Debian: DSA 1149-1 Critical: Ncompress Buffer Underflow Risk
debian
August 10, 2006
Tavis Ormandy from the Google Security Team discovered a missing boundary check in ncompress, the original Lempel-Ziv compress and uncompress programs, which allows a specially cra...
Topics Covered
Summary
For the unstable distribution (sid) this problem has been fixed in
version 4.2.4-15sarge2.
We recommend that you upgrade your ncompress package.
Upgrade Instructions
- --------------------wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given at the end of this advisory:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.1 alias sarge
Size/MD5 checksum: 591 8fa14e666180e8a37491dcd33114dbff
Size/MD5 checksum: 8124 1b7aa0d3079f334202df5d1c77e0f9bf
Size/MD5 checksum: 31765 7ef0d51aee53b6cd5c6aefe637491281
Alpha architecture:
Size/MD5 checksum: 24370 72b955790079338f98afd62c49644897
AMD64 architecture:
...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!