rootserverprojekt.de

Package : xulrunner
Vulnerability : several
Problem-Type : remote
Debian-specific: no
CVE ID : CVE-2008-0016 CVE-2008-3835 CVE-2008-3836 CVE-2008-3837 CVE-2008-4058 CVE-2008-4059 CVE-2008-4060 CVE-2008-4061 CVE-2008-4062 CVE-2008-4065 CVE-2008-4066 CVE-2008-4067 CVE-2008-4068 CVE-2008-4069 CVE-2008-4582 CVE-2008-5012 CVE-2008-5013 CVE-2008-5014 CVE-2008-5017 CVE-2008-5018 CVE-2008-0017 CVE-2008-5021 CVE-2008-5022 CVE-2008-5023 CVE-2008-5024

Several remote vulnerabilities have been discovered in Xulrunner, a
runtime environment for XUL applications. The Common Vulnerabilities
and Exposures project identifies the following problems:

CVE-2008-0016

Justin Schuh, Tom Cross and Peter Williams discovered a buffer
overflow in the parser for UTF-8 URLs, which may lead to the
execution of arbitrary code.

CVE-2008-3835

"moz_bug_r_a4" discovered that the same-origin check in
nsXMLDocument::OnChannelRedirect() could by bypassed.

CVE-2008-3836

"moz_bug_r_a4" discovered that several vulnerabilities in
feedWriter could lead to Chrome privilege escalation.

CVE-2008-3837

Paul Nickerson discovered that an attacker could move windows
during a mouse click, resulting in unwanted action triggered by
drag-and-drop.

CVE-2008-4058

"moz_bug_r_a4" discovered a vulnerability which can result in
Chrome privilege escalation through XPCNativeWrappers.

CVE-2008-4059

"moz_bug_r_a4" discovered a vulnerability which can result in
Chrome privilege escalation through XPCNativeWrappers.

CVE-2008-4060

Olli Pettay and "moz_bug_r_a4" discovered a Chrome privilege
escalation vulnerability in XSLT handling.

CVE-2008-4061

Jesse Ruderman discovered a crash in the layout engine, which might
allow the execution of arbitrary code.

CVE-2008-4062

Igor Bukanov, Philip Taylor, Georgi Guninski and Antoine Labour
discovered crashes in the Javascript engine, which might allow the
execution of arbitrary code.

CVE-2008-4065

Dave Reed discovered that some Unicode byte order marks are
stripped from Javascript code before execution, which can result in
code being executed, which were otherwise part of a quoted string.

CVE-2008-4066

Gareth Heyes discovered that some Unicode surrogate characters are
ignored by the HTML parser.

CVE-2008-4067

Boris Zbarsky discovered that resource: URls allow directory
traversal when using URL-encoded slashes.

CVE-2008-4068

Georgi Guninski discovered that resource: URLs could bypass local
access restrictions.

CVE-2008-4069

Billy Hoffman discovered that the XBM decoder could reveal
uninitialised memory.

CVE-2008-4582

Liu Die Yu discovered an information leak through local shortcut
files.

CVE-2008-5012

Georgi Guninski, Michal Zalewski and Chris Evan discovered that
the canvas element could be used to bypass same-origin
restrictions.

CVE-2008-5013

It was discovered that insufficient checks in the Flash plugin glue
code could lead to arbitrary code execution.

CVE-2008-5014

Jesse Ruderman discovered that a programming error in the
window.__proto__.__proto__ object could lead to arbitrary code
execution.

CVE-2008-5017

It was discovered that crashes in the layout engine could lead to
arbitrary code execution.

CVE-2008-5018

It was discovered that crashes in the Javascript engine could lead to
arbitrary code execution.

CVE-2008-0017

Justin Schuh discovered that a buffer overflow in http-index-format
parser could lead to arbitrary code execution.

CVE-2008-5021

It was discovered that a crash in the nsFrameManager might lead to
the execution of arbitrary code.

CVE-2008-5022

"moz_bug_r_a4" discovered that the same-origin check in
nsXMLHttpRequest::NotifyEventListeners() could be bypassed.

CVE-2008-5023

Collin Jackson discovered that the -moz-binding property bypasses
security checks on codebase principals.

CVE-2008-5024

Chris Evans discovered that quote characters were improperly
escaped in the default namespace of E4X documents.

For the stable distribution (etch), these problems have been fixed in
version 1.8.0.15~pre080614h-0etch1. Packages for mips will be provided
later.

For the upcoming stable distribution (lenny) and the unstable
distribution (sid), these problems have been fixed in version 1.9.0.4-1.

We recommend that you upgrade your xulrunner packages.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch

Package : enscript
Vulnerability : buffer overflows
Problem type : local(remote)
Debian-specific: no
CVE Id(s) : CVE-2008-3863 CVE-2008-4306

Several vulnerabilities have been discovered in Enscript, a converter
from ASCII text to Postscript, HTML or RTF. The Common Vulnerabilities
and Exposures project identifies the following problems:

CVE-2008-3863

Ulf Harnhammer discovered that a buffer overflow may lead to
the execution of arbitrary code.

CVE-2008-4306

Kees Cook and Tomas Hoger discovered that several buffer
overflows may lead to the execution of arbitrary code.

For the stable distribution (etch), these problems have been fixed in
version 1.6.4-11.1.

For the upcoming stable distribution (lenny) and the unstable
distribution (sid), these problems have been fixed in version 1.6.4-13.

We recommend that you upgrade your enscript package.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch

Package : iceweasel
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2008-0017 CVE-2008-4582 CVE-2008-5012 CVE-2008-5013 CVE-2008-5014 CVE-2008-5017 CVE-2008-5018 CVE-2008-5021 CVE-2008-5022 CVE-2008-5023 CVE-2008-5024

Several remote vulnerabilities have been discovered in the Iceweasel
webbrowser, an unbranded version of the Firefox browser. The Common
Vulnerabilities and Exposures project identifies the following problems:

CVE-2008-0017

Justin Schuh discovered that a buffer overflow in the http-index-format
parser could lead to arbitrary code execution.

CVE-2008-4582

Liu Die Yu discovered an information leak through local shortcut
files.

CVE-2008-5012

Georgi Guninski, Michal Zalewski and Chris Evan discovered that
the canvas element could be used to bypass same-origin
restrictions.

CVE-2008-5013

It was discovered that insufficient checks in the Flash plugin glue
code could lead to arbitrary code execution.

CVE-2008-5014

Jesse Ruderman discovered that a programming error in the
window.__proto__.__proto__ object could lead to arbitrary code
execution.

CVE-2008-5017

It was discovered that crashes in the layout engine could lead to
arbitrary code execution.

CVE-2008-5018

It was discovered that crashes in the Javascript engine could lead to
arbitrary code execution.

CVE-2008-5021

It was discovered that a crash in the nsFrameManager might lead to
the execution of arbitrary code.

CVE-2008-5022

"moz_bug_r_a4" discovered that the same-origin check in
nsXMLHttpRequest::NotifyEventListeners() could be bypassed.

CVE-2008-5023

Collin Jackson discovered that the -moz-binding property bypasses
security checks on codebase principals.

CVE-2008-5024

Chris Evans discovered that quote characters were improperly
escaped in the default namespace of E4X documents.

For the stable distribution (etch), these problems have been fixed in
version 2.0.0.18-0etch1.

For the upcoming stable distribution (lenny) and the unstable distribution
(sid), these problems have been fixed in version 3.0.4-1 of iceweasel
and version 1.9.0.4-1 of xulrunner. Packages for arm and mips will be
provided soon.

We recommend that you upgrade your iceweasel package.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch

Package : imlib2
Vulnerability : buffer overflow
Problem type : local(remote)
Debian-specific: no
CVE Id(s) : CVE-2008-5187
Debian Bug : 505714

Julien Danjou and Peter De Wachter discovered that a buffer overflow
in the XPM loader of Imlib2, a powerful image loading and rendering
library, might lead to arbitrary code execution.

For the stable distribution (etch), this problem has been fixed in
version 1.3.0.0debian1-4+etch2.

For the upcoming stable distribution (lenny) and the unstable
distribution (sid), this problem has been fixed in version 1.4.0-1.2.

We recommend that you upgrade your imlib2 packages.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch

Package : wireshark
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2008-3137 CVE-2008-3138 CVE-2008-3141 CVE-2008-3145 CVE-2008-3933 CVE-2008-4683 CVE-2008-4684 CVE-2008-4685

Several remote vulnerabilities have been discovered network traffic
analyzer Wireshark. The Common Vulnerabilities and Exposures project
identifies the following problems:

CVE-2008-3137

The GSM SMS dissector is vulnerable to denial of service.

CVE-2008-3138

The PANA and KISMET dissectors are vulnerable to denial of service.

CVE-2008-3141

The RMI dissector could disclose system memory.

CVE-2008-3145

The packet reassembling module is vulnerable to denial of service.

CVE-2008-3933

The zlib uncompression module is vulnerable to denial of service.

CVE-2008-4683

The Bluetooth ACL dissector is vulnerable to denial of service.

CVE-2008-4684

The PRP and MATE dissectors are vulnerable to denial of service.

CVE-2008-4685

The Q931 dissector is vulnerable to denial of service.

For the stable distribution (etch), these problems have been fixed in
version 0.99.4-5.etch.3.

For the upcoming stable distribution (lenny), these problems have been
fixed in version 1.0.2-3+lenny2.

For the unstable distribution (sid), these problems will be fixed soon.

We recommend that you upgrade your wireshark packages.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch

Package : jailer
Vulnerability : insecure temp file generation
Debian-specific: no
CVE Id(s) : CVE-2008-5139
Debian Bug : 410548

Javier Fernandez-Sanguino Pena discovered that updatejail, a component
of the chroot maintenance tool Jailer, creates a predictable temporary
file name, which may lead to local denial of service through a symlink
attack.

For the stable distribution (etch), this problem has been fixed in
version 0.4-9+etch1.

For the upcoming stable distribution (lenny) and the unstable
distribution (sid), this problem has been fixed in version 0.4-10.

We recommend that you upgrade your jailer package.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch

Package : phpmyadmin
Vulnerability : insufficient input sanitising
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2008-4326

Masako Oono discovered that phpMyAdmin, a web-based administration
interface for MySQL, insufficiently sanitises input allowing a
remote attacker to gather sensitive data through cross site scripting,
provided that the user uses the Internet Explorer web browser.

This update also fixes a regression introduced in DSA 1641, that
broke changing of the language and encoding in the login screen.

For the stable distribution (etch), these problems have been fixed in
version 4:2.9.1.1-9.

For the unstable distribution (sid), these problems have been fixed in
version 4:2.11.8.1-3.

We recommend that you upgrade your phpmyadmin package.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch

Package : cupsys
Vulnerability : integer overflow
Problem type : local (remote)
Debian-specific: no
CVE ID : CVE-2008-5286
Debian Bug : 507183

An integer overflow has been discovered in the image validation code
of cupsys, the Common UNIX Printing System. An attacker could trigger
this bug by supplying a malicious graphic that could lead to the
execution of arbitrary code.

For the stable distribution (etch) this problem has been fixed in
version 1.2.7-4etch6.

For testing distribution (lenny) this issue will be fixed soon.

For the unstable distribution (sid) this problem has been fixed in
version 1.3.8-1lenny4.

We recommend that you upgrade your cupsys packages.


Upgrade Instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given at the end of this advisory:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch

Package : perl
Vulnerability : design flaws
Problem type : local
Debian-specific: no
CVE Id(s) : CVE-2008-5302 CVE-2008-5303
Debian Bug : 286905 286922

Paul Szabo rediscovered a vulnerability in the File:ath::rmtree
function of Perl. It was possible to exploit a race condition to create
setuid binaries in a directory tree or remove arbitrary files when a
process is deleting this tree. This issue was originally known as
CVE-2005-0448 and CVE-2004-0452, which were addressed by DSA-696-1 and
DSA-620-1. Unfortunately, they were reintroduced later.

For the stable distribution (etch), these problems have been fixed in
version 5.8.8-7etch5.

For the unstable distribution (sid), these problems have been fixed in
version 5.10.0-18 and will migrate to the testing distribution (lenny)
shortly.

We recommend that you upgrade your perl packages.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch

Package : awstats
Vulnerability : cross-site scripting
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2008-3714
Debian Bug : 495432

Morgan Todd discovered a cross-site scripting vulnerability in awstats,
a log file analyzer, involving the "config" request parameter (and
possibly others; CVE-2008-3714).

For the stable distribution (etch), this problem has been fixed in version
6.5+dfsg-1+etch1.

The unstable (sid) and testing (lenny) distribution will be fixed soon.

We recommend that you upgrade your awstats package.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch

Package : clamav
Vulnerability : buffer overflow, stack consumption
Problem type : local (remote)
Debian-specific: no
CVE Id(s) : CVE-2008-5050 CVE-2008-5314
Debian Bug : 505134 507624

Moritz Jodeit discovered that ClamAV, an anti-virus solution, suffers
from an off-by-one-error in its VBA project file processing, leading to
a heap-based buffer overflow and potentially arbitrary code execution
(CVE-2008-5050).

Ilja van Sprundel discovered that ClamAV contains a denial of service
condition in its JPEG file processing because it does not limit the
recursion depth when processing JPEG thumbnails (CVE-2008-5314).

For the stable distribution (etch), these problems have been fixed in
version 0.90.1dfsg-4etch16.

For the unstable distribution (sid), these problems have been fixed in
version 0.94.dfsg.2-1.

The testing distribution (lenny) will be fixed soon.

We recommend that you upgrade your clamav packages.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch

Package : linux-2.6.24
Vulnerability : denial of service/privilege escalation
Problem type : local/remote
Debian-specific: no
CVE Id(s) : CVE-2008-3528 CVE-2008-4554 CVE-2008-4576 CVE-2008-4618
CVE-2008-4933 CVE-2008-4934 CVE-2008-5025 CVE-2008-5029
CVE-2008-5134 CVE-2008-5182 CVE-2008-5300

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service or privilege escalation. The Common
Vulnerabilities and Exposures project identifies the following
problems:

CVE-2008-3528

Eugene Teo reported a local DoS issue in the ext2 and ext3
filesystems. Local users who have been granted the privileges
necessary to mount a filesystem would be able to craft a corrupted
filesystem that causes the kernel to output error messages in an
infinite loop.

CVE-2008-4554

Milos Szeredi reported that the usage of splice() on files opened
with O_APPEND allows users to write to the file at arbitrary
offsets, enabling a bypass of possible assumed semantics of the
O_APPEND flag.

CVE-2008-4576

Vlad Yasevich reported an issue in the SCTP subsystem that may
allow remote users to cause a local DoS by triggering a kernel
oops.

CVE-2008-4618

Wei Yongjun reported an issue in the SCTP subsystem that may allow
remote users to cause a local DoS by triggering a kernel panic.

CVE-2008-4933

Eric Sesterhenn reported a local DoS issue in the hfsplus
filesystem. Local users who have been granted the privileges
necessary to mount a filesystem would be able to craft a corrupted
filesystem that causes the kernel to overrun a buffer, resulting
in a system oops or memory corruption.

CVE-2008-4934

Eric Sesterhenn reported a local DoS issue in the hfsplus
filesystem. Local users who have been granted the privileges
necessary to mount a filesystem would be able to craft a corrupted
filesystem that results in a kernel oops due to an unchecked
return value.

CVE-2008-5025

Eric Sesterhenn reported a local DoS issue in the hfs filesystem.
Local users who have been granted the privileges necessary to
mount a filesystem would be able to craft a filesystem with a
corrupted catalog name length, resulting in a system oops or
memory corruption.

CVE-2008-5029

Andrea Bittau reported a DoS issue in the unix socket subsystem
that allows a local user to cause memory corruption, resulting in
a kernel panic.

CVE-2008-5134

Johannes Berg reported a remote DoS issue in the libertas wireless
driver, which can be triggered by a specially crafted beacon/probe
response.

CVE-2008-5182

Al Viro reported race conditions in the inotify subsystem that may
allow local users to acquire elevated privileges.

CVE-2008-5300

Dann Frazier reported a DoS condition that allows local users to
cause the out of memory handler to kill off privileged processes
or trigger soft lockups due to a starvation issue in the unix
socket subsystem.

For the stable distribution (etch), these problems have been fixed in
version 2.6.24-6~etchnhalf.7.

We recommend that you upgrade your linux-2.6.24 packages.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 4.0 alias etch

Package : squirrelmail
Vulnerability : insufficient input sanitising
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2008-2379

Ivan Markovic discovered that SquirrelMail, a webmail application, did not
sufficiently sanitise incoming HTML email, allowing an attacker to perform
cross site scripting through sending a malicious HTML email.

For the stable distribution (etch), this problem has been fixed in
version 1.4.9a-3.

For the unstable distribution (sid), this problem has been fixed in
version 1.4.15-4.

We recommend that you upgrade your squirrelmail package.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch

Package : streamripper
Vulnerability : buffer overflow
Problem type : local (remote)
Debian-specific: no
CVE Id(s) : CVE-2007-4337 CVE-2008-4829
Debian Bug : 506377

Multiple buffer overflows involving HTTP header and playlist parsing
have been discovered in streamripper (CVE-2007-4337, CVE-2008-4829).

For the stable distribution (etch), these problems have been fixed in
version 1.61.27-1+etch1.

For the unstable distribution (sid) and the testing distribution
(lenny), these problems have been fixed in version 1.63.5-2.

We recommend that you upgrade your streamripper package.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch

Package : lcms
Vulnerability : multiple vulnerabilities
Problem type : local (remote)
Debian-specific: no
CVE Id(s) : CVE-2008-5316 CVE-2008-5317

Two vulnerabilities have been found in lcms, a library and set of
commandline utilities for image color management. The Common
Vulnerabilities and Exposures project identifies the following
problems:

CVE-2008-5316

Inadequate enforcement of fixed-length buffer limits allows an
attacker to overflow a buffer on the stack, potentially enabling
the execution of arbitrary code when a maliciously-crafted
image is opened.

CVS-2008-5317

An integer sign error in reading image gamma data could allow an
attacker to cause an under-sized buffer to be allocated for
subsequent image data, with unknown consequences potentially
including the execution of arbitrary code if a maliciously-crafted
image is opened.

For the stable distribution (etch), these problems have been fixed in
version 1.14-1.1+etch1.

For the upcoming stable distribution (lenny), and the unstable
distribution (sid), these problems are fixed in version 1.17.dfsg-1.

We recommend that you upgrade your lcms packages.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch

Package : uw-imap
Vulnerability : buffer overflows, null pointer dereference
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2008-5005 CVE-2008-5006

Two vulnerabilities have been found in uw-imap, an IMAP
implementation. The Common Vulnerabilities and Exposures project
identifies the following problems:

It was discovered that several buffer overflows can be triggered via a
long folder extension argument to the tmail or dmail program. This
could lead to arbitrary code execution (CVE-2008-5005).

It was discovered that a NULL pointer dereference could be triggered by
a malicious response to the QUIT command leading to a denial of service
(CVE-2008-5006).

For the stable distribution (etch), these problems have been fixed in
version 2002edebian1-13.1+etch1.

For the unstable distribution (sid) and the testing distribution
(lenny), these problems have been fixed in version 2007d~dfsg-1.

We recommend that you upgrade your uw-imap packages.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch

Package : no-ip
Vulnerability : buffer overflow
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2008-5297
Debian Bug : 506179

A buffer overflow has been discovered in the HTTP parser of the No-IP.com
Dynamic DNS update client, which may result in the execution of arbitrary
code.

For the stable distribution (etch), this problem has been fixed in
version 2.1.1-4+etch1.

For the upcoming stable distribution (lenny) and the unstable distribution
(sid), this problem has been fixed in version 2.1.7-11.

We recommend that you upgrade your no-ip package.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch

Package : linux-2.6
Vulnerability : denial of service/privilege escalation
Problem type : local/remote
Debian-specific: no
CVE Id(s) : CVE-2008-3527 CVE-2008-3528 CVE-2008-4554 CVE-2008-4576
CVE-2008-4933 CVE-2008-4934 CVE-2008-5025 CVE-2008-5029
CVE-2008-5079 CVE_2008-5182 CVE-2008-5300

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service or privilege escalation. The Common
Vulnerabilities and Exposures project identifies the following
problems:

CVE-2008-3527

Tavis Ormandy reported a local DoS and potential privilege
escalation in the Virtual Dynamic Shared Objects (vDSO)
implementation.

CVE-2008-3528

Eugene Teo reported a local DoS issue in the ext2 and ext3
filesystems. Local users who have been granted the privileges
necessary to mount a filesystem would be able to craft a corrupted
filesystem that causes the kernel to output error messages in an
infinite loop.

CVE-2008-4554

Milos Szeredi reported that the usage of splice() on files opened
with O_APPEND allows users to write to the file at arbitrary
offsets, enabling a bypass of possible assumed semantics of the
O_APPEND flag.

CVE-2008-4576

Vlad Yasevich reported an issue in the SCTP subsystem that may
allow remote users to cause a local DoS by triggering a kernel
oops.

CVE-2008-4933

Eric Sesterhenn reported a local DoS issue in the hfsplus
filesystem. Local users who have been granted the privileges
necessary to mount a filesystem would be able to craft a corrupted
filesystem that causes the kernel to overrun a buffer, resulting
in a system oops or memory corruption.

CVE-2008-4934

Eric Sesterhenn reported a local DoS issue in the hfsplus
filesystem. Local users who have been granted the privileges
necessary to mount a filesystem would be able to craft a corrupted
filesystem that results in a kernel oops due to an unchecked
return value.

CVE-2008-5025

Eric Sesterhenn reported a local DoS issue in the hfs filesystem.
Local users who have been granted the privileges necessary to
mount a filesystem would be able to craft a filesystem with a
corrupted catalog name length, resulting in a system oops or
memory corruption.

CVE-2008-5029

Andrea Bittau reported a DoS issue in the unix socket subsystem
that allows a local user to cause memory corruption, resulting in
a kernel panic.

CVE-2008-5079

Hugo Dias reported a DoS condition in the ATM subsystem that can
be triggered by a local user by calling the svc_listen function
twice on the same socket and reading /proc/net/atm/*vc.

CVE_2008-5182

Al Viro reported race conditions in the inotify subsystem that may
allow local users to acquire elevated privileges.

CVE-2008-5300

Dann Frazier reported a DoS condition that allows local users to
cause the out of memory handler to kill off privileged processes
or trigger soft lockups due to a starvation issue in the unix
socket subsystem.

For the stable distribution (etch), this problem has been fixed in
version 2.6.18.dfsg.1-23etch1.

We recommend that you upgrade your linux-2.6, fai-kernels, and
user-mode-linux packages.

Note: Debian 'etch' includes linux kernel packages based upon both the
2.6.18 and 2.6.24 linux releases. All known security issues are
carefully tracked against both packages and both packages will receive
security updates until security support for Debian 'etch'
concludes. However, given the high frequency at which low-severity
security issues are discovered in the kernel and the resource
requirements of doing an update, lower severity 2.6.18 and 2.6.24
updates will typically release in a staggered or "leap-frog" fashion.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

The following matrix lists additional source packages that were rebuilt for
compatability with or to take advantage of this update:

Debian 4.0 (etch)
fai-kernels 1.17+etch.23etch1
user-mode-linux 2.6.18-1um-2etch.23etch1

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 4.0 alias etch

Package : courier-authlib
Vulnerability : SQL injection
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2008-2380 CVE-2008-2667

Two SQL injection vulnerabilities have beein found in courier-authlib,
the courier authentification library. The MySQL database interface used
insufficient escaping mechanisms when constructing SQL statements,
leading to SQL injection vulnerabilities if certain charsets are used
(CVE-2008-2380). A similar issue affects the PostgreSQL database
interface (CVE-2008-2667).

For the stable distribution (etch), these problems have been fixed in
version 0.58-4+etch2.

For the testing distribution (lenny) and the unstable distribution
(sid), these problems have been fixed in version 0.61.0-1+lenny1.

We recommend that you upgrade your courier-authlib packages.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch

Package : perl
Vulnerability : design flaws
Problem type : local
Debian-specific: no
CVE Id(s) : CVE-2008-5302 CVE-2008-5303
Debian Bug : 286905 286922 479317

The perl update in DSA-1678-1 contains a regression which is triggered
by some Perl scripts which have changed into the directory tree
removed by File:ath::rmtree. In particular, this happens if
File::Temp::tempdir is used. This new update corrects this
regression.

For the stable distribution (etch), this problem has been fixed in
version 5.8.8-7etch6.

For the unstable distribution (sid), this problem will be fixed soon.

We recommend that you upgrade your perl packages.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch