Linux Security
    Linux Security
    Linux Security

    Debian: New affix packages fix remote command execution

    Date 01 Sep 2005
    5802
    Posted By LinuxSecurity Advisories
    Updated package.
    - --------------------------------------------------------------------------
    Debian Security Advisory DSA 796-1                     This email address is being protected from spambots. You need JavaScript enabled to view it.
    https://www.debian.org/security/                              Michael Stone
    September 1st, 2005                     https://www.debian.org/security/faq
    - --------------------------------------------------------------------------
    
    Package        : affix
    Vulnerability  : remote command execution
    Problem-Type   : unsafe use of popen
    Debian-specific: no
    CVE ID         : CAN-2005-2716
    
    Kevin Finisterre reports that affix, a package used to manage
    bluetooth sessions under Linux, uses the popen call in an unsafe
    fashion. A remote attacker can exploit this vulnerability to execute
    arbitrary commands on a vulnerable system.
    
    The old stable distribution (woody) does not contain the affix
    package.
    
    For the stable distribution (sarge) this problem has been fixed in
    version 2.1.1-3.
    
    For the unstable distribution (sid) this problem has been fixed in
    version 2.1.2-3.
    
    We recommend that you upgrade your affix package.
    
    
    Upgrade Instructions
    - --------------------
    
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    
    
    Debian GNU/Linux 3.1 alias sarge
    - --------------------------------
    
      Source archives:
    
        https://security.debian.org/pool/updates/main/a/affix/affix_2.1.1-3.diff.gz
          Size/MD5 checksum:    81959 0914c96291c7bf8a4bbf5d05e5dc74c5
        https://security.debian.org/pool/updates/main/a/affix/affix_2.1.1-3.dsc
          Size/MD5 checksum:      669 616d043f1c72b3a8ebcae37e4a59fb98
    
      alpha architecture (DEC Alpha)
    
        https://security.debian.org/pool/updates/main/a/affix/libaffix-dev_2.1.1-3_alpha.deb
          Size/MD5 checksum:    93462 a3569622764735b1b09829e575c34a04
        https://security.debian.org/pool/updates/main/a/affix/libaffix2_2.1.1-3_alpha.deb
          Size/MD5 checksum:    75608 7d0d72ed495c904ca7820624fc66b8b5
        https://security.debian.org/pool/updates/main/a/affix/affix_2.1.1-3_alpha.deb
          Size/MD5 checksum:   103142 b534a5fbf6f1537456917fe45c5c8c58
    
      amd64 architecture (AMD x86_64 (AMD64))
    
        https://security.debian.org/pool/updates/main/a/affix/affix_2.1.1-3_amd64.deb
          Size/MD5 checksum:    93480 dead16d09da75e9628bae0d3a61cb04d
        https://security.debian.org/pool/updates/main/a/affix/libaffix2_2.1.1-3_amd64.deb
          Size/MD5 checksum:    64450 ef7ec29b46f95b5255e9ad23243a117c
        https://security.debian.org/pool/updates/main/a/affix/libaffix-dev_2.1.1-3_amd64.deb
          Size/MD5 checksum:    71796 0b83fbb8796d06867c26a197393cdbed
    
      arm architecture (ARM)
    
        https://security.debian.org/pool/updates/main/a/affix/affix_2.1.1-3_arm.deb
          Size/MD5 checksum:    85908 0e58ede6488bd4e9bd3dd4a06201ac7e
        https://security.debian.org/pool/updates/main/a/affix/libaffix-dev_2.1.1-3_arm.deb
          Size/MD5 checksum:    69546 1fb4f727a1215a89fd4e998fc56d1f26
        https://security.debian.org/pool/updates/main/a/affix/libaffix2_2.1.1-3_arm.deb
          Size/MD5 checksum:    56844 837b30e2112981a65327993f242d2e62
    
      hppa architecture (HP PA RISC)
    
        https://security.debian.org/pool/updates/main/a/affix/libaffix-dev_2.1.1-3_hppa.deb
          Size/MD5 checksum:    76626 a701325fa8e52d04da9044b90cf2be5e
        https://security.debian.org/pool/updates/main/a/affix/affix_2.1.1-3_hppa.deb
          Size/MD5 checksum:    95006 80e8960c60548492a66c6642d9977e82
        https://security.debian.org/pool/updates/main/a/affix/libaffix2_2.1.1-3_hppa.deb
          Size/MD5 checksum:    68558 a869b9ae8172cb4a2616e500dc3ba34d
    
      i386 architecture (Intel ia32)
    
        https://security.debian.org/pool/updates/main/a/affix/libaffix-dev_2.1.1-3_i386.deb
          Size/MD5 checksum:    63360 e98b76db0c1be17fd0a0fad388580e28
        https://security.debian.org/pool/updates/main/a/affix/libaffix2_2.1.1-3_i386.deb
          Size/MD5 checksum:    59644 6c1a4dde54ea88022052473c1385418d
        https://security.debian.org/pool/updates/main/a/affix/affix_2.1.1-3_i386.deb
          Size/MD5 checksum:    84952 87f0ced911c009e8cad63b1f1f517e0d
    
      ia64 architecture (Intel ia64)
    
        https://security.debian.org/pool/updates/main/a/affix/libaffix-dev_2.1.1-3_ia64.deb
          Size/MD5 checksum:    93934 95cd1df0416297d184cf5f8a2fd8e6ff
        https://security.debian.org/pool/updates/main/a/affix/libaffix2_2.1.1-3_ia64.deb
          Size/MD5 checksum:    83676 8eb81855b4e75cc1690cbea79569cceb
        https://security.debian.org/pool/updates/main/a/affix/affix_2.1.1-3_ia64.deb
          Size/MD5 checksum:   122328 317969cdc70be9a42632329472b425f8
    
      m68k architecture (Motorola Mc680x0)
    
        https://security.debian.org/pool/updates/main/a/affix/affix_2.1.1-3_m68k.deb
          Size/MD5 checksum:    80118 ec2c0265cb1068d676bb0e5dbadeb199
        https://security.debian.org/pool/updates/main/a/affix/libaffix-dev_2.1.1-3_m68k.deb
          Size/MD5 checksum:    58458 76faca4c3f9a94e34398927d5024991f
        https://security.debian.org/pool/updates/main/a/affix/libaffix2_2.1.1-3_m68k.deb
          Size/MD5 checksum:    54970 45bd12213859c4212baf4d1a127d0916
    
      mips architecture (MIPS (Big Endian))
    
        https://security.debian.org/pool/updates/main/a/affix/affix_2.1.1-3_mips.deb
          Size/MD5 checksum:    97566 1d8e834bd41fb7f062f47c975f25bcb8
        https://security.debian.org/pool/updates/main/a/affix/libaffix2_2.1.1-3_mips.deb
          Size/MD5 checksum:    61378 918a6064f35db1800f03529ae32d6ed9
        https://security.debian.org/pool/updates/main/a/affix/libaffix-dev_2.1.1-3_mips.deb
          Size/MD5 checksum:    76436 ee779d182b774efcf033a159a3e1d337
    
      mipsel architecture (MIPS (Little Endian))
    
        https://security.debian.org/pool/updates/main/a/affix/affix_2.1.1-3_mipsel.deb
          Size/MD5 checksum:    97296 8c445a7e88c489d53b0f52c46e9d0a50
        https://security.debian.org/pool/updates/main/a/affix/libaffix-dev_2.1.1-3_mipsel.deb
          Size/MD5 checksum:    76320 32e64b4ee8452a037efc17ec02e6315f
        https://security.debian.org/pool/updates/main/a/affix/libaffix2_2.1.1-3_mipsel.deb
          Size/MD5 checksum:    61012 717b6b4c932547467802ff042948fe08
    
      powerpc architecture (PowerPC)
    
        https://security.debian.org/pool/updates/main/a/affix/libaffix2_2.1.1-3_powerpc.deb
          Size/MD5 checksum:    65466 15e4ae116669a5c3431edeed01439790
        https://security.debian.org/pool/updates/main/a/affix/affix_2.1.1-3_powerpc.deb
          Size/MD5 checksum:    94880 8af910d14455e555e6cb5840830c5724
        https://security.debian.org/pool/updates/main/a/affix/libaffix-dev_2.1.1-3_powerpc.deb
          Size/MD5 checksum:    70092 03882f73d1876f72b3bd8034b20f3f71
    
      s390 architecture (IBM S/390)
    
        https://security.debian.org/pool/updates/main/a/affix/libaffix-dev_2.1.1-3_s390.deb
          Size/MD5 checksum:    73034 d1a72f0d825afd50bbbe65d03ac4f492
        https://security.debian.org/pool/updates/main/a/affix/libaffix2_2.1.1-3_s390.deb
          Size/MD5 checksum:    66810 3f8535a792cebdd817ff27c3a2dacd5a
        https://security.debian.org/pool/updates/main/a/affix/affix_2.1.1-3_s390.deb
          Size/MD5 checksum:    92464 bd4141e5726e01b520b8766e3e1fabdd
    
      sparc architecture (Sun SPARC/UltraSPARC)
    
        https://security.debian.org/pool/updates/main/a/affix/affix_2.1.1-3_sparc.deb
          Size/MD5 checksum:    84816 2b20cbbc4020bad007a38bb8bd69718d
        https://security.debian.org/pool/updates/main/a/affix/libaffix-dev_2.1.1-3_sparc.deb
          Size/MD5 checksum:    66094 ae3660011a4422011ce0f202af218f09
        https://security.debian.org/pool/updates/main/a/affix/libaffix2_2.1.1-3_sparc.deb
          Size/MD5 checksum:    57762 00bdb8e55e4a68cb8675b0220947d423
    
      These files will probably be moved into the stable distribution on
      its next update.
    
    - ---------------------------------------------------------------------------------
    For apt-get: deb https://security.debian.org/ stable/updates main
    For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    

    LinuxSecurity Poll

    I agree with Linus Torvalds - Apple's new M1-powered laptops should run on Linux.

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /main-polls/45-i-agree-with-linus-torvalds-apple-s-new-m1-powered-laptops-should-run-on-linux?task=poll.vote&format=json
    45
    radio
    [{"id":"158","title":"True","votes":"18","type":"x","order":"1","pct":3.5,"resources":[]},{"id":"159","title":"False","votes":"496","type":"x","order":"2","pct":96.5,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

    Please vote first in order to view vote results.


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.