- -------------------------------------------------------------------------- Debian-Edu/Skolelinux Security Advisory DESA 2007-016 http://www.skolelinux.org/security/ Steffen Joeris December 13th, 2007 debian-edu-security@lists.alioth.debian.org - -------------------------------------------------------------------------- This DESA deals with packages that the Debian Security Team has fixed. Each section starts with "Package" and includes a link to the Debian Security Team's announce for the security upgrade. Package : samba (samba-doc, winbind, smbclient, samba-common, smbfs, libsmbclient, samba) Vulnerability : several Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-4572, CVE-2007-5398, CVE-2007-6015 DSA ID : DSA-1409-2, DSA-1427-1 DSA URL : http://www.debian.org/security/2007/dsa-1409 DSA URL : http://www.debian.org/security/2007/dsa-1427 Package : mysql-dfsg (mysql-common, libmysqlclient12) Vulnerability : multiple Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-2583, CVE-2007-2691, CVE-2007-2692 CVE-2007-3780, CVE-2007-3782, CVE-2007-5925 DSA ID : DSA-1413-1 DSA URL : http://www.debian.org/security/2007/dsa-1413 Package : tk8.3 (tk8.3) Vulnerability : buffer overflow Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-5378 DSA ID : DSA-1416-1 DSA URL : http://www.debian.org/security/2007/dsa-1416 Package : qt-x11-free (libqt3c102-mt) Vulnerability : several vulnerabilities Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-3388 CVE-2007-4137 DSA ID : DSA-1426-1 DSA URL : http://www.debian.org/security/2007/dsa-1426 Package : libnss-ldap (libnss-ldap) Vulnerability : denial of service Need reboot : no Debian-Edu-specific : no CVE ID : CVE-2007-5794 DSA ID : DSA-1430-1 DSA URL : http://www.debian.org/security/2007/dsa-1430 Upgrade Instructions - -------------------- Make sure the line deb http://security.debian.org/ sarge/updates main contrib non-free is present in your /etc/apt/sources.list and run 'apt-get update' to update your package lists. Then run 'apt-get upgrade' to upgrade all the packages mentioned above. This might upgrade other packages too, and if you only want to upgrade the packages above, you should run 'apt-get install <pkg1> ... <pkgN>' where <pkg1> to <pkgN> is the package names in paranthesis from each package section above. - -------------------------------------------------------------------------- Mailing lists: debian-edu-announce@lists.debian.org Package info: `apt-cache show <pkg>'
Attachment:
signature.asc
Description: This is a digitally signed message part.