User: Password:
|
|
Subscribe / Log in / New account

Debian alert DSA-631-1 (kdelibs)

From:  joey@infodrom.org (Martin Schulze)
To:  debian-security-announce@lists.debian.org (Debian Security Announcements)
Subject:  [SECURITY] [DSA 631-1] New kdlibs packages fix arbitrary FTP command execution
Date:  Mon, 10 Jan 2005 12:07:44 +0100 (CET)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 631-1 security@debian.org http://www.debian.org/security/ Martin Schulze January 10th, 2005 http://www.debian.org/security/faq - -------------------------------------------------------------------------- Package : kdelibs Vulnerability : unsanitised input Problem-Type : remote Debian-specific: no CVE ID : CAN-2004-1165 BugTraq ID : 11827 Debian Bug : 287201 Thiago Macieira discovered a vulnerability in the kioslave library, which is part of kdelibs, which allows a remote attacker to execute arbitrary FTP commands via an ftp:// URL that contains an URL-encoded newline before the FTP command. For the stable distribution (woody) this problem has been fixed in version 2.2.2-13.woody.13. For the unstable distribution (sid) this problem will be fixed soon. We recommend that you upgrade your kdelibs3 package. Upgrade Instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.0 alias woody - -------------------------------- Source archives: http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 1355 9f1e4e8b1a72437dc747d3bfe888c666 http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 60430 c3a698d55e20f3728b4bbe97e9526811 http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 6396699 7a9277a2e727821338f751855c2ce5d3 Architecture independent components: http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 2564706 9a50557f2f62784657a6e1e32082ecf2 Alpha architecture: http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 757688 dd6923238a88caa78044bd52a2f98d57 http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 7533272 9f5b2429c330a0782646085a95908fd3 http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 137604 277dc86087dc4403c675317bdb3cf32b http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 202192 208698d6df409f737b5d489115790783 http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 1022456 f13b1bf9a0de99922522976a4f0c05c6 http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 1029340 4e6fb0ab7e3ba765617dbd860d910faa http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 198392 0e8b5d5b1e4874744faee948d58435c9 http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 174916 c1f73f9648de0fa7c35dc88f6976a87b http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 178366 fd3e1407968bd90f3ca32c1bd3e61bd6 http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 37414 c08246070fb2f52ae94c59b50f82cbf9 ARM architecture: http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 743962 47723eb9417b084a049b13824d5f0da9 http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 6590134 d19e19217d361c4ca229186ce794c213 http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 104794 a80c15dd83aceecf6d05fb01a381a582 http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 186800 2de874daa00f8b17807f5efa95ccdac2 http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 651944 df001c3bba12297757812caa0bcb676a http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 655556 05b24ff6a055b8fbe6ba3f1795631533 http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 155864 f9268cec205df73dc25602d64738c356 http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 125018 60de0c401b10157b45f24c4f34c4d23c http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 128128 ff5f7f66cc6e4ff8079c18499b5bb8c0 http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 37410 b3e2a7b2faae47b21929bc35eb2c98d5 Intel IA-32 architecture: http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 743254 4caa9cdefd22a558a2030b806e150717 http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 6639808 cb49d4526e939979a05b820663551b5c http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 106324 4799aeee22a9732ff2549010f3350b2b http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 183322 2a63cc241cbe10822f37d1733cca114b http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 625464 c98c7031a878f758d226cebe1887eeab http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 629712 0e9c222aa4251970a69546d3c8e28c75 http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 155900 d539482e4f19dd555ef4fc57727747f8 http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 123712 41ed509e764c68c082e73262c21ce332 http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 126790 df83febebfe326d760530ad5f9a79f51 http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 37414 0d24cd4d03f4c8dbde9254bbde84232d Intel IA-64 architecture: http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 768116 91c03e1b564a015d5e92d01ead2f6451 http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 8843460 69c19168154f704047d64dd88847c70b http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 153932 7ece8356ca3962b7196f15519114038a http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 257512 2058f03f33ccfcc118d8fe302aeea3b1 http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 1045706 c394fc1bd3a8cc10657a573376056cfa http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 1051150 876d795e349b5eb87fd981c206c0e17c http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 199694 960281cc920bb56c6ae22cb8501c45ab http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 185712 2cfd9e82757cd6155bdfb8622762db66 http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 191226 a7ff1986e0d54c69083a519bb41414ce http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 37408 f03bc5824688ae2188d915c02bd35001 HP Precision architecture: http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 750044 bf9e9538ff0ae4f04d314d0e190ba87f http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 7345290 90e867caf7837b8b2b863c53d1d821bb http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 117690 8f68f3e418000d803ce8dece02af15b6 http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 218160 bc41b54ce12b2db6adb6a35547a7bd16 http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 1111924 4667cefbe0056a23f337884436c09510 http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 1115514 2c04bec4f2a6e242321b6edaedea0686 http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 207908 91c9bc6d622888c0ede43ecba31bcb77 http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 172218 7d5d280cf79772917ce0ab9896b9f361 http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 176358 8b1cf4d1a479f7e1cea419f2dc1098ab http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 37408 69293e3f4b104c85adef4521df7d07fd Motorola 680x0 architecture: http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 740368 2a77fccf3f8a342946575065373dbd62 http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 6484976 d315d8f12097fa3dbaa08dcb0be67e1f http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 103834 f03d0a40602fd442df45a229df3dbea6 http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 178722 d26c0f719886747d1709c110ad034b16 http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 628884 cd8c249abf5f1724b34d4800404dd62b http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 633404 41ed2c1f76d4d2bc26f98b8bf2fdd895 http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 151352 d98fe7855c9794fb39dbb46980a632ab http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 120964 21aa4fa0c572cf37083b7a90ea8fc00b http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 123888 413e21f67c36c46ad05c0824656db826 http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 37418 ff5766f8588e2c08c95002efc6860e70 Big endian MIPS architecture: http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 740170 9867121e6108bfdbb5f4b7ca1d6454b8 http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 6284608 1bff0261be6c8eea8c4cf4cc63f57f8c http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 107108 ec5433a58078b3f07658563dd2c46dc9 http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 161238 4e686e5be67f47c5fda98d3dddef7330 http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 621128 dd49b6b852e069e1013f492573ee6313 http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 625454 71a7a6d2b8840be6fc85d3a9561d33c0 http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 176112 a83da928b5e671bb91b4b948483301a3 http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 124514 55d3861410c4197ed62d038f6b0e0174 http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 127520 d0ed4fa232f26c2614e409b63dcbb404 http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 37416 d50528b065c60365fce0f4f547fa1081 Little endian MIPS architecture: http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 739504 9c820274c13b065fd07f70a7aeb1d76c http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 6190780 c94de3b327a3ea6e6da8ac924f0c95b8 http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 106116 d3e01486a63d316c7e810c918f552f89 http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 159470 708f7419e7159ee0c9379e21893cb012 http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 613928 d4432e95d2ecf4d27e57addf221290c3 http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 617482 0949980c00dc4c0e4e2230e7564c79ed http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 175278 69d9f9e674c087d21cac575a3b719366 http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 123532 efc8d3c2537bedf25efd48f1ebd36a8b http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 126502 2e3592fb492f5d378f98ba2a4780d57c http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 37416 9909601d093c5724f16bef19159f3f86 PowerPC architecture: http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 741200 72157542a537a782a753d20377791f70 http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 6743390 7b96545e5ae4ec6072bc4cc9a5614d0a http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 106234 b216558d8fae124b2ef7b84e00e23e2a http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 182866 efa1b57fdc82602a9e0115ba5da5f98b http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 691294 bb4194b02266ce96725464dadb914964 http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 694974 48baf346a6a343e5dcdb71c072a7ff35 http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 154106 597dcec6c1576357d49307bff5caeeb0 http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 127836 706d72cd9a65dfad671376aec0e05af5 http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 130734 30bf40e7f6082cf1deb935296aab00d1 http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 37418 2d5ef75c2333eb45f6d220705d1a4bde IBM S/390 architecture: http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 742686 d4287af872c4190ea497fa17d1208760 http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 6743956 3d20d186ccc54d960a61a2b8448f5705 http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 110756 f8a793df44bd3fa43ebd336955b1c5db http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 177228 0b9b04cd294b5f67a2962e5148dee8d9 http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 642566 f25a3ebbfef855b98e23695ee9cf4b8a http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 647584 6865ea6583be755372d292f58b975e7e http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 151696 8c465cb74fa93c4cc22b55e32cfff3c4 http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 130184 f3d7293b8c5b615ae5ac87cd3f163ef8 http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 133604 77fc9edf6261076d1b966cf41a2da7ec http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 37414 9ee65840380742736c9c84196efc8a24 Sun Sparc architecture: http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 742052 769ed2038e89a752099b76b3e7013762 http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 6580508 77bbc933d96d8f445ac1b33d9fe07a89 http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 118032 b5803cc83bfa18ca4ceebc2775ae2a2d http://security.debian.org/pool/updates/main/k/kdelibs/kd... Size/MD5 checksum: 184454 4623c000bb8bca53541a70313c117702 http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 665306 d97b8aa08520060e4b34c52bde2c30b8 http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 669144 5fa5d0c77445e60b8f9729f571d7e802 http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 152112 6371ee88e1c46bd41ddbc7bbb7ec3100 http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 128956 79ecddc9557a7f31a7395d4aa551cc3b http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 131662 01919846b6cc30d473eb87022fed41a2 http://security.debian.org/pool/updates/main/k/kdelibs/li... Size/MD5 checksum: 37412 f66c9283e94542c62f125701f6d99178 These files will probably be moved into the stable distribution on its next update. - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (GNU/Linux) iD8DBQFB4mH+W5ql+IAeqTIRAvAVAKCOJAuKkPlQlO4S+5OALeumuA9BkQCgptpG g7Ot6wYU1d7Hclvy6DapxJQ= =2+4S -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds