Debian: pwlib Multiple vulnerabilities

    Date23 Feb 2004
    CategoryDebian
    3049
    Posted ByLinuxSecurity Advisories
    This library is most notably used in several applications implementing theH.323 teleconferencing protocol, including the OpenH323 suite, gnomemeeting and asterisk.
    
    Debian Security Advisory DSA 448-1                     This email address is being protected from spambots. You need JavaScript enabled to view it. 
    http://www.debian.org/security/                             Matt Zimmerman
    February 22nd, 2004                      http://www.debian.org/security/faq
    - --------------------------------------------------------------------------
    
    Package        : pwlib
    Vulnerability  : several
    Problem-Type   : remote
    Debian-specific: no
    CVE Id         : CAN-2004-0097
    Debian bug     : 233888
    
    Multiple vulnerabilities were discovered in pwlib, a library used to
    aid in writing portable applications, whereby a remote attacker could
    cause a denial of service or potentially execute arbitrary code.  This
    library is most notably used in several applications implementing the
    H.323 teleconferencing protocol, including the OpenH323 suite,
    gnomemeeting and asterisk.
    
    For the current stable distribution (woody) this problem has been
    fixed in version 1.2.5-5woody1.
    
    For the unstable distribution (sid), this problem will be fixed soon.
    Refer to Debian bug #233888 for details.
    
    We recommend that you update your pwlib package.
    
    Upgrade Instructions
    - --------------------
    
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    
    Debian GNU/Linux 3.0 alias woody
    - --------------------------------
    
      Source archives:
    
         http://security.debian.org/pool/updates/main/p/pwlib/pwlib_1.2.5-5woody1.dsc
          Size/MD5 checksum:      639 2e057d4bb38abbdfebe95ca2962a2733
         http://security.debian.org/pool/updates/main/p/pwlib/pwlib_1.2.5-5woody1.diff.gz
          Size/MD5 checksum:    34683 4f5b334e860eea238244d82d8084f6bb
         http://security.debian.org/pool/updates/main/p/pwlib/pwlib_1.2.5.orig.tar.gz
          Size/MD5 checksum:   749440 b320577dd1cff37cceea57c45de9de85
    
      Alpha architecture:
    
         http://security.debian.org/pool/updates/main/p/pwlib/asnparser_1.2.5-5woody1_alpha.deb
          Size/MD5 checksum:   130708 899913e27abbbaf9181e363fc5c00184
         http://security.debian.org/pool/updates/main/p/pwlib/libpt-1.2.0_1.2.5-5woody1_alpha.deb
          Size/MD5 checksum:   868610 579711836aa1cf6310b445f4f769074d
         http://security.debian.org/pool/updates/main/p/pwlib/libpt-dbg_1.2.5-5woody1_alpha.deb
          Size/MD5 checksum:  2270224 d51adae04e7caa1fb8c0c77c02ec366d
         http://security.debian.org/pool/updates/main/p/pwlib/libpt-dev_1.2.5-5woody1_alpha.deb
          Size/MD5 checksum:  1543738 9903ecfadacc28839ba71daebb2ce272
    
      ARM architecture:
    
         http://security.debian.org/pool/updates/main/p/pwlib/asnparser_1.2.5-5woody1_arm.deb
          Size/MD5 checksum:   133952 48cb63c89f21dad3e721bbc44d350824
         http://security.debian.org/pool/updates/main/p/pwlib/libpt-1.2.0_1.2.5-5woody1_arm.deb
          Size/MD5 checksum:   861230 a1d5d4f66be1c134039139e1d4b686fd
         http://security.debian.org/pool/updates/main/p/pwlib/libpt-dbg_1.2.5-5woody1_arm.deb
          Size/MD5 checksum:  1841968 a17d84ac845f1bd3ce70f6aab66026f6
         http://security.debian.org/pool/updates/main/p/pwlib/libpt-dev_1.2.5-5woody1_arm.deb
          Size/MD5 checksum:  1502856 d97cd24a9fca26db167d92ead0aa6077
    
      Intel IA-32 architecture:
    
         http://security.debian.org/pool/updates/main/p/pwlib/asnparser_1.2.5-5woody1_i386.deb
          Size/MD5 checksum:   112508 656f942f7909fb0d76f39973111d5839
         http://security.debian.org/pool/updates/main/p/pwlib/libpt-1.2.0_1.2.5-5woody1_i386.deb
          Size/MD5 checksum:   788502 c389e02adcf493e704c2a5a1b129a883
         http://security.debian.org/pool/updates/main/p/pwlib/libpt-dbg_1.2.5-5woody1_i386.deb
          Size/MD5 checksum:  1838780 aacb8d43274e1bed588659640d174a2d
         http://security.debian.org/pool/updates/main/p/pwlib/libpt-dev_1.2.5-5woody1_i386.deb
          Size/MD5 checksum:  1301568 c96d4b6b4004dd20dcf93f2b3081dcc3
    
      Intel IA-64 architecture:
    
         http://security.debian.org/pool/updates/main/p/pwlib/asnparser_1.2.5-5woody1_ia64.deb
          Size/MD5 checksum:   146510 f0f35a5d97c4e9c1bc4d71bc0c1f8d60
         http://security.debian.org/pool/updates/main/p/pwlib/libpt-1.2.0_1.2.5-5woody1_ia64.deb
          Size/MD5 checksum:   996212 e1bf67b0d5e64ba7910bc602b871e330
         http://security.debian.org/pool/updates/main/p/pwlib/libpt-dbg_1.2.5-5woody1_ia64.deb
          Size/MD5 checksum:  2466746 bf2a8caa6963954d1f7e95a978f76a5e
         http://security.debian.org/pool/updates/main/p/pwlib/libpt-dev_1.2.5-5woody1_ia64.deb
          Size/MD5 checksum:  1774658 7231677252682b0260e5c57469cb420f
    
      HP Precision architecture:
    
         http://security.debian.org/pool/updates/main/p/pwlib/asnparser_1.2.5-5woody1_hppa.deb
          Size/MD5 checksum:   149596 707e83b5967383808e7f353754864cbd
         http://security.debian.org/pool/updates/main/p/pwlib/libpt-1.2.0_1.2.5-5woody1_hppa.deb
          Size/MD5 checksum:   991818 24b024ec88157f7d30bd853883b3aabd
         http://security.debian.org/pool/updates/main/p/pwlib/libpt-dbg_1.2.5-5woody1_hppa.deb
          Size/MD5 checksum:  2847570 b60a52e989ec6fe77edff22547013d13
         http://security.debian.org/pool/updates/main/p/pwlib/libpt-dev_1.2.5-5woody1_hppa.deb
          Size/MD5 checksum:  1993572 dafc6b5a2adec05e389489c344b70a75
    
      Motorola 680x0 architecture:
    
         http://security.debian.org/pool/updates/main/p/pwlib/asnparser_1.2.5-5woody1_m68k.deb
          Size/MD5 checksum:   104312 e70cd451ac98f4d01615e1ec5096c816
         http://security.debian.org/pool/updates/main/p/pwlib/libpt-1.2.0_1.2.5-5woody1_m68k.deb
          Size/MD5 checksum:   858732 d513f7ca86a75a0b58cc2f120d47f05b
         http://security.debian.org/pool/updates/main/p/pwlib/libpt-dbg_1.2.5-5woody1_m68k.deb
          Size/MD5 checksum:  1891398 db5ec25f3f813da5be85a504ceae83bb
         http://security.debian.org/pool/updates/main/p/pwlib/libpt-dev_1.2.5-5woody1_m68k.deb
          Size/MD5 checksum:  1297004 b963c654b1cb7b66101b3cbe83c3494e
    
      Big endian MIPS architecture:
    
         http://security.debian.org/pool/updates/main/p/pwlib/asnparser_1.2.5-5woody1_mips.deb
          Size/MD5 checksum:   126130 86cb6659d891e1b9fecc915c1e06ea71
         http://security.debian.org/pool/updates/main/p/pwlib/libpt-1.2.0_1.2.5-5woody1_mips.deb
          Size/MD5 checksum:   758362 72c65ab5fd677f9a0f546f895142fe54
         http://security.debian.org/pool/updates/main/p/pwlib/libpt-dbg_1.2.5-5woody1_mips.deb
          Size/MD5 checksum:  1998404 15532db557ca3a7358330d30a3273cf1
         http://security.debian.org/pool/updates/main/p/pwlib/libpt-dev_1.2.5-5woody1_mips.deb
          Size/MD5 checksum:  1457282 248b40bcf4cb8a5a5c5b4074b457d001
    
      PowerPC architecture:
    
         http://security.debian.org/pool/updates/main/p/pwlib/asnparser_1.2.5-5woody1_powerpc.deb
          Size/MD5 checksum:   107404 eadf9a2ae2a8672669b7692c53cf1e9e
         http://security.debian.org/pool/updates/main/p/pwlib/libpt-1.2.0_1.2.5-5woody1_powerpc.deb
          Size/MD5 checksum:   918814 3b180bd91862ae1f55f0d590359e6ffa
         http://security.debian.org/pool/updates/main/p/pwlib/libpt-dbg_1.2.5-5woody1_powerpc.deb
          Size/MD5 checksum:  2269394 12646912e9fead507821e021806b4dc5
         http://security.debian.org/pool/updates/main/p/pwlib/libpt-dev_1.2.5-5woody1_powerpc.deb
          Size/MD5 checksum:  1659834 9077a25b959e5a7b4d804936ee7f69bb
    
      IBM S/390 architecture:
    
         http://security.debian.org/pool/updates/main/p/pwlib/asnparser_1.2.5-5woody1_s390.deb
          Size/MD5 checksum:    97532 1b421333f3099dc46539dc4df4078ce7
         http://security.debian.org/pool/updates/main/p/pwlib/libpt-1.2.0_1.2.5-5woody1_s390.deb
          Size/MD5 checksum:   832288 5f4ce30d3fc952317ca233dbd986ad3e
         http://security.debian.org/pool/updates/main/p/pwlib/libpt-dbg_1.2.5-5woody1_s390.deb
          Size/MD5 checksum:  1930542 e738de76f0665c761f5ff309ed238fa2
         http://security.debian.org/pool/updates/main/p/pwlib/libpt-dev_1.2.5-5woody1_s390.deb
          Size/MD5 checksum:  1307926 08e82668880d288c18f472bf291a187c
    
      Sun Sparc architecture:
    
         http://security.debian.org/pool/updates/main/p/pwlib/asnparser_1.2.5-5woody1_sparc.deb
          Size/MD5 checksum:   105478 19ef591ed5fbd335e3a1d6cf33e177f6
         http://security.debian.org/pool/updates/main/p/pwlib/libpt-1.2.0_1.2.5-5woody1_sparc.deb
          Size/MD5 checksum:   781956 52cb039ef81f2ff5dd1e8b897063e304
         http://security.debian.org/pool/updates/main/p/pwlib/libpt-dbg_1.2.5-5woody1_sparc.deb
          Size/MD5 checksum:  1906046 049defa3090dc3a97a73c6e6d194d603
         http://security.debian.org/pool/updates/main/p/pwlib/libpt-dev_1.2.5-5woody1_sparc.deb
          Size/MD5 checksum:  1367208 b10e687e83792b0897872431bee9e118
    
      These files will probably be moved into the stable distribution on
      its next revision.
    
    - ---------------------------------------------------------------------------------
    For apt-get: deb  http://security.debian.org/ stable/updates main
    For dpkg-ftp:  ftp://security.debian.org/debian-security dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    Package info: `apt-cache show ' and  http://packages.debian.org/
    
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"22","type":"x","order":"1","pct":55,"resources":[]},{"id":"88","title":"Should be more technical","votes":"5","type":"x","order":"2","pct":12.5,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"13","type":"x","order":"3","pct":32.5,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.