Neil McGovern
2005-Sep-03 15:02 UTC
[Secure-testing-commits] r1798 - data/DTSA website website/DTSA
Author: neilm Date: 2005-09-03 15:02:10 +0000 (Sat, 03 Sep 2005) New Revision: 1798 Added: website/DTSA/DTSA-1-1.html website/DTSA/DTSA-10-1.html website/DTSA/DTSA-11-1.html website/DTSA/DTSA-2-1.html website/DTSA/DTSA-3-1.html website/DTSA/DTSA-4-1.html website/DTSA/DTSA-5-1.html website/DTSA/DTSA-6-1.html website/DTSA/DTSA-7-1.html website/DTSA/DTSA-8-2.html website/DTSA/DTSA-9-1.html website/list.html Modified: data/DTSA/DTSA-1-1 data/DTSA/DTSA-10-1 data/DTSA/DTSA-11-1 data/DTSA/DTSA-2-1 data/DTSA/DTSA-3-1 data/DTSA/DTSA-4-1 data/DTSA/DTSA-5-1 data/DTSA/DTSA-6-1 data/DTSA/DTSA-7-1 data/DTSA/DTSA-8-1 data/DTSA/DTSA-8-2 data/DTSA/DTSA-9-1 data/DTSA/dtsa data/DTSA/list website/index.html Log: We now list DTSAs online. Hopefully. Modified: data/DTSA/DTSA-1-1 ==================================================================--- data/DTSA/DTSA-1-1 2005-09-03 14:46:03 UTC (rev 1797) +++ data/DTSA/DTSA-1-1 2005-09-03 15:02:10 UTC (rev 1798) @@ -5,35 +5,35 @@ ------------------------------------------------------------------------------ Package : kismet -Vulnerability : remote code execution -Problem-Type : remote -Debian-specific: no -CVE ID : CAN-2005-2626 CAN-2005-2627 +Vulnerability : various +Problem-Scope : remote +Debian-specific: No +CVE ID : CAN-2005-2626 CAN-2005-2627 Multiple security holes have been discovered in kismet: - CAN-2005-2627 +CAN-2005-2627 - Multiple integer underflows in Kismet allow remote attackers to execute - arbitrary code via (1) kernel headers in a pcap file or (2) data frame - dissection, which leads to heap-based buffer overflows. +Multiple integer underflows in Kismet allow remote attackers to execute +arbitrary code via (1) kernel headers in a pcap file or (2) data frame +dissection, which leads to heap-based buffer overflows. - CAN-2005-2626 +CAN-2005-2626 - Unspecified vulnerability in Kismet allows remote attackers to have an - unknown impact via unprintable characters in the SSID. +Unspecified vulnerability in Kismet allows remote attackers to have an +unknown impact via unprintable characters in the SSID. For the testing distribution (etch) this is fixed in version -2005.08.R1-0.1etch1. +2005.08.R1-0.1etch1 For the unstable distribution (sid) this is fixed in version -2005.08.R1-1. +2005.08.R1-1 -This upgrade is strongly recommended if you use kismet. +This upgrade is recommended if you use kismet. -The Debian testing security team does not track security issues for the -stable distribution (woody). If stable is vulnerable, the Debian security -team will make an announcement once a fix is ready. +The Debian testing security team does not track security issues for then +stable (sarge) and oldstable (woody) distributions. If stable is vulnerable, +the Debian security team will make an announcement once a fix is ready. Upgrade Instructions -------------------- @@ -41,16 +41,15 @@ To use the Debian testing security archive, add the following lines to your /etc/apt/sources.list: - deb http://secure-testing.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free - deb-src http://secure-testing.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free +deb http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free +deb-src http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free The archive signing key can be downloaded from http://secure-testing.debian.net/ziyi-2005-7.asc To install the update, run this command as root: - apt-get update && apt-get install kismet +apt-get update && apt-get install kismet For further information about the Debian testing security team, please refer to http://secure-testing.debian.net/ - Modified: data/DTSA/DTSA-10-1 ==================================================================--- data/DTSA/DTSA-10-1 2005-09-03 14:46:03 UTC (rev 1797) +++ data/DTSA/DTSA-10-1 2005-09-03 15:02:10 UTC (rev 1798) @@ -32,8 +32,8 @@ To use the Debian testing security archive, add the following lines to your /etc/apt/sources.list: -deb http://secure-testing.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free -deb-src http://secure-testing.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free +deb http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free +deb-src http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free The archive signing key can be downloaded from http://secure-testing.debian.net/ziyi-2005-7.asc Modified: data/DTSA/DTSA-11-1 ==================================================================--- data/DTSA/DTSA-11-1 2005-09-03 14:46:03 UTC (rev 1797) +++ data/DTSA/DTSA-11-1 2005-09-03 15:02:10 UTC (rev 1798) @@ -1,14 +1,14 @@ ------------------------------------------------------------------------------ +------------------------------------------------------------------------------ Debian Testing Security Advisory DTSA-11-1 http://secure-testing.debian.net secure-testing-team@lists.alioth.debian.org Andres Salomon August 29th, 2005 ------------------------------------------------------------------------------ +------------------------------------------------------------------------------ Package : maildrop Vulnerability : local privilege escalation -Problem-Type : local -Debian-specific: yes -CVE ID : CAN-2005-2655 +Problem-Scope : local +Debian-specific: Yes +CVE ID : CAN-2005-2655 The lockmail binary shipped with maildrop allows for an attacker to obtain an effective gid as group "mail". Debian ships the binary with its @@ -18,16 +18,16 @@ group. For the testing distribution (etch) this is fixed in version -1.5.3-1.1etch1. +1.5.3-1.1etch1 For the unstable distribution (sid) this is fixed in version -1.5.3-2. +1.5.3-2 -This upgrade is strongly recommended if you use maildrop. +This upgrade is recommended if you use maildrop. -The Debian testing security team does not track security issues for the -stable distribution (woody). If stable is vulnerable, the Debian security -team will make an announcement once a fix is ready. +The Debian testing security team does not track security issues for then +stable (sarge) and oldstable (woody) distributions. If stable is vulnerable, +the Debian security team will make an announcement once a fix is ready. Upgrade Instructions -------------------- @@ -35,16 +35,15 @@ To use the Debian testing security archive, add the following lines to your /etc/apt/sources.list: - deb http://secure-testing.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free - deb-src http://secure-testing.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free +deb http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free +deb-src http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free The archive signing key can be downloaded from http://secure-testing.debian.net/ziyi-2005-7.asc To install the update, run this command as root: - apt-get update && apt-get install maildrop +apt-get update && apt-get install maildrop For further information about the Debian testing security team, please refer to http://secure-testing.debian.net/ - Modified: data/DTSA/DTSA-2-1 ==================================================================--- data/DTSA/DTSA-2-1 2005-09-03 14:46:03 UTC (rev 1797) +++ data/DTSA/DTSA-2-1 2005-09-03 15:02:10 UTC (rev 1798) @@ -1,51 +1,51 @@ ------------------------------------------------------------------------------ +------------------------------------------------------------------------------ Debian Testing Security Advisory DTSA-2-1 http://secure-testing.debian.net secure-testing-team@lists.alioth.debian.org Joey Hess August 28th, 2005 ------------------------------------------------------------------------------ +------------------------------------------------------------------------------ Package : centericq Vulnerability : multiple vulnerabilities -Problem-Type : local and remote -Debian-specific: no -CVE ID : CAN-2005-2448 CAN-2005-2370 CAN-2005-2369 CAN-2005-1914 +Problem-Scope : local and remote +Debian-specific: No +CVE ID : CAN-2005-2448 CAN-2005-2370 CAN-2005-2369 CAN-2005-1914 centericq in testing is vulnerable to multiple security holes: CAN-2005-2448 - Multiple endianness errors in libgadu, which is embedded in centericq, - allow remote attackers to cause a denial of service (invalid behaviour in - applications) on big-endian systems. +Multiple endianness errors in libgadu, which is embedded in centericq, +allow remote attackers to cause a denial of service (invalid behaviour in +applications) on big-endian systems. CAN-2005-2370 - Multiple memory alignment errors in libgadu, which is embedded in - centericq, allows remote attackers to cause a denial of service (bus error) - on certain architectures such as SPARC via an incoming message. +Multiple memory alignment errors in libgadu, which is embedded in +centericq, allows remote attackers to cause a denial of service (bus error) +on certain architectures such as SPARC via an incoming message. CAN-2005-2369 - Multiple integer signedness errors in libgadu, which is embedded in - centericq, may allow remote attackers to cause a denial of service - or execute arbitrary code. +Multiple integer signedness errors in libgadu, which is embedded in +centericq, may allow remote attackers to cause a denial of service +or execute arbitrary code. CAN-2005-1914 - centericq creates temporary files with predictable file names, which - allows local users to overwrite arbitrary files via a symlink attack. +centericq creates temporary files with predictable file names, which +allows local users to overwrite arbitrary files via a symlink attack. For the testing distribution (etch) this is fixed in version -4.20.0-8etch1. +4.20.0-8etch1 For the unstable distribution (sid) this is fixed in version -4.20.0-9. +4.20.0-9 This upgrade is recommended if you use centericq. -The Debian testing security team does not track security issues for the -stable distribution (woody). If stable is vulnerable, the Debian security -team will make an announcement once a fix is ready. +The Debian testing security team does not track security issues for then +stable (sarge) and oldstable (woody) distributions. If stable is vulnerable, +the Debian security team will make an announcement once a fix is ready. Upgrade Instructions -------------------- @@ -53,16 +53,15 @@ To use the Debian testing security archive, add the following lines to your /etc/apt/sources.list: - deb http://secure-testing.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free - deb-src http://secure-testing.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free +deb http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free +deb-src http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free The archive signing key can be downloaded from http://secure-testing.debian.net/ziyi-2005-7.asc To install the update, run this command as root: - apt-get update && apt-get upgrade +apt-get update && apt-get install centericq For further information about the Debian testing security team, please refer to http://secure-testing.debian.net/ - Modified: data/DTSA/DTSA-3-1 ==================================================================--- data/DTSA/DTSA-3-1 2005-09-03 14:46:03 UTC (rev 1797) +++ data/DTSA/DTSA-3-1 2005-09-03 15:02:10 UTC (rev 1798) @@ -1,60 +1,60 @@ ------------------------------------------------------------------------------ +------------------------------------------------------------------------------ Debian Testing Security Advisory DTSA-3-1 http://secure-testing.debian.net secure-testing-team@lists.alioth.debian.org Joey Hess August 28th, 2005 ------------------------------------------------------------------------------ +------------------------------------------------------------------------------ Package : clamav Vulnerability : denial of service and privilege escalation -Problem-Type : remote -Debian-specific: no +Problem-Scope : remote +Debian-specific: No CVE ID : CAN-2005-2070 CAN-2005-1923 CAN-2005-2056 CAN-2005-1922 CAN-2005-2450 Multiple security holes were found in clamav: CAN-2005-2070 - The ClamAV Mail fILTER (clamav-milter), when used in Sendmail using long - timeouts, allows remote attackers to cause a denial of service by keeping - an open connection, which prevents ClamAV from reloading. +The ClamAV Mail fILTER (clamav-milter), when used in Sendmail using long +timeouts, allows remote attackers to cause a denial of service by keeping +an open connection, which prevents ClamAV from reloading. CAN-2005-1923 - The ENSURE_BITS macro in mszipd.c for Clam AntiVirus (ClamAV) allows remote - attackers to cause a denial of service (CPU consumption by infinite loop) - via a cabinet (CAB) file with the cffile_FolderOffset field set to 0xff, - which causes a zero-length read. +The ENSURE_BITS macro in mszipd.c for Clam AntiVirus (ClamAV) allows remote +attackers to cause a denial of service (CPU consumption by infinite loop) +via a cabinet (CAB) file with the cffile_FolderOffset field set to 0xff, +which causes a zero-length read. CAN-2005-2056 - The Quantum archive decompressor in Clam AntiVirus (ClamAV) allows remote - attackers to cause a denial of service (application crash) via a crafted - Quantum archive. +The Quantum archive decompressor in Clam AntiVirus (ClamAV) allows remote +attackers to cause a denial of service (application crash) via a crafted +Quantum archive. CAN-2005-1922 - The MS-Expand file handling in Clam AntiVirus (ClamAV) allows remote - attackers to cause a denial of service (file descriptor and memory - consumption) via a crafted file that causes repeated errors in the - cli_msexpand function. +The MS-Expand file handling in Clam AntiVirus (ClamAV) allows remote +attackers to cause a denial of service (file descriptor and memory +consumption) via a crafted file that causes repeated errors in the +cli_msexpand function. CAN-2005-2450 - Multiple integer overflows in the (1) TNEF, (2) CHM, or (3) FSG file - format processors in libclamav for Clam AntiVirus (ClamAV) allow remote - attackers to gain privileges via a crafted e-mail message. +Multiple integer overflows in the (1) TNEF, (2) CHM, or (3) FSG file +format processors in libclamav for Clam AntiVirus (ClamAV) allow remote +attackers to gain privileges via a crafted e-mail message. For the testing distribution (etch) this is fixed in version -0.86.2-4etch1. +0.86.2-4etch1 For the unstable distribution (sid) this is fixed in version -0.86.2-1. +0.86.2-1 -This upgrade is strongly recommended if you use clamav. +This upgrade is recommended if you use clamav. -The Debian testing security team does not track security issues for the -stable distribution (woody). If stable is vulnerable, the Debian security -team will make an announcement once a fix is ready. +The Debian testing security team does not track security issues for then +stable (sarge) and oldstable (woody) distributions. If stable is vulnerable, +the Debian security team will make an announcement once a fix is ready. Upgrade Instructions -------------------- @@ -62,16 +62,15 @@ To use the Debian testing security archive, add the following lines to your /etc/apt/sources.list: - deb http://secure-testing.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free - deb-src http://secure-testing.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free +deb http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free +deb-src http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free The archive signing key can be downloaded from http://secure-testing.debian.net/ziyi-2005-7.asc To install the update, run this command as root: - apt-get update && apt-get upgrade +apt-get update && apt-get install upgrade For further information about the Debian testing security team, please refer to http://secure-testing.debian.net/ - Modified: data/DTSA/DTSA-4-1 ==================================================================--- data/DTSA/DTSA-4-1 2005-09-03 14:46:03 UTC (rev 1797) +++ data/DTSA/DTSA-4-1 2005-09-03 15:02:10 UTC (rev 1798) @@ -1,56 +1,56 @@ ------------------------------------------------------------------------------ +------------------------------------------------------------------------------ Debian Testing Security Advisory DTSA-4-1 http://secure-testing.debian.net secure-testing-team@lists.alioth.debian.org Joey Hess August 28th, 2005 ------------------------------------------------------------------------------ +------------------------------------------------------------------------------ Package : ekg Vulnerability : multiple vulnerabilities -Problem-Type : local and remote -Debian-specific: no -CVE ID : CAN-2005-1916 CAN-2005-1851 CAN-2005-1850 CAN-2005-1852 CAN-2005-2448 +Problem-Scope : local and remote +Debian-specific: No +CVE ID : CAN-2005-1916 CAN-2005-1851 CAN-2005-1850 CAN-2005-1852 CAN-2005-2448 Multiple vulnerabilities were discovered in ekg: CAN-2005-1916 - Eric Romang discovered insecure temporary file creation and arbitrary - command execution in a contributed script that can be exploited by a local - attacker. +Eric Romang discovered insecure temporary file creation and arbitrary +command execution in a contributed script that can be exploited by a local +attacker. CAN-2005-1851 - Marcin Owsiany and Wojtek Kaniewski discovered potential shell command - injection in a contributed script. +Marcin Owsiany and Wojtek Kaniewski discovered potential shell command +injection in a contributed script. CAN-2005-1850 - Marcin Owsiany and Wojtek Kaniewski discovered insecure temporary file - creation in contributed scripts. +Marcin Owsiany and Wojtek Kaniewski discovered insecure temporary file +creation in contributed scripts. CAN-2005-1852 - Multiple integer overflows in libgadu, as used in ekg, allows remote - attackers to cause a denial of service (crash) and possibly execute - arbitrary code via an incoming message. +Multiple integer overflows in libgadu, as used in ekg, allows remote +attackers to cause a denial of service (crash) and possibly execute +arbitrary code via an incoming message. CAN-2005-2448 - Multiple endianness errors in libgadu in ekg allow remote attackers to - cause a denial of service (invalid behaviour in applications) on - big-endian systems. +Multiple endianness errors in libgadu in ekg allow remote attackers to +cause a denial of service (invalid behaviour in applications) on +big-endian systems. For the testing distribution (etch) this is fixed in version -1:1.5+20050808+1.6rc3-0etch1. +1:1.5+20050808+1.6rc3-0etch1 For the unstable distribution (sid) this is fixed in version -1:1.5+20050808+1.6rc3-1. +1:1.5+20050808+1.6rc3-1 This upgrade is recommended if you use ekg. -The Debian testing security team does not track security issues for the -stable distribution (woody). If stable is vulnerable, the Debian security -team will make an announcement once a fix is ready. +The Debian testing security team does not track security issues for then +stable (sarge) and oldstable (woody) distributions. If stable is vulnerable, +the Debian security team will make an announcement once a fix is ready. Upgrade Instructions -------------------- @@ -58,16 +58,15 @@ To use the Debian testing security archive, add the following lines to your /etc/apt/sources.list: - deb http://secure-testing.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free - deb-src http://secure-testing.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free +deb http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free +deb-src http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free The archive signing key can be downloaded from http://secure-testing.debian.net/ziyi-2005-7.asc To install the update, run this command as root: - apt-get update && apt-get install libgadu3 ekg +apt-get update && apt-get install libgadu3 ekg For further information about the Debian testing security team, please refer to http://secure-testing.debian.net/ - Modified: data/DTSA/DTSA-5-1 ==================================================================--- data/DTSA/DTSA-5-1 2005-09-03 14:46:03 UTC (rev 1797) +++ data/DTSA/DTSA-5-1 2005-09-03 15:02:10 UTC (rev 1798) @@ -1,47 +1,47 @@ ------------------------------------------------------------------------------ +------------------------------------------------------------------------------ Debian Testing Security Advisory DTSA-5-1 http://secure-testing.debian.net secure-testing-team@lists.alioth.debian.org Joey Hess August 28th, 2005 ------------------------------------------------------------------------------ +------------------------------------------------------------------------------ Package : gaim Vulnerability : multiple remote vulnerabilities -Problem-Type : remote -Debian-specific: no -CVE ID : CAN-2005-2102 CAN-2005-2370 CAN-2005-2103 +Problem-Scope : remote +Debian-specific: No +CVE ID : CAN-2005-2102 CAN-2005-2370 CAN-2005-2103 Multiple security holes were found in gaim: CAN-2005-2102 - The AIM/ICQ module in Gaim allows remote attackers to cause a denial of - service (application crash) via a filename that contains invalid UTF-8 - characters. +The AIM/ICQ module in Gaim allows remote attackers to cause a denial of +service (application crash) via a filename that contains invalid UTF-8 +characters. CAN-2005-2370 - Multiple memory alignment errors in libgadu, as used in gaim and other - packages, allow remote attackers to cause a denial of service (bus error) - on certain architectures such as SPARC via an incoming message. +Multiple memory alignment errors in libgadu, as used in gaim and other +packages, allow remote attackers to cause a denial of service (bus error) +on certain architectures such as SPARC via an incoming message. CAN-2005-2103 - Buffer overflow in the AIM and ICQ module in Gaim allows remote attackers - to cause a denial of service (application crash) and possibly execute - arbitrary code via an away message with a large number of AIM substitution - strings, such as %t or %n. +Buffer overflow in the AIM and ICQ module in Gaim allows remote attackers +to cause a denial of service (application crash) and possibly execute +arbitrary code via an away message with a large number of AIM substitution +strings, such as %t or %n. For the testing distribution (etch) this is fixed in version -1:1.4.0-5etch2. +1:1.4.0-5etch2 For the unstable distribution (sid) this is fixed in version -1:1.4.0-5. +1:1.4.0-5 -This upgrade is strongly recommended if you use gaim. +This upgrade is recommended if you use gaim. -The Debian testing security team does not track security issues for the -stable distribution (woody). If stable is vulnerable, the Debian security -team will make an announcement once a fix is ready. +The Debian testing security team does not track security issues for then +stable (sarge) and oldstable (woody) distributions. If stable is vulnerable, +the Debian security team will make an announcement once a fix is ready. Upgrade Instructions -------------------- @@ -49,16 +49,15 @@ To use the Debian testing security archive, add the following lines to your /etc/apt/sources.list: - deb http://secure-testing.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free - deb-src http://secure-testing.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free +deb http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free +deb-src http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free The archive signing key can be downloaded from http://secure-testing.debian.net/ziyi-2005-7.asc To install the update, run this command as root: - apt-get update && apt-get install gaim +apt-get update && apt-get install gaim For further information about the Debian testing security team, please refer to http://secure-testing.debian.net/ - Modified: data/DTSA/DTSA-6-1 ==================================================================--- data/DTSA/DTSA-6-1 2005-09-03 14:46:03 UTC (rev 1797) +++ data/DTSA/DTSA-6-1 2005-09-03 15:02:10 UTC (rev 1798) @@ -1,41 +1,42 @@ ------------------------------------------------------------------------------ +------------------------------------------------------------------------------ Debian Testing Security Advisory DTSA-6-1 http://secure-testing.debian.net secure-testing-team@lists.alioth.debian.org Neil McGovern August 28th, 2005 ------------------------------------------------------------------------------ +------------------------------------------------------------------------------ Package : cgiwrap Vulnerability : multiple vulnerabilities -Problem-Type : remote -Debian-specific: yes,no +Problem-Scope : remote +Debian-specific: No +CVE ID : Javier Fernández-Sanguino Peña discovered various vulnerabilities in cgiwrap: Minimum UID does not include all system users - The CGIwrap program will not seteuid itself to uids below the ''minimum'' uid - to prevent scripts from being misused to compromise the system. However, - the Debian package sets the minimum uid to 100 when it should be 1000. +The CGIwrap program will not seteuid itself to uids below the ''minimum'' uid +to prevent scripts from being misused to compromise the system. However, +the Debian package sets the minimum uid to 100 when it should be 1000. CGIs can be used to disclose system information - The cgiwrap (and php-cgiwrap) package installs some debugging CGIs - (actually symbolink links, which link to cgiwrap and are called ''cgiwrap'' - and ''nph-cgiwrap'' or link to php-cgiwrap). These CGIs should not be - installed in production environments as they disclose internal and - potentially sensible information. +The cgiwrap (and php-cgiwrap) package installs some debugging CGIs +(actually symbolink links, which link to cgiwrap and are called ''cgiwrap'' +and ''nph-cgiwrap'' or link to php-cgiwrap). These CGIs should not be +installed in production environments as they disclose internal and +potentially sensible information. For the testing distribution (etch) this is fixed in version -3.9-3.0etch1. +3.9-3.0etch1 For the unstable distribution (sid) this is fixed in version -3.9-3.1. +3.9-3.1 -This upgrade is encouraged if you use cgiwrap. +This upgrade is recommended if you use cgiwrap. -The Debian testing security team does not track security issues for the -stable distribution (woody). If stable is vulnerable, the Debian security -team will make an announcement once a fix is ready. +The Debian testing security team does not track security issues for then +stable (sarge) and oldstable (woody) distributions. If stable is vulnerable, +the Debian security team will make an announcement once a fix is ready. Upgrade Instructions -------------------- @@ -43,8 +44,8 @@ To use the Debian testing security archive, add the following lines to your /etc/apt/sources.list: - deb http://secure-testing.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free - deb-src http://secure-testing.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free +deb http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free +deb-src http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free The archive signing key can be downloaded from http://secure-testing.debian.net/ziyi-2005-7.asc @@ -55,6 +56,6 @@ If you use php-cgiwrap: apt-get update && apt-get install php-cgiwrap + For further information about the Debian testing security team, please refer to http://secure-testing.debian.net/ - Modified: data/DTSA/DTSA-7-1 ==================================================================--- data/DTSA/DTSA-7-1 2005-09-03 14:46:03 UTC (rev 1797) +++ data/DTSA/DTSA-7-1 2005-09-03 15:02:10 UTC (rev 1798) @@ -16,6 +16,8 @@ fixed as it uses Mozilla components. Mozilla Firefox is vulnerable and will be covered by a separate advisory. +Note that this is the same security fix put into stable in DSA-777. + For the testing distribution (etch) this is fixed in version 2:1.7.8-1sarge1 @@ -24,7 +26,9 @@ This upgrade is recommended if you use mozilla. -Note that this is the same security fix put into stable in DSA-777. +The Debian testing security team does not track security issues for then +stable (sarge) and oldstable (woody) distributions. If stable is vulnerable, +the Debian security team will make an announcement once a fix is ready. Upgrade Instructions -------------------- @@ -32,15 +36,15 @@ To use the Debian testing security archive, add the following lines to your /etc/apt/sources.list: -deb http://secure-testing.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free -deb-src http://secure-testing.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free +deb http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free +deb-src http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free The archive signing key can be downloaded from http://secure-testing.debian.net/ziyi-2005-7.asc To install the update, run this command as root: -apt-get update && apt-get upgrade +apt-get update && apt-get install mozilla For further information about the Debian testing security team, please refer to http://secure-testing.debian.net/ Modified: data/DTSA/DTSA-8-1 ==================================================================--- data/DTSA/DTSA-8-1 2005-09-03 14:46:03 UTC (rev 1797) +++ data/DTSA/DTSA-8-1 2005-09-03 15:02:10 UTC (rev 1798) @@ -1,15 +1,22 @@ ------------------------------------------------------------------------------ Debian Testing Security Advisory DTSA-8-1 http://secure-testing.debian.net secure-testing-team@lists.alioth.debian.org Joey Hess -August 28th, 2005 +September 1st, 2005 ------------------------------------------------------------------------------ Package : mozilla-firefox -Vulnerability : several vulnerabilities +Vulnerability : several vulnerabilities (update) Problem-Scope : remote Debian-specific: No -CVE ID : CAN-2004-0718 CAN-2005-1937 CAN-2005-2260 CAN-2005-2261 CAN-2005-2262 CAN-2005-2263 CAN-2005-2264 CAN-2005-2265 CAN-2005-2266 CAN-2005-2267 CAN-2005-2268 CAN-2005-2269 CAN-2005-2270 +CVE ID : CAN-2004-0718 CAN-2005-1937 CAN-2005-2260 CAN-2005-2261 CAN-2005-2262 CAN-2005-2263 CAN-2005-2264 CAN-2005-2265 CAN-2005-2266 CAN-2005-2267 CAN-2005-2268 CAN-2005-2269 CAN-2005-2270 +We experienced that the update for Mozilla Firefox from DTSA-8-1 +unfortunately was a regression in several cases. Since the usual +praxis of backporting apparently does not work, this update is +basically version 1.0.6 with the version number rolled back, and hence +still named 1.0.4-*. For completeness below is the original advisory +text: + Several problems were discovered in Mozilla Firefox: CAN-2004-0718 CAN-2005-1937 @@ -75,16 +82,20 @@ The Mozilla browser family does not properly clone base objects, which allows remote attackers to execute arbitrary code. +Note that this is the same set of security fixes put into stable in +DSA-775 and DSA-779, and updated in DSA-779-2. + For the testing distribution (etch) this is fixed in version -1.0.4-2sarge2 +1.0.4-2sarge3 For the unstable distribution (sid) this is fixed in version 1.0.6-3 This upgrade is recommended if you use mozilla-firefox. -Note that this is the same set of security fixes put into stable in -DSA-775 and DSA-779. +The Debian testing security team does not track security issues for then +stable (sarge) and oldstable (woody) distributions. If stable is vulnerable, +the Debian security team will make an announcement once a fix is ready. Upgrade Instructions -------------------- @@ -92,15 +103,15 @@ To use the Debian testing security archive, add the following lines to your /etc/apt/sources.list: -deb http://secure-testing.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free -deb-src http://secure-testing.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free +deb http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free +deb-src http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free The archive signing key can be downloaded from http://secure-testing.debian.net/ziyi-2005-7.asc To install the update, run this command as root: -apt-get update && apt-get install mozilla-firefox +apt-get update && apt-get install mozilla-firefoxFIXME, I''m broken For further information about the Debian testing security team, please refer to http://secure-testing.debian.net/ Modified: data/DTSA/DTSA-8-2 ==================================================================--- data/DTSA/DTSA-8-2 2005-09-03 14:46:03 UTC (rev 1797) +++ data/DTSA/DTSA-8-2 2005-09-03 15:02:10 UTC (rev 1798) @@ -1,5 +1,5 @@ ------------------------------------------------------------------------------ -Debian Testing Security Advisory DTSA-8-2 http://secure-testing.debian.net +Debian Testing Security Advisory DTSA-8-1 http://secure-testing.debian.net secure-testing-team@lists.alioth.debian.org Joey Hess September 1st, 2005 ------------------------------------------------------------------------------ @@ -103,8 +103,8 @@ To use the Debian testing security archive, add the following lines to your /etc/apt/sources.list: -deb http://secure-testing.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free -deb-src http://secure-testing.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free +deb http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free +deb-src http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free The archive signing key can be downloaded from http://secure-testing.debian.net/ziyi-2005-7.asc Modified: data/DTSA/DTSA-9-1 ==================================================================--- data/DTSA/DTSA-9-1 2005-09-03 14:46:03 UTC (rev 1797) +++ data/DTSA/DTSA-9-1 2005-09-03 15:02:10 UTC (rev 1798) @@ -32,8 +32,8 @@ To use the Debian testing security archive, add the following lines to your /etc/apt/sources.list: -deb http://secure-testing.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free -deb-src http://secure-testing.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free +deb http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free +deb-src http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free The archive signing key can be downloaded from http://secure-testing.debian.net/ziyi-2005-7.asc Modified: data/DTSA/dtsa ==================================================================--- data/DTSA/dtsa 2005-09-03 14:46:03 UTC (rev 1797) +++ data/DTSA/dtsa 2005-09-03 15:02:10 UTC (rev 1798) @@ -92,7 +92,7 @@ def construct_dtsa_list(date, dtsa_id, cve, src, vuln_type, testing_fix): l_f = open(os.getcwd() + "/list", "a") # What do we need the date for? - l_f.write("[01 Jan 1969] " + dtsa_id + " " + src + " - " + vuln_type + "\n") + l_f.write("[" + date + "] " + dtsa_id + " " + src + " - " + vuln_type + "\n") cves = "" if len(cve) > 0: for i in cve: @@ -193,7 +193,7 @@ # ascii.write("Vendor advisory: " + vendor_advisory + "\n") # else: # ascii.write("Vendor advisory: Not available\n") - cves = "CVE ID : " + cves = "CVE ID : " if len(cve) > 0: for i in cve: cves += i Modified: data/DTSA/list ==================================================================--- data/DTSA/list 2005-09-03 14:46:03 UTC (rev 1797) +++ data/DTSA/list 2005-09-03 15:02:10 UTC (rev 1798) @@ -1,32 +1,34 @@ -[29 Aug 2005] DTSA-11-1 maildrop - local privilege escalation - {CAN-2005-2655} - - maildrop 1.5.3-1.1etch1 (high) -[31 Aug 2005] DTSA-10-1 pcre3 - buffer overflow - {CAN-2005-2491} - - pcre3 6.3-0.1etch1 (high) -[31 Aug 2005] DTSA-9-1 bluez-utils - bad device name escaping - {CAN-2005-2547} - - bluez-utils 2.19-0.1etch1 (high) -[28 Aug 2005] DTSA-8-2 mozilla-firefox - several vulnerabilities - {CAN-2004-0718 CAN-2005-1937 CAN-2005-2260 CAN-2005-2261 CAN-2005-2262 CAN-2005-2263 CAN-2005-2264 CAN-2005-2265 CAN-2005-2266 CAN-2005-2267 CAN-2005-2268 CAN-2005-2269 CAN-2005-2270} - - mozilla-firefox 1.0.4-2sarge3 (high) -[28 Aug 2005] DTSA-7-1 mozilla - frame injection spoofing - {CAN-2004-0718 CAN-2005-1937} - - mozilla 2:1.7.8-1sarge1 (high) -[28 Aug 2005] DTSA-6-1 cgiwrap - multiple vulnerabilities - - cgiwrap 3.9-3.0etch1 (low) -[27 Aug 2005] DTSA-5-1 gaim - multiple remote vulnerabilities - {CAN-2005-2102 CAN-2005-2370 CAN-2005-2103} - - gaim 1:1.4.0-5etch2 (high) -[27 Aug 2005] DTSA-4-1 ekg - multiple vulnerabilities - {CAN-2005-1916 CAN-2005-1851 CAN-2005-1850 CAN-2005-1852 CAN-2005-2448} - - ekg 1:1.5+20050808+1.6rc3-0etch1 (low) -[27 Aug 2005] DTSA-3-1 clamav - denial of service and privilege escalation - {CAN-2005-2070 CAN-2005-1923 CAN-2005-2056 CAN-2005-1922 CAN-2005-2450} - - clamav 0.86.2-4etch1 (high) -[27 Aug 2005] DTSA-2-1 centericq - multiple vulnerabilities - {CAN-2005-2448 CAN-2005-2370 CAN-2005-2369 CAN-2005-1914} - - centericq 4.20.0-8etch1 (medium) -[26 Aug 2005] DTSA-1-1 kismet - remote code execution - {CAN-2005-2626 CAN-2005-2627} - - kismet 2005.08.R1-0.1etch1 (high) +[August 26th, 2005] DTSA-1-1 kismet - various + {CAN-2005-2626 CAN-2005-2627 } + - kismet 2005.08.R1-0.1etch1 +[August 28th, 2005] DTSA-2-1 centericq - multiple vulnerabilities + {CAN-2005-2448 CAN-2005-2370 CAN-2005-2369 CAN-2005-1914 } + - centericq 4.20.0-8etch1 +[August 28th, 2005] DTSA-3-1 clamav - denial of service and privilege escalation + {CAN-2005-2070 CAN-2005-1923 CAN-2005-2056 CAN-2005-1922 CAN-2005-2450 } + - clamav 0.86.2-4etch1 +[August 28th, 2005] DTSA-4-1 ekg - multiple vulnerabilities + {CAN-2005-1916 CAN-2005-1851 CAN-2005-1850 CAN-2005-1852 CAN-2005-2448 } + - ekg 1:1.5+20050808+1.6rc3-0etch1 +[August 28th, 2005] DTSA-5-1 gaim - multiple remote vulnerabilities + {CAN-2005-2102 CAN-2005-2370 CAN-2005-2103 } + - gaim 1:1.4.0-5etch2 +[August 28th, 2005] DTSA-6-1 cgiwrap - multiple vulnerabilities + { } + - cgiwrap 3.9-3.0etch1 +[August 28th, 2005] DTSA-7-1 mozilla - frame injection spoofing + {CAN-2004-0718 CAN-2005-1937 } + - mozilla 2:1.7.8-1sarge1 +[September 1st, 2005] DTSA-8-2 mozilla-firefox - several vulnerabilities (update) + {CAN-2004-0718 CAN-2005-1937 CAN-2005-2260 CAN-2005-2261 CAN-2005-2262 CAN-2005-2263 CAN-2005-2264 CAN-2005-2265 CAN-2005-2266 CAN-2005-2267 CAN-2005-2268 CAN-2005-2269 CAN-2005-2270 } + - mozilla-firefox 1.0.4-2sarge3 + TODO: unreleased +[August 31st, 2005] DTSA-9-1 bluez-utils - bad device name escaping + {CAN-2005-2547 } + - bluez-utils 2.19-0.1etch1 +[August 29th, 2005] DTSA-10-1 pcre3 - buffer overflow + {CAN-2005-2491 } + - pcre3 6.3-0.1etch1 +[August 29th, 2005] DTSA-11-1 maildrop - local privilege escalation + {CAN-2005-2655 } + - maildrop 1.5.3-1.1etch1 Added: website/DTSA/DTSA-1-1.html ==================================================================--- website/DTSA/DTSA-1-1.html 2005-09-03 14:46:03 UTC (rev 1797) +++ website/DTSA/DTSA-1-1.html 2005-09-03 15:02:10 UTC (rev 1798) @@ -0,0 +1,54 @@ +<h2>DTSA-1-1</h2> +<dl> +<dt>Date Reported:</dt> +<dd>August 26th, 2005</dd> +<dt>Affected Package:</dt> +<dd><a href=''http://packages.debian.org/src:kismet''>kismet</a></dd> +<dt>Vulnerability:</dt> +<dd>various</dd> +<dt>Problem-Scope:</dt> +<dd>remote</dd> +<dt>Debian-specific:</dt> +<dd>No<br></dd> +<dt>CVE:</dt> +<dd> +<a href=''http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2626''>CAN-2005-2626</a> +<a href=''http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2627''>CAN-2005-2627</a> +<br></dd> +<br><dt>More information:</dt> +<dd>Multiple security holes have been discovered in kismet: <br> + <br> +CAN-2005-2627 <br> + <br> +Multiple integer underflows in Kismet allow remote attackers to execute <br> +arbitrary code via (1) kernel headers in a pcap file or (2) data frame <br> +dissection, which leads to heap-based buffer overflows. <br> + <br> +CAN-2005-2626 <br> + <br> +Unspecified vulnerability in Kismet allows remote attackers to have an <br> +unknown impact via unprintable characters in the SSID. <br> +</dd> +<br><dt>For the testing distribution (etch) this is fixed in version 2005.08.R1-0.1etch1</dt> +<dt>For the unstable distribution (sid) this is fixed in version 2005.08.R1-1</dt> +<br><dt>This upgrade is recommended if you use kismet.<dt> +<br><dt>If you have the secure testing lines in your sources.list, you can update by running this command as root:</dt> + +<dd>apt-get update && apt-get install kismet</dd> +<br> + +<dt>The Debian testing security team does not track security issues for then stable (sarge) and oldstable (woody) distributions. If stable is vulnerable, the Debian security team will make an announcement once a fix is ready.</dt> + +<br> +<dt>To use the Debian testing security archive, add the following lines to your /etc/apt/sources.list:<dt> +<br> +<dd>deb http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free</dd> +<dd>deb-src http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free</dd> +<br> +<dt>The archive signing key can be downloaded from<dt> +<dd><a href=''http://secure-testing.debian.net/ziyi-2005-7.asc''>http://secure-testing.debian.net/ziyi-2005-7.asc</a><dd> + +<br> + +<dt>For further information about the Debian testing security team, please refer to <a href=''http://secure-testing.debian.net/''>http://secure-testing.debian.net/</a></dt> + Added: website/DTSA/DTSA-10-1.html ==================================================================--- website/DTSA/DTSA-10-1.html 2005-09-03 14:46:03 UTC (rev 1797) +++ website/DTSA/DTSA-10-1.html 2005-09-03 15:02:10 UTC (rev 1798) @@ -0,0 +1,51 @@ +<h2>DTSA-10-1</h2> +<dl> +<dt>Date Reported:</dt> +<dd>August 29th, 2005</dd> +<dt>Affected Package:</dt> +<dd><a href=''http://packages.debian.org/src:pcre3''>pcre3</a></dd> +<dt>Vulnerability:</dt> +<dd>buffer overflow</dd> +<dt>Problem-Scope:</dt> +<dd>remote</dd> +<dt>Debian-specific:</dt> +<dd>No<br></dd> +<dt>CVE:</dt> +<dd> +<a href=''http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491''>CAN-2005-2491</a> +<br></dd> +<br><dt>More information:</dt> +<dd>An integer overflow in pcre_compile.c in Perl Compatible Regular Expressions <br> +(PCRE) allows attackers to execute arbitrary code via quantifier values in <br> +regular expressions, which leads to a heap-based buffer overflow. <br> +</dd> +<br><dt>For the testing distribution (etch) this is fixed in version 6.3-0.1etch1</dt> +<dt>For the unstable distribution (sid) this is fixed in version 6.3-1</dt> +<br><dt>This upgrade is recommended if you use pcre3.<dt> +<br><dt>-Before installing the update, please note that you will need to restart all +daemons that link with libpcre3 for the security fix to be used. Either +reboot your machine after the upgrade, or make a list of processes that are +using libpcre3, and restart them after the upgrade. To generate the list, +run this command before you upgrade:</dt> +<dd>lsof /usr/lib/libpcre.so.3<dd> + +<br><dt>If you have the secure testing lines in your sources.list, you can update by running this command as root:</dt> + +<dd>apt-get update && apt-get install libpcre3</dd> +<br> + +<dt>The Debian testing security team does not track security issues for then stable (sarge) and oldstable (woody) distributions. If stable is vulnerable, the Debian security team will make an announcement once a fix is ready.</dt> + +<br> +<dt>To use the Debian testing security archive, add the following lines to your /etc/apt/sources.list:<dt> +<br> +<dd>deb http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free</dd> +<dd>deb-src http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free</dd> +<br> +<dt>The archive signing key can be downloaded from<dt> +<dd><a href=''http://secure-testing.debian.net/ziyi-2005-7.asc''>http://secure-testing.debian.net/ziyi-2005-7.asc</a><dd> + +<br> + +<dt>For further information about the Debian testing security team, please refer to <a href=''http://secure-testing.debian.net/''>http://secure-testing.debian.net/</a></dt> + Added: website/DTSA/DTSA-11-1.html ==================================================================--- website/DTSA/DTSA-11-1.html 2005-09-03 14:46:03 UTC (rev 1797) +++ website/DTSA/DTSA-11-1.html 2005-09-03 15:02:10 UTC (rev 1798) @@ -0,0 +1,47 @@ +<h2>DTSA-11-1</h2> +<dl> +<dt>Date Reported:</dt> +<dd>August 29th, 2005</dd> +<dt>Affected Package:</dt> +<dd><a href=''http://packages.debian.org/src:maildrop''>maildrop</a></dd> +<dt>Vulnerability:</dt> +<dd>local privilege escalation</dd> +<dt>Problem-Scope:</dt> +<dd>local</dd> +<dt>Debian-specific:</dt> +<dd>Yes<br></dd> +<dt>CVE:</dt> +<dd> +<a href=''http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2655''>CAN-2005-2655</a> +<br></dd> +<br><dt>More information:</dt> +<dd>The lockmail binary shipped with maildrop allows for an attacker to <br> +obtain an effective gid as group "mail". Debian ships the binary with its <br> +setgid bit set, but the program does not drop privileges when run. It takes <br> +an argument that is executed, and since it does not drop privileges, an <br> +attacker can execute an arbitrary command with an effective gid of the "mail" <br> +group. <br> +</dd> +<br><dt>For the testing distribution (etch) this is fixed in version 1.5.3-1.1etch1</dt> +<dt>For the unstable distribution (sid) this is fixed in version 1.5.3-2</dt> +<br><dt>This upgrade is recommended if you use maildrop.<dt> +<br><dt>If you have the secure testing lines in your sources.list, you can update by running this command as root:</dt> + +<dd>apt-get update && apt-get install maildrop</dd> +<br> + +<dt>The Debian testing security team does not track security issues for then stable (sarge) and oldstable (woody) distributions. If stable is vulnerable, the Debian security team will make an announcement once a fix is ready.</dt> + +<br> +<dt>To use the Debian testing security archive, add the following lines to your /etc/apt/sources.list:<dt> +<br> +<dd>deb http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free</dd> +<dd>deb-src http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free</dd> +<br> +<dt>The archive signing key can be downloaded from<dt> +<dd><a href=''http://secure-testing.debian.net/ziyi-2005-7.asc''>http://secure-testing.debian.net/ziyi-2005-7.asc</a><dd> + +<br> + +<dt>For further information about the Debian testing security team, please refer to <a href=''http://secure-testing.debian.net/''>http://secure-testing.debian.net/</a></dt> + Added: website/DTSA/DTSA-2-1.html ==================================================================--- website/DTSA/DTSA-2-1.html 2005-09-03 14:46:03 UTC (rev 1797) +++ website/DTSA/DTSA-2-1.html 2005-09-03 15:02:10 UTC (rev 1798) @@ -0,0 +1,68 @@ +<h2>DTSA-2-1</h2> +<dl> +<dt>Date Reported:</dt> +<dd>August 28th, 2005</dd> +<dt>Affected Package:</dt> +<dd><a href=''http://packages.debian.org/src:centericq''>centericq</a></dd> +<dt>Vulnerability:</dt> +<dd>multiple vulnerabilities</dd> +<dt>Problem-Scope:</dt> +<dd>local and remote</dd> +<dt>Debian-specific:</dt> +<dd>No<br></dd> +<dt>CVE:</dt> +<dd> +<a href=''http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2448''>CAN-2005-2448</a> +<a href=''http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2370''>CAN-2005-2370</a> +<a href=''http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2369''>CAN-2005-2369</a> +<a href=''http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1914''>CAN-2005-1914</a> +<br></dd> +<br><dt>More information:</dt> +<dd>centericq in testing is vulnerable to multiple security holes: <br> + <br> +CAN-2005-2448 <br> + <br> +Multiple endianness errors in libgadu, which is embedded in centericq, <br> +allow remote attackers to cause a denial of service (invalid behaviour in <br> +applications) on big-endian systems. <br> + <br> +CAN-2005-2370 <br> + <br> +Multiple memory alignment errors in libgadu, which is embedded in <br> +centericq, allows remote attackers to cause a denial of service (bus error) <br> +on certain architectures such as SPARC via an incoming message. <br> + <br> +CAN-2005-2369 <br> + <br> +Multiple integer signedness errors in libgadu, which is embedded in <br> +centericq, may allow remote attackers to cause a denial of service <br> +or execute arbitrary code. <br> + <br> +CAN-2005-1914 <br> + <br> +centericq creates temporary files with predictable file names, which <br> +allows local users to overwrite arbitrary files via a symlink attack. <br> +</dd> +<br><dt>For the testing distribution (etch) this is fixed in version 4.20.0-8etch1</dt> +<dt>For the unstable distribution (sid) this is fixed in version 4.20.0-9</dt> +<br><dt>This upgrade is recommended if you use centericq.<dt> +<br><dt>If you have the secure testing lines in your sources.list, you can update by running this command as root:</dt> + +<dd>apt-get update && apt-get install centericq</dd> +<br> + +<dt>The Debian testing security team does not track security issues for then stable (sarge) and oldstable (woody) distributions. If stable is vulnerable, the Debian security team will make an announcement once a fix is ready.</dt> + +<br> +<dt>To use the Debian testing security archive, add the following lines to your /etc/apt/sources.list:<dt> +<br> +<dd>deb http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free</dd> +<dd>deb-src http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free</dd> +<br> +<dt>The archive signing key can be downloaded from<dt> +<dd><a href=''http://secure-testing.debian.net/ziyi-2005-7.asc''>http://secure-testing.debian.net/ziyi-2005-7.asc</a><dd> + +<br> + +<dt>For further information about the Debian testing security team, please refer to <a href=''http://secure-testing.debian.net/''>http://secure-testing.debian.net/</a></dt> + Added: website/DTSA/DTSA-3-1.html ==================================================================--- website/DTSA/DTSA-3-1.html 2005-09-03 14:46:03 UTC (rev 1797) +++ website/DTSA/DTSA-3-1.html 2005-09-03 15:02:10 UTC (rev 1798) @@ -0,0 +1,78 @@ +<h2>DTSA-3-1</h2> +<dl> +<dt>Date Reported:</dt> +<dd>August 28th, 2005</dd> +<dt>Affected Package:</dt> +<dd><a href=''http://packages.debian.org/src:clamav''>clamav</a></dd> +<dt>Vulnerability:</dt> +<dd>denial of service and privilege escalation</dd> +<dt>Problem-Scope:</dt> +<dd>remote</dd> +<dt>Debian-specific:</dt> +<dd>No<br></dd> +<dt>CVE:</dt> +<dd> +<a href=''http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2070''>CAN-2005-2070</a> +<a href=''http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1923''>CAN-2005-1923</a> +<a href=''http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2056''>CAN-2005-2056</a> +<a href=''http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1922''>CAN-2005-1922</a> +<a href=''http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2450''>CAN-2005-2450</a> +<br></dd> +<br><dt>More information:</dt> +<dd>Multiple security holes were found in clamav: <br> + <br> +CAN-2005-2070 <br> + <br> +The ClamAV Mail fILTER (clamav-milter), when used in Sendmail using long <br> +timeouts, allows remote attackers to cause a denial of service by keeping <br> +an open connection, which prevents ClamAV from reloading. <br> + <br> +CAN-2005-1923 <br> + <br> +The ENSURE_BITS macro in mszipd.c for Clam AntiVirus (ClamAV) allows remote <br> +attackers to cause a denial of service (CPU consumption by infinite loop) <br> +via a cabinet (CAB) file with the cffile_FolderOffset field set to 0xff, <br> +which causes a zero-length read. <br> + <br> +CAN-2005-2056 <br> + <br> +The Quantum archive decompressor in Clam AntiVirus (ClamAV) allows remote <br> +attackers to cause a denial of service (application crash) via a crafted <br> +Quantum archive. <br> + <br> +CAN-2005-1922 <br> + <br> +The MS-Expand file handling in Clam AntiVirus (ClamAV) allows remote <br> +attackers to cause a denial of service (file descriptor and memory <br> +consumption) via a crafted file that causes repeated errors in the <br> +cli_msexpand function. <br> + <br> +CAN-2005-2450 <br> + <br> +Multiple integer overflows in the (1) TNEF, (2) CHM, or (3) FSG file <br> +format processors in libclamav for Clam AntiVirus (ClamAV) allow remote <br> +attackers to gain privileges via a crafted e-mail message. <br> +</dd> +<br><dt>For the testing distribution (etch) this is fixed in version 0.86.2-4etch1</dt> +<dt>For the unstable distribution (sid) this is fixed in version 0.86.2-1</dt> +<br><dt>This upgrade is recommended if you use clamav.<dt> +<br><dt>If you have the secure testing lines in your sources.list, you can update by running this command as root:</dt> + +<dd>apt-get update && apt-get upgrade</dd> +<br> + +<dt>The Debian testing security team does not track security issues for then stable (sarge) and oldstable (woody) distributions. If stable is vulnerable, the Debian security team will make an announcement once a fix is ready.</dt> + +<br> +<dt>To use the Debian testing security archive, add the following lines to your /etc/apt/sources.list:<dt> +<br> +<dd>deb http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free</dd> +<dd>deb-src http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free</dd> +<br> +<dt>The archive signing key can be downloaded from<dt> +<dd><a href=''http://secure-testing.debian.net/ziyi-2005-7.asc''>http://secure-testing.debian.net/ziyi-2005-7.asc</a><dd> + +<br> + +<dt>For further information about the Debian testing security team, please refer to <a href=''http://secure-testing.debian.net/''>http://secure-testing.debian.net/</a></dt> + Added: website/DTSA/DTSA-4-1.html ==================================================================--- website/DTSA/DTSA-4-1.html 2005-09-03 14:46:03 UTC (rev 1797) +++ website/DTSA/DTSA-4-1.html 2005-09-03 15:02:10 UTC (rev 1798) @@ -0,0 +1,74 @@ +<h2>DTSA-4-1</h2> +<dl> +<dt>Date Reported:</dt> +<dd>August 28th, 2005</dd> +<dt>Affected Package:</dt> +<dd><a href=''http://packages.debian.org/src:ekg''>ekg</a></dd> +<dt>Vulnerability:</dt> +<dd>multiple vulnerabilities</dd> +<dt>Problem-Scope:</dt> +<dd>local and remote</dd> +<dt>Debian-specific:</dt> +<dd>No<br></dd> +<dt>CVE:</dt> +<dd> +<a href=''http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1916''>CAN-2005-1916</a> +<a href=''http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1851''>CAN-2005-1851</a> +<a href=''http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1850''>CAN-2005-1850</a> +<a href=''http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1852''>CAN-2005-1852</a> +<a href=''http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2448''>CAN-2005-2448</a> +<br></dd> +<br><dt>More information:</dt> +<dd>Multiple vulnerabilities were discovered in ekg: <br> + <br> +CAN-2005-1916 <br> + <br> +Eric Romang discovered insecure temporary file creation and arbitrary <br> +command execution in a contributed script that can be exploited by a local <br> +attacker. <br> + <br> +CAN-2005-1851 <br> + <br> +Marcin Owsiany and Wojtek Kaniewski discovered potential shell command <br> +injection in a contributed script. <br> + <br> +CAN-2005-1850 <br> + <br> +Marcin Owsiany and Wojtek Kaniewski discovered insecure temporary file <br> +creation in contributed scripts. <br> + <br> +CAN-2005-1852 <br> + <br> +Multiple integer overflows in libgadu, as used in ekg, allows remote <br> +attackers to cause a denial of service (crash) and possibly execute <br> +arbitrary code via an incoming message. <br> + <br> +CAN-2005-2448 <br> + <br> +Multiple endianness errors in libgadu in ekg allow remote attackers to <br> +cause a denial of service (invalid behaviour in applications) on <br> +big-endian systems. <br> +</dd> +<br><dt>For the testing distribution (etch) this is fixed in version 1:1.5+20050808+1.6rc3-0etch1</dt> +<dt>For the unstable distribution (sid) this is fixed in version 1:1.5+20050808+1.6rc3-1</dt> +<br><dt>This upgrade is recommended if you use ekg.<dt> +<br><dt>If you have the secure testing lines in your sources.list, you can update by running this command as root:</dt> + +<dd>apt-get update && apt-get install libgadu3 ekg</dd> +<br> + +<dt>The Debian testing security team does not track security issues for then stable (sarge) and oldstable (woody) distributions. If stable is vulnerable, the Debian security team will make an announcement once a fix is ready.</dt> + +<br> +<dt>To use the Debian testing security archive, add the following lines to your /etc/apt/sources.list:<dt> +<br> +<dd>deb http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free</dd> +<dd>deb-src http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free</dd> +<br> +<dt>The archive signing key can be downloaded from<dt> +<dd><a href=''http://secure-testing.debian.net/ziyi-2005-7.asc''>http://secure-testing.debian.net/ziyi-2005-7.asc</a><dd> + +<br> + +<dt>For further information about the Debian testing security team, please refer to <a href=''http://secure-testing.debian.net/''>http://secure-testing.debian.net/</a></dt> + Added: website/DTSA/DTSA-5-1.html ==================================================================--- website/DTSA/DTSA-5-1.html 2005-09-03 14:46:03 UTC (rev 1797) +++ website/DTSA/DTSA-5-1.html 2005-09-03 15:02:10 UTC (rev 1798) @@ -0,0 +1,63 @@ +<h2>DTSA-5-1</h2> +<dl> +<dt>Date Reported:</dt> +<dd>August 28th, 2005</dd> +<dt>Affected Package:</dt> +<dd><a href=''http://packages.debian.org/src:gaim''>gaim</a></dd> +<dt>Vulnerability:</dt> +<dd>multiple remote vulnerabilities</dd> +<dt>Problem-Scope:</dt> +<dd>remote</dd> +<dt>Debian-specific:</dt> +<dd>No<br></dd> +<dt>CVE:</dt> +<dd> +<a href=''http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2102''>CAN-2005-2102</a> +<a href=''http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2370''>CAN-2005-2370</a> +<a href=''http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2103''>CAN-2005-2103</a> +<br></dd> +<br><dt>More information:</dt> +<dd>Multiple security holes were found in gaim: <br> + <br> +CAN-2005-2102 <br> + <br> +The AIM/ICQ module in Gaim allows remote attackers to cause a denial of <br> +service (application crash) via a filename that contains invalid UTF-8 <br> +characters. <br> + <br> +CAN-2005-2370 <br> + <br> +Multiple memory alignment errors in libgadu, as used in gaim and other <br> +packages, allow remote attackers to cause a denial of service (bus error) <br> +on certain architectures such as SPARC via an incoming message. <br> + <br> +CAN-2005-2103 <br> + <br> +Buffer overflow in the AIM and ICQ module in Gaim allows remote attackers <br> +to cause a denial of service (application crash) and possibly execute <br> +arbitrary code via an away message with a large number of AIM substitution <br> +strings, such as %t or %n. <br> +</dd> +<br><dt>For the testing distribution (etch) this is fixed in version 1:1.4.0-5etch2</dt> +<dt>For the unstable distribution (sid) this is fixed in version 1:1.4.0-5</dt> +<br><dt>This upgrade is recommended if you use gaim.<dt> +<br><dt>If you have the secure testing lines in your sources.list, you can update by running this command as root:</dt> + +<dd>apt-get update && apt-get install gaim</dd> +<br> + +<dt>The Debian testing security team does not track security issues for then stable (sarge) and oldstable (woody) distributions. If stable is vulnerable, the Debian security team will make an announcement once a fix is ready.</dt> + +<br> +<dt>To use the Debian testing security archive, add the following lines to your /etc/apt/sources.list:<dt> +<br> +<dd>deb http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free</dd> +<dd>deb-src http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free</dd> +<br> +<dt>The archive signing key can be downloaded from<dt> +<dd><a href=''http://secure-testing.debian.net/ziyi-2005-7.asc''>http://secure-testing.debian.net/ziyi-2005-7.asc</a><dd> + +<br> + +<dt>For further information about the Debian testing security team, please refer to <a href=''http://secure-testing.debian.net/''>http://secure-testing.debian.net/</a></dt> + Added: website/DTSA/DTSA-6-1.html ==================================================================--- website/DTSA/DTSA-6-1.html 2005-09-03 14:46:03 UTC (rev 1797) +++ website/DTSA/DTSA-6-1.html 2005-09-03 15:02:10 UTC (rev 1798) @@ -0,0 +1,60 @@ +<h2>DTSA-6-1</h2> +<dl> +<dt>Date Reported:</dt> +<dd>August 28th, 2005</dd> +<dt>Affected Package:</dt> +<dd><a href=''http://packages.debian.org/src:cgiwrap''>cgiwrap</a></dd> +<dt>Vulnerability:</dt> +<dd>multiple vulnerabilities</dd> +<dt>Problem-Scope:</dt> +<dd>remote</dd> +<dt>Debian-specific:</dt> +<dd>No<br></dd> +<dt>CVE:</dt> +<dd> +<a href=''http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=''></a> +<br></dd> +<br><dt>More information:</dt> +<dd>Javier Fernández-Sanguino Peña discovered various vulnerabilities in cgiwrap: <br> + <br> +Minimum UID does not include all system users <br> + <br> +The CGIwrap program will not seteuid itself to uids below the ''minimum'' uid <br> +to prevent scripts from being misused to compromise the system. However, <br> +the Debian package sets the minimum uid to 100 when it should be 1000. <br> + <br> +CGIs can be used to disclose system information <br> + <br> +The cgiwrap (and php-cgiwrap) package installs some debugging CGIs <br> +(actually symbolink links, which link to cgiwrap and are called ''cgiwrap'' <br> +and ''nph-cgiwrap'' or link to php-cgiwrap). These CGIs should not be <br> +installed in production environments as they disclose internal and <br> +potentially sensible information. <br> +</dd> +<br><dt>For the testing distribution (etch) this is fixed in version 3.9-3.0etch1</dt> +<dt>For the unstable distribution (sid) this is fixed in version 3.9-3.1</dt> +<br><dt>This upgrade is recommended if you use cgiwrap.<dt> +<br><dt>If you have the secure testing lines in your sources.list, you can update by running this command as root:</dt> + +<dt>If you use cgiwrap:</dt> +<dd>apt-get update && apt-get install cgiwrap</dd> +<dd>If you use php-cgiwrap:<dd> +<dt>apt-get update && apt-get install php-cgiwrap</dt> + +<br> + +<dt>The Debian testing security team does not track security issues for then stable (sarge) and oldstable (woody) distributions. If stable is vulnerable, the Debian security team will make an announcement once a fix is ready.</dt> + +<br> +<dt>To use the Debian testing security archive, add the following lines to your /etc/apt/sources.list:<dt> +<br> +<dd>deb http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free</dd> +<dd>deb-src http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free</dd> +<br> +<dt>The archive signing key can be downloaded from<dt> +<dd><a href=''http://secure-testing.debian.net/ziyi-2005-7.asc''>http://secure-testing.debian.net/ziyi-2005-7.asc</a><dd> + +<br> + +<dt>For further information about the Debian testing security team, please refer to <a href=''http://secure-testing.debian.net/''>http://secure-testing.debian.net/</a></dt> + Added: website/DTSA/DTSA-7-1.html ==================================================================--- website/DTSA/DTSA-7-1.html 2005-09-03 14:46:03 UTC (rev 1797) +++ website/DTSA/DTSA-7-1.html 2005-09-03 15:02:10 UTC (rev 1798) @@ -0,0 +1,49 @@ +<h2>DTSA-7-1</h2> +<dl> +<dt>Date Reported:</dt> +<dd>August 28th, 2005</dd> +<dt>Affected Package:</dt> +<dd><a href=''http://packages.debian.org/src:mozilla''>mozilla</a></dd> +<dt>Vulnerability:</dt> +<dd>frame injection spoofing</dd> +<dt>Problem-Scope:</dt> +<dd>remote</dd> +<dt>Debian-specific:</dt> +<dd>No<br></dd> +<dt>CVE:</dt> +<dd> +<a href=''http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0718''>CAN-2004-0718</a> +<a href=''http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1937''>CAN-2005-1937</a> +<br></dd> +<br><dt>More information:</dt> +<dd>A vulnerability has been discovered in Mozilla that allows remote attackers <br> +to inject arbitrary Javascript from one page into the frameset of another <br> +site. Thunderbird is not affected by this and Galeon will be automatically <br> +fixed as it uses Mozilla components. Mozilla Firefox is vulnerable and will <br> +be covered by a separate advisory. <br> + <br> +Note that this is the same security fix put into stable in DSA-777. <br> +</dd> +<br><dt>For the testing distribution (etch) this is fixed in version 2:1.7.8-1sarge1</dt> +<dt>For the unstable distribution (sid) this is fixed in version 2:1.7.10-1</dt> +<br><dt>This upgrade is recommended if you use mozilla.<dt> +<br><dt>If you have the secure testing lines in your sources.list, you can update by running this command as root:</dt> + +<dd>apt-get update && apt-get install mozilla</dd> +<br> + +<dt>The Debian testing security team does not track security issues for then stable (sarge) and oldstable (woody) distributions. If stable is vulnerable, the Debian security team will make an announcement once a fix is ready.</dt> + +<br> +<dt>To use the Debian testing security archive, add the following lines to your /etc/apt/sources.list:<dt> +<br> +<dd>deb http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free</dd> +<dd>deb-src http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free</dd> +<br> +<dt>The archive signing key can be downloaded from<dt> +<dd><a href=''http://secure-testing.debian.net/ziyi-2005-7.asc''>http://secure-testing.debian.net/ziyi-2005-7.asc</a><dd> + +<br> + +<dt>For further information about the Debian testing security team, please refer to <a href=''http://secure-testing.debian.net/''>http://secure-testing.debian.net/</a></dt> + Added: website/DTSA/DTSA-8-2.html ==================================================================--- website/DTSA/DTSA-8-2.html 2005-09-03 14:46:03 UTC (rev 1797) +++ website/DTSA/DTSA-8-2.html 2005-09-03 15:02:10 UTC (rev 1798) @@ -0,0 +1,127 @@ +<h2>DTSA-8-1</h2> +<dl> +<dt>Date Reported:</dt> +<dd>September 1st, 2005</dd> +<dt>Affected Package:</dt> +<dd><a href=''http://packages.debian.org/src:mozilla-firefox''>mozilla-firefox</a></dd> +<dt>Vulnerability:</dt> +<dd>several vulnerabilities (update)</dd> +<dt>Problem-Scope:</dt> +<dd>remote</dd> +<dt>Debian-specific:</dt> +<dd>No<br></dd> +<dt>CVE:</dt> +<dd> +<a href=''http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0718''>CAN-2004-0718</a> +<a href=''http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1937''>CAN-2005-1937</a> +<a href=''http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2260''>CAN-2005-2260</a> +<a href=''http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2261''>CAN-2005-2261</a> +<a href=''http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2262''>CAN-2005-2262</a> +<a href=''http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2263''>CAN-2005-2263</a> +<a href=''http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2264''>CAN-2005-2264</a> +<a href=''http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2265''>CAN-2005-2265</a> +<a href=''http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2266''>CAN-2005-2266</a> +<a href=''http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2267''>CAN-2005-2267</a> +<a href=''http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2268''>CAN-2005-2268</a> +<a href=''http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2269''>CAN-2005-2269</a> +<a href=''http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2270''>CAN-2005-2270</a> +<br></dd> +<br><dt>More information:</dt> +<dd>We experienced that the update for Mozilla Firefox from DTSA-8-1 <br> +unfortunately was a regression in several cases. Since the usual <br> +praxis of backporting apparently does not work, this update is <br> +basically version 1.0.6 with the version number rolled back, and hence <br> +still named 1.0.4-*. For completeness below is the original advisory <br> +text: <br> + <br> +Several problems were discovered in Mozilla Firefox: <br> + <br> +CAN-2004-0718 CAN-2005-1937 <br> + <br> +A vulnerability has been discovered in Mozilla Firefox that allows remote <br> +attackers to inject arbitrary Javascript from one page into the frameset of <br> +another site. <br> + <br> +CAN-2005-2260 <br> + <br> +The browser user interface does not properly distinguish between <br> +user-generated events and untrusted synthetic events, which makes it easier <br> +for remote attackers to perform dangerous actions that normally could only be <br> +performed manually by the user. <br> + <br> +CAN-2005-2261 <br> + <br> +XML scripts ran even when Javascript disabled. <br> + <br> +CAN-2005-2262 <br> + <br> +The user can be tricked to executing arbitrary JavaScript code by using a <br> +JavaScript URL as wallpaper. <br> + <br> +CAN-2005-2263 <br> + <br> +It is possible for a remote attacker to execute a callback function in the <br> +context of another domain (i.e. frame). <br> + <br> +CAN-2005-2264 <br> + <br> +By opening a malicious link in the sidebar it is possible for remote <br> +attackers to steal sensitive information. <br> + <br> +CAN-2005-2265 <br> + <br> +Missing input sanitising of InstallVersion.compareTo() can cause the <br> +application to crash. <br> + <br> +CAN-2005-2266 <br> + <br> +Remote attackers could steal sensitive information such as cookies and <br> +passwords from web sites by accessing data in alien frames. <br> + <br> +CAN-2005-2267 <br> + <br> +By using standalone applications such as Flash and QuickTime to open a <br> +javascript: URL, it is possible for a remote attacker to steal sensitive <br> +information and possibly execute arbitrary code. <br> + <br> +CAN-2005-2268 <br> + <br> +It is possible for a Javascript dialog box to spoof a dialog box from a <br> +trusted site and facilitates phishing attacks. <br> + <br> +CAN-2005-2269 <br> + <br> +Remote attackers could modify certain tag properties of DOM nodes that could <br> +lead to the execution of arbitrary script or code. <br> + <br> +CAN-2005-2270 <br> + <br> +The Mozilla browser family does not properly clone base objects, which allows <br> +remote attackers to execute arbitrary code. <br> + <br> +Note that this is the same set of security fixes put into stable in <br> +DSA-775 and DSA-779, and updated in DSA-779-2. <br> +</dd> +<br><dt>For the testing distribution (etch) this is fixed in version 1.0.4-2sarge3</dt> +<dt>For the unstable distribution (sid) this is fixed in version 1.0.6-3</dt> +<br><dt>This upgrade is recommended if you use mozilla-firefox.<dt> +<br><dt>If you have the secure testing lines in your sources.list, you can update by running this command as root:</dt> + +<dd>apt-get update && apt-get install mozilla-firefox</dd> +<br> + +<dt>The Debian testing security team does not track security issues for then stable (sarge) and oldstable (woody) distributions. If stable is vulnerable, the Debian security team will make an announcement once a fix is ready.</dt> + +<br> +<dt>To use the Debian testing security archive, add the following lines to your /etc/apt/sources.list:<dt> +<br> +<dd>deb http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free</dd> +<dd>deb-src http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free</dd> +<br> +<dt>The archive signing key can be downloaded from<dt> +<dd><a href=''http://secure-testing.debian.net/ziyi-2005-7.asc''>http://secure-testing.debian.net/ziyi-2005-7.asc</a><dd> + +<br> + +<dt>For further information about the Debian testing security team, please refer to <a href=''http://secure-testing.debian.net/''>http://secure-testing.debian.net/</a></dt> + Added: website/DTSA/DTSA-9-1.html ==================================================================--- website/DTSA/DTSA-9-1.html 2005-09-03 14:46:03 UTC (rev 1797) +++ website/DTSA/DTSA-9-1.html 2005-09-03 15:02:10 UTC (rev 1798) @@ -0,0 +1,44 @@ +<h2>DTSA-9-1</h2> +<dl> +<dt>Date Reported:</dt> +<dd>August 31st, 2005</dd> +<dt>Affected Package:</dt> +<dd><a href=''http://packages.debian.org/src:bluez-utils''>bluez-utils</a></dd> +<dt>Vulnerability:</dt> +<dd>bad device name escaping</dd> +<dt>Problem-Scope:</dt> +<dd>remote</dd> +<dt>Debian-specific:</dt> +<dd>No<br></dd> +<dt>CVE:</dt> +<dd> +<a href=''http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2547''>CAN-2005-2547</a> +<br></dd> +<br><dt>More information:</dt> +<dd>A bug in bluez-utils allows remote attackers to execute arbitrary commands <br> +via shell metacharacters in the Bluetooth device name when invoking the PIN <br> +helper. <br> +</dd> +<br><dt>For the testing distribution (etch) this is fixed in version 2.19-0.1etch1</dt> +<dt>For the unstable distribution (sid) this is fixed in version 2.19-1</dt> +<br><dt>This upgrade is recommended if you use bluez-utils.<dt> +<br><dt>If you have the secure testing lines in your sources.list, you can update by running this command as root:</dt> + +<dd>apt-get update && apt-get install bluez-utils</dd> +<br> + +<dt>The Debian testing security team does not track security issues for then stable (sarge) and oldstable (woody) distributions. If stable is vulnerable, the Debian security team will make an announcement once a fix is ready.</dt> + +<br> +<dt>To use the Debian testing security archive, add the following lines to your /etc/apt/sources.list:<dt> +<br> +<dd>deb http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free</dd> +<dd>deb-src http://secure-testing-mirrors.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free</dd> +<br> +<dt>The archive signing key can be downloaded from<dt> +<dd><a href=''http://secure-testing.debian.net/ziyi-2005-7.asc''>http://secure-testing.debian.net/ziyi-2005-7.asc</a><dd> + +<br> + +<dt>For further information about the Debian testing security team, please refer to <a href=''http://secure-testing.debian.net/''>http://secure-testing.debian.net/</a></dt> + Modified: website/index.html ==================================================================--- website/index.html 2005-09-03 14:46:03 UTC (rev 1797) +++ website/index.html 2005-09-03 15:02:10 UTC (rev 1798) @@ -44,6 +44,7 @@ deb http://secure-testing-mirrors.debian.net/debian-security-updates etch/security-updates main contrib non-free deb-src http://secure-testing-mirrors.debian.net/debian-security-updates etch/security-updates main contrib non-free </pre> + These are also available from this <a href=''list.html''>list</a>.<br> The archive signing key used for this repository is <a href="ziyi-2005-7.asc">here</a>. </p> @@ -131,7 +132,10 @@ <li>Prepare the update and fill out the .adv template <li>Make sure everything is ready. <li>cd data/DTSA; ./dtsa -p ADVISORYNUMBER</li> - <li>svn add DTSA-n-1; svn commit</li> + <li>edit DTSA-n-1 and DTSA-n-1.html, fix the installation instructions.</li> + <li>mv DTSA-n-1.html ../../website/DTSA/</li> + <li>cd ../../website; ../bin/updatehtmllist --output list.html ../data/DTSA/list</li> + <li>cd ../; svn add data/DTSA/DTSA-n-1 website/DTSA/DTSA-n-1.html; svn commit</li> <li>Edit data/DTSA/hints/yourname, and add a hint to make dtsasync propigate the update from etch-proposed-updates to etch. Commit the file and wait 15 minutes for the dtsasync run, Added: website/list.html ==================================================================--- website/list.html 2005-09-03 14:46:03 UTC (rev 1797) +++ website/list.html 2005-09-03 15:02:10 UTC (rev 1798) @@ -0,0 +1,21 @@ +<!-- header --> +<dl> +<dt>[August 26th, 2005] <a href=''DTSA/DTSA-1-1.html''>DTSA-1-1 kismet</a></dt> +<dd>various</dd> +<dt>[August 28th, 2005] <a href=''DTSA/DTSA-2-1.html''>DTSA-2-1 centericq</a></dt> +<dd>multiple vulnerabilities</dd> +<dt>[August 28th, 2005] <a href=''DTSA/DTSA-3-1.html''>DTSA-3-1 clamav</a></dt> +<dd>denial of service and privilege escalation</dd> +<dt>[August 28th, 2005] <a href=''DTSA/DTSA-4-1.html''>DTSA-4-1 ekg</a></dt> +<dd>multiple vulnerabilities</dd> +<dt>[August 28th, 2005] <a href=''DTSA/DTSA-5-1.html''>DTSA-5-1 gaim</a></dt> +<dd>multiple remote vulnerabilities</dd> +<dt>[August 28th, 2005] <a href=''DTSA/DTSA-6-1.html''>DTSA-6-1 cgiwrap</a></dt> +<dd>multiple vulnerabilities</dd> +<dt>[August 28th, 2005] <a href=''DTSA/DTSA-7-1.html''>DTSA-7-1 mozilla</a></dt> +<dd>frame injection spoofing</dd> +<dt>[August 31st, 2005] <a href=''DTSA/DTSA-9-1.html''>DTSA-9-1 bluez-utils</a></dt> +<dd>bad device name escaping</dd> +<dt>[August 29th, 2005] <a href=''DTSA/DTSA-10-1.html''>DTSA-10-1 pcre3</a></dt> +<dd>buffer overflow</dd> +</dl>