- -------------------------------------------------------------------------- Debian-Edu/Skolelinux Security Advisory DESA 2007-010 http://www.skolelinux.org/security/ Steffen Joeris September 19th, 2007 debian-edu-security@lists.alioth.debian.org - -------------------------------------------------------------------------- This DESA deals with packages that the Debian Security Team has fixed for the stable distribution. Each section starts with "Package" and includes a link to the Debian Security Team's announce for the security upgrade. Package : tcpdump (tcpdump) Vulnerability : integer overflow Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-3798 DSA ID : DSA-1353-1 DSA URL : http://www.debian.org/security/2007/dsa-1353 Package : kdegraphics (kdegraphics, kamera, kcoloredit, kdegraphics-kfile-plugins, kdvi, kfax, kfaxview, kgamma, kghostview, kiconedit, kmrml, kolourpaint, kooka, kpdf, kpovmodeler, kruler, ksnapshot, ksvg, kuickshow, kview, kviewshell, libkscan1) Vulnerability : integer overflow Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-3387 DSA ID : DSA-1355-1 DSA URL : http://www.debian.org/security/2007/dsa-1355 Package : koffice (koffice, kivio-data, koffice-data, koffice-doc-html, kpresenter-data, kpresenter, krita-data, krita, kword-data, kword, kwordquiz, karbon, kchart, kexi, kformula, kivio, koffice-libs, koshell, kplato, kspread, kthesaurus, kugar) Vulnerability : integer overflow Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-3387 DSA ID : DSA-1357-1 DSA URL : http://www.debian.org/security/2007/dsa-1357 Package : rsync (rsync) Vulnerability : buffer overflow Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-4091 DSA ID : DSA-1360-1 DSA URL : http://www.debian.org/security/2007/dsa-1360 Package : vim (vim-common, vim-tiny, vim-runtime, vim) Vulnerability : several Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-2438 CVE-2007-2953 DSA ID : DSA-1364-1 DSA URL : http://www.debian.org/security/2007/dsa-1364 Package : clamav (clamav, clamav-freshclam, libclamav2) Vulnerability : several Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-4510 CVE-2007-4560 DSA ID : DSA-1366-1 DSA URL : http://www.debian.org/security/2007/dsa-1366 Package : krb5 (krb5-user, libkadm55, libkrb53) Vulnerability : buffer overflow Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-3999 DSA ID : DSA-1367-2 DSA URL : http://www.debian.org/security/2007/dsa-1367 Package : librpcsecgss (librpcsecgss3) Vulnerability : buffer overflow Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-3999 DSA ID : DSA-1368-1 DSA URL : http://www.debian.org/security/2007/dsa-1368 Package : xorg-server (xserver-xorg-core) Vulnerability : buffer overflow Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-4730 DSA ID : DSA-1372-1 DSA URL : http://www.debian.org/security/2007/dsa-1372 Package : openoffice.org (openoffice.org, openoffice.org-common, openoffice.org-filter-mobiledev, openoffice.org-help-en, openoffice.org-help-en-us, openoffice.org-help-es, openoffice.org-help-fr, openoffice.org-java-common, openoffice.org-l10n-ca, openoffice.org-l10n-de, openoffice.org-l10n-el, openoffice.org-l10n-en-za, openoffice.org-l10n-es, openoffice.org-l10n-fr, openoffice.org-l10n-nb, openoffice.org-l10n-nl, openoffice.org-l10n-nn, ttf-opensymbol, openoffice.org-base, openoffice.org-calc, openoffice.org-core, openoffice.org-draw, openoffice.org-impress, openoffice.org-math, openoffice.org-writer, python-uno) Vulnerability : buffer overflow Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-2834 DSA ID : DSA-1375-1 DSA URL : http://www.debian.org/security/2007/dsa-1375 Upgrade Instructions - -------------------- Make sure the line deb http://security.debian.org/ etch/updates main contrib non-free is present in your /etc/apt/sources.list and run 'apt-get update' to update your package lists. Then run 'aptitude upgrade' to upgrade all the packages mentioned above. This might upgrade other packages too, and if you only want to upgrade the packages above, you should run 'aptitude install <pkg1> ... <pkgN>' where <pkg1> to <pkgN> is the package names in paranthesis from each package section above. - -------------------------------------------------------------------------- Mailing lists: debian-edu-announce@lists.debian.org Package info: `apt-cache show <pkg>'
Attachment:
signature.asc
Description: This is a digitally signed message part.