Debian: DSA 263-1 Critical: Netpbm-Free Denial Of Service Attack
debian
March 17, 2003
These vulnerabilities may allow remote attackers to cause a denial of service or execute arbitrary code.
Topics Covered
Summary
Al Viro and Alan Cox discovered several maths overflow errors in
NetPBM, a set of graphics conversion tools. These programs are not
installed setuid root but are often installed to prepare data for
processing. These vulnerabilities may allow remote attackers to cause
a denial of service or execute arbitrary code.
For the stable distribution (woody) this problem has been
fixed in version 9.20-8.2.
The old stable distribution (potato) does not seem to be affected
by this problem.
For the unstable distribution (sid) this problem has been
fixed in version 9.20-9.
We recommend that you upgrade your netpbm package.
Upgrade Instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the res...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: netpbm-free
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!