Debians sikkerhedsbulletin
DSA-767-1 ekg -- heltalsoverløb
- Rapporteret den:
- 27. jul 2005
- Berørte pakker:
- ekg
- Sårbar:
- Ja
- Referencer i sikkerhedsdatabaser:
- I Mitres CVE-ordbog: CVE-2005-1852.
- Yderligere oplysninger:
-
Marcin Slusarz har opdaget to heltalsoverløbssårbarheder i libgadu, et bibliotek der leveres og anvendes af ekg, en Gadu Gadu-konsolklient og et chatprogram. Sårbarhederne kunne medføre udførelse af vilkårlig kode.
Biblioteket anvendes også af andre pakker som eksempelvis kopete, der bør genstartes for at kunne drage nytte af denne opdatering.
Den gamle stabile distribution (woody) indeholder ikke pakken ekg.
I den stabile distribution (sarge) er disse problemer rettet i version 1.5+20050411-5.
I den ustabile distribution (sid) er disse problemer rettet i version 1.5+20050718+1.6rc3-1.
Vi anbefaler at du opgraderer din ekg-pakke.
- Rettet i:
-
Debian GNU/Linux 3.1 (sarge)
- Kildekode:
- http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-5.dsc
- http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-5.diff.gz
- http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411.orig.tar.gz
- http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-5.diff.gz
- Alpha:
- http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-5_alpha.deb
- http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-5_alpha.deb
- http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-5_alpha.deb
- http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-5_alpha.deb
- ARM:
- http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-5_arm.deb
- http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-5_arm.deb
- http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-5_arm.deb
- http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-5_arm.deb
- Intel IA-32:
- http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-5_i386.deb
- http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-5_i386.deb
- http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-5_i386.deb
- http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-5_i386.deb
- Intel IA-64:
- http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-5_ia64.deb
- http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-5_ia64.deb
- http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-5_ia64.deb
- http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-5_ia64.deb
- HPPA:
- http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-5_hppa.deb
- http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-5_hppa.deb
- http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-5_hppa.deb
- http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-5_hppa.deb
- Motorola 680x0:
- http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-5_m68k.deb
- http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-5_m68k.deb
- http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-5_m68k.deb
- http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-5_m68k.deb
- Big endian MIPS:
- http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-5_mips.deb
- http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-5_mips.deb
- http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-5_mips.deb
- http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-5_mips.deb
- Little endian MIPS:
- http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-5_mipsel.deb
- http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-5_mipsel.deb
- http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-5_mipsel.deb
- http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-5_mipsel.deb
- PowerPC:
- http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-5_powerpc.deb
- http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-5_powerpc.deb
- http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-5_powerpc.deb
- http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-5_powerpc.deb
- IBM S/390:
- http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-5_s390.deb
- http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-5_s390.deb
- http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-5_s390.deb
- http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-5_s390.deb
- Sun Sparc:
- http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-5_sparc.deb
- http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-5_sparc.deb
- http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-5_sparc.deb
- http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-5_sparc.deb
MD5-kontrolsummer for de listede filer findes i den originale sikkerhedsbulletin.