debian NEW UPDATES Debian

[Bruno]

Updates Debian Lennylibnspr4-0d 4.7.1-5 [124kB]Total 124 kBB) Bruno

[Bruno]

Updates Debian Lennypidgin-data 2.4.3-4lenny5 [7010kB]libpurple0 2.4.3-4lenny5 [1584kB]pidgin 2.4.3-4lenny5 [681kB]Total 9275 kBB) Bruno

[Bruno]

Updates Debian Lennylibcups2 1.3.8-1+lenny7 [166kB]libcupsimage2 1.3.8-1+lenny7 [99.4kB]cups-common 1.3.8-1+lenny7 [1175kB]cups 1.3.8-1+lenny7 [2057kB]cups-bsd 1.3.8-1+lenny7 [36.5kB]cups-client 1.3.8-1+lenny7 [115kB]libcupsys2 1.3.8-1+lenny7 [52.1kB]Total 3701 kBB) Bruno

[Bruno]

Updates Debian Lennylibgnutls26 2.4.2-6+lenny2 [464kB]Total 464 kBB) Bruno

[Bruno]

Updates Debian Lennylibgd2-noxpm 2.0.36~rc1~dfsg-3+lenny1 [221kB]Total 221 kBB) Bruno

[V.T. Eric Layton]

Updates Debian LennyPackage: php-mailSize: 21.4 kBVulnerability: programming errorProblem type: remoteDebian-specific: nohttp://packages.debian.org/lenny/php-mail~Eric

[V.T. Eric Layton]

Updates Debian LennyPackage : php5Vulnerability : multiple issuesProblem type : remoteDebian-specific: noPackage : popplerVulnerability : severalProblem type : local(remote)Debian-specific: no~Eric

[V.T. Eric Layton]

Updates Debian LennyPackage: wiresharkVulnerability: severalProblem type: remoteDebian-specific: no~Eric

[V.T. Eric Layton]

Updates Debian LennyPackages : openldap openldap2.3Vulnerability : insufficient input validationProblem type : remoteDebian-specific: noDebian bug : 553432~Eric

[V.T. Eric Layton]

Updates Debian LennyPackage: request-tracker3.4/request-tracker3.6Vulnerability: session hijackProblem type: remoteDebian-specific: noPackage: gforgeVulnerability: symlink attackProblem type: localDebian-specific: no~Eric

[V.T. Eric Layton]

Updates Debian LennyPackage: belpicVulnerability: cryptographic weaknessProblem type: remoteDebian-specific: noCVE Id: CVE-2009-0049Debian Bug: 511261~Eric

[V.T. Eric Layton]

Updates Debian LennyPackage : shibboleth-sp, shibboleth-sp2, opensaml2Vulnerability : missing input sanitisingProblem type : remoteDebian-specific: no~Eric

[V.T. Eric Layton]

Updates Debian LennyPackage : ntpVulnerability : denial of serviceProblem type : remoteDebian-specific: noDebian bug : 560074~Eric

[V.T. Eric Layton]

Updates Debian LennyPackage : php-net-pingVulnerability : programming errorProblem type : remoteDebian-specific: noCVE Id : CVE-2009-4024Package : webkitVulnerability : severalProblem type : remote (local)Debian-specific: noCVE Id : CVE-2009-0945 CVE-2009-1687 CVE-2009-1690 CVE-2009-1698 CVE-2009-1711 CVE-2009-1712 CVE-2009-1725 CVE-2009-1714 CVE-2009-1710 CVE-2009-1697 CVE-2009-1695 CVE-2009-1693 CVE-2009-1694 CVE-2009-1681 CVE-2009-1684 CVE-2009-1692Debian Bug : 532724 532725 534946 535793 538346~Eric

[V.T. Eric Layton]

Updates Debian LennyPackage : firefox-sageVulnerability : insufficient input sanitisingProblem type : remoteDebian-specific: noCVE Id : CVE-2009-4102Debian Bug : 559267Package : asterisk Vulnerability : several vulnerabilitiesProblem type : remote Debian-specific: no CVE ID : CVE-2009-0041 CVE-2008-3903 CVE-2009-3727 CVE-2008-7220 CVE-2009-4055 CVE-2007-2383Debian Bug : 513413 522528 554487 554486 559103 ~Eric

[V.T. Eric Layton]

Updates Debian LennyPackage : expatVulnerability : denial of serviceProblem type : remoteDebian-specific: noCVE Id : CVE-2009-3560Debian Bug : 560901~Eric

[V.T. Eric Layton]

Updates Debian LennyPackage : cacti Vulnerability : insufficient input sanitising Problem type : remote Debian-specific: no CVE Ids : CVE-2007-3112 CVE-2007-3113 CVE-2009-4032 Debian Bugs : 429224 Package : network-manager/network-manager-appletVulnerability : information disclosureProblem type : localDebian-specific: noCVE Id : CVE-2009-0365Debian Bug : 519801~Eric

[V.T. Eric Layton]

Updates Debian LennyPackage : xulrunnerVulnerability : severalProblem type : remoteDebian-specific: noCVE Id(s) : CVE-2009-3986 CVE-2009-3985 CVE-2009-3984 CVE-2009-3983 CVE-2009-3981 CVE-2009-3979~Eric

[V.T. Eric Layton]

Updates Debian Lenny- ------------------------------------------------------------------------Debian Security Advisory DSA-1959-1 security@debian.orghttp://www.debian.org/security/ Raphael GeissertDecember 19, 2009 http://www.debian.org/security/faq- ------------------------------------------------------------------------Package : ganetiVulnerability : missing input sanitationProblem type : local (remote)Debian-specific: noCVE Id(s) : CVE-2009-4261It was discovered that ganeti, a virtual server cluster manager, doesnot validate the path of scripts passed as arguments to certaincommands, which allows local or remote users (via the web interface inversions 2.x) to execute arbitrary commands on a host acting as acluster master.~Eric

[V.T. Eric Layton]

Updates Debian Lenny- ------------------------------------------------------------------------Debian Security Advisory DSA-1960-1 security@debian.orghttp://www.debian.org/security/ Raphael GeissertDecember 19, 2009 http://www.debian.org/security/faq- ------------------------------------------------------------------------Package : acpidVulnerability : programming errorProblem type : localDebian-specific: noCVE Id : CVE-2009-4235It was discovered that acpid, the Advanced Configuration and PowerInterface event daemon, on the oldstable distribution (etch) createsits log file with weak permissions, which might expose sensibleinformation or might be abused by a local user to consume all free diskspace on the same partition of the file.~Eric

[V.T. Eric Layton]

Updates Debian Lenny- ------------------------------------------------------------------------Debian Security Advisory DSA-1962 security@debian.orghttp://www.debian.org/security/ Giuseppe IuculanoDecember 23, 2009 http://www.debian.org/security/faq- ------------------------------------------------------------------------Package : kvmVulnerability : several vulnerabilitiesProblem type : localDebian-specific: noDebian bugs : 557739 562075 562076CVE Ids : CVE-2009-3638 CVE-2009-3722 CVE-2009-4031Several vulnerabilities have been discovered in kvm, a full virtualization system.The Common Vulnerabilities and Exposures project identifies thefollowing problems:CVE-2009-3638It was discovered an Integer overflow in the kvm_dev_ioctl_get_supported_cpuidfunction. This allows local users to have an unspecified impact via aKVM_GET_SUPPORTED_CPUID request to the kvm_arch_dev_ioctl function.CVE-2009-3722It was discovered that the handle_dr function in the KVM subsystem does notproperly verify the Current Privilege Level (CPL) before accessing a debugregister, which allows guest OS users to cause a denial of service (trap) on thehost OS via a crafted application.CVE-2009-4031It was discovered that the do_insn_fetch function in the x86 emulator in the KVMsubsystem tries to interpret instructions that contain too many bytes to bevalid, which allows guest OS users to cause a denial of service (increasedscheduling latency) on the host OS via unspecified manipulations related to SMPsupport.~Eric

[V.T. Eric Layton]

Updates Debian Lenny- ------------------------------------------------------------------------Debian Security Advisory DSA-1957-1 security@debian.orghttp://www.debian.org/security/ Steffen JoerisDecember 28, 2009 http://www.debian.org/security/faq- ------------------------------------------------------------------------Package : aria2Vulnerability : buffer overflowProblem type : local (remote)Debian-specific: noCVE Id : CVE-2009-3575Debian Bug : 551070It was discovered that aria2, a high speed download utility, is proneto a buffer overflow in the DHT routing code, which might lead to theexecution of arbitrary code.~Eric

[V.T. Eric Layton]

Updates Debian Lenny- ------------------------------------------------------------------------Debian Security Advisory DSA-1958-1 security@debian.orghttp://www.debian.org/security/ Raphael GeissertDecember 29, 2009 http://www.debian.org/security/faq- ------------------------------------------------------------------------Package : libtoolVulnerability : privilege escalationProblem type : localDebian-specific: noCVE Id(s) : CVE-2009-3736It was discovered that ltdl, a system-independent dlopen wrapper forGNU libtool, can be tricked to load and run modules from an arbitrarydirectory, which might be used to execute arbitrary code with theprivileges of the user running an application that uses libltdl.~Eric

[V.T. Eric Layton]

Updates Debian Lenny- ------------------------------------------------------------------------Debian Security Advisory DSA-1953-2 security@debian.orghttp://www.debian.org/security/ Stefan FritschDecember 31, 2009 http://www.debian.org/security/faq- ------------------------------------------------------------------------Package : expatVulnerability : denial of serviceProblem type : remoteDebian-specific: noCVE Id : CVE-2009-3560Debian Bug : 560901 561658The expat updates released in DSA-1953-1 caused a regression: In somecases, expat would abort with the message "error in processing externalentity reference".~Eric

[V.T. Eric Layton]

Updates Debian Lenny- ------------------------------------------------------------------------Debian Security Advisory DSA-1965 security@debian.orghttp://www.debian.org/security/ Giuseppe IuculanoJanuary 06, 2010 http://www.debian.org/security/faq- ------------------------------------------------------------------------Package : phpldapadminVulnerability : missing input sanitisingProblem type : remoteDebian-specific: noDebian bug : 561975CVE Id : CVE-2009-4427It was discovered that phpLDAPadmin, a web based interface for administeringLDAP servers, doesn't sanitize an internal variable, which allows remoteattackers to include and execute arbitrary local files.~Eric

[V.T. Eric Layton]

Updates Debian Lenny- ------------------------------------------------------------------------Debian Security Advisory DSA-1966-1 security@debian.orghttp://www.debian.org/security/ Steffen JoerisJanuary 07, 2010 http://www.debian.org/security/faq- ------------------------------------------------------------------------Package : horde3Vulnerability : insufficient input sanitisingProblem type : remoteDebian-specific: noCVE Ids : CVE-2009-3237 CVE-2009-3701 CVE-2009-4363Several vulnerabilities have been found in horde3, the horde web applicationframework. The Common Vulnerabilities and Exposures project identifiesthe following problems:CVE-2009-3237It has been discovered that horde3 is prone to cross-site scriptingattacks via crafted number preferences or inline MIME text parts whenusing text/plain as MIME type.For lenny this issue was already fixed, but as an additional securityprecaution, the display of inline text was disabled in the configurationfile.CVE-2009-3701It has been discovered that the horde3 administration interface is proneto cross-site scripting attacks due to the use of the PHP_SELF variable.This issue can only be exploited by authenticated administrators.CVE-2009-4363It has been discovered that horde3 is prone to several cross-sitescripting attacks via crafted data:text/html values in HTML messages.=====- ------------------------------------------------------------------------Debian Security Advisory DSA-1967-q security@debian.orghttp://www.debian.org/security/ Moritz MuehlenhoffJanuary 07, 2010 http://www.debian.org/security/faq- ------------------------------------------------------------------------Package : transmissionVulnerability : directory traversalProblem type : local(remote)Debian-specific: noCVE Id(s) : CVE-2010-0012Dan Rosenberg discovered that Transmission, a lightwight client forthe Bittorrent filesharing protocol performs insufficient sanitisingof file names specified in .torrent files. This could lead to theoverwrite of local files with the privileges of the user runningTransmission if the user is tricked into opening a malicious torrentfile.~Eric

[V.T. Eric Layton]

Updates Debian Lenny- ------------------------------------------------------------------------Debian Security Advisory DSA-1969-1 security@debian.orghttp://www.debian.org/security/ Giuseppe IuculanoJanuary 12, 2010 http://www.debian.org/security/faq- ------------------------------------------------------------------------Package : krb5Vulnerability : integer underflowProblem type : remoteDebian-specific: noCVE IDs : CVE-2009-4212Debian Bug : noneIt was discovered that krb5, a system for authenticating users and services on anetwork, is prone to integer underflow in the AES and RC4 decryption operations ofthe crypto library. A remote attacker can cause crashes, heap corruption, or,under extraordinarily unlikely conditions, arbitrary code execution.~Eric

[V.T. Eric Layton]

Updates Debian Lenny- ------------------------------------------------------------------------Debian Security Advisory DSA-1970-1 security@debian.orghttp://www.debian.org/security/ Stefan FritschJanuary 13, 2010 http://www.debian.org/security/faq- ------------------------------------------------------------------------Package : opensslVulnerability : denial of serviceProblem type : remoteDebian-specific: noCVE Id : CVE-2009-4355It was discovered that a significant memory leak could occur in openssl,related to the reinitialization of zlib. This could result in a remotelyexploitable denial of service vulnerability when using the Apache httpdserver in a configuration where mod_ssl, mod_php5, and the php5-curlextension are loaded.The old stable distribution (etch) is not affected by this issue.~Eric

[V.T. Eric Layton]

Updates Debian Lenny- ------------------------------------------------------------------------Debian Security Advisory DSA-1971-1 security@debian.orghttp://www.debian.org/security/ Giuseppe IuculanoJanuary 15, 2010 http://www.debian.org/security/faq- ------------------------------------------------------------------------Package : libthaiVulnerability : integer overflowProblem type : local (remote)Debian-specific: noCVE Id : CVE-2009-4012Tim Starling discovered that libthai, a set of Thai language support routines,is vulnerable of integer/heap overflow.This vulnerability could allow an attacker to run arbitrary code by sending a verylong string.~Eric

[V.T. Eric Layton]

Updates Debian Lenny- -------------------------------------------------------------------------Debian Security Advisory DSA-1972-1 security@debian.orghttp://www.debian.org/security/ Stefan FritschJanuary 17, 2010 http://www.debian.org/security/faq- -------------------------------------------------------------------------Package : audiofileVulnerability : buffer overflowProblem type : local (remote)Debian-specific: noCVE Id : CVE-2008-5824Debian bug : 510205Max Kellermann discovered a heap-based buffer overflow in the handlingof ADPCM WAV files in libaudiofile. This flaw could result in a denialof service (application crash) or possibly execution of arbitrary codevia a crafted WAV file.~Eric