[VUA 30-1] Updated ekg package fixes security flaw
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ---------------------------------------------------------------------------
Debian Volatile Update Announcement VUA 30-1 http://volatile.debian.net
debian-volatile@lists.debian.org Martin Zobel-Helas
April 02nd, 2007
- ---------------------------------------------------------------------------
Package : ekg
Version : 1:1.5+20050411-8
Importance : medium
CVE IDs : CVE-2005-2370
CVE-2005-2448
The following security flaws were found and fixed in ekg:
CVE-2005-2370: Fixes a memory alignment error in libgadu
CVE-2005-2448: Fixes endianness conversion problems which could cause invalid
behavior
For sarge, an updated ekg package is available in sarge/volatile
as version 1:1.5+20050411-8. We recommend that you update your system.
This advisory was sent out without builds for alpha, ia64, m68k and s390
architectures being available. They will be released as soon as they are
available.
Upgrade Instructions
- --------------------
You can get the updated packages at
http://volatile.debian.net/debian-volatile/pool/volatile/main/e/ekg
and install them with dpkg, or add
deb http://volatile.debian.net/debian-volatile sarge/volatile main
deb-src http://volatile.debian.net/debian-volatile sarge/volatile main
to your /etc/apt/sources.list. You can also use any of our mirrors.
See http://www.debian.org/devel/debian-volatile/volatile-mirrors for
the full list of mirrors. The archive signing key can be downloaded from
http://volatile.debian.net/ziyi-sarge.asc
For further information about debian-volatile, please refer to
http://volatile.debian.net/ and http://www.debian.org/devel/debian-volatile/.
If there are any issues, please don't hesitate to get in touch with the
volatile team.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFGED5eST77jl1k+HARAtWqAJ0S2vR8MNBFhSymg+cTgGYiGoaV3gCgwKrR
87wMZxx2TSur2oWMYnHPe3Q=
=Whzg
-----END PGP SIGNATURE-----
Reply to: