---------------------------------------------------------------------- A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI has been released. The new version includes many new and advanced features, which makes it even easier to stay patched. Download and test it today: https://psi.secunia.com/ Read more about this new version: https://psi.secunia.com/?page=changelog ---------------------------------------------------------------------- TITLE: Debian update for lighttpd SECUNIA ADVISORY ID: SA29403 VERIFY ADVISORY: http://secunia.com/advisories/29403/ CRITICAL: Less critical IMPACT: Exposure of system information, Exposure of sensitive information WHERE: >From remote OPERATING SYSTEM: Debian GNU/Linux 4.0 http://secunia.com/product/13844/ DESCRIPTION: Debian has issued an update for lighttpd. This fixes a security issue, which can be exploited by malicious people to disclose potentially sensitive information. For more information see vulnerability #2 in: SA29235 SOLUTION: Apply updated packages. -- Debian GNU/Linux 4.0 alias etch -- Source archives: http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd_1.4.13-4etch6.dsc Size/MD5 checksum: 1098 3e5a62a7162734998177e8707d2dba02 http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd_1.4.13-4etch6.diff.gz Size/MD5 checksum:37066 853e653e4b56e0065b7d072bfdb038b9 Architecture independent packages: http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-doc_1.4.13-4etch6_all.deb Size/MD5 checksum:99510 38af003d4b49531a371c58eec8c92797 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-trigger-b4-dl_1.4.13-4etch6_alpha.deb Size/MD5 checksum:61252 f9a572ac4ece6cda80883e9ece59cf99 http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-magnet_1.4.13-4etch6_alpha.deb Size/MD5 checksum:64492 6d0802043b33391abf217b605ade53c6 http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd_1.4.13-4etch6_alpha.deb Size/MD5 checksum: 318848 64225fd5e10a77386763b28a3fa6b310 http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-webdav_1.4.13-4etch6_alpha.deb Size/MD5 checksum:71726 8797d97bd147f2f502741d790d42781e http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-mysql-vhost_1.4.13-4etch6_alpha.deb Size/MD5 checksum:59494 5537c07a1bf16c607d42cbb24af35b0e http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-cml_1.4.13-4etch6_alpha.deb Size/MD5 checksum:64924 e179a9988bc2b04a0188301040f7eb02 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-trigger-b4-dl_1.4.13-4etch6_amd64.deb Size/MD5 checksum:60662 281bac93cddf6ed6fcd907dac5eb0720 http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-webdav_1.4.13-4etch6_amd64.deb Size/MD5 checksum:69818 74394f7d4528636f962133efa4a738da http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-magnet_1.4.13-4etch6_amd64.deb Size/MD5 checksum:63506 b336b9d3d1836d2d06c5feaaefb8366e http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-cml_1.4.13-4etch6_amd64.deb Size/MD5 checksum:63806 6613f85008260c83222a2b5a8d183d50 http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd_1.4.13-4etch6_amd64.deb Size/MD5 checksum: 297130 9a00e9837f11cb5647491e28bf8da877 http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-mysql-vhost_1.4.13-4etch6_amd64.deb Size/MD5 checksum:59060 1b1864819d7892f9dc1834ece83ba39f arm architecture (ARM) http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-magnet_1.4.13-4etch6_arm.deb Size/MD5 checksum:62786 e91afeac0b95ae32d9c346bf8b56ff2b http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-webdav_1.4.13-4etch6_arm.deb Size/MD5 checksum:69506 928bd56baa76d302d2637c3edafa966a http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-mysql-vhost_1.4.13-4etch6_arm.deb Size/MD5 checksum:58604 e060ddc287c0f62485c3b450f781a9c5 http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd_1.4.13-4etch6_arm.deb Size/MD5 checksum: 286248 6915b4c299334a0aa608e69016579947 http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-trigger-b4-dl_1.4.13-4etch6_arm.deb Size/MD5 checksum:60736 c1dba99fad76965ea148addcedbe8d1e http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-cml_1.4.13-4etch6_arm.deb Size/MD5 checksum:62996 441fe045d312d83cd9c0abfea000fd04 hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-cml_1.4.13-4etch6_hppa.deb Size/MD5 checksum:65382 9891f2e251cba3716cc7318244f12191 http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-magnet_1.4.13-4etch6_hppa.deb Size/MD5 checksum:64926 32155b4baafa529b01f8fa93d35c1016 http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd_1.4.13-4etch6_hppa.deb Size/MD5 checksum: 324246 b391c9f49db494a231b2c6bbe6b0a17c http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-trigger-b4-dl_1.4.13-4etch6_hppa.deb Size/MD5 checksum:61704 a445b749e09728bbcc7aa2810262c316 http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-webdav_1.4.13-4etch6_hppa.deb Size/MD5 checksum:72912 f1b011512b9ffe681684aedc1100fd96 http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-mysql-vhost_1.4.13-4etch6_hppa.deb Size/MD5 checksum:59856 e4d9e12d39cedc57301dec75d3f0f9bc i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-webdav_1.4.13-4etch6_i386.deb Size/MD5 checksum:70858 38d84f5a4dc0b5e98d8c4d8753720721 http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-mysql-vhost_1.4.13-4etch6_i386.deb Size/MD5 checksum:59004 e89b0b96998623b78e0e756ecb5c64e5 http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-magnet_1.4.13-4etch6_i386.deb Size/MD5 checksum:63614 3f91b5416bade664bac825c5f55b1760 http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-cml_1.4.13-4etch6_i386.deb Size/MD5 checksum:63810 f5c6a0fe13e228a2c97f7c0f9134139f http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd_1.4.13-4etch6_i386.deb Size/MD5 checksum: 288986 020ae1cd38f72be751c3d2339322e37d http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-trigger-b4-dl_1.4.13-4etch6_i386.deb Size/MD5 checksum:60764 6a866a4be8bb00bc89a19fd923892ac3 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-cml_1.4.13-4etch6_ia64.deb Size/MD5 checksum:67428 8057dbf996587a0dab7dfb830149596a http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-magnet_1.4.13-4etch6_ia64.deb Size/MD5 checksum:67270 47e8df0e90b8a94399140f8e094cf193 http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-webdav_1.4.13-4etch6_ia64.deb Size/MD5 checksum:76970 3ec5566bf7884996d3b2c1cff05934d3 http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-trigger-b4-dl_1.4.13-4etch6_ia64.deb Size/MD5 checksum:62972 9eba69d6fbceecf7ab25847fe6123d45 http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd_1.4.13-4etch6_ia64.deb Size/MD5 checksum: 403368 49e9eeff7722157ec9240b693bdd7a8b http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-mysql-vhost_1.4.13-4etch6_ia64.deb Size/MD5 checksum:61096 a431a7e8cc1ed5e7c03a986062a71cb6 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-trigger-b4-dl_1.4.13-4etch6_mips.deb Size/MD5 checksum:59854 8a771e4cf424fc2db2ea32cc2e51e97b http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd_1.4.13-4etch6_mips.deb Size/MD5 checksum: 296016 08c0da736b8529d6a76cfc3cd482b2e9 http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-magnet_1.4.13-4etch6_mips.deb Size/MD5 checksum:62442 8f42b63450914e64e2eee69b4bdbfe90 http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-webdav_1.4.13-4etch6_mips.deb Size/MD5 checksum:69146 2bc52d53fb5fe04fb1252c31b280a418 http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-cml_1.4.13-4etch6_mips.deb Size/MD5 checksum:62562 bd6ea27d76c2c61e3c744b4f9bdb00ce http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-mysql-vhost_1.4.13-4etch6_mips.deb Size/MD5 checksum:58480 939cbd552f397780de40b834908b7130 mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-webdav_1.4.13-4etch6_mipsel.deb Size/MD5 checksum:69928 9ac409e25d6e7b9e4b1cb4ad13ed9632 http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-trigger-b4-dl_1.4.13-4etch6_mipsel.deb Size/MD5 checksum:60680 343e11ab45cab336396806f7f221945d http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-magnet_1.4.13-4etch6_mipsel.deb Size/MD5 checksum:63286 886e4bc3478309c1656f7d6bd977f2ed http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-mysql-vhost_1.4.13-4etch6_mipsel.deb Size/MD5 checksum:59192 e4cc8d162b281518d52a739eb318f041 http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd_1.4.13-4etch6_mipsel.deb Size/MD5 checksum: 297128 89cdce8b7cd2690e28b95c3d783c9154 http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-cml_1.4.13-4etch6_mipsel.deb Size/MD5 checksum:63450 36f870435ee48223a8ced7e6613a169d powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-mysql-vhost_1.4.13-4etch6_powerpc.deb Size/MD5 checksum:60566 d4b1ad36213cbdf6065f239aa472b498 http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-magnet_1.4.13-4etch6_powerpc.deb Size/MD5 checksum:65034 845332f6d09f3f0692a6d18963dcfcc4 http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-trigger-b4-dl_1.4.13-4etch6_powerpc.deb Size/MD5 checksum:62380 6466c3be37fe7fe26f7e83b3c2ead222 http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-cml_1.4.13-4etch6_powerpc.deb Size/MD5 checksum:65306 aaaefd16bdf02e178aee3343c18cc17d http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-webdav_1.4.13-4etch6_powerpc.deb Size/MD5 checksum:71682 a4bb5ec71a26f40b0a5cef12bb850a40 http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd_1.4.13-4etch6_powerpc.deb Size/MD5 checksum: 323712 eb5edc0b82555ec99996121925c4d0ab s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-trigger-b4-dl_1.4.13-4etch6_s390.deb Size/MD5 checksum:60994 4f546530cae504799f369f806d00eb51 http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd_1.4.13-4etch6_s390.deb Size/MD5 checksum: 307112 25b76d9b1971949e8091e2c4c0430c58 http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-magnet_1.4.13-4etch6_s390.deb Size/MD5 checksum:64160 30ad6c09af94176abd6fb010ee66bb25 http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-cml_1.4.13-4etch6_s390.deb Size/MD5 checksum:64548 c03eed9df63c727831ff4993703b98c0 http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-webdav_1.4.13-4etch6_s390.deb Size/MD5 checksum:71274 b8a2712beb266769a25219bcaccceeac http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-mysql-vhost_1.4.13-4etch6_s390.deb Size/MD5 checksum:59486 706725ae2ff5257a52467e7db30c0a14 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-webdav_1.4.13-4etch6_sparc.deb Size/MD5 checksum:69798 d85012884750a5d423d2761f62dd2ec9 http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-trigger-b4-dl_1.4.13-4etch6_sparc.deb Size/MD5 checksum:60434 cad01450236fec8a2a57504aea63426c http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-cml_1.4.13-4etch6_sparc.deb Size/MD5 checksum:63344 ebf4c95b0d1cfc06e3d37afad107afd4 http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-mysql-vhost_1.4.13-4etch6_sparc.deb Size/MD5 checksum:58776 76a058d44cef9963903648eefef0fa7a http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd-mod-magnet_1.4.13-4etch6_sparc.deb Size/MD5 checksum:63322 5d433e4a4b0801256be2170bf0ba3931 http://security.debian.org/pool/updates/main/l/lighttpd/lighttpd_1.4.13-4etch6_sparc.deb Size/MD5 checksum: 284060 2c0aafcaa9c5490e8ae9f8e73d7b7a22 ORIGINAL ADVISORY: http://www.us.debian.org/security/2008/dsa-1521 OTHER REFERENCES: SA29235: http://secunia.com/advisories/29235/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------