Linux Security
    Linux Security
    Linux Security

    Debian: New id3lib3.8.3 packages fix denial of service

    Date 09 Sep 2007
    3724
    Posted By LinuxSecurity Advisories
    Nikolaus Schulz discovered that a programming error in id3lib, an ID3 Tag Library, may lead to denial of service through symlink attacks.
    - --------------------------------------------------------------------------
    Debian Security Advisory DSA 1365-2                    This email address is being protected from spambots. You need JavaScript enabled to view it.
    https://www.debian.org/security/                         Moritz Muehlenhoff
    September 9th, 2007                     https://www.debian.org/security/faq
    - --------------------------------------------------------------------------
    
    Package        : id3lib3.8.3
    Vulnerability  : programming error
    Problem-Type   : local
    Debian-specific: no
    CVE ID         : CVE-2007-4460
    Debian Bug     : 438540
    
    Nikolaus Schulz discovered that a programming error in id3lib, an ID3 Tag
    Library, may lead to denial of service through symlink attacks.
    
    This update to DSA 1365-2 provides fixes packages for the stable
    distribution (etch).
    
    We recommend that you upgrade your id3lib3.8.3 packages.
    
    
    Upgrade Instructions
    - --------------------
    
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    
    
    Debian GNU/Linux 4.0 alias etch
    - -------------------------------
    
      Source archives:
    
        https://security.debian.org/pool/updates/main/i/id3lib3.8.3/id3lib3.8.3_3.8.3-6etch1.dsc
          Size/MD5 checksum:      652 ada1a9d686cbfe925a34b2173227b47e
        https://security.debian.org/pool/updates/main/i/id3lib3.8.3/id3lib3.8.3_3.8.3-6etch1.diff.gz
          Size/MD5 checksum:   135226 495cb5f4610853f02a740e9b7c1a71c5
        https://security.debian.org/pool/updates/main/i/id3lib3.8.3/id3lib3.8.3_3.8.3.orig.tar.gz
          Size/MD5 checksum:   950726 19f27ddd2dda4b2d26a559a4f0f402a7
    
      Alpha architecture:
    
        https://security.debian.org/pool/updates/main/i/id3lib3.8.3/libid3-3.8.3-dev_3.8.3-6etch1_alpha.deb
          Size/MD5 checksum:   341286 c074664c96375662596d490ce9e59e2f
        https://security.debian.org/pool/updates/main/i/id3lib3.8.3/libid3-3.8.3c2a_3.8.3-6etch1_alpha.deb
          Size/MD5 checksum:   187286 a6cb95da944dfe5e1a28cbf5136f3b6f
    
      AMD64 architecture:
    
        https://security.debian.org/pool/updates/main/i/id3lib3.8.3/libid3-3.8.3-dev_3.8.3-6etch1_amd64.deb
          Size/MD5 checksum:   283136 6fe99daa8aab3fd9549ab7d2db11aedc
        https://security.debian.org/pool/updates/main/i/id3lib3.8.3/libid3-3.8.3c2a_3.8.3-6etch1_amd64.deb
          Size/MD5 checksum:   176214 e35c8545fe42ae16362144e23772735a
    
      ARM architecture:
    
        https://security.debian.org/pool/updates/main/i/id3lib3.8.3/libid3-3.8.3-dev_3.8.3-6etch1_arm.deb
          Size/MD5 checksum:   277156 4f1e8102266eb7fe3f42dd613274c02a
        https://security.debian.org/pool/updates/main/i/id3lib3.8.3/libid3-3.8.3c2a_3.8.3-6etch1_arm.deb
          Size/MD5 checksum:   179072 fa3c352ad012326b3753fa1b7b189eaf
    
      HP Precision architecture:
    
        https://security.debian.org/pool/updates/main/i/id3lib3.8.3/libid3-3.8.3-dev_3.8.3-6etch1_hppa.deb
          Size/MD5 checksum:   305654 f9d69c8cdb5585e5b1dc3a9742b5edce
        https://security.debian.org/pool/updates/main/i/id3lib3.8.3/libid3-3.8.3c2a_3.8.3-6etch1_hppa.deb
          Size/MD5 checksum:   196342 fa9087816b58d9ed207e25401906c64a
    
      Intel IA-32 architecture:
    
        https://security.debian.org/pool/updates/main/i/id3lib3.8.3/libid3-3.8.3-dev_3.8.3-6etch1_i386.deb
          Size/MD5 checksum:   263064 6b7e0823707843fa76158a0e1ba7f42f
        https://security.debian.org/pool/updates/main/i/id3lib3.8.3/libid3-3.8.3c2a_3.8.3-6etch1_i386.deb
          Size/MD5 checksum:   176662 05ca5942a44486b658a44e4bee16154d
    
      Intel IA-64 architecture:
    
        https://security.debian.org/pool/updates/main/i/id3lib3.8.3/libid3-3.8.3-dev_3.8.3-6etch1_ia64.deb
          Size/MD5 checksum:   351960 6fd56a95a8aa66fa890a99a3264a7cbd
        https://security.debian.org/pool/updates/main/i/id3lib3.8.3/libid3-3.8.3c2a_3.8.3-6etch1_ia64.deb
          Size/MD5 checksum:   202690 e1c25a15ff7a480cafd1ac5d95ea0083
    
      Big endian MIPS architecture:
    
        https://security.debian.org/pool/updates/main/i/id3lib3.8.3/libid3-3.8.3-dev_3.8.3-6etch1_mips.deb
          Size/MD5 checksum:   285984 576083197b0d3778f9963ff697f0dd6f
        https://security.debian.org/pool/updates/main/i/id3lib3.8.3/libid3-3.8.3c2a_3.8.3-6etch1_mips.deb
          Size/MD5 checksum:   173660 221f900fe4f7bb66fc1cfdae380844c5
    
      PowerPC architecture:
    
        https://security.debian.org/pool/updates/main/i/id3lib3.8.3/libid3-3.8.3-dev_3.8.3-6etch1_powerpc.deb
          Size/MD5 checksum:   283208 8d6f0c3417ba62980ff80c5084ba0cad
        https://security.debian.org/pool/updates/main/i/id3lib3.8.3/libid3-3.8.3c2a_3.8.3-6etch1_powerpc.deb
          Size/MD5 checksum:   176614 89b9c136ae81ebd9918420d7d6915c28
    
      IBM S/390 architecture:
    
        https://security.debian.org/pool/updates/main/i/id3lib3.8.3/libid3-3.8.3-dev_3.8.3-6etch1_s390.deb
          Size/MD5 checksum:   269674 d8dd6f6d7d76a46063c0723f974198da
        https://security.debian.org/pool/updates/main/i/id3lib3.8.3/libid3-3.8.3c2a_3.8.3-6etch1_s390.deb
          Size/MD5 checksum:   177402 028a696232d95ddf67ae6acb7a3aac9c
    
      Sun Sparc architecture:
    
        https://security.debian.org/pool/updates/main/i/id3lib3.8.3/libid3-3.8.3-dev_3.8.3-6etch1_sparc.deb
          Size/MD5 checksum:   251852 2356b2546559f20403987530357a68fc
        https://security.debian.org/pool/updates/main/i/id3lib3.8.3/libid3-3.8.3c2a_3.8.3-6etch1_sparc.deb
          Size/MD5 checksum:   176600 80690cceeeb56b25d0cd30381ee28ad4
    
      These files will probably be moved into the stable distribution on
      its next update.
    
    - ---------------------------------------------------------------------------------
    For apt-get: deb https://security.debian.org/ stable/updates main
    For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    

    LinuxSecurity Poll

    'Tis the season of giving! How have you given back to the open-source community?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/49-tis-the-season-of-giving-how-have-you-given-back-to-the-open-source-community?task=poll.vote&format=json
    49
    radio
    [{"id":"171","title":"I've contributed to the development of an open-source project.","votes":"14","type":"x","order":"1","pct":35,"resources":[]},{"id":"172","title":"I've reviewed open-source code for security bugs.","votes":"8","type":"x","order":"2","pct":20,"resources":[]},{"id":"173","title":"I've made a donation to an open-source project.","votes":"18","type":"x","order":"3","pct":45,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

    Please vote first in order to view vote results.


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.