Thank you Moritz for your information! I'm using Ubuntu i386 debian.
2009/1/28 Moritz Muehlenhoff <[email protected]> > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > - ------------------------------------------------------------------------ > Debian Security Advisory DSA-1714-1 [email protected] > http://www.debian.org/security/ Moritz Muehlenhoff > January 28, 2009 http://www.debian.org/security/faq > - ------------------------------------------------------------------------ > > Package : rt2570 > Vulnerability : integer overflow > Problem type : remote > Debian-specific: no > CVE Id(s) : CVE-2009-0282 > > It was discovered that an integer overflow in the "Probe Request" packet > parser of the Ralinktech wireless drivers might lead to remote denial of > service or the execution of arbitrary code. > > Please note that you need to rebuild your driver from the source > package in order to set this update into effect. Detailed > instructions can be found in /usr/share/doc/rt2570-source/README.Debian > > For the stable distribution (etch), this problem has been fixed in > version 1.1.0+cvs20060620-3+etch1. > > For the upcoming stable distribution (lenny) and the unstable > distribution (sid), this problem has been fixed in version > 1.1.0+cvs20080623-2. > > We recommend that you upgrade your rt2570 package. > > Upgrade instructions > - -------------------- > > wget url > will fetch the file for you > dpkg -i file.deb > will install the referenced file. > > If you are using the apt-get package manager, use the line for > sources.list as given below: > > apt-get update > will update the internal database > apt-get upgrade > will install corrected packages > > You may use an automated update by adding the resources from the > footer to the proper configuration. > > > Debian GNU/Linux 4.0 alias etch > - ------------------------------- > > Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, > mipsel, powerpc, s390 and sparc. > > Source archives: > > > http://security.debian.org/pool/updates/main/r/rt2570/rt2570_1.1.0+cvs20060620-3+etch1.dsc > Size/MD5 checksum: 664 457b00a7cf3d60bef559e9cdc442e036 > > http://security.debian.org/pool/updates/main/r/rt2570/rt2570_1.1.0+cvs20060620-3+etch1.diff.gz > Size/MD5 checksum: 4958 20b48e5fb05d999bfc643a2bb0c7401f > > http://security.debian.org/pool/updates/main/r/rt2570/rt2570_1.1.0+cvs20060620.orig.tar.gz > Size/MD5 checksum: 253367 f4131d670920a878b4d4a0f5d4d8b93a > > Architecture independent packages: > > > http://security.debian.org/pool/updates/main/r/rt2570/rt2570-source_1.1.0+cvs20060620-3+etch1_all.deb > Size/MD5 checksum: 252986 58a62ca3f7d3b1b49cfbe9aa02eabe7b > > These files will probably be moved into the stable distribution on > its next update. > > - > --------------------------------------------------------------------------------- > For apt-get: deb http://security.debian.org/ stable/updates main > For dpkg-ftp: > ftp://security.debian.org/debian-securitydists/stable/updates/main > Mailing list: [email protected] > Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.9 (GNU/Linux) > > iEYEARECAAYFAkmA1AYACgkQXm3vHE4uylqP5wCgvkyLcqYXLurUCv63n/d976yp > y4oAnR+rh2rcq3guOIIGtbincx3m71/j > =mHgg > -----END PGP SIGNATURE----- > > > > -- > To UNSUBSCRIBE, email to [email protected] > with a subject of "unsubscribe". Trouble? Contact > [email protected] > > -- Andy Smith
