---------------------------------------------------------------------- A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI has been released. The new version includes many new and advanced features, which makes it even easier to stay patched. Download and test it today: https://psi.secunia.com/ Read more about this new version: https://psi.secunia.com/?page=changelog ---------------------------------------------------------------------- TITLE: Debian update for libvorbis SECUNIA ADVISORY ID: SA28614 VERIFY ADVISORY: http://secunia.com/advisories/28614/ CRITICAL: Moderately critical IMPACT: DoS, System access WHERE: >From remote OPERATING SYSTEM: Debian GNU/Linux unstable alias sid http://secunia.com/product/530/ Debian GNU/Linux 4.0 http://secunia.com/product/13844/ Debian GNU/Linux 3.1 http://secunia.com/product/5307/ DESCRIPTION: Debian has issued an update for libvorbis. This fixes some vulnerabilties, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library. For more information: SA26232 SOLUTION: Apply updated packages. -- Debian 3.1 (oldstable) -- Source archives: http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis_1.1.0-2.dsc Size/MD5 checksum:680 b5ec6d8d0c0ff4685c78590293477e4b http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis_1.1.0.orig.tar.gz Size/MD5 checksum:1312404 bb764aeabde613d1a424a29b1f15e7e6 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis_1.1.0-2.diff.gz Size/MD5 checksum:10367 29d9172717dad2dec0c9cc19ba17ea1e alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.0-2_alpha.deb Size/MD5 checksum: 523394 8c3eff010d1e788aeb07e83ce339a7e2 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.0-2_alpha.deb Size/MD5 checksum: 102930 4d137d5bca89b5e631b9680cb5cff7ec http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.0-2_alpha.deb Size/MD5 checksum: 117260 a316f6d6d54f5660dde2c0c098b187fe http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.0-2_alpha.deb Size/MD5 checksum:19658 ffc4a16a404c4816c1d0aaef05bf8f08 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.0-2_amd64.deb Size/MD5 checksum: 102438 6173f2016d1ea737d18cfccc63a0c20b http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.0-2_amd64.deb Size/MD5 checksum: 486120 6c3e44f512fb6616fda5f2a4a6da7f0f http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.0-2_amd64.deb Size/MD5 checksum:99786 06369a2e7c39661f1be42f92fbf6edeb http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.0-2_amd64.deb Size/MD5 checksum:17294 94eecd33afe32351d8f50abb89318bf9 arm architecture (ARM) http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.0-2_arm.deb Size/MD5 checksum: 485678 4dba38c91f4f5be70b607bfb19c84d13 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.0-2_arm.deb Size/MD5 checksum:81320 103674a7f35ea423637830892e109219 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.0-2_arm.deb Size/MD5 checksum:97096 bc6e7342d9d42e1d7b5dd33d0bf2e090 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.0-2_arm.deb Size/MD5 checksum:18314 97e2b61223b6dadc426d41f47a7631bb hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.0-2_hppa.deb Size/MD5 checksum:97976 6912b808e469447464d9fc761b2a8fad http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.0-2_hppa.deb Size/MD5 checksum: 113080 a6abab0886d26925be5faac1ed53e8b5 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.0-2_hppa.deb Size/MD5 checksum:22728 669a38c0ac05806f3b6c1756dfb640c1 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.0-2_hppa.deb Size/MD5 checksum: 496120 3207fd8896ac3d3f3ea428a0c17be98a i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.0-2_i386.deb Size/MD5 checksum: 467764 342adc98e7c2b0e9f3983a706f6a221a http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.0-2_i386.deb Size/MD5 checksum:95384 e3e0b031eee3ca107d74babc72582dbe http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.0-2_i386.deb Size/MD5 checksum:81508 a356e52746d5c2d5208173620a2842f0 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.0-2_i386.deb Size/MD5 checksum:19048 9e699a221a3fb782bae0ae3fc917537f ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.0-2_ia64.deb Size/MD5 checksum:25012 d3ec22c380848764f06c00820882a90d http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.0-2_ia64.deb Size/MD5 checksum: 546198 fc3fb09f478c907035e74aa9aa5fdb80 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.0-2_ia64.deb Size/MD5 checksum: 108276 3f9f6ab4fa645b6fcfb73f28c4686db9 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.0-2_ia64.deb Size/MD5 checksum: 143578 ba49e14d0e3e4323e90287fd1a67e2ff m68k architecture (Motorola Mc680x0) http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.0-2_m68k.deb Size/MD5 checksum:93068 b2f02b9d46617c9988515a442ec4e3cd http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.0-2_m68k.deb Size/MD5 checksum: 454680 647dddb5f7a803c68d702e27a6c88bd3 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.0-2_m68k.deb Size/MD5 checksum:16048 630c76007d54b25a1d85bfb2f3eeb600 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.0-2_m68k.deb Size/MD5 checksum:87350 64d0c6b554d0056f6fe18f54923a7f57 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.0-2_mips.deb Size/MD5 checksum:91426 008a8a3f55a169c4c3c7aa7ffb5d14ac http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.0-2_mips.deb Size/MD5 checksum: 500658 4da1c9ef73472d84ecb58e6ad176600e http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.0-2_mips.deb Size/MD5 checksum: 107856 dfb55fbb3e5a197f7ea1e6468dd383b4 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.0-2_mips.deb Size/MD5 checksum:21396 f46d920692b1e2fbc6d41d9ea561c7aa mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.0-2_mipsel.deb Size/MD5 checksum:87934 347cea10f6b0eb47bf05cb45889c634b http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.0-2_mipsel.deb Size/MD5 checksum: 496002 f7a8c365dc8dc284410dccf1381545f8 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.0-2_mipsel.deb Size/MD5 checksum:21290 5f6cb4fb14862908de9945b4cc42c7d4 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.0-2_mipsel.deb Size/MD5 checksum: 107728 d6d6ee14d134b99be53555063c07ca8d powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.0-2_powerpc.deb Size/MD5 checksum: 111098 c9f7f8827f0944cac84f0a97bbd2d621 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.0-2_powerpc.deb Size/MD5 checksum:22482 465ecb55f6dda90f34d7dd6d5e633a96 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.0-2_powerpc.deb Size/MD5 checksum:88080 d0eb2b48650d77d32ed6616e4cabf121 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.0-2_powerpc.deb Size/MD5 checksum: 492882 0f305d4a191b1bf746f867d785d0cef2 s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.0-2_s390.deb Size/MD5 checksum:94944 b5218e1329b320265c0a6488aecb1edd http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.0-2_s390.deb Size/MD5 checksum:20452 1c644fa0f5fd426c078c85336b67fa48 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.0-2_s390.deb Size/MD5 checksum: 103420 cdd1b9852ff808075ec93d14de016e87 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.0-2_s390.deb Size/MD5 checksum: 476036 7e5a6de0959c3145396b59368dea2d15 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.0-2_sparc.deb Size/MD5 checksum:84788 45371ad7069c908482cefc7273b702e1 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.0-2_sparc.deb Size/MD5 checksum: 104638 3c212a95142245aab5b154f370d8dc00 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.0-2_sparc.deb Size/MD5 checksum:19100 e48ca578a53022388e8652e321832c6d http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.0-2_sparc.deb Size/MD5 checksum: 481096 a0d59beb8a891859b8706f08f9fd7018 -- Debian 4.0 (stable) -- Source archives: http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis_1.1.2.dfsg-1.3.dsc Size/MD5 checksum:787 514e1b39b9020ec71b598a86ecd7a98a http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis_1.1.2.dfsg-1.3.diff.gz Size/MD5 checksum:15113 6d5a52ab761bee984f8a3bf4824c1da2 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis_1.1.2.dfsg.orig.tar.gz Size/MD5 checksum:1312540 44cf09fef7f78e7c6ba7dd63b6137412 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.3_alpha.deb Size/MD5 checksum:19096 0dcf6327ba9b509e647c4be6b51d53b8 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.3_alpha.deb Size/MD5 checksum: 110222 1fb68f00dd1481c49174fa4a80f3c4a9 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.3_alpha.deb Size/MD5 checksum:94302 851d716fc4c4b3d91b25d866322c115d http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.3_alpha.deb Size/MD5 checksum: 491324 97fa5a25df211846ee4a0860866dc79b amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.3_amd64.deb Size/MD5 checksum:17672 fc04a950b05fe113f68cbfd52cb1a109 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.3_amd64.deb Size/MD5 checksum: 468464 eea9a1080f935cffa8b9c6882a689562 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.3_amd64.deb Size/MD5 checksum: 101280 2cadb9c30b35e1911f24e4f412771609 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.3_amd64.deb Size/MD5 checksum:93380 8ee0edfb1e54619e4792e1e576023007 arm architecture (ARM) http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.3_arm.deb Size/MD5 checksum:18400 a6ba31fcb2029588d3379d1cc32fa827 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.3_arm.deb Size/MD5 checksum: 458464 025a4197b18bafb76ad61bc7b2f9020f http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.3_arm.deb Size/MD5 checksum:75618 3baf64d2cac4b46e2aeabb161c41ef96 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.3_arm.deb Size/MD5 checksum:98014 925b37a8bbaba844fd55d9412504e6dd hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.3_hppa.deb Size/MD5 checksum:21864 6299858cfeac23c4fdf8b50fe19a5055 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.3_hppa.deb Size/MD5 checksum: 107898 210d6ccdf1d312456ac698441e134499 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.3_hppa.deb Size/MD5 checksum: 478190 a6a13ce484870ad2be4d1199f4cfea6c http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.3_hppa.deb Size/MD5 checksum:92302 bc1256dfc82401a89715cbb0f536a068 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.3_i386.deb Size/MD5 checksum:75208 6988a44b88cecade073a6904c493e8b4 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.3_i386.deb Size/MD5 checksum:97908 4ff2cbd6cd9acbbee79f14e15d48adc7 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.3_i386.deb Size/MD5 checksum:18756 278dc87b1e3486ea3a991bf0d3abf058 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.3_i386.deb Size/MD5 checksum: 446560 580e82ae5823628b6ee7ecd2a5cc8f7c ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.3_ia64.deb Size/MD5 checksum: 135808 fd00f7dbc72f06a3a625f5ab86c1628a http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.3_ia64.deb Size/MD5 checksum: 509904 d64bea2db1579d23a32dbd2a3ac5c0a0 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.3_ia64.deb Size/MD5 checksum:97890 5c97da453c7af293c6c102d30ae54f0d http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.3_ia64.deb Size/MD5 checksum:24586 bae98ac866b58083b5e154678a1ad234 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.3_mips.deb Size/MD5 checksum:20856 26f3af2b815946ba3b9aab9cc5471817 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.3_mips.deb Size/MD5 checksum: 104964 e34611f618e661b477904a30c08e10f2 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.3_mips.deb Size/MD5 checksum: 475854 159c69cbf16e2781f26f797457ab26f4 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.3_mips.deb Size/MD5 checksum:81264 4941d0ef2aab217179c220d3b3c6809f mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.3_mipsel.deb Size/MD5 checksum: 104794 861941107d1de71fea1bd9dca3a73ab6 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.3_mipsel.deb Size/MD5 checksum:20826 fde0cd2f795760ff887b45c7deeccfa0 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.3_mipsel.deb Size/MD5 checksum:76810 8f344d1542af05528d6ef544a20746c2 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.3_mipsel.deb Size/MD5 checksum: 469012 4e6244b874bd316d21f1146ffdd24a48 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.3_powerpc.deb Size/MD5 checksum:82406 83e476ad98c021d4171dea3f2b890c4e http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.3_powerpc.deb Size/MD5 checksum:21250 0b7c4c9e2cc832498042146d9bb86ce1 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.3_powerpc.deb Size/MD5 checksum: 105586 152558d69c414909c9304b7364434632 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.3_powerpc.deb Size/MD5 checksum: 475066 4009ab198413d5d9560601493c4ce58a s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.3_s390.deb Size/MD5 checksum: 452610 126f4ebea934f53c8f1f903e344cd125 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.3_s390.deb Size/MD5 checksum:20796 10e68f73a8f106482ab4684e1c234779 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.3_s390.deb Size/MD5 checksum:90424 e654e4abb4e94b4afb944fed2bf9eb9d http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.3_s390.deb Size/MD5 checksum: 102356 52990c6d17a0a270d6c4b27045492521 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis0a_1.1.2.dfsg-1.3_sparc.deb Size/MD5 checksum:98022 d395d89cb57397b6d911ebaed73d878d http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisenc2_1.1.2.dfsg-1.3_sparc.deb Size/MD5 checksum:79658 8cdc39339ca1f94c097aa241cd2da860 http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbis-dev_1.1.2.dfsg-1.3_sparc.deb Size/MD5 checksum: 453244 99e5fafaab83e9249aad89aa8194f79c http://security.debian.org/pool/updates/main/libv/libvorbis/libvorbisfile3_1.1.2.dfsg-1.3_sparc.deb Size/MD5 checksum:17748 890b42f370951c16ecd7451b0bc26c67 -- Debian GNU/Linux unstable alias sid -- Fixed in version 1.2.0.dfsg-1. ORIGINAL ADVISORY: http://lists.debian.org/debian-security-announce/debian-security-announce-2008/msg00031.html OTHER REFERENCES: SA26232: http://secunia.com/advisories/26232/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------