- -------------------------------------------------------------------------- Debian-Edu/Skolelinux Security Advisory DESA 2007-005 http://www.skolelinux.org/security/ Steffen Joeris August 7th, 2007 debian-edu-security@lists.alioth.debian.org - -------------------------------------------------------------------------- This DESA deals with packages that the Debian Security Team has fixed for the stable distribution. Each section starts with "Package" and includes a link to the Debian Security Team's announce for the security upgrade. Package : xulrunner (xulrunner-gnome-support) Vulnerability : several vulnerabilities Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-3089, CVE-2007-3285, CVE-2007-3656, CVE-2007-3734, CVE-2007-3735, CVE-2007-3736, CVE-2007-3737, CVE-2007-3738 DSA ID : DSA-1337-1 DSA URL : http://www.debian.org/security/2007/dsa-1337 Package : iceweasel (iceweasel-gnome-support, iceweasel, firefox) Vulnerability : several vulnerabilities Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-3089, CVE-2007-3656, CVE-2007-3734, CVE-2007-3735, CVE-2007-3736, CVE-2007-3737, CVE-2007-3738 DSA ID : DSA-1338-1 DSA URL : http://www.debian.org/security/2007/dsa-1338 Package : clamav (clamav-base, clamav, clamav-freshclam, libclamav2) Vulnerability : null pointer dereference Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-3725 DSA ID : DSA-1340-1 DSA URL : http://www.debian.org/security/2007/dsa-1340 Package : bind9 (bind9-doc, bind9, bind9-host, dnsutils, libbind9, libdns22, libisc11, libisccc0, libisccfg1, liblwres9) Vulnerability : design error Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-2926 DSA ID : DSA-1341-1 DSA URL : http://www.debian.org/security/2007/dsa-1341 Package : xfs (xfs) Vulnerability : race condition Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-3103 DSA ID : DSA-1342-1 DSA URL : http://www.debian.org/security/2007/dsa-1342 Package : file (file, libmagic1) Vulnerability : integer overflow Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-2799 DSA ID : DSA-1343-1 DSA URL : http://www.debian.org/security/2007/dsa-1343 Package : xulrunner (libxul-common, libmozjs0d, libnspr4-0d, libnss3-0d, libxul0d, xulrunner-gnome-support) Vulnerability : several Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-3844, CVE-2007-3845 DSA ID : DSA-1345-1 DSA URL : http://www.debian.org/security/2007/dsa-1345 Package : xpdf (xpdf-common, xpdf-reader, xpdf-utils) Vulnerability : integer overflow Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-3387 DSA ID : DSA-1347-1 DSA URL : http://www.debian.org/security/2007/dsa-1347 Package : poppler (libpoppler0c2, libpoppler0c2-glib, libpoppler0c2-qt, poppler-utils) Vulnerability : integer overflow Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-3387 DSA ID : DSA-1348-1 DSA URL : http://www.debian.org/security/2007/dsa-1348 Upgrade Instructions - -------------------- Make sure the line deb http://security.debian.org/ etch/updates main contrib non-free is present in your /etc/apt/sources.list and run 'apt-get update' to update your package lists. Then run 'apt-get upgrade' to upgrade all the packages mentioned above. This might upgrade other packages too, and if you only want to upgrade the packages above, you should run 'apt-get install <pkg1> ... <pkgN>' where <pkg1> to <pkgN> is the package names in paranthesis from each package section above. - -------------------------------------------------------------------------- Mailing lists: bruker@skolelinux.no, debian-edu@lists.debian.org, linuxiskolen@skolelinux.no, user@skolelinux.de, admin-discuss@skolelinux.org, debian-edu-french@lists.debian.org Package info: `apt-cache show <pkg>'
Attachment:
signature.asc
Description: This is a digitally signed message part.