New jftpgw packages has been released for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 510-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
May 29th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : jftpgw
Vulnerability : format string
Problem-Type : remote
Debian-specific: no
CVE Ids : CAN-2004-0448
jaguar@felinemenace.org discovered a vulnerability in jftpgw, an FTP proxy program, whereby a remote user could potentially cause arbitrary code to be executed with the privileges of the jftpgw server process. By default, the server runs as user "nobody".
CAN-2004-0448: format string vulnerability via syslog(3) in log() function
For the current stable distribution (woody) this problem has been fixed in version 0.13.1-1woody1.
For the unstable distribution (sid), this problem has been fixed in version 0.13.4-1.
New gatos packages has been released for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 509-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
May 29th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : gatos
Vulnerability : privilege escalation
Problem-Type : local
Debian-specific: no
CVE Ids : CAN-2004-0395
Steve Kemp discovered a vulnerability in xatitv, one of the programs in the gatos package, which is used to display video with certain ATI video cards.
xatitv is installed setuid root in order to gain direct access to the video hardware. It normally drops root privileges after successfully initializing itself. However, if initialization fails due to a missing configuration file, root privileges are not dropped, and xatitv executes the system(3) function to launch its configuration program without sanitizing user-supplied environment variables.
By exploiting this vulnerability, a local user could gain root privileges if the configuration file does not exist. However, a default configuration file is supplied with the package, and so this vulnerability is not exploitable unless this file is removed by the administrator.
For the current stable distribution (woody) this problem has been fixed in version 0.0.5-6woody1.
For the unstable distribution (sid), this problem will be fixed soon.
New xpcd packages has been released for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 508-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
May 22nd, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : xpcd
Vulnerability : buffer overflow
Problem-Type : local
Debian-specific: no
CVE Ids : CAN-2004-0402
Jaguar discovered a vulnerability in one component of xpcd, a PhotoCD viewer. xpcd-svga, part of xpcd which uses svgalib to display graphics on the console, would copy user-supplied data of arbitrary length into a fixed-size buffer in the pcd_open function.
For the current stable distribution (woody) this problem has been fixed in version 2.08-8woody2.
For the unstable distribution (sid), this problem will be fixed soon.
We recommend that you update your xpcd package.
New cadaver packages has been released for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 507-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
May 19th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : cadaver
Vulnerability : buffer overflow
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2004-0398
Stefan Esser discovered a problem in neon, an HTTP and WebDAV client library, which is also present in cadaver, a command-line client for WebDAV server. User input is copied into variables not large enough for all cases. This can lead to an overflow of a static heap variable.
For the stable distribution (woody) this problem has been fixed in version 0.18.0-1woody3.
For the unstable distribution (sid) this problem has been fixed in version 0.22.1-3.
We recommend that you upgrade your cadaver package.
New neon packages has been released for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 506-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
May 19th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : neon
Vulnerability : buffer overflow
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2004-0398
Stefan Esser discovered a problem in neon, an HTTP and WebDAV client library. User input is copied into variables not large enough for all cases. This can lead to an overflow of a static heap variable.
For the stable distribution (woody) this problem has been fixed in version 0.19.3-2woody5.
For the unstable distribution (sid) this problem has been fixed in version 0.23.9.dfsg-2 and neon_0.24.6.dfsg-1.
We recommend that you upgrade your libneon* packages.
New cvs packages has been released for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 505-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
May 19th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : cvs
Vulnerability : heap overflow
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2004-0396
Stefan Esser discovered a heap overflow in the CVS server, which serves the popular Concurrent Versions System. Malformed "Entry" Lines in combination with Is-modified and Unchanged can be used to overflow malloc()ed memory. This was prooven to be exploitable.
For the stable distribution (woody) this problem has been fixed in version 1.11.1p1debian-9woody4.
For the unstable distribution (sid) this problem has been fixed in version 1.12.5-6.
We recommend that you upgrade your cvs package immediately.
New heimdal packages has been released for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 504-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
May 18th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : heimdal
Vulnerability : missing input sanitising
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2004-0472
Evgeny Demidov discovered a potential buffer overflow in a Kerberos 4 component of heimdal, a free implementation of Kerberos 5. The problem is present in kadmind, a server for administrative access to the Kerberos database. This problem could perhaps be exploited to cause the daemon to read a negative amount of data which could lead to unexpected behaviour.
For the stable distribution (woody) this problem has been fixed in version 0.4e-7.woody.9.
For the unstable distribution (sid) this problem has been fixed in version 0.6.2-1.
We recommend that you upgrade your heimdal and related packages.
Norbert Tretkowski has released an updated backport of XFree86 4.3.0 for Debian GNU/Linux 3.0
New exim packages are available for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 501-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
May 7th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : exim
Vulnerability : buffer overflow
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2004-0399 CAN-2004-0400
Georgi Guninski discovered two stack-based buffer overflows. They can not be exploited with the default configuration from the Debian system, though. The Common Vulnerabilities and Exposures project identifies the following problems that are fixed with this update:
CAN-2004-0399
When "sender_verify = true" is configured in exim.conf a buffer overflow can happen during verification of the sender. This problem is fixed in exim 4.
CAN-2004-0400
When headers_check_syntax is configured in exim.conf a buffer overflow can happen during the header check. This problem does also exist in exim 4.
For the stable distribution (woody) these problems have been fixed in version 3.35-1woody3.
For the unstable distribution (sid) these problems have been fixed in version 3.36-11 for exim 3 and in version 4.33-1 for exim 4.
Debian Planet reports that beta 4 of the new Debian Installer has been released
New film packages are available for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 500-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
May 1st, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : flim
Vulnerability : insecure temporary file
Problem-Type : local
Debian-specific: no
CVE Ids : CAN-2004-0422
Tatsuya Kinoshita discovered a vulnerability in flim, an emacs library for working with internet messages, where temporary files were created without taking appropriate precautions. This vulnerability could potentially be exploited by a local user to overwrite files with the privileges of the user running emacs. the 'chroot' option.
For the current stable distribution (woody) this problem has been fixed in version 1.14.3-9woody1.
For the unstable distribution (sid), this problem will be fixed soon.
New rsync packages has been released for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 499-1 security@debian.org
http://www.debian.org/security/ Matt Zimmerman
May 1st, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : rsync
Vulnerability : directory traversal
Problem-Type : remote
Debian-specific: no
CVE Ids : CAN-2004-0426
A vulnerability was discovered in rsync, a file transfer program, whereby a remote user could cause an rsync daemon to write files outside of the intended directory tree. This vulnerability is not exploitable when the daemon is configured with the 'chroot' option.
For the current stable distribution (woody) this problem has been fixed in version 2.5.5-0.4.
For the unstable distribution (sid), this problem has been fixed in version 2.6.1-1.
New libpng packages has been released for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 498-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
April 30th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : libpng, libpng3
Vulnerability : out of bound access
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2004-0421
Steve Grubb discovered a problem in the Portable Network Graphics library libpng which is utilised in several applications. When processing a broken PNG image, the error handling routine will access memory that is out of bounds when creating an error message. Depending on machine architecture, bounds checking and other protective measures, this problem could cause the program to crash if a defective or intentionally prepared PNG image file is handled by libpng.
This could be used as a denial of service attack against various programs that link against this library. The following commands will show you which packages utilise this library and whose programs should probably restarted after an upgrade:
apt-cache showpkg libpng2
apt-cache showpkg libpng3
The following security matrix explains which package versions will contain a correction.
Package stable (woody) unstable (sid)
libpng 1.0.12-3.woody.5 1.0.15-5
libpng3 1.2.1-1.1.woody.5 1.2.5.0-6
We recommend that you upgrade your libpng and related packages.
Updated mc packages are available for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 497-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
April 29th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : mc
Vulnerability : several vulnerabilities
Problem-Type : local
Debian-specific: no
CVE ID : CAN-2004-0226 CAN-2004-0231 CAN-2004-0232
Jacub Jelinek discovered several vulnerabilities in the Midnight Commander, a powerful file manager for GNU/Linux systems. The problems were classified as follows:
CAN-2004-0226 Buffer overflows
CAN-2004-0231 Insecure temporary file and directory creations
CAN-2004-0232 Format string problems
For the stable distribution (woody) this problem has been fixed in version 4.5.55-1.2woody3.
For the unstable distribution (sid) this problem will be fixed soon.
Updated eterm packages has been released for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 496-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
April 29th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : eterm
Vulnerability : missing input sanitising
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2003-0068
Debian Bug : 244808
H.D. Moore discovered several terminal emulator security issues. One of them covers escape codes that are interepreted by the terminal emulator. This could be exploited by an attacker to insert malicious commands hidden for the user, who has to hit enter to continue, which would also execute the hidden commands.
For the stable distribution (woody) this problem has been fixed in version 0.9.2-0pre2002042903.3.
For the unstable distribution (sid) this problem has been fixed in version eterm-0.9.2-6.
An arm kernel 2.4.16 update has been released for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 495-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
April 26th, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : kernel-source-2.4.16 kernel-patch-2.4.16-arm kernel-image-2.4.16-lart kernel-image-2.4.16-netwinder kernel-image-2.4.16-riscpc
Vulnerability : several vulnerabilities
Problem-Type : local
Debian-specific: no
CVE ID : CAN-2003-0127 CAN-2004-0003 CAN-2004-0010 CAN-2004-0109 CAN-2004-0177 CAN-2004-0178
Bugtraq ID : 10152
Several serious problems have been discovered in the Linux kernel. This update takes care of Linux 2.4.16 for the ARM architecture.
The following security matrix explains which kernel versions for which architectures are already fixed and which will be removed instead.
Architecture stable (woody) unstable (sid)
source 2.4.16-1woody2 2.4.25-3
arm/patch 20040419 20040316
arm/lart 20040419 2.4.25-4
arm/netwinder 20040419 2.4.25-4
arm/riscpc 20040419 2.4.25-4
We recommend that you upgrade your kernel packages immediately, either with a Debian provided kernel or with a self compiled one.
New xchat packages has been released for Debian GNU/Linux
---------------------------------------------------------------------------
Debian Security Advisory DSA 493-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
April 21st, 2004 http://www.debian.org/security/faq
---------------------------------------------------------------------------
Package : xchat
Vulnerability : buffer overflow
Problem-Type : remote
Debian-specific: no
CVE ID : CAN-2004-0409
Debian Bug : 244184
A buffer overflow has been discovered in the Socks-5 proxy code of XChat, an IRC client for X similar to AmIRC. This allows an attacker to execute arbitrary code on the users' machine.
For the stable distribution (woody) this problem has been fixed in version 1.8.9-0woody3.
For the unstable distribution (sid) this problem has been fixed in version 2.0.8-1.
Norbert Tretkowski has released a port of Linux Kernel 2.4.26 for Debian GNU/Linux 3.0
Here the apt source:
deb http://www.backports.org/debian stable kernel-image-2.4.26-i386
deb-src http://www.backports.org/debian stable kernel-image-2.4.26-i386
Debian Planet reports that the new KDE 3.2.2 packages for Woody can break the installation
KDE 3.2.2 has been released for Debian GNU/Linux 3.0
