---------------------------------------------------------------------- BETA test the new Secunia Personal Software Inspector! The Secunia PSI detects installed software on your computer and categorises it as either Insecure, End-of-Life, or Up-To-Date. Effectively enabling you to focus your attention on software installations where more secure versions are available from the vendors. Download the free PSI BETA from the Secunia website: https://psi.secunia.com/ ---------------------------------------------------------------------- TITLE: Debian update for id3lib3.8.3 SECUNIA ADVISORY ID: SA26646 VERIFY ADVISORY: http://secunia.com/advisories/26646/ CRITICAL: Less critical IMPACT: Privilege escalation WHERE: Local system OPERATING SYSTEM: Debian GNU/Linux 3.1 http://secunia.com/product/5307/ Debian GNU/Linux 4.0 http://secunia.com/product/13844/ Debian GNU/Linux unstable alias sid http://secunia.com/product/530/ DESCRIPTION: Debian has issued an update for id3lib3.8.3. This fixes a security issue, which can be exploited by malicious, local users to gain escalated privileges. For more information: SA26536 SOLUTION: Apply updated packages. -- Debian GNU/Linux 3.1 alias sarge -- Source archives: http://security.debian.org/pool/updates/main/i/id3lib3.8.3/id3lib3.8.3_3.8.3-4.1sarge1.dsc Size/MD5 checksum:655 94eda5191994c0dbe0146a85a9e94737 http://security.debian.org/pool/updates/main/i/id3lib3.8.3/id3lib3.8.3_3.8.3-4.1sarge1.diff.gz Size/MD5 checksum: 134382 b45300bc3341dbedf90f4c593462794f http://security.debian.org/pool/updates/main/i/id3lib3.8.3/id3lib3.8.3_3.8.3.orig.tar.gz Size/MD5 checksum: 950726 19f27ddd2dda4b2d26a559a4f0f402a7 Alpha architecture: http://security.debian.org/pool/updates/main/i/id3lib3.8.3/libid3-3.8.3_3.8.3-4.1sarge1_alpha.deb Size/MD5 checksum: 200738 a089ad12c4ddd30a4f6fdb340b3c9c26 http://security.debian.org/pool/updates/main/i/id3lib3.8.3/libid3-3.8.3-dev_3.8.3-4.1sarge1_alpha.deb Size/MD5 checksum: 358668 6a3178d16f20a2a4228133a0f692d197 AMD64 architecture: http://security.debian.org/pool/updates/main/i/id3lib3.8.3/libid3-3.8.3_3.8.3-4.1sarge1_amd64.deb Size/MD5 checksum: 190378 90cfc4e6ab66afc0618946eda78ce66d http://security.debian.org/pool/updates/main/i/id3lib3.8.3/libid3-3.8.3-dev_3.8.3-4.1sarge1_amd64.deb Size/MD5 checksum: 295174 79e8d0882c54ffceabff4b4b527317cb ARM architecture: http://security.debian.org/pool/updates/main/i/id3lib3.8.3/libid3-3.8.3_3.8.3-4.1sarge1_arm.deb Size/MD5 checksum: 204106 ae12d537affbc35f82517dbba061b332 http://security.debian.org/pool/updates/main/i/id3lib3.8.3/libid3-3.8.3-dev_3.8.3-4.1sarge1_arm.deb Size/MD5 checksum: 322872 607fdb462573a9d022338c5f011363e0 HP Precision architecture: http://security.debian.org/pool/updates/main/i/id3lib3.8.3/libid3-3.8.3_3.8.3-4.1sarge1_hppa.deb Size/MD5 checksum: 213312 5279c3416cd3d0c301439a8de2b70ee7 http://security.debian.org/pool/updates/main/i/id3lib3.8.3/libid3-3.8.3-dev_3.8.3-4.1sarge1_hppa.deb Size/MD5 checksum: 349392 28751fdfecf730380b111537646cac03 Intel IA-32 architecture: http://security.debian.org/pool/updates/main/i/id3lib3.8.3/libid3-3.8.3_3.8.3-4.1sarge1_i386.deb Size/MD5 checksum: 180852 10afd005f77c934946d1bcaf04998d92 http://security.debian.org/pool/updates/main/i/id3lib3.8.3/libid3-3.8.3-dev_3.8.3-4.1sarge1_i386.deb Size/MD5 checksum: 258526 3bb1cb543f6b2ab1a4985dfa536dd3e5 Intel IA-64 architecture: http://security.debian.org/pool/updates/main/i/id3lib3.8.3/libid3-3.8.3_3.8.3-4.1sarge1_ia64.deb Size/MD5 checksum: 214970 eb496451fad3c40a54f55dd55ff0e4d9 http://security.debian.org/pool/updates/main/i/id3lib3.8.3/libid3-3.8.3-dev_3.8.3-4.1sarge1_ia64.deb Size/MD5 checksum: 371532 2a339fa9b2d875dccf416dc648b5d11a Motorola 680x0 architecture: http://security.debian.org/pool/updates/main/i/id3lib3.8.3/libid3-3.8.3_3.8.3-4.1sarge1_m68k.deb Size/MD5 checksum: 190796 9d8b6bb6f224470ea1ac92d92015ad95 http://security.debian.org/pool/updates/main/i/id3lib3.8.3/libid3-3.8.3-dev_3.8.3-4.1sarge1_m68k.deb Size/MD5 checksum: 263074 a5747d036e6df6f1170e8c2607cb632d Big endian MIPS architecture: http://security.debian.org/pool/updates/main/i/id3lib3.8.3/libid3-3.8.3_3.8.3-4.1sarge1_mips.deb Size/MD5 checksum: 197400 144d3525c130676898f379e6ab26c804 http://security.debian.org/pool/updates/main/i/id3lib3.8.3/libid3-3.8.3-dev_3.8.3-4.1sarge1_mips.deb Size/MD5 checksum: 317716 31cde74a7a1328f63ce17907c539791a Little endian MIPS architecture: http://security.debian.org/pool/updates/main/i/id3lib3.8.3/libid3-3.8.3_3.8.3-4.1sarge1_mipsel.deb Size/MD5 checksum: 186678 2f8a8cdbf9a89b49fb43164b248d9196 http://security.debian.org/pool/updates/main/i/id3lib3.8.3/libid3-3.8.3-dev_3.8.3-4.1sarge1_mipsel.deb Size/MD5 checksum: 315966 eb8fd5f5e78b9a0537dca9b5eb5d0f27 PowerPC architecture: http://security.debian.org/pool/updates/main/i/id3lib3.8.3/libid3-3.8.3_3.8.3-4.1sarge1_powerpc.deb Size/MD5 checksum: 189040 0eb109d6c6864a912de8396b2fb7be31 http://security.debian.org/pool/updates/main/i/id3lib3.8.3/libid3-3.8.3-dev_3.8.3-4.1sarge1_powerpc.deb Size/MD5 checksum: 296638 4c113a84cfe17cc506043e26e6b6f094 IBM S/390 architecture: http://security.debian.org/pool/updates/main/i/id3lib3.8.3/libid3-3.8.3_3.8.3-4.1sarge1_s390.deb Size/MD5 checksum: 192592 d897e59ae0f1fe48a5e64bdb8c006416 http://security.debian.org/pool/updates/main/i/id3lib3.8.3/libid3-3.8.3-dev_3.8.3-4.1sarge1_s390.deb Size/MD5 checksum: 313664 84727122d6fae1d78f35ecdd3f2beefe Sun Sparc architecture: http://security.debian.org/pool/updates/main/i/id3lib3.8.3/libid3-3.8.3_3.8.3-4.1sarge1_sparc.deb Size/MD5 checksum: 184716 52c13bfcb58b41b2ce0456c046194bf4 http://security.debian.org/pool/updates/main/i/id3lib3.8.3/libid3-3.8.3-dev_3.8.3-4.1sarge1_sparc.deb Size/MD5 checksum: 279552 edc8e1d5d6f4f7d7beac85e81b29cdd3 -- Debian GNU/Linux 4.0 alias etch -- Reportedly, this problem will be fixed later. -- Debian GNU/Linux unstable alias sid -- Fixed in version 3.8.3-7. ORIGINAL ADVISORY: http://www.debian.org/security/2007/dsa-1365 OTHER REFERENCES: SA26536: http://secunia.com/advisories/26536 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------