----------------------------------------------------------------------

Did you know that a change in our assessment rating, exploit code
availability, or if an updated patch is released by the vendor, is
not part of this mailing-list?

Click here to learn more:
http://secunia.com/advisories/business_solutions/

----------------------------------------------------------------------

TITLE:
Debian update for amarok

SECUNIA ADVISORY ID:
SA33522

VERIFY ADVISORY:
http://secunia.com/advisories/33522/

CRITICAL:
Highly critical

IMPACT:
System access

WHERE:
>From remote

OPERATING SYSTEM:
Debian GNU/Linux 4.0
http://secunia.com/advisories/product/13844/
Debian GNU/Linux unstable alias sid
http://secunia.com/advisories/product/530/

DESCRIPTION:
Debian has issued an update for amarok. This fixes some
vulnerabilities, which potentially can be exploited by malicious
people to compromise a user's system.

For more information:
SA33505

SOLUTION:
Apply updated packages.

-- Debian GNU/Linux 4.0 alias etch --

Source archives:

http://security.debian.org/pool/updates/main/a/amarok/amarok_1.4.4.orig.tar.gz
Size/MD5 checksum: 17628566 0adbbd8373da2198b80e509618a2dab9
http://security.debian.org/pool/updates/main/a/amarok/amarok_1.4.4-4etch1.diff.gz
Size/MD5 checksum: 42402 c29b0538c033ededacc6d31339d17700
http://security.debian.org/pool/updates/main/a/amarok/amarok_1.4.4-4etch1.dsc
Size/MD5 checksum: 986 f8e80af55fbd8386e6b13b0b12d798f4

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/a/amarok/amarok-engines_1.4.4-4etch1_alpha.deb
Size/MD5 checksum: 70238 16f3f3c09abb731a18a3dc48c473de6b
http://security.debian.org/pool/updates/main/a/amarok/amarok-xine_1.4.4-4etch1_alpha.deb
Size/MD5 checksum: 129504 287d891eceb758b606dca22be1c00373
http://security.debian.org/pool/updates/main/a/amarok/amarok_1.4.4-4etch1_alpha.deb
Size/MD5 checksum: 17689706 f50edbcb0ecf4e4b9eb3c7bfcccdab16

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/a/amarok/amarok-engines_1.4.4-4etch1_amd64.deb
Size/MD5 checksum: 69932 7fa4c35fe5ec1bf5c3622beaadfd9d55
http://security.debian.org/pool/updates/main/a/amarok/amarok_1.4.4-4etch1_amd64.deb
Size/MD5 checksum: 17559012 516c270247fbb4470ec5d453edd45240
http://security.debian.org/pool/updates/main/a/amarok/amarok-xine_1.4.4-4etch1_amd64.deb
Size/MD5 checksum: 126688 f4dc3d7e22c5716df018e1d198756523

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/a/amarok/amarok-engines_1.4.4-4etch1_hppa.deb
Size/MD5 checksum: 70028 ee3d6e27e1bb5412a729cda758bb4c79
http://security.debian.org/pool/updates/main/a/amarok/amarok_1.4.4-4etch1_hppa.deb
Size/MD5 checksum: 17799030 a9ab6605a349108354a1c3642b3e017b
http://security.debian.org/pool/updates/main/a/amarok/amarok-xine_1.4.4-4etch1_hppa.deb
Size/MD5 checksum: 133110 025ed372785d76ee8489debf6ec06b59

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/a/amarok/amarok-xine_1.4.4-4etch1_i386.deb
Size/MD5 checksum: 122606 af13d7d1948840398e2e0865c002f1be
http://security.debian.org/pool/updates/main/a/amarok/amarok-engines_1.4.4-4etch1_i386.deb
Size/MD5 checksum: 69978 d9e962dbb56755409c73e1d29d76e8ca
http://security.debian.org/pool/updates/main/a/amarok/amarok_1.4.4-4etch1_i386.deb
Size/MD5 checksum: 17426752 7e3dd482184056066d73844fea495000

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/a/amarok/amarok-engines_1.4.4-4etch1_ia64.deb
Size/MD5 checksum: 69978 eaeea421c5d986247d68b24fa43645b4
http://security.debian.org/pool/updates/main/a/amarok/amarok-xine_1.4.4-4etch1_ia64.deb
Size/MD5 checksum: 143310 55bcb806b1ed036e0b1bf1e14cab97d1
http://security.debian.org/pool/updates/main/a/amarok/amarok_1.4.4-4etch1_ia64.deb
Size/MD5 checksum: 18256184 8ee9cdea2583aa0efdd577a91ccb1037

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/a/amarok/amarok-engines_1.4.4-4etch1_mips.deb
Size/MD5 checksum: 69978 2e39ff39e8a9ef544f4f9e3d00c4708e
http://security.debian.org/pool/updates/main/a/amarok/amarok-xine_1.4.4-4etch1_mips.deb
Size/MD5 checksum: 118582 956b27a45db711471b8a1647a7e13893
http://security.debian.org/pool/updates/main/a/amarok/amarok_1.4.4-4etch1_mips.deb
Size/MD5 checksum: 17189438 a0cd5cbf3e68a9a481cbd42a13d0c717

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/a/amarok/amarok-xine_1.4.4-4etch1_mipsel.deb
Size/MD5 checksum: 118316 73af2daa439ee61d07781f42fbb9bdf2
http://security.debian.org/pool/updates/main/a/amarok/amarok-engines_1.4.4-4etch1_mipsel.deb
Size/MD5 checksum: 69976 084e0fabd90d5dcbc3cdaf7727a8e7c9
http://security.debian.org/pool/updates/main/a/amarok/amarok_1.4.4-4etch1_mipsel.deb
Size/MD5 checksum: 17131354 d5a809e1e78f60ffb91ed99e697dbc13

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/a/amarok/amarok_1.4.4-4etch1_powerpc.deb
Size/MD5 checksum: 17423852 1c2428cbb97b045f3880538db423e6f4
http://security.debian.org/pool/updates/main/a/amarok/amarok-xine_1.4.4-4etch1_powerpc.deb
Size/MD5 checksum: 123234 224605d1f56406132ab7acc9314301c0
http://security.debian.org/pool/updates/main/a/amarok/amarok-engines_1.4.4-4etch1_powerpc.deb
Size/MD5 checksum: 69978 6d0d183ed614b4627fb306aeec628b72

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/a/amarok/amarok-engines_1.4.4-4etch1_s390.deb
Size/MD5 checksum: 69974 300b343297ec84c5520052014d237df6
http://security.debian.org/pool/updates/main/a/amarok/amarok-xine_1.4.4-4etch1_s390.deb
Size/MD5 checksum: 125914 48ca5f8f754297d200c4d87d69d6c345
http://security.debian.org/pool/updates/main/a/amarok/amarok_1.4.4-4etch1_s390.deb
Size/MD5 checksum: 17480270 865a5a65b3c5ad28858d7c7538f0bbc7

-- Debian GNU/Linux unstable alias sid --

Fixed in version 1.4.10-2.

ORIGINAL ADVISORY:
DSA-1706-1:
http://lists.debian.org/debian-security-announce/2009/msg00013.html

OTHER REFERENCES:
SA33505:
http://secunia.com/advisories/33505/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

----------------------------------------------------------------------