DESA-2007-008: several vulnerabilities

To: debian-edu-announce@lists.debian.org
Subject: DESA-2007-008: several vulnerabilities
From: Steffen Joeris <white@debian.org>
Date: Wed, 19 Sep 2007 21:55:12 +1000
Message-id: <200709192155.13312.white@debian.org>
Mail-followup-to: debian-edu@lists.debian.org

- --------------------------------------------------------------------------
Debian-Edu/Skolelinux Security Advisory DESA 2007-008
http://www.skolelinux.org/security/                      Steffen Joeris
September 19th, 2007              debian-edu-security@lists.alioth.debian.org
- --------------------------------------------------------------------------

This DESA deals with packages that the Debian Security Team
has fixed. Each section starts with "Package" and includes a link to
the Debian Security Team's announce for the security upgrade.

Package             : tcpdump (tcpdump)
Vulnerability       : integer overflow
Need reboot         : no
Debian-Edu-specific : no
CVE ID              : CVE-2007-3798
DSA ID              : DSA-1353-1
DSA URL             : http://www.debian.org/security/2007/dsa-1353

Package             : vim (vim, vim-common)
Vulnerability       : several
Need reboot         : no
Debian-Edu-specific : no
CVE ID              : CVE-2007-2953
DSA ID              : DSA-1364-1
DSA URL             : http://www.debian.org/security/2007/dsa-1364

Package             : id3lib3.8.3 (libid3-3.8.3)
Vulnerability       : programming error
Need reboot         : no
Debian-Edu-specific : no
CVE ID              : CVE-2007-4460
DSA ID              : DSA-1365-1
DSA URL             : http://www.debian.org/security/2007/dsa-1365

Package             : openoffice.org (openoffice.org-l10n-ca, 
openoffice.org-l10n-de,
                      openoffice.org-l10n-en, openoffice.org-l10n-es,
                      openoffice.org-l10n-fr, openoffice.org-l10n-nb,
                      openoffice.org-l10n-nl, openoffice.org-l10n-nn, 
ttf-opensymbol
                      openoffice.org, openoffice.org-bin)
Vulnerability       : buffer overflow
Need reboot         : no
Debian-Edu-specific : no
CVE ID              : CVE-2007-2834
DSA ID              : DSA-1375-1
DSA URL             : http://www.debian.org/security/2007/dsa-1375


Upgrade Instructions
- --------------------

Make sure the line

  deb http://security.debian.org/ sarge/updates main contrib non-free

is present in your /etc/apt/sources.list and run 'apt-get update' to
update your package lists. Then run

  'apt-get upgrade'

to upgrade all the packages mentioned above. This might upgrade other
packages too, and if you only want to upgrade the packages above, you
should run

  'apt-get install <pkg1> ... <pkgN>'

where <pkg1> to <pkgN> is the package names in paranthesis
from each package section above.

- --------------------------------------------------------------------------
Mailing lists: debian-edu-announce@lists.debian.org
Package info: `apt-cache show <pkg>'

Attachment: signature.asc
Description: This is a digitally signed message part.

Reply to:

Prev by Date: Stable update: munin
Next by Date: DESA-2007-010: several vulnerabilities
Previous by thread: Stable update: munin
Next by thread: DESA-2007-010: several vulnerabilities
Index(es):
- Date
- Thread