[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

DESA-2007-003: several vulnerabilities

- --------------------------------------------------------------------------
Debian-Edu/Skolelinux Security Advisory DESA 2007-003
http://www.skolelinux.no/security/                      Steffen Joeris
Jun 18th, 2007              debian-edu-security@lists.alioth.debian.org
- --------------------------------------------------------------------------

This DESA deals with severel packages that the Debian Security Team
has fixed. Each section starts with "Package" and includes a link to
the Debian Security Team's announce for the security upgrade.

Package             : libexif
Vulnerability       : integer overflow
Need reboot         : no
Debian-Edu-specific : no
CVE ID              : CVE-2006-4168
DSA ID              : DSA-1310-1
DSA URL             : http://www.debian.org/security/2007/dsa-1310

Package             : xfree86 (x-window-system, xfonts-100dpi-transcoded,
xfonts-100dpi, xfonts-75dpi-transcoded, xfonts-75dpi, xfonts-base-transcoded,
xfonts-base, xfonts-scalable, xfree86-common, xlibs-data, xlibs, libdps1, 
libice6, libsm6, libx11, libxaw7, libxext6, libxft1, libxft2, libxi6, 
libxmu6, libxmuu1, libxp6, libxpm4, libxrandr2, libxt6, libxtrap6, libxtst6, 
libxv1, x-window-system-core, xbase-clients, xfs, xlibmesa-dri, xlibmesa-gl, 
xlibmesa-glu, xserver-common, xserver-xfree86, xterm, xutils, 
Vulnerability       : several vulnerabilities
Need reboot         : no
Debian-Edu-specific : no
CVE ID              : CVE-2007-1003, CVE-2007-1351, CVE-2007-1352, 
DSA ID              : DSA-1294-1
DSA URL             : http://www.debian.org/security/2007/dsa-1294

Package             : gimp (libgimp2.0, gimp)
Vulnerability       : buffer overflow
Need reboot         : no
Debian-Edu-specific : no
CVE ID              : CVE-2007-2356
DSA ID              : DSA-1301-1
DSA URL             : http://www.debian.org/security/2007/dsa-1301

Package             : openoffice.org (openoffice.org-l10n-ca,
openoffice.org-l10n-de, openoffice.org-l10n-en, openoffice.org-l10n-es, 
openoffice.org-l10n-fr, openoffice.org-l10n-nb, openoffice.org-l10n-nl, 
openoffice.org-l10n-nn, openoffice.org, ttf-opensymbol, openoffice.org-bin)
Vulnerability       : heap overflow
Need reboot         : no
Debian-Edu-specific : no
CVE ID              : CVE-2007-0245
DSA ID              : DSA-1307-1
DSA URL             : http://www.debian.org/security/2007/dsa-1307

Upgrade Instructions
- --------------------

Make sure the line

  deb http://security.debian.org/ sarge/updates main contrib non-free

is present in your /etc/apt/sources.list and run 'apt-get update' to
update your package lists. Then run

  'apt-get upgrade'

to upgrade all the packages mentioned above. This might upgrade other
packages too, and if you only want to upgrade the packages above, you
should run

  'apt-get install <pkg1> ... <pkgN>'

where <pkg1> to <pkgN> is the package names in paranthesis
from each package section above.

- --------------------------------------------------------------------------
Mailing lists: bruker@skolelinux.no, debian-edu@lists.debian.org,
               linuxiskolen@skolelinux.no, user@skolelinux.de,
              admin-discuss@skolelinux.org, debian-edu-french@lists.debian.org
Package info: `apt-cache show <pkg>'

Attachment: signature.asc
Description: This is a digitally signed message part.

Reply to: