security advisorymoderateupdate
Another buffer overflow was discovered in xbl, distinct from the one addressed in DSA-327 (CAN-2003-0451), involving the -display command line option.. - -------------------------------------------------------------------------- Debian Security Advisory DSA 345-1 This email address is being protected from spambots. You need JavaScript enabled to view it. Debian -- Security Information Matt Zimmerman July 8th, 2003 Debian -- Debian security FAQ - -------------------------------------------------------------------------- Package : xbl Vulnerability : buffer overflow Problem-Type : local Debian-specific: no CVE Ids : CAN-2003-0535 Another buffer overflow was discovered in xbl, distinct from the one addressed in DSA-327 (CAN-2003-0451), involving the -display command line option. This vulnerability could be exploited by a local attacker to gain gid 'games'. For the stable distribution (woody) this problem has been fixed in version 1.0k-3woody2. For the unstable distribution (sid) this problem is fixed in version 1.0k-6. We recommend that you update your xbl package. Upgrade Instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.0 alias woody - -------------------------------- Source archives: Size/MD5 checksum: 567 cc617cf2ab0beba1290a1948dec24015 Size/MD5 checksum: 10093 8e0ac57663ff0657bbcd406ae40d99e8 Size/MD5 checksum: 135080 22e7822a449ae5b68695158fd59ea49c Alpha architecture: Size/MD5 checksum: 122282 4d9b7d78318306f488831477d6b31ae6 ARM architecture: Size/MD5 checksum: 111098 300c03bdd43a4413ac72346c14cae0ed Intel IA-32 architecture: Size/MD5 checksum: 103296 54bfaa17756365c4559b608ee596c262 Intel IA-64 architecture: Size/MD5 checksum: 151432 4e26d6422591122e4cf22ae16f60e6cf HP Precision architecture: Size/MD5 checksum: 116784 91232ce406230a0970b306dc0a5f1b9f Motorola 680x0 architecture: Size/MD5 checksum: 97746 89dfc31946135fbde0d1a723f4c69304 Big endian MIPS architecture: Size/MD5 checksum: 116010 feb3b79691e096b7006e01fcdcb4d987 Little endian MIPS architecture: Size/MD5 checksum: 115888 67367915c9c2b73a31d679ea87fa5636 PowerPC architecture: Size/MD5 checksum: 112178 59472b074ff777847bfd741a23b48f5d IBM S/390 architecture: Size/MD5 checksum: 106278 aeeb3522110d4308fab12ac704942491 Sun Sparc architecture: Size/MD5 checksum: 111230 8bd8f330c33d7d00bff11db1ac4318ed These files will probably be moved into the stable distribution on its next revision. - --------------------------------------------------------------------------------- For apt-get: deb Debian -- Security Information stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. Package info: `apt-cache show ' and https://www.debian.org/distrib/packages . To address the xbl buffer overflow vulnerability, implement input validation, secure coding practices, and regular updates, ensuring robust security measures are in place. Debian Security Advisory,xbl Update,Buffer Overflow,Local Exploit. . LinuxSecurity.com Team
Jul 10, 2003
Debian
Refine advisories
