[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

DESA-2006-001: several packages

- --------------------------------------------------------------------------
Debian-Edu/Skolelinux Security Advisory DESA 2006-001
http://www.skolelinux.no/security/                      Morten Werner Olsen
January 27th, 2005              debian-edu-security@lists.alioth.debian.org
- --------------------------------------------------------------------------

This DESA deals with severel packages that the Debian Security Team
has fixed. Each section start with "Package" and includes a link to
the Debian Security Team's announce for the security upgrade.


Package             : courier (courier-authdaemon, courier-base,
                      courier-imap, courier-ldap)
Vulnerability       : programming error
Need reboot         : no
Debian-Edu-specific : no
CVE ID              : CAN-2005-3532
DSA ID              : DSA-917-1
DSA URL             : http://www.debian.org/security/2005/dsa-917

Package             : curl (libcurl2)
Vulnerability       : buffer overflow
Need reboot         : no
Debian-Edu-specific : no
CVE ID              : CAN-2005-4077 CVE-2005-3185
DSA ID              : DSA-919-1
DSA URL             : http://www.debian.org/security/2005/dsa-919

Package             : xpdf (xpdf xpdf-common xpdf-reader xpdf-utils)
Vulnerability       : buffer overflows
Need reboot         : no
Debian-Edu-specific : no
CVE ID              : CAN-2005-3191 CAN-2005-3192 CAN-2005-3193
                      CVE-2005-3624 CVE-2005-3625 CVE-2005-3626
                      CVE-2005-3627 CVE-2005-3628
DSA ID              : DSA-931-1
DSA URL             : http://www.debian.org/security/2005/dsa-931

Package             : unzip (unzip)
Vulnerability       : race condition
Need reboot         : no
Debian-Edu-specific : no
CVE ID              : CAN-2005-2475
DSA ID              : DSA-903-2
DSA URL             : http://www.debian.org/security/2005/dsa-903

Package             : tetex-bin (tetex-bin libkpathsea3)
Vulnerability       : buffer overflows
Need reboot         : no
Debian-Edu-specific : no
CVE ID              : CAN-2005-3191 CVE-2005-3192 CVE-2005-3624
                      CVE-2005-3625 CVE-2005-3626 CVE-2005-3627
                      CVE-2005-3628
DSA ID              : DSA-937-1
DSA URL             : http://www.debian.org/security/2005/dsa-937

Package             : sudo (sudo)
Vulnerability       : missing input sanitising
Need reboot         : no
Debian-Edu-specific : no
CVE ID              : CAN-2005-4158 CVE-2006-0151
DSA ID              : DSA-946-1
DSA URL             : http://www.debian.org/security/2005/dsa-946

Package             : cupsys (cupsys cupsys-bsd cupsys-client
                              cupsys-pstoraster libcupsys2)
Vulnerability       : buffer overflows
Need reboot         : no
Debian-Edu-specific : no
CVE ID              : CAN-2005-3191 CVE-2005-3192 CVE-2005-3193
                      CVE-2005-3624 CVE-2005-3625 CVE-2005-3626
                      CVE-2005-3627 CVE-2005-3628
DSA ID              : DSA-950-1
DSA URL             : http://www.debian.org/security/2005/dsa-950


Upgrade Instructions
- --------------------

Make sure the line

  deb http://security.debian.org/ woody/updates main contrib non-free

is present in your /etc/apt/sources.list and run 'apt-get update' to
update your package lists. Then run

  'apt-get upgrade'

to upgrade all the packages mentioned above. This might upgrade other
packages too, and if you only want to upgrade the packages above, you
should run

  'apt-get install <pkg1> ... <pkgN>'

where <pkg1> to <pkgN> is the package names in paranthesis
from each package section above.

- --------------------------------------------------------------------------
Mailing lists: bruker@skolelinux.no, debian-edu@lists.debian.org,
               linuxiskolen@skolelinux.no, user@skolelinux.de,
               admin-discuss@skolelinux.org
Package info: `apt-cache show <pkg>'

Attachment: signature.asc
Description: Digital signature

Reply to: