable distribution (sid) this problem has been fixed in version 4.0.3-30.3.
We recommend that you upgrade your passwd package (from the shadow suite).
New dhcp packages are available for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 584-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
November 4th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : dhcp
Vulnerability : format string vulnerability
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2004-1006
"infamous41md" noticed that the log functions in dhcp 2.x, which is still distributed in the stable Debian release, contained pass parameters to function that use format strings. One use seems to be exploitable in connection with a malicious DNS server.
For the stable distribution (woody) these problems have been fixed in version 2.0pl5-11woody1.
For the unstable distribution (sid) these problems have been fixed in version 2.0pl5-19.1.
We recommend that you upgrade your dhcp package.
New lvm10 packages are available for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 583-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
November 3rd, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : lvm10
Vulnerability : insecure temporary directory
Problem-Type : local
Debian-specific: no
CVE ID : CAN-2004-0972
Debian Bug : 279229
Trustix developers discovered insecure temporary file creation in a supplemental script in the lvm10 package that didn't check for existing temporary directories, allowing local users to overwrite files via a symlink attack.
For the stable distribution (woody) this problem has been fixed in version 1.0.4-5woody2.
For the unstable distribution (sid) this problem will be fixed soon.
We recommend that you upgrade your lvm10 package.
New libxml packages are available for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 582-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
November 2nd, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : libxml, libxml2
Vulnerability : buffer overflow
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2004-0989
"infamous41md" discovered several buffer overflows in libxml and libxml2, the XML C parser and toolkits for GNOME. Missing boundary checks could cause several buffers to be overflown, which may cause the client to execute arbitrary code.
The following vulnerability matrix lists corrected versions of these libraries:
For the stable distribution (woody) these problems have been fixed in version 1.8.17-2woody2 of libxml and in version 2.4.19-4woody2 of libxml2.
For the unstable distribution (sid) these problems have been fixed in version 1.8.17-9 of libxml and in version 2.6.11-5 of libxml2.
These problems have also been fixed in version 2.6.15-1 of libxml2 in the experimental distribution.
We recommend that you upgrade your libxml packages.
New xpdf packages are available for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 581-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
November 2nd, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : xpdf
Vulnerability : integer overflows
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2004-0888
Debian Bug : 278298
Chris Evans discovered several integer overflows in xpdf, a viewer for PDF files, which can be exploited remotely by a specially crafted PDF document and lead to the execution of arbitrary code.
For the stable distribution (woody) these problems have been fixed in version 1.00-3.2.
For the unstable distribution (sid) these problems have been fixed in version 3.00-9.
We recommend that you upgrade your xpdf package.
