Search This Blog

Thursday, June 21, 2007

[SECURITY] [DSA 1316-1] New emacs21 packages fix denial of service

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


- ------------------------------------------------------------------------
Debian Security Advisory dsa-1316 security@debian.org
http://www.debian.org/security/

Steve Kemp
June 21, 2007
- ------------------------------------------------------------------------

Package : emacs21 (21.4a+1-3etch1)
Vulnerability : denial of service
Problem type : local
Debian-specific: no
CVE Id(s) : CVE-2007-2833
Debian Bug : 408929


It has been discovered that emacs, the GNU Emacs editor, will crash when
processing certain types of images.

For the stable distribution (etch), this problem has been fixed in version XXX


We recommend that you upgrade your emacs21 (21.4a+1-3etch1) package.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian (stable)
- ---------------

Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/e/emacs21/emacs21_21.4a+1.orig.tar.gz

Size/MD5 checksum: 15188829 2614ad1ce5c547e682e76049717a704d

http://security.debian.org/pool/updates/main/e/emacs21/emacs21_21.4a+1-3etch1.diff.gz

Size/MD5 checksum: 189123 efad0ca53f0dbddb93b2cbef0edb350d

http://security.debian.org/pool/updates/main/e/emacs21/emacs21_21.4a+1-3etch1.dsc

Size/MD5 checksum: 893 01f93796b7e4cbfb0c07fc211b49ebfa

Architecture independent packages:

http://security.debian.org/pool/updates/main/e/emacs21/emacs21-common_21.4a+1-3etch1_all.deb

Size/MD5 checksum: 9450540 eb73296f7683a65384cd41905f6dc39c

http://security.debian.org/pool/updates/main/e/emacs21/emacs21-el_21.4a+1-3etch1_all.deb

Size/MD5 checksum: 7218194 cac7a6629afe81db77af34e344194852

http://security.debian.org/pool/updates/main/e/emacs21/emacs_21.4a+1-3etch1_all.deb

Size/MD5 checksum: 23846 b8675a67384a58f59befec0577eca744

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/e/emacs21/emacs21_21.4a+1-3etch1_alpha.deb

Size/MD5 checksum: 2329172 9468d7d11509518ec4d6e97caf26cc86

http://security.debian.org/pool/updates/main/e/emacs21/emacs21-nox_21.4a+1-3etch1_alpha.deb

Size/MD5 checksum: 2085080 6576dd8ef28a1055cb1017ffcc9aad74

http://security.debian.org/pool/updates/main/e/emacs21/emacs21-bin-common_21.4a+1-3etch1_alpha.deb

Size/MD5 checksum: 182974 565e5a66ab03c426078faa70c3305349

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/e/emacs21/emacs21-nox_21.4a+1-3etch1_amd64.deb

Size/MD5 checksum: 1969826 691f4641f9c3e3fd37b149ae5478d65d

http://security.debian.org/pool/updates/main/e/emacs21/emacs21_21.4a+1-3etch1_amd64.deb

Size/MD5 checksum: 2187854 9fcfd83efc6ce06c675e68fa43b8fded

http://security.debian.org/pool/updates/main/e/emacs21/emacs21-bin-common_21.4a+1-3etch1_amd64.deb

Size/MD5 checksum: 162136 1973e185e0c221c03dbf77df2e460df7

arm architecture (ARM)

http://security.debian.org/pool/updates/main/e/emacs21/emacs21-nox_21.4a+1-3etch1_arm.deb

Size/MD5 checksum: 1828924 f6bce578f44fb1f1a1ab31217f926708

http://security.debian.org/pool/updates/main/e/emacs21/emacs21_21.4a+1-3etch1_arm.deb

Size/MD5 checksum: 2030164 e3991619fdb58d75d95ab480fb191c79

http://security.debian.org/pool/updates/main/e/emacs21/emacs21-bin-common_21.4a+1-3etch1_arm.deb

Size/MD5 checksum: 147964 84453604acd1f52971da2bdd785fad17

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/e/emacs21/emacs21-nox_21.4a+1-3etch1_hppa.deb

Size/MD5 checksum: 1961192 f169821c8a1f27c44c3a2f41ca2f3651

http://security.debian.org/pool/updates/main/e/emacs21/emacs21_21.4a+1-3etch1_hppa.deb

Size/MD5 checksum: 2187120 37e9cc501a0ed894506700f3979a9cc0

http://security.debian.org/pool/updates/main/e/emacs21/emacs21-bin-common_21.4a+1-3etch1_hppa.deb

Size/MD5 checksum: 162908 be7bc21995279915d27c5755904373d5

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/e/emacs21/emacs21-bin-common_21.4a+1-3etch1_i386.deb

Size/MD5 checksum: 146884 f295798eef85bf559ca830f0a87de5c1

http://security.debian.org/pool/updates/main/e/emacs21/emacs21_21.4a+1-3etch1_i386.deb

Size/MD5 checksum: 2029074 0ad01edbae57f38fd98b7e166363c15d

http://security.debian.org/pool/updates/main/e/emacs21/emacs21-nox_21.4a+1-3etch1_i386.deb

Size/MD5 checksum: 1837132 3228c6d0f29ef3367c962893e6ea7325

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/e/emacs21/emacs21-bin-common_21.4a+1-3etch1_ia64.deb

Size/MD5 checksum: 215278 adc3e9e2590f28ddaa4a415e6e07d57e

http://security.debian.org/pool/updates/main/e/emacs21/emacs21-nox_21.4a+1-3etch1_ia64.deb

Size/MD5 checksum: 2351410 8b0192deacf060b17623a2a3274b179b

http://security.debian.org/pool/updates/main/e/emacs21/emacs21_21.4a+1-3etch1_ia64.deb

Size/MD5 checksum: 2707896 a13cc5a1192c910f17b9b8d56ae2af35

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/e/emacs21/emacs21_21.4a+1-3etch1_mips.deb

Size/MD5 checksum: 2264302 f15a5884dde71bb4be70030b84accdf9

http://security.debian.org/pool/updates/main/e/emacs21/emacs21-nox_21.4a+1-3etch1_mips.deb

Size/MD5 checksum: 2026274 65936d472970fccab319540e5508ce57

http://security.debian.org/pool/updates/main/e/emacs21/emacs21-bin-common_21.4a+1-3etch1_mips.deb

Size/MD5 checksum: 165656 9c9483290fd960b049e1a63cb1295165

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/e/emacs21/emacs21-nox_21.4a+1-3etch1_mipsel.deb

Size/MD5 checksum: 1978868 9822056f7ef84d0f5691585ee3d524a0

http://security.debian.org/pool/updates/main/e/emacs21/emacs21-bin-common_21.4a+1-3etch1_mipsel.deb

Size/MD5 checksum: 165668 431c39dd0dd50d17ca2958f90ee7df33

http://security.debian.org/pool/updates/main/e/emacs21/emacs21_21.4a+1-3etch1_mipsel.deb

Size/MD5 checksum: 2216624 66e1c85453ae9c7a49c9a2fb9d4a8480

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/e/emacs21/emacs21_21.4a+1-3etch1_powerpc.deb

Size/MD5 checksum: 2118924 c39baa8043ded1bb0bed737e9c117dba

http://security.debian.org/pool/updates/main/e/emacs21/emacs21-nox_21.4a+1-3etch1_powerpc.deb

Size/MD5 checksum: 1905208 4d1d6f37948fc7c22787365a449fd2b7

http://security.debian.org/pool/updates/main/e/emacs21/emacs21-bin-common_21.4a+1-3etch1_powerpc.deb

Size/MD5 checksum: 155700 e9cd7d62d7897ead5daaafe6c4baf83e

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/e/emacs21/emacs21-nox_21.4a+1-3etch1_s390.deb

Size/MD5 checksum: 1931752 2c9d6527bfc7bb263e342815f658804b

http://security.debian.org/pool/updates/main/e/emacs21/emacs21_21.4a+1-3etch1_s390.deb

Size/MD5 checksum: 2146028 8fdce62a7aa6800bf6cdfe5560402886

http://security.debian.org/pool/updates/main/e/emacs21/emacs21-bin-common_21.4a+1-3etch1_s390.deb

Size/MD5 checksum: 157108 7e3c170c7b558bd49bb04a150c2fa05d

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/e/emacs21/emacs21_21.4a+1-3etch1_sparc.deb

Size/MD5 checksum: 2114942 2739d3fbe7ccdb9376018324921f3250

http://security.debian.org/pool/updates/main/e/emacs21/emacs21-bin-common_21.4a+1-3etch1_sparc.deb

Size/MD5 checksum: 148146 3f31d435a2477804cd2a1bf6c2c93a77

http://security.debian.org/pool/updates/main/e/emacs21/emacs21-nox_21.4a+1-3etch1_sparc.deb

Size/MD5 checksum: 1913248 5746adae76a13ffabbf243f254d531e7


These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGenVSwM/Gs81MDZ0RArjvAKDFxz3X+xzK8cWxU/WuJ6vHJp1WPACgwrYr
cUzZ6f2FJvlDHZd0EwluVFM=
=zIki
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

No comments: