Debian: New perdition packages fix arbitrary code execution
Summary
- ------------------------------------------------------------------------Debian Security Advisory DSA-1398-1 security@debian.org http://www.debian.org/security/ Noah Meyerhans November 05, 2007 http://www.debian.org/security/faq - ------------------------------------------------------------------------Package : perdition Vulnerability : format string error Problem type : remote Debian-specific: no CVE Id(s) : CVE-2007-5740 Debian Bug : 448853 Bernhard Mueller of SEC Consult has discovered a format string vulnerability in perdition, an IMAP proxy. This vulnerabilty could allow an unauthenticated remote user to run arbitrary code on the perdition server by providing a specially formatted IMAP tag. For the stable distribution (etch), this problem has been fixed in version 1.17-7etch1 For the old stable distribution (sarge), this problem has been fixed in version 1.15-5sarge1 We recommend that you upgrade your perdition package. Upgrade instructions - --------------------wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian 3.1 (oldstable) - ----------------------Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390 and sparc. Source archives: Size/MD5 checksum: 7002 aa17651883aea7cca61424ad9bf8a38e Size/MD5 checksum: 551692 7c3aaf30198cf73191a984a76637a940 Size/MD5 checksum: 919 0e3ce322a1b1ad44abbda163b925d642 alpha architecture (DEC Alpha) Size/MD5 checksum: 140360 61d32cd4af764fa65e23d6869653a896 Size/MD5 checksum: 15650 6d6e3c3203ae4295c9662e0909fb5a6a Size/MD5 checksum: 15688 2b90d41bcdea29588c2f35fab48d0509 Size/MD5 checksum: 17238 5bead1ab538267fc333eb4f6b9c020ef Size/MD5 checksum: 6468 ecb0e3ac2a09ec9f0f44ed96ee4d8593 Size/MD5 checksum: 15610 8f04933904f13f965f5f2898f1bdc9a3 arm architecture (ARM) Size/MD5 checksum: 14328 a592a1921bd1705f318ec595aceefeab Size/MD5 checksum: 15592 6aa78127518ba95bdb8a1266a5c6f1a0 Size/MD5 checksum: 6294 e3b87dc37c4155bae044c4be22300921 Size/MD5 checksum: 122276 430dc58170a7a8ab2d704585f67fb99d Size/MD5 checksum: 14252 f5fa0615aab2a529ae3afc2dbe08a2cf Size/MD5 checksum: 14232 7f2ced3580dc952edaf8bb1507a0285b i386 architecture (Intel ia32) Size/MD5 checksum: 119726 4671079309c853aa5d13f2918f53c1f2 Size/MD5 checksum: 15528 9079ac2b06bb7fba3144ce3f76c3c215 Size/MD5 checksum: 14326 633db52e6fcf8b4f2e099937498a012f Size/MD5 checksum: 6294 b16d645566732d1385de81877c952d96 Size/MD5 checksum: 14348 2f5b1b22d2b482082d83cc8a9070b964 Size/MD5 checksum: 14232 b75a42714104e1578c8b3627c74c2d60 ia64 architecture (Intel ia64) Size/MD5 checksum: 15646 ce470700b01bf4029d165fd9facf7b0c Size/MD5 checksum: 15960 4308037c87227c4cb241550051231e65 Size/MD5 checksum: 16174 635178c31b530f056940a831aa0abd26 Size/MD5 checksum: 154432 1c987a16dab826bc2f91fb2cfe2fe9eb Size/MD5 checksum: 6474 420ef22494611bb6b226371dab5af2f3 Size/MD5 checksum: 18074 5da4650e73140e159176900dbea7e67f m68k architecture (Motorola Mc680x0) Size/MD5 checksum: 14116 bf50e0ce53a1684791e0f70bc46d0894 Size/MD5 checksum: 6310 6df8da9a9ddb992d70814c5adbec0bba Size/MD5 checksum: 111874 7f3a64e9b80eed65dc4a8baf72a4a21c Size/MD5 checksum: 14958 f3fc80302751e739f21386c6c60aa88d Size/MD5 checksum: 14038 5317d2d8622b06e51c980bea933df28d Size/MD5 checksum: 14086 7347aa18e38d21835378dae7cc4b8ea9 mips architecture (MIPS (Big Endian)) Size/MD5 checksum: 14736 5204bfc0fdda0a9827403721a5f74fbb Size/MD5 checksum: 14750 28ae200d940390f2b1ac85673bd74c0b Size/MD5 checksum: 122244 6c4e31d7d79c3aa8a98d7abc16f84b8f Size/MD5 checksum: 14336 9a10a377ffb800b0f291735f011ef5d2 Size/MD5 checksum: 6432 2fccbe671d4c2e5cd491d84adfc64f5b Size/MD5 checksum: 15690 aacfe57aa71fc2f50cf9d1ee5b8550bb mipsel architecture (MIPS (Little Endian)) Size/MD5 checksum: 14786 9d069d930037028087d0c3aa4ddeb2f6 Size/MD5 checksum: 14364 052fade4c32b33b86328077718986e69 Size/MD5 checksum: 14760 86e078db1864501427ad8fbf1503d271 Size/MD5 checksum: 122662 1717cabea73b8af8a21dfd3307236b8c Size/MD5 checksum: 6432 02d7d96d7819c99205ea32fb7595cc67 Size/MD5 checksum: 15670 60b51caca1c4431733171bec91a2bcfb powerpc architecture (PowerPC) Size/MD5 checksum: 18406 e01d845c4282963a8d9f05da607e1468 Size/MD5 checksum: 6344 60eec8df1c7cef0b7616f109148596d0 Size/MD5 checksum: 16654 0ff82c98dedb64264012aee0aa64d9bb Size/MD5 checksum: 16582 9f8590f59b057ab020f55c6edf0628ee Size/MD5 checksum: 16270 81999506638884dcc6a8c181ea75243b Size/MD5 checksum: 135304 fc69b32ba59913f8215f330c41fa8770 s390 architecture (IBM S/390) Size/MD5 checksum: 14574 f6072205d4c7bc2cc79f5c86075c60fa Size/MD5 checksum: 14664 df980932a537964b84170349864775f3 Size/MD5 checksum: 6398 05d63c9973dbe3833dfb56cbe4e6a165 Size/MD5 checksum: 121700 b142e3e38cbc63133ff30f6c79f99c9c Size/MD5 checksum: 16154 eb5267cab225c032bbcc2ef11f5cdc88 Size/MD5 checksum: 14642 1b194c882b3313b026c6b735b5c0dfa8 sparc architecture (Sun SPARC/UltraSPARC) Size/MD5 checksum: 119174 e09001fe3f590f29c5c164bb4191a4dd Size/MD5 checksum: 14314 7b652d5237f60d880d2a21c177bb78fb Size/MD5 checksum: 14262 9de4a843f84712d83ae3673f0b728f69 Size/MD5 checksum: 14490 8da7b70b34c0f73c4950c1fd667bcf35 Size/MD5 checksum: 6308 2a0b24bd5958d7fe3cd076fa39f38878 Size/MD5 checksum: 15508 ae102d40df70a62b40660b5dc37eb850 Debian 4.0 (stable) - ---------------Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: Size/MD5 checksum: 552149 6cef90e55bde9eb2d0a17acccb3516f3 Size/MD5 checksum: 909 325066ab30c9d78d6af74004fa0f8ecc Size/MD5 checksum: 115530 ce6a018ab54dfdff0beebd4661dcdfec alpha architecture (DEC Alpha) Size/MD5 checksum: 16738 8ef93a770527f4236a0e1804e0e253f7 Size/MD5 checksum: 7282 4d4ce85a1d8031126f9e2b3d247bbb93 Size/MD5 checksum: 17840 b7f3ac347093a06d0977c999abb5f4c3 Size/MD5 checksum: 143348 0f53f3e54780e13281be2868cdc6c2ca Size/MD5 checksum: 16444 9f278192b8b0668ee75e1961c30303d0 Size/MD5 checksum: 16554 efdc20c855aa0396f0d1953075ebccdd amd64 architecture (AMD x86_64 (AMD64)) Size/MD5 checksum: 129406 57be430d9dbf3787947f6bfe5275d1ac Size/MD5 checksum: 15828 ca4ce1853dae920a260b76a3adce855f Size/MD5 checksum: 15412 f3c60a210c4796b258b613ea9d194be1 Size/MD5 checksum: 15696 6eca25001130b6f6453a0d3effdfb7e4 Size/MD5 checksum: 16460 5be1284fa134c35741bfcd455c103794 Size/MD5 checksum: 7172 b559a95c0beb7705378b6c6b745327d0 arm architecture (ARM) Size/MD5 checksum: 14976 3713cf6a1adc3d275f568d30dcf6115b Size/MD5 checksum: 7090 0e4f92fb781bbbd9622aac483add1bea Size/MD5 checksum: 15806 7550b203c67234202c58228746c9e02c Size/MD5 checksum: 14850 12733c48be965b35404e501d6cf9bd4f Size/MD5 checksum: 126442 65d6d2d4e8754012aa50048435739f49 Size/MD5 checksum: 14786 70652666820ae4056d7af86e96ae5f52 i386 architecture (Intel ia32) Size/MD5 checksum: 15188 0890a10870f164a52fb0264892828a28 Size/MD5 checksum: 14994 bccc80e234204421a84dd9ab78b621ca Size/MD5 checksum: 15160 9a17d7063805c8d9499f98d083dfd130 Size/MD5 checksum: 123700 3be7e162e22f57515475dfc253ada667 Size/MD5 checksum: 16216 98fc325b45d1a2f73660ab85449adbf9 Size/MD5 checksum: 7096 2863aa3f4703232e38036b389ea364da ia64 architecture (Intel ia64) Size/MD5 checksum: 18892 555cd8c6241693b2956abb63b7f48ea4 Size/MD5 checksum: 7322 754fd15738c4c03d0561403090a90a73 Size/MD5 checksum: 165476 23a036b76309eb03942c6e05a645bc86 Size/MD5 checksum: 16916 8946d6a58fd2b6f432e8b807e58b87fb Size/MD5 checksum: 16892 1b3ff231b9ddafd3a283bd018ea74338 Size/MD5 checksum: 17268 081dd79a908bc799e9d1bcb0a6c6ce7d mips architecture (MIPS (Big Endian)) Size/MD5 checksum: 7278 c30e1f3482ceba7d4ca40831acc5fd7f Size/MD5 checksum: 16132 5291cbe181a6bcbe8b37a52c24f746f9 Size/MD5 checksum: 15558 caeece00516ae11ec3034d78a447e336 Size/MD5 checksum: 15276 e095ff5a72a39d30548889a4d674dbe9 Size/MD5 checksum: 126958 d569b278ed66bc83b41f041c44f13a35 Size/MD5 checksum: 15320 a5188386bcea856f51f293c7495524df mipsel architecture (MIPS (Little Endian)) Size/MD5 checksum: 15566 7be5d8df6460bc213c5f24374a240951 Size/MD5 checksum: 15334 11f0b17bdcc59ecf472ca1bd5ef9b8af Size/MD5 checksum: 16144 df194c4504ee6423a8a02fcdaba4b73f Size/MD5 checksum: 7288 ff868a99e00b9a79079ef473fd295898 Size/MD5 checksum: 15292 dd31cb5d8077116c397e40a444fa42dd Size/MD5 checksum: 127190 a16586a287c915646a39d00e7ff70dea powerpc architecture (PowerPC) Size/MD5 checksum: 17422 a109e5de9dfe83129c5375c4d7c145bc Size/MD5 checksum: 18730 ea33d517d9e183651f4a3e2926aa299b Size/MD5 checksum: 7152 8dbaf586595d600d793bd4c58972b647 Size/MD5 checksum: 17646 0a2b3b1af367b12571e9c9c91cedb2e5 Size/MD5 checksum: 140550 eb71ac24c57ec6686793d0bbb8231b8f Size/MD5 checksum: 17104 97ad739ca7bdcc20b8de1d07c7c062ab s390 architecture (IBM S/390) Size/MD5 checksum: 15518 0be191cf603a83c82adb5d9b88f9139b Size/MD5 checksum: 7196 2783f828b8391ba8c07ccbda8489d049 Size/MD5 checksum: 16962 37947b3bd3d0723f06e2d667d58474fc Size/MD5 checksum: 128810 4898f9176d7805d503c11491c6b64914 Size/MD5 checksum: 15494 2ae2f17de7eac2ec333dd5133b16f865 Size/MD5 checksum: 15520 96c5378568da0704d5a74d34c034dd6d sparc architecture (Sun SPARC/UltraSPARC) Size/MD5 checksum: 15082 b463f4fa8e72d317d2f5b3b39c66e592 Size/MD5 checksum: 7120 bf088cf218a8f3017bb29121fccca6e9 Size/MD5 checksum: 16160 9dc3638082c29dff33346ff2490ae63b Size/MD5 checksum: 15182 a00acb5a8180a0c3298af0d464489d84 Size/MD5 checksum: 123474 e00eda5c5af3bcd4bbc347e8e4e21e85 Size/MD5 checksum: 15358 bdc7459986000be5cd14379388bfdba9 These files will probably be moved into the stable distribution on its next update. - ---------------------------------------------------------------------------------For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org
Sign up to get the latest security news affecting Linux and
open source delivered straight to your inbox
Powered By
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.