Beiträge von Micha

Package : pulseaudio
Vulnerability : insecure temporary directory
Problem type : local
Debian-specific: no
CVE Id : CVE-2009-1299
Debian Bug : 573615

Dan Rosenberg discovered that the PulseAudio sound server creates a
temporary directory with a predictable name. This allows a local attacker
to create a Denial of Service condition or possibly disclose sensitive
information to unprivileged users.

For the stable distribution (lenny), this problem has been fixed in
version 0.9.10-3+lenny2.

For the testing (squeeze) and unstable (sid) distribution this problem
will be fixed soon.

We recommend that you upgrade your pulseaudio package.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian (stable)

Package : drbd8
Vulnerability : privilege escalation
Problem type : local
Debian-specific: no
CVE Id(s) : not yet available
Debian Bug : 573531

A local vulnerability has been discovered in drbd8.

Philipp Reisner fixed an issue in the drbd kernel module that allows
local users to send netlink packets to perform actions that should be
restricted to users with CAP_SYS_ADMIN privileges. This is a similar
issue to those described by CVE-2009-3725.

This update also fixes an ABI compatibility issue which was introduced
by linux-2.6 (2.6.26-21lenny3). The prebuilt drbd module packages listed
in this advisory require a linux-image package version 2.6.26-21lenny3
or greater.

For the stable distribution (lenny), this problem has been fixed in
drbd8 (2:8.0.14-2+lenny1).

We recommend that you upgrade your drbd8 packages.

The linux-modules-extra-2.6 package has been rebuilt against the updated
drbd8 package to provide fixed prebuilt drbd8-modules packages. If,
instead of using the prebuilt drbd8-modules packages, you have built and
installed a local copy of the drbd module from the drbd8-source package
(e.g., using module-assistant), you will need to follow the same steps
you originally used to rebuild your module after upgrading the
drbd8-source package.

Note: After upgrading a kernel module you must reload the module
for the changes to take effect:
1) Shutdown all services that make use of the drbd module
2) Unload the previous drbd module (modprobe -r drbd)
3) Load the updated drbd module (modprobe drbd)
4) Restart any services that make use of the drbd module

A system reboot will also cause the updated module to be used.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 5.0 alias lenny

Du mußt die crontab aufrufen

crontab -e

Daraufhin öffnet sich der Editor womit die Cronjobs bearbeitet werden können. In diesen wird dann der Pfad und die Aufrufzeiten eingetragen wie bei Deinem Beispiel:

1 0 * * * /usr/bin/lynx -dump http://www.spiele-paradies.eu/ufp_cronjob.php?pw=xx > /dev/null

Dann speichern und den Editor beenden.

Alternativ kann auch die Datei /etc/crontab manuell mit einem editor bearbeitet werden.

Hallo,

versuche es mal mit dieser angehängten flvideo_setup.php. Habe die nicht getestet, kann aber nichts passieren.

Hallo,

meines Wissens kannst Du die Kollation nur per Hand in den Tabellen auf einen einheitlichen Wert ( utf8 ) umstellen. Du kannst aber mal den mysqldumper ausprobieren. Wenn ich mich recht entsinne, konnte damit die Kollationen geändert werden.

Suhosin ist eine php-Erweiterung die auf den Server bestehende php-Anwendungen gegen bekannte und unbekannte Angriffe abschirmt. Also eine Sicherheitsanwendung.

Du müßtest sagen wann diese Meldung kommt.

Package : drupal6
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE Id(s) : not yet available
Debian Bug : 572439

Several vulnerabilities (SA-CORE-2010-001) have been discovered in
drupal6, a fully-featured content management framework.

Installation cross site scripting

A user-supplied value is directly output during installation allowing a
malicious user to craft a URL and perform a cross-site scripting attack.
The exploit can only be conducted on sites not yet installed.

Open redirection

The API function drupal_goto() is susceptible to a phishing attack.
An attacker could formulate a redirect in a way that gets the Drupal site
to send the user to an arbitrarily provided URL.
No user submitted data will be sent to that URL.

Locale module cross site scripting

Locale module and dependent contributed modules do not sanitize the display
of language codes, native and English language names properly.
While these usually come from a preselected list, arbitrary administrator
input is allowed.
This vulnerability is mitigated by the fact that the attacker must have a
role with the 'administer languages' permission.

Blocked user session regeneration

Under certain circumstances, a user with an open session that is blocked
can maintain his/her session on the Drupal site, despite being blocked.

For the stable distribution (lenny), these problems have been fixed in
version 6.6-3lenny5.

For the unstable distribution (sid), these problems have been fixed in
version 6.16-1, and will migrate to the testing distribution (squeeze)
shortly.

We recommend that you upgrade your drupal6 package.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian (stable)

Package : moin
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2010-0668 CVE-2010-0669 CVE-2010-0717
Debian Bugs : 569975

Several vulnerabilities have been discovered in moin, a python clone of
WikiWiki.
The Common Vulnerabilities and Exposures project identifies the
following problems:

CVE-2010-0668

Multiple security issues in MoinMoin related to configurations that have
a non-empty superuser list, the xmlrpc action enabled, the SyncPages
action enabled, or OpenID configured.

CVE-2010-0669

MoinMoin does not properly sanitize user profiles.

CVE-2010-0717

The default configuration of cfg.packagepages_actions_excluded in MoinMoin
does not prevent unsafe package actions.

In addition, this update fixes an error when processing hierarchical ACLs,
which can be exploited to access restricted sub-pages.

For the stable distribution (lenny), these problems have been fixed in
version 1.7.1-3+lenny3.

For the unstable distribution (sid), these problems have been fixed in
version 1.9.2-1, and will migrate to the testing distribution (squeeze)
shortly.

We recommend that you upgrade your moin package.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian (stable)

Package : egroupware
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE Id(s) : not yet available
Debian Bug : 573279

Nahuel Grisolia discovered two vulnerabilities in Egroupware, a web-based
groupware suite: Missing input sanitising in the spellchecker integration
may lead to the execution of arbitrary commands and a cross-site scripting
vulnerability was discovered in the login page.

For the stable distribution (lenny), these problems have been fixed in
version 1.4.004-2.dfsg-4.2.

The upcoming stable distribution (squeeze), no longer contains egroupware
packages.

We recommend that you upgrade your egroupware packages.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 5.0 alias lenny

Package : linux-2.6
Vulnerability : privilege escalation/denial of service
Problem type : local
Debian-specific: no
CVE Id(s) : CVE-2009-3725 CVE-2010-0622
Debian Bug(s) : 568561 570554

Two vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service or privilege escalation. The Common
Vulnerabilities and Exposures project identifies the following problems:

CVE-2009-3725

Philipp Reisner reported an issue in the connector subsystem
which allows unprivileged users to send netlink packets. This
allows local users to manipulate settings for uvesafb devices
which are normally reserved for privileged users.

CVE-2010-0622

Jermome Marchand reported an issue in the futex subsystem that
allows a local user to force an invalid futex state which results
in a denial of service (oops).

This update also includes fixes for regressions introduced by previous
updates. See the referenced Debian bug pages for details.

For the stable distribution (lenny), this problem has been fixed in
version 2.6.26-21lenny4.

We recommend that you upgrade your linux-2.6 and user-mode-linux
packages.

The following matrix lists additional source packages that were
rebuilt for compatibility with or to take advantage of this update:

Debian 5.0 (lenny)
user-mode-linux 2.6.26-1um-2+21lenny4

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 5.0 alias lenny

Package : dpkg
Vulnerability : path traversal
Problem type : local
Debian-specific: yes
Debian bug : none
CVE ID : CVE-2010-0396

William Grant discovered that the dpkg-source component of dpkg, the
low-level infrastructure for handling the installation and removal of
Debian software packages, is vulnerable to path traversal attacks.
A specially crafted Debian source package can lead to file modification
outside of the destination directory when extracting the package content.

For the stable distribution (lenny), this problem has been fixed in
version 1.14.29.

For the testing (squeeze) and unstable (sid) distribution this problem
will be fixed soon.

We recommend that you upgrade your dpkg packages.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 5.0 alias lenny

Package : kvm
Vulnerability : privilege escalation/denial of service
Problem type : local
Debian-specific: no
CVE Id(s) : CVE-2010-0298 CVE-2010-0306 CVE-2010-0309 CVE-2010-0419

Several local vulnerabilities have been discovered in kvm, a full
virtualization system. The Common Vulnerabilities and Exposures project
identifies the following problems:

CVE-2010-0298 & CVE-2010-0306

Gleb Natapov discovered issues in the KVM subsystem where missing
permission checks (CPL/IOPL) permit a user in a guest system to
denial of service a guest (system crash) or gain escalated
privileges with the guest.

CVE-2010-0309

Marcelo Tosatti fixed an issue in the PIT emulation code in the
KVM subsystem that allows privileged users in a guest domain to
cause a denial of service (crash) of the host system.

CVE-2010-0419

Paolo Bonzini found a bug in KVM that can be used to bypass proper
permission checking while loading segment selectors. This
potentially allows privileged guest users to execute privileged
instructions on the host system.

For the stable distribution (lenny), this problem has been fixed in
version 72+dfsg-5~lenny5.

For the testing distribution (squeeze), and the unstable distribution (sid),
these problems will be addressed within the linux-2.6 package.

We recommend that you upgrade your kvm package.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 5.0 alias lenny

Package : tdiary
Vulnerability : insufficient input sanitising
Problem type : remote
Debian-specific: no
CVE Id : CVE-2010-0726
Debian Bug : 572417

It was discovered that tdiary, a communication-friendly weblog system,
is prone to a cross-site scripting vulnerability due to insuficient
input sanitising in the TrackBack transmission plugin.

For the stable distribution (lenny), this problem has been fixed in
version 2.2.1-1+lenny1.

For the testing distribution (squeeze), this problem will be fixed soon.

For the unstable distribution (sid), this problem has been fixed in
version 2.2.1-1.1.

We recommend that you upgrade your tdiary packages.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 5.0 alias lenny

Package : typo3-src
Vulnerability : several
Problem type : local/remote
Debian-specific: no
CVE Id(s) : not yet available
Debian Bug : 571151

Several remote vulnerabilities have been discovered in the TYPO3 web
content management framework: Cross-site scripting vulnerabilities have
been discovered in both the frontend and the backend. Also, user data
could be leaked. More details can be found in the Typo3 security
advisory:
http://typo3.org/teams/security…o3-sa-2010-004/

For the stable distribution (lenny), these problems have been fixed in
version 4.2.5-1+lenny3.

For the upcoming stable distribution (squeeze) and the unstable
distribution (sid), these problems have been fixed in version 4.3.2-1.

We recommend that you upgrade your typo3-src package.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 5.0 alias lenny

Package : cups
Vulnerability : format string vulnerability
Problem type : local
Debian-specific: no
Debian bug : none
CVE ID : CVE-2010-0393

Ronald Volgers discovered that the lppasswd component of the cups suite,
the Common UNIX Printing System, is vulnerable to format string attacks
due to insecure use of the LOCALEDIR environment variable. An attacker
can abuse this behaviour to execute arbitrary code via crafted localization
files and triggering calls to _cupsLangprintf(). This works as the lppasswd
binary happens to be installed with setuid 0 permissions.

For the stable distribution (lenny), this problem has been fixed in
version 1.3.8-1+lenny8.

For the testing distribution (squeeze) this problem will be fixed soon.

For the unstable distribution (sid) this problem has been fixed in
version 1.4.2-9.1.

We recommend that you upgrade your cups packages.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 5.0 alias lenny

Package : sudo
Vulnerability : several
Problem type : local
Debian-specific: no
CVE Id(s) : CVE-2010-0426 CVE-2010-0427
Debian Bugs : 570737

Several vulnerabilities have been discovered in sudo, a program
designed to allow a sysadmin to give limited root privileges to users
database server.
The Common Vulnerabilities and Exposures project identifies the
following problems:

CVE-2010-0426:

It was discovered that sudo when a pseudo-command is enabled, permits a
match between the name of the pseudo-command and the name of an
executable file in an arbitrary directory, which allows local users to
gain privileges via a crafted executable file.

CVE-2010-0427:

It was discovered that sudo when the runas_default option is used, does
not properly set group memberships, which allows local users to gain privileges
via a sudo command.

For the stable distribution (lenny), these problems have been fixed in
version 1.6.9p17-2+lenny1

For the unstable distribution (sid), these problems have been fixed in
version 1.7.2p1-1.2, and will migrate to the testing distribution (squeeze)
shortly.

We recommend that you upgrade your sudo package.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian (stable)

Package : linux-2.6.24
Vulnerability : privilege escalation/denial of service/sensitive memory leak
Problem type : local/remote
Debian-specific: no
CVE Id(s) : CVE-2009-2691 CVE-2009-2695 CVE-2009-3080 CVE-2009-3726
CVE-2009-3889 CVE-2009-4005 CVE-2009-4020 CVE-2009-4021
CVE-2009-4138 CVE-2009-4308 CVE-2009-4536 CVE-2009-4538
CVE-2010-0003 CVE-2010-0007 CVE-2010-0291 CVE-2010-0410
CVE-2010-0415 CVE-2010-0622

NOTE: This kernel update marks the final planned kernel security
update for the 2.6.24 kernel in the Debian release 'etch'. Although
security support for 'etch' officially ended on Feburary 15th, 2010,
this update was already in preparation before that date.

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service, sensitive memory leak or privilege
escalation. The Common Vulnerabilities and Exposures project
identifies the following problems:

CVE-2009-2691

Steve Beattie and Kees Cook reported an information leak in the
maps and smaps files available under /proc. Local users may be
able to read this data for setuid processes while the ELF binary
is being loaded.

CVE-2009-2695

Eric Paris provided several fixes to increase the protection
provided by the mmap_min_addr tunable against NULL pointer
dereference vulnerabilities.

CVE-2009-3080

Dave Jones reported an issue in the gdth SCSI driver. A missing
check for negative offsets in an ioctl call could be exploited by
local users to create a denial of service or potentially gain
elevated privileges.

CVE-2009-3726

Trond Myklebust reported an issue where a malicious NFS server
could cause a denial of service condition on its clients by
returning incorrect attributes during an open call.

CVE-2009-3889

Joe Malicki discovered an issue in the megaraid_sas driver.
Insufficient permissions on the sysfs dbg_lvl interface allow
local users to modify the debug logging behavior.

CVE-2009-4005

Roel Kluin discovered an issue in the hfc_usb driver, an ISDN
driver for Colognechip HFC-S USB chip. A potential read overflow
exists which may allow remote users to cause a denial of service
condition (oops).

CVE-2009-4020

Amerigo Wang discovered an issue in the HFS filesystem that would
allow a denial of service by a local user who has sufficient
privileges to mount a specially crafted filesystem.

CVE-2009-4021

Anana V. Avati discovered an issue in the fuse subsystem. If the
system is sufficiently low on memory, a local user can cause the
kernel to dereference an invalid pointer resulting in a denial of
service (oops) and potentially an escalation of privileges.

CVE-2009-4138

Jay Fenlason discovered an issue in the firewire stack that allows
local users to cause a denial of service (oops or crash) by making
a specially crafted ioctl call.

CVE-2009-4308

Ted Ts'o discovered an issue in the ext4 filesystem that allows
local users to cause a denial of service (NULL pointer
dereference). For this to be exploitable, the local user must
have sufficient privileges to mount a filesystem.

CVE-2009-4536 & CVE-2009-4538

Fabian Yamaguchi reported issues in the e1000 and e1000e drivers
for Intel gigabit network adapters which allow remote users to
bypass packet filters using specially crafted Ethernet frames.

CVE-2010-0003

Andi Kleen reported a defect which allows local users to gain read
access to memory reachable by the kernel when the
print-fatal-signals option is enabled. This option is disabled by
default.

CVE-2010-0007

Florian Westphal reported a lack of capability checking in the
ebtables netfilter subsystem. If the ebtables module is loaded,
local users can add and modify ebtables rules.

CVE-2010-0291

Al Viro reported several issues with the mmap/mremap system calls
that allow local users to cause a denial of service (system panic)
or obtain elevated privileges.

CVE-2010-0410

Sebastian Krahmer discovered an issue in the netlink connector
subsystem that permits local users to allocate large amounts of
system memory resulting in a denial of service (out of memory).

CVE-2010-0415

Ramon de Carvalho Valle discovered an issue in the sys_move_pages
interface, limited to amd64, ia64 and powerpc64 flavors in Debian.
Local users can exploit this issue to cause a denial of service
(system crash) or gain access to sensitive kernel memory.

CVE-2010-0622

Jermome Marchand reported an issue in the futex subsystem that
allows a local user to force an invalid futex state which results
in a denial of service (oops).

For the oldstable distribution (etch), this problem has been fixed in
version 2.6.24-6~etchnhalf.9etch3.

We recommend that you upgrade your linux-2.6.24 packages.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 4.0 alias etch

Package : samba
Vulnerability : several
Problem type : local
Debian-specific: no
CVE Id(s) : CVE-2009-3297 CVE-2010-0547

Two local vulnerabilities have been discovered in samba, a SMB/CIFS file,
print, and login server for Unix. The Common Vulnerabilities and
Exposures project identifies the following problems:

CVE-2009-3297

Ronald Volgers discovered that a race condition in mount.cifs
allows local users to mount remote filesystems over arbitrary
mount points.

CVE-2010-0547

Jeff Layton discovered that missing input sanitising in mount.cifs
allows denial of service by corrupting /etc/mtab.

For the stable distribution (lenny), these problems have been fixed in
version 2:3.2.5-4lenny9.

For the unstable distribution (sid), these problems have been fixed in
version 2:3.4.5~dfsg-2.

We recommend that you upgrade your samba packages.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 5.0 alias lenny

Auf der Kommandozeile den Befehl top eingeben.

Dann werden alle laufenden Prozesse aufgelistet incl CPU Auslastung.

Mit q wird top beendet.

Package : linux-2.6
Vulnerability : privilege escalation/denial of service
Problem type : local/remote
Debian-specific: no
CVE Id(s) : CVE-2009-3080 CVE-2009-3726 CVE-2009-4005 CVE-2009-4020
CVE-2009-4021 CVE-2009-4536 CVE-2010-0007 CVE-2010-0410
CVE-2010-0415 CVE-2010-0622

NOTE: This kernel update marks the final planned kernel security
update for the 2.6.18 kernel in the Debian release 'etch'.
Although security support for 'etch' officially ended on
Feburary 15th, 2010, this update was already in preparation
before that date. A final update that includes fixes for these
issues in the 2.6.24 kernel is also in preparation and will be
released shortly.

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service or privilege escalation. The Common
Vulnerabilities and Exposures project identifies the following
problems:

CVE-2009-3080

Dave Jones reported an issue in the gdth SCSI driver. A missing
check for negative offsets in an ioctl call could be exploited by
local users to create a denial of service or potentially gain
elevated privileges.

CVE-2009-3726

Trond Myklebust reported an issue where a malicious NFS server
could cause a denial of service condition on its clients by
returning incorrect attributes during an open call.

CVE-2009-4005

Roel Kluin discovered an issue in the hfc_usb driver, an ISDN
driver for Colognechip HFC-S USB chip. A potential read overflow
exists which may allow remote users to cause a denial of service
condition (oops).

CVE-2009-4020

Amerigo Wang discovered an issue in the HFS filesystem that would
allow a denial of service by a local user who has sufficient
privileges to mount a specially crafted filesystem.

CVE-2009-4021

Anana V. Avati discovered an issue in the fuse subsystem. If the
system is sufficiently low on memory, a local user can cause the
kernel to dereference an invalid pointer resulting in a denial of
service (oops) and potentially an escalation of privileges.

CVE-2009-4536

Fabian Yamaguchi reported an issue in the e1000 driver for Intel
gigabit network adapters which allow remote users to bypass packet
filters using specially crafted ethernet frames.

CVE-2010-0007

Florian Westphal reported a lack of capability checking in the
ebtables netfilter subsystem. If the ebtables module is loaded,
local users can add and modify ebtables rules.

CVE-2010-0410

Sebastian Krahmer discovered an issue in the netlink connector
subsystem that permits local users to allocate large amounts of
system memory resulting in a denial of service (out of memory).

CVE-2010-0415

Ramon de Carvalho Valle discovered an issue in the sys_move_pages
interface, limited to amd64, ia64 and powerpc64 flavors in Debian.
Local users can exploit this issue to cause a denial of service
(system crash) or gain access to sensitive kernel memory.

CVE-2010-0622

Jermome Marchand reported an issue in the futex subsystem that
allows a local user to force an invalid futex state which results
in a denial of service (oops).

This update also fixes a regression introduced by a previous security
update that caused problems booting on certain s390 systems.

For the oldstable distribution (etch), this problem has been fixed in
version 2.6.18.dfsg.1-26etch2.

We recommend that you upgrade your linux-2.6, fai-kernels, and
user-mode-linux packages.

The following matrix lists additional source packages that were rebuilt for
compatability with or to take advantage of this update:

Debian 4.0 (etch)
fai-kernels 1.17+etch.26etch2
user-mode-linux 2.6.18-1um-2etch.26etch2

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 4.0 alias etch

Na dann brauchste mich doch gar nicht

Einfach aus der flvideo_setup.php den Teil für die Abfrage nach ffmpeg rausnehmen und dann installieren.