- ------------------------------------------------------------------------Debian Security Advisory DSA-1240-1 security@debian.org
http://www.debian.org/security/ Steve Kemp
December 21, 2006
- ------------------------------------------------------------------------Package : links2
Vulnerability : insufficient escaping
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2006-5925
Debian Bug : 400718
Teemu Salmela discovered that the links2 character mode web browser
performs insufficient sanitising of smb:// URIs, which might lead to the
execution of arbitrary shell commands.
For the stable distribution (sarge) this problem has been fixed in
version 2.1pre16-1sarge1.
For the upcoming stable distribution (etch) this problem has been
fixed in version 2.1pre26-1.
For the unstable distribution (sid) this problem has been fixed in
version 2.1pre26-1.
We recommend that you upgrade your links2 package.
Upgrade instructions
- --------------------wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian 3.1 (stable)
- -------------------Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390 and sparc.
Source archives:
Size/MD5 checksum: 28658 a83c79990bbfb6f9ec26d737f767ee90
Size/MD5 checksum: 4217483 7baf4fc20cc244d80ead21cebff07d89
Size/MD5 checksum: 841 ed4853334b7eebef055271df06cdcd7a
alpha architecture (DEC Alpha)
Size/MD5 checksum: 2110324 b3633fddb199c45339d3837bb0a519a0
amd64 architecture (AMD x86_64 (AMD64))
Size/MD5 checksum: 2040922 5fb402e6a833709741d20238346c7597
arm architecture (ARM)
Size/MD5 checksum: 1996004 c7c79ddcb82d5758668ed71d74b9685f
i386 architecture (Intel ia32)
Size/MD5 checksum: 1997426 4c1ef611e31c57583f7471653962a84a
m68k architecture (Motorola Mc680x0)
Size/MD5 checksum: 1904084 e5c777a07eaa88f4367b51d88c556a14
mips architecture (MIPS (Big Endian))
Size/MD5 checksum: 2034596 22854de6eaf3aa1e392291760e85e5e8
These files will probably be moved into the stable distribution on
its next update.
- ---------------------------------------------------------------------------------For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
