From a785b5081d8252dd68f025b0314d1e60c2debf82 Mon Sep 17 00:00:00 2001 From: Stefan Fritsch Date: Mon, 3 Sep 2007 21:20:53 +0000 Subject: update website git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@6481 e39458fd-73e7-0310-bf30-c45bca0a0e42 --- website/DTSA/DTSA-54-1.html | 91 ++++++++++++++++++++++++++++++++++++++++++++ website/DTSA/DTSA-55-1.html | 92 +++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 183 insertions(+) create mode 100644 website/DTSA/DTSA-54-1.html create mode 100644 website/DTSA/DTSA-55-1.html (limited to 'website/DTSA') diff --git a/website/DTSA/DTSA-54-1.html b/website/DTSA/DTSA-54-1.html new file mode 100644 index 0000000000..c45e2019da --- /dev/null +++ b/website/DTSA/DTSA-54-1.html @@ -0,0 +1,91 @@ + + + Debian testing security team - Advisory + + + + +
+ + + + + Debian Project +
+
+ + + + + + + + + + + +
+ Debian testing security team - Advisory +
+ + +
+ + +

DTSA-54-1

+
+
Date Reported:
+
August 22nd , 2007
+
Affected Package:
+
poppler
+
Vulnerability:
+
integer overflow
+
Problem-Scope:
+
local (remote)
+
Debian-specific:
+
No
+
CVE:
+
+CVE-2007-3387 +
+
More information:
+
It was discovered that an integer overflow in the xpdf PDF viewer may lead 
+to the execution of arbitrary code if a malformed PDF file is opened. 

+CVE-2007-3387 

+Integer overflow in the StreamPredictor::StreamPredictor function in gpdf  
+before 2.8.2, as used in (1) poppler, (2) xpdf, (3) kpdf, (4) kdegraphics, 
+(5) CUPS, and other products, might allow remote attackers to execute  
+arbitrary code via a crafted PDF file. 
+
+
For the testing distribution (lenny) this is fixed in version 0.5.4-6lenny1
+
For the unstable distribution (sid) this is fixed in version 0.5.4-6.1
+
This upgrade is recommended if you use poppler.
+
If you have the secure testing lines in your sources.list, you can update by running this command as root:
+ +
apt-get update && apt-get upgrade
+
+ +
+
To use the Debian testing security archive, add the following lines to your /etc/apt/sources.list:
+
+
deb http://security.debian.org/ testing/updates main contrib non-free
+
deb-src http://security.debian.org/ testing/updates main contrib non-free
+
+ + +
+ + Valid HTML 4.01! + + Valid CSS! + + + + diff --git a/website/DTSA/DTSA-55-1.html b/website/DTSA/DTSA-55-1.html new file mode 100644 index 0000000000..60fed21a80 --- /dev/null +++ b/website/DTSA/DTSA-55-1.html @@ -0,0 +1,92 @@ + + + Debian testing security team - Advisory + + + + +
+ + + + + Debian Project +
+
+ + + + + + + + + + + +
+ Debian testing security team - Advisory +
+ + +
+ + +

DTSA-55-1

+
+
Date Reported:
+
September 1st , 2007
+
Affected Package:
+
centerim
+
Vulnerability:
+
buffer overflows
+
Problem-Scope:
+
remote
+
Debian-specific:
+
No
+
CVE:
+
+CVE-2007-3713 +
+
More information:
+
It was discovered that there are multiple buffer overflows, which could lead  
+to the execution of arbitrary code. 

+CVE-2007-3713 

+Multiple buffer overflows in Konst CenterICQ 4.9.11 through 4.21 allow 
+remote attackers to execute arbitrary code via unspecified vectors. 
+NOTE: the provenance of this information is unknown; the details are  
+obtained solely from third party information. NOTE: this might overlap 
+CVE-2007-0160. 
+
+
For the testing distribution (lenny) this is fixed in version 4.22.1-2lenny1
+
For the unstable distribution (sid) this is fixed in version 4.22.1-2.1
+
This upgrade is recommended if you use centerim.
+
If you have the secure testing lines in your sources.list, you can update by running this command as root:
+ +
apt-get update && apt-get upgrade
+
+ +
+
To use the Debian testing security archive, add the following lines to your /etc/apt/sources.list:
+
+
deb http://security.debian.org/ testing/updates main contrib non-free
+
deb-src http://security.debian.org/ testing/updates main contrib non-free
+
+ + +
+ + Valid HTML 4.01! + + Valid CSS! + + + + -- cgit v1.2.3