| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <m1Em91b-000ohNC__5286.31536658413$1134512399$gmane$org@finlandia.Infodrom.North.DE>
Date: Tue, 13 Dec 2005 13:12:55 +0100 (CET)
From: joey@...odrom.org (Martin Schulze)
To: bugtraq@...urityfocus.com
Subject: [SECURITY] [DSA 920-1] New ethereal packages fix arbitrary code execution
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- --------------------------------------------------------------------------
Debian Security Advisory DSA 920-1 security@...ian.org
http://www.debian.org/security/ Martin Schulze
December 13th, 2005 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Package : ethereal
Vulnerability : buffer overflow
Problem type : remote
Debian-specific: no
CVE ID : CVE-2005-3651
BugTraq ID : 15794
Debian Bug : 342911
A buffer overflow has been discovered in ethereal, a commonly used
network traffic analyser that causes a denial of service and may
potentially allow the execution of arbitrary code.
For the old stable distribution (woody) this problem has been fixed in
version 0.9.4-1woody14.
For the stable distribution (sarge) this problem has been fixed in
version 0.10.10-2sarge3.
For the unstable distribution (sid) this problem will be fixed soon.
We recommend that you upgrade your ethereal packages.
Upgrade Instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.0 alias woody
- --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody14.dsc
Size/MD5 checksum: 681 fd2549fde25a12ea89ff76f16f476a1b
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody14.diff.gz
Size/MD5 checksum: 46176 b28a169806ac6c7357bc59cb684ce067
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4.orig.tar.gz
Size/MD5 checksum: 3278908 42e999daa659820ee93aaaa39ea1e9ea
Alpha architecture:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody14_alpha.deb
Size/MD5 checksum: 1941098 7ea04145418237e513e15021dc7f7b95
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody14_alpha.deb
Size/MD5 checksum: 334948 cef7bebe414cbf9d7ba06dded593e087
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody14_alpha.deb
Size/MD5 checksum: 223218 648d49081514871e244690c8d5f33691
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody14_alpha.deb
Size/MD5 checksum: 1708326 42b0e3d2014feb624df9b899ff620a0b
ARM architecture:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody14_arm.deb
Size/MD5 checksum: 1635960 b04119f7705cf79e7172f1d18948fa8d
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody14_arm.deb
Size/MD5 checksum: 298554 3fd358c7da7eb738eb6873ef7af66d7f
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody14_arm.deb
Size/MD5 checksum: 207122 45c7b2fd84a7eb3e36e8d69ea9b6dcdf
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody14_arm.deb
Size/MD5 checksum: 1440018 9e3b3a723071fbd018ad3ac73183da68
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody14_i386.deb
Size/MD5 checksum: 1513538 b953ab41e1961c68629b925bbc56dd83
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody14_i386.deb
Size/MD5 checksum: 287406 5ef238518e168e5a46319493c15c4e19
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody14_i386.deb
Size/MD5 checksum: 199112 56c7fb6de85158b326b90488a0752cb1
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody14_i386.deb
Size/MD5 checksum: 1327200 3efaf5307fd7d6f34814e155caa33a7a
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody14_ia64.deb
Size/MD5 checksum: 2150464 14f206f1245e654828dc70458d7b6ec6
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody14_ia64.deb
Size/MD5 checksum: 373888 3e18fd820eaef70e178e1e54f35b163b
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody14_ia64.deb
Size/MD5 checksum: 234768 0e01b34d747883840309fbe0a82b9d90
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody14_ia64.deb
Size/MD5 checksum: 1862118 759d0b8533a34f25e2cd44e77b22b4c8
HP Precision architecture:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody14_hppa.deb
Size/MD5 checksum: 1805078 e84cbe1d3502ddaf4d34e3a969a14736
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody14_hppa.deb
Size/MD5 checksum: 323354 37c86ac01668a204d7808a9fdcbb81be
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody14_hppa.deb
Size/MD5 checksum: 217748 a9a0acb50c691d7bc451cfae45c9d51e
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody14_hppa.deb
Size/MD5 checksum: 1576466 8c1be59eac51ed8a610285a15a058e22
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody14_m68k.deb
Size/MD5 checksum: 1425116 544e1f11c2d772762396cf4d50cc93b8
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody14_m68k.deb
Size/MD5 checksum: 283738 77f3c1a0ee662058b9e55cafe1d1ae7c
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody14_m68k.deb
Size/MD5 checksum: 196008 b0dfb3b8d3d1e37c6a077930ea3dbf3b
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody14_m68k.deb
Size/MD5 checksum: 1249126 60a2d75460899934f40c2ea649c7bf7d
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody14_mips.deb
Size/MD5 checksum: 1617300 8538bf50fd13015ec371a625f8eaeae7
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody14_mips.deb
Size/MD5 checksum: 306118 7efffa6fb386ddda82d2669ffc575db4
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody14_mips.deb
Size/MD5 checksum: 214658 189f2f3621ebde6a7455bc2be6e09c3e
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody14_mips.deb
Size/MD5 checksum: 1422282 9b066162a09a3c53d82f5c9463fe239b
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody14_mipsel.deb
Size/MD5 checksum: 1598586 6ed002e3b9d37f57b3cb782270ae26cb
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody14_mipsel.deb
Size/MD5 checksum: 305606 557d7ecf335f4f60f57e6e2483a81888
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody14_mipsel.deb
Size/MD5 checksum: 214304 cd62dba02317002a5d78472b18c9603b
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody14_mipsel.deb
Size/MD5 checksum: 1406756 b106a0b8c8ab20d663c342367a556a5e
PowerPC architecture:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody14_powerpc.deb
Size/MD5 checksum: 1618532 c41f2a97a6853433772f5f2a0c8e32de
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody14_powerpc.deb
Size/MD5 checksum: 302842 245c32c2385672854ea654206a6a0db7
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody14_powerpc.deb
Size/MD5 checksum: 209956 8336298c3c08e4213c617f4fb9922dcf
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody14_powerpc.deb
Size/MD5 checksum: 1419734 1bd2b78f8a25b9da6f70c3f05b580be3
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody14_s390.deb
Size/MD5 checksum: 1575174 54dc9af554d9b748a1e3ff7d9e805f1a
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody14_s390.deb
Size/MD5 checksum: 301632 dedef85bb14b6b45f92085f90314034d
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody14_s390.deb
Size/MD5 checksum: 205000 b6200c4c1f9015261a7ac43ac6c43252
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody14_s390.deb
Size/MD5 checksum: 1388014 45b14ef2e45ab75949227acc26878b6b
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.9.4-1woody14_sparc.deb
Size/MD5 checksum: 1583708 acfac4316a7e5a71158bb25af5689293
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.9.4-1woody14_sparc.deb
Size/MD5 checksum: 318896 aca734b7ec2a1d7f631159b568b8b999
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.9.4-1woody14_sparc.deb
Size/MD5 checksum: 205782 2a5a107881b218d3adf4662578a1a108
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.9.4-1woody14_sparc.deb
Size/MD5 checksum: 1389940 7b383ffec5230f7766935089fcff0e0e
Debian GNU/Linux 3.1 alias sarge
- --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge4.dsc
Size/MD5 checksum: 855 29cbef6699e9e51ae35c4745b978c1e4
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge4.diff.gz
Size/MD5 checksum: 167246 2230337a164906c33ca978abc5b57c65
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10.orig.tar.gz
Size/MD5 checksum: 7411510 e6b74468412c17bb66cd459bfb61471c
Alpha architecture:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge4_alpha.deb
Size/MD5 checksum: 541818 a6c44210b359d74ed16ed23fe386759d
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge4_alpha.deb
Size/MD5 checksum: 5474866 5924bfdf784578df4dd2df46392d2a0c
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge4_alpha.deb
Size/MD5 checksum: 153864 e687ab4c0c2dec8d62065d18484fadce
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge4_alpha.deb
Size/MD5 checksum: 105162 431908b433045153e7360c53bde3e900
AMD64 architecture:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge4_amd64.deb
Size/MD5 checksum: 485392 16a454068f8ce4997d7df6808d66b64b
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge4_amd64.deb
Size/MD5 checksum: 5334066 79eeb45de736a575fcbfdc7e40fd0083
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge4_amd64.deb
Size/MD5 checksum: 153864 980cd2da44c4d1bc32ae6336acb2c79f
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge4_amd64.deb
Size/MD5 checksum: 98444 08817a1f964ab391ffec8da425020572
ARM architecture:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge4_arm.deb
Size/MD5 checksum: 471758 37774606d0d4d050dece6b73907a9885
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge4_arm.deb
Size/MD5 checksum: 4685936 54446e011296caf441369bab0bd7aecd
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge4_arm.deb
Size/MD5 checksum: 153890 00002cca682ca3c3abf2e7c97e41e841
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge4_arm.deb
Size/MD5 checksum: 94388 ddf5908a309c89acadac3962dec222c3
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge4_i386.deb
Size/MD5 checksum: 442462 22585d584a56ade669ef45e23a460c13
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge4_i386.deb
Size/MD5 checksum: 4491616 db1efd0f3a3f9e5ac03f82f56d435048
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge4_i386.deb
Size/MD5 checksum: 153658 f754988305495aa0babd2ffc6c05dfb7
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge4_i386.deb
Size/MD5 checksum: 89874 7f9b4b8731d3b7cc770d1e81fdf9edff
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge4_ia64.deb
Size/MD5 checksum: 673480 2accbfffd291f3b424d0f0203bfeaf95
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge4_ia64.deb
Size/MD5 checksum: 6625668 951a0d38bf3f2ff63fabb3aeed861719
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge4_ia64.deb
Size/MD5 checksum: 153864 151d53ada1dcc87f45bd5c9eac830a8b
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge4_ia64.deb
Size/MD5 checksum: 128148 5b970496851ecc3c8034c4a6050d39d9
HP Precision architecture:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge4_hppa.deb
Size/MD5 checksum: 488198 16e109738a8788eff83b2a94426bc90d
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge4_hppa.deb
Size/MD5 checksum: 5785972 915abaae95c1620129d982b4f742e998
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge4_hppa.deb
Size/MD5 checksum: 153880 deb9a9396bc7e6b9e4a9c98a3b0997be
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge4_hppa.deb
Size/MD5 checksum: 97420 4d15ca9df16e677ec167e918d1df3262
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge4_m68k.deb
Size/MD5 checksum: 446824 a24b34013583a4e3497a1ebf6142ff22
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge4_m68k.deb
Size/MD5 checksum: 5564090 ec403a6ef8f92839ec3e48c031f427be
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge4_m68k.deb
Size/MD5 checksum: 153992 388cce8ba0ecddede0d2a0eb7b41f976
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge4_m68k.deb
Size/MD5 checksum: 89958 de2aa186345897a64577ed6991de0f16
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge4_mips.deb
Size/MD5 checksum: 461508 944dbf1184d71f3420aa0e0f998e4951
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge4_mips.deb
Size/MD5 checksum: 4722696 7ecb7db0539d885c010141d2307d2309
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge4_mips.deb
Size/MD5 checksum: 153882 b4ffbc14b75db5a2d80ea8ab2dc098d9
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge4_mips.deb
Size/MD5 checksum: 93670 edfbeb906903497b741ce491d062fe8d
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge4_mipsel.deb
Size/MD5 checksum: 456796 61db19e60b59ca08539139f133161ecd
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge4_mipsel.deb
Size/MD5 checksum: 4458954 3f85051d87e652474f35c93df894668d
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge4_mipsel.deb
Size/MD5 checksum: 153896 6b4fa165eb5fc6c85ea5443f9cc8627c
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge4_mipsel.deb
Size/MD5 checksum: 93596 f3fbc2765b9eef5589ae8b67b3fc507b
PowerPC architecture:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge4_powerpc.deb
Size/MD5 checksum: 454624 ac160f2dfaf9480ec2ddb284b16969b2
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge4_powerpc.deb
Size/MD5 checksum: 5069322 b505bbd6c34a9fc83d3ab34161751b89
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge4_powerpc.deb
Size/MD5 checksum: 153888 0ac314e84694a76fd5475f8318c0bd0c
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge4_powerpc.deb
Size/MD5 checksum: 93460 89763605c5fc59034a6b3b4399920a51
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge4_s390.deb
Size/MD5 checksum: 478832 f58c4f3e2f5f185cb40818aad6bcba76
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge4_s390.deb
Size/MD5 checksum: 5620232 a8ad7eceaa81bbacbd70a3f4d2201edf
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge4_s390.deb
Size/MD5 checksum: 153878 837cf0ef9571ee6abdeb382d54412d90
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge4_s390.deb
Size/MD5 checksum: 98982 e5bad7bb8bf3964b47b41ec84b62e342
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/e/ethereal/ethereal_0.10.10-2sarge4_sparc.deb
Size/MD5 checksum: 464160 3e21acc4249b2032b1d7ed474486189e
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-common_0.10.10-2sarge4_sparc.deb
Size/MD5 checksum: 5127616 f418acff6a83220d1b3ba544856b60ed
http://security.debian.org/pool/updates/main/e/ethereal/ethereal-dev_0.10.10-2sarge4_sparc.deb
Size/MD5 checksum: 153870 e45257dbd6a4799b26be761fcc79e835
http://security.debian.org/pool/updates/main/e/ethereal/tethereal_0.10.10-2sarge4_sparc.deb
Size/MD5 checksum: 92840 aa61f8545872884a69df77aa3a8e35d6
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@...ts.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFDnrrHW5ql+IAeqTIRAuDBAJ9+6Ablhq7itE0PpFPhF7yEToauXwCdGb8B
aQX5QDtvXo6ILXx8K38wlnM=
=P8ZB
-----END PGP SIGNATURE-----
Powered by blists - more mailing lists