Linux Security
    Linux Security
    Linux Security

    Debian: New ekg packages fix several vulnerabilities

    Date 18 Jul 2005
    5592
    Posted By LinuxSecurity Advisories
    Several vulnerabilities have been discovered in ekg, a console Gadu Gadu client, an instant messaging program.
    - --------------------------------------------------------------------------
    Debian Security Advisory DSA 760-1                     This email address is being protected from spambots. You need JavaScript enabled to view it.
    https://www.debian.org/security/                             Martin Schulze
    July 18th, 2005                         https://www.debian.org/security/faq
    - --------------------------------------------------------------------------
    
    Package        : ekg
    Vulnerability  : several
    Problem-Type   : remote
    Debian-specific: no
    CVE ID         : CAN-2005-1850 CAN-2005-1851 CAN-2005-1916
    Debian Bug     : 317027 318059
    
    Several vulnerabilities have been discovered in ekg, a console Gadu
    Gadu client, an instant messaging program.  The Common Vulnerabilities
    and Exposures project identifies the following vulnerabilities:
    
    CAN-2005-1850
    
        Marcin Owsiany and Wojtek Kaniewski discovered insecure temporary
        file creation in contributed scripts.
    
    CAN-2005-1851
    
        Marcin Owsiany and Wojtek Kaniewski discovered potential shell
        command injection in a contributed script.
    
    CAN-2005-1916
    
        Eric Romang discovered insecure temporary file creation and
        arbitrary command execution in a contributed script that can be
        exploited by a local attacker.
    
    The old stable distribution (woody) does not contain an ekg package.
    
    For the stable distribution (sarge) these problems have been fixed in
    version 1.5+20050411-4.
    
    For the unstable distribution (sid) these problems have been fixed in
    version 1.5+20050712+1.6rc2-1.
    
    We recommend that you upgrade your ekg package.
    
    
    Upgrade Instructions
    - --------------------
    
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    
    
    Debian GNU/Linux 3.1 alias sarge
    - --------------------------------
    
      Source archives:
    
        https://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-4.dsc
          Size/MD5 checksum:      755 afa73f3af76f74355574c130ba76d461
        https://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-4.diff.gz
          Size/MD5 checksum:    40957 385352563d78e23c0ba637d9ad504315
        https://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411.orig.tar.gz
          Size/MD5 checksum:   495079 bc246779de6f6c97f289e60b60db6c14
    
      Alpha architecture:
    
        https://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-4_alpha.deb
          Size/MD5 checksum:   310804 35d7c8cbf8a12901b9d40fe9b0f6afb0
        https://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-4_alpha.deb
          Size/MD5 checksum:   151072 fe52ee0e5b5178b354cf1215a1c70797
        https://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-4_alpha.deb
          Size/MD5 checksum:    69360 d4076333e7a8ea9ea030ee74b949268d
    
      ARM architecture:
    
        https://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-4_arm.deb
          Size/MD5 checksum:   267786 b6d7d7cee20a21b908970f38bb568ad3
        https://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-4_arm.deb
          Size/MD5 checksum:   129136 8ce65bb7f665b77ab34b337a2fde411a
        https://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-4_arm.deb
          Size/MD5 checksum:    62250 b54df9bcb8a054d17edcd9a46aba4f1a
    
      Intel IA-32 architecture:
    
        https://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-4_i386.deb
          Size/MD5 checksum:   270560 d7da9425b12bade210092332eb4ead24
        https://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-4_i386.deb
          Size/MD5 checksum:   126152 b9f5a0c2c12f9b3e62242d1e8bd2f2ef
        https://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-4_i386.deb
          Size/MD5 checksum:    63260 9f7cee9a3edcf0bdeabdd604f4db9e8b
    
      Intel IA-64 architecture:
    
        https://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-4_ia64.deb
          Size/MD5 checksum:   355198 9f1aa917338fd9f82fe25c3b79d81cb6
        https://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-4_ia64.deb
          Size/MD5 checksum:   150008 4a795a0f7f5ee180eeadd396b94f7a8c
        https://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-4_ia64.deb
          Size/MD5 checksum:    79918 fcf1dc826c929f6ed7b064bc1eabe0f0
    
      HP Precision architecture:
    
        https://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-4_hppa.deb
          Size/MD5 checksum:   287906 0ec525527f56e0024394f3ec4b94ca9e
        https://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-4_hppa.deb
          Size/MD5 checksum:   135454 b8f890184a99fdebaa7fa6fb45edbe88
        https://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-4_hppa.deb
          Size/MD5 checksum:    68776 97e1579e479f6079efa4ca9437e11048
    
      Motorola 680x0 architecture:
    
        https://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-4_m68k.deb
          Size/MD5 checksum:   248558 265300b483f1ccb46933d35590ebeb4e
        https://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-4_m68k.deb
          Size/MD5 checksum:   121620 7d367ffda93603c7efbb3e318dafcd80
        https://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-4_m68k.deb
          Size/MD5 checksum:    61862 4a46b3bc96f5a4504573d14434f39ace
    
      Big endian MIPS architecture:
    
        https://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-4_mips.deb
          Size/MD5 checksum:   280752 ec0bde8528d052a57bf790fa3c668bce
        https://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-4_mips.deb
          Size/MD5 checksum:   131864 a2bfe75adc1f9e64d017b736e0b73e85
        https://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-4_mips.deb
          Size/MD5 checksum:    61666 fddfdd1c6f69b7594d1912571c3c1f6f
    
      Little endian MIPS architecture:
    
        https://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-4_mipsel.deb
          Size/MD5 checksum:   280416 180f2466a931ad0e8aa41bc026a3ebf8
        https://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-4_mipsel.deb
          Size/MD5 checksum:   131848 e3050e9504665b1732fe32f1e38f236f
        https://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-4_mipsel.deb
          Size/MD5 checksum:    61666 6342defe0f25bace47bed4ed21023f17
    
      PowerPC architecture:
    
        https://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-4_powerpc.deb
          Size/MD5 checksum:   280532 c8cd83e7a1810c202c795dc72759f3e6
        https://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-4_powerpc.deb
          Size/MD5 checksum:   131524 c60af9fcc06d88bca764dd9cdf80b722
        https://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-4_powerpc.deb
          Size/MD5 checksum:    65636 b5f436a764e7556075ec241da72fb457
    
      IBM S/390 architecture:
    
        https://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-4_s390.deb
          Size/MD5 checksum:   279018 96b787165549cdb9eb1d148c63752656
        https://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-4_s390.deb
          Size/MD5 checksum:   128726 5be20aa3b72856ad6f17835ff8e25e56
        https://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-4_s390.deb
          Size/MD5 checksum:    64164 4548c97ed8ed104301c63f9dc528c74e
    
      Sun Sparc architecture:
    
        https://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-4_sparc.deb
          Size/MD5 checksum:   269416 b096a73c10c7ef0386dc27a89aad30e7
        https://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-4_sparc.deb
          Size/MD5 checksum:   128084 b74cc91e48e91e2b0c117a9fd897059d
        https://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-4_sparc.deb
          Size/MD5 checksum:    64176 a49f36139775619d597c8afd1132c3eb
    
    
      These files will probably be moved into the stable distribution on
      its next update.
    
    - ---------------------------------------------------------------------------------
    For apt-get: deb https://security.debian.org/ stable/updates main
    For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    

    LinuxSecurity Poll

    'Tis the season of giving! How have you given back to the open-source community?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/49-tis-the-season-of-giving-how-have-you-given-back-to-the-open-source-community?task=poll.vote&format=json
    49
    radio
    [{"id":"171","title":"I've contributed to the development of an open-source project.","votes":"11","type":"x","order":"1","pct":34.38,"resources":[]},{"id":"172","title":"I've reviewed open-source code for security bugs.","votes":"6","type":"x","order":"2","pct":18.75,"resources":[]},{"id":"173","title":"I've made a donation to an open-source project.","votes":"15","type":"x","order":"3","pct":46.88,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

    Please vote first in order to view vote results.


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.