- -------------------------------------------------------------------------- Debian-Edu/Skolelinux Security Advisory DESA 2007-013 http://www.skolelinux.org/security/ Steffen Joeris October 14th, 2007 debian-edu-security@lists.alioth.debian.org - -------------------------------------------------------------------------- This DESA deals with packages that the Debian Security Team has fixed for the stable distribution. Each section starts with "Package" and includes a link to the Debian Security Team's announce for the security upgrade. Package : kdebase (kdebase, kdebase-data, kmenuedit, kpersonalizer, kcontrol, kdesktop, khelpcenter, libkonq4, kicker, kdm, kpager, ksplash, klipper, kate, kdepasswd, konqueror, konsole, ksysguard, kdebase-bin, ktip, kfind, ksysguardd, kdebase-kio-plugins, kwin, ksmserver, konqueror-nsplugins, kappfinder, kdeprint) Vulnerability : programming error Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-4569 DSA ID : DSA-1376-1 DSA URL : http://www.debian.org/security/2007/dsa-1376 Package : file (libmagic1, file) Vulnerability : integer overflow Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-2799 DSA ID : DSA-1343-1 DSA URL : http://www.debian.org/security/2007/dsa-1343 Package : openssl (libssl, openssl) Vulnerability : off-by-one error/buffer overflow Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-5135 DSA ID : DSA-1379-1 DSA URL : http://www.debian.org/security/2007/dsa-1379 Package : xfs (xfs) Vulnerability : several Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-4568 DSA ID : DSA-1385-1 DSA URL : http://www.debian.org/security/2007/dsa-1385 Upgrade Instructions - -------------------- Make sure the line deb http://security.debian.org/ etch/updates main contrib non-free is present in your /etc/apt/sources.list and run 'aptitude update' to update your package lists. Then run 'aptitude upgrade' to upgrade all the packages mentioned above. This might upgrade other packages too, and if you only want to upgrade the packages above, you should run 'aptitude install <pkg1> ... <pkgN>' where <pkg1> to <pkgN> is the package names in paranthesis from each package section above. - -------------------------------------------------------------------------- Mailing lists: debian-edu-announce@lists.debian.org Package info: `apt-cache show <pkg>'
Attachment:
signature.asc
Description: This is a digitally signed message part.