- -------------------------------------------------------------------------- Debian-Edu/Skolelinux Security Advisory DESA 2005-010 http://www.skolelinux.no/security/ Morten Werner Olsen July 11th, 2005 debian-edu-security@lists.alioth.debian.org - -------------------------------------------------------------------------- This DESA deals with severel packages that the Debian Security Team has fixed. Each section start with "Package" and includes a link to the Debian Security Team's announce for the security upgrade. Package : bzip (bzip2) Vulnerability : infinite loop Need reboot : no Debian-Edu-specific : no CVE ID : CAN-2005-1260 DSA ID : DSA-741-1 DSA URL : http://www.debian.org/security/2005/dsa-741 Package : sudo (sudo) Vulnerability : pathname validation race Need reboot : no Debian-Edu-specific : no CVE ID : CAN-2005-1993 DSA ID : DSA-735-1 DSA URL : http://www.debian.org/security/2005/dsa-735 Package : squid (squid) Vulnerability : IP-spoofing Need reboot : no Debian-Edu-specific : no CVE ID : CAN-2005-1519 DSA ID : DSA-751-1 DSA URL : http://www.debian.org/security/2005/dsa-751 Package : gzip (gzip) Vulnerability : several Need reboot : no Debian-Edu-specific : no CVE ID : CAN-2005-0988 CAN-2005-1228 DSA ID : DSA-752-1 DSA URL : http://www.debian.org/security/2005/dsa-752 Upgrade Instructions - -------------------- Make sure the line deb http://security.debian.org/ woody/updates main contrib non-free is present in your /etc/apt/sources.list and run 'apt-get update' to update your package lists. Then run 'apt-get upgrade' to upgrade all the packages mentioned above. This might upgrade other packages too, and if you only want to upgrade the packages above, you should run 'apt-get install <pkg1> ... <pkgN>' where <pkg1> to <pkgN> is the package names in paranthesis from each package section above. - -------------------------------------------------------------------------- Mailing lists: bruker@skolelinux.no, debian-edu@lists.debian.org, linuxiskolen@skolelinux.no, user@skolelinux.de, admin-discuss@skolelinux.org Package info: `apt-cache show <pkg>'
Attachment:
signature.asc
Description: Digital signature