Secunia Security Advisory - Debian has issued an update for php-mail. This fixes two vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions.
f2611540200e590892c4ad0805cc671edd41d827f28e4f5da9f8a799a294fd99
----------------------------------------------------------------------
Do you have VARM strategy implemented?
(Vulnerability Assessment Remediation Management)
If not, then implement it through the most reliable vulnerability
intelligence source on the market.
Implement it through Secunia.
For more information visit:
http://secunia.com/advisories/business_solutions/
Alternatively request a call from a Secunia representative today to
discuss how we can help you with our capabilities contact us at:
sales@secunia.com
----------------------------------------------------------------------
TITLE:
Debian update for php-mail
SECUNIA ADVISORY ID:
SA37458
VERIFY ADVISORY:
http://secunia.com/advisories/37458/
DESCRIPTION:
Debian has issued an update for php-mail. This fixes two
vulnerabilities, which can be exploited by malicious people to bypass
certain security restrictions.
For more information:
SA37410
SOLUTION:
Apply updated packages.
-- Debian GNU/Linux 4.0 alias etch --
Source archives:
http://security.debian.org/pool/updates/main/p/php-mail/php-mail_1.1.6.orig.tar.gz
Size/MD5 checksum: 13702 47b38a06acdec73c4d8c01f9d7e5e8e2
http://security.debian.org/pool/updates/main/p/php-mail/php-mail_1.1.6-2+etch1.diff.gz
Size/MD5 checksum: 3310 64425237844fed79a4b71aa34ccb0cee
http://security.debian.org/pool/updates/main/p/php-mail/php-mail_1.1.6-2+etch1.dsc
Size/MD5 checksum: 689 93c32b0cb655191ac6edb48013d18921
Architecture independent packages:
http://security.debian.org/pool/updates/main/p/php-mail/php-mail_1.1.6-2+etch1_all.deb
Size/MD5 checksum: 17884 a2abda15da9ddab5f1590198cc852b3f
-- Debian GNU/Linux 5.0 alias lenny --
Source archives:
http://security.debian.org/pool/updates/main/p/php-mail/php-mail_1.1.14-1+lenny1.dsc
Size/MD5 checksum: 1258 6d361bf9406e9195813b4396bb7d5c13
http://security.debian.org/pool/updates/main/p/php-mail/php-mail_1.1.14.orig.tar.gz
Size/MD5 checksum: 17537 e50da58b6b787b3903ce4d07dc791bb2
http://security.debian.org/pool/updates/main/p/php-mail/php-mail_1.1.14-1+lenny1.diff.gz
Size/MD5 checksum: 4105 a8154d9e86e98a591dfc9e84210ce163
Architecture independent packages:
http://security.debian.org/pool/updates/main/p/php-mail/php-mail_1.1.14-1+lenny1_all.deb
Size/MD5 checksum: 21904 d5184514df44b348582071748e855c32
ORIGINAL ADVISORY:
DSA-1938-1
http://lists.debian.org/debian-security-announce/2009/msg00261.html
OTHER REFERENCES:
SA37410:
http://secunia.com/advisories/37410/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------