Debian GForge Update: DSA-1698-1 Critical SQL Injection Remediation
debian
January 9, 2009
It was discovered that GForge, a collaborative development tool, insufficiently sanitises some input allowing a remote attacker to perform SQL injection
Topics Covered
Summary
For the stable distribution (etch), this problem has been fixed in
version 4.5.14-22etch10.
For the testing (lenny) and unstable distribution (sid), this problem
has been fixed in version 4.7~rc2-7.
We recommend that you upgrade your gforge package.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
Source archives:
Size/MD5 checksum: 2161141 e85f82eff84ee073f80a2a52dd32c8a5
Size/MD5 checksum: 199329 6414734bde3d1783cf0e2444132d64ff
Size/MD5 checksum: 199610 73b60a0e768f798d14102b84e44cd9b1
Size/MD5 checksum: 952 c2252c54ffade219203d006cdc64f91d
...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!