[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[debian-users:49694] [Translate] [SECURITY] [DSA 1397-1] New mono packages fix integer overflow



かねこです。
URL 等は Debian-security-announce メーリングリストの元記事を確認
ください。

------>8------------>8------------>8------------>8------------>8-
- --------------------------------------------------------------------------
Debian Security Advisory DSA 1397-1                    security@debian.org
http://www.debian.org/security/                         Moritz Muehlenhoff
November 3rd, 2007                      http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : mono
Vulnerability  : 整数オーバフロー
Problem-Type   : ローカル
Debian-specific: いいえ
CVE ID         : CVE-2007-5197

フリーの .NET ランタイム Mono の Big integer データタイプ実装に整数オーバ
フローが発見されました。

旧安定版 (sarge) には mono パッケージは収録されていません。

安定版 (stable) ディストリビューション (etch) では、この問題はバージョン
1.2.2.1-1etch1 で修正されています。powerpc 向けビルドは後日提供予定です。

不安定版ディストリビューション (sid) では、近く修正予定です。

直ぐに mono パッケージをアップグレードすることを勧めます。


アップグレード手順
------------------

wget url
        	でファイルを取得できます。
dpkg -i file.deb
                で参照されたファイルをインストールできます。

apt-get パッケージマネージャを用いている場合には、本メールのフッタ記載の
行を sources.list に加えて、

apt-get update
        を実行して内部データベースを更新し、
apt-get upgrade
        によって修正されたパッケージをインストールしてください。

本メールのフッタ記載の設定を自ホストの設定に加えることにより、自動更新を
行うこともできます。



Debian GNU/Linux 4.0 alias etch
- -------------------------------

  ソースアーカイブ:

    http://security.debian.org/pool/updates/main/m/mono/mono_1.2.2.1-1etch1.dsc
      Size/MD5 checksum:     2536 690ff9b73b11712dafff48f4e573d844
    http://security.debian.org/pool/updates/main/m/mono/mono_1.2.2.1-1etch1.diff.gz
      Size/MD5 checksum:    42815 a36c23b70d5f8c5042bae441c648f52b
    http://security.debian.org/pool/updates/main/m/mono/mono_1.2.2.1.orig.tar.gz
      Size/MD5 checksum: 19979026 b67ef657b83ca26249d7b9e9c5e7da69

  アーキテクチャに依存しない内容:


http://security.debian.org/pool/updates/main/m/mono/libmono-accessibility1.0-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:    20926 d02d121b86ea13531199e1786e73d1c3

http://security.debian.org/pool/updates/main/m/mono/libmono-accessibility2.0-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:    20856 e0e9b75f711cb831d6348ccc9b2e7c07

http://security.debian.org/pool/updates/main/m/mono/libmono-bytefx0.7.6.1-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:    88810 f9d42b9343e99e77ad20709bb8372b51

http://security.debian.org/pool/updates/main/m/mono/libmono-bytefx0.7.6.2-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:    88862 685c943b69999d6a7adf5038985c08b5

http://security.debian.org/pool/updates/main/m/mono/libmono-c5-1.0-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:   223620 878f83d238af926295a8fa6afe8df3e0

http://security.debian.org/pool/updates/main/m/mono/libmono-cairo1.0-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:    46194 9ec684d4784404eaa6d35ff0d3444311

http://security.debian.org/pool/updates/main/m/mono/libmono-cairo2.0-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:    46008 e7aa7d9c6fd374cfd0b1633525928c7a

http://security.debian.org/pool/updates/main/m/mono/libmono-corlib1.0-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:  1796690 e2d33d239a6d10e7ff936a0d8d99c428

http://security.debian.org/pool/updates/main/m/mono/libmono-corlib2.0-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:  2042898 03abdd8d7dc89bb7042b50a963736b34

http://security.debian.org/pool/updates/main/m/mono/libmono-cscompmgd7.0-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:    24964 c2efe20fe8ca262dbb9528f8d074f01c

http://security.debian.org/pool/updates/main/m/mono/libmono-cscompmgd8.0-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:    25184 0269e6ecb0c42331bf0b84027c365016

http://security.debian.org/pool/updates/main/m/mono/libmono-data-tds1.0-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:    63412 adddd438a4bdd6c8d67724d78c7575ba

http://security.debian.org/pool/updates/main/m/mono/libmono-data-tds2.0-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:    66572 8d0383577fab9fda56fb3a591cf3f4bb

http://security.debian.org/pool/updates/main/m/mono/libmono-firebirdsql1.7-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:   288208 a618ebd6f6be362e742e13c40b9ac645

http://security.debian.org/pool/updates/main/m/mono/libmono-ldap1.0-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:   209962 7ff6bc9fe2f8edbb71860156f005a85e

http://security.debian.org/pool/updates/main/m/mono/libmono-ldap2.0-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:   209924 520f9d0b7f504e996a768173bbbe702f

http://security.debian.org/pool/updates/main/m/mono/libmono-microsoft-build2.0-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:   207936 f7033604ac795332aee7dca7eaffab7b

http://security.debian.org/pool/updates/main/m/mono/libmono-microsoft7.0-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:   256114 b086fad7713d77ec53334caa664fcfab

http://security.debian.org/pool/updates/main/m/mono/libmono-microsoft8.0-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:   256164 7dcaf6bae502b45bb7d1c23474791d0b

http://security.debian.org/pool/updates/main/m/mono/libmono-npgsql1.0-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:   128044 d12d1f98efb116b4f3b14fe149b18106

http://security.debian.org/pool/updates/main/m/mono/libmono-npgsql2.0-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:   128046 722eb37bc3525c9094f5efaed0e27bf5

http://security.debian.org/pool/updates/main/m/mono/libmono-oracle1.0-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:   111426 f52ddfc4e9224df1bfa2a9ecfd6a654a

http://security.debian.org/pool/updates/main/m/mono/libmono-oracle2.0-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:   111038 737f5cad01c2de39b98c887f1377a8a1

http://security.debian.org/pool/updates/main/m/mono/libmono-peapi1.0-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:    99162 5d8084c4fb47df3811aad75b56030976

http://security.debian.org/pool/updates/main/m/mono/libmono-peapi2.0-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:    99252 9d3947b9476412b0d3b4801de3aa0174

http://security.debian.org/pool/updates/main/m/mono/libmono-relaxng1.0-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:   171852 7bb5b1a89f808b4b1e944f1fe7e9b325

http://security.debian.org/pool/updates/main/m/mono/libmono-relaxng2.0-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:   172276 76927b2c2acb8bbf1401b2f08873dac8

http://security.debian.org/pool/updates/main/m/mono/libmono-security1.0-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:   232218 cc64c5987ebfe92ec336263d21fb0f47

http://security.debian.org/pool/updates/main/m/mono/libmono-security2.0-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:   233346 124a4af44bec04cbb95e221eeeb44a4a

http://security.debian.org/pool/updates/main/m/mono/libmono-sharpzip0.6-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:   105428 0c45cd7bde57d392ad277e0b2b8021dc

http://security.debian.org/pool/updates/main/m/mono/libmono-sharpzip0.84-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:   126244 4ed4164c8826b6bdded35eb84fc382d7

http://security.debian.org/pool/updates/main/m/mono/libmono-sharpzip2.6-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:   105506 2fe08a03e7c51a3e9d4d6aa8762cb37b

http://security.debian.org/pool/updates/main/m/mono/libmono-sharpzip2.84-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:   126304 743cafdb99c5b3a3e35b5f9e2e2f08ff

http://security.debian.org/pool/updates/main/m/mono/libmono-sqlite1.0-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:    43516 3327d1d49bc97d19db2d0a8b61a26917

http://security.debian.org/pool/updates/main/m/mono/libmono-sqlite2.0-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:    43506 f57fa7a5fe65a406d6d2b45c59e16bd3

http://security.debian.org/pool/updates/main/m/mono/libmono-system-data1.0-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:   435142 87789fcd551d9d50c03685101f131946

http://security.debian.org/pool/updates/main/m/mono/libmono-system-data2.0-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:   519990 115c23eb418c955f2ed707a6d74b36f6

http://security.debian.org/pool/updates/main/m/mono/libmono-system-ldap1.0-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:    48114 8309c8db106d7d899753b5423edc4300

http://security.debian.org/pool/updates/main/m/mono/libmono-system-ldap2.0-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:    48074 80b8760b5f12c9d629f41f2746c7f244

http://security.debian.org/pool/updates/main/m/mono/libmono-system-messaging1.0-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:    64276 dc332b77384c875f2d796d84bef786fb

http://security.debian.org/pool/updates/main/m/mono/libmono-system-messaging2.0-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:    64264 6c5ccefd9ada8cb31fe05de0f1529f07

http://security.debian.org/pool/updates/main/m/mono/libmono-system-runtime1.0-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:   112958 9c9f35dd37ba3fdadc37a2dead326fa5

http://security.debian.org/pool/updates/main/m/mono/libmono-system-runtime2.0-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:   130466 5f73bd56ea1b7d3fad8f07592a4af67e

http://security.debian.org/pool/updates/main/m/mono/libmono-system-web1.0-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:   738654 23e25d755446735f77797ae4dbcf02a4

http://security.debian.org/pool/updates/main/m/mono/libmono-system-web2.0-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:  1447448 cc0e9de505364ce60d46a295ad1fad4f

http://security.debian.org/pool/updates/main/m/mono/libmono-system1.0-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:  1686030 8ddfa23403689c1f97886a9e1a865db3

http://security.debian.org/pool/updates/main/m/mono/libmono-system2.0-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:  2224592 0f9b0518dc09a98a5ac01d28b84fd43c

http://security.debian.org/pool/updates/main/m/mono/libmono-winforms1.0-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:  1393032 3f65fa6c71f92ad4588a7318276c378e

http://security.debian.org/pool/updates/main/m/mono/libmono-winforms2.0-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:  1689678 216ae80afc19d2eb5e94cd33cb6efdfe

http://security.debian.org/pool/updates/main/m/mono/libmono1.0-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:   394524 bc958956b138b0172a77cd9adcce733a

http://security.debian.org/pool/updates/main/m/mono/libmono2.0-cil_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:   394534 f3360dc37e12b0814ca32ca48852fc66
    http://security.debian.org/pool/updates/main/m/mono/mono-gac_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:    30680 15bbcbf06bb771d85067bbb5fe4973cd
    http://security.debian.org/pool/updates/main/m/mono/mono-gmcs_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:   815244 386ad3abda1bc137e9e26327ef8f729a
    http://security.debian.org/pool/updates/main/m/mono/mono-mcs_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:   988382 ea67fcc1e19fa99975c5c880543a1990
    http://security.debian.org/pool/updates/main/m/mono/mono-mjs_1.2.2.1-1etch1_all.deb
      Size/MD5 checksum:    26752 805b856b0c85816b99e1ade3c3509f02

  AMD64 architecture:


http://security.debian.org/pool/updates/main/m/mono/libmono-dev_1.2.2.1-1etch1_amd64.deb
      Size/MD5 checksum:  1142876 5f299302075de6463557074fe9c70dc9
    http://security.debian.org/pool/updates/main/m/mono/libmono0_1.2.2.1-1etch1_amd64.deb
      Size/MD5 checksum:   850862 c54a56330b1f23cf654afaeaeb273943
    http://security.debian.org/pool/updates/main/m/mono/mono_1.2.2.1-1etch1_amd64.deb
      Size/MD5 checksum:     1224 e76e27f0bf91ee4560a2472557075355

http://security.debian.org/pool/updates/main/m/mono/mono-common_1.2.2.1-1etch1_amd64.deb
      Size/MD5 checksum:    97088 13b15c279671ca4220a1fb1df589b026

http://security.debian.org/pool/updates/main/m/mono/mono-devel_1.2.2.1-1etch1_amd64.deb
      Size/MD5 checksum:    17084 01a4c5bdb22091672ca682c06f91bb1a
    http://security.debian.org/pool/updates/main/m/mono/mono-jay_1.2.2.1-1etch1_amd64.deb
      Size/MD5 checksum:    61050 4fc383315e15cb7348aec6b3482ce5a6
    http://security.debian.org/pool/updates/main/m/mono/mono-jit_1.2.2.1-1etch1_amd64.deb
      Size/MD5 checksum:   745536 eedf98656a6e2f2624ea54507fffa111

http://security.debian.org/pool/updates/main/m/mono/mono-runtime_1.2.2.1-1etch1_amd64.deb
      Size/MD5 checksum:    17054 b4011469915df10de91196be9bb0f0c6

http://security.debian.org/pool/updates/main/m/mono/mono-utils_1.2.2.1-1etch1_amd64.deb
      Size/MD5 checksum:  1120806 76e7635cea950b89efe22cebe3ddd183

  ARM architecture:


http://security.debian.org/pool/updates/main/m/mono/libmono-dev_1.2.2.1-1etch1_arm.deb
      Size/MD5 checksum:  1055134 feb1dae790628d833aeb1ad5d5b49a47
    http://security.debian.org/pool/updates/main/m/mono/libmono0_1.2.2.1-1etch1_arm.deb
      Size/MD5 checksum:   782388 0363966b23932b51b4808dc298588b45
    http://security.debian.org/pool/updates/main/m/mono/mono_1.2.2.1-1etch1_arm.deb
      Size/MD5 checksum:     1224 b131a782076ff0241813f355b4224a63

http://security.debian.org/pool/updates/main/m/mono/mono-common_1.2.2.1-1etch1_arm.deb
      Size/MD5 checksum:    95752 c0edfa13fae9e22608665fc33c264a15
    http://security.debian.org/pool/updates/main/m/mono/mono-devel_1.2.2.1-1etch1_arm.deb
      Size/MD5 checksum:    17088 c20515b05d012e85d4bbc42f6840e28e
    http://security.debian.org/pool/updates/main/m/mono/mono-jay_1.2.2.1-1etch1_arm.deb
      Size/MD5 checksum:    61398 b9d465c9e67af1082e572db1067d273c
    http://security.debian.org/pool/updates/main/m/mono/mono-jit_1.2.2.1-1etch1_arm.deb
      Size/MD5 checksum:   679070 4ad5ee1e7f10585abb1cdfae1623c586

http://security.debian.org/pool/updates/main/m/mono/mono-runtime_1.2.2.1-1etch1_arm.deb
      Size/MD5 checksum:    17052 63425b4783337dfbeff8d22000da0b20
    http://security.debian.org/pool/updates/main/m/mono/mono-utils_1.2.2.1-1etch1_arm.deb
      Size/MD5 checksum:  1055504 54613267f35d45757077a81770ee7bf0

  Intel IA-32 architecture:


http://security.debian.org/pool/updates/main/m/mono/libmono-dev_1.2.2.1-1etch1_i386.deb
      Size/MD5 checksum:  1056588 ab6bec82baebd30a61d9d86bd142ba99
    http://security.debian.org/pool/updates/main/m/mono/libmono0_1.2.2.1-1etch1_i386.deb
      Size/MD5 checksum:   775306 f4ab41beb2e68058ab6c8d6abb1884da
    http://security.debian.org/pool/updates/main/m/mono/mono_1.2.2.1-1etch1_i386.deb
      Size/MD5 checksum:     1222 f7c3d2e9d42d3f2fa4caa99050219f4f

http://security.debian.org/pool/updates/main/m/mono/mono-common_1.2.2.1-1etch1_i386.deb
      Size/MD5 checksum:    96800 609cf64aeccde22225d667c51cd2adc0

http://security.debian.org/pool/updates/main/m/mono/mono-devel_1.2.2.1-1etch1_i386.deb
      Size/MD5 checksum:    17080 ebc41e48782f7fdee64e73347e8bb0a6
    http://security.debian.org/pool/updates/main/m/mono/mono-jay_1.2.2.1-1etch1_i386.deb
      Size/MD5 checksum:    54994 4e751e2a709951b6a4e5030c9e4437e9
    http://security.debian.org/pool/updates/main/m/mono/mono-jit_1.2.2.1-1etch1_i386.deb
      Size/MD5 checksum:   670186 7e55db852cb362f68336b6a1ead157ad

http://security.debian.org/pool/updates/main/m/mono/mono-runtime_1.2.2.1-1etch1_i386.deb
      Size/MD5 checksum:    17044 1996e25314bc972f7c7ceef44c3a1a30

http://security.debian.org/pool/updates/main/m/mono/mono-utils_1.2.2.1-1etch1_i386.deb
      Size/MD5 checksum:  1035690 2728352f87d6d6b68a637a259da9b2ae

  Intel IA-64 architecture:


http://security.debian.org/pool/updates/main/m/mono/libmono-dev_1.2.2.1-1etch1_ia64.deb
      Size/MD5 checksum:  1572222 942b9dae42083392f09e962b1dcff8d8
    http://security.debian.org/pool/updates/main/m/mono/libmono0_1.2.2.1-1etch1_ia64.deb
      Size/MD5 checksum:  1153008 c1c446735dcddacdc406898080f27fd2
    http://security.debian.org/pool/updates/main/m/mono/mono_1.2.2.1-1etch1_ia64.deb
      Size/MD5 checksum:     1220 9d62681eca4e2327eeb109905009ebf6

http://security.debian.org/pool/updates/main/m/mono/mono-common_1.2.2.1-1etch1_ia64.deb
      Size/MD5 checksum:    99040 750b89739f7a5f1dc2051686514561df

http://security.debian.org/pool/updates/main/m/mono/mono-devel_1.2.2.1-1etch1_ia64.deb
      Size/MD5 checksum:    17082 78680ea864fc7fd56701748da60f761e
    http://security.debian.org/pool/updates/main/m/mono/mono-jay_1.2.2.1-1etch1_ia64.deb
      Size/MD5 checksum:    81032 2ec0d0295ec74cdc69ab2638afc7bb9f
    http://security.debian.org/pool/updates/main/m/mono/mono-jit_1.2.2.1-1etch1_ia64.deb
      Size/MD5 checksum:  1052472 f1e13c743493c8abb0738313f96b9851

http://security.debian.org/pool/updates/main/m/mono/mono-runtime_1.2.2.1-1etch1_ia64.deb
      Size/MD5 checksum:    17050 ecb577d4e3506910c7b3b857d3b0d04a

http://security.debian.org/pool/updates/main/m/mono/mono-utils_1.2.2.1-1etch1_ia64.deb
      Size/MD5 checksum:  1515488 8201bc0b63900af5706b36239380c3f4


  これらのファイルは次の版の安定版リリース時そちらに移されます。


- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
------>8------------>8------------>8------------>8------------>8-
-- 
Seiji Kaneko                         skaneko@xxxxxxxxxxxx
---------------------------------------------------------