drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in typo3-src
Name: |
Mehrere Probleme in typo3-src |
|
ID: |
DSA-2098-1 |
|
Distribution: |
Debian |
|
Plattformen: |
Debian lenny, Debian sid |
|
Datum: |
So, 29. August 2010, 22:33 |
|
Referenzen: |
Keine Angabe |
|
Applikationen: |
TYPO3 |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
- ------------------------------------------------------------------------ Debian Security Advisory DSA-2098-1 security@debian.org http://www.debian.org/security/ Thijs Kinkhorst August 29, 2010 http://www.debian.org/security/faq - ------------------------------------------------------------------------
Package : typo3-src Vulnerability : several Problem type : local/remote Debian-specific: no CVE Id(s) : not yet available Debian Bug : 590719
Several remote vulnerabilities have been discovered in the TYPO3 web content management framework: cross-site Scripting, open redirection, SQL injection, broken authentication and session management, insecure randomness, information disclosure and arbitrary code execution. More details can be found in the Typo3 security advisory: http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-012/
For the stable distribution (lenny), these problems have been fixed in version 4.2.5-1+lenny4.
The testing distribution (squeeze) will be fixed soon.
For the unstable distribution (sid), these problems have been fixed in version 4.3.5-1.
We recommend that you upgrade your typo3-src package.
Upgrade instructions - --------------------
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 5.0 alias lenny - --------------------------------
Source archives:
typo3-src_4.2.5.orig.tar.gz Size/MD5 checksum: 8144727 75b2e5db6ac586fb6176f329be452159 typo3-src_4.2.5-1+lenny4.dsc Size/MD5 checksum: 1008 018342ba199d8f866382b6791a617831 typo3-src_4.2.5-1+lenny4.diff.gz Size/MD5 checksum: 146540 9a2b90a47fd6373863cf43cecbbb53ee
Architecture independent packages:
typo3_4.2.5-1+lenny4_all.deb Size/MD5 checksum: 133958 4ec08c57f0dc4abb1681e98f403d81de typo3-src-4.2_4.2.5-1+lenny4_all.deb Size/MD5 checksum: 8192390 88cd8939bd4d1c5aad5aa0aa986f8855
These files will probably be moved into the stable distribution on its next update.
- --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-securitydists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux)
iQEcBAEBAgAGBQJMejdSAAoJEOxfUAG2iX57ByoIANXvUUdcMHPF9QFI4zh2SIgB 8UgtKj1mtDpNiyj6nAtJKx7wT97OclsG9mbvkuEM6t1gwjoZL6P03+fXj2C+EmA+ xVrzmUsQQDnLN27PFTVc6xepCrs5Bxwi1pBft/8LjwVauCMCC/1hzgKHrAIhWi2M RKi9e59Dob13OiWZ3bgtXgTCAFm7dHUuE1QmQqm5sEAmKXsyiliGUloE7ipMqEBa WuR5/Za0tAN8FRV/5prmKxDPUna5ikI4afk+v4dardzkcGLWtGdHjLFRZ33pvcFk b3BEL1Tw1UK4LeIyF6yMYSBjMCANRZL5mE0xEfXcghiGtEFZeTsCXUWPXZ9OjaM= =EiZM -----END PGP SIGNATURE-----
-- To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org Archive: http://lists.debian.org/20100829103501.BB6AE326ED3@morgana.loeki.tv
|
|
|
|