unsubscribe

To: debian-security@lists.debian.org
Subject: unsubscribe
From: "Kenneth" <kenneth@linuxbox.no-ip.biz>
Date: Sat, 19 Feb 2005 01:16:34 +0100 (CET)
Message-id: <[🔎] 55324.80.203.8.247.1108772194.squirrel@linuxbox.no-ip.biz>
In-reply-to: <m1D2BT8-000ohOC@finlandia.Infodrom.North.DE>
References: <m1D2BT8-000ohOC@finlandia.Infodrom.North.DE>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> -
> --------------------------------------------------------------------------
> Debian Security Advisory DSA 687-1                     security@debian.org
> http://www.debian.org/security/                             Martin Schulze
> February 18th, 2005                     http://www.debian.org/security/faq
> -
> --------------------------------------------------------------------------
>
> Package        : bidwatcher
> Vulnerability  : format string
> Problem-Type   : remote
> Debian-specific: no
> CVE ID         : CAN-2005-0158
>
> Ulf Härnhammar from the Debian Security Audit Project discovered a
> format string vulnerability in bidwatcher, a tool for watching and
> bidding on eBay auctions.  This problem can be triggered remotely by a
> web server of eBay, or someone pretending to be eBay, sending certain
> data back.  As of version 1.3.17 the program uses cURL and is not
> vulnerable anymore.
>
> For the stable distribution (woody) this problem has been fixed in
> version 1.3.3-1woody1.
>
> For the unstable distribution (sid) this problem will be fixed soon.
>
> We recommend that you upgrade your bidwatcher package.
>
>
> Upgrade Instructions
> - --------------------
>
> wget url
>         will fetch the file for you
> dpkg -i file.deb
>         will install the referenced file.
>
> If you are using the apt-get package manager, use the line for
> sources.list as given below:
>
> apt-get update
>         will update the internal database
> apt-get upgrade
>         will install corrected packages
>
> You may use an automated update by adding the resources from the
> footer to the proper configuration.
>
>
> Debian GNU/Linux 3.0 alias woody
> - --------------------------------
>
>   Source archives:
>
>     http://security.debian.org/pool/updates/main/b/bidwatcher/bidwatcher_1.3.3-1woody1.dsc
>       Size/MD5 checksum:      637 2a65bc6cbed81466721793318948aed4
>     http://security.debian.org/pool/updates/main/b/bidwatcher/bidwatcher_1.3.3-1woody1.diff.gz
>       Size/MD5 checksum:     3368 b36c63ae2e6a5c42bb13c506f980e1ba
>     http://security.debian.org/pool/updates/main/b/bidwatcher/bidwatcher_1.3.3.orig.tar.gz
>       Size/MD5 checksum:   136679 2094c233fa21c80f65d5dce1bf4fb133
>
>   Alpha architecture:
>
>     http://security.debian.org/pool/updates/main/b/bidwatcher/bidwatcher_1.3.3-1woody1_alpha.deb
>       Size/MD5 checksum:    95574 dc1f1c5581af8526fe916ea0246fec8e
>
>   ARM architecture:
>
>     http://security.debian.org/pool/updates/main/b/bidwatcher/bidwatcher_1.3.3-1woody1_arm.deb
>       Size/MD5 checksum:    85060 6dff37d2dbb68c869553b4008b47f7df
>
>   Intel IA-32 architecture:
>
>     http://security.debian.org/pool/updates/main/b/bidwatcher/bidwatcher_1.3.3-1woody1_i386.deb
>       Size/MD5 checksum:    82152 49d709d2f5a81dcfd8b462d60af5218b
>
>   Intel IA-64 architecture:
>
>     http://security.debian.org/pool/updates/main/b/bidwatcher/bidwatcher_1.3.3-1woody1_ia64.deb
>       Size/MD5 checksum:   103978 874237be875f51817240c7ce79a96732
>
>   HP Precision architecture:
>
>     http://security.debian.org/pool/updates/main/b/bidwatcher/bidwatcher_1.3.3-1woody1_hppa.deb
>       Size/MD5 checksum:   109292 b164a9dc42b40a2eda85896dfec8d310
>
>   Motorola 680x0 architecture:
>
>     http://security.debian.org/pool/updates/main/b/bidwatcher/bidwatcher_1.3.3-1woody1_m68k.deb
>       Size/MD5 checksum:    79942 7d101eb867927c88d5ec2fd127494497
>
>   Big endian MIPS architecture:
>
>     http://security.debian.org/pool/updates/main/b/bidwatcher/bidwatcher_1.3.3-1woody1_mips.deb
>       Size/MD5 checksum:    81562 f0f65a2f84feef4dc4afa5cb82126350
>
>   Little endian MIPS architecture:
>
>     http://security.debian.org/pool/updates/main/b/bidwatcher/bidwatcher_1.3.3-1woody1_mipsel.deb
>       Size/MD5 checksum:    80606 1e2786878f126a90e26c6894d44f7d35
>
>   PowerPC architecture:
>
>     http://security.debian.org/pool/updates/main/b/bidwatcher/bidwatcher_1.3.3-1woody1_powerpc.deb
>       Size/MD5 checksum:    81478 19128bd956597ed8ed7c6780b09ee15d
>
>   IBM S/390 architecture:
>
>     http://security.debian.org/pool/updates/main/b/bidwatcher/bidwatcher_1.3.3-1woody1_s390.deb
>       Size/MD5 checksum:    80902 d4d892f6ffb796106bdcb09c8ed3181a
>
>   Sun Sparc architecture:
>
>     http://security.debian.org/pool/updates/main/b/bidwatcher/bidwatcher_1.3.3-1woody1_sparc.deb
>       Size/MD5 checksum:    80802 d5882fbca7b6a7b2205a1fb8b5c76112
>
>
>   These files will probably be moved into the stable distribution on
>   its next update.
>
> -
> ---------------------------------------------------------------------------------
> For apt-get: deb http://security.debian.org/ stable/updates main
> For dpkg-ftp: ftp://security.debian.org/debian-security
> dists/stable/updates/main
> Mailing list: debian-security-announce@lists.debian.org
> Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.0 (GNU/Linux)
>
> iD8DBQFCFh7aW5ql+IAeqTIRAjjLAJ41DHcqCxgorvj2YOZQ1THak4eaKgCdFwoy
> U2Lv4hX+dt2oYYG8depUris=
> =sKEt
> -----END PGP SIGNATURE-----
>
>
> --
> To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org
>
>
Reply to:
Prev by Date: Re: Kernel security advice
Next by Date: Re: Kernel security advice
Previous by thread: UNSUBSCRIBE
Next by thread: unsubscribe
Index(es):
- Date
- Thread