lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20070621125655.GA20691@steve.org.uk>
Date: Thu, 21 Jun 2007 13:56:55 +0100
From: Steve Kemp <skx@...ian.org>
To: debian-security-announce@...ts.debian.org
Subject: [SECURITY] [DSA 1316-1] New emacs21 packages fix
	denial of service


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


- ------------------------------------------------------------------------
Debian Security Advisory dsa-1316                    security@...ian.org
http://www.debian.org/security/                               Steve Kemp
June 21, 2007
- ------------------------------------------------------------------------

Package        : emacs21 (21.4a+1-3etch1)
Vulnerability  : denial of service
Problem type   : local
Debian-specific: no
CVE Id(s)      : CVE-2007-2833
Debian Bug     : 408929


It has been discovered that emacs, the GNU Emacs editor, will crash when
processing certain types of images.

For the stable distribution (etch), this problem has been fixed in version XXX


We recommend that you upgrade your emacs21 (21.4a+1-3etch1) package.

Upgrade instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian (stable)
- ---------------

Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

  http://security.debian.org/pool/updates/main/e/emacs21/emacs21_21.4a+1.orig.tar.gz
    Size/MD5 checksum: 15188829 2614ad1ce5c547e682e76049717a704d
  http://security.debian.org/pool/updates/main/e/emacs21/emacs21_21.4a+1-3etch1.diff.gz
    Size/MD5 checksum:   189123 efad0ca53f0dbddb93b2cbef0edb350d
  http://security.debian.org/pool/updates/main/e/emacs21/emacs21_21.4a+1-3etch1.dsc
    Size/MD5 checksum:      893 01f93796b7e4cbfb0c07fc211b49ebfa

Architecture independent packages:

  http://security.debian.org/pool/updates/main/e/emacs21/emacs21-common_21.4a+1-3etch1_all.deb
    Size/MD5 checksum:  9450540 eb73296f7683a65384cd41905f6dc39c
  http://security.debian.org/pool/updates/main/e/emacs21/emacs21-el_21.4a+1-3etch1_all.deb
    Size/MD5 checksum:  7218194 cac7a6629afe81db77af34e344194852
  http://security.debian.org/pool/updates/main/e/emacs21/emacs_21.4a+1-3etch1_all.deb
    Size/MD5 checksum:    23846 b8675a67384a58f59befec0577eca744

alpha architecture (DEC Alpha)

  http://security.debian.org/pool/updates/main/e/emacs21/emacs21_21.4a+1-3etch1_alpha.deb
    Size/MD5 checksum:  2329172 9468d7d11509518ec4d6e97caf26cc86
  http://security.debian.org/pool/updates/main/e/emacs21/emacs21-nox_21.4a+1-3etch1_alpha.deb
    Size/MD5 checksum:  2085080 6576dd8ef28a1055cb1017ffcc9aad74
  http://security.debian.org/pool/updates/main/e/emacs21/emacs21-bin-common_21.4a+1-3etch1_alpha.deb
    Size/MD5 checksum:   182974 565e5a66ab03c426078faa70c3305349

amd64 architecture (AMD x86_64 (AMD64))

  http://security.debian.org/pool/updates/main/e/emacs21/emacs21-nox_21.4a+1-3etch1_amd64.deb
    Size/MD5 checksum:  1969826 691f4641f9c3e3fd37b149ae5478d65d
  http://security.debian.org/pool/updates/main/e/emacs21/emacs21_21.4a+1-3etch1_amd64.deb
    Size/MD5 checksum:  2187854 9fcfd83efc6ce06c675e68fa43b8fded
  http://security.debian.org/pool/updates/main/e/emacs21/emacs21-bin-common_21.4a+1-3etch1_amd64.deb
    Size/MD5 checksum:   162136 1973e185e0c221c03dbf77df2e460df7

arm architecture (ARM)

  http://security.debian.org/pool/updates/main/e/emacs21/emacs21-nox_21.4a+1-3etch1_arm.deb
    Size/MD5 checksum:  1828924 f6bce578f44fb1f1a1ab31217f926708
  http://security.debian.org/pool/updates/main/e/emacs21/emacs21_21.4a+1-3etch1_arm.deb
    Size/MD5 checksum:  2030164 e3991619fdb58d75d95ab480fb191c79
  http://security.debian.org/pool/updates/main/e/emacs21/emacs21-bin-common_21.4a+1-3etch1_arm.deb
    Size/MD5 checksum:   147964 84453604acd1f52971da2bdd785fad17

hppa architecture (HP PA RISC)

  http://security.debian.org/pool/updates/main/e/emacs21/emacs21-nox_21.4a+1-3etch1_hppa.deb
    Size/MD5 checksum:  1961192 f169821c8a1f27c44c3a2f41ca2f3651
  http://security.debian.org/pool/updates/main/e/emacs21/emacs21_21.4a+1-3etch1_hppa.deb
    Size/MD5 checksum:  2187120 37e9cc501a0ed894506700f3979a9cc0
  http://security.debian.org/pool/updates/main/e/emacs21/emacs21-bin-common_21.4a+1-3etch1_hppa.deb
    Size/MD5 checksum:   162908 be7bc21995279915d27c5755904373d5

i386 architecture (Intel ia32)

  http://security.debian.org/pool/updates/main/e/emacs21/emacs21-bin-common_21.4a+1-3etch1_i386.deb
    Size/MD5 checksum:   146884 f295798eef85bf559ca830f0a87de5c1
  http://security.debian.org/pool/updates/main/e/emacs21/emacs21_21.4a+1-3etch1_i386.deb
    Size/MD5 checksum:  2029074 0ad01edbae57f38fd98b7e166363c15d
  http://security.debian.org/pool/updates/main/e/emacs21/emacs21-nox_21.4a+1-3etch1_i386.deb
    Size/MD5 checksum:  1837132 3228c6d0f29ef3367c962893e6ea7325

ia64 architecture (Intel ia64)

  http://security.debian.org/pool/updates/main/e/emacs21/emacs21-bin-common_21.4a+1-3etch1_ia64.deb
    Size/MD5 checksum:   215278 adc3e9e2590f28ddaa4a415e6e07d57e
  http://security.debian.org/pool/updates/main/e/emacs21/emacs21-nox_21.4a+1-3etch1_ia64.deb
    Size/MD5 checksum:  2351410 8b0192deacf060b17623a2a3274b179b
  http://security.debian.org/pool/updates/main/e/emacs21/emacs21_21.4a+1-3etch1_ia64.deb
    Size/MD5 checksum:  2707896 a13cc5a1192c910f17b9b8d56ae2af35

mips architecture (MIPS (Big Endian))

  http://security.debian.org/pool/updates/main/e/emacs21/emacs21_21.4a+1-3etch1_mips.deb
    Size/MD5 checksum:  2264302 f15a5884dde71bb4be70030b84accdf9
  http://security.debian.org/pool/updates/main/e/emacs21/emacs21-nox_21.4a+1-3etch1_mips.deb
    Size/MD5 checksum:  2026274 65936d472970fccab319540e5508ce57
  http://security.debian.org/pool/updates/main/e/emacs21/emacs21-bin-common_21.4a+1-3etch1_mips.deb
    Size/MD5 checksum:   165656 9c9483290fd960b049e1a63cb1295165

mipsel architecture (MIPS (Little Endian))

  http://security.debian.org/pool/updates/main/e/emacs21/emacs21-nox_21.4a+1-3etch1_mipsel.deb
    Size/MD5 checksum:  1978868 9822056f7ef84d0f5691585ee3d524a0
  http://security.debian.org/pool/updates/main/e/emacs21/emacs21-bin-common_21.4a+1-3etch1_mipsel.deb
    Size/MD5 checksum:   165668 431c39dd0dd50d17ca2958f90ee7df33
  http://security.debian.org/pool/updates/main/e/emacs21/emacs21_21.4a+1-3etch1_mipsel.deb
    Size/MD5 checksum:  2216624 66e1c85453ae9c7a49c9a2fb9d4a8480

powerpc architecture (PowerPC)

  http://security.debian.org/pool/updates/main/e/emacs21/emacs21_21.4a+1-3etch1_powerpc.deb
    Size/MD5 checksum:  2118924 c39baa8043ded1bb0bed737e9c117dba
  http://security.debian.org/pool/updates/main/e/emacs21/emacs21-nox_21.4a+1-3etch1_powerpc.deb
    Size/MD5 checksum:  1905208 4d1d6f37948fc7c22787365a449fd2b7
  http://security.debian.org/pool/updates/main/e/emacs21/emacs21-bin-common_21.4a+1-3etch1_powerpc.deb
    Size/MD5 checksum:   155700 e9cd7d62d7897ead5daaafe6c4baf83e

s390 architecture (IBM S/390)

  http://security.debian.org/pool/updates/main/e/emacs21/emacs21-nox_21.4a+1-3etch1_s390.deb
    Size/MD5 checksum:  1931752 2c9d6527bfc7bb263e342815f658804b
  http://security.debian.org/pool/updates/main/e/emacs21/emacs21_21.4a+1-3etch1_s390.deb
    Size/MD5 checksum:  2146028 8fdce62a7aa6800bf6cdfe5560402886
  http://security.debian.org/pool/updates/main/e/emacs21/emacs21-bin-common_21.4a+1-3etch1_s390.deb
    Size/MD5 checksum:   157108 7e3c170c7b558bd49bb04a150c2fa05d

sparc architecture (Sun SPARC/UltraSPARC)

  http://security.debian.org/pool/updates/main/e/emacs21/emacs21_21.4a+1-3etch1_sparc.deb
    Size/MD5 checksum:  2114942 2739d3fbe7ccdb9376018324921f3250
  http://security.debian.org/pool/updates/main/e/emacs21/emacs21-bin-common_21.4a+1-3etch1_sparc.deb
    Size/MD5 checksum:   148146 3f31d435a2477804cd2a1bf6c2c93a77
  http://security.debian.org/pool/updates/main/e/emacs21/emacs21-nox_21.4a+1-3etch1_sparc.deb
    Size/MD5 checksum:  1913248 5746adae76a13ffabbf243f254d531e7


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@...ts.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGenVSwM/Gs81MDZ0RArjvAKDFxz3X+xzK8cWxU/WuJ6vHJp1WPACgwrYr
cUzZ6f2FJvlDHZd0EwluVFM=
=zIki
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ