Debian: lesstif several vulnerabilities fix

    Date07 Oct 2004
    CategoryDebian
    2202
    Posted ByLinuxSecurity Advisories
    Chris Evans discovered several stack and integer overflows in the libXpm library which is included in LessTif.
    
    --------------------------------------------------------------------------
    Debian Security Advisory DSA 560-1                     This email address is being protected from spambots. You need JavaScript enabled to view it. 
    http://www.debian.org/security/                             Martin Schulze
    October 7th, 2004                        http://www.debian.org/security/faq
    --------------------------------------------------------------------------
    
    Package        : lesstif1-1
    Vulnerability  : integer and stack overflows
    Problem-Type   : remote
    Debian-specific: no
    CVE ID         : CAN-2004-0687 CAN-2004-0688
    CERT advisory  : VU#537878 VU#882750
    
    Chris Evans discovered several stack and integer overflows in the
    libXpm library which is included in LessTif.
    
    For the stable distribution (woody) this problem has been fixed in
    version 0.93.18-5.
    
    For the unstable distribution (sid) this problem has been fixed in
    version 0.93.94-10.
    
    We recommend that you upgrade your lesstif packages.
    
    
    Upgrade Instructions
    --------------------
    
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    
    
    Debian GNU/Linux 3.0 alias woody
    --------------------------------
    
      Source archives:
    
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif1-1_0.93.18-5.dsc
          Size/MD5 checksum:      692 a1757aae53924ec16a8582d60acfa5ec
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif1-1_0.93.18-5.diff.gz
          Size/MD5 checksum:    18115 9fa1574040e20fcc8f9db88b142dfd5d
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif1-1_0.93.18.orig.tar.gz
          Size/MD5 checksum:  3600427 74bce66719adb680009f145ef801bce2
    
      Architecture independent components:
    
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-doc_0.93.18-5_all.deb
          Size/MD5 checksum:   339348 86aaf17c6eccbac85ec4e194b62d05b7
    
      Alpha architecture:
    
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-bin_0.93.18-5_alpha.deb
          Size/MD5 checksum:   183756 aaa375321301bf45ec95fcd7e376a925
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-dbg_0.93.18-5_alpha.deb
          Size/MD5 checksum:  7399496 6c8839d9a882ccaf3bc99d6c88685b41
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-dev_0.93.18-5_alpha.deb
          Size/MD5 checksum:  1100714 fc5b0393ea458073ffd29eddcae4dd0d
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif1_0.93.18-5_alpha.deb
          Size/MD5 checksum:   713120 e9bd9d63307eef50c29a1fc48f9f1e1e
    
      ARM architecture:
    
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-bin_0.93.18-5_arm.deb
          Size/MD5 checksum:   158462 0bb887e815c83842d879be197e41c426
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-dbg_0.93.18-5_arm.deb
          Size/MD5 checksum:  6214936 86810e278a8c46a27cb98ee0444b1024
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-dev_0.93.18-5_arm.deb
          Size/MD5 checksum:   894320 d94f7f15ade5cc03e0ac419a921fa335
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif1_0.93.18-5_arm.deb
          Size/MD5 checksum:   620784 78d6a08103ad50220119de9bdd218acc
    
      Intel IA-32 architecture:
    
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-bin_0.93.18-5_i386.deb
          Size/MD5 checksum:   148112 c464f618bda90bcfc8ddf09d59070c4b
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-dbg_0.93.18-5_i386.deb
          Size/MD5 checksum:  5954758 300ea20ec0af04d67aecd0a9e68cccbb
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-dev_0.93.18-5_i386.deb
          Size/MD5 checksum:   738430 fa48592fe8b3b345e4df8c56ec4e8b10
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif1_0.93.18-5_i386.deb
          Size/MD5 checksum:   536492 ca45180dbbaf3537e2aad5405942ac17
    
      Intel IA-64 architecture:
    
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-bin_0.93.18-5_ia64.deb
          Size/MD5 checksum:   222072 6b1def7a98cd201e991dae273b93988a
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-dbg_0.93.18-5_ia64.deb
          Size/MD5 checksum: 10756100 fb15b36bd10dcffe1fdcc5b2658d430a
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-dev_0.93.18-5_ia64.deb
          Size/MD5 checksum:  1249232 f4c80e2ce686e59fc9f5960674059c30
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif1_0.93.18-5_ia64.deb
          Size/MD5 checksum:   944234 4e78634a4c817273d5c293590708548d
    
      HP Precision architecture:
    
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-bin_0.93.18-5_hppa.deb
          Size/MD5 checksum:   172516 63e479b669cf3b38f9d4c62c75ca5d3c
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-dbg_0.93.18-5_hppa.deb
          Size/MD5 checksum:  6313042 62f017141dc0c3fe4748472f825588db
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-dev_0.93.18-5_hppa.deb
          Size/MD5 checksum:  1008430 8c34690e5f70886daf81a8fef2f451a1
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif1_0.93.18-5_hppa.deb
          Size/MD5 checksum:   723070 0a38a179efc3fe6009796b539f49cb64
    
      Motorola 680x0 architecture:
    
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-bin_0.93.18-5_m68k.deb
          Size/MD5 checksum:   141456 10da8908854abbb0c98d1a95207626a4
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-dbg_0.93.18-5_m68k.deb
          Size/MD5 checksum:  6076914 42ce3b01e32ac3ca9cf3900d7927938d
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-dev_0.93.18-5_m68k.deb
          Size/MD5 checksum:   712328 9b6fc7bb8e15d6c5967fa880a3302316
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif1_0.93.18-5_m68k.deb
          Size/MD5 checksum:   532364 50f567b4cd787a935f0decea5b3b7141
    
      Big endian MIPS architecture:
    
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-bin_0.93.18-5_mips.deb
          Size/MD5 checksum:   170248 eea62a3e4b445ca3755d364ea5c7b097
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-dbg_0.93.18-5_mips.deb
          Size/MD5 checksum:  7144190 6d8bb7146c18e45682044e875740ec86
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-dev_0.93.18-5_mips.deb
          Size/MD5 checksum:   938112 4b291f18eb34a21a967a0aa052a433df
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif1_0.93.18-5_mips.deb
          Size/MD5 checksum:   592742 a9295f6110af40b67057701950ab367c
    
      Little endian MIPS architecture:
    
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-bin_0.93.18-5_mipsel.deb
          Size/MD5 checksum:   169158 d110da7fced1a57038be236d0b81ef4f
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-dbg_0.93.18-5_mipsel.deb
          Size/MD5 checksum:  6904756 237e7efdab8bd85abbf159efce715817
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-dev_0.93.18-5_mipsel.deb
          Size/MD5 checksum:   934608 e0e2fbaa3892e373bd6586df59f90f53
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif1_0.93.18-5_mipsel.deb
          Size/MD5 checksum:   585130 5572e58387954127dd5e7e7c78bb3a29
    
      PowerPC architecture:
    
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-bin_0.93.18-5_powerpc.deb
          Size/MD5 checksum:   157670 d9a39f6138425b73745adbb77c4d5482
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-dbg_0.93.18-5_powerpc.deb
          Size/MD5 checksum:  6233274 5cf38ef3779dab2b224d5e79fa2c4997
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-dev_0.93.18-5_powerpc.deb
          Size/MD5 checksum:   899064 eda6deb97f58702ceef1286953aa1c3e
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif1_0.93.18-5_powerpc.deb
          Size/MD5 checksum:   616680 c2814eb4ca67f3bec571fd2e6bae55dd
    
      IBM S/390 architecture:
    
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-bin_0.93.18-5_s390.deb
          Size/MD5 checksum:   156348 deff9c2433184aa5276b0cc9b10a6fa2
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-dbg_0.93.18-5_s390.deb
          Size/MD5 checksum:  6192754 42b8296ce9e90a70a250d1279ff9277f
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-dev_0.93.18-5_s390.deb
          Size/MD5 checksum:   797050 860d1bd8aa96e531a2f7a9c88aee6ad7
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif1_0.93.18-5_s390.deb
          Size/MD5 checksum:   618298 63d480480acba05a1e1bbc6e54f18998
    
      Sun Sparc architecture:
    
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-bin_0.93.18-5_sparc.deb
          Size/MD5 checksum:   154114 c694390b6176b315c44e64cc247c2dc5
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-dbg_0.93.18-5_sparc.deb
          Size/MD5 checksum:  6195404 32a85c66271baf22813f17c586207d6c
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif-dev_0.93.18-5_sparc.deb
          Size/MD5 checksum:   834710 7863befa290ccf691640d44bd7b569b1
         http://security.debian.org/pool/updates/main/l/lesstif1-1/lesstif1_0.93.18-5_sparc.deb
          Size/MD5 checksum:   602214 41f094d53f20658690c295b60a8b7177
    
    
      These files will probably be moved into the stable distribution on
      its next update.
    
    ---------------------------------------------------------------------------------
    For apt-get: deb  http://security.debian.org/ stable/updates main
    For dpkg-ftp:  ftp://security.debian.org/debian-security dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    Package info: `apt-cache show ' and  http://packages.debian.org/
    
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"25","type":"x","order":"1","pct":54.35,"resources":[]},{"id":"88","title":"Should be more technical","votes":"5","type":"x","order":"2","pct":10.87,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"16","type":"x","order":"3","pct":34.78,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.