speak-freely is not in the debian archive at this point. If someone
wants it back, shouldn't this be a WNPP RRP bug? Cluttering up the list
of security holes in Debian, as this bug does now, is fairly pointless.
--
see shy jo
signature.asc
Description: Digital signature
FYI, from the DSA about this security hole:
For the unstable distribution (sid) this problem has been fixed in
version 0.9.45-6.
But it seems that version was never uploaded.
--
see shy jo
signature.asc
Description: Digital signature
Sorry, I seem to have typoed the assigned CVE for this hole. It's
CAN-2005-2347, not CAN-2005-2437. I'm sorry for the confusion and it
would be good if you could update your changelog in the next upload.
--
see shy jo
signature.asc
Description: Digital signature
notfound 322604 2.0.54-3
merge 307134 322604
thanks
Christian Hammers wrote:
Hello Apache maintainers,
please check if Debian is vulnerable to CAN-2005-1344 and make sure it
enters http://www.debian.org/security/crossreferences or the not-vulnerable
lists.
You can find a note that this bug
This RC bug has the effect of blocking the security fix in the new
version in unstable from reaching testing. I think that's remote
security holes are generally considered more invonvenient than
functionlity decreases, so I suggest downgrading this bug.
--
see shy jo
signature.asc
Description:
Here's an image to use to test if it's busybox or the kernel that's
causing the problem. This netboot image uses busybox-cvs:
http://kitenet.net/~joey/tmp/bb-cvs
--
see shy jo
signature.asc
Description: Digital signature
Here is a strace -s 4096 -xx as requested.
--
see shy jo
execve(/bin/ip, [\x69\x70, \x72\x6f\x75\x74\x65, \x61\x64\x64,
\x64\x65\x66\x61\x75\x6c\x74, \x76\x69\x61,
\x31\x39\x32\x2e\x31\x36\x38\x2e\x32\x2e\x31], [/* 10 vars */]) = 0
uname({sys=Linux, node=, ...}) = 0
brk(0)
This is CAN-2005-2612
--
see shy jo
signature.asc
Description: Digital signature
This hole has been assigned CAN-2005-2642, so please mention that in the
changelog when fixing.
--
see shy jo
signature.asc
Description: Digital signature
Package: xawtv
Severity: serious
xawtv build-depends on aalib1-dev. This library has been renamed, the
new package is named libaa1-dev. So xawtv will FTBFS.
Oddly, xawtv does not end up with a dependency on aalib/libaa at all,
despite the build dependency on the dev package. So does it even use
Matthias Klose wrote:
I think so, I wouldn't have submitted it else. python-support is not
yet finished, you agreed to changes, which aren't documented besides
on #irc. IMO it's better to propose these changes first and agree on
them. Other comments have been posted on debian-python as well.
Frank Lichtenheld wrote:
Yeah, that's indeed a problem. But that isn't solved by the current
implementation either. When I think about it there is now way the
-l option (if pointing to a directory that is not known to dpkg)
changes anything about the build currently since the local shlibs
Package: i2c
Severity: serious
i2c's kernel modules, such as i2c-2.4.27-1-386, are built against the
old version of the debian kernel package, with an abiname of 1, such as
kernel-image-2.4.27-1-386. The abiname has changed due to a security fix
that broke the module abi, and so the new package
+in Debian) -- use /var/run instead. Closes: #290047
+
+ -- Joey Hess [EMAIL PROTECTED] Tue, 18 Jan 2005 15:18:15 -0500
+
linux-wlan-ng (0.2.0+0.2.1pre21-1) unstable; urgency=low
* New upstream prerelease (Closes: #269678)
diff -ur old/linux-wlan-ng-0.2.0+0.2.1pre21/debian/linux-wlan-ng-resume
Package: imagemagick
Version: 6:6.0.6.2-1.6
Severity: grave
Tags: security patch
Our imagemagick package has a buffer overflow security hole, as
described here:
http://www.idefense.com/application/poi/display?id=184type=vulnerabilities
I've attached a patch sideported from Ubuntu.
-- System
Christian Hammers wrote:
I guess I will upload the patched packages for unstable then...
As far as I can see, you've uploaded mysql-dfsg-4.1, but have not fixed
mysql-dfsg. Could you please let me know when you've fixed mysql-dfsg
too so I can track it and make sure it reaches sarge.
--
see
Package: xpdf-reader
Version: 3.00-11
Severity: grave
Tags: patch security
xpdf is vulnerable to a buffer overflow that can be exploited by
malicious pdfs to execute arbitrary code. The hole is described here:
Wesley W. Terpstra wrote:
On Thu, Jan 20, 2005 at 02:59:00PM -0500, Joey Hess wrote:
initrd-tools 0.1.76 changed to abort on install to LVM if dmsetup was
not installed. I think this was a mistake. I'm ccing tbm, who made the
change.
I made the change.
Right, tbm only committed
I'll sponsor this upload to get the security fix in quickly.
--
see shy jo
signature.asc
Description: Digital signature
Making xshisen use O_EXCL when writing its rc file seems like the
easiest way to fix this hole, but I don't trust it, since O_EXCL doesn't
(always?) work on NFS, and a user's home directory could be on a NFS volume.
If I maintained this package I would look at its prior (miserable)
security
Goswin von Brederlow wrote:
concerning your
1. Unsafe resource file reading.
and
2. Unsafe XSHISENLIB environment variable.
Both of them, if exploitable, would be bugs in the Xrm or Xpm library
respectively.
The same argument can probably made against pretty much any X
Goswin von Brederlow wrote:
That might be true for X resource files and the docs sound realy scary
(also shown by your segfault). But aren't there any suid/sgid game
programs with xpm (or png or jpeg or any other complex lib for that
matter) support? Any kde/gnome program can probably be
+ * Comment out code in postinst that set up /var/games/xshisen.scores,
+but for now, do not delete that file on upgrade.
+ * Add README.Debian.
+
+ -- Joey Hess [EMAIL PROTECTED] Thu, 27 Jan 2005 02:42:26 -0500
+
xshisen (1.51-1-1.1) unstable; urgency=HIGH
* NMU
diff --new-file -ur
Package: less
Version: 382-2
Severity: grave
Tags: security patch
less is vulnerable to a head-based buffer overflow that can be triggered
by viewing certian binary files. This is theoretically exploitable by
providing a user with such a file and waiting for him to run less on it.
The problem
Package: f2c
Version: 20020621-2
Tags: security
Severity: grave
As described in CAN-2005-0017, CAN-2005-0018, and DSA-661-1, f2c uses
temporary files unsafely. A patch can probably be found in the update
from the DSA, this needs to be fixed in unstable.
-- System Information:
Debian Release: 3.1
Marco d'Itri wrote:
My package works as designed, but let me know if you can design
something better.
Oh, so it's udev that's responsible for what IIRC is a race that can
cause X to not see the ps/2 mouse if the module is loaded as part of X's
setup? Nice design. :-P
FWIW, we have worked
Thomas Schoepf wrote:
The bug is Redhat specific. It was introduced by a patch they apply to
less.
This is a comment taken from
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=145527
Additional Comment #15 From Josh Bressers (Security Response Team) on
2005-01-25 09:27 ---
Package: cpio
Version: 2.5-1.1
Severity: grave
Tags: security
I'm filing this bug report so we can track the progress of getting cpio
fixed in unstable. Since the DSA says soon, you've probably already
been contacted by the security team, so if you have an upload already
built just close this
DSA-665-1 was released about one of these holes (CAN-2005-0013). The
other one did not affect woody, so is not in the DSA. Both holes are
fixed in the new upstream version 2.2.6.
Note that the DSA also included some patches to change some sprintf's to
snprintf's. Whether this fixes any
Package: firehol
Version: 1.214-3
Severity: grave
Tags: security
I'm afraid that recent fixes still missed some unsafe temporary
directory uses in firehol. In firehol-lib.sh I see:
${CAT_CMD} /proc/config /tmp/kcfg.$$
Upstream patched this here:
Package: phpgroupware
Version: 0.9.16.003-1
Severity: grave
Tags: security
CAN-2004-1385 describes multiple security holes in phpgroupware:
phpGroupWare 0.9.16.003 and earlier allows remote attackers to gain sensitive
information via (1) unexpected characters in the session ID such as shell
Package: squid
Version: 2.5.7-4
Severity: grave
Tags: security
CAN-2005-0174 describes some security holes in squid:
Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache or
conduct certain attacks via headers that do not follow the HTTP specification,
including (1)
The new upstream release also fixes lots more security holes, which have
CAN numbers CAN-2004-1384 and CAN-2004-1383. Please reference all three
CAN numbers in your changelog.
--
see shy jo
signature.asc
Description: Digital signature
Thomas Viehmann wrote:
tag 290773 +security
tag 293906 +pending
merge 290773 293906
Joey Hess wrote:
The new upstream release also fixes lots more security holes, which have
CAN numbers CAN-2004-1384 and CAN-2004-1383. Please reference all three
CAN numbers in your changelog.
Sorry, I'm
Hamish Moffatt wrote:
I did an amd64 install last week from the (then) current install image
I said it was fixed in sid (in particular, it's fixed in hw-detect
1.12); you've not given me enough information to narrow it down between
one of perhaps 12 different images you could have used, and
Package: lesstif1-1
Severity: grave
Tags: security
CAN-2004-0914 describes multiple security holes in libxpm:
Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86
and other packages, include (1) multiple integer overflows, (2) out-of-bounds
memory accesses, (3)
Package: postgresql
Version: 7.4.7-1
Severity: grave
Tags: security patch
Multiple buffer overflows in gram.y for PostgreSQL 8.0.1 and earlier may allow
attackers to execute arbitrary code via (1) a large number of variables in a
SQL statement being handled by the read_sql_construct function, (2)
Package: mozilla-firefox
Version: 1.0+dfsg.1-5
Tags: security
Severity: grave
Martin Schulze wrote:
Please make sure these problems are fixed in the package in sarge.
When you need to upload a fixed package please add the CVE ids in
the proper changelog entry.
Let's file a bug for tracking..
I should note that this is different from the gram.y overflows fixed in
7.4.7 (CAN-2005-0245). The patch applies to debian's 7.4.7-1.
--
see shy jo
signature.asc
Description: Digital signature
Martin Schulze wrote:
Package: jsboard
Version: 2.0.10-2
Severity: grave
Tags: sarge sid security patch
Please fix the directory traversal vulnerability.
http://marc.theaimsgroup.com/?l=bugtraqm=110627201120011w=2
Details
===
PHP has a feature discarding the input values
Package: kdelibs-data
Version: 4:3.3.2-1
Tags: security
Severity: grave
We're vulnerable.
- Forwarded message from Davide Madrisan [EMAIL PROTECTED] -
From: Davide Madrisan [EMAIL PROTECTED]
Date: Fri, 11 Feb 2005 09:16:38 +0100
To: bugtraq@securityfocus.com
Subject: insecure temporary
Matthew Wilcox wrote:
On Mon, Feb 14, 2005 at 01:09:43PM -0500, Joey Hess wrote:
Matthew Wilcox wrote:
I think de4x5 should be a driver of last resort. Tulip should always
be preferred to drive a given piece of hardware. I wouldn't shed any
tears if we stopped shipping de4x5
Oh yeah the third approach of course is switching defaulting
APT::Get::AllowUnauthenticated on by default during the whole initial
install process (and possibly thereafter).
I don't know which I dislike more, that option, or the option of not
shipping CDs until this is properly fixed..
--
see
Michael Vogt wrote:
I have a branch with a APT::Authentication::Trust-CDROM
option. Turing it on would result in trusting any cdrom source.
Is that sufficient for your needs?
Yes, that in incoming today would be perfect. ;-)
--
see shy jo
signature.asc
Description: Digital signature
You asked for a CVE number. This is CVE-2005-3330.
--
see shy jo
signature.asc
Description: Digital signature
This bug seems to be full of discussion of sarge, and was closed until
3.0.14a-4 didn't make the cut for sarge. Does it also affect etch and
sid? If not, could you close it for those, so we can stop tracking it as
a security issue for them?
--
see shy jo
signature.asc
Description: Digital
Package: mozilla-thunderbird-locale-sv
Severity: grave
Version: 1.0-1
This package has tight versioned dependencies on an older version of
mozilla-thunderbird than is in testing. So it is blocking the new
version, and all of its security fixes, from reaching testing. It is
also uninstallable in
Package: mozilla-locale-fr
Severity: grave
Version: 2:1.7.11-1
This package has tight versioned dependencies on an older version of
mozilla-browser than is in testing. So it is blocking the new
version, and all of its security fixes, from reaching testing. It is
also uninstallable in unstable.
Package: mozilla-locale-it
Severity: grave
Version: 1.7.5-3
This package has tight versioned dependencies on an older version of
mozilla-browser than is in testing. So it is blocking the new
version, and all of its security fixes, from reaching testing. It is
also uninstallable in unstable.
It's
Got the package name wrong. mozilla-locale-it does have the same
problem, but is not in testing so does not block mozilla from reaching
testing. mozilla-locale-lt 1.7.7-1 is the problem.
--
see shy jo
signature.asc
Description: Digital signature
This bug report is too pedantic for me to waste my time on. A point for
point rebuttal would be demeaning. Would you rather I leave it open at
RC status indefinitely until someone takes pity on it and closes it, or
just orphan alien?
PS, I or a small perl script can probably find 1000 or more
Package: aptitude
Version: 0.4.0-2
Severity: grave
Tags: d-i
Justification: breaks installer
All installations of unstable now end as follows:
Need to get 23.3MB of archives. After unpacking 87.5MB will be used.
Writing extended state information... Error!
E: failed to rename
Karsten M. Self wrote:
Section C.4 of the Debian GNU/Linux Installation Guide is based on notes
I wrote for performing a chroot installation of Debian under an existing
GNU/Linux system.
The current version of the manual has modified this work, but is still
clearly based on the documents I
Rick Moen wrote:
I'm disappointed -- as an author and as a Debian user. This is no way
to treat a generous volunteer.
I'm afraid you've misconstrued my email, but since it was directed as
Karsten, I'm not going to bother to expand on it unless he
misunderstands it too. I prefer to write fewer
Karsten M. Self wrote:
debian-legal and DPL added to distribution.
I'm afraid that by escalating this unnecessarily, as well as resorting
to certian rhetoric (for which I cannot be bothered to do a
point-by-point rebuttal), you've convinced me it's best I bow out of the
discussion, permantly.
Matt Kraai wrote:
Package: busybox-cvs
Version: 20040623-1
Severity: serious
Tags: patch
This package fails to build from source with recent versions of
dpkg-dev:
cp .config
cp: missing destination file
Try `cp --help' for more information.
make: ***
Package: kernel-image-speakup-i386-2.4.27
Severity: grave
With gcc 4.0 the defult compiler, this package FTBFS. Probably need to
point HOSTCC at an earlier gcc version.
This package also has numerous security holes, since it's missing all
security fixes in the two kernel-source releases since
Package: oftpd
Severity: serious
Tags: security
oftpd is vulnerable to anothere security hole. This time a crafted FTP
USER command can cause a crash. Since a buffer overflow is involved,
it's possible that this can be used to execute arbitrary code.
Details here:
Package: xpvm
Severity: serious
Tags: security
According to http://secunia.com/advisories/16040:
Eric Romang has reported a vulnerability in xpvm, which can be exploited by
malicious, local users to perform certain actions on a vulnerable system with
escalated privileges.
The
Package: phppgadmin
Severity: serious
Tags: security
Encoded directory traversal vulnerability in phpPgAdmin 3.1 to 3.5.3 allows
remote attackers to access arbitrary files via %2e%2e%2f (encoded dot dot)
sequences in the formLanguage parameter.
--
Package: heartbeat
Severity: serious
Tags: security
According to http://secunia.com/advisories/16039:
Eric Romang has reported a vulnerability in heartbeat, which can be exploited
by malicious, local users to perform certain actions on a vulnerable system
with escalated privileges.
The
Package: gnats
Severity: grave
According to http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2180 :
gen-index in GNATS 4.0, 4.1.0, and possibly earlier versions, when installed
setuid, does not properly check files passed to the -o argument and opens the
file with write access,
Package: mozilla-browser
Version: 2:1.7.8-1
Severity: serious
Tags: security
I've successfully crashed this version of mozilla using the proof of
concept exploits linked to from
http://marc.theaimsgroup.com/?l=bugtraqm=112008299210033w=2
mozilla-firefox 1.0.5-1 doesn't crash.
This is
Daniel Schepler wrote:
PERL_DL_NONLAZY=1 /usr/bin/perl -MExtUtils::Command::MM -e
test_harness(0, 'inc', 'blib/lib', 'blib/arch') t/append_header.t
t/auto_search.t t/body.t t/cache.t t/complex_expression.t t/count.t t/date.t
t/date_manip.t t/header.t t/help.t t/ignore_signatures.t
Matt Kraai wrote:
tag 317861 patch
thanks
The attached patch fixes this bug. OK to commit?
If that's the best way, please go ahead. We need to get the package
building again.
--
see shy jo
signature.asc
Description: Digital signature
Package: discover1-data-udeb
Severity: grave
Tags: d-i
The recent move of the data files was botched; now they are in
/usr/discover of all places in the udeb, and the discover binary expects
them in /lib/discover, and fails to find any hardware, so d-i no longer
works:
# discover --format=%m:%V
+++ discover1-data-1.2005.07.12/debian/changelog2005-07-17
13:53:37.0 -0400
@@ -1,3 +1,11 @@
+discover1-data (1.2005.07.12.0.1) unstable; urgency=low
+
+ * NMU to un-break d-i.
+ * Ship the udeb's data files in /lib/discover same as the deb, so discover
+can find them.
+
+ -- Joey Hess
The part of this bug report that concerns a cross site scripting attack
has been assigned CAN-2005-2350. Please mention that in the changelog
when fixing it.
The latter half of this bug seems to indicate that websieve's
lack of escaping of user input can break the program, and
possibly allow
CVE id CAN-2005-2354 has been assigned for this security issue, with the
rationalle that the essential hole is that nvu contains a duplicate
copy of a library instead of linking to a version that is
security maintained.
Please refer in the changelog to that CVE id if you fix the bug by
making it
This bug has been assigned CVE id CAN-2005-2437; please mention that in
the changelog when fixing the bug.
--
see shy jo
signature.asc
Description: Digital signature
This hole has been assigned CVE id CAN-2005-2349; please mention that in
the changelog when fixing it.
--
see shy jo
signature.asc
Description: Digital signature
Package: xemeraldia
Version: 0.3-29
Severity: grave
Tags: security
In the progress of removing the sgid bit from xemeraldia as a routing
preventative measure, I noticed that Xemeraldia's score file is
controlled by an X resource. Therefore, it can trivially be used to
overwrite any file on the
Note that this is fixed in the new upsteam release by Nico at
http://www.reloco.com.ar/xemeraldia/
--
see shy jo
signature.asc
Description: Digital signature
Package: uudeview
Version: 0.5.20-2
Severity: serious
Tags: security
CAN-2004-2265 is a security hole in uudeview, although you won't find
much useful info in the advisories associated with that CAN.
After downloading OpenPKG's fix from
Package: vpopmail-bin
Severity: grave
Tags: security
vpopmail has a couple of security holes:
CAN-2004-2239 a buffer overflow in vsybase.c
Originally reported here:
http://archives.neohapsis.com/archives/bugtraq/2004-08/0226.html
Confirmed by author as fixed in cvs here:
Pawel Wiecek wrote:
On Jul 30, 11:22am, Joey Hess wrote:
Finally, the reason this bug is grave, vpopmail's author says that
version 5.4.6 contains fixed for SQL injection vulnerabilities which
This one doesn't apply to current Debian package.
Ok, in that case this bug report is not RC
Package: elmo
Severity: serious
Justification: no longer builds from source
Build from source seems to fail due to elmo.inc not being generated by
the Makefiles:
make[3]: Entering directory `/home/joey/tmp/elmo-1.3.0/src'
if i486-linux-gnu-gcc -DHAVE_CONFIG_H -I. -I. -I..-Wall
I can confirm that fam 2.7.0-7 fixes this problem.
It's a real pity sarge shipped with the broken version.
--
see shy jo
signature.asc
Description: Digital signature
Daniel Jacobowitz wrote:
On Wed, Sep 21, 2005 at 10:32:06AM -0700, Joey Hess wrote:
tag 284741 + fixed
Thanks! Jeff Bailey is going to be adopting bogl, and hopefully he can
give it some overdue attention.
Oh yeah, here's the NMU diff, since the patch in the BTS wasn't quite
enough
Here's the best patch I've been able to find for this so far.
--
see shy jo
--- linux/arch/i386/kernel/apm.c.seg2005-03-27 13:10:45.0 -0800
+++ linux/arch/i386/kernel/apm.c2005-03-28 10:30:24.0 -0800
@@ -327,7 +327,7 @@ extern int (*console_blank_hook)(int);
* Save
Horms wrote:
On Thu, Sep 22, 2005 at 08:10:10AM +0200, Joey Hess wrote:
Here's the best patch I've been able to find for this so far.
This is completely weird, any ideas why this hasn't shown up before?
Apparently it's known breakage caused by the new binutils that I guess
only just reached
Horms wrote:
Ok, that makes sense. Let me know if the build completes and if so
I'll add it to the tree.
Build completed. Kernel seems ok.
--
see shy jo
signature.asc
Description: Digital signature
John, your patch looks ok. Not pretty, but looks like it will close the
holes.
--
see shy jo
signature.asc
Description: Digital signature
Done. The packages have just been uploaded, I overlooked this bug report
though. Will close it when the packages are accepted. Martin Schulze is
working on the DSA.
No, close your bugs in the changelog. This avoids massively wasting my
time and erm, lets us know the bug was fixed.
Which it
Christian Hammers wrote:
(first, what means UTFC in the subject?)
Use The Changelog.
mysql-dfsg-4.1 was affected and needs a DSA. Would it be correct if I
close the bug in unstable also the bug is still present in stable?
(I could have used found tags though).
Just use Closes: in the
Blars Blarson wrote:
debian-installer failed to build on my sparc pbuilder:
(it failed on a sparc buildd due to /proc not being mounted)
if [ -d ./tmp/sparc64_netboot-2.6/tree/etc/udev ] || [ -d
./tmp/sparc64_netboot-2.6/tree/etc/hotplug ]; then \
find
Package: apt
Version: 0.6.41
Severity: grave
Tags: d-i
All current etch netinst and full CDs fail to install now, since secure
apt has entered testing[1]. Apt complains that packages can't be
authenticated, since the CD does not include signed Release files.
Unless this is fixed very soon, the
Dafydd Harries wrote:
Since I don't have a copy of the original security patch, I tried to
extract the changes by interdiffing the fixed stable version with the
latest unstable version. The changes to network.c and typespeed.c apply
cleanly, but the changes to file.c don't. I'm working on
Package: kernel-image-2.4.27-speakup
Version: 2.4.27-1
Severity: grave
Tags: security
This package is not yet rebuilt against a current kernel-source package,
so is still vulnerable to the security holes CAN-2005-0001,
CAN-2004-1235, etc.
BTW, shouldn't the kernel package name include an abi
Package: bidwatcher
Severity: serious
Tags: security
Filing this bug since I do not see a bug on file for the issue described
in the DSA below, or a fixed package.
- Forwarded message from Martin Schulze [EMAIL PROTECTED] -
From: Martin Schulze [EMAIL PROTECTED]
Date: Fri, 18 Feb 2005
Package: bidwatcher
Version: 1.3.17-1
Severity: serious
The new version FTBFS everywhere.
g++ -DHAVE_CONFIG_H -I. -I. -I. -g -O2 -Wall -I/usr/include/gtk-1.2
-I/usr/include/glib-1.2 -I/usr/lib/glib/include -c bidwatcher.cpp
In file included from bidwatcher.cpp:57:
Package: mooix
Severity: serious
I'm filing this bug to block mooix from releasing with sarge. I don't
feel that mooix will be suitable for being included in a Debian release
until it reaches version 1.0. Given that development is fairly stalled,
who knows when that will happen. There are quite a
Package: irm
Version: 1.5.1.1-2
Severity: serious
Tags: security
CVE: CAN-2005-0505
According to
http://sourceforge.net/project/shownotes.php?release_id=306629 :
IRM 1.5.2.1 fixes a potential security flaw in the LDAP login code. All
users (especially those running on LDAP) are urged to
+upgrading.
+
+ -- Joey Hess [EMAIL PROTECTED] Fri, 25 Feb 2005 15:27:22 -0500
+
kernel-image-speakup-i386 (2.4.27-1) unstable; urgency=low
* New kernel minor version (closes: #266900)
diff -ur old/kernel-image-speakup-i386-2.4.27/debian/control
kernel-image-speakup-i386-2.4.27/debian
I'm NMUing the speakup kernel so we can get the security fixes in place
in time for d-i rc3. I've attached the NMU diff.
I'm not very pleased to have to do this, since while I've tested the new
kernel in d-i, I don't have the actual hardware or knowledge to test the
speakup bits of it. The patch
Package: udev
Version: 0.053-1
Severity: grave
I installed gnome on a running system and this pulled in udev. After the
installation was complete, I noticed that /dev/null was not a device,
was only writable by root, and probably contained some output redirected from
some program that ran during
Package: exim4-config
Version: 4.50-2
Severity: grave
Justification: breaks debian installation
base-config runs a dpkg-reconfigure exim4-config as part of the Debian
installation process so users get a chance to configure exim, which is
initially installed noninteractively by debootstrap.
With
Package: mozilla-browser
Version: 2:1.7.5-1
Severity: grave
Tags: security
Please see http://www.mozilla.org/security/announce/mfsa2005-15.html; I
have not verified but since our mozilla is before the 1.7.6 upstream
that fixed this bug, I guess we're vulnerable to it.
Please refer to
Package: squid
Version: 2.5.9-1
Severity: serious
Tags: patch
Please see
http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE9-setcookie
A race window has been discovered where Set-Cookie headers may leak to another
users if the requested server relies on the now (since 1997)
Package: kernel-patch-adamantix
Version: 1.6
Severity: grave
Tags: security
PaX is included in kernel-patch-adamantix.
- Forwarded message from [EMAIL PROTECTED] -
From: [EMAIL PROTECTED]
Date: Sat, 05 Mar 2005 01:43:44 +0100
To: bugtraq@securityfocus.com
Cc:
1 - 100 of 593 matches
Mail list logo