Debian セキュリティ勧告
DSA-773-1 amd64 -- 複数の脆弱性
- 報告日時:
- 2005-08-11
- 影響を受けるパッケージ:
- several
- 危険性:
- あり
- 参考セキュリティデータベース:
- 現時点では、その他の外部参考セキュリティデータベースはありません。
- 詳細:
-
この勧告では安定版 (stable) amd64 ディストリビューションにセキュリティサポートを追加します。sarge リリース以後の全セキュリティ更新により更新されたパッケージのうち、 公式の amd64 移植版に欠けていたものをすべて対象としています。 将来のセキュリティ勧告ではこの移植版への更新が良好に含められる予定です。
- 修正:
-
Debian GNU/Linux 3.1 (sarge)
- DSA 762: several vulnerabilities
- http://security.debian.org/pool/updates/main/a/affix/affix_2.1.1-2_amd64.deb
- http://security.debian.org/pool/updates/main/a/affix/libaffix-dev_2.1.1-2_amd64.deb
- http://security.debian.org/pool/updates/main/a/affix/libaffix2_2.1.1-2_amd64.deb
- http://security.debian.org/pool/updates/main/a/affix/libaffix-dev_2.1.1-2_amd64.deb
- DSA 754: insecure temporary file
- http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge1_amd64.deb
- DSA 737: remote denial of service
- http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.1_amd64.deb
- http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.1_amd64.deb
- http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.1_amd64.deb
- http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.1_amd64.deb
- http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.1_amd64.deb
- http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.1_amd64.deb
- http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.1_amd64.deb
- DSA 733: insecure temporary files
- http://security.debian.org/pool/updates/main/c/crip/crip_3.5-1sarge2_amd64.deb
- DSA 742: buffer overflow
- http://security.debian.org/pool/updates/main/c/cvs/cvs_1.11.1p1debian-11_amd64.deb
- DSA 750: out-of-bound memory access
- http://security.debian.org/pool/updates/main/d/dhcpcd/dhcpcd_1.3.22pl4-21sarge1_amd64.deb
- DSA 760, DSA 767: several vulnerabilities
- http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-5_amd64.deb
- http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-5_amd64.deb
- http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-5_amd64.deb
- http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-5_amd64.deb
- DSA 749: format string error
- http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1-1sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/e/ettercap/ettercap-common_0.7.1-1sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/e/ettercap/ettercap-gtk_0.7.1-1sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/e/ettercap/ettercap-common_0.7.1-1sarge1_amd64.deb
- DSA 744: programming error
- http://security.debian.org/pool/updates/main/f/fuse/fuse-utils_2.2.1-4sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/f/fuse/libfuse-dev_2.2.1-4sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/f/fuse/libfuse2_2.2.1-4sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/f/fuse/libfuse-dev_2.2.1-4sarge2_amd64.deb
- DSA 734, DSA 7699: denial of service, memory alignment bug
- http://security.debian.org/pool/updates/main/g/gaim/gaim_1.2.1-1.4_amd64.deb
- http://security.debian.org/pool/updates/main/g/gaim/gaim-dev_1.2.1-1.4_amd64.deb
- http://security.debian.org/pool/updates/main/g/gaim/gaim-dev_1.2.1-1.4_amd64.deb
- DSA 753: format string
- http://security.debian.org/pool/updates/main/g/gedit/gedit_2.8.3-4sarge1_amd64.deb
- DSA 770: insecure tmpfile creation
- http://security.debian.org/pool/updates/main/g/gopher/gopher_3.0.7sarge1_amd64.deb
- DSA 761: insecure temporary files
- http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat_1.2.3-9sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat-dev_1.2.3-9sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/h/heartbeat/libpils-dev_1.2.3-9sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/h/heartbeat/libpils0_1.2.3-9sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/h/heartbeat/libstonith-dev_1.2.3-9sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/h/heartbeat/libstonith0_1.2.3-9sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/h/heartbeat/stonith_1.2.3-9sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/h/heartbeat/heartbeat-dev_1.2.3-9sarge2_amd64.deb
- DSA 758, DSA 765: buffer overflows
- http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients_0.6.3-10sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.6.3-10sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/h/heimdal/heimdal-dev_0.6.3-10sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/h/heimdal/heimdal-kdc_0.6.3-10sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers_0.6.3-10sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/h/heimdal/heimdal-servers-x_0.6.3-10sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/h/heimdal/libasn1-6-heimdal_0.6.3-10sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/h/heimdal/libgssapi1-heimdal_0.6.3-10sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/h/heimdal/libhdb7-heimdal_0.6.3-10sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/h/heimdal/libkadm5clnt4-heimdal_0.6.3-10sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/h/heimdal/libkadm5srv7-heimdal_0.6.3-10sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/h/heimdal/libkafs0-heimdal_0.6.3-10sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/h/heimdal/libkrb5-17-heimdal_0.6.3-10sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/h/heimdal/heimdal-clients-x_0.6.3-10sarge1_amd64.deb
- DSA 743: buffer overflows, integer overflows
- http://security.debian.org/pool/updates/main/h/ht/ht_0.8.0-2sarge4_amd64.deb
- DSA 757: buffer overflow, double-free memory
- http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.3.6-2sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.3.6-2sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.3.6-2sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.3.6-2sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.3.6-2sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.3.6-2sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.3.6-2sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.3.6-2sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.3.6-2sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.3.6-2sarge2_amd64.deb
- DSA 771: several vulnerabilities
- http://security.debian.org/pool/updates/main/p/pdns/pdns_2.9.17-13sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-geo_2.9.17-13sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-ldap_2.9.17-13sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-mysql_2.9.17-13sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-pgsql_2.9.17-13sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-pipe_2.9.17-13sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-sqlite_2.9.17-13sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/p/pdns/pdns-recursor_2.9.17-13sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/p/pdns/pdns-server_2.9.17-13sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-geo_2.9.17-13sarge1_amd64.deb
- DSA 725: missing privilege release
- http://security.debian.org/pool/updates/main/p/ppxp/ppxp_0.2001080415-10sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/p/ppxp/ppxp-dev_0.2001080415-10sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/p/ppxp/ppxp-tcltk_0.2001080415-10sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/p/ppxp/ppxp-x11_0.2001080415-10sarge2_amd64.deb
- http://security.debian.org/pool/updates/main/p/ppxp/ppxp-dev_0.2001080415-10sarge2_amd64.deb
- DSA 728: missing privilege release
- http://security.debian.org/pool/updates/main/q/qpopper/qpopper_4.0.5-4sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.0.5-4sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/q/qpopper/qpopper-drac_4.0.5-4sarge1_amd64.deb
- DSA 738: remote denial of service
- http://security.debian.org/pool/updates/main/r/razor/razor_2.670-1sarge2_amd64.deb
- DSA 748: bad default value
- http://security.debian.org/pool/updates/main/r/ruby1.8/libdbm-ruby1.8_1.8.2-7sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.2-7sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/r/ruby1.8/libopenssl-ruby1.8_1.8.2-7sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/r/ruby1.8/libreadline-ruby1.8_1.8.2-7sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8_1.8.2-7sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/r/ruby1.8/libruby1.8-dbg_1.8.2-7sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/r/ruby1.8/libtcltk-ruby1.8_1.8.2-7sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8_1.8.2-7sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/r/ruby1.8/ruby1.8-dev_1.8.2-7sarge1_amd64.deb
- http://security.debian.org/pool/updates/main/r/ruby1.8/libgdbm-ruby1.8_1.8.2-7sarge1_amd64.deb
- DSA 736: remote denial of service
- http://security.debian.org/pool/updates/main/s/spamassassin/spamc_3.0.3-2_amd64.deb
- DSA 735: pathname validation race
- http://security.debian.org/pool/updates/main/s/sudo/sudo_1.6.8p7-1.1sarge1_amd64.deb
- DSA-740, DSA 763: remote denial of service
- http://security.debian.org/pool/updates/main/z/zlib/zlib-bin_1.2.2-4.sarge.2_amd64.deb
- http://security.debian.org/pool/updates/main/z/zlib/zlib1g_1.2.2-4.sarge.2_amd64.deb
- http://security.debian.org/pool/updates/main/z/zlib/zlib1g-dev_1.2.2-4.sarge.2_amd64.deb
- http://security.debian.org/pool/updates/main/z/zlib/zlib1g_1.2.2-4.sarge.2_amd64.deb
一覧にあるファイルの MD5 チェックサムは勧告の原文にあります。