Debian: New tk8.3 packages fix arbitrary code execution
Summary
- ------------------------------------------------------------------------Debian Security Advisory DSA-1490-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff February 10, 2008 http://www.debian.org/security/faq - ------------------------------------------------------------------------Package : tk8.3 Vulnerability : buffer overflow Problem type : local(remote) Debian-specific: no CVE Id(s) : CVE-2008-0553 It was discovered that a buffer overflow in the GIF image parsing code of Tk, a cross-platform graphical toolkit, could lead to denial of service and potentially the execution of arbitrary code. For the stable distribution (etch), this problem has been fixed in version 8.3.5-6etch2. For the old stable distribution (sarge), this problem has been fixed in version 8.3.5-4sarge1. We recommend that you upgrade your tk8.3 packages. Upgrade instructions - --------------------wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian 3.1 (oldstable) - ----------------------Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390 and sparc. Source archives: Size/MD5 checksum: 619 72ec50a6f7fe598dfdfa5bb6dcce26b8 Size/MD5 checksum: 27487 e8e4be4e42aa8d8aa42737e51bd00efb Architecture independent packages: Size/MD5 checksum: 656610 2fdeefaa7fda287e93f03835b81c6b97 alpha architecture (DEC Alpha) Size/MD5 checksum: 800050 9ffdf85836c8c363791fca0fd9695caa Size/MD5 checksum: 866706 dccdb481171dbda93f1e285ba80928c1 amd64 architecture (AMD x86_64 (AMD64)) Size/MD5 checksum: 5401662 027185eb7532fa4e9cdd0d50bdaf3d83 Size/MD5 checksum: 678048 b5be308ba38fab05cae38e092d57a889 arm architecture (ARM) Size/MD5 checksum: 693912 5399334e960fdcc8bcffe9264f249088 Size/MD5 checksum: 5374592 80f52caef92bb04868944996407be7b4 hppa architecture (HP PA RISC) Size/MD5 checksum: 5523864 89387f3788ac2ecc8f1209573e51d462 Size/MD5 checksum: 771440 50776eb1a27f0b64d5a293bc9a3b2578 i386 architecture (Intel ia32) Size/MD5 checksum: 5373152 1acda6edfe3ca9d906e309b7ec1c80df Size/MD5 checksum: 663734 2455bba9b8ff48ff5cac5a95f4c186e6 ia64 architecture (Intel ia64) Size/MD5 checksum: 898866 940ba28f8b0db48406ee4809b9d77f86 Size/MD5 checksum: 5621592 4fb33ae434375d246943d88dd3682c7a m68k architecture (Motorola Mc680x0) Size/MD5 checksum: 575068 6458f19e912a11ed076486ab61743214 Size/MD5 checksum: 5379682 fc5794b7b0079628fa530298f9476bfb mips architecture (MIPS (Big Endian)) Size/MD5 checksum: 704002 25fbbe38f11333a06bc05d23126df314 Size/MD5 checksum: 816286 b3d5de6c3d0825efae3c2589e092aa34 mipsel architecture (MIPS (Little Endian)) Size/MD5 checksum: 813022 1423ef69d3d9bd8b701793856cc795cf Size/MD5 checksum: 701082 406ae2f59095a43400895e5b40e6ab3c powerpc architecture (PowerPC) Size/MD5 checksum: 7878966 a265e04e508554a1d0bd314cb7d6a908 Size/MD5 checksum: 677236 6a4d7527fbf5a228c1acde4299ea1f84 s390 architecture (IBM S/390) Size/MD5 checksum: 5561774 e0f0a37236461ae94b933e4a5eb14817 Size/MD5 checksum: 674842 6c668ee1265ae78ad5b812e607f5f71d sparc architecture (Sun SPARC/UltraSPARC) Size/MD5 checksum: 5426718 20594b4384ea7417cf7a5632f8638bbd Size/MD5 checksum: 678866 abc4b418f08a7605df0e9eb8cd4c657d Debian 4.0 (stable) - -------------------Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: Size/MD5 checksum: 672 4e486153b8faf53782476e22c3880001 Size/MD5 checksum: 28777 54d70c692b5c712098e7a3f3da8a169f Size/MD5 checksum: 2598030 363a55d31d94e05159e9212074c68004 Architecture independent packages: Size/MD5 checksum: 657298 cc62b269ba2ac2bd6eca61774adb75b8 alpha architecture (DEC Alpha) Size/MD5 checksum: 870312 ca7383e0d6ceac65fd9dc59625fb051d Size/MD5 checksum: 808390 23b7446294b1cb3cf48fc1ad51b4edfe amd64 architecture (AMD x86_64 (AMD64)) Size/MD5 checksum: 830910 4769eafe35695248d9e5f86b55a71874 Size/MD5 checksum: 691460 ab8c2af96d4573753de894f5d738d9df arm architecture (ARM) Size/MD5 checksum: 802950 247e4ef8599dff92ce89ffc040a683e9 Size/MD5 checksum: 649908 ad723304134fdd974f87f03be98466c4 hppa architecture (HP PA RISC) Size/MD5 checksum: 889136 299f1a1f029ae989000f0618f3f627c2 Size/MD5 checksum: 773516 1d0fa389e6d47a3735d9db10eea5030e i386 architecture (Intel ia32) Size/MD5 checksum: 805102 94482087953e4efdbd27bd72ae7187af Size/MD5 checksum: 672612 a89666282487cda0bae98a0873fb01d7 ia64 architecture (Intel ia64) Size/MD5 checksum: 1057942 c8a0053f14a1cf36f3dd20124b633e68 Size/MD5 checksum: 959576 b3c0dd20cc601ef00c8f2958f33b57ab mips architecture (MIPS (Big Endian)) Size/MD5 checksum: 728178 f8e3ef984f59b502767e39a16418b512 Size/MD5 checksum: 825678 46311b08a5851e68a355217f08068647 mipsel architecture (MIPS (Little Endian)) Size/MD5 checksum: 823114 1beec3521b5a071b5d61c7ac0ab400f4 Size/MD5 checksum: 725968 44abec2145cf4619ee9fdb519d8a817b powerpc architecture (PowerPC) Size/MD5 checksum: 659960 6121101918009e9cfc3400bd00bd1176 Size/MD5 checksum: 824324 2b4d6681e5736f78fdfdfe0afc9c54cc s390 architecture (IBM S/390) Size/MD5 checksum: 838398 4cf8eb32d6c4a0e51d42141c4be20f94 Size/MD5 checksum: 694042 68ab888f154ccd255b2e3487ee449076 sparc architecture (Sun SPARC/UltraSPARC) Size/MD5 checksum: 680556 ca6f34ad3f8052f0488fbb27c63f46b7 Size/MD5 checksum: 805330 e9088a3f282d1d34fc60437bbc29579e These files will probably be moved into the stable distribution on its next update. - ---------------------------------------------------------------------------------For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org
Sign up to get the latest security news affecting Linux and
open source delivered straight to your inbox
Powered By
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.