thanks 2008/7/1, Steve Kemp <[EMAIL PROTECTED]>: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > - ------------------------------------------------------------------------ > Debian Security Advisory DSA-1600-1 [EMAIL PROTECTED] > http://www.debian.org/security/ Steve Kemp > July 01, 2008 http://www.debian.org/security/faq > - ------------------------------------------------------------------------ > > Package : sympa > Vulnerability : dos > Problem type : remote > Debian-specific: no > CVE Id(s) : CVE-2008-1648 > Debian Bug : 475163 > > It was discovered that sympa, a modern mailing list manager, would > crash when processing certain types of malformed messages. > > For the stable distribution (etch), this problem has been fixed in version > 5.2.3-1.2+etch1. > > For the unstable distribution (sid), this problem has been fixed in > version 5.3.4-4. > > We recommend that you upgrade your sympa package. > > > Upgrade instructions > - -------------------- > > wget url > will fetch the file for you > dpkg -i file.deb > will install the referenced file. > > If you are using the apt-get package manager, use the line for > sources.list as given below: > > apt-get update > will update the internal database > apt-get upgrade > will install corrected packages > > You may use an automated update by adding the resources from the > footer to the proper configuration. > > > Debian GNU/Linux 4.0 alias etch > - ------------------------------- > > Source archives: > > > http://security.debian.org/pool/updates/main/s/sympa/sympa_5.2.3-1.2+etch1.dsc > Size/MD5 checksum: 625 c7e720e56b1c4e9778cea822ed150a19 > > http://security.debian.org/pool/updates/main/s/sympa/sympa_5.2.3-1.2+etch1.diff.gz > Size/MD5 checksum: 96804 a93d8ec3dcbc0a0aed99e513c5749c0e > > http://security.debian.org/pool/updates/main/s/sympa/sympa_5.2.3.orig.tar.gz > Size/MD5 checksum: 5102528 355cb9174841205831191c93a83da895 > > alpha architecture (DEC Alpha) > > > http://security.debian.org/pool/updates/main/s/sympa/sympa_5.2.3-1.2+etch1_alpha.deb > Size/MD5 checksum: 3589148 26b92215ed7b17531c3702ff76b30901 > > amd64 architecture (AMD x86_64 (AMD64)) > > > http://security.debian.org/pool/updates/main/s/sympa/sympa_5.2.3-1.2+etch1_amd64.deb > Size/MD5 checksum: 3591854 531781d522ad5f02e6c5b658883ed37d > > arm architecture (ARM) > > > http://security.debian.org/pool/updates/main/s/sympa/sympa_5.2.3-1.2+etch1_arm.deb > Size/MD5 checksum: 3590606 dc3437760b7db4761f90e992e3638c52 > > hppa architecture (HP PA RISC) > > > http://security.debian.org/pool/updates/main/s/sympa/sympa_5.2.3-1.2+etch1_hppa.deb > Size/MD5 checksum: 3591482 5601933860831577cb017cb0aa3b31fe > > i386 architecture (Intel ia32) > > > http://security.debian.org/pool/updates/main/s/sympa/sympa_5.2.3-1.2+etch1_i386.deb > Size/MD5 checksum: 3567454 0c6e3d6046f7d0e9920ed7ce9780b103 > > ia64 architecture (Intel ia64) > > > http://security.debian.org/pool/updates/main/s/sympa/sympa_5.2.3-1.2+etch1_ia64.deb > Size/MD5 checksum: 3571256 c294184494968264ff0857fc2b907711 > > mips architecture (MIPS (Big Endian)) > > > http://security.debian.org/pool/updates/main/s/sympa/sympa_5.2.3-1.2+etch1_mips.deb > Size/MD5 checksum: 3584362 1b3371fe22966b198a3c338167e71909 > > powerpc architecture (PowerPC) > > > http://security.debian.org/pool/updates/main/s/sympa/sympa_5.2.3-1.2+etch1_powerpc.deb > Size/MD5 checksum: 3568314 57c566c13cd31f66bbe3652b4c9ea3e7 > > s390 architecture (IBM S/390) > > > http://security.debian.org/pool/updates/main/s/sympa/sympa_5.2.3-1.2+etch1_s390.deb > Size/MD5 checksum: 3568574 afab57a71590dcdd685746b6500040b0 > > sparc architecture (Sun SPARC/UltraSPARC) > > > http://security.debian.org/pool/updates/main/s/sympa/sympa_5.2.3-1.2+etch1_sparc.deb > Size/MD5 checksum: 3568016 0bf312e31bb5df28404ea40842845caf > > > These files will probably be moved into the stable distribution on > its next update. > > - > --------------------------------------------------------------------------------- > For apt-get: deb http://security.debian.org/ stable/updates main > For dpkg-ftp: ftp://security.debian.org/debian-security > dists/stable/updates/main > Mailing list: [EMAIL PROTECTED] > Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.6 (GNU/Linux) > > iD8DBQFIapKKwM/Gs81MDZ0RAqAtAJ4qQlnuRralKZTMQhtDqYvMXfaqdQCgof4S > 6REh7OX9zxqgWYGHqQWtEpQ= > =ANTa > -----END PGP SIGNATURE----- > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > >
-- drax was here -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
