[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[debian-users:50449] [Translate] [SECURITY] [DSA 1562-1] New iceape packages fix arbitrary code execution

From: NAKANO Takeo <nakano@xxxxxxxxxxxxxxx>
Subject: [debian-users:50449] [Translate] [SECURITY] [DSA 1562-1] New iceape packages fix arbitrary code execution
Date: Tue, 29 Apr 2008 11:42:54 +0900
List-help: <mailto:debian-users-ctl@debian.or.jp?body=help>
List-id: debian-users.debian.or.jp
List-owner: <mailto:debian-users-admin@debian.or.jp>
List-post: <mailto:debian-users@debian.or.jp>
List-software: fml [fml 4.0.3 release (20011202/4.0.3)]
List-unsubscribe: <mailto:debian-users-ctl@debian.or.jp?body=unsubscribe>
X-ml-info: If you have a question, send e-mail with the body "help" (without quotes) to the address debian-users-ctl@debian.or.jp; help=<mailto:debian-users-ctl@debian.or.jp?body=help>
X-ml-name: debian-users
X-mlserver: fml [fml 4.0.3 release (20011202/4.0.3)]; post only (only members can post)
X-spam-checker-version: SpamAssassin 3.1.7-deb (2006-10-05) on osdn.debian.or.jp
X-spam-level:
X-spam-status: No, score=-2.2 required=10.0 tests=AWL,KI autolearn=disabled version=3.1.7-deb
Message-id: <080429114253.M0322207@xxxxxxxxxxxxxxxxxxxx>
X-mail-count: 50449
X-mailer: mnews [version 1.22PL6T1(IMAP4,UNICODE)] 2003-02/06(Thu)
中野です。
URL 等は Debian-security-announce メーリングリストの元記事を確認ください。
------------------------------------------------------------------------
Debian Security Advisory DSA-1562-1                  security@debian.org
http://www.debian.org/security/                       Moritz Muehlenhoff
April 28, 2008                        http://www.debian.org/security/faq
------------------------------------------------------------------------

Package        : iceape
Vulnerability  : プログラムエラー
Problem type   : リモート
Debian-specific: いいえ
CVE Id(s)      : CVE-2008-1380

Seamonkey インターネットスイートの非ブランド版である Iceape において、
Javascript エンジンのクラッシュが任意コードの実行につながりうることが
発見されました。

安定版 (stable) ディストリビューション (etch) では、これらの問題は
バージョン 1.0.13~pre080323b-0etch3 で修正されています。

不安定版 (unstable) ディストリビューション (sid) では、これらの問題は
バージョン 1.1.9-2 で修正されています。

直ぐに iceape パッケージをアップグレードすることを勧めます。

アップグレード手順
------------------

wget url
        	でファイルを取得できます。
dpkg -i file.deb
                で参照されたファイルをインストールできます。

apt-get パッケージマネージャを用いている場合には、本メールのフッタ記載の
行を sources.list に加えて、

apt-get update
        を実行して内部データベースを更新し、
apt-get upgrade
        によって修正されたパッケージをインストールしてください。

本メールのフッタ記載の設定を自ホストの設定に加えることにより、自動更新を
行うこともできます。


Debian 4.0 (安定版)
--------------------

安定版の更新は、alpha, amd64, arm, hppa, i386, ia64, mips, mipsel,
powerpc, s390, sparc の各アーキテクチャで提供されています。

ソースアーカイブ:

  http://security.debian.org/pool/updates/main/i/iceape/iceape_1.0.13~pre080323b-0etch3.diff.gz
    Size/MD5 checksum:   272290 65a6cc900463ab3324a42250ce39c10b
  http://security.debian.org/pool/updates/main/i/iceape/iceape_1.0.13~pre080323b.orig.tar.gz
    Size/MD5 checksum: 42900009 f2a3c50d814f6e7015f779b10494fac8
  http://security.debian.org/pool/updates/main/i/iceape/iceape_1.0.13~pre080323b-0etch3.dsc
    Size/MD5 checksum:     1439 7e71d648dcc53a64aa9e8675c09021f8

アーキテクチャに依存しないパッケージ:

  http://security.debian.org/pool/updates/main/i/iceape/mozilla-calendar_1.8+1.0.13~pre080323b-0etch3_all.deb
    Size/MD5 checksum:    27638 9ea252e567314297df273d1d0565c081
  http://security.debian.org/pool/updates/main/i/iceape/mozilla_1.8+1.0.13~pre080323b-0etch3_all.deb
    Size/MD5 checksum:    27636 19e71b334df21b23b2f511830972a0d4
  http://security.debian.org/pool/updates/main/i/iceape/mozilla-dom-inspector_1.8+1.0.13~pre080323b-0etch3_all.deb
    Size/MD5 checksum:    27682 7bfcf10a1034eefac22ae8657dee9bd2
  http://security.debian.org/pool/updates/main/i/iceape/mozilla-dev_1.8+1.0.13~pre080323b-0etch3_all.deb
    Size/MD5 checksum:    27772 36a3464a2d8fd4fc3847039b82dd1f5f
  http://security.debian.org/pool/updates/main/i/iceape/iceape_1.0.13~pre080323b-0etch3_all.deb
    Size/MD5 checksum:    29034 a9f31dc27b4b17c63b783f07c3f8fd2c
  http://security.debian.org/pool/updates/main/i/iceape/mozilla-chatzilla_1.8+1.0.13~pre080323b-0etch3_all.deb
    Size/MD5 checksum:    27650 6894ea2d406646086f60a29c1aba9cbe
  http://security.debian.org/pool/updates/main/i/iceape/iceape-dev_1.0.13~pre080323b-0etch3_all.deb
    Size/MD5 checksum:  3928844 9a28456f31b2b5a06c6e69b175183ab9
  http://security.debian.org/pool/updates/main/i/iceape/mozilla-browser_1.8+1.0.13~pre080323b-0etch3_all.deb
    Size/MD5 checksum:    28606 6e89267d545052a9b053c0b17b02d265
  http://security.debian.org/pool/updates/main/i/iceape/mozilla-js-debugger_1.8+1.0.13~pre080323b-0etch3_all.deb
    Size/MD5 checksum:    27676 fed0fa97fb88ec0c975c432003dffaea
  http://security.debian.org/pool/updates/main/i/iceape/iceape-chatzilla_1.0.13~pre080323b-0etch3_all.deb
    Size/MD5 checksum:   282388 f6e5876a2562123eb182f44a9d28c0f5
  http://security.debian.org/pool/updates/main/i/iceape/mozilla-psm_1.8+1.0.13~pre080323b-0etch3_all.deb
    Size/MD5 checksum:    27644 97fd6c82d0386ed6f1ed8c2b45391634
  http://security.debian.org/pool/updates/main/i/iceape/mozilla-mailnews_1.8+1.0.13~pre080323b-0etch3_all.deb
    Size/MD5 checksum:    27658 67afa911887af3df5a081d9bcaeb9e7b

alpha architecture (DEC Alpha)

  http://security.debian.org/pool/updates/main/i/iceape/iceape-mailnews_1.0.13~pre080323b-0etch3_alpha.deb
    Size/MD5 checksum:  2281694 6688ce20712749da04e7bc0e1f63b531
  http://security.debian.org/pool/updates/main/i/iceape/iceape-gnome-support_1.0.13~pre080323b-0etch3_alpha.deb
    Size/MD5 checksum:    55052 d14150e730a8357b0e2ef81542eb604b
  http://security.debian.org/pool/updates/main/i/iceape/iceape-dbg_1.0.13~pre080323b-0etch3_alpha.deb
    Size/MD5 checksum: 60657374 ebc2656e676b129223a0d7b060205d32
  http://security.debian.org/pool/updates/main/i/iceape/iceape-browser_1.0.13~pre080323b-0etch3_alpha.deb
    Size/MD5 checksum: 12886440 aa35edb178dc8812275a005cb0449e7b
  http://security.debian.org/pool/updates/main/i/iceape/iceape-calendar_1.0.13~pre080323b-0etch3_alpha.deb
    Size/MD5 checksum:   627600 a7801c7ba516484aa2028c91646c2504
  http://security.debian.org/pool/updates/main/i/iceape/iceape-dom-inspector_1.0.13~pre080323b-0etch3_alpha.deb
    Size/MD5 checksum:   199118 44501f7751ab5a2b0e7cab912a132200

amd64 architecture (AMD x86_64 (AMD64))

  http://security.debian.org/pool/updates/main/i/iceape/iceape-dom-inspector_1.0.13~pre080323b-0etch3_amd64.deb
    Size/MD5 checksum:   195524 d36d3e4cf9f7442bb550f5e8675b3036
  http://security.debian.org/pool/updates/main/i/iceape/iceape-calendar_1.0.13~pre080323b-0etch3_amd64.deb
    Size/MD5 checksum:   614288 f1396dbd501a98b181cca52d5ba8e2a8
  http://security.debian.org/pool/updates/main/i/iceape/iceape-dbg_1.0.13~pre080323b-0etch3_amd64.deb
    Size/MD5 checksum: 59660176 f90d321b0a4599135fe16f53338b362f
  http://security.debian.org/pool/updates/main/i/iceape/iceape-mailnews_1.0.13~pre080323b-0etch3_amd64.deb
    Size/MD5 checksum:  2100064 c626d518a1becbf76a23aa064a3ee2eb
  http://security.debian.org/pool/updates/main/i/iceape/iceape-browser_1.0.13~pre080323b-0etch3_amd64.deb
    Size/MD5 checksum: 11692364 6b191980ebc9d493f703b5fedc65081b
  http://security.debian.org/pool/updates/main/i/iceape/iceape-gnome-support_1.0.13~pre080323b-0etch3_amd64.deb
    Size/MD5 checksum:    53836 8695a98820343b899364083a40b03c1a

arm architecture (ARM)

  http://security.debian.org/pool/updates/main/i/iceape/iceape-dbg_1.0.13~pre080323b-0etch3_arm.deb
    Size/MD5 checksum: 58799260 c243477696e8ea19c4263d2656d97c0c
  http://security.debian.org/pool/updates/main/i/iceape/iceape-calendar_1.0.13~pre080323b-0etch3_arm.deb
    Size/MD5 checksum:   586712 0c8a041b5a1d7d41263fa2c27575d607
  http://security.debian.org/pool/updates/main/i/iceape/iceape-mailnews_1.0.13~pre080323b-0etch3_arm.deb
    Size/MD5 checksum:  1917016 7ceb3becd5be4a158bcd28151bd7ab51
  http://security.debian.org/pool/updates/main/i/iceape/iceape-gnome-support_1.0.13~pre080323b-0etch3_arm.deb
    Size/MD5 checksum:    47860 e65b19737b893676a310b8256e4b3b38
  http://security.debian.org/pool/updates/main/i/iceape/iceape-browser_1.0.13~pre080323b-0etch3_arm.deb
    Size/MD5 checksum: 10426174 2d5f6458ed8aca7ee0f8c5ec643c9964
  http://security.debian.org/pool/updates/main/i/iceape/iceape-dom-inspector_1.0.13~pre080323b-0etch3_arm.deb
    Size/MD5 checksum:   187162 a08b63a8fb7f448664b01e52f8de9ffb

hppa architecture (HP PA RISC)

  http://security.debian.org/pool/updates/main/i/iceape/iceape-browser_1.0.13~pre080323b-0etch3_hppa.deb
    Size/MD5 checksum: 12992154 d00f8b54c176ce496f4728c7198d004a
  http://security.debian.org/pool/updates/main/i/iceape/iceape-mailnews_1.0.13~pre080323b-0etch3_hppa.deb
    Size/MD5 checksum:  2349904 356528663fc19599701944ee30afe6ff
  http://security.debian.org/pool/updates/main/i/iceape/iceape-gnome-support_1.0.13~pre080323b-0etch3_hppa.deb
    Size/MD5 checksum:    55244 3edf68481a15575131f426a569a171d4
  http://security.debian.org/pool/updates/main/i/iceape/iceape-dom-inspector_1.0.13~pre080323b-0etch3_hppa.deb
    Size/MD5 checksum:   198650 b7f9775322181a1fd944dd8b3b90681d
  http://security.debian.org/pool/updates/main/i/iceape/iceape-dbg_1.0.13~pre080323b-0etch3_hppa.deb
    Size/MD5 checksum: 60520216 cf8581572da5dedbbd3696ebbb793ba3
  http://security.debian.org/pool/updates/main/i/iceape/iceape-calendar_1.0.13~pre080323b-0etch3_hppa.deb
    Size/MD5 checksum:   619710 ef8266cbebfdfdcf659999c8e67ecbaf

i386 architecture (Intel ia32)

  http://security.debian.org/pool/updates/main/i/iceape/iceape-dom-inspector_1.0.13~pre080323b-0etch3_i386.deb
    Size/MD5 checksum:   190234 f3f876cbc5cf3efec5ceb50a2c23d8dd
  http://security.debian.org/pool/updates/main/i/iceape/iceape-dbg_1.0.13~pre080323b-0etch3_i386.deb
    Size/MD5 checksum: 58741446 e2afabfab01c0a75295864916a20f0ca
  http://security.debian.org/pool/updates/main/i/iceape/iceape-browser_1.0.13~pre080323b-0etch3_i386.deb
    Size/MD5 checksum: 10481106 9f7420c8033d5783cbfdd40ec9dc91ff
  http://security.debian.org/pool/updates/main/i/iceape/iceape-gnome-support_1.0.13~pre080323b-0etch3_i386.deb
    Size/MD5 checksum:    48872 226a49cb7be9ba105ed34ec974dd59c4
  http://security.debian.org/pool/updates/main/i/iceape/iceape-calendar_1.0.13~pre080323b-0etch3_i386.deb
    Size/MD5 checksum:   589458 3de29c0ae9e2a230ffbfcd5126822f4a
  http://security.debian.org/pool/updates/main/i/iceape/iceape-mailnews_1.0.13~pre080323b-0etch3_i386.deb
    Size/MD5 checksum:  1892130 05cccfec539b244127470556c51984e5

ia64 architecture (Intel ia64)

  http://security.debian.org/pool/updates/main/i/iceape/iceape-calendar_1.0.13~pre080323b-0etch3_ia64.deb
    Size/MD5 checksum:   662418 ae517af1ffb77c7b51235872f7d80312
  http://security.debian.org/pool/updates/main/i/iceape/iceape-browser_1.0.13~pre080323b-0etch3_ia64.deb
    Size/MD5 checksum: 15794624 93cc77d14a609e82d121e56cc2c27bfc
  http://security.debian.org/pool/updates/main/i/iceape/iceape-mailnews_1.0.13~pre080323b-0etch3_ia64.deb
    Size/MD5 checksum:  2817276 41d813a7f813ac4f4b0f41a456cc02f7
  http://security.debian.org/pool/updates/main/i/iceape/iceape-gnome-support_1.0.13~pre080323b-0etch3_ia64.deb
    Size/MD5 checksum:    62370 b097cd29fa93c5529673cb6b51dc9fad
  http://security.debian.org/pool/updates/main/i/iceape/iceape-dbg_1.0.13~pre080323b-0etch3_ia64.deb
    Size/MD5 checksum: 59920168 46992c61685020d55a2d3f5954f4c1dd
  http://security.debian.org/pool/updates/main/i/iceape/iceape-dom-inspector_1.0.13~pre080323b-0etch3_ia64.deb
    Size/MD5 checksum:   205156 235d6ba67f58d4796d75375ee0c9d488

mips architecture (MIPS (Big Endian))

  http://security.debian.org/pool/updates/main/i/iceape/iceape-gnome-support_1.0.13~pre080323b-0etch3_mips.deb
    Size/MD5 checksum:    50344 34df46c921c10427bd2be8f81a588b67
  http://security.debian.org/pool/updates/main/i/iceape/iceape-mailnews_1.0.13~pre080323b-0etch3_mips.deb
    Size/MD5 checksum:  1959720 6d82bdd9b96c072b4f693fe578c9366f
  http://security.debian.org/pool/updates/main/i/iceape/iceape-calendar_1.0.13~pre080323b-0etch3_mips.deb
    Size/MD5 checksum:   599894 deea3ff0702f70c48628d34dc63c373b
  http://security.debian.org/pool/updates/main/i/iceape/iceape-dbg_1.0.13~pre080323b-0etch3_mips.deb
    Size/MD5 checksum: 61515672 e493c5a6ac2fca145163c27dddfbeb44
  http://security.debian.org/pool/updates/main/i/iceape/iceape-dom-inspector_1.0.13~pre080323b-0etch3_mips.deb
    Size/MD5 checksum:   191488 63738c541fadb3092eead2f3e5f1cd26
  http://security.debian.org/pool/updates/main/i/iceape/iceape-browser_1.0.13~pre080323b-0etch3_mips.deb
    Size/MD5 checksum: 11157416 e39b38cad58bfca703d7d3a332a63d1b

mipsel architecture (MIPS (Little Endian))

  http://security.debian.org/pool/updates/main/i/iceape/iceape-dom-inspector_1.0.13~pre080323b-0etch3_mipsel.deb
    Size/MD5 checksum:   191704 36ee86fdbd01a7d250ecb028bca5ad5b
  http://security.debian.org/pool/updates/main/i/iceape/iceape-dbg_1.0.13~pre080323b-0etch3_mipsel.deb
    Size/MD5 checksum: 59864044 65cb18ae21e9231db157d41b5d91f12c
  http://security.debian.org/pool/updates/main/i/iceape/iceape-mailnews_1.0.13~pre080323b-0etch3_mipsel.deb
    Size/MD5 checksum:  1942838 94c7f270fd6fdc8142d41b202df8eefd
  http://security.debian.org/pool/updates/main/i/iceape/iceape-gnome-support_1.0.13~pre080323b-0etch3_mipsel.deb
    Size/MD5 checksum:    50204 3243edf82c2bcbd7784393cda8a2c1e6
  http://security.debian.org/pool/updates/main/i/iceape/iceape-browser_1.0.13~pre080323b-0etch3_mipsel.deb
    Size/MD5 checksum: 10911166 7d75c7d1918658e1a6f6435780e0885d
  http://security.debian.org/pool/updates/main/i/iceape/iceape-calendar_1.0.13~pre080323b-0etch3_mipsel.deb
    Size/MD5 checksum:   596506 62a92a8f8a703393df92d595250c5669

powerpc architecture (PowerPC)

  http://security.debian.org/pool/updates/main/i/iceape/iceape-dbg_1.0.13~pre080323b-0etch3_powerpc.deb
    Size/MD5 checksum: 61652008 2891f06dc14d01571cd67c63391aabc2
  http://security.debian.org/pool/updates/main/i/iceape/iceape-calendar_1.0.13~pre080323b-0etch3_powerpc.deb
    Size/MD5 checksum:   596662 5a7f977f5e1ebb9e27d3f1faf969a573
  http://security.debian.org/pool/updates/main/i/iceape/iceape-mailnews_1.0.13~pre080323b-0etch3_powerpc.deb
    Size/MD5 checksum:  2006874 aa7cf8f2b5bd5091b889185f55460a40
  http://security.debian.org/pool/updates/main/i/iceape/iceape-gnome-support_1.0.13~pre080323b-0etch3_powerpc.deb
    Size/MD5 checksum:    49666 0a376f9b57ed80972ba170533623fb7f
  http://security.debian.org/pool/updates/main/i/iceape/iceape-dom-inspector_1.0.13~pre080323b-0etch3_powerpc.deb
    Size/MD5 checksum:   192472 494082cc73ee91c15d8c102015e27357
  http://security.debian.org/pool/updates/main/i/iceape/iceape-browser_1.0.13~pre080323b-0etch3_powerpc.deb
    Size/MD5 checksum: 11310932 7995d14bb7fb8ccc76c7b70e9ce93204

s390 architecture (IBM S/390)

  http://security.debian.org/pool/updates/main/i/iceape/iceape-gnome-support_1.0.13~pre080323b-0etch3_s390.deb
    Size/MD5 checksum:    54436 685ac8c473a6d6f2f33d31c74a334238
  http://security.debian.org/pool/updates/main/i/iceape/iceape-mailnews_1.0.13~pre080323b-0etch3_s390.deb
    Size/MD5 checksum:  2186280 5db2c2e519c5f8e76061ce6c48d851a3
  http://security.debian.org/pool/updates/main/i/iceape/iceape-dbg_1.0.13~pre080323b-0etch3_s390.deb
    Size/MD5 checksum: 60408272 b141b0de2b3e3e9cd2bef50b0a956050
  http://security.debian.org/pool/updates/main/i/iceape/iceape-browser_1.0.13~pre080323b-0etch3_s390.deb
    Size/MD5 checksum: 12288534 1b3cd06388c789d7a977fe9b284b19ab
  http://security.debian.org/pool/updates/main/i/iceape/iceape-dom-inspector_1.0.13~pre080323b-0etch3_s390.deb
    Size/MD5 checksum:   197338 8981bee198dad3399e7e5bc293785537
  http://security.debian.org/pool/updates/main/i/iceape/iceape-calendar_1.0.13~pre080323b-0etch3_s390.deb
    Size/MD5 checksum:   612218 be67de61abb2e447a34c0eaf706498df

sparc architecture (Sun SPARC/UltraSPARC)

  http://security.debian.org/pool/updates/main/i/iceape/iceape-mailnews_1.0.13~pre080323b-0etch3_sparc.deb
    Size/MD5 checksum:  1896522 7212773ff30ee7f0c9c268738f022e46
  http://security.debian.org/pool/updates/main/i/iceape/iceape-dom-inspector_1.0.13~pre080323b-0etch3_sparc.deb
    Size/MD5 checksum:   190132 8731cfeb8d89d4006f5b53836f25f02b
  http://security.debian.org/pool/updates/main/i/iceape/iceape-gnome-support_1.0.13~pre080323b-0etch3_sparc.deb
    Size/MD5 checksum:    48478 d131f30545b3aa2ca2008e983ad4ef9f
  http://security.debian.org/pool/updates/main/i/iceape/iceape-calendar_1.0.13~pre080323b-0etch3_sparc.deb
    Size/MD5 checksum:   585808 352c0eb180728a70c5b805839b5a7e67
  http://security.debian.org/pool/updates/main/i/iceape/iceape-dbg_1.0.13~pre080323b-0etch3_sparc.deb
    Size/MD5 checksum: 58543536 92de9dc46e407a7c23f95023ad3a4a91
  http://security.debian.org/pool/updates/main/i/iceape/iceape-browser_1.0.13~pre080323b-0etch3_sparc.deb
    Size/MD5 checksum: 10660224 c21e2625875cf929b9a01767c203c9cd


  これらのファイルは次の版の安定版リリース時そちらに移されます。

---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
Prev by Date: [debian-users:50448] [Translate] [SECURITY] [DSA 1561-1] New ldm packages fix information disclosure
Next by Date: [debian-users:50450] Re: gnomeメニューに追加する方法？
Previous by thread: [debian-users:50448] [Translate] [SECURITY] [DSA 1561-1] New ldm packages fix information disclosure
Index(es):
- Date
- Thread