Debian: New link-grammar packages fix execution of code
Summary
- ------------------------------------------------------------------------Debian Security Advisory DSA-1432-1 security@debian.org http://www.debian.org/security/ Steve Kemp December 16, 2007 http://www.debian.org/security/faq - ------------------------------------------------------------------------Package : link-grammar Vulnerability : buffer overflow Problem type : local Debian-specific: no CVE Id(s) : CVE-2007-5395 Debian Bug : 450695 Alin Rad Pop discovered that link-grammar, Carnegie Mellon University's link grammar parser for English, performed insufficient validation within its tokenizer, which could allow a malicious input file to execute arbitrary code. For the stable distribution (etch), this problem has been fixed in version 4.2.2-4etch1. For the old stable distribution (sarge), this package was not present. For the unstable distribution (sid), this problem was fixed in version 4.2.5-1. We recommend that you upgrade your link-grammar package. Upgrade instructions - --------------------wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - -------------------------------Source archives: Size/MD5 checksum: 742163 798c165b7d7f26e60925c30515c45782 Size/MD5 checksum: 669 535a962c3aefbf92b3d09bd9355d3b57 Size/MD5 checksum: 8231 fa03dfbb7a2e0a47130c9f1385eb48d3 Architecture independent packages: Size/MD5 checksum: 267530 52ef5d6278b5f8a5a0c0894b3d99235e alpha architecture (DEC Alpha) Size/MD5 checksum: 169386 f866bf37b179cf8f1c31f13b0ab9100a Size/MD5 checksum: 16666 14b288d946738d5eefed5dc50e84040f Size/MD5 checksum: 108456 826d5896c36850255bedfcc3b70a8ea1 amd64 architecture (AMD x86_64 (AMD64)) Size/MD5 checksum: 16038 ea80489f9db4f247d5009bf435f40707 Size/MD5 checksum: 95996 0851ea02bd3b4b600d68df09016915cf Size/MD5 checksum: 127934 a43908000f552820cdcd2c1a7819f62f arm architecture (ARM) Size/MD5 checksum: 15074 5a881ae17e13efc9ae731b9f86d7a0ff Size/MD5 checksum: 110896 54d4534ce7a06ed675d9c4d2c957e519 Size/MD5 checksum: 87732 5dfce7e3245ab16bbab0f2325d462192 hppa architecture (HP PA RISC) Size/MD5 checksum: 16202 3f8cbe2ab057f5d3b387c1e52e4e9e51 Size/MD5 checksum: 139488 2411aae738f8467e4180debc87b265ee Size/MD5 checksum: 104292 105899d1fa1a37a2690a6d3372572912 i386 architecture (Intel ia32) Size/MD5 checksum: 15458 9b43845e6fdb26319c4dd3d88afe5fb4 Size/MD5 checksum: 89456 ffa178b41a336d1a9e11bca02a3d2232 Size/MD5 checksum: 111356 50b911abcf134bffe48bd599b7c42050 ia64 architecture (Intel ia64) Size/MD5 checksum: 190852 a4e0f03a7d7f6d2e463eda96f62205ab Size/MD5 checksum: 18526 ac56d42bb0e8d3922f0a57627a4c9ec0 Size/MD5 checksum: 142350 3c8decefa958c50420aec4ec220feaec mips architecture (MIPS (Big Endian)) Size/MD5 checksum: 138736 443874945980a7625c0bbc29e29d8ffc Size/MD5 checksum: 93814 a17d5189ae4289f0a0d7277ddcf23ecd Size/MD5 checksum: 15892 d469f682c72fcb82aed2afa9c3f85f6e mipsel architecture (MIPS (Little Endian)) Size/MD5 checksum: 138978 56e715e3bba5245263e5ba35ae78276d Size/MD5 checksum: 15874 1c56d7f76d827c9e7a9074ec3faab791 Size/MD5 checksum: 94188 a13cf0d9c8978b8bde4610fd0b58b791 powerpc architecture (PowerPC) Size/MD5 checksum: 94278 e4eaa7e42cae572c443d9863d6cc0ca4 Size/MD5 checksum: 129248 e3cd1c0cc74d868f26f63881700e5ec5 Size/MD5 checksum: 15554 191ccfa13898e334792113b52dbe35c5 s390 architecture (IBM S/390) Size/MD5 checksum: 124790 cda7a4e0b8ed670be66f10a867cf77e9 Size/MD5 checksum: 16248 9d356c1a11def3e93e166d0bd7f07b18 Size/MD5 checksum: 104892 1ed12c7feb9f4635702dd7e0e81ce173 sparc architecture (Sun SPARC/UltraSPARC) Size/MD5 checksum: 117854 dfb8639578fbddf0e41ec5bb99bec976 Size/MD5 checksum: 15262 da06736b13a0460c99f41827a98d0dc3 Size/MD5 checksum: 89930 24ddd7a5de3484626f89e8c5023243b3 These files will probably be moved into the stable distribution on its next update. - ---------------------------------------------------------------------------------For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org
Sign up to get the latest security news affecting Linux and
open source delivered straight to your inbox
Powered By
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.