- -------------------------------------------------------------------------- Debian-Edu/Skolelinux Security Advisory DESA 2007-017 http://www.skolelinux.org/security/ Steffen Joeris December 13th, 2007 debian-edu-security@lists.alioth.debian.org - -------------------------------------------------------------------------- This DESA deals with packages that the Debian Security Team has fixed for the stable distribution. Each section starts with "Package" and includes a link to the Debian Security Team's announce for the security upgrade. Package : samba (samba-doc, winbind, smbclient, samba-common, smbfs, libsmbclient, samba) Vulnerability : several Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-4572 CVE-2007-5398 CVE-2007-6015 DSA ID : DSA-1409-2, DSA-1427-1 DSA URL : http://www.debian.org/security/2007/dsa-1409 DSA URL : http://www.debian.org/security/2007/dsa-1427 Package : ruby1.8 (libruby1.8, ruby1.8) Vulnerability : programming error Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-5162 CVE-2007-5770 DSA ID : DSA-1410-1 DSA URL : http://www.debian.org/security/2007/dsa-1410 Package : mysql-dfsg-5.0 (mysql-common, libmysqlclient15off) Vulnerability : multiple Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-2583 CVE-2007-2691 CVE-2007-2692 CVE-2007-3780 CVE-2007-3782 CVE-2007-5925 DSA ID : DSA-1413-1 DSA URL : http://www.debian.org/security/2007/dsa-1413 Package : wireshark (wireshark, wireshark-common, ethereal) Vulnerability : several Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-6114 CVE-2007-6117 CVE-2007-6118 CVE-2007-6120 CVE-2007-6121 DSA ID : DSA-1414-1 DSA URL : http://www.debian.org/security/2007/dsa-1414 Package : tk8.4 (tk8.4) Vulnerability : buffer overflow Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-5378 DSA ID : DSA-1415-1 DSA URL : http://www.debian.org/security/2007/dsa-1415 Package : tk8.3 (tk8.3) Vulnerability : buffer overflow Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-5378 DSA ID : DSA-1416-1 DSA URL : http://www.debian.org/security/2007/dsa-1416 Package : openoffice.org (openoffice.org, openoffice.org-common, openoffice.org-filter-mobiledev, openoffice.org-help-en, openoffice.org-help-en-us, openoffice.org-help-es, openoffice.org-help-fr, openoffice.org-java-common, openoffice.org-l10n-ca, openoffice.org-l10n-de, openoffice.org-l10n-el, openoffice.org-l10n-en-za, openoffice.org-l10n-es, openoffice.org-l10n-fr, openoffice.org-l10n-nb, openoffice.org-l10n-nl, openoffice.org-l10n-nn, ttf-opensymbol, openoffice.org-base, openoffice.org-calc, openoffice.org-core, openoffice.org-draw, openoffice.org-impress, openoffice.org-math, openoffice.org-writer, python-uno) Vulnerability : programming error Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-4575 DSA ID : DSA-1419-1 DSA URL : http://www.debian.org/security/2007/dsa-1419 Package : e2fsprogs (libuuid1, libcomerr2, e2fslibs, libss2, e2fsprogs, libblkid1) Vulnerability : integer overflows Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-5497 DSA ID : DSA-1422-1 DSA URL : http://www.debian.org/security/2007/dsa-1422 Package : iceweasel (iceweasel-gnome-support, iceweasel, firefox) Vulnerability : several vulnerabilities Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-5947 CVE-2007-5959 CVE-2007-5960 DSA ID : DSA-1424-1 DSA URL : http://www.debian.org/security/2007/dsa-1424 Package : xulrunner (xulrunner-gnome-support, libxul-common, libxul0d) Vulnerability : several vulnerabilities Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-5947 CVE-2007-5959 CVE-2007-5960 DSA ID : DSA-1425-1 DSA URL : http://www.debian.org/security/2007/dsa-1425 Package : qt-x11-free (libqt3-mt) Vulnerability : several vulnerabilities Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-3388 CVE-2007-4137 DSA ID : DSA-1426-1 DSA URL : http://www.debian.org/security/2007/dsa-1426 Package : libnss-ldap (libnss-ldap) Vulnerability : denial of service Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-5794 DSA ID : DSA-1430-1 DSA URL : http://www.debian.org/security/2007/dsa-1430 Upgrade Instructions - -------------------- Make sure the line deb http://security.debian.org/ etch/updates main contrib non-free is present in your /etc/apt/sources.list and run 'aptitude update' to update your package lists. Then run 'aptitude upgrade' to upgrade all the packages mentioned above. This might upgrade other packages too, and if you only want to upgrade the packages above, you should run 'aptitude install <pkg1> ... <pkgN>' where <pkg1> to <pkgN> is the package names in paranthesis from each package section above. - -------------------------------------------------------------------------- Mailing lists: debian-edu-announce@lists.debian.org Package info: `apt-cache show <pkg>'
Attachment:
signature.asc
Description: This is a digitally signed message part.