Secunia Security Advisory - Debian has issued an update for kronolith. This fixes some vulnerabilities, which can be exploited by malicious users to conduct script insertion attacks.
3cde183725b6b280dd44c75e326c01ac3edb3d40605d87c0d54cacfb1fa52699
TITLE:
Debian update for kronolith
SECUNIA ADVISORY ID:
SA18827
VERIFY ADVISORY:
http://secunia.com/advisories/18827/
CRITICAL:
Less critical
IMPACT:
Cross Site Scripting
WHERE:
>From remote
OPERATING SYSTEM:
Debian GNU/Linux 3.1
http://secunia.com/product/5307/
Debian GNU/Linux unstable alias sid
http://secunia.com/product/530/
DESCRIPTION:
Debian has issued an update for kronolith. This fixes some
vulnerabilities, which can be exploited by malicious users to conduct
script insertion attacks.
For more information:
SA17971
SOLUTION:
Apply updated packages.
-- Debian GNU/Linux 3.1 alias sarge --
Source archives:
http://security.debian.org/pool/updates/main/k/kronolith/kronolith_1.1.4-2sarge1.dsc
Size/MD5 checksum: 581 246f510d44a3a79fe88d9b6f0efc0cda
http://security.debian.org/pool/updates/main/k/kronolith/kronolith_1.1.4-2sarge1.diff.gz
Size/MD5 checksum: 12005 c10a7d82b97300d62e6ef45f6e5e3cfe
http://security.debian.org/pool/updates/main/k/kronolith/kronolith_1.1.4.orig.tar.gz
Size/MD5 checksum: 530945 8f5e5bca2a8b383e8a00fe19dacd138f
Architecture independent components:
http://security.debian.org/pool/updates/main/k/kronolith/kronolith_1.1.4-2sarge1_all.deb
Size/MD5 checksum: 528516 4d4ed7e51485ca96008175597612d72a
-- Debian GNU/Linux unstable alias sid --
Fixed in version 2.0.6-1 of kronolith2.
ORIGINAL ADVISORY:
http://www.debian.org/security/2006/dsa-970
OTHER REFERENCES:
SA17971:
http://secunia.com/advisories/17971/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------