- --------------------------------------------------------------------------Debian Security Advisory DSA 1124-1                    security@debian.org
http://www.debian.org/security/                         Moritz Muehlenhoff
July 24th, 2006                         http://www.debian.org/security/faq
- --------------------------------------------------------------------------Package        : fbi
Vulnerability  : typo
Problem-Type   : local
Debian-specific: no
CVE ID         : CVE-2006-3119

Toth Andras discovered that the fbgs framebuffer postscript/PDF viewer
contains a typo, which prevents the intended filter against malicious
postscript commands from working correctly. This might lead to the
deletion of user data when displaying a postscript file.

For the stable distribution (sarge) this problem has been fixed in
version 2.01-1.2sarge2.

For the unstable distribution (sid) this problem will be fixed soon.

We recommend that you upgrade your fbi package.


Upgrade Instructions
- --------------------wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge
- --------------------------------  Source archives:

          Size/MD5 checksum:      735 36d0568b3c180e41cb1f6df809ff5e5b
          Size/MD5 checksum:     5088 3b4e9623e4aa9d333c3aee47c42f3422
          Size/MD5 checksum:   205822 7bf21eae612fd457155533a83ab075c2

  Alpha architecture:

          Size/MD5 checksum:    29542 b0a4b4a73a93bda7243fea211f5ead9f
          Size/MD5 checksum:    67686 303fed22421dda6d18e541425c6a945f

  AMD64 architecture:

          Size/MD5 checksum:    24528 359cf3eadf6294c39b4fe2b185aa1167
          Size/MD5 checksum:    57384 cb5af6bbe2bd5ea99966eab903f220bf

  ARM architecture:

          Size/MD5 checksum:    22494 4a750437cdd4fcb2049e8c33b5231b64
          Size/MD5 checksum:    51232 240a6f9509c00477bcbefe80a0fb7e70

  Intel IA-32 architecture:

          Size/MD5 checksum:    22712 809f7d0fcfce407e5679305b07b69967
          Size/MD5 checksum:    52200 e2b4fdc29c3787d0a843415c5e62bcc1

  Intel IA-64 architecture:

          Size/MD5 checksum:    33896 a60373a4938640174dc80b34c65dadc4
          Size/MD5 checksum:    79814 6b6bfc5816ca014e4d290b05834eceac

  HP Precision architecture:

          Size/MD5 checksum:    26914 164ccc167aa0fda01d9535c65db000cc
          Size/MD5 checksum:    60222 c215390ee5bef416b5a9eb9ad0b16a2e

  Motorola 680x0 architecture:

          Size/MD5 checksum:    20754 006ed3c7e982e08d14860282ac312fad
          Size/MD5 checksum:    47324 63732b97562e3b2e8f801128faf8b8b4

  Big endian MIPS architecture:

          Size/MD5 checksum:    26048 211c8a4c5398e403b7d7f4a1a4bb3c4f
          Size/MD5 checksum:    59498 6e68121650840d81e04b1bec82156f5c

  Little endian MIPS architecture:

          Size/MD5 checksum:    26122 74ffc8475a2acf27af99b83b7cd0cbc6
          Size/MD5 checksum:    59234 6b976898ad8c23b7da53449d6af2c3e0

  PowerPC architecture:

          Size/MD5 checksum:    25978 ec0d5e88f5e7c908ce7c053485ca415a
          Size/MD5 checksum:    57298 996b2e6523767b439583dad7c511df83

  IBM S/390 architecture:

          Size/MD5 checksum:    24472 8c030047c8d631a6a1c01079e7d352e7
          Size/MD5 checksum:    58050 e5bebfa9b1c7ab4a0cfac3bc8f5f4541

  Sun Sparc architecture:

          Size/MD5 checksum:    23074 5c0854fb34e3c6da7c12991dedae0910
          Size/MD5 checksum:    52484 72496fbe05968cfb7bd185414629033f


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp:  dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org

Debian: New fbi packages fix potential deletion of user data

July 24, 2006
Toth Andras discovered that the fbgs framebuffer postscript/PDF viewer contains a typo, which prevents the intended filter against malicious postscript commands from working correc...

Summary


For the unstable distribution (sid) this problem will be fixed soon.

We recommend that you upgrade your fbi package.


Upgrade Instructions
- --------------------wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge

Size/MD5 checksum: 735 36d0568b3c180e41cb1f6df809ff5e5b
Size/MD5 checksum: 5088 3b4e9623e4aa9d333c3aee47c42f3422
Size/MD5 checksum: 205822 7bf21eae612fd457155533a83ab075c2

Alpha architecture:

Size/MD5 checksum: 29542 b0a4b4a73a93bda7243fea211f5ead9f
Size/MD5 checksum: 67686 303fed22421dda6d18e541425c6a945f

AMD64 architecture:

Size/MD5 checksum: 24528 359cf3eadf6294c39b4fe2b185aa1167
Size/MD5 checksum: 57384 cb5af6bbe2bd5ea99966eab903f220bf

ARM architecture:

Size/MD5 checksum: 22494 4a750437cdd4fcb2049e8c33b5231b64
Size/MD5 checksum: 51232 240a6f9509c00477bcbefe80a0fb7e70

Intel IA-32 architecture:

Size/MD5 checksum: 22712 809f7d0fcfce407e5679305b07b69967
Size/MD5 checksum: 52200 e2b4fdc29c3787d0a843415c5e62bcc1

Intel IA-64 architecture:

Size/MD5 checksum: 33896 a60373a4938640174dc80b34c65dadc4
Size/MD5 checksum: 79814 6b6bfc5816ca014e4d290b05834eceac

HP Precision architecture:

Size/MD5 checksum: 26914 164ccc167aa0fda01d9535c65db000cc
Size/MD5 checksum: 60222 c215390ee5bef416b5a9eb9ad0b16a2e

Motorola 680x0 architecture:

Size/MD5 checksum: 20754 006ed3c7e982e08d14860282ac312fad
Size/MD5 checksum: 47324 63732b97562e3b2e8f801128faf8b8b4

Big endian MIPS architecture:

Size/MD5 checksum: 26048 211c8a4c5398e403b7d7f4a1a4bb3c4f
Size/MD5 checksum: 59498 6e68121650840d81e04b1bec82156f5c

Little endian MIPS architecture:

Size/MD5 checksum: 26122 74ffc8475a2acf27af99b83b7cd0cbc6
Size/MD5 checksum: 59234 6b976898ad8c23b7da53449d6af2c3e0

PowerPC architecture:

Size/MD5 checksum: 25978 ec0d5e88f5e7c908ce7c053485ca415a
Size/MD5 checksum: 57298 996b2e6523767b439583dad7c511df83

IBM S/390 architecture:

Size/MD5 checksum: 24472 8c030047c8d631a6a1c01079e7d352e7
Size/MD5 checksum: 58050 e5bebfa9b1c7ab4a0cfac3bc8f5f4541

Sun Sparc architecture:

Size/MD5 checksum: 23074 5c0854fb34e3c6da7c12991dedae0910
Size/MD5 checksum: 52484 72496fbe05968cfb7bd185414629033f


These files will probably be moved into the stable distribution on
its next update.

For dpkg-ftp: dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org

Severity

Related News

28.Lock Globe Esm H320
1 - 2 min read
The intersection of Linux and quantum computing has become increasingly apparent, emphasizing the importance of Linux-based operating systems in
6.EmailConnection Touch Esm H320
2 - 3 min read
Recent security updates for Ubuntu and Debian have been released to address vulnerabilities in Thunderbird, the popular open-source mail and
30.Lock Globe Motherboard Esm H320
1 - 2 min read
As cybersecurity practitioners, we are no strangers to the constant threat of malicious actors and the importance of remaining vigilant to protect
22.Lock ScreenEffect Esm H320
1 - 2 min read
EndeavorOS Gemini is a captivating and charming desktop operating system based on Arch Linux. The new release includes a kernel upgrade, 3D graphics
25.@Sign Hook Keyboard Esm H320
1 min read
Cyber risk is increasing for individuals and organizations, making flexible and robust solutions for identifying spam and malware increasingly
19.Laptop Bed Esm H320
2 - 3 min read
The recently released Linux Kernel 6.9 brings forth a blend of crucial upgrades and enhancements, catering to the ever-evolving needs of the Linux
4.Lock AbstractDigital Esm H320
1 - 2 min read
Nmap 7.95 introduces myriad enhancements, primarily focusing on OS and service detection signatures. This reflects the dedication of the Nmap
5.ShakingHands Esm H320
3 - 5 min read
There has been a promising shift in the tech industry, with major companies pledging to release products with built-in security features. This

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved