lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <m1CFYNf-000okRC__44094.2577239641$1097165478$gmane$org@finlandia.Infodrom.North.DE> Date: Thu, 7 Oct 2004 15:32:27 +0200 (CEST) From: joey@...odrom.org (Martin Schulze) To: bugtraq@...urityfocus.com Subject: [SECURITY] [DSA 560-1] New lesstif packages fix several vulnerabilities -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 560-1 security@...ian.org http://www.debian.org/security/ Martin Schulze October 7th, 2004 http://www.debian.org/security/faq - -------------------------------------------------------------------------- Package : lesstif1-1 Vulnerability : integer and stack overflows Problem-Type : remote Debian-specific: no CVE ID : CAN-2004-0687 CAN-2004-0688 CERT advisory : VU#537878 VU#882750 Chris Evans discovered several stack and integer overflows in the libXpm library which is included in LessTif. For the stable distribution (woody) this problem has been fixed in version 0.93.18-5. For the unstable distribution (sid) this problem has been fixed in version 0.93.94-10. We recommend that you upgrade your lesstif packages. Upgrade Instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.0 alias woody - -------------------------------- Source archives: http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif1-1_0.93.18-5.dsc Size/MD5 checksum: 692 a1757aae53924ec16a8582d60acfa5ec http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif1-1_0.93.18-5.diff.gz Size/MD5 checksum: 18115 9fa1574040e20fcc8f9db88b142dfd5d http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif1-1_0.93.18.orig.tar.gz Size/MD5 checksum: 3600427 74bce66719adb680009f145ef801bce2 Architecture independent components: http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-doc_0.93.18-5_all.deb Size/MD5 checksum: 339348 86aaf17c6eccbac85ec4e194b62d05b7 Alpha architecture: http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-bin_0.93.18-5_alpha.deb Size/MD5 checksum: 183756 aaa375321301bf45ec95fcd7e376a925 http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-dbg_0.93.18-5_alpha.deb Size/MD5 checksum: 7399496 6c8839d9a882ccaf3bc99d6c88685b41 http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-dev_0.93.18-5_alpha.deb Size/MD5 checksum: 1100714 fc5b0393ea458073ffd29eddcae4dd0d http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif1_0.93.18-5_alpha.deb Size/MD5 checksum: 713120 e9bd9d63307eef50c29a1fc48f9f1e1e ARM architecture: http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-bin_0.93.18-5_arm.deb Size/MD5 checksum: 158462 0bb887e815c83842d879be197e41c426 http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-dbg_0.93.18-5_arm.deb Size/MD5 checksum: 6214936 86810e278a8c46a27cb98ee0444b1024 http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-dev_0.93.18-5_arm.deb Size/MD5 checksum: 894320 d94f7f15ade5cc03e0ac419a921fa335 http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif1_0.93.18-5_arm.deb Size/MD5 checksum: 620784 78d6a08103ad50220119de9bdd218acc Intel IA-32 architecture: http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-bin_0.93.18-5_i386.deb Size/MD5 checksum: 148112 c464f618bda90bcfc8ddf09d59070c4b http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-dbg_0.93.18-5_i386.deb Size/MD5 checksum: 5954758 300ea20ec0af04d67aecd0a9e68cccbb http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-dev_0.93.18-5_i386.deb Size/MD5 checksum: 738430 fa48592fe8b3b345e4df8c56ec4e8b10 http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif1_0.93.18-5_i386.deb Size/MD5 checksum: 536492 ca45180dbbaf3537e2aad5405942ac17 Intel IA-64 architecture: http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-bin_0.93.18-5_ia64.deb Size/MD5 checksum: 222072 6b1def7a98cd201e991dae273b93988a http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-dbg_0.93.18-5_ia64.deb Size/MD5 checksum: 10756100 fb15b36bd10dcffe1fdcc5b2658d430a http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-dev_0.93.18-5_ia64.deb Size/MD5 checksum: 1249232 f4c80e2ce686e59fc9f5960674059c30 http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif1_0.93.18-5_ia64.deb Size/MD5 checksum: 944234 4e78634a4c817273d5c293590708548d HP Precision architecture: http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-bin_0.93.18-5_hppa.deb Size/MD5 checksum: 172516 63e479b669cf3b38f9d4c62c75ca5d3c http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-dbg_0.93.18-5_hppa.deb Size/MD5 checksum: 6313042 62f017141dc0c3fe4748472f825588db http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-dev_0.93.18-5_hppa.deb Size/MD5 checksum: 1008430 8c34690e5f70886daf81a8fef2f451a1 http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif1_0.93.18-5_hppa.deb Size/MD5 checksum: 723070 0a38a179efc3fe6009796b539f49cb64 Motorola 680x0 architecture: http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-bin_0.93.18-5_m68k.deb Size/MD5 checksum: 141456 10da8908854abbb0c98d1a95207626a4 http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-dbg_0.93.18-5_m68k.deb Size/MD5 checksum: 6076914 42ce3b01e32ac3ca9cf3900d7927938d http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-dev_0.93.18-5_m68k.deb Size/MD5 checksum: 712328 9b6fc7bb8e15d6c5967fa880a3302316 http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif1_0.93.18-5_m68k.deb Size/MD5 checksum: 532364 50f567b4cd787a935f0decea5b3b7141 Big endian MIPS architecture: http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-bin_0.93.18-5_mips.deb Size/MD5 checksum: 170248 eea62a3e4b445ca3755d364ea5c7b097 http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-dbg_0.93.18-5_mips.deb Size/MD5 checksum: 7144190 6d8bb7146c18e45682044e875740ec86 http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-dev_0.93.18-5_mips.deb Size/MD5 checksum: 938112 4b291f18eb34a21a967a0aa052a433df http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif1_0.93.18-5_mips.deb Size/MD5 checksum: 592742 a9295f6110af40b67057701950ab367c Little endian MIPS architecture: http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-bin_0.93.18-5_mipsel.deb Size/MD5 checksum: 169158 d110da7fced1a57038be236d0b81ef4f http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-dbg_0.93.18-5_mipsel.deb Size/MD5 checksum: 6904756 237e7efdab8bd85abbf159efce715817 http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-dev_0.93.18-5_mipsel.deb Size/MD5 checksum: 934608 e0e2fbaa3892e373bd6586df59f90f53 http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif1_0.93.18-5_mipsel.deb Size/MD5 checksum: 585130 5572e58387954127dd5e7e7c78bb3a29 PowerPC architecture: http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-bin_0.93.18-5_powerpc.deb Size/MD5 checksum: 157670 d9a39f6138425b73745adbb77c4d5482 http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-dbg_0.93.18-5_powerpc.deb Size/MD5 checksum: 6233274 5cf38ef3779dab2b224d5e79fa2c4997 http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-dev_0.93.18-5_powerpc.deb Size/MD5 checksum: 899064 eda6deb97f58702ceef1286953aa1c3e http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif1_0.93.18-5_powerpc.deb Size/MD5 checksum: 616680 c2814eb4ca67f3bec571fd2e6bae55dd IBM S/390 architecture: http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-bin_0.93.18-5_s390.deb Size/MD5 checksum: 156348 deff9c2433184aa5276b0cc9b10a6fa2 http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-dbg_0.93.18-5_s390.deb Size/MD5 checksum: 6192754 42b8296ce9e90a70a250d1279ff9277f http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-dev_0.93.18-5_s390.deb Size/MD5 checksum: 797050 860d1bd8aa96e531a2f7a9c88aee6ad7 http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif1_0.93.18-5_s390.deb Size/MD5 checksum: 618298 63d480480acba05a1e1bbc6e54f18998 Sun Sparc architecture: http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-bin_0.93.18-5_sparc.deb Size/MD5 checksum: 154114 c694390b6176b315c44e64cc247c2dc5 http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-dbg_0.93.18-5_sparc.deb Size/MD5 checksum: 6195404 32a85c66271baf22813f17c586207d6c http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-dev_0.93.18-5_sparc.deb Size/MD5 checksum: 834710 7863befa290ccf691640d44bd7b569b1 http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif1_0.93.18-5_sparc.deb Size/MD5 checksum: 602214 41f094d53f20658690c295b60a8b7177 These files will probably be moved into the stable distribution on its next update. - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@...ts.debian.org Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (GNU/Linux) iD8DBQFBZUVrW5ql+IAeqTIRApGrAJ9PNYlVNab7d7wwNgAVRMWDMfuz5wCeKz+E 9XAptj3+eWdOJUqOXlbkfgk= =vppc -----END PGP SIGNATURE-----