Debian: New gopher packages fix several buffer overflows

    Date30 Sep 2005
    CategoryDebian
    5642
    Posted ByJoe Shakespeare
    Updated package.
    - --------------------------------------------------------------------------
    Debian Security Advisory DSA 832-1                     This email address is being protected from spambots. You need JavaScript enabled to view it.
    http://www.debian.org/security/                             Martin Schulze
    September 30th, 2005                    http://www.debian.org/security/faq
    - --------------------------------------------------------------------------
    
    Package        : gopher
    Vulnerability  : buffer overflows
    Problem type   : remote
    Debian-specific: no
    CVE ID         : CAN-2005-2772
    
    Several buffer overflows have been discovered in gopher, a
    text-oriented client for the Gopher Distributed Hypertext protocol,
    that can be exploited by a malicious Gopher server.
    
    For the old stable distribution (woody) this problem has been fixed in
    version 3.0.3woody4.
    
    For the stable distribution (sarge) this problem has been fixed in
    version 3.0.7sarge2.
    
    For the unstable distribution (sid) this problem has been fixed in
    version 3.0.11.
    
    We recommend that you upgrade your gopher package.
    
    
    Upgrade Instructions
    - --------------------
    
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    
    
    Debian GNU/Linux 3.0 alias woody
    - --------------------------------
    
      Source archives:
    
        http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.3woody4.dsc
          Size/MD5 checksum:      552 a327347b4ca41edceaa5280b28f2e5d5
        http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.3woody4.tar.gz
          Size/MD5 checksum:   508988 58d4e3328a390b9fc0ddefe1c0df5a51
    
      Alpha architecture:
    
        http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.3woody4_alpha.deb
          Size/MD5 checksum:   151748 8bc114553f10115b8271fe8acd94a73e
        http://security.debian.org/pool/updates/main/g/gopher/gopherd_3.0.3woody4_alpha.deb
          Size/MD5 checksum:   120354 30f0ed9c97860dd698d466d3ec0621b9
    
      ARM architecture:
    
        http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.3woody4_arm.deb
          Size/MD5 checksum:   114918 7c860f6683fefc81abee935e665fc821
        http://security.debian.org/pool/updates/main/g/gopher/gopherd_3.0.3woody4_arm.deb
          Size/MD5 checksum:    98868 7ddacad657d80e5f74bd3512bc0ea945
    
      Intel IA-32 architecture:
    
        http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.3woody4_i386.deb
          Size/MD5 checksum:   112864 a98db59b12ef106f9de47ac96f2ca1f6
        http://security.debian.org/pool/updates/main/g/gopher/gopherd_3.0.3woody4_i386.deb
          Size/MD5 checksum:    97094 160f635e3990d500ffb6ea26bb62b889
    
      Intel IA-64 architecture:
    
        http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.3woody4_ia64.deb
          Size/MD5 checksum:   174114 a55f00a1d07a8025c7da9cd70f3bc892
        http://security.debian.org/pool/updates/main/g/gopher/gopherd_3.0.3woody4_ia64.deb
          Size/MD5 checksum:   140066 a99583e9ce799cf3e7b01438daf8234d
    
      HP Precision architecture:
    
        http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.3woody4_hppa.deb
          Size/MD5 checksum:   130034 699066d45c5edce4de93f95039d35572
        http://security.debian.org/pool/updates/main/g/gopher/gopherd_3.0.3woody4_hppa.deb
          Size/MD5 checksum:   110032 aa7b0836c8d3a279c53cefde4f9ce162
    
      Motorola 680x0 architecture:
    
        http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.3woody4_m68k.deb
          Size/MD5 checksum:   105908 3f4d5ecc8a9c6005d419addc71f0ef61
        http://security.debian.org/pool/updates/main/g/gopher/gopherd_3.0.3woody4_m68k.deb
          Size/MD5 checksum:    92112 e9f1a4c8fee88016110bbaf4b94c12bd
    
      Big endian MIPS architecture:
    
        http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.3woody4_mips.deb
          Size/MD5 checksum:   131298 29a89787e234423f09f596b67ea9dbb2
        http://security.debian.org/pool/updates/main/g/gopher/gopherd_3.0.3woody4_mips.deb
          Size/MD5 checksum:   109718 7d9f79f13798f28c352b470d5b8c0912
    
      Little endian MIPS architecture:
    
        http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.3woody4_mipsel.deb
          Size/MD5 checksum:   131304 dd67d244de0ce8f43f8eacdeb5aef097
        http://security.debian.org/pool/updates/main/g/gopher/gopherd_3.0.3woody4_mipsel.deb
          Size/MD5 checksum:   109616 451b851cc0a94170990e17150ae0142f
    
      PowerPC architecture:
    
        http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.3woody4_powerpc.deb
          Size/MD5 checksum:   121634 39a8ff2a22cc138346aee8edbd657e69
        http://security.debian.org/pool/updates/main/g/gopher/gopherd_3.0.3woody4_powerpc.deb
          Size/MD5 checksum:   103060 275a8b1727be3f21c7930fb24c49355c
    
      IBM S/390 architecture:
    
        http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.3woody4_s390.deb
          Size/MD5 checksum:   116502 e83501dd0115539baaa3a42cb07f415c
        http://security.debian.org/pool/updates/main/g/gopher/gopherd_3.0.3woody4_s390.deb
          Size/MD5 checksum:   100068 22c6a15508dd9148bd420589ad2f0c83
    
      Sun Sparc architecture:
    
        http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.3woody4_sparc.deb
          Size/MD5 checksum:   122218 dcec2ecb35159ba55868e00b62c8c102
        http://security.debian.org/pool/updates/main/g/gopher/gopherd_3.0.3woody4_sparc.deb
          Size/MD5 checksum:   102384 c102bce1608789be90158e2c21bb083a
    
    
    Debian GNU/Linux 3.1 alias sarge
    - --------------------------------
    
      Source archives:
    
        http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.7sarge2.dsc
          Size/MD5 checksum:      547 8631a74bbd27efb7e4ec181a4545819c
        http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.7sarge2.tar.gz
          Size/MD5 checksum:   678450 911e24e57995db87b62f77f66c4e1868
    
      Alpha architecture:
    
        http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.7sarge2_alpha.deb
          Size/MD5 checksum:   148300 175f7e5d94e558341c8619b0fd06b201
    
      AMD64 architecture:
    
        http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.7sarge2_amd64.deb
          Size/MD5 checksum:   130166 1575ab220fcfdde834747e9a1341aad1
    
      ARM architecture:
    
        http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.7sarge2_arm.deb
          Size/MD5 checksum:   117018 a966a08fcaf27fa6737bff5461e19642
    
      Intel IA-32 architecture:
    
        http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.7sarge2_i386.deb
          Size/MD5 checksum:   120830 5f683d05ce84e7b085a3212129e553f8
    
      Intel IA-64 architecture:
    
        http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.7sarge2_ia64.deb
          Size/MD5 checksum:   168826 28996bc8c3665b8e1c1620ee2151cbfc
    
      HP Precision architecture:
    
        http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.7sarge2_hppa.deb
          Size/MD5 checksum:   132938 c7f4b90e121fa77217edd3cdd17fbcbf
    
      Motorola 680x0 architecture:
    
        http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.7sarge2_m68k.deb
          Size/MD5 checksum:   110142 b89a874f397762865c63b2ecf48bf24d
    
      Big endian MIPS architecture:
    
        http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.7sarge2_mips.deb
          Size/MD5 checksum:   133884 57d303bd2778e250d74cbbbdbe6028da
    
      Little endian MIPS architecture:
    
        http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.7sarge2_mipsel.deb
          Size/MD5 checksum:   133920 a9d6c23622d87d7d17ffb251497b543e
    
      PowerPC architecture:
    
        http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.7sarge2_powerpc.deb
          Size/MD5 checksum:   129352 c7bffc3f4ee37401054f5269853f3eb9
    
      IBM S/390 architecture:
    
        http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.7sarge2_s390.deb
          Size/MD5 checksum:   129334 313edbdd4b226c5a1a0b4260e4fb9943
    
      Sun Sparc architecture:
    
        http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.7sarge2_sparc.deb
          Size/MD5 checksum:   117334 e094349743c818e37bae459501723790
    
    
      These files will probably be moved into the stable distribution on
      its next update.
    
    - ---------------------------------------------------------------------------------
    For apt-get: deb http://security.debian.org/ stable/updates main
    For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"5","type":"x","order":"1","pct":55.56,"resources":[]},{"id":"88","title":"Should be more technical","votes":"3","type":"x","order":"2","pct":33.33,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"1","type":"x","order":"3","pct":11.11,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    Advisories

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.