Debian: New gtkhtml packages fix denial of service
Summary
- --------------------------------------------------------------------------Debian Security Advisory DSA 710-1 security@debian.org http://www.debian.org/security/ Martin Schulze April 18th, 2005 http://www.debian.org/security/faq - --------------------------------------------------------------------------Package : gtkhtml Vulnerability : null pointer dereference Problem-Type : remote Debian-specific: no CVE ID : CAN-2003-0541 Debian Bug : 279726 Alan Cox discovered a problem in gtkhtml, an HTML rendering widget used by the Evolution mail reader. Certain malformed messages could cause a cras due to a null pointer dereference. For the stable distribution (woody) this problem has been fixed in version 1.0.2-1.woody1. For the unstable distribution (sid) this problem has been fixed in version 1.0.4-6.2. We recommend that you upgrade your gtkhtml package and restart Evolution. Upgrade Instructions - --------------------wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.0 alias woody - -------------------------------- Source archives: Size/MD5 checksum: 1125 6988f7d4a99fb8d11718ffe378f43b3b Size/MD5 checksum: 7774 1c2ba9567085f2f53be68f90c83ca1b0 Size/MD5 checksum: 1303882 5276fcca2007f2d1a9da912f167da942 Architecture independent components: Size/MD5 checksum: 110140 201592f40c1af63858d3eeaa86199aff Alpha architecture: Size/MD5 checksum: 183820 5ee322b2a611a805024d111d4f09294b Size/MD5 checksum: 471328 af1ab4aa1163476af6934311a17cc20a Size/MD5 checksum: 265262 647cc727c44ea8f7b20deae2b92ecde9 ARM architecture: Size/MD5 checksum: 161032 cb49c5d6f69fe2586cdb67635e2389de Size/MD5 checksum: 369672 3f62dab704cbcbe4b42ca92f6ee9c8c2 Size/MD5 checksum: 228732 d7c6e04d352fa685923897c90390124b Intel IA-32 architecture: Size/MD5 checksum: 161342 764b98a643e95cd6c71c63321558f09b Size/MD5 checksum: 327032 73c654db1df353ceba333cb360fd4371 Size/MD5 checksum: 211340 1121bd3c7c999475e29318d5b51d7893 Intel IA-64 architecture: Size/MD5 checksum: 220844 a76275284742a70e1ef531f116031c41 Size/MD5 checksum: 521132 a2a818095e2b1269c76d51000e83a94d Size/MD5 checksum: 365282 5b2435c82e113857df3f071b3523da9a HP Precision architecture: Size/MD5 checksum: 181092 840d582a8ccc53b53e8ae2a5386cb581 Size/MD5 checksum: 459262 0f1d29d73b8e3d4c4f0ac1cfaa9ca75f Size/MD5 checksum: 301290 dda8c4920f558bc87db7d49516e1d0a8 Motorola 680x0 architecture: Size/MD5 checksum: 156492 f1c02dc230f2015b44fa828d527d7284 Size/MD5 checksum: 321408 1d4eccc30bc5b16ec0226c26ff938491 Size/MD5 checksum: 218960 798d4773c9a416366aee3b8f8a20e96e Big endian MIPS architecture: Size/MD5 checksum: 158670 48616031e2b54586d474574a15569330 Size/MD5 checksum: 424980 0824af5b2aea3d06cbc26b74734deabc Size/MD5 checksum: 228374 f5b41b3662fc916ca55c33ee73853bde Little endian MIPS architecture: Size/MD5 checksum: 157646 256efff4ab081d37dc693fc30384c30b Size/MD5 checksum: 418884 7fcfe4003100d1d59c51577eb76cbfb9 Size/MD5 checksum: 226316 c8cd02352947788665d3a8ee341d5975 PowerPC architecture: Size/MD5 checksum: 159592 db5e3e20547b5d8ef7be23424d4b846f Size/MD5 checksum: 392412 a6c3956e372ce45f707e42c5fbe831de Size/MD5 checksum: 240908 a48a52556fb17012df3d6921982597c5 IBM S/390 architecture: Size/MD5 checksum: 160992 8c619e5d0bfb20ad019a332fd5057202 Size/MD5 checksum: 350854 7b8292d0fd63d0f6857859db343ddcd0 Size/MD5 checksum: 243026 8e27d879237c8c194bd3b4e74d80c63f Sun Sparc architecture: Size/MD5 checksum: 165438 4d2ce3c43769b52723137ad5bf72430a Size/MD5 checksum: 369240 76a7721207df6f4b9b9478d2bea4389f Size/MD5 checksum: 232952 ae95aec6f4e069ea36f7faf69ec888f7 These files will probably be moved into the stable distribution on its next update. - ---------------------------------------------------------------------------------For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org