The Debian Security Team published a new security update for Debian GNU/Linux. Here the announcement:
"-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ------------------------------------------------------------------------
Debian Security Advisory DSA-1624-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
July 31, 2008 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : libxslt
Vulnerability : buffer overflows
Problem type : local(remote)
Debian-specific: no
CVE Id(s) : CVE-2008-2935
Chris Evans discovered that a buffer overflow in the RC4 functions of
libexslt may lead to the execution of arbitrary code.
For the stable distribution (etch), this problem has been fixed in
version 1.1.19-3.
For the unstable distribution (sid), this problem will be fixed soon.
We recommend that you upgrade your libxslt packages.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
- -------------------------------
Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/libx/libxslt/libxslt_1.1.19.orig.tar.gz
Size/MD5 checksum: 2799906 622e5843167593c8ea39bf86c66b8fcf
http://security.debian.org/pool/updates/main/libx/libxslt/libxslt_1.1.19-3.diff.gz
Size/MD5 checksum: 149686 b62a7dd0aa648576a266cd20d634c216
http://security.debian.org/pool/updates/main/libx/libxslt/libxslt_1.1.19-3.dsc
Size/MD5 checksum: 849 7d98fdda0079574b360d4a6e2a12e2be
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/libx/libxslt/xsltproc_1.1.19-3_alpha.deb
Size/MD5 checksum: 107264 4aac707640a9fcf9aabcd42336b38be3
http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dbg_1.1.19-3_alpha.deb
Size/MD5 checksum: 365058 0e966c67dfbc374141960789fcbe96ab
http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dev_1.1.19-3_alpha.deb
Size/MD5 checksum: 690408 a431dcc2f32428677e7b737b971e0f9e
http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1.1_1.1.19-3_alpha.deb
Size/MD5 checksum: 230788 55d88a4f39eeccf4a21cd2b335c35ae5
http://security.debian.org/pool/updates/main/libx/libxslt/python-libxslt1_1.1.19-3_alpha.deb
Size/MD5 checksum: 131312 ce983f9b6de55027f803e39d1dda2a25
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dbg_1.1.19-3_amd64.deb
Size/MD5 checksum: 362484 c91d2d5458f6de4002b4401f5675b742
http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1.1_1.1.19-3_amd64.deb
Size/MD5 checksum: 225658 6d4a52da7c2ca5a4280b06bdf03875e0
http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dev_1.1.19-3_amd64.deb
Size/MD5 checksum: 630884 06616b7e52d2fc80530302c7d3acd540
http://security.debian.org/pool/updates/main/libx/libxslt/xsltproc_1.1.19-3_amd64.deb
Size/MD5 checksum: 106562 7782d3653528b848ce1d98455f790196
http://security.debian.org/pool/updates/main/libx/libxslt/python-libxslt1_1.1.19-3_amd64.deb
Size/MD5 checksum: 131782 8e9ed3c7418725e1853ae5ccbd082c9b
arm architecture (ARM)
http://security.debian.org/pool/updates/main/libx/libxslt/xsltproc_1.1.19-3_arm.deb
Size/MD5 checksum: 106452 9ef81b83e04979147310ec62d2682550
http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dbg_1.1.19-3_arm.deb
Size/MD5 checksum: 346610 29566f2276ff440e778dac5fb667f346
http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dev_1.1.19-3_arm.deb
Size/MD5 checksum: 613436 a9a4ebc76beb7ca67f9a7e92e8029ca7
http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1.1_1.1.19-3_arm.deb
Size/MD5 checksum: 213438 2c16e6911e26b8fb360aabd16281c0f6
http://security.debian.org/pool/updates/main/libx/libxslt/python-libxslt1_1.1.19-3_arm.deb
Size/MD5 checksum: 126468 b97c69ae48a06fd09a41fadc7c00366c
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dev_1.1.19-3_hppa.deb
Size/MD5 checksum: 659318 c0f64453ca8cb8dbe9f3970cf157b3ab
http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1.1_1.1.19-3_hppa.deb
Size/MD5 checksum: 238420 a7c8f14314bdb82fc51ec1578f4efad3
http://security.debian.org/pool/updates/main/libx/libxslt/xsltproc_1.1.19-3_hppa.deb
Size/MD5 checksum: 107274 3fc49ac897c34e339b3f496700bdfd5e
http://security.debian.org/pool/updates/main/libx/libxslt/python-libxslt1_1.1.19-3_hppa.deb
Size/MD5 checksum: 132222 3f4dc4e5f1162e819bc534c610fad3dc
http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dbg_1.1.19-3_hppa.deb
Size/MD5 checksum: 360748 a8c4ae1c8f2e8c348c852a0931f762c5
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/libx/libxslt/xsltproc_1.1.19-3_i386.deb
Size/MD5 checksum: 105974 ea524e8b733c0aa52b797692ee2619b6
http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1.1_1.1.19-3_i386.deb
Size/MD5 checksum: 216014 27edcf6172b7d9b5b304bf2265ce6e48
http://security.debian.org/pool/updates/main/libx/libxslt/python-libxslt1_1.1.19-3_i386.deb
Size/MD5 checksum: 128718 3bb1df547e3b5312a382bda417a23bc6
http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dbg_1.1.19-3_i386.deb
Size/MD5 checksum: 352132 a7707c2b2a1014f61b79383d639c734f
http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dev_1.1.19-3_i386.deb
Size/MD5 checksum: 589190 ea9dbf9647d07f026c6b1fd40c0a2546
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dbg_1.1.19-3_ia64.deb
Size/MD5 checksum: 364096 277f76958053137cd94f84d3543bfd75
http://security.debian.org/pool/updates/main/libx/libxslt/xsltproc_1.1.19-3_ia64.deb
Size/MD5 checksum: 110406 2636a094ea4494abb2d972c6a7911689
http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dev_1.1.19-3_ia64.deb
Size/MD5 checksum: 688406 f8a2642f68f1afb6c2fe980acaef4db5
http://security.debian.org/pool/updates/main/libx/libxslt/python-libxslt1_1.1.19-3_ia64.deb
Size/MD5 checksum: 135214 69e26e4d34a753112f8b4101f7c39812
http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1.1_1.1.19-3_ia64.deb
Size/MD5 checksum: 286960 5e0ade1cf276e946cfd1a7f12160c7a0
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dev_1.1.19-3_mips.deb
Size/MD5 checksum: 650964 68b73cf1d94f9e3df9bb5673270a3e4d
http://security.debian.org/pool/updates/main/libx/libxslt/python-libxslt1_1.1.19-3_mips.deb
Size/MD5 checksum: 128984 334fcd884357833ef1ba40e9753d856b
http://security.debian.org/pool/updates/main/libx/libxslt/xsltproc_1.1.19-3_mips.deb
Size/MD5 checksum: 106670 d93d383465f3c7943c82dcd65d1ac560
http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1.1_1.1.19-3_mips.deb
Size/MD5 checksum: 213704 9f9fce502a07f2466b39ff4bf7ef58b0
http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dbg_1.1.19-3_mips.deb
Size/MD5 checksum: 374008 12305da936211d86b13a7c98090391cb
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dev_1.1.19-3_mipsel.deb
Size/MD5 checksum: 625304 53e74fce7300247478e318878b06a863
http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dbg_1.1.19-3_mipsel.deb
Size/MD5 checksum: 365834 48789b75049ec966939982fafa7fa83e
http://security.debian.org/pool/updates/main/libx/libxslt/xsltproc_1.1.19-3_mipsel.deb
Size/MD5 checksum: 106716 d99ec4062b95d872f66a4a68cbd4bb60
http://security.debian.org/pool/updates/main/libx/libxslt/python-libxslt1_1.1.19-3_mipsel.deb
Size/MD5 checksum: 128606 3ec247d95450b7091ffef7df0adad247
http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1.1_1.1.19-3_mipsel.deb
Size/MD5 checksum: 213946 5ebc6eb3e75d70a0c093b2e9d65884d7
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1.1_1.1.19-3_powerpc.deb
Size/MD5 checksum: 223150 195bcb8c18c3024d4dbf15ad06d3d96c
http://security.debian.org/pool/updates/main/libx/libxslt/xsltproc_1.1.19-3_powerpc.deb
Size/MD5 checksum: 108146 332071c2aabb087b7ee3e6a12e6d2633
http://security.debian.org/pool/updates/main/libx/libxslt/python-libxslt1_1.1.19-3_powerpc.deb
Size/MD5 checksum: 130170 1f2348ff3cb769eb72bb5a941afc1124
http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dev_1.1.19-3_powerpc.deb
Size/MD5 checksum: 612084 76ca146446c6470fab227e5cf4b91445
http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dbg_1.1.19-3_powerpc.deb
Size/MD5 checksum: 367182 ec6a577956bedc887267bc6185abcedd
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dev_1.1.19-3_s390.deb
Size/MD5 checksum: 601870 11a81ef5cf32bb11102b43b62c1d1371
http://security.debian.org/pool/updates/main/libx/libxslt/xsltproc_1.1.19-3_s390.deb
Size/MD5 checksum: 106834 f3ed9fc6410f2f78de38348736116eee
http://security.debian.org/pool/updates/main/libx/libxslt/python-libxslt1_1.1.19-3_s390.deb
Size/MD5 checksum: 131760 1d7705741271ea0227cdf15eae46f846
http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1.1_1.1.19-3_s390.deb
Size/MD5 checksum: 226842 7700a4e49d319d5726074de70ff9a68f
http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dbg_1.1.19-3_s390.deb
Size/MD5 checksum: 359430 f11c56a8baaa1bd61ef074324aea9068
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dev_1.1.19-3_sparc.deb
Size/MD5 checksum: 599292 568ee2c44a15e4d5b1d27abb5f3f80ad
http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1.1_1.1.19-3_sparc.deb
Size/MD5 checksum: 218166 953db53eba1934c6279875e4ff8b6834
http://security.debian.org/pool/updates/main/libx/libxslt/xsltproc_1.1.19-3_sparc.deb
Size/MD5 checksum: 106372 c9eae6bbdde15ada4613922ab216c6ed
http://security.debian.org/pool/updates/main/libx/libxslt/python-libxslt1_1.1.19-3_sparc.deb
Size/MD5 checksum: 129172 8a97bb6cd74fe353383be290ea14298b
http://security.debian.org/pool/updates/main/libx/libxslt/libxslt1-dbg_1.1.19-3_sparc.deb
Size/MD5 checksum: 337986 2f869f832a7ecdcb7a6ae50b12d0e916
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show ' and http://packages.debian.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkiSHgUACgkQXm3vHE4uylqklACgqpn4TCMTytxvAJYBaGdEKAYe
w00AoObSWdP8IKI3e1DnEPisiPRUlUFV
=Oc7f
-----END PGP SIGNATURE-----
"
KeynotePro updates Palo Alto Keynote themes
DSA 1589-1: New libxslt packages fix execution of arbitrary code
Apple ships massive Mac OS X 10.4 security upgrade
This entry was posted
on 9:43 AM
.
Archives
-
▼
2008
(457)
-
▼
August
(65)
- CESA-2008:0836 Moderate CentOS 5 x86_64 libxml2 Up...
- CESA-2008:0849 Important CentOS 5 x86_64 ipsec-too...
- RHSA-2008:0847-01 Important: libtiff security and ...
- RHSA-2008:0848-01 Important: libtiff security and ...
- RHSA-2008:0863-01 Important: libtiff security update
- CESA-2008:0836 Moderate CentOS 5 i386 libxml2 Update
- CESA-2008:0836 Moderate CentOS 3 x86_64 libxml2 - ...
- CESA-2008:0836 Moderate CentOS 3 i386 libxml2 - se...
- Intel acquires Linux distro developer
- RHSA-2008:0648-01 Important: tomcat security update
- RHSA-2008:0849-01 Important: ipsec-tools security ...
- CESA-2008:0839 Moderate CentOS 4 ia64 postfix - se...
- DSA 1631-1: New libxml2 packages fix denial of ser...
- MIDs offer Atom, HSDPA
- CESA-2008:0836 Moderate CentOS 4 s390(x) libxml2 -...
- CESA-2008:0836 Moderate CentOS 4 ia64 libxml2 - se...
- Kubuntu 8.10 Alpha 4 Review
- CESA-2008:0855 Critical CentOS 4 s390(x) openssh -...
- Contentteller Release Candidate 2 available
- Creating Advanced MySQL-Based Virtual Hosts On Lig...
- openSUSE 11.1 Alpha 2
- DSA 1629-2: New postfix packages fix installabilit...
- USN-636-1: Postfix vulnerability
- RHSA-2008:0815-01 Moderate: yum-rhn-plugin securit...
- Intel aims x86 at digital TVs
- Intel unveils dual-core Atom
- GLSA 200808-12 Postfix: Local privilege escalatio...
- AMD Radeon HD 4870 X2 On Linux
- DSA 1629-1: New postfix packages fix privilege esc...
- RHSA-2008:0818-02 Moderate: hplip security update
- RHSA-2008:0814-01 Moderate: condor security and bu...
- Ubuntu Linux 8.10 Alpha-4 released
- No title
- No title
- How To Set Up WebDAV With Lighttpd On Debian Etch
- RHSA-2008:0816-01 Moderate: condor security and bu...
- Contentteller Release Candidate 1 available
- GLSA 200808-09 OpenLDAP: Denial of Service vulner...
- DSA 1627-1: New PowerDNS packages reduce DNS spoof...
- GLSA 200808-11 UUDeview: Insecure temporary file ...
- GLSA 200808-10 Adobe Reader: User-assisted execut...
- GLSA 200808-07 ClamAV: Multiple Denials of Service
- ispCP Omega 1.0.0 RC6 released
- GLSA 200808-08 stunnel: Security bypass
- GLSA 200808-03 Mozilla products: Multiple vulnera...
- RHSA-2008:0612-01 Important: kernel security and b...
- Lightweight GNOME alternative emerges
- GLSA 200808-06 libxslt: Execution of arbitrary code
- GLSA 200808-04 Wireshark: Denial of Service
- At last -- native apps for Motorola Linux phones
- USN-626-2: Devhelp, Epiphany, Midbrowser and Yelp ...
- GLSA 200808-01 xine-lib: User-assisted execution ...
- How To Install The Zimbra Desktop Email Client On ...
- Fedora 10 Alpha
- GLSA 200807-15 Pan: User-assisted execution of ar...
- USN-633-1: libxslt vulnerabilities
- Installing And Using OpenVZ On CentOS 5.2
- DSA 1625-1: New cupsys packages fix arbitrary code...
- USN-634-1: OpenLDAP vulnerability
- RHSA-2008:0790-02 Critical: java-1.5.0-ibm securit...
- Netbooks growing -- in two ways
- DSA 1624-1: New libxslt packages fix arbitrary cod...
- DSA 1626-1: New httrack packages fix arbitrary cod...
- USN-626-1: Firefox and xulrunner vulnerabilities
- DSA 1623-1: New dnsmasq packages fix cache poisoning
-
▼
August
(65)