- --------------------------------------------------------------------------
Debian-Edu/Skolelinux Security Advisory DESA 2007-012
http://www.skolelinux.org/security/ Steffen Joeris
October 14th, 2007 debian-edu-security@lists.alioth.debian.org
- --------------------------------------------------------------------------
This DESA deals with packages that the Debian Security Team
has fixed. Each section starts with "Package" and includes a link to
the Debian Security Team's announce for the security upgrade.
Package : openssl (libssl, openssl)
Vulnerability : off-by-one error/buffer overflow
Need reboot : no
Debian-Edu-specific : no
CVE ID : CVE-2007-5135
DSA ID : DSA-1379-1
DSA URL : http://www.debian.org/security/2007/dsa-1379
Package : xfs (libdps1, libice6, libsm6, libx11-6, libxaw7,
libxext6, libxft1, libxi6, libxmu6, libxmuu1, libxp6,
libxpm4, libxrandr2, libxt6, libxtrap6, libxtst6,
libxv1, x-window-system-core, xbase-clients, xfs,
xlibmesa-dri, xlibmesa-gl, xlibmesa-glu, xserver-common,
xserver-xfree86, xterm, xutils)
Vulnerability : several
Need reboot : no
Debian-Edu-specific : no
CVE ID : CVE-2007-4568
DSA ID : DSA-1385-1
DSA URL : http://www.debian.org/security/2007/dsa-1385
Upgrade Instructions
- --------------------
Make sure the line
deb http://security.debian.org/ sarge/updates main contrib non-free
is present in your /etc/apt/sources.list and run 'apt-get update' to
update your package lists. Then run
'apt-get upgrade'
to upgrade all the packages mentioned above. This might upgrade other
packages too, and if you only want to upgrade the packages above, you
should run
'apt-get install <pkg1> ... <pkgN>'
where <pkg1> to <pkgN> is the package names in paranthesis
from each package section above.
- --------------------------------------------------------------------------
Mailing lists: debian-edu-announce@lists.debian.org
Package info: `apt-cache show <pkg>'
Attachment:
signature.asc
Description: This is a digitally signed message part.