- -------------------------------------------------------------------------- Debian-Edu/Skolelinux Security Advisory DESA 2007-015 http://www.skolelinux.org/security/ Steffen Joeris November 19th, 2007 debian-edu-security@lists.alioth.debian.org - -------------------------------------------------------------------------- This DESA deals with packages that the Debian Security Team has fixed for the stable distribution. Each section starts with "Package" and includes a link to the Debian Security Team's announce for the security upgrade. Package : librpcsecgss (librpcsecgss3) Vulnerability : buffer overflow Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-4743 DSA ID : DSA-1387-1 DSA URL : http://www.debian.org/security/2007/dsa-1387 Package : dhcp (dhcp, dhcp-client) Vulnerability : buffer overflow Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-5365 DSA ID : DSA-1388-3 DSA URL : http://www.debian.org/security/2007/dsa-1388 Package : t1lib (libt1) Vulnerability : buffer overflow Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-4033 DSA ID : DSA-1390-1 DSA URL : http://www.debian.org/security/2007/dsa-1390 Package : icedove (icedove, mozilla-thunderbird) Vulnerability : several Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-3734 CVE-2007-3735 CVE-2007-3844 CVE-2007-3845 CVE-2007-5339 CVE-2007-5340 DSA ID : DSA-1391-1 DSA URL : http://www.debian.org/security/2007/dsa-1391 Package : xulrunner (libmozjs0d, libnspr4-0d, libnss3-0d, libxul0d, xulrunner-gnome-support, libxul-common) Vulnerability : several Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-1095 CVE-2007-2292 CVE-2007-3511 CVE-2007-5334 CVE-2007-5337 CVE-2007-5338 CVE-2007-5339 CVE-2007-5340 DSA ID : DSA-1392-1 DSA URL : http://www.debian.org/security/2007/dsa-1392 Package : icedove (firefox, iceweasel-gnome-support, iceweasel) Vulnerability : several Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-1095 CVE-2007-2292 CVE-2007-3511 CVE-2007-5334 CVE-2007-5337 CVE-2007-5338 CVE-2007-5339 CVE-2007-5340 DSA ID : DSA-1396-1 DSA URL : http://www.debian.org/security/2007/dsa-1396 Package : mono (libmono-cairo1.0-cil, libmono-corlib1.0-cil, libmono-system1.0-cil, mono-common, mono-gac, mono-jit, mono-runtime) Vulnerability : integer overflow Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-5197 DSA ID : DSA-1397-1 DSA URL : http://www.debian.org/security/2007/dsa-1397 Package : pcre3 (libpcre3) Vulnerability : several Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-1659 CVE-2007-1660 CVE-2007-1661 CVE-2007-1662 CVE-2007-4766 CVE-2007-4767 CVE-2007-4768 DSA ID : DSA-1399-1 DSA URL : http://www.debian.org/security/2007/dsa-1399 Package : perl (libperl5, perl-modules, perl, perl-base) Vulnerability : heap overflow Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-5116 DSA ID : DSA-1400-1 DSA URL : http://www.debian.org/security/2007/dsa-1400 Package : cupsys (cupsys-common, libcupsys2, libcupsimage2, cupsys, cupsys-bsd, cupsys-client) Vulnerability : buffer overflow Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-4351 DSA ID : DSA-1407-1 DSA URL : http://www.debian.org/security/2007/dsa-1407 Upgrade Instructions - -------------------- Make sure the line deb http://security.debian.org/ etch/updates main contrib non-free is present in your /etc/apt/sources.list and run 'aptitude update' to update your package lists. Then run 'aptitude upgrade' to upgrade all the packages mentioned above. This might upgrade other packages too, and if you only want to upgrade the packages above, you should run 'aptitude install <pkg1> ... <pkgN>' where <pkg1> to <pkgN> is the package names in paranthesis from each package section above. - -------------------------------------------------------------------------- Mailing lists: debian-edu-announce@lists.debian.org Package info: `apt-cache show <pkg>'
Attachment:
signature.asc
Description: This is a digitally signed message part.