DESA-2007-017: several vulnerabilities in terra (etch)

Αρχική Σελίδα
Αυτό το μήνυμα είναι μέρος του ακόλουθου νήματος:
Mτο πλήρες δέντρο νημάτων ταξινομημένο κατά ημερομηνία
 
 
Συνημμένα:
Μήνυμα σαν ηλεκτρονικό μήνυμα
+ (text/plain)
+ signature.asc (application/pgp-signature)
Delete this message
Reply to this message
Συντάκτης: Steffen Joeris
Ημερομηνία:  
Προς: debian-edu-announce
Αντικείμενο: DESA-2007-017: several vulnerabilities in terra (etch)
- --------------------------------------------------------------------------
Debian-Edu/Skolelinux Security Advisory DESA 2007-017
http://www.skolelinux.org/security/ Steffen Joeris
December 13th, 2007 debian-edu-security@???
- --------------------------------------------------------------------------

This DESA deals with packages that the Debian Security Team has fixed
for the stable distribution. Each section starts with "Package" and
includes a link to the Debian Security Team's announce for the
security upgrade.


Package : samba (samba-doc, winbind, smbclient, samba-common,
smbfs, libsmbclient, samba)
Vulnerability : several
Need reboot : no
Debian-Edu-specific : no
CVE ID : CVE-2007-4572 CVE-2007-5398 CVE-2007-6015
DSA ID : DSA-1409-2, DSA-1427-1
DSA URL : http://www.debian.org/security/2007/dsa-1409
DSA URL : http://www.debian.org/security/2007/dsa-1427

Package : ruby1.8 (libruby1.8, ruby1.8)
Vulnerability : programming error
Need reboot : no
Debian-Edu-specific : no
CVE ID : CVE-2007-5162 CVE-2007-5770
DSA ID : DSA-1410-1
DSA URL : http://www.debian.org/security/2007/dsa-1410

Package : mysql-dfsg-5.0 (mysql-common, libmysqlclient15off)
Vulnerability : multiple
Need reboot : no
Debian-Edu-specific : no
CVE ID : CVE-2007-2583 CVE-2007-2691 CVE-2007-2692 CVE-2007-3780
CVE-2007-3782 CVE-2007-5925
DSA ID : DSA-1413-1
DSA URL : http://www.debian.org/security/2007/dsa-1413

Package : wireshark (wireshark, wireshark-common, ethereal)
Vulnerability : several
Need reboot : no
Debian-Edu-specific : no
CVE ID : CVE-2007-6114 CVE-2007-6117 CVE-2007-6118 CVE-2007-6120
CVE-2007-6121
DSA ID : DSA-1414-1
DSA URL : http://www.debian.org/security/2007/dsa-1414

Package : tk8.4 (tk8.4)
Vulnerability : buffer overflow
Need reboot : no
Debian-Edu-specific : no
CVE ID : CVE-2007-5378
DSA ID : DSA-1415-1
DSA URL : http://www.debian.org/security/2007/dsa-1415

Package : tk8.3 (tk8.3)
Vulnerability : buffer overflow
Need reboot : no
Debian-Edu-specific : no
CVE ID : CVE-2007-5378
DSA ID : DSA-1416-1
DSA URL : http://www.debian.org/security/2007/dsa-1416

Package : openoffice.org (openoffice.org, openoffice.org-common,
openoffice.org-filter-mobiledev, openoffice.org-help-en,
openoffice.org-help-en-us, openoffice.org-help-es,
openoffice.org-help-fr, openoffice.org-java-common,
openoffice.org-l10n-ca, openoffice.org-l10n-de,
openoffice.org-l10n-el, openoffice.org-l10n-en-za,
openoffice.org-l10n-es, openoffice.org-l10n-fr,
openoffice.org-l10n-nb, openoffice.org-l10n-nl,
openoffice.org-l10n-nn,
ttf-opensymbol, openoffice.org-base,
openoffice.org-calc,
openoffice.org-core, openoffice.org-draw,
openoffice.org-impress,
openoffice.org-math, openoffice.org-writer, python-uno)
Vulnerability : programming error
Need reboot : no
Debian-Edu-specific : no
CVE ID : CVE-2007-4575
DSA ID : DSA-1419-1
DSA URL : http://www.debian.org/security/2007/dsa-1419

Package : e2fsprogs (libuuid1, libcomerr2, e2fslibs, libss2,
e2fsprogs,
libblkid1)
Vulnerability : integer overflows
Need reboot : no
Debian-Edu-specific : no
CVE ID : CVE-2007-5497
DSA ID : DSA-1422-1
DSA URL : http://www.debian.org/security/2007/dsa-1422

Package : iceweasel (iceweasel-gnome-support, iceweasel,
firefox)
Vulnerability : several vulnerabilities
Need reboot : no
Debian-Edu-specific : no
CVE ID : CVE-2007-5947 CVE-2007-5959 CVE-2007-5960
DSA ID : DSA-1424-1
DSA URL : http://www.debian.org/security/2007/dsa-1424

Package : xulrunner (xulrunner-gnome-support, libxul-common,
libxul0d)
Vulnerability : several vulnerabilities
Need reboot : no
Debian-Edu-specific : no
CVE ID : CVE-2007-5947 CVE-2007-5959 CVE-2007-5960
DSA ID : DSA-1425-1
DSA URL : http://www.debian.org/security/2007/dsa-1425

Package : qt-x11-free (libqt3-mt)
Vulnerability : several vulnerabilities
Need reboot : no
Debian-Edu-specific : no
CVE ID : CVE-2007-3388 CVE-2007-4137
DSA ID : DSA-1426-1
DSA URL : http://www.debian.org/security/2007/dsa-1426

Package : libnss-ldap (libnss-ldap)
Vulnerability : denial of service
Need reboot : no
Debian-Edu-specific : no
CVE ID : CVE-2007-5794
DSA ID : DSA-1430-1
DSA URL : http://www.debian.org/security/2007/dsa-1430


Upgrade Instructions
- --------------------

Make sure the line

deb http://security.debian.org/ etch/updates main contrib non-free

is present in your /etc/apt/sources.list and run 'aptitude update' to
update your package lists. Then run

'aptitude upgrade'

to upgrade all the packages mentioned above. This might upgrade other
packages too, and if you only want to upgrade the packages above, you
should run

'aptitude install <pkg1> ... <pkgN>'

where <pkg1> to <pkgN> is the package names in paranthesis
from each package section above.

- --------------------------------------------------------------------------
Mailing lists: debian-edu-announce@???
Package info: `apt-cache show <pkg>'
Το μήνυμα αυτό δημοσιεύτηκε στις ακόλουθες λίστες:
debian-edu-announce archive
Πληροφορίες για τις Ταχυδρομικές λίστες | Κοντινά μηνύματα		<-DESA-2007-016: several vulnerabilities in sargestable-update: debian-edu-config->
teams.debian.net Mailing List Archive διαχειριζόμενη από Martin Zobel-HelasLurker (έκδοση2.1)