[Fwd: unsubscribe]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hmmm... That's a pretty strange subject for a Security Advisory! :-)
- -------- Original Message --------
Subject: unsubscribe
Resent-Date: Mon, 10 Oct 2005 14:30:46 -0500 (CDT)
Resent-From: debian-security@lists.debian.org
Date: Mon, 10 Oct 2005 21:07:42 +0200
From: security <security@deviation.nl>
To: debian-security@lists.debian.org
References: <m1EP1p4-000ophC@finlandia.Infodrom.North.DE>
Martin Schulze wrote:
> --------------------------------------------------------------------------
> Debian Security Advisory DSA 858-1 security@debian.org
> http://www.debian.org/security/ Martin Schulze
> October 10th, 2005 http://www.debian.org/security/faq
> --------------------------------------------------------------------------
>
> Package : xloadimage
> Vulnerability : buffer overflows
> Problem type : local (remote)
> Debian-specific: no
> CVE ID : CAN-2005-3178
> Debian Bug : 332524
>
> Ariel Berkman discovered several buffer overflows in xloadimage, a
> graphics file viewer for X11, that can be exploited via large image
> titles and cause the execution of arbitrary code.
>
> For the old stable distribution (woody) these problems have been fixed in
> version 4.1-10woody2.
>
> For the stable distribution (sarge) these problems have been fixed in
> version 4.1-14.3.
>
> For the unstable distribution (sid) these problems have been fixed in
> version 4.1-15.
>
> We recommend that you upgrade your xloadimage package.
>
>
> Upgrade Instructions
> --------------------
>
> wget url
> will fetch the file for you
> dpkg -i file.deb
> will install the referenced file.
>
> If you are using the apt-get package manager, use the line for
> sources.list as given below:
>
> apt-get update
> will update the internal database
> apt-get upgrade
> will install corrected packages
>
> You may use an automated update by adding the resources from the
> footer to the proper configuration.
>
>
> Debian GNU/Linux 3.0 alias woody
> --------------------------------
>
> Source archives:
>
> http://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-10woody2.dsc
> Size/MD5 checksum: 608 2b194d25f2cd86d8c1b1f2f5a467bcc9
> http://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-10woody2.diff.gz
> Size/MD5 checksum: 50186 53a9172758b709cf3f0e99936d47c4a4
> http://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1.orig.tar.gz
> Size/MD5 checksum: 596021 7331850fc04056ab8ae6b5725d1fb3d2
>
> Alpha architecture:
>
> http://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-10woody2_alpha.deb
> Size/MD5 checksum: 139088 7be358557b829074706d31d8e02482e6
>
> ARM architecture:
>
> http://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-10woody2_arm.deb
> Size/MD5 checksum: 111128 6b7317be277325f505f73e15e4a2e5d1
>
> Intel IA-32 architecture:
>
> http://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-10woody2_i386.deb
> Size/MD5 checksum: 105382 0ab75115524b1bc8de2e6ef3f4a44eeb
>
> Intel IA-64 architecture:
>
> http://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-10woody2_ia64.deb
> Size/MD5 checksum: 169892 25d4ed26d2a77ef23e496daf5f7123e0
>
> HP Precision architecture:
>
> http://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-10woody2_hppa.deb
> Size/MD5 checksum: 125956 92a18e4bfb850b4e0d45edd854241bef
>
> Motorola 680x0 architecture:
>
> http://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-10woody2_m68k.deb
> Size/MD5 checksum: 99060 d8b7db59ee60184b1c6655d44ae9d8ab
>
> Big endian MIPS architecture:
>
> http://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-10woody2_mips.deb
> Size/MD5 checksum: 119736 3224dc48075eebeb2204e24f41a9be8b
>
> Little endian MIPS architecture:
>
> http://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-10woody2_mipsel.deb
> Size/MD5 checksum: 119622 0309e0d20f98b0baf6b9d464dc2f9c92
>
> PowerPC architecture:
>
> http://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-10woody2_powerpc.deb
> Size/MD5 checksum: 112998 bb0d48772430bacf901f91413e58b8cb
>
> IBM S/390 architecture:
>
> http://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-10woody2_s390.deb
> Size/MD5 checksum: 113296 7704a714f140c824f9a76a68bb0cf5fb
>
> Sun Sparc architecture:
>
> http://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-10woody2_sparc.deb
> Size/MD5 checksum: 115220 c42cc65553599e953baf2140c5f63365
>
>
> Debian GNU/Linux 3.1 alias sarge
> --------------------------------
>
> Source archives:
>
> http://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-14.3.dsc
> Size/MD5 checksum: 613 c22e9b8a14b2e3cb09db7b0eaaceb74e
> http://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-14.3.diff.gz
> Size/MD5 checksum: 66821 75afd2e1725f602ea7ee6c31677de491
> http://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1.orig.tar.gz
> Size/MD5 checksum: 596021 7331850fc04056ab8ae6b5725d1fb3d2
>
> Alpha architecture:
>
> http://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-14.3_alpha.deb
> Size/MD5 checksum: 144484 b56080219d894c106d3930893e0c5efb
>
> AMD64 architecture:
>
> http://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-14.3_amd64.deb
> Size/MD5 checksum: 117762 f96ca8e4fd5c8181508cda671e250835
>
> ARM architecture:
>
> http://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-14.3_arm.deb
> Size/MD5 checksum: 113260 6f70e2fd9b04aab3acb31e8f32d8004f
>
> Intel IA-32 architecture:
>
> http://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-14.3_i386.deb
> Size/MD5 checksum: 112570 939143ec3b3c1a9de86a3d239c21dd9d
>
> Intel IA-64 architecture:
>
> http://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-14.3_ia64.deb
> Size/MD5 checksum: 168800 ce97c7a1db1491382d7bec6388920098
>
> HP Precision architecture:
>
> http://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-14.3_hppa.deb
> Size/MD5 checksum: 127336 307fcd295e7f63204f21c3484dc07d84
>
> Motorola 680x0 architecture:
>
> http://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-14.3_m68k.deb
> Size/MD5 checksum: 102792 bd1d5a3337433499a89946f6377ac3c6
>
> Big endian MIPS architecture:
>
> http://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-14.3_mips.deb
> Size/MD5 checksum: 124776 8bfe51681d7619d7850325ea00f87f5a
>
> Little endian MIPS architecture:
>
> http://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-14.3_mipsel.deb
> Size/MD5 checksum: 125416 027a884f264f32c67b1d5cc0c9d48e98
>
> PowerPC architecture:
>
> http://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-14.3_powerpc.deb
> Size/MD5 checksum: 120466 3ed583a03a58367e6e26d99d1f30f050
>
> IBM S/390 architecture:
>
> http://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-14.3_s390.deb
> Size/MD5 checksum: 120484 3990984d86ef50845d894b57d0036f36
>
> Sun Sparc architecture:
>
> http://security.debian.org/pool/updates/main/x/xloadimage/xloadimage_4.1-14.3_sparc.deb
> Size/MD5 checksum: 112758 d9d7f94f2722b0a9b1fd7ea09955e3e7
>
>
> These files will probably be moved into the stable distribution on
> its next update.
>
> ---------------------------------------------------------------------------------
> For apt-get: deb http://security.debian.org/ stable/updates main
> For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
> Mailing list: debian-security-announce@lists.debian.org
> Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
>
- --
To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
- --
Felipe Augusto van de Wiel (faw)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Debian - http://enigmail.mozdev.org
iD8DBQFDSta3CjAO0JDlykYRAp6UAKC7bj7bAY7M0XzTSOC5z/62wDFU4ACfRJCa
LBifN3VjfjJlppWbyHeNOYM=
=Ppnf
-----END PGP SIGNATURE-----
Reply to: