Debian: New dia packages fix arbitrary code execution
April 6, 2006
Updated package.
Summary
Severity
- --------------------------------------------------------------------------Debian Security Advisory DSA 1025-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
April 6th, 2006 http://www.debian.org/security/faq
- --------------------------------------------------------------------------Package : dia
Vulnerability : programming error
Problem type : local (remote)
Debian-specific: no
CVE ID : CAN-2005-2966
BugTraq ID : 15000
"infamous41md" discovered three buffer overflow errors in the xfig
import code of dia, a diagram editor, that can lead to the execution
of arbitrary code.
For the old stable distribution (woody) these problems have been fixed in
version 0.88.1-3woody1.
For the stable distribution (sarge) these problems have been fixed in
version 0.94.0-7sarge3.
For the unstable distribution (sid) these problems have been fixed in
version 0.94.0-18.
We recommend that you upgrade your dia package.
Upgrade Instructions
- --------------------wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 3.0 alias woody
- -------------------------------- Source archives:
Size/MD5 checksum: 705 25bc7ead9731e940217ec0d8c6342073
Size/MD5 checksum: 7531 a5776c952860a8446c2203626aa0bf0f
Size/MD5 checksum: 1977789 a44e91b49893c374577c6b4d4d0e1ce6
Alpha architecture:
Size/MD5 checksum: 248694 fc8417f7cd8e42839aaf4916bb128c61
Size/MD5 checksum: 922288 b0cbcefda3672be682fcdc31b9f1378e
Size/MD5 checksum: 276128 775b9daae70d5f7f5cd102b4186f1b12
ARM architecture:
Size/MD5 checksum: 196784 52b07976ebe24548d8617c82e0726312
Size/MD5 checksum: 841756 8d769c0d0ecc14c2fe547675c51eede6
Size/MD5 checksum: 224634 c617e978a7bd2b593be0fb18486daad5
Intel IA-32 architecture:
Size/MD5 checksum: 192818 a01fe6b5b0bdbbebe4f7d586d72413b7
Size/MD5 checksum: 836314 1346f382feaa78a7968121c6e7c84dce
Size/MD5 checksum: 220812 760776c41d68af504ec92d40e57a4645
Intel IA-64 architecture:
Size/MD5 checksum: 332036 ff6d825a12c99c3403c227329ab88989
Size/MD5 checksum: 1059798 b1bb7b20860fa6350d85a399ec07670e
Size/MD5 checksum: 359196 37ca623ab7e77db84ff951cfd7509646
HP Precision architecture:
Size/MD5 checksum: 241214 21d08cd8430e7c0112008954941ca409
Size/MD5 checksum: 968394 331a9cb181c6b08421ef7ec45e7ca3ce
Size/MD5 checksum: 268478 9663e846de981d683aa023a1b9332b8c
Motorola 680x0 architecture:
Size/MD5 checksum: 175720 5a591481f242ed1a7c85f392c5146c77
Size/MD5 checksum: 845420 7b8359c0a077e7f672cebd8e25216fcf
Size/MD5 checksum: 204494 6e60913b1b96fc66dcae516095bb52a0
Big endian MIPS architecture:
Size/MD5 checksum: 220454 9b6596e6b650979a467d66476ba15f61
Size/MD5 checksum: 866998 68e98906280a334e7a59155bf20bf2f8
Size/MD5 checksum: 249110 c9ed24c60dd5d0b822bba402f0b9fe6c
Little endian MIPS architecture:
Size/MD5 checksum: 218560 b8df5cc203668bd05bc6f2dffe45b523
Size/MD5 checksum: 860318 a2472760168bf9f2491d7ca13c9fa1cc
Size/MD5 checksum: 247180 3c3f636259b343d0b7a0a55f8ad73e3e
PowerPC architecture:
Size/MD5 checksum: 205918 a2478681bd1584123a5aff3d256e2895
Size/MD5 checksum: 879228 e55ef75f15286aa96adabc0df51f12e1
Size/MD5 checksum: 233898 bbf7c7e2f9b70376c9c11aa7ae549093
IBM S/390 architecture:
Size/MD5 checksum: 188678 b99aebc99030c404423457da5b29a000
Size/MD5 checksum: 844896 bb6edbdf7aa5af5af786795645b668b5
Size/MD5 checksum: 217290 8a980c14c7e0f68c37b2f9401e992581
Sun Sparc architecture:
Size/MD5 checksum: 198208 b5c58e88eaea2470df35c12296cb785f
Size/MD5 checksum: 914668 f117d6c48fd070baedf957d8fad1f737
Size/MD5 checksum: 225454 dc7dee2327b5dda324053da22023589c
Debian GNU/Linux 3.1 alias sarge
- -------------------------------- Source archives:
Size/MD5 checksum: 1409 3ed723296cf60c4858ffd0d4bab9721b
Size/MD5 checksum: 17180 67e2ed96916a32bbdfe4747e05f084ff
Size/MD5 checksum: 5241128 d2afdc10f55df29314250d98dbfd7a79
Architecture independent components:
Size/MD5 checksum: 2149752 00c9a9808842eaef293bdd0d15b40105
Alpha architecture:
Size/MD5 checksum: 222996 9994f2344248138de956e2c01f9a5f2f
Size/MD5 checksum: 224514 1347b1bed4f75873639a7ee1016b36c3
Size/MD5 checksum: 730208 3e2ffff7de550eb64635d0e3060c5cf0
AMD64 architecture:
Size/MD5 checksum: 193578 dbfe2816deca9a26b364ddec69ddc76b
Size/MD5 checksum: 195250 caeb5d00d7c7e4faf9858be67e9f6dfd
Size/MD5 checksum: 659832 38319799e3f30bc485b3b89b358deb80
ARM architecture:
Size/MD5 checksum: 173158 0561b19f35dd9c25402fb1baca037630
Size/MD5 checksum: 174612 ac33f6894c875712c0a33a44b3efc708
Size/MD5 checksum: 552736 28ddf48809e2d69caf7b2037c8093945
Intel IA-32 architecture:
Size/MD5 checksum: 184456 111b85a4f6be3dbf38f9adba71bc7446
Size/MD5 checksum: 185872 26adf8b7cb9198e8154f944494ad7612
Size/MD5 checksum: 592386 322b3b24b21e4f7c397a29a79192aab4
Intel IA-64 architecture:
Size/MD5 checksum: 263866 56f4792d297eedc2da125eadf7334e69
Size/MD5 checksum: 265178 db670961bc9518a3e613e35be39e70bd
Size/MD5 checksum: 920300 bb901138437409be5362f49dad52f5d8
HP Precision architecture:
Size/MD5 checksum: 200820 e8dce5e36532dcf0c9adfbd7ba2c86a3
Size/MD5 checksum: 202316 2114720c71ad4d6826848e827f391d5a
Size/MD5 checksum: 775548 b9d7b39ebcb59bd86067eebb0467714b
Motorola 680x0 architecture:
Size/MD5 checksum: 160798 2a017d853dbc389416235377cd9f7d6c
Size/MD5 checksum: 162508 6b9fe5b3cda16582eb7e81f8568b248f
Size/MD5 checksum: 583970 f0585aee8d0fdad663f74aebae6d1a77
Big endian MIPS architecture:
Size/MD5 checksum: 177796 78ee12d62228a84e075b1d25daace8b8
Size/MD5 checksum: 179362 5e74e8737c9f375d72e9daf388693f21
Size/MD5 checksum: 642862 789848f83bdb10566b4639136a1ad750
Little endian MIPS architecture:
Size/MD5 checksum: 176242 595077160d1fa3f8435a91dfb26a38f1
Size/MD5 checksum: 177832 fc0bf115dcbcd7d3ff9a4347352fd056
Size/MD5 checksum: 631362 29384b2fe2d2dc0e735aff69b34991fe
PowerPC architecture:
Size/MD5 checksum: 183460 f49ff0e3ac6065767677a09d12591984
Size/MD5 checksum: 184984 5092ff74d7adf15d9918c559e619d5da
Size/MD5 checksum: 675290 5cea9bd0e5c1096bb21c682508bad107
IBM S/390 architecture:
Size/MD5 checksum: 185382 4c892cb6cc56319e8b75fc93509147b9
Size/MD5 checksum: 187180 3848d94df174826697a2aee9f61d6946
Size/MD5 checksum: 649504 e7a830a1c3e812a803d2f0f05e5c8860
Sun Sparc architecture:
Size/MD5 checksum: 175432 d300ddd04829200367e0c559096d64b4
Size/MD5 checksum: 176858 c4a617d51711693a9849146ac4ca2a33
Size/MD5 checksum: 610986 1e790fb90a3b8458253b9428d3529b93
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
