Debian: New util-linux packages fix programming error
Summary
- ------------------------------------------------------------------------Debian Security Advisory DSA-1450-1 security@debian.org http://www.debian.org/security/ Steve Kemp January 05, 2008 http://www.debian.org/security/faq - ------------------------------------------------------------------------Package : util-linux Vulnerability : programming error Problem type : local Debian-specific: no CVE Id(s) : CVE-2007-5191 Debian Bug : XXX It was discovered that util-linux, Miscellaneous system utilities, didn't drop privileged users and groups in the correct order in the mount and umount commands. This could potentially allow a local user to gain additional privileges. For the stable distribution (etch), this problem has been fixed in version 2.12r-19etch1. For the old stable distribution (sarge), this problem has been fixed in version 2.12p-4sarge2. We recommend that you upgrade your util-linux package. Upgrade instructions - --------------------wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.1 alias sarge - --------------------------------Source archives: Size/MD5 checksum: 712 c16f823e59f4e6e844abb42a5d0d74c5 Size/MD5 checksum: 74396 9e13a2463ef33b2bd1596072742f8da8 Size/MD5 checksum: 2001658 d47e820f6880c21c8b4c0c7e8a7376cc Architecture independent packages: Size/MD5 checksum: 1070176 a6404671c68d7f06a9da77b1dafc7a42 alpha architecture (DEC Alpha) Size/MD5 checksum: 440162 5d79ed3df525038d07eee80e2872e625 Size/MD5 checksum: 161046 c8f09ca56ba1d2e557ca8c730b02585e Size/MD5 checksum: 69054 6b36255a732ac7b3bddb4ed53d202e55 Size/MD5 checksum: 563462 dd3b17badda1e17440a29cc29ff439a4 arm architecture (ARM) Size/MD5 checksum: 387470 3df157ef832ed95ac9f92ff94383a7f1 Size/MD5 checksum: 65422 c57935c9e9d5e3d9c3bbdda78b0047b1 Size/MD5 checksum: 548928 c29b3f44c372b9129138d89ab17178a7 Size/MD5 checksum: 136594 6f762a670c52c716ef21b0fdca700447 hppa architecture (HP PA RISC) Size/MD5 checksum: 423190 d15fcccebc85a5c173eb862eed237cab Size/MD5 checksum: 562828 4b3f69108bacc9f576125d55b450158d Size/MD5 checksum: 149524 a7f26a0b62035eb0f395db4a0fb05cf6 Size/MD5 checksum: 68018 2966417cb1dbb3bd7321e78cf819953b i386 architecture (Intel ia32) Size/MD5 checksum: 541402 f73c85cc3e687ce28163e1ec10aa25e6 Size/MD5 checksum: 65834 198a771b904f201e49d04a0a401f02ea Size/MD5 checksum: 380538 c2cba4219351e9af5a90e772461d7015 Size/MD5 checksum: 140038 41d4c24fcd78ef78253ffe7d0dceab22 ia64 architecture (Intel ia64) Size/MD5 checksum: 507372 f5cfadc062f43cada6e6647770df546c Size/MD5 checksum: 71636 3271e6449d3d26f3a12a3515b27bc1c6 Size/MD5 checksum: 174126 4373c2adb44d9db16523f8c544039d9b Size/MD5 checksum: 590718 a6586872cb11870c70ed302cff27edea m68k architecture (Motorola Mc680x0) Size/MD5 checksum: 129950 7ec7e58e4e40d17916b5551458302f73 Size/MD5 checksum: 65646 a72b65b46670259235bde4f4c544e3e5 Size/MD5 checksum: 242714 7f4281627d1a35a381324181225d1d30 mips architecture (MIPS (Big Endian)) Size/MD5 checksum: 149674 c2112e05a05010002a00ac7aab88c24d Size/MD5 checksum: 454004 fbfba9ffd81e5bf6e3cddbab79db7010 Size/MD5 checksum: 562188 df36a1b2bf7e3c139909536cb1cfacc6 Size/MD5 checksum: 71200 d85673c687eae7c73a3f3dde8a0e1d1c mipsel architecture (MIPS (Little Endian)) Size/MD5 checksum: 71128 11eb8733b74fb60b827e0ee20a665074 Size/MD5 checksum: 560164 09fba084cb3fbadcb3e8dfbe23d9ca00 Size/MD5 checksum: 454098 70cf0b01d6c7c8168b67ddca58ac460c Size/MD5 checksum: 150286 225957bd9f3459d8c690a2fb8d5d5c63 powerpc architecture (PowerPC) Size/MD5 checksum: 147524 fa550c13e958cb24c4fc6892721f1774 Size/MD5 checksum: 556382 6c1e157b9d8c50e710e161ff56128fc3 Size/MD5 checksum: 406432 240bb6ff7568a9c5431d6e25effd9027 Size/MD5 checksum: 66066 c79ecde89a4bca6098631ed3b037f3c0 s390 architecture (IBM S/390) Size/MD5 checksum: 379214 58a06c548c099ecc78844285138a9ef4 Size/MD5 checksum: 145948 f1aa3a82a738a93d244b9efccce0f807 Size/MD5 checksum: 558122 ca862492d2073e62bd02e0e5035739ad Size/MD5 checksum: 67214 bd5a4a0caa9633cce62dab9c46b92e68 sparc architecture (Sun SPARC/UltraSPARC) Size/MD5 checksum: 138374 89cca3fc13c63f2e968868c16b2c8af5 Size/MD5 checksum: 274552 ed37167f7e16d1b5e6aad05a865ed980 Size/MD5 checksum: 65528 fee03f7fa096f9628f1da718ee73c068 Size/MD5 checksum: 39778 ec743031e4434bf8fac954643bc82a75 Debian GNU/Linux 4.0 alias etch - -------------------------------Source archives: Size/MD5 checksum: 750 66546d031256054335cee8f1537d497d Size/MD5 checksum: 103759 258e5d0be4b6d58da2926840e91f80d8 Architecture independent packages: Size/MD5 checksum: 1086256 ba17a075cf0cb2f76c58f6ca0dabc469 alpha architecture (DEC Alpha) Size/MD5 checksum: 485430 5914165d8adb198d1c4f20923e77371b Size/MD5 checksum: 71118 80416006c0439b5b160308c4cab38cab Size/MD5 checksum: 412426 a512bdf2a6e4610368268a48616e2338 Size/MD5 checksum: 174248 a387863a4533463ea8f76d9fbe28b57b Size/MD5 checksum: 69232 52c3d65dc03c4bb10da3aa8997b40af2 amd64 architecture (AMD x86_64 (AMD64)) Size/MD5 checksum: 162824 d2b3d4d6d3ca0aec56e6560831a9de5a Size/MD5 checksum: 397324 5f3758c3dfda838c877e6d471cb784ec Size/MD5 checksum: 485096 7d7eba8ac57dbbaac1ec8ab081e45497 Size/MD5 checksum: 69764 bc0c5d69fdf2165458c0e7abefdb5fbc Size/MD5 checksum: 64548 0eb480a8aee59e4c620ecb29f63f927c arm architecture (ARM) Size/MD5 checksum: 486468 516ae37dc6deb7ced1abc66435da14fc Size/MD5 checksum: 64652 65150b48c91bf577e0517663b56ac2df Size/MD5 checksum: 68534 2224d1d73e981dfc975ad738cc734a61 Size/MD5 checksum: 151328 2979a97bed34c836c88abe829802c577 Size/MD5 checksum: 388904 6ec50e18fc8ac5cf410a8bc7ef1a4072 hppa architecture (HP PA RISC) Size/MD5 checksum: 490476 ba319f3968b0fa50f531d5467d9efd92 Size/MD5 checksum: 415696 4ff25eaa541c44da9bf1332fd456b778 Size/MD5 checksum: 72070 f059cd88c0752b1d26868a37ffeb76f0 Size/MD5 checksum: 161262 cd5af93db297ed73c29fb0e724342a1c Size/MD5 checksum: 70530 8c5b00fc105b08dd3300c407800fcee3 i386 architecture (Intel ia32) Size/MD5 checksum: 483796 42713a8d2bfe66be61c4368f9297282e Size/MD5 checksum: 58012 bf4c9b986448f79bde690f364675d45d Size/MD5 checksum: 68548 446b1ef1d65507eb4bb445b848669497 Size/MD5 checksum: 375214 498d39c18c17337f908cdb64457080fb Size/MD5 checksum: 157272 c5b1383c8c6fe95fd5344c2e6a20a68f ia64 architecture (Intel ia64) Size/MD5 checksum: 481248 df95ef8b6d5425231a4b5a8b83708b9a Size/MD5 checksum: 73840 e184768d10c05f735194fea49baf44d7 Size/MD5 checksum: 494036 92f7e3535e7aac8ee7cff08e881daf3b Size/MD5 checksum: 88944 ba2be57ed59074b08f8dfd1ea54d28c5 Size/MD5 checksum: 189582 588a03342bfe94ddcc6b0731fed7798d mips architecture (MIPS (Big Endian)) Size/MD5 checksum: 409996 5f1081bd8d61668b018bc2bf566adbee Size/MD5 checksum: 70182 3e08af58bacd4b025cd0abc55bbcc469 Size/MD5 checksum: 491132 6f717a8be2567569fc699200664c20ab Size/MD5 checksum: 70404 a575852e3946955cca1ef87089ed3629 Size/MD5 checksum: 165076 3c1ce884e3de89f449886647cf04ae3f mipsel architecture (MIPS (Little Endian)) Size/MD5 checksum: 489198 9ad73f874cddbe202a7751a63a123b37 Size/MD5 checksum: 409998 8a33bfd57fc03795ab715caeb08f3efd Size/MD5 checksum: 70354 0317bc2a2bd8234d8199e28bdbb3c50f Size/MD5 checksum: 70302 5de2df205891cc2bc289f3fc226880f4 Size/MD5 checksum: 165162 83614488ec6324a29b84df3f26a3808a powerpc architecture (PowerPC) Size/MD5 checksum: 64156 5a421d03d607dc2dc850420128f58442 Size/MD5 checksum: 393330 b172821b4e84b39350cb31dfbd73e5f3 Size/MD5 checksum: 68906 baf6c5742ea1cb223e890645c46131a0 Size/MD5 checksum: 158180 c2be00ea526ce53cdb99b269467aa256 Size/MD5 checksum: 488132 32df2a8c2e258347d30a6d277d73e0fd s390 architecture (IBM S/390) Size/MD5 checksum: 70056 cef8b55e97ae2b4c555ed6e2994cac52 Size/MD5 checksum: 69478 1f1e4d4270624073cefb18ec876e8331 Size/MD5 checksum: 489936 5053c8f2b4df8d7e962226599f550575 Size/MD5 checksum: 379524 30d04a68c9dece51e69475de1f6a394f Size/MD5 checksum: 159256 5ab3f1a015e0b05a91b4990cfa3b42ca sparc architecture (Sun SPARC/UltraSPARC) Size/MD5 checksum: 155194 d7ffcb68840e2c7fa979d8a3fed874fd Size/MD5 checksum: 37474 a66ff5f7a46ca31ec6e5aea486b3b4f6 Size/MD5 checksum: 273878 1edee1ee7a544a06eac0f88c9005bb06 Size/MD5 checksum: 68566 37bff20df09804ca7d6cfe2d08c9caf5 These files will probably be moved into the stable distribution on its next update. - ---------------------------------------------------------------------------------For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org