Debian: id3lib3.8.3 fix denial of service DSA-1365-1

    Date 01 Sep 2007
    Posted By LinuxSecurity Advisories
    Nikolaus Schulz discovered that a programming error in id3lib, an ID3 Tag Library, may lead to denial of service through symlink attacks.
    - --------------------------------------------------------------------------
    Debian Security Advisory DSA 1365-1                    This email address is being protected from spambots. You need JavaScript enabled to view it.                         Moritz Muehlenhoff
    September 1st, 2007           
    - --------------------------------------------------------------------------
    Package        : id3lib3.8.3
    Vulnerability  : programming error
    Problem-Type   : local
    Debian-specific: no
    CVE ID         : CVE-2007-4460
    Debian Bug     : 438540
    Nikolaus Schulz discovered that a programming error in id3lib, an ID3 Tag
    Library, may lead to denial of service through symlink attacks.
    For the oldstable distribution (sarge) this problem has been fixed in
    version 3.8.3-4.1sarge1.
    Due to a technical limitation in the archive management scripts the fix
    for the stable distribution (etch) can only be released in a few days.
    For the unstable distribution (sid) this problem has been fixed in
    version 3.8.3-7.
    We recommend that you upgrade your id3lib3.8.3 packages.
    Upgrade Instructions
    - --------------------
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    Debian GNU/Linux 3.1 alias sarge
    - --------------------------------
      Source archives:
          Size/MD5 checksum:      655 94eda5191994c0dbe0146a85a9e94737
          Size/MD5 checksum:   134382 b45300bc3341dbedf90f4c593462794f
          Size/MD5 checksum:   950726 19f27ddd2dda4b2d26a559a4f0f402a7
      Alpha architecture:
          Size/MD5 checksum:   200738 a089ad12c4ddd30a4f6fdb340b3c9c26
          Size/MD5 checksum:   358668 6a3178d16f20a2a4228133a0f692d197
      AMD64 architecture:
          Size/MD5 checksum:   190378 90cfc4e6ab66afc0618946eda78ce66d
          Size/MD5 checksum:   295174 79e8d0882c54ffceabff4b4b527317cb
      ARM architecture:
          Size/MD5 checksum:   204106 ae12d537affbc35f82517dbba061b332
          Size/MD5 checksum:   322872 607fdb462573a9d022338c5f011363e0
      HP Precision architecture:
          Size/MD5 checksum:   213312 5279c3416cd3d0c301439a8de2b70ee7
          Size/MD5 checksum:   349392 28751fdfecf730380b111537646cac03
      Intel IA-32 architecture:
          Size/MD5 checksum:   180852 10afd005f77c934946d1bcaf04998d92
          Size/MD5 checksum:   258526 3bb1cb543f6b2ab1a4985dfa536dd3e5
      Intel IA-64 architecture:
          Size/MD5 checksum:   214970 eb496451fad3c40a54f55dd55ff0e4d9
          Size/MD5 checksum:   371532 2a339fa9b2d875dccf416dc648b5d11a
      Motorola 680x0 architecture:
          Size/MD5 checksum:   190796 9d8b6bb6f224470ea1ac92d92015ad95
          Size/MD5 checksum:   263074 a5747d036e6df6f1170e8c2607cb632d
      Big endian MIPS architecture:
          Size/MD5 checksum:   197400 144d3525c130676898f379e6ab26c804
          Size/MD5 checksum:   317716 31cde74a7a1328f63ce17907c539791a
      Little endian MIPS architecture:
          Size/MD5 checksum:   186678 2f8a8cdbf9a89b49fb43164b248d9196
          Size/MD5 checksum:   315966 eb8fd5f5e78b9a0537dca9b5eb5d0f27
      PowerPC architecture:
          Size/MD5 checksum:   189040 0eb109d6c6864a912de8396b2fb7be31
          Size/MD5 checksum:   296638 4c113a84cfe17cc506043e26e6b6f094
      IBM S/390 architecture:
          Size/MD5 checksum:   192592 d897e59ae0f1fe48a5e64bdb8c006416
          Size/MD5 checksum:   313664 84727122d6fae1d78f35ecdd3f2beefe
      Sun Sparc architecture:
          Size/MD5 checksum:   184716 52c13bfcb58b41b2ce0456c046194bf4
          Size/MD5 checksum:   279552 edc8e1d5d6f4f7d7beac85e81b29cdd3
      These files will probably be moved into the stable distribution on
      its next update.
    - ---------------------------------------------------------------------------------
    For apt-get: deb stable/updates main
    For dpkg-ftp: dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.

    LinuxSecurity Poll

    Are you considering making the switch to Purism's new Librem 14 Linux laptop to improve your security and privacy online?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    [{"id":"109","title":"Yes - the hardware kill switches and default ad blocking\/tracking protection sold me on it.","votes":"3","type":"x","order":"1","pct":37.5,"resources":[]},{"id":"110","title":"Not sure yet - I need to do more research.","votes":"4","type":"x","order":"2","pct":50,"resources":[]},{"id":"111","title":"No - I'm satisfied with my current laptop and have no security\/privacy concerns.","votes":"1","type":"x","order":"3","pct":12.5,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
    bottom 200


    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.