TITLE: Debian update for tuxpaint SECUNIA ADVISORY ID: SA18476 VERIFY ADVISORY: http://secunia.com/advisories/18476/ CRITICAL: Less critical IMPACT: Privilege escalation WHERE: Local system OPERATING SYSTEM: Debian GNU/Linux unstable alias sid http://secunia.com/product/530/ Debian GNU/Linux 3.1 http://secunia.com/product/5307/ DESCRIPTION: Debian has issued an update for tuxpaint. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. For more information: SA18475 SOLUTION: Apply updated packages. -- Debian GNU/Linux 3.1 alias sarge -- Source archives: http://security.debian.org/pool/updates/main/t/tuxpaint/tuxpaint_0.9.14-2sarge0.dsc Size/MD5 checksum: 749 33447b64d21e124dfbcab3626f0a2c09 http://security.debian.org/pool/updates/main/t/tuxpaint/tuxpaint_0.9.14-2sarge0.diff.gz Size/MD5 checksum: 6178 fe6d69b9df65fcb6c0f1015a39e6d715 http://security.debian.org/pool/updates/main/t/tuxpaint/tuxpaint_0.9.14.orig.tar.gz Size/MD5 checksum: 3208894 0b7522c1b3672d5c233f7bbc772c8dec Architecture independent components: http://security.debian.org/pool/updates/main/t/tuxpaint/tuxpaint-data_0.9.14-2sarge0_all.deb Size/MD5 checksum: 1093764 416ffee20dca7ba7926e30a71ae95ff3 Alpha architecture: http://security.debian.org/pool/updates/main/t/tuxpaint/tuxpaint_0.9.14-2sarge0_alpha.deb Size/MD5 checksum: 112732 9b588312a0b5936ea5bbe096aa726e9e AMD64 architecture: http://security.debian.org/pool/updates/main/t/tuxpaint/tuxpaint_0.9.14-2sarge0_amd64.deb Size/MD5 checksum: 96402 286c9839a2636dc2beb6df05d89cb290 ARM architecture: http://security.debian.org/pool/updates/main/t/tuxpaint/tuxpaint_0.9.14-2sarge0_arm.deb Size/MD5 checksum: 98002 d68f2fff833108084d9d67b254dea638 Intel IA-32 architecture: http://security.debian.org/pool/updates/main/t/tuxpaint/tuxpaint_0.9.14-2sarge0_i386.deb Size/MD5 checksum: 94188 f27e07c2e34ead61b24f71dd3df2de51 Intel IA-64 architecture: http://security.debian.org/pool/updates/main/t/tuxpaint/tuxpaint_0.9.14-2sarge0_ia64.deb Size/MD5 checksum: 126116 217e59f14aad0e5acb6e139fc347d64c HP Precision architecture: http://security.debian.org/pool/updates/main/t/tuxpaint/tuxpaint_0.9.14-2sarge0_hppa.deb Size/MD5 checksum: 103696 8b61b78194383314d49d465033f5ceed Motorola 680x0 architecture: http://security.debian.org/pool/updates/main/t/tuxpaint/tuxpaint_0.9.14-2sarge0_m68k.deb Size/MD5 checksum: 86260 9734a7337a228519ea31b956ffd7e5f6 Big endian MIPS architecture: http://security.debian.org/pool/updates/main/t/tuxpaint/tuxpaint_0.9.14-2sarge0_mips.deb Size/MD5 checksum: 101286 c9d58ae06ad9d860df0af6987a4672ef Little endian MIPS architecture: http://security.debian.org/pool/updates/main/t/tuxpaint/tuxpaint_0.9.14-2sarge0_mipsel.deb Size/MD5 checksum: 100346 464c3aa6e843687bdf425c9e8af9be19 PowerPC architecture: http://security.debian.org/pool/updates/main/t/tuxpaint/tuxpaint_0.9.14-2sarge0_powerpc.deb Size/MD5 checksum: 99138 d6ce366eab028cf324155560d6705518 IBM S/390 architecture: http://security.debian.org/pool/updates/main/t/tuxpaint/tuxpaint_0.9.14-2sarge0_s390.deb Size/MD5 checksum: 97318 5472aa0a7989222c510a7f68292d976f Sun Sparc architecture: http://security.debian.org/pool/updates/main/t/tuxpaint/tuxpaint_0.9.14-2sarge0_sparc.deb Size/MD5 checksum: 94720 cc8cdaba526506d75f63f5e86a722cee -- Debian GNU/Linux unstable alias sid -- Fixed in version 0.9.15b-1. ORIGINAL ADVISORY: http://www.debian.org/security/2006/dsa-941 OTHER REFERENCES: SA18475: http://secunia.com/advisories/18475/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------