Linux-Bulgaria.ORG
навигация

 

начало

пощенски списък

архив на групата

семинари ...

документи

как да ...

 

 

Предишно писмо Следващо писмо Предишно по тема Следващо по тема По Дата По тема (thread)

lug-bg: [Fwd: [SECURITY] [DSA-382-1] OpenSSH buffer management fix]


  • Subject: lug-bg: [Fwd: [SECURITY] [DSA-382-1] OpenSSH buffer management fix]
  • From: Ivan Dimitrov <dobber@xxxxxxxxxx>
  • Date: Wed, 17 Sep 2003 13:35:59 +0300
  • Organization: root of all evil

i sid i woody versiite na debian sa updatenati s fixnat ssh.

-----Forwarded Message-----
> From: Wichert Akkerman <wichert@xxxxxxxxx>
> To: debian-security-announce@xxxxxxxxxxxxxxxx
> Subject: [SECURITY] [DSA-382-1] OpenSSH buffer management fix
> Date: Tue, 16 Sep 2003 20:41:32 +0200
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> - ------------------------------------------------------------------------
> Debian Security Advisory DSA-382-1                   security@xxxxxxxxxx
> http://www.debian.org/security/                         Wichert Akkerman
> September 16, 2003
> - ------------------------------------------------------------------------
> 
> 
> Package        : ssh
> Vulnerability  : buffer handling
> Problem type   : possible remote
> Debian-specific: no
> CVS references : CAN-2003-0693
> 
> A bug has been found in OpenSSH's buffer handling where a buffer could
> be marked as grown when the actual reallocation failed.
> 
> This bug has been fixed in upstream version 3.7. For the Debian stable
> distribution this bug has eeb fixed in version 1:3.4p1-1.1 .
> 
> Please note that if a machine is setup to install packages from
> proposed-updates it will not automatically install this update. 
> 
> 
> Upgrade Instructions
> - --------------------
> 
> wget url
>         will fetch the file for you
> dpkg -i file.deb
>         will install the referenced file.
> 
> If you are using the apt-get package manager, use the line for
> sources.list as given below:
> 
> apt-get update
>         will update the internal database
> apt-get upgrade
>         will install corrected packages
> 
> You may use an automated update by adding the resources from the
> footer to the proper configuration.
> 
> 
> Debian GNU/Linux 3.0 alias woody
> - --------------------------------
> 
>   Stable was released for alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390 and sparc.
> 
>   Source archives:
> 
>     http://security.debian.org/pool/updates/main/o/openssh/openssh_3.4p1-1.1.diff.gz
>       Size/MD5 checksum:    36506 9defe00f0297a22395b2f17e34bae852
>     http://security.debian.org/pool/updates/main/o/openssh/openssh_3.4p1-1.1.dsc
>       Size/MD5 checksum:     1338 8fc3790171311bcf8fe202edf884e000
> 
>   alpha architecture (DEC Alpha)
> 
>     http://security.debian.org/pool/updates/main/o/openssh/ssh_3.4p1-1.1_alpha.deb
>       Size/MD5 checksum:   849796 9125f955f4649ee1d8ec942b051f67e1
>     http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_3.4p1-1.1_alpha.deb
>       Size/MD5 checksum:    35724 93863e66e77fc7c6cca09636e01fce96
> 
>   arm architecture (ARM)
> 
>     http://security.debian.org/pool/updates/main/o/openssh/ssh_3.4p1-1.1_arm.deb
>       Size/MD5 checksum:   658012 21675964771355a0ae456fc5927245b2
>     http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_3.4p1-1.1_arm.deb
>       Size/MD5 checksum:    34958 6abebe99d34e7c4a1bbcddcffe50ca6e
> 
>   hppa architecture (HP PA RISC)
> 
>     http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_3.4p1-1.1_hppa.deb
>       Size/MD5 checksum:    35318 b3bc13ec29b99687e8165a8250695e3c
>     http://security.debian.org/pool/updates/main/o/openssh/ssh_3.4p1-1.1_hppa.deb
>       Size/MD5 checksum:   755464 100a06cde2e02486502fef1283777102
> 
>   i386 architecture (Intel ia32)
> 
>     http://security.debian.org/pool/updates/main/o/openssh/ssh_3.4p1-1.1_i386.deb
>       Size/MD5 checksum:   642460 ee27cd953e87b32e6b1c1b09fcdb7aa2
>     http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_3.4p1-1.1_i386.deb
>       Size/MD5 checksum:    35236 caf803cd286646300d68576724cf236a
> 
>   ia64 architecture (Intel ia64)
> 
>     http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_3.4p1-1.1_ia64.deb
>       Size/MD5 checksum:    36728 90006b98e1a29a9e631ee335f9596262
>     http://security.debian.org/pool/updates/main/o/openssh/ssh_3.4p1-1.1_ia64.deb
>       Size/MD5 checksum:  1002494 9bf4331e06a35a025ee8617fece7fa4c
> 
>   mips architecture (MIPS (Big Endian))
> 
>     http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_3.4p1-1.1_mips.deb
>       Size/MD5 checksum:    35246 866ebeefc0d64307f78c0aa49f2eb470
>     http://security.debian.org/pool/updates/main/o/openssh/ssh_3.4p1-1.1_mips.deb
>       Size/MD5 checksum:   729782 67b72adc6041f24eeeb0d35cb37a27e6
> 
>   mipsel architecture (MIPS (Little Endian))
> 
>     http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_3.4p1-1.1_mipsel.deb
>       Size/MD5 checksum:    35208 bf5051b7e2f41ce571f5161578db62f9
>     http://security.debian.org/pool/updates/main/o/openssh/ssh_3.4p1-1.1_mipsel.deb
>       Size/MD5 checksum:   727196 96122a4ac373f66b2218ec4febecff27
> 
>   m68k architecture (Motorola Mc680x0)
> 
>     http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_3.4p1-1.1_m68k.deb
>       Size/MD5 checksum:    35166 2f6b556a3c3a18ccf31933976ef48186
>     http://security.debian.org/pool/updates/main/o/openssh/ssh_3.4p1-1.1_m68k.deb
>       Size/MD5 checksum:   612346 c3e1ce4ce619862c24e62bf8f7563cff
> 
>   powerpc architecture (PowerPC)
> 
>     http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_3.4p1-1.1_powerpc.deb
>       Size/MD5 checksum:    34972 5365d9f0f7453f83046dd1b263f8824a
>     http://security.debian.org/pool/updates/main/o/openssh/ssh_3.4p1-1.1_powerpc.deb
>       Size/MD5 checksum:   681188 82564391d8b71424fc88a73587e1d33d
> 
>   s390 architecture (IBM S/390)
> 
>     http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_3.4p1-1.1_s390.deb
>       Size/MD5 checksum:    35604 a9d8674d50edb3b2fa4f1e1dca98e6cb
>     http://security.debian.org/pool/updates/main/o/openssh/ssh_3.4p1-1.1_s390.deb
>       Size/MD5 checksum:   717776 e2b5c973db52d0e97ba91627e983b7a0
> 
>   sparc architecture (Sun SPARC/UltraSPARC)
> 
>     http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_3.4p1-1.1_sparc.deb
>       Size/MD5 checksum:    35020 41ae03783324a20d395f6f4f8d5c5fb3
>     http://security.debian.org/pool/updates/main/o/openssh/ssh_3.4p1-1.1_sparc.deb
>       Size/MD5 checksum:   685856 b171caefecf060b28882d1fb95ae28d7
> 
> - -- 
> - ----------------------------------------------------------------------------
> Debian Security team <team@xxxxxxxxxxxxxxxxxxx>
> http://www.debian.org/security/
> Mailing-List: debian-security-announce@xxxxxxxxxxxxxxxx
> 
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.3 (GNU/Linux)
> 
> iD8DBQE/Z1lRPLiSUC+jvC0RAv+fAJ9CIsPyIGuAd6hFlycZTiD9VuOExQCgmQiA
> 8s6Qr7lnF0L5Rd24GON0TcM=
> =zpC2
> -----END PGP SIGNATURE-----
-- 

Hi! I'm your friendly neighbourhood signature virus.
Copy me to your signature file and help me spread!
============================================================================
A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora
To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
============================================================================



 

наши приятели

 

линукс за българи
http://linux-bg.org

FSA-BG
http://fsa-bg.org

OpenFest
http://openfest.org

FreeBSD BG
http://bg-freebsd.org

KDE-BG
http://kde.fsa-bg.org/

Gnome-BG
http://gnome.cult.bg/

проект OpenFMI
http://openfmi.net

NetField Forum
http://netField.ludost.net/forum/

 

 

Linux-Bulgaria.ORG

Mailing list messages are © Copyright their authors.