Säkerhetsbulletin från Debian
DSA-2071-1 libmikmod -- buffertspill
- Rapporterat den:
- 2010-07-14
- Berörda paket:
- libmikmod
- Sårbara:
- Ja
- Referenser i säkerhetsdatabaser:
- I Mitres CVE-förteckning: CVE-2009-3995, CVE-2009-3996.
- Ytterligare information:
-
Dyon Balding upptäckte buffertspill i ljudbiblioteket MikMod, vilka kunde leda till exekvering av godtycklig kod om en användare luras att öppna en felformaterad ljudfil för Impulse Tracker eller Ultratracker.
För den stabila utgåvan (Lenny) har dessa problem rättats i version 3.1.11-6+lenny1.
För den instabila utgåvan (Sid) har dessa problem rättats i version 3.1.11-6.2.
Vi rekommenderar att ni uppgraderar era libmikmod-paket.
- Rättat i:
-
Debian GNU/Linux 5.0 (lenny)
- Källkod:
- http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod_3.1.11-6+lenny1.dsc
- http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod_3.1.11.orig.tar.gz
- http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod_3.1.11-6+lenny1.diff.gz
- http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod_3.1.11.orig.tar.gz
- Alpha:
- http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2_3.1.11-a-6+lenny1_alpha.deb
- http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6+lenny1_alpha.deb
- http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6+lenny1_alpha.deb
- AMD64:
- http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2_3.1.11-a-6+lenny1_amd64.deb
- http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6+lenny1_amd64.deb
- http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6+lenny1_amd64.deb
- ARM:
- http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2_3.1.11-a-6+lenny1_arm.deb
- http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6+lenny1_arm.deb
- http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6+lenny1_arm.deb
- ARM EABI:
- http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2_3.1.11-a-6+lenny1_armel.deb
- http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6+lenny1_armel.deb
- http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6+lenny1_armel.deb
- HP Precision:
- http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2_3.1.11-a-6+lenny1_hppa.deb
- http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6+lenny1_hppa.deb
- http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6+lenny1_hppa.deb
- Intel IA-32:
- http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6+lenny1_i386.deb
- http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2_3.1.11-a-6+lenny1_i386.deb
- http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2_3.1.11-a-6+lenny1_i386.deb
- Intel IA-64:
- http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2_3.1.11-a-6+lenny1_ia64.deb
- http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6+lenny1_ia64.deb
- http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6+lenny1_ia64.deb
- Big-endian MIPS:
- http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2_3.1.11-a-6+lenny1_mips.deb
- http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6+lenny1_mips.deb
- http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6+lenny1_mips.deb
- Little-endian MIPS:
- http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6+lenny1_mipsel.deb
- http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2_3.1.11-a-6+lenny1_mipsel.deb
- http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2_3.1.11-a-6+lenny1_mipsel.deb
- PowerPC:
- http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6+lenny1_powerpc.deb
- http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2_3.1.11-a-6+lenny1_powerpc.deb
- http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2_3.1.11-a-6+lenny1_powerpc.deb
- IBM S/390:
- http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2_3.1.11-a-6+lenny1_s390.deb
- http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6+lenny1_s390.deb
- http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6+lenny1_s390.deb
- Sun Sparc:
- http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2_3.1.11-a-6+lenny1_sparc.deb
- http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6+lenny1_sparc.deb
- http://security.debian.org/pool/updates/main/libm/libmikmod/libmikmod2-dev_3.1.11-a-6+lenny1_sparc.deb
MD5-kontrollsummor för dessa filer finns i originalbulletinen.