unsubscribe
On Monday, April 19, 2004, at 03:06AM, Matt Zimmerman <mdz@debian.org> wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>- --------------------------------------------------------------------------
>Debian Security Advisory DSA 492-1 security@debian.org
>http://www.debian.org/security/ Matt Zimmerman
>April 18th, 2004 http://www.debian.org/security/faq
>- --------------------------------------------------------------------------
>
>Package : iproute
>Vulnerability : denial of service
>Problem-Type : local
>Debian-specific: no
>CVE Ids : CAN-2003-0856
>Debian Bug : 242994
>
>Herbert Xu reported that local users could cause a denial of service
>against iproute, a set of tools for controlling networking in Linux
>kernels. iproute uses the netlink interface to communicate with the
>kernel, but failed to verify that the messages it received came from
>the kernel (rather than from other user processes).
>
>For the current stable distribution (woody) this problem has been
>fixed in version 20010824-8woody1.
>
>For the unstable distribution (sid), this problem will be fixed soon.
>
>We recommend that you update your iproute package.
>
>Upgrade Instructions
>- --------------------
>
>wget url
> will fetch the file for you
>dpkg -i file.deb
> will install the referenced file.
>
>If you are using the apt-get package manager, use the line for
>sources.list as given below:
>
>apt-get update
> will update the internal database
>apt-get upgrade
> will install corrected packages
>
>You may use an automated update by adding the resources from the
>footer to the proper configuration.
>
>Debian GNU/Linux 3.0 alias woody
>- --------------------------------
>
> Source archives:
>
> http://security.debian.org/pool/updates/main/i/iproute/iproute_20010824-8woody1.dsc
> Size/MD5 checksum: 583 4ddfda116fcaa5670bd0a395ce62c249
> http://security.debian.org/pool/updates/main/i/iproute/iproute_20010824-8woody1.diff.gz
> Size/MD5 checksum: 30926 818c356e9a703804987a99452a5cb5bf
> http://security.debian.org/pool/updates/main/i/iproute/iproute_20010824.orig.tar.gz
> Size/MD5 checksum: 140139 b05a4e375d9468be3a1dd3f0e83daee8
>
> Alpha architecture:
>
> http://security.debian.org/pool/updates/main/i/iproute/iproute_20010824-8woody1_alpha.deb
> Size/MD5 checksum: 535862 84d99c4199f8ae7eab695f8e06a9de6b
>
> ARM architecture:
>
> http://security.debian.org/pool/updates/main/i/iproute/iproute_20010824-8woody1_arm.deb
> Size/MD5 checksum: 509116 d4e7b52ca059ab99b67a9f01e07ccb1e
>
> Intel IA-32 architecture:
>
> http://security.debian.org/pool/updates/main/i/iproute/iproute_20010824-8woody1_i386.deb
> Size/MD5 checksum: 499718 194a49253bf81cdcf702f935e2b35534
>
> Intel IA-64 architecture:
>
> http://security.debian.org/pool/updates/main/i/iproute/iproute_20010824-8woody1_ia64.deb
> Size/MD5 checksum: 570038 180ddee3ed7373989d54a2b3783c58f2
>
> HP Precision architecture:
>
> http://security.debian.org/pool/updates/main/i/iproute/iproute_20010824-8woody1_hppa.deb
> Size/MD5 checksum: 525956 30b521f7417acb9150cd2b79f065734d
>
> Motorola 680x0 architecture:
>
> http://security.debian.org/pool/updates/main/i/iproute/iproute_20010824-8woody1_m68k.deb
> Size/MD5 checksum: 489736 196339f8c47b861aff2c110e5405ecc1
>
> Big endian MIPS architecture:
>
> http://security.debian.org/pool/updates/main/i/iproute/iproute_20010824-8woody1_mips.deb
> Size/MD5 checksum: 512874 2781925dd48d9bb9cb8b948e397b2947
>
> Little endian MIPS architecture:
>
> http://security.debian.org/pool/updates/main/i/iproute/iproute_20010824-8woody1_mipsel.deb
> Size/MD5 checksum: 513570 b61d21209d3cd1bf6b828396ef347676
>
> PowerPC architecture:
>
> http://security.debian.org/pool/updates/main/i/iproute/iproute_20010824-8woody1_powerpc.deb
> Size/MD5 checksum: 507942 cfa15b75474d3faa2bdaeb1b3c399d99
>
> IBM S/390 architecture:
>
> http://security.debian.org/pool/updates/main/i/iproute/iproute_20010824-8woody1_s390.deb
> Size/MD5 checksum: 503396 13e689f21473365267f7f73b44b05c2f
>
> Sun Sparc architecture:
>
> http://security.debian.org/pool/updates/main/i/iproute/iproute_20010824-8woody1_sparc.deb
> Size/MD5 checksum: 515030 fbc32ebc11a4cb14b98154b6cb257c8c
>
> These files will probably be moved into the stable distribution on
> its next revision.
>
>- ---------------------------------------------------------------------------------
>For apt-get: deb http://security.debian.org/ stable/updates main
>For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
>Mailing list: debian-security-announce@lists.debian.org
>Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
>-----BEGIN PGP SIGNATURE-----
>Version: GnuPG v1.2.4 (GNU/Linux)
>
>iD8DBQFAgzQHArxCt0PiXR4RAmmeAKC6eG5pzcPeYNMGnjtntChR8xIooQCg1666
>bo9m3KmiJhGY10i4NcvPt2Q=
>=YHs8
>-----END PGP SIGNATURE-----
>
>
>--
>To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org
>with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
>
>
Reply to: