Secunia Security Advisory - Debian has issued an update for mt-daapd. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
6306b3f740e2088be6e0d30e495b492c3707809fbf615e8c0aaeefebb28f55ba
----------------------------------------------------------------------
Want a new job?
http://secunia.com/secunia_security_specialist/
http://secunia.com/hardcore_disassembler_and_reverse_engineer/
International Partner Manager - Project Sales in the IT-Security
Industry:
http://corporate.secunia.com/about_secunia/64/
----------------------------------------------------------------------
TITLE:
Debian update for mt-daapd
SECUNIA ADVISORY ID:
SA30661
VERIFY ADVISORY:
http://secunia.com/advisories/30661/
CRITICAL:
Moderately critical
IMPACT:
DoS, System access
WHERE:
>From local network
OPERATING SYSTEM:
Debian GNU/Linux 4.0
http://secunia.com/product/13844/
Debian GNU/Linux unstable alias sid
http://secunia.com/product/530/
DESCRIPTION:
Debian has issued an update for mt-daapd. This fixes some
vulnerabilities, which can be exploited by malicious people to cause
a DoS (Denial of Service) or to potentially compromise a vulnerable
system.
For more information:
SA28269
SA29919
SOLUTION:
Apply updated packages.
-- Debian GNU/Linux 4.0 alias etch --
Source archives:
http://security.debian.org/pool/updates/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch1.dsc
Size/MD5 checksum:765 a303c40811df75fd395c28485d038ceb
http://security.debian.org/pool/updates/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch1.diff.gz
Size/MD5 checksum: 8929 a565dacb5773182a44b367b6c78a0da8
http://security.debian.org/pool/updates/main/m/mt-daapd/mt-daapd_0.2.4+r1376.orig.tar.gz
Size/MD5 checksum: 995301 c427c26e93914290b7cd615835ea333a
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch1_alpha.deb
Size/MD5 checksum: 637280 653700658a98af964ca5fabf5ff4086b
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch1_amd64.deb
Size/MD5 checksum: 610844 9297976354240c5a75b2c3636fe0746d
arm architecture (ARM)
http://security.debian.org/pool/updates/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch1_arm.deb
Size/MD5 checksum: 593834 58ccb78ac69ba94fff63580d19abec49
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch1_hppa.deb
Size/MD5 checksum: 628712 9424c2f2edb35321b05a59d7ef37b0d8
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch1_i386.deb
Size/MD5 checksum: 598872 3ffa9c84c8fac6542b0ee05ff0bb26a0
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch1_ia64.deb
Size/MD5 checksum: 680088 e8135a0ad1e70a95e4d0d6eafe475303
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch1_mips.deb
Size/MD5 checksum: 620220 156fd7841ebbf48977ffbc5dd1df35e6
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch1_mipsel.deb
Size/MD5 checksum: 615246 fcc02299e63b17c6d29621769a79efd8
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch1_powerpc.deb
Size/MD5 checksum: 620258 959237abd21efeb7b486bb092ad81d5e
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch1_s390.deb
Size/MD5 checksum: 623142 a74cec69d272a1ba4fe9d232b992b572
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch1_sparc.deb
Size/MD5 checksum: 595390 6eb767c6fb3d4a12448928f31754f0c5
-- Debian GNU/Linux unstable alias sid --
Fixed in version 0.9~r1696-1.3.
ORIGINAL ADVISORY:
http://lists.debian.org/debian-security-announce/2008/msg00177.html
OTHER REFERENCES:
SA28269:
http://secunia.com/advisories/28269/
SA29919:
http://secunia.com/advisories/29919/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------