From:
[email protected]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ------------------------------------------------------------------------ Debian Security Advisory DSA-1894-1
[email protected] http://www.debian.org/security/ Steffen Joeris
September 24, 2009
http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : newt
Vulnerability : buffer overflow
Problem type : local
Debian-specific: no
CVE Id : CVE-2009-2905
Miroslav Lichvar discovered that newt, a windowing toolkit, is prone to
a buffer overflow in the content processing code, which can lead to the execution of arbitrary code.
For the stable distribution (lenny), this problem has been fixed in
version 0.52.2-11.3+lenny1.
For the oldstable distribution (etch), this problem has been fixed in
version 0.52.2-10+etch1.
For the testing distribution (squeeze) and the unstable distribution
(sid), this problem will be fixed soon
We recommend that you upgrade your newt packages.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
- -------------------------------
Debian (oldstable)
- ------------------
Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/n/newt/newt_0.52.2-10+etch1.diff.gz
Size/MD5 checksum: 104625 e7c0a636b3e2d9bc4b2a6b9f68e712ce
http://security.debian.org/pool/updates/main/n/newt/newt_0.52.2-10+etch1.dsc
Size/MD5 checksum: 867 fad99ed4d5166840b2de8da17b1afe9c
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/n/newt/whiptail_0.52.2-10+etch1_alpha.deb
Size/MD5 checksum: 36396 8873dd9c8eafdfe203afcd0b7541150c
http://security.debian.org/pool/updates/main/n/newt/libnewt0.52_0.52.2-10+etch1_alpha.deb
Size/MD5 checksum: 72148 acc944c96352666c8b778cef8c0529a4
http://security.debian.org/pool/updates/main/n/newt/libnewt-dev_0.52.2-10+etch1_alpha.deb
Size/MD5 checksum: 101720 a57af3ec38cbe06c81a2bd4839bc3b05
http://security.debian.org/pool/updates/main/n/newt/python-newt_0.52.2-10+etch1_alpha.deb
Size/MD5 checksum: 40622 f5b8a0b9e82829251923f23ba249a7ab
http://security.debian.org/pool/updates/main/n/newt/libnewt-pic_0.52.2-10+etch1_alpha.deb
Size/MD5 checksum: 75070 260932a92f473fea16b9985c340ecc41
http://security.debian.org/pool/updates/main/n/newt/newt-tcl_0.52.2-10+etch1_alpha.deb
Size/MD5 checksum: 30696 a7c8c8f86dd21d92f62b3333152a8acc
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/n/newt/newt-tcl_0.52.2-10+etch1_amd64.deb
Size/MD5 checksum: 29706 1002818f7221e0d7dd1c467e7937e259
http://security.debian.org/pool/updates/main/n/newt/python-newt_0.52.2-10+etch1_amd64.deb
Size/MD5 checksum: 40642 5544a2173c8b71013b5cec90c220edec
http://security.debian.org/pool/updates/main/n/newt/libnewt-pic_0.52.2-10+etch1_amd64.deb
Size/MD5 checksum: 62200 27d76327c56feb8f8bd3e7dc8dedeba4
http://security.debian.org/pool/updates/main/n/newt/whiptail_0.52.2-10+etch1_amd64.deb
Size/MD5 checksum: 35414 ece6b444af84f433e0367fd57b86d035
http://security.debian.org/pool/updates/main/n/newt/libnewt0.52_0.52.2-10+etch1_amd64.deb
Size/MD5 checksum: 68608 ff8fb8c9cc7fadbd3e44624a4caf719d
http://security.debian.org/pool/updates/main/n/newt/libnewt-dev_0.52.2-10+etch1_amd64.deb
Size/MD5 checksum: 90152 c3c841fb22e99c78d866910baca40301
arm architecture (ARM)
http://security.debian.org/pool/updates/main/n/newt/whiptail_0.52.2-10+etch1_arm.deb
Size/MD5 checksum: 34508 beddcaac2efcb9fe042fb50519d9effb
http://security.debian.org/pool/updates/main/n/newt/libnewt-pic_0.52.2-10+etch1_arm.deb
Size/MD5 checksum: 55964 e50294eb35ff224f5e2e43b65039ada5
http://security.debian.org/pool/updates/main/n/newt/newt-tcl_0.52.2-10+etch1_arm.deb
Size/MD5 checksum: 28486 d356a6c39e2549b5578b7bf8b23916cb
http://security.debian.org/pool/updates/main/n/newt/python-newt_0.52.2-10+etch1_arm.deb
Size/MD5 checksum: 38392 e3c548d518db0ef7c11cdae2f106bbf6
http://security.debian.org/pool/updates/main/n/newt/libnewt-dev_0.52.2-10+etch1_arm.deb
Size/MD5 checksum: 83858 939f2e69db6fb824b5302072d347a402
http://security.debian.org/pool/updates/main/n/newt/libnewt0.52_0.52.2-10+etch1_arm.deb
Size/MD5 checksum: 63200 5fa817dce03725fa7068683d328f9610
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/n/newt/newt-tcl_0.52.2-10+etch1_i386.deb
Size/MD5 checksum: 29234 c8150846ffc50743492dde903f14e275
http://security.debian.org/pool/updates/main/n/newt/libnewt-pic_0.52.2-10+etch1_i386.deb
Size/MD5 checksum: 57876 4a7066f4b000278b4988499ea7043d49
http://security.debian.org/pool/updates/main/n/newt/whiptail_0.52.2-10+etch1_i386.deb
Size/MD5 checksum: 34842 18893f2eb064672f7101dd46a96b8a5f
http://security.debian.org/pool/updates/main/n/newt/python-newt_0.52.2-10+etch1_i386.deb
Size/MD5 checksum: 38716 3be92ace8802cf97f8d3afcd67f3bd93
http://security.debian.org/pool/updates/main/n/newt/libnewt-dev_0.52.2-10+etch1_i386.deb
Size/MD5 checksum: 86976 9b61375a5dd7741477a798391c72c127
http://security.debian.org/pool/updates/main/n/newt/libnewt0.52_0.52.2-10+etch1_i386.deb
Size/MD5 checksum: 65466 068d412ddb49642867ce2f3a2ae6a254
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/n/newt/libnewt-pic_0.52.2-10+etch1_ia64.deb
Size/MD5 checksum: 84682 cd265c96f032c799b2f7ccee10e68e1f
http://security.debian.org/pool/updates/main/n/newt/libnewt-dev_0.52.2-10+etch1_ia64.deb
Size/MD5 checksum: 111566 c1e641893476cd6283e052296a4e1a8d
http://security.debian.org/pool/updates/main/n/newt/whiptail_0.52.2-10+etch1_ia64.deb
Size/MD5 checksum: 39638 0eb2910fef081cd067be97618f86ce69
[continued in next message]
--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)