[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

DESA-2005-001: several packages

- --------------------------------------------------------------------------
Debian-Edu/Skolelinux Security Advisory DESA 2005-004
http://www.skolelinux.no/security/                      Morten Werner Olsen
January 28th, 2005              debian-edu-security@lists.alioth.debian.org
- --------------------------------------------------------------------------

This DESA deals with severel packages that the Debian Security Team
has fixed. Each section start with "Package" and includes a link to
the Debian Security Team's announce for the security upgrade.


Package             : krb5 (libkrb53)
Vulnerability       : buffer overflow
Need reboot         : no
Debian-Edu-specific : no
CVE ID              : CAN-2004-1189
DSA ID              : DSA-629-1
DSA URL             : http://www.debian.org/security/2005/dsa-629

Package             : kdelibs (kdelibs3 kdelibs3-crypt libarts libkmid)
Vulnerability       : unsanitised input, missing return value check
Need reboot         : no
Debian-Edu-specific : no
CVE ID              : CAN-2004-1165 CAN-2005-0078
DSA ID              : DSA-631-1 DSA-660-1
DSA URL             : http://www.debian.org/security/2005/dsa-631
                      http://www.debian.org/security/2005/dsa-660

Package             : exim (exim)
Vulnerability       : buffer overflow
Need reboot         : no
Debian-Edu-specific : no
CVE ID              : CAN-2005-0021
DSA ID              : DSA-635-1
DSA URL             : http://www.debian.org/security/2005/dsa-635

Package             : glibc (libc6 nscd)
Vulnerability       : insecure temporary files
Need reboot         : no
Debian-Edu-specific : no
CVE ID              : CAN-2004-0968
DSA ID              : DSA-636-1
DSA URL             : http://www.debian.org/security/2005/dsa-636

Package             : cupsys (cupsys cupsys-bsd cupsys-client
                              cupsys-pstoraster libcupsys2)
Vulnerability       : buffer overflow
Need reboot         : no
Debian-Edu-specific : no
CVE ID              : CAN-2005-0064
DSA ID              : DSA-645-1
DSA URL             : http://www.debian.org/security/2005/dsa-645

Package             : xpdf (xpdf xpdf-common xpdf-reader xpdf-utils)
Vulnerability       : buffer overflow
Need reboot         : no
Debian-Edu-specific : no
CVE ID              : CAN-2005-0064
DSA ID              : DSA-648-1
DSA URL             : http://www.debian.org/security/2005/dsa-648

Package             : squid (squid)
Vulnerability       : buffer overflow, integer overflow
Need reboot         : no
Debian-Edu-specific : no
CVE ID              : CAN-2005-0094 CAN-2005-0095
DSA ID              : DSA-651-1
DSA URL             : http://www.debian.org/security/2005/dsa-651

Package             : xine-lib (libxine0)
Vulnerability       : buffer overflow
Need reboot         : no
Debian-Edu-specific : no
CVE ID              : CAN-2004-1379
DSA ID              : DSA-657-1
DSA URL             : http://www.debian.org/security/2005/dsa-657


Upgrade Instructions
- --------------------

Make sure the line

  deb http://security.debian.org/ stable/updates main contrib non-free

is present in your /etc/apt/sources.list and run 'apt-get update' to
update your package lists. Then run

  'apt-get upgrade'

to upgrade all the packages mentioned above. This might upgrade other
packages too, and if you only want to upgrade the packages above, you
should run

  'apt-get install <pkg1> ... <pkgN>'

where <pkg1> to <pkgN> is the package names in paranthesis
from each package section above.

- --------------------------------------------------------------------------
Mailing lists: bruker@skolelinux.no, debian-edu@lists.debian.org,
               linuxiskolen@skolelinux.no, user@skolelinux.de,
               admin-discuss@skolelinux.org
Package info: `apt-cache show <pkg>'

Attachment: signature.asc
Description: Digital signature

Reply to: