Search:

September 2007

3374 - Debian Security Advisories

ID: 3374
Date: 03 September 2007 10:45

Title: 3374 - Debian Security Advisories
Abstract: Release of several Debian security advisories
Vendors affected:Debian
Availability of fix: Available
Type of fix: Patch
Source: Debian
Reliability of source: Known
Source URL: http://www.debian.org/security/#DSAS

- --------------------------------------------------------------------------
Debian Security Advisory DSA 1366-1                    security@debian.org
http://www.debian.org/security/                         Moritz Muehlenhoff
September 1st, 2007                     http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : clamav
Vulnerability : several
Problem-Type   : remote
Debian-specific: no
CVE ID         : CVE-2007-4510 CVE-2007-4560

- ------------------------------------------------------------------------
Debian Security Advisory DSA 1359-1                  security@debian.org
http://www.debian.org/security/                               Steve Kemp
August 28th, 2007                     http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package        : dovecot
Vulnerability : directory traversal
Problem type   : remote
Debian-specific: no
CVE Id(s)      : CVE-2007-2231

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1360                    security@debian.org
http://www.debian.org/security/                               Steve Kemp
August 28th, 2007                     http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package        : rsync
Vulnerability : buffer overflow
Problem type   : remote
Debian-specific: no
CVE Id(s)      : CVE-2007-4091

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1361                    security@debian.org
http://www.debian.org/security/                               Steve Kemp
August 29th, 2007                     http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package        : postfix-policyd
Vulnerability : buffer overflow
Problem type   : remote
Debian-specific: no
CVE Id(s)      : CVE-2007-3791
Debian Bug     : 435735

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1362                    security@debian.org
http://www.debian.org/security/                               Steve Kemp
August 29th, 2007                     http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package        : lighttpd
Vulnerability : various
Problem type   : local/remote
Debian-specific: no
CVE Id(s)      : CVE-2007-3946
Debian Bug     : 434888

- --------------------------------------------------------------------------
Debian Security Advisory DSA 1363-1                    security@debian.org
http://www.debian.org/security/                               Dann Frazier
August 31st, 2007                       http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : linux-2.6
Vulnerability : several
Problem-Type   : local/remote
Debian-specific: no
CVE ID         : CVE-2007-2172 CVE-2007-2875 CVE-2007-3105 CVE-2007-3843
                 CVE-2007-4308

- --------------------------------------------------------------------------
Debian Security Advisory DSA 1364-1                    security@debian.org
http://www.debian.org/security/                         Moritz Muehlenhoff
September 1st, 2007                     http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : vim
Vulnerability : several
Problem-Type   : local(remote)
Debian-specific: no
CVE ID         : CVE-2007-2438 CVE-2007-2953

- --------------------------------------------------------------------------
Debian Security Advisory DSA 1365-1                    security@debian.org
http://www.debian.org/security/                         Moritz Muehlenhoff
September 1st, 2007                     http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : id3lib3.8.3
Vulnerability : programming error
Problem-Type   : local
Debian-specific: no
CVE ID         : CVE-2007-4460
Debian Bug     : 438540

This advisory contains information released by the original author. Some of the information may have changed since it was released. If the issue affects you, it may be prudent to retrieve the advisory from the site of the original source to ensure that you receive the most current information concerning that problem. Reference to any specific commercial product, process, or service by trade name, trademark manufacturer, or otherwise, does not constitute or imply its endorsement, recommendation, or favouring by CPNI.

The views and opinions of authors expressed within this notice shall not be used for advertising or product endorsement purposes. CPNI shall not accept responsibility for any errors or omissions contained within this advisory. In particular, they shall not be liable for any loss or damage whatsoever, arising from or in connection with the usage of information contained within this advisory.

CSIRTUK is a member of the Forum of Incident Response and Security Teams (FIRST) and has contacts with other international Incident Response Teams (IRTs) in order to foster cooperation and coordination in incident prevention, to prompt rapid reaction to incidents, and to promote information sharing amongst its members and the community at large.