-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1597-2 security@debian.org http://www.debian.org/security/ Devin Carraway August 30, 2008 http://www.debian.org/security/faq - ------------------------------------------------------------------------ Package : mt-daapd Vulnerability : multiple vulnerabilities Problem type : remote Debian-specific: no CVE Id(s) : CVE-2007-5824 CVE-2007-5825 CVE-2008-1771 Debian Bug : 459961 476241 496217 In DSA-1597-1, an update was announced for multiple vulnerabilities in the mt-daapd audio server. One of the fixes introduced a regression preventing successful authentication to the administration interface. An updated release is available which corrects this problem. For reference, the original advisory text follows. Three vulnerabilities have been discovered in the mt-daapd DAAP audio server (also known as the Firefly Media Server). The Common Vulnerabilities and Exposures project identifies the following three problems: CVE-2007-5824 Insufficient validation and bounds checking of the Authorization: HTTP header enables a heap buffer overflow, potentially enabling the execution of arbitrary code. CVE-2007-5825 Format string vulnerabilities in debug logging within the authentication of XML-RPC requests could enable the execution of arbitrary code. CVE-2008-1771 An integer overflow weakness in the handling of HTTP POST variables could allow a heap buffer overflow and potentially arbitrary code execution. For the stable distribution (etch), these problems have been fixed in version 0.2.4+r1376-1.1+etch2. We recommend that you upgrade your mt-daapd package. Upgrade instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - ------------------------------- Debian (stable) - --------------- Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch2.dsc Size/MD5 checksum: 765 6ca72b17e6f40d1a02651e94488dcb49 http://security.debian.org/pool/updates/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch2.diff.gz Size/MD5 checksum: 8995 467b2da8c4fda2ce457d58ecdae50ab7 http://security.debian.org/pool/updates/main/m/mt-daapd/mt-daapd_0.2.4+r1376.orig.tar.gz Size/MD5 checksum: 995301 c427c26e93914290b7cd615835ea333a alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch2_alpha.deb Size/MD5 checksum: 637480 72c53899fba14e24dab492cf5bf1e7b9 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch2_amd64.deb Size/MD5 checksum: 611854 7a2e898b954d46685da0276e6cc50c15 arm architecture (ARM) http://security.debian.org/pool/updates/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch2_arm.deb Size/MD5 checksum: 593970 e0d68246bba4c79b9bb939c70bb90def hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch2_hppa.deb Size/MD5 checksum: 630644 80c003af6df36becf5c88b12ff3fad94 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch2_i386.deb Size/MD5 checksum: 598998 233350989d451e8e5138faaa97c1ffb3 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch2_ia64.deb Size/MD5 checksum: 680220 e4a38946ff00aef9721242974ef90385 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch2_mips.deb Size/MD5 checksum: 620342 9574939e71636d91df4a86c8f46c51c1 mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch2_mipsel.deb Size/MD5 checksum: 615384 1dbcb96200006414080402d8d96ec7df powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch2_powerpc.deb Size/MD5 checksum: 620380 98d4eef2a6ece485cd519cd82997100c s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch2_s390.deb Size/MD5 checksum: 623264 cd1d9cf611212cbeb72347071ec0efa6 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/m/mt-daapd/mt-daapd_0.2.4+r1376-1.1+etch2_sparc.deb Size/MD5 checksum: 595508 dd4c18f06eaf2c3b45ffe138780c17ec These files will probably be moved into the stable distribution on its next update. - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFIuYLeU5XKDemr/NIRAm4ZAJ4pzveGvkIBqVyoQXP2A4pqAgwkmQCgpmPf ys2+8LelK+LtWFS0GfdFqhw= =841x -----END PGP SIGNATURE-----