DESA-2005-014: several packages

To: bruker@skolelinux.no, debian-edu@lists.debian.org, linuxiskolen@skolelinux.no, user@skolelinux.de, admin-discuss@skolelinux.org
Subject: DESA-2005-014: several packages
From: "Morten Werner Olsen" <werner@usit.uio.no>
Date: Fri, 2 Dec 2005 20:00:30 +0100
Message-id: <[🔎] 20051202190029.GA6375@nangijala.uio.no>
Mail-followup-to: bruker@skolelinux.no, debian-edu@lists.debian.org, linuxiskolen@skolelinux.no, user@skolelinux.de, admin-discuss@skolelinux.org

- --------------------------------------------------------------------------
Debian-Edu/Skolelinux Security Advisory DESA 2005-014
http://www.skolelinux.no/security/                      Morten Werner Olsen
December 2nd, 2005              debian-edu-security@lists.alioth.debian.org
- --------------------------------------------------------------------------

This DESA deals with severel packages that the Debian Security Team
has fixed. Each section start with "Package" and includes a link to
the Debian Security Team's announce for the security upgrade.


Package             : sudo (sudo)
Vulnerability       : missing input sanitising
Need reboot         : no
Debian-Edu-specific : no
CVE ID              : CAN-2005-2959
DSA ID              : DSA-870-1
DSA URL             : http://www.debian.org/security/2005/dsa-870

Package             : imlib (gdk-imlib1)
Vulnerability       : unsanitised input
Need reboot         : no
Debian-Edu-specific : no
CVE ID              : CAN-2004-0817
DSA ID              : DSA-548-2
DSA URL             : http://www.debian.org/security/2004/dsa-548

Package             : lynx (lynx)
Vulnerability       : buffer overflow
Need reboot         : no
Debian-Edu-specific : no
CVE ID              : CAN-2005-3120
DSA ID              : DSA-874-1
DSA URL             : http://www.debian.org/security/2005/dsa-874

Package             : lynx-ssl (lynx-ssl)
Vulnerability       : buffer overflow
Need reboot         : no
Debian-Edu-specific : no
CVE ID              : CAN-2005-3120
DSA ID              : DSA-876-1
DSA URL             : http://www.debian.org/security/2005/dsa-876

Package             : squid (squid)
Vulnerability       : assertion error
Need reboot         : no
Debian-Edu-specific : no
CVE ID              : CAN-2005-2794
DSA ID              : DSA-809-1
DSA URL             : http://www.debian.org/security/2005/dsa-809

Package             : openssl (libssl0.9.6 openssl)
Vulnerability       : 
Need reboot         : no
Debian-Edu-specific : no
CVE ID              : CAN-2005-2969
DSA ID              : DSA-888-1
DSA URL             : http://www.debian.org/security/2005/dsa-888

Package             : libungif4 (libungif4g)
Vulnerability       : several
Need reboot         : no
Debian-Edu-specific : no
CVE ID              : CAN-2005-2974 CVE-2005-3350
DSA ID              : DSA-890-1
DSA URL             : http://www.debian.org/security/2005/dsa-890

Package             : unzip (unzip)
Vulnerability       : race condition
Need reboot         : no
Debian-Edu-specific : no
CVE ID              : CAN-2005-2475
DSA ID              : DSA-903-1
DSA URL             : http://www.debian.org/security/2005/dsa-903

Package             : netpbm-free (libnetpbm9 netpbm)
Vulnerability       : buffer overflows
Need reboot         : no
Debian-Edu-specific : no
CVE ID              : CAN-2005-3632
DSA ID              : DSA-904-1
DSA URL             : http://www.debian.org/security/2005/dsa-904

Package             : gdk-pixbuf (libgdk-pixbuf-gnome2 libgdk-pixbuf2)
Vulnerability       : several
Need reboot         : no
Debian-Edu-specific : no
CVE ID              : CAN-2005-2975 CVE-2005-2976 CVE-2005-3186
DSA ID              : DSA-913-1
DSA URL             : http://www.debian.org/security/2005/dsa-913


Upgrade Instructions
- --------------------

Make sure the line

  deb http://security.debian.org/ woody/updates main contrib non-free

is present in your /etc/apt/sources.list and run 'apt-get update' to
update your package lists. Then run

  'apt-get upgrade'

to upgrade all the packages mentioned above. This might upgrade other
packages too, and if you only want to upgrade the packages above, you
should run

  'apt-get install <pkg1> ... <pkgN>'

where <pkg1> to <pkgN> is the package names in paranthesis
from each package section above.

- --------------------------------------------------------------------------
Mailing lists: bruker@skolelinux.no, debian-edu@lists.debian.org,
               linuxiskolen@skolelinux.no, user@skolelinux.de,
               admin-discuss@skolelinux.org
Package info: `apt-cache show <pkg>'

Attachment: signature.asc
Description: Digital signature

Reply to:

Prev by Date: Processed: commited
Next by Date: [Bug 984] KLatin German translation: "ablativer Singular"
Previous by thread: Processed: commited
Next by thread: [Bug 984] KLatin German translation: "ablativer Singular"
Index(es):
- Date
- Thread