Login
Newsletter
Werbung
Sicherheit: Pufferüberlauf in freeamp
Aktuelle Meldungen Distributionen
Name: Pufferüberlauf in freeamp
ID: DSA-587-1
Distribution: Debian
Plattformen: Debian woody
Datum: Di, 9. November 2004, 12:00
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0964
Applikationen: freeamp

Originalnachricht

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

--------------------------------------------------------------------------
Debian Security Advisory DSA 587-1                     security@debian.org
http://www.debian.org/security/                             Martin Schulze
November 8th, 2004                      http://www.debian.org/security/faq
--------------------------------------------------------------------------

Package        : freeamp
Vulnerability  : buffer overflow
Problem-Type   : remote
Debian-specific: no
CVE ID         : CAN-2004-0964

Luigi Auriemma discovered a buffer overflow condition in the playlist
module of freeamp which could lead to arbitrary code execution.
Recent versions of freeamp were renamed into zinf.

For the stable distribution (woody) this problem has been fixed in
version 2.1.1.0-4woody2.

For the unstable distribution (sid) this problem does not exist in the
zinf packageas the code in question was rewritten.

We recommend that you upgrade your freeamp packages.


Upgrade Instructions
--------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
--------------------------------

  Source archives:

    freeamp_2.1.1.0-4woody2.dsc
      Size/MD5 checksum:      944 39d51f9def21f5b1d5542ccbcbc01e29
    freeamp_2.1.1.0-4woody2.diff.gz
      Size/MD5 checksum:    32347 783b34ce5201a8e4e10a8722fd00ad8f
    freeamp_2.1.1.0.orig.tar.gz
      Size/MD5 checksum:  3116888 d465da9fcdcc6ee7991e9b6cd968127b

  Architecture independent components:

    freeamp-doc_2.1.1.0-4woody2_all.deb
      Size/MD5 checksum:   282330 ffb91e1362db38b0e063839afdb7eefa

  Alpha architecture:

    freeamp_2.1.1.0-4woody2_alpha.deb
      Size/MD5 checksum:  2399962 187f779ad3fa78a1bcb6f79837a733ba
    freeamp-extras_2.1.1.0-4woody2_alpha.deb
      Size/MD5 checksum:    90476 d184dd97abf70f5db80579e76bdca43a
    libfreeamp-alsa_2.1.1.0-4woody2_alpha.deb
      Size/MD5 checksum:    34752 97704f6cd7245b6821d4683ee7999015
    libfreeamp-esound_2.1.1.0-4woody2_alpha.deb
      Size/MD5 checksum:    33376 77bbee46f4b02464e387d40fd850fac9

  ARM architecture:

    freeamp_2.1.1.0-4woody2_arm.deb
      Size/MD5 checksum:  2194684 c37e64837c2353be71062e9c74934028
    freeamp-extras_2.1.1.0-4woody2_arm.deb
      Size/MD5 checksum:    82794 6e6e0079c0f912c6aba7e3a73bc7963d
    libfreeamp-alsa_2.1.1.0-4woody2_arm.deb
      Size/MD5 checksum:    29440 615324c7d033b4c327a883239b5afe9c
    libfreeamp-esound_2.1.1.0-4woody2_arm.deb
      Size/MD5 checksum:    29342 d745a17d3a3c59dd6d004babcfa7563b

  Intel IA-32 architecture:

    freeamp_2.1.1.0-4woody2_i386.deb
      Size/MD5 checksum:  2032164 5c68a2b2940d9bfa3f5f3320f9a85d5b
    freeamp-extras_2.1.1.0-4woody2_i386.deb
      Size/MD5 checksum:    73482 091fe47ddd9308edcd2df707b00fefc8
    libfreeamp-alsa_2.1.1.0-4woody2_i386.deb
      Size/MD5 checksum:    29382 3b22fa0992c89e05542d06b78ca263df
    libfreeamp-esound_2.1.1.0-4woody2_i386.deb
      Size/MD5 checksum:    28476 0142da2d0ed0d50e7fe454171d7066da

  Intel IA-64 architecture:

    freeamp_2.1.1.0-4woody2_ia64.deb
      Size/MD5 checksum:  2367142 c43140e99b8dd87934e9611a060fe1bc
    freeamp-extras_2.1.1.0-4woody2_ia64.deb
      Size/MD5 checksum:    84638 6e55107e3071f451b08d77aed3260d44
    libfreeamp-esound_2.1.1.0-4woody2_ia64.deb
      Size/MD5 checksum:    27532 84b0e8df2b31326b378ce79e404ec4cd

  HP Precision architecture:

    freeamp_2.1.1.0-4woody2_hppa.deb
      Size/MD5 checksum:  2184294 a8a7ec3fa22215201fc05c9572c89074
    freeamp-extras_2.1.1.0-4woody2_hppa.deb
      Size/MD5 checksum:   105354 ed97bdb2ae641dc2eecc66e7dfd2daf8
    libfreeamp-esound_2.1.1.0-4woody2_hppa.deb
      Size/MD5 checksum:    27602 bae0e367bfb7b40d2c4b0390c6638d3f

  Motorola 680x0 architecture:

    freeamp_2.1.1.0-4woody2_m68k.deb
      Size/MD5 checksum:  1744992 25bf614e89c0bfddc8863d1e007335d4
    freeamp-extras_2.1.1.0-4woody2_m68k.deb
      Size/MD5 checksum:    72386 a0faa0affb7912807c340d65c6049cd5
    libfreeamp-esound_2.1.1.0-4woody2_m68k.deb
      Size/MD5 checksum:    28706 f226affa56379550b2d74c8cded44520

  Big endian MIPS architecture:

    freeamp_2.1.1.0-4woody2_mips.deb
      Size/MD5 checksum:  1864476 d8874d057b941058a7981a3233fdaa65
    freeamp-extras_2.1.1.0-4woody2_mips.deb
      Size/MD5 checksum:    69940 7f2ae3c9420e113583932b40eb8604dd
    libfreeamp-alsa_2.1.1.0-4woody2_mips.deb
      Size/MD5 checksum:    28610 9eb1bec2958a24a12872486c81e7a106
    libfreeamp-esound_2.1.1.0-4woody2_mips.deb
      Size/MD5 checksum:    27854 88ef872d3fdaa6e6cd274549f250b434

  Little endian MIPS architecture:

    freeamp_2.1.1.0-4woody2_mipsel.deb
      Size/MD5 checksum:  1827610 3bd082fa5eca1e96b2ad2fec3293a8bd
    freeamp-extras_2.1.1.0-4woody2_mipsel.deb
      Size/MD5 checksum:    68796 d772ca8a111e64cab746a1f9efe5cf98
    libfreeamp-esound_2.1.1.0-4woody2_mipsel.deb
      Size/MD5 checksum:    27546 d9eb6b5c8f6f608c09e695333e2cd477

  PowerPC architecture:

    freeamp_2.1.1.0-4woody2_powerpc.deb
      Size/MD5 checksum:  2046412 539183b9f14aeeabbd74049bb9dcbca8
    freeamp-extras_2.1.1.0-4woody2_powerpc.deb
      Size/MD5 checksum:    75370 033f91e19fbb6da25da8a864a2fde435
    libfreeamp-alsa_2.1.1.0-4woody2_powerpc.deb
      Size/MD5 checksum:    29854 405d64cb8eae9c9f24e32191e1ffd8da
    libfreeamp-esound_2.1.1.0-4woody2_powerpc.deb
      Size/MD5 checksum:    29042 595cd2062229e98a2ce6d5c4ccbbc882

  IBM S/390 architecture:

    freeamp_2.1.1.0-4woody2_s390.deb
      Size/MD5 checksum:  1962584 ea73c5dcf1b3d54eb04ebaeb4e190290
    freeamp-extras_2.1.1.0-4woody2_s390.deb
      Size/MD5 checksum:    73074 93857a08ea97df7926b688b3d7b75e0d
    libfreeamp-esound_2.1.1.0-4woody2_s390.deb
      Size/MD5 checksum:    29334 4aec2ae5a414e6d2bfbb73c6409f78c7

  Sun Sparc architecture:

    freeamp_2.1.1.0-4woody2_sparc.deb
      Size/MD5 checksum:  1969882 b220f88f807c80d6b96d7cfab862b2a3
    freeamp-extras_2.1.1.0-4woody2_sparc.deb
      Size/MD5 checksum:    74556 cfb464ec0bf2c9859b5df5f80e9dabbc
    libfreeamp-alsa_2.1.1.0-4woody2_sparc.deb
      Size/MD5 checksum:    28814 9d7d9735acc60e36dac2d19c51d9ace9
    libfreeamp-esound_2.1.1.0-4woody2_sparc.deb
      Size/MD5 checksum:    27802 5c91f275ac283265a8c4bd6d94b5122f


  These files will probably be moved into the stable distribution on
  its next update.

--------------------------------------------------------------------------------
-
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-securitydists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFBj1+/W5ql+IAeqTIRAnIrAJ4r0yQnxKCsU9jElkzv5CXctHJvMwCfV6/E
mY6LDP6fdnSCcwMHU2GGYUU=
=uCT5
-----END PGP SIGNATURE-----


-- 
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
 listmaster@lists.debian.org
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung