Aviso de seguridad de Debian
DSA-998-1 libextractor -- varias vulnerabilidades
- Fecha del informe:
- 14 de mar de 2006
- Paquetes afectados:
- libextractor
- Vulnerable:
- Sí
- Referencias a bases de datos de seguridad:
- No se dispone, de momento, de referencias a otras bases de datos de seguridad externas.
- Información adicional:
-
Derek Noonburg ha corregido varias vulnerabilidades potenciales en xpdf, que también estaba presente en libextractor, una biblioteca para extraer metadatos arbitrarios de archivos.
La distribución estable anterior (woody) no contiene los paquetes de libextractor.
Para la distribución estable (sarge), estos problemas se han corregido en la versión 0.4.2-2sarge3.
Para la distribución inestable (sarge), estos problemas se han corregido en la versión 0.5.10-1.
Le recomendamos que actualice el paquete libextractor.
- Arreglado en:
-
Debian GNU/Linux 3.1 (sarge)
- Fuentes:
- http://security.debian.org/pool/updates/main/libe/libextractor/libextractor_0.4.2-2sarge3.dsc
- http://security.debian.org/pool/updates/main/libe/libextractor/libextractor_0.4.2-2sarge3.diff.gz
- http://security.debian.org/pool/updates/main/libe/libextractor/libextractor_0.4.2.orig.tar.gz
- http://security.debian.org/pool/updates/main/libe/libextractor/libextractor_0.4.2-2sarge3.diff.gz
- Alpha:
- http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge3_alpha.deb
- http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge3_alpha.deb
- http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge3_alpha.deb
- http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge3_alpha.deb
- AMD64:
- http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge3_amd64.deb
- http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge3_amd64.deb
- http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge3_amd64.deb
- http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge3_amd64.deb
- ARM:
- http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge3_arm.deb
- http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge3_arm.deb
- http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge3_arm.deb
- http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge3_arm.deb
- Intel IA-32:
- http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge3_i386.deb
- http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge3_i386.deb
- http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge3_i386.deb
- http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge3_i386.deb
- Intel IA-64:
- http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge3_ia64.deb
- http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge3_ia64.deb
- http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge3_ia64.deb
- http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge3_ia64.deb
- HPPA:
- http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge3_hppa.deb
- http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge3_hppa.deb
- http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge3_hppa.deb
- http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge3_hppa.deb
- Motorola 680x0:
- http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge3_m68k.deb
- http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge3_m68k.deb
- http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge3_m68k.deb
- http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge3_m68k.deb
- Big endian MIPS:
- http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge3_mips.deb
- http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge3_mips.deb
- http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge3_mips.deb
- http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge3_mips.deb
- Little endian MIPS:
- http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge3_mipsel.deb
- http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge3_mipsel.deb
- http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge3_mipsel.deb
- http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge3_mipsel.deb
- PowerPC:
- http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge3_powerpc.deb
- http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge3_powerpc.deb
- http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge3_powerpc.deb
- http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge3_powerpc.deb
- IBM S/390:
- http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge3_s390.deb
- http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge3_s390.deb
- http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge3_s390.deb
- http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge3_s390.deb
- Sun Sparc:
- http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge3_sparc.deb
- http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge3_sparc.deb
- http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge3_sparc.deb
- http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge3_sparc.deb
Las sumas MD5 de los ficheros que se listan están disponibles en el aviso original.