DESA-2007-015: several vulnerabilities in terra (etch)

Αρχική Σελίδα
Αυτό το μήνυμα είναι μέρος του ακόλουθου νήματος:
Mτο πλήρες δέντρο νημάτων ταξινομημένο κατά ημερομηνία
 
 
Συνημμένα:
Μήνυμα σαν ηλεκτρονικό μήνυμα
+ (text/plain)
+ signature.asc (application/pgp-signature)
Delete this message
Reply to this message
Συντάκτης: Steffen Joeris
Ημερομηνία:  
Προς: debian-edu-announce
Αντικείμενο: DESA-2007-015: several vulnerabilities in terra (etch)
- --------------------------------------------------------------------------
Debian-Edu/Skolelinux Security Advisory DESA 2007-015
http://www.skolelinux.org/security/ Steffen Joeris
November 19th, 2007 debian-edu-security@???
- --------------------------------------------------------------------------

This DESA deals with packages that the Debian Security Team has fixed
for the stable distribution. Each section starts with "Package" and
includes a link to the Debian Security Team's announce for the
security upgrade.

Package : librpcsecgss (librpcsecgss3)
Vulnerability : buffer overflow
Need reboot : no
Debian-Edu-specific : no
CVE ID : CVE-2007-4743
DSA ID : DSA-1387-1
DSA URL : http://www.debian.org/security/2007/dsa-1387

Package : dhcp (dhcp, dhcp-client)
Vulnerability : buffer overflow
Need reboot : no
Debian-Edu-specific : no
CVE ID : CVE-2007-5365
DSA ID : DSA-1388-3
DSA URL : http://www.debian.org/security/2007/dsa-1388

Package : t1lib (libt1)
Vulnerability : buffer overflow
Need reboot : no
Debian-Edu-specific : no
CVE ID : CVE-2007-4033
DSA ID : DSA-1390-1
DSA URL : http://www.debian.org/security/2007/dsa-1390

Package : icedove (icedove, mozilla-thunderbird)
Vulnerability : several
Need reboot : no
Debian-Edu-specific : no
CVE ID : CVE-2007-3734 CVE-2007-3735 CVE-2007-3844 CVE-2007-3845
CVE-2007-5339 CVE-2007-5340
DSA ID : DSA-1391-1
DSA URL : http://www.debian.org/security/2007/dsa-1391

Package : xulrunner (libmozjs0d, libnspr4-0d, libnss3-0d,
libxul0d,
xulrunner-gnome-support, libxul-common)
Vulnerability : several
Need reboot : no
Debian-Edu-specific : no
CVE ID : CVE-2007-1095 CVE-2007-2292 CVE-2007-3511 CVE-2007-5334
CVE-2007-5337 CVE-2007-5338 CVE-2007-5339 CVE-2007-5340
DSA ID : DSA-1392-1
DSA URL : http://www.debian.org/security/2007/dsa-1392

Package : icedove (firefox, iceweasel-gnome-support, iceweasel)
Vulnerability : several
Need reboot : no
Debian-Edu-specific : no
CVE ID : CVE-2007-1095 CVE-2007-2292 CVE-2007-3511 CVE-2007-5334
CVE-2007-5337 CVE-2007-5338 CVE-2007-5339 CVE-2007-5340
DSA ID : DSA-1396-1
DSA URL : http://www.debian.org/security/2007/dsa-1396

Package : mono (libmono-cairo1.0-cil, libmono-corlib1.0-cil,
libmono-system1.0-cil,
mono-common, mono-gac, mono-jit, mono-runtime)
Vulnerability : integer overflow
Need reboot : no
Debian-Edu-specific : no
CVE ID : CVE-2007-5197
DSA ID : DSA-1397-1
DSA URL : http://www.debian.org/security/2007/dsa-1397

Package : pcre3 (libpcre3)
Vulnerability : several
Need reboot : no
Debian-Edu-specific : no
CVE ID : CVE-2007-1659 CVE-2007-1660 CVE-2007-1661 CVE-2007-1662
CVE-2007-4766 CVE-2007-4767 CVE-2007-4768
DSA ID : DSA-1399-1
DSA URL : http://www.debian.org/security/2007/dsa-1399

Package : perl (libperl5, perl-modules, perl, perl-base)
Vulnerability : heap overflow
Need reboot : no
Debian-Edu-specific : no
CVE ID : CVE-2007-5116
DSA ID : DSA-1400-1
DSA URL : http://www.debian.org/security/2007/dsa-1400

Package : cupsys (cupsys-common, libcupsys2, libcupsimage2,
cupsys, cupsys-bsd, cupsys-client)
Vulnerability : buffer overflow
Need reboot : no
Debian-Edu-specific : no
CVE ID : CVE-2007-4351
DSA ID : DSA-1407-1
DSA URL : http://www.debian.org/security/2007/dsa-1407


Upgrade Instructions
- --------------------

Make sure the line

deb http://security.debian.org/ etch/updates main contrib non-free

is present in your /etc/apt/sources.list and run 'aptitude update' to
update your package lists. Then run

'aptitude upgrade'

to upgrade all the packages mentioned above. This might upgrade other
packages too, and if you only want to upgrade the packages above, you
should run

'aptitude install <pkg1> ... <pkgN>'

where <pkg1> to <pkgN> is the package names in paranthesis
from each package section above.

- --------------------------------------------------------------------------
Mailing lists: debian-edu-announce@???
Package info: `apt-cache show <pkg>'
Το μήνυμα αυτό δημοσιεύτηκε στις ακόλουθες λίστες:
debian-edu-announce archive
Πληροφορίες για τις Ταχυδρομικές λίστες | Κοντινά μηνύματα		<-DESA-2007-014: several vulnerabilities in sargeStable update: debian-edu-config->
teams.debian.net Mailing List Archive διαχειριζόμενη από Martin Zobel-HelasLurker (έκδοση2.1)