DESA-2005-012: several packages

To: bruker@skolelinux.no, debian-edu@lists.debian.org, linuxiskolen@skolelinux.no, user@skolelinux.de, admin-discuss@skolelinux.org
Subject: DESA-2005-012: several packages
From: "Morten Werner Olsen" <werner@usit.uio.no>
Date: Fri, 14 Oct 2005 19:28:59 +0200
Message-id: <[🔎] 20051014172859.GB11754@nangijala.uio.no>

- --------------------------------------------------------------------------
Debian-Edu/Skolelinux Security Advisory DESA 2005-012
http://www.skolelinux.no/security/                      Morten Werner Olsen
October 14th, 2005              debian-edu-security@lists.alioth.debian.org
- --------------------------------------------------------------------------

This DESA deals with severel packages that the Debian Security Team
has fixed. Each section start with "Package" and includes a link to
the Debian Security Team's announce for the security upgrade.


Package             : pcre3 (libpcre3)
Vulnerability       : integer overflow
Need reboot         : no
Debian-Edu-specific : no
CVE ID              : CAN-2005-2491
DSA ID              : DSA-800-1
DSA URL             : http://www.debian.org/security/2005/dsa-800

Package             : cvs (cvs)
Vulnerability       : insecure temporary files
Need reboot         : no
Debian-Edu-specific : no
CVE ID              : CAN-2005-2693
DSA ID              : DSA-802-1
DSA URL             : http://www.debian.org/security/2005/dsa-802

Package             : apache apache-common (apache)
Vulnerability       : programming error
Need reboot         : no
Debian-Edu-specific : no
CVE ID              : CAN-2005-2088
DSA ID              : DSA-803-1
DSA URL             : http://www.debian.org/security/2005/dsa-803

Package             : squid (squid)
Vulnerability       : several
Need reboot         : no
Debian-Edu-specific : no
CVE ID              : CAN-2005-2794 CAN-2005-2796
DSA ID              : DSA-809-1
DSA URL             : http://www.debian.org/security/2005/dsa-809

Package             : python2.2 (python2.2)
Vulnerability       : integer overflow
Need reboot         : no
Debian-Edu-specific : no
CVE ID              : CAN-2005-2491
DSA ID              : DSA-817-1
DSA URL             : http://www.debian.org/security/2005/dsa-817

Package             : python2.1 (python2.1)
Vulnerability       : integer overflow
Need reboot         : no
Debian-Edu-specific : no
CVE ID              : CAN-2005-2491
DSA ID              : DSA-819-1
DSA URL             : http://www.debian.org/security/2005/dsa-819

Package             : util-linux bsdtools mount (util-linux)
Vulnerability       : privilege escalation
Need reboot         : no
Debian-Edu-specific : no
CVE ID              : CAN-2005-2876
DSA ID              : DSA-823-1
DSA URL             : http://www.debian.org/security/2005/dsa-823


Upgrade Instructions
- --------------------

Make sure the line

  deb http://security.debian.org/ woody/updates main contrib non-free

is present in your /etc/apt/sources.list and run 'apt-get update' to
update your package lists. Then run

  'apt-get upgrade'

to upgrade all the packages mentioned above. This might upgrade other
packages too, and if you only want to upgrade the packages above, you
should run

  'apt-get install <pkg1> ... <pkgN>'

where <pkg1> to <pkgN> is the package names in paranthesis
from each package section above.

- --------------------------------------------------------------------------
Mailing lists: bruker@skolelinux.no, debian-edu@lists.debian.org,
               linuxiskolen@skolelinux.no, user@skolelinux.de,
               admin-discuss@skolelinux.org
Package info: `apt-cache show <pkg>'

Attachment: signature.asc
Description: Digital signature

Reply to:

Prev by Date: Re: Yes, I will participate in the developer gathering Oct 14th-16th 2005
Next by Date: DESA-2005-013: several packages
Previous by thread: Re: Yes, I will participate in the developer gathering Oct 14th-16th 2005
Next by thread: DESA-2005-013: several packages
Index(es):
- Date
- Thread