[SECURITY] New versions of netstd fixes buffer overflows

From: debian-security-announceat_private
Date: Sun Jan 03 1999 - 20:31:10 PST

Next message: Wietse Venema: "Anonymous Qmail Denial of Service"

Previous message: Eivind Eklund: "Re: FreeBSD 2.2.5 Security problem"
Next in thread: Chip Salzenberg: "Re: [SECURITY] New versions of netstd fixes buffer overflows"
Reply: Chip Salzenberg: "Re: [SECURITY] New versions of netstd fixes buffer overflows"
Reply: Wichert Akkerman: "Re: [SECURITY] New versions of netstd fixes buffer overflows"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

--pWyiEgJYm5f9v55/
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable

We have received reports that the netstd suffered from two buffer
overflows. The first problem is an exploitable buffer overflow in the
bootp server. The second problem is an overflow in the FTP client. Both
problems are fixed in a new netstd package, version 3.07-2hamm.4 .

We recommend you upgrade your netstd package immediately.

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

Debian GNU/Linux 2.0 alias hamm
-------------------------------

  This version of Debian was released only for the Intel and the
  Motorola 680x0 architecture.


  Source archives:
    ftp://ftp.debian.org/debian/dists/stable/main/source/net/netstd_3.07.or=
ig.tar.gz
          MD5 checksum: 6f594f125f6eaa168e00c3b2234c34cc
    ftp://ftp.debian.org/debian/dists/proposed-updates/netstd_3.07-2hamm.4.=
diff.gz
      MD5 checksum: 157a50142e263a6add4f128e8c40cb74
    ftp://ftp.debian.org/debian/dists/proposed-updates/netstd_3.07-2hamm.4.=
dsc
      MD5 checksum: eb6548e15741214ab1d16f55a0b2b53b

  Intel architecture:
    ftp://ftp.debian.org/debian/dists/proposed-updates/netstd_3.07-2hamm.4_=
i386.deb
      MD5 checksum: 09e42bdecf569362df94be850605645b

  Motorola 680x0 architecture:
    ftp://ftp.debian.org/debian/dists/proposed-updates/netstd_3.07-2hamm.4_=
m68k.deb
      MD5 checksum: a66b5da8f54d382eaaa53586b498c302

  These files will be moved into
  ftp://ftp.debian.org/debian/dists/hamm/*/binary-$arch/ soon.

For not yet released architectures please refer to the appropriate
directory ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ .

--=20
Debian GNU/Linux      .   Security Managers      .   securityat_private
              debian-security-announceat_private
  Christian Hudon     .     Wichert Akkerman     .     Martin Schulze
<chrishat_private>   .   <wakkermaat_private>  .   <joeyat_private>

--pWyiEgJYm5f9v55/
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia

iQB1AwUBNo/3kajZR/ntlUftAQGWZwL8DmFRH5ehX02T7dy2qayJ/dXXXtDfnHNj
2AmJbNX+lCC+SEXm2m1t2wNnAqp+A4t+/oyJpDKfbucphf6U6+2zpWY1Qvy30Ylm
hswWYEexfEc1uccAzIY+boET2CbgGPTv
=Da1O
-----END PGP SIGNATURE-----

--pWyiEgJYm5f9v55/--


--
To UNSUBSCRIBE, email to debian-security-announce-requestat_private
with a subject of "unsubscribe". Trouble? Contact listmasterat_private

Next message: Wietse Venema: "Anonymous Qmail Denial of Service"
Previous message: Eivind Eklund: "Re: FreeBSD 2.2.5 Security problem"
Next in thread: Chip Salzenberg: "Re: [SECURITY] New versions of netstd fixes buffer overflows"
Reply: Chip Salzenberg: "Re: [SECURITY] New versions of netstd fixes buffer overflows"
Reply: Wichert Akkerman: "Re: [SECURITY] New versions of netstd fixes buffer overflows"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:27:12 PDT