- -------------------------------------------------------------------------- Debian-Edu/Skolelinux Security Advisory DESA 2006-007 http://www.skolelinux.no/security/ Morten Werner Olsen October 30th, 2006 debian-edu-security@lists.alioth.debian.org - -------------------------------------------------------------------------- This DESA deals with severel packages that the Debian Security Team has fixed. Each section start with "Package" and includes a link to the Debian Security Team's announce for the security upgrade. Package : gimp (gimp, libgimp2.0, gimp-data) Vulnerability : buffer overflow Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2006-3404 DSA ID : DSA-1116-1 DSA URL : http://www.debian.org/security/2006/dsa-1116 Package : unzip (unzip) Vulnerability : buffer overflow Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2005-4667 DSA ID : DSA-1012-1 DSA URL : http://www.debian.org/security/2006/dsa-1012 Package : freetype (libfreetype6) Vulnerability : integer overflows Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2006-2661 CVE-2006-3467 DSA ID : DSA-1095-1 DSA-1178-1 DSA URL : http://www.debian.org/security/2006/dsa-1095 http://www.debian.org/security/2006/dsa-1178 Package : openssl (openssl, libssl0.9.7, libcrypto0.9.7-udeb) Vulnerability : cryptographic weakness Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2006-4339 CVE-2006-2940 DSA ID : DSA-1173-1 DSA-1185-1 DSA URL : http://www.debian.org/security/2006/dsa-1173 http://www.debian.org/security/2006/dsa-1185 Package : kdebase (kcontrol, kdebase-bin, kdebase-data) Vulnerability : programming error Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2006-2449 DSA ID : DSA-1156-1 DSA URL : http://www.debian.org/security/2006/dsa-1156 Package : libwmf (libwmf0.2-7) Vulnerability : integer overflow Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2006-3376 DSA ID : DSA-1194-1 DSA URL : http://www.debian.org/security/2006/dsa-1194 Package : webmin (webmin, webmin-core) Vulnerability : multiple vulnerabilities Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2006-4542 DSA ID : DSA-1199-1 DSA URL : http://www.debian.org/security/2006/dsa-1199 Upgrade Instructions - -------------------- Make sure the line deb http://security.debian.org/ sarge/updates main contrib non-free is present in your /etc/apt/sources.list and run 'apt-get update' to update your package lists. Then run 'apt-get upgrade' to upgrade all the packages mentioned above. This might upgrade other packages too, and if you only want to upgrade the packages above, you should run 'apt-get install <pkg1> ... <pkgN>' where <pkg1> to <pkgN> is the package names in paranthesis from each package section above. - -------------------------------------------------------------------------- Mailing lists: bruker@skolelinux.no, debian-edu@lists.debian.org, linuxiskolen@skolelinux.no, user@skolelinux.de, admin-discuss@skolelinux.org Package info: `apt-cache show <pkg>'
Attachment:
signature.asc
Description: Digital signature