[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[debian-users:51914] [Translate] [SECURITY] [DSA 1719-1] New gnutls13 packages fix certificate validation
かねこです。
URL 等は Debian-security-announce メーリングリストの元記事を確認
ください。
------>8------------>8------------>8------------>8------------>8-
- ------------------------------------------------------------------------
Debian Security Advisory DSA-1719-1 security@debian.org
http://www.debian.org/security/ Florian Weimer
February 10, 2009 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : gnutls13
Vulnerability : 設計ミス
Problem type : リモート
Debian-specific: いいえ
CVE Id(s) : CVE-2008-4989
Debian Bug : 505360
Martin von Gagern さんにより、TLS/SSL プロトコル実装 GNUTLS が自己署名を持
つ証明書が信用できる証明書として設定されている場合に、X.509 証明書チェイン
の処理を誤っていることが発見されました。この結果、偽サーバの証明書を純正な
ものとして扱う可能性があります (CVE-2008-4989)。
これに加えて、今回の更新では X.509v1 証明書のチェックを厳格にしているため、
以前は GNUTLS が受け入れていた証明書が拒絶される場合があります。これは、証
明書チェイン処理で、アプリケーションから明示的に要求されない限り、GNUTLS
が X.509v1 証明書を認識しないように変更されたためです。
安定版 (stable) ディストリビューション (etch) では、この問題はバージョン
1.4.4-3+etch3 で修正されています。
不安定版 (unstable) ディストリビューション (sid) では、この問題はバージョ
ン 2.4.2-3 of the gnutls26 package で修正されています。
直ぐに gnutls13 パッケージをアップグレードすることを勧めます。
アップグレード手順
------------------
wget url
でファイルを取得できます。
dpkg -i file.deb
で参照されたファイルをインストールできます。
apt-get パッケージマネージャを用いている場合には、本メールのフッタ記載の
行を sources.list に加えて、
apt-get update
を実行して内部データベースを更新し、
apt-get upgrade
によって修正されたパッケージをインストールしてください。
本メールのフッタ記載の設定を自ホストの設定に加えることにより、自動更新を
行うこともできます。
Debian GNU/Linux 4.0 alias etch
- -------------------------------
ソースアーカイブ:
http://security.debian.org/pool/updates/main/g/gnutls13/gnutls13_1.4.4-3+etch2.dsc
Size/MD5 checksum: 967 97d676fb2a9de5a2706da79baf5fc53f
http://security.debian.org/pool/updates/main/g/gnutls13/gnutls13_1.4.4-3+etch3.diff.gz
Size/MD5 checksum: 20931 d1f9a5483e2ff3b6f799f14cc90e0ba4
http://security.debian.org/pool/updates/main/g/gnutls13/gnutls13_1.4.4.orig.tar.gz
Size/MD5 checksum: 4752009 c06ada020e2b69caa51833175d59f8b2
http://security.debian.org/pool/updates/main/g/gnutls13/gnutls13_1.4.4-3+etch2.diff.gz
Size/MD5 checksum: 19550 d362897a57e2bac2f059413ea29540be
http://security.debian.org/pool/updates/main/g/gnutls13/gnutls13_1.4.4-3+etch3.dsc
Size/MD5 checksum: 967 c523874d91b1d19b0a59c6d51ada21e6
アーキテクチャに依存しないパッケージ:
http://security.debian.org/pool/updates/main/g/gnutls13/gnutls-doc_1.4.4-3+etch2_all.deb
Size/MD5 checksum: 2315360 2892fedc83604472a40cb9e16b64fad2
http://security.debian.org/pool/updates/main/g/gnutls13/gnutls-doc_1.4.4-3+etch3_all.deb
Size/MD5 checksum: 2315508 9fe5532897a55d3f8b2954a7294920e1
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13_1.4.4-3+etch3_alpha.deb
Size/MD5 checksum: 328102 19e0618dac4d13a9d284019365ef07f9
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13-dbg_1.4.4-3+etch2_alpha.deb
Size/MD5 checksum: 547328 0fc6cb94c0a9b65067fc17e0db0e4e7c
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls-dev_1.4.4-3+etch2_alpha.deb
Size/MD5 checksum: 523950 a149137fe64abc4b7e33d66e1345b9c0
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls-dev_1.4.4-3+etch3_alpha.deb
Size/MD5 checksum: 524034 0d510406095b7f9bf9dd06b74502c94a
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13_1.4.4-3+etch2_alpha.deb
Size/MD5 checksum: 327990 8b39649670392f353c183032aab1040b
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13-dbg_1.4.4-3+etch3_alpha.deb
Size/MD5 checksum: 547418 fd17990e04770d7447e6fd136cb0f726
http://security.debian.org/pool/updates/main/g/gnutls13/gnutls-bin_1.4.4-3+etch2_alpha.deb
Size/MD5 checksum: 196336 a2385c40d8118a84442449d7720d4437
http://security.debian.org/pool/updates/main/g/gnutls13/gnutls-bin_1.4.4-3+etch3_alpha.deb
Size/MD5 checksum: 196416 9b570f6739f2071ef8e857f897b0fe73
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13_1.4.4-3+etch3_amd64.deb
Size/MD5 checksum: 314678 9a2fca4364ab01e77da051e1c637cace
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13-dbg_1.4.4-3+etch2_amd64.deb
Size/MD5 checksum: 538540 9bad40a6891bacf73ab92d492946439e
http://security.debian.org/pool/updates/main/g/gnutls13/gnutls-bin_1.4.4-3+etch2_amd64.deb
Size/MD5 checksum: 183432 04c381e380452347c0b8c866cd32a0d1
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13_1.4.4-3+etch2_amd64.deb
Size/MD5 checksum: 314542 bd3466107c5a3e81bae9fc6ce16b3f07
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls-dev_1.4.4-3+etch3_amd64.deb
Size/MD5 checksum: 389192 7e1f1ee9b50dbe59303ee92d06d638f9
http://security.debian.org/pool/updates/main/g/gnutls13/gnutls-bin_1.4.4-3+etch3_amd64.deb
Size/MD5 checksum: 183526 deb90128a086f94d4213ae8d0ebb2aac
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls-dev_1.4.4-3+etch2_amd64.deb
Size/MD5 checksum: 389078 937898ee8ebfbb6c96ec327182aa66c9
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13-dbg_1.4.4-3+etch3_amd64.deb
Size/MD5 checksum: 538694 30f0f5f5236de80b969ab142003facda
arm architecture (ARM)
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls-dev_1.4.4-3+etch3_arm.deb
Size/MD5 checksum: 355130 d314daec4d8653d21f5aa755b133ce44
http://security.debian.org/pool/updates/main/g/gnutls13/gnutls-bin_1.4.4-3+etch2_arm.deb
Size/MD5 checksum: 169734 a0760138aa40ef409bebc45f21482fa6
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13_1.4.4-3+etch3_arm.deb
Size/MD5 checksum: 283218 86a51ac92283cf4d41f8b80e208d3ea0
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13_1.4.4-3+etch2_arm.deb
Size/MD5 checksum: 283146 490e93a8fb47792bab27befcfaba59c4
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13-dbg_1.4.4-3+etch2_arm.deb
Size/MD5 checksum: 510986 734ae4e95a95858b98a9aadf3df89e27
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls-dev_1.4.4-3+etch2_arm.deb
Size/MD5 checksum: 355034 d2fad7c1fa481c311272a033a1632baa
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13-dbg_1.4.4-3+etch3_arm.deb
Size/MD5 checksum: 511146 020e108874b330b04d28cbf111e1cb3c
http://security.debian.org/pool/updates/main/g/gnutls13/gnutls-bin_1.4.4-3+etch3_arm.deb
Size/MD5 checksum: 169790 d7904cea32e23dcd2abe3c8078029f24
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls-dev_1.4.4-3+etch2_hppa.deb
Size/MD5 checksum: 435274 a50a1b0396725750c7f9b18f42ed59df
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13-dbg_1.4.4-3+etch3_hppa.deb
Size/MD5 checksum: 521900 81a5514ae8b882945c9d86260a985075
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13_1.4.4-3+etch2_hppa.deb
Size/MD5 checksum: 312696 9b01cc660ec19e94365cfe9485e69504
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls-dev_1.4.4-3+etch3_hppa.deb
Size/MD5 checksum: 435428 b9b85897a5fa12e6145e44f1d811faf7
http://security.debian.org/pool/updates/main/g/gnutls13/gnutls-bin_1.4.4-3+etch2_hppa.deb
Size/MD5 checksum: 184434 3fe517f3ae76a0bb39ef2112259ee533
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13_1.4.4-3+etch3_hppa.deb
Size/MD5 checksum: 312786 7bf4a07c716180831b812024f9dc2bed
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13-dbg_1.4.4-3+etch2_hppa.deb
Size/MD5 checksum: 521782 ec2e351f911c06d10a906e35e87b17d8
http://security.debian.org/pool/updates/main/g/gnutls13/gnutls-bin_1.4.4-3+etch3_hppa.deb
Size/MD5 checksum: 184514 4a4436b484d0809e458fccd777af41a9
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13-dbg_1.4.4-3+etch3_i386.deb
Size/MD5 checksum: 525932 03fdffd511056bb48f00fd29a7ff0994
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13_1.4.4-3+etch3_i386.deb
Size/MD5 checksum: 282696 8e5d7e93c2bcd0e5b1c11b2bb76febc1
http://security.debian.org/pool/updates/main/g/gnutls13/gnutls-bin_1.4.4-3+etch2_i386.deb
Size/MD5 checksum: 171836 c7de8edce99f98a92597328a828306f4
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls-dev_1.4.4-3+etch3_i386.deb
Size/MD5 checksum: 359008 b2d4fb0470fb4933e9d7f7e4d365fade
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls-dev_1.4.4-3+etch2_i386.deb
Size/MD5 checksum: 358910 d3784c1606616b1053afe805e466d351
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13_1.4.4-3+etch2_i386.deb
Size/MD5 checksum: 282576 089b077a2856c2eb240d8ec91e34da98
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13-dbg_1.4.4-3+etch2_i386.deb
Size/MD5 checksum: 525814 236abc7e944de62b1c63ac2752df59d5
http://security.debian.org/pool/updates/main/g/gnutls13/gnutls-bin_1.4.4-3+etch3_i386.deb
Size/MD5 checksum: 171916 2c30fca77e49ece3c874923597113e84
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/g/gnutls13/gnutls-bin_1.4.4-3+etch3_ia64.deb
Size/MD5 checksum: 229224 a8b557d93ac98d96b69e83a1ab0abe60
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls-dev_1.4.4-3+etch2_ia64.deb
Size/MD5 checksum: 550142 eca44ae7ad3a622ae835bad66076bb44
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13-dbg_1.4.4-3+etch3_ia64.deb
Size/MD5 checksum: 528174 cb2e8a474b0f616ebdb4f7c70884a68b
http://security.debian.org/pool/updates/main/g/gnutls13/gnutls-bin_1.4.4-3+etch2_ia64.deb
Size/MD5 checksum: 229130 48c1beb6eec250eb2ef18978cb7002a7
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13_1.4.4-3+etch3_ia64.deb
Size/MD5 checksum: 394824 b83e917ffa852e371713c05eed6bb2ea
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13-dbg_1.4.4-3+etch2_ia64.deb
Size/MD5 checksum: 528024 4911b942fdb28257ce5404e0db59bf8f
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls-dev_1.4.4-3+etch3_ia64.deb
Size/MD5 checksum: 550282 bb35e15bed0cd0a002c09c2a33f204e3
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13_1.4.4-3+etch2_ia64.deb
Size/MD5 checksum: 394664 83b0fb175ce0a9228ae66a1c2c20087d
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13_1.4.4-3+etch3_mips.deb
Size/MD5 checksum: 278098 839af8690670ae34de6ec1c4ecb2a11d
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls-dev_1.4.4-3+etch2_mips.deb
Size/MD5 checksum: 417930 09a97882ea70cea64f7ab518f872d0d4
http://security.debian.org/pool/updates/main/g/gnutls13/gnutls-bin_1.4.4-3+etch2_mips.deb
Size/MD5 checksum: 181744 14f8d0bcae552215223083475fc102ff
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13_1.4.4-3+etch2_mips.deb
Size/MD5 checksum: 277980 176ba4c110568718f5310ebd88c0fad2
http://security.debian.org/pool/updates/main/g/gnutls13/gnutls-bin_1.4.4-3+etch3_mips.deb
Size/MD5 checksum: 181844 1063e31ebfce35d017cc2f52f43e7988
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13-dbg_1.4.4-3+etch2_mips.deb
Size/MD5 checksum: 552678 75998b98481a61f619a59fdcb195e92a
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls-dev_1.4.4-3+etch3_mips.deb
Size/MD5 checksum: 418000 6de735e5e2f89169cff80b7c88124d7c
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13-dbg_1.4.4-3+etch3_mips.deb
Size/MD5 checksum: 552848 e7a3675995e3f76753683bd56559c097
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13_1.4.4-3+etch3_mipsel.deb
Size/MD5 checksum: 277818 23b61680ae1ebd6e8352efd69369a54d
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13-dbg_1.4.4-3+etch3_mipsel.deb
Size/MD5 checksum: 541908 5ce5c90c1938eab0e66df230cb92b99f
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13-dbg_1.4.4-3+etch2_mipsel.deb
Size/MD5 checksum: 541770 b1a12727513f82602064e9d9d0238d4e
http://security.debian.org/pool/updates/main/g/gnutls13/gnutls-bin_1.4.4-3+etch3_mipsel.deb
Size/MD5 checksum: 182774 ebde66ae73e094da31b94a72b4214591
http://security.debian.org/pool/updates/main/g/gnutls13/gnutls-bin_1.4.4-3+etch2_mipsel.deb
Size/MD5 checksum: 182702 5bc323ab598389c3e074f28b54d84b84
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13_1.4.4-3+etch2_mipsel.deb
Size/MD5 checksum: 277736 582f2204399dfecd750f9f93a3f395d1
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls-dev_1.4.4-3+etch2_mipsel.deb
Size/MD5 checksum: 417036 d94700c36580f967644d95de26672633
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls-dev_1.4.4-3+etch3_mipsel.deb
Size/MD5 checksum: 417180 6e5c825f8843d10a312a791b7bb7e1cf
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/g/gnutls13/gnutls-bin_1.4.4-3+etch2_powerpc.deb
Size/MD5 checksum: 184590 c5a0ea676820713de26aec86ade8c61b
http://security.debian.org/pool/updates/main/g/gnutls13/gnutls-bin_1.4.4-3+etch3_powerpc.deb
Size/MD5 checksum: 184672 f8dc6ea415ba64b863f54c83eb948f4d
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls-dev_1.4.4-3+etch2_powerpc.deb
Size/MD5 checksum: 388752 c1a798145290881a103431c0e61b89b5
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13-dbg_1.4.4-3+etch2_powerpc.deb
Size/MD5 checksum: 538638 e78c7fd529dc9b84834d868d6d3abdbf
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13_1.4.4-3+etch3_powerpc.deb
Size/MD5 checksum: 288958 78c75eed0f9943eebd81c197381dbf5c
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13-dbg_1.4.4-3+etch3_powerpc.deb
Size/MD5 checksum: 538788 5435fb5147d931b8386eacc607a23dfc
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13_1.4.4-3+etch2_powerpc.deb
Size/MD5 checksum: 288854 73dd971eb95f10766b75938e531b850f
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls-dev_1.4.4-3+etch3_powerpc.deb
Size/MD5 checksum: 388886 9b17d971390abcda56a1dae375bb57f8
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13_1.4.4-3+etch3_s390.deb
Size/MD5 checksum: 311694 6249eb1de5c7350957867560879ab144
http://security.debian.org/pool/updates/main/g/gnutls13/gnutls-bin_1.4.4-3+etch3_s390.deb
Size/MD5 checksum: 184588 6350de7268b17a8698ff11f5054c6e4a
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13-dbg_1.4.4-3+etch2_s390.deb
Size/MD5 checksum: 537386 f2daa306f4815cfc6e147b89b2c9f836
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls-dev_1.4.4-3+etch2_s390.deb
Size/MD5 checksum: 380158 1e7bdd0dd3de68c319a38071814bcf25
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13-dbg_1.4.4-3+etch3_s390.deb
Size/MD5 checksum: 537530 9c94d38e0969a1a3ade7340623de07c0
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls-dev_1.4.4-3+etch3_s390.deb
Size/MD5 checksum: 380300 2761ba52e1fb0b7e8f899b5c24121159
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13_1.4.4-3+etch2_s390.deb
Size/MD5 checksum: 311354 7a314e4d02c883e281f4eafe25f04d31
http://security.debian.org/pool/updates/main/g/gnutls13/gnutls-bin_1.4.4-3+etch2_s390.deb
Size/MD5 checksum: 184510 05b634e19e7e85d994d5625dda5e6c52
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls-dev_1.4.4-3+etch3_sparc.deb
Size/MD5 checksum: 378986 3b732e25a6bcd5c2300af4820553516f
http://security.debian.org/pool/updates/main/g/gnutls13/gnutls-bin_1.4.4-3+etch2_sparc.deb
Size/MD5 checksum: 169598 34390667473c6d12097ede5c2c3c3610
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13_1.4.4-3+etch2_sparc.deb
Size/MD5 checksum: 271000 1c5024b2fd07ef8c98276afa17fac00b
http://security.debian.org/pool/updates/main/g/gnutls13/gnutls-bin_1.4.4-3+etch3_sparc.deb
Size/MD5 checksum: 169682 58c18c588e2e09bb97ace63713a8accf
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls-dev_1.4.4-3+etch2_sparc.deb
Size/MD5 checksum: 378848 1d86c8b4356b8be1cb6a31620469bada
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13-dbg_1.4.4-3+etch2_sparc.deb
Size/MD5 checksum: 491096 672ae9d75e0071ced67518ee05ae3733
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13_1.4.4-3+etch3_sparc.deb
Size/MD5 checksum: 271146 74514dfa3c95b1afe4388cc31bc4cba5
http://security.debian.org/pool/updates/main/g/gnutls13/libgnutls13-dbg_1.4.4-3+etch3_sparc.deb
Size/MD5 checksum: 491162 0dbc5d0426b64b4abff5acdabb2c42f0
これらのファイルは次の版の安定版リリース時そちらに移されます。
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
------>8------------>8------------>8------------>8------------>8-
--
Seiji Kaneko skaneko@xxxxxxxxxxxx
---------------------------------------------------------