---------------------------------------------------------------------- Want a new job? http://secunia.com/secunia_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/ International Partner Manager - Project Sales in the IT-Security Industry: http://corporate.secunia.com/about_secunia/64/ ---------------------------------------------------------------------- TITLE: Debian update for typo3 SECUNIA ADVISORY ID: SA30660 VERIFY ADVISORY: http://secunia.com/advisories/30660/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting, System access WHERE: >From remote OPERATING SYSTEM: Debian GNU/Linux 4.0 http://secunia.com/product/13844/ Debian GNU/Linux unstable alias sid http://secunia.com/product/530/ DESCRIPTION: Debian has issued an update for typo3. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks, and by malicious users to compromise a vulnerable system. For more information: SA30619 SOLUTION: Apply updated packages. -- Debian GNU/Linux 4.0 alias etch -- Source archives: http://security.debian.org/pool/updates/main/t/typo3-src/typo3-src_4.0.2+debian-5.dsc Size/MD5 checksum: 610 7d777c2c73dfbedc116cadb3c12af767 http://security.debian.org/pool/updates/main/t/typo3-src/typo3-src_4.0.2+debian.orig.tar.gz Size/MD5 checksum: 7683527 be509391b0e4d24278c14100c09dc673 http://security.debian.org/pool/updates/main/t/typo3-src/typo3-src_4.0.2+debian-5.diff.gz Size/MD5 checksum: 18272 06fd4df8cc184d80dd2ec16b96aa350e Architecture independent packages: http://security.debian.org/pool/updates/main/t/typo3-src/typo3_4.0.2+debian-5_all.deb Size/MD5 checksum: 76660 cb7d95cd67e42efb50952615de8a58e4 http://security.debian.org/pool/updates/main/t/typo3-src/typo3-src-4.0_4.0.2+debian-5_all.deb Size/MD5 checksum: 7691566 bb6bb984cd8fc36d3bb26020d9821f43 -- Debian GNU/Linux unstable alias sid -- Fixed in version 4.1.7-1. ORIGINAL ADVISORY: http://lists.debian.org/debian-security-announce/2008/msg00178.html OTHER REFERENCES: SA30619: http://secunia.com/advisories/30619/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------