Date: Thu, 12 Nov 1998 03:26:30 +0100 From: Wichert Akkerman <wichert@cs.leidenuniv.nl> To: Debian Security Announce <debian-security-announce@lists.debian.org> Subject: [SECURITY] New versions of junkbuster fixes buffer overflows --n8g4imXOkfNTN/H1 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable We have received reports that junkbuster had a couple buffer overflow vulnerabilities. We fixed those in version 2.0-3.2. All later version are also not vulnerable. The patches were backported from 2.0.2 . We recommend you upgrade your junkbuster package immediately. wget url will fetch the file for you dpkg -i file.deb will install the referenced file. Debian GNU/Linux 2.0 alias hamm ------------------------------- This version of Debian was released only for the Intel and the Motorola 68xxx architecture. Source archives: ftp://ftp.debian.org/pub/debian/dists/proposed-updates/junkbuster_2.0-3= .2.diff.gz MD5 checksum: b6f523b4a3a43761e58f98b971c0ad15 ftp://ftp.debian.org/pub/debian/dists/proposed-updates/junkbuster_2.0-3= .2.dsc MD5 checksum: 3a504521a91ef2e0e33d6c3a4a2352e8 ftp://ftp.debian.org/pub/debian/dists/hamm/main/source/web/junkbuster_2= .0.orig.tar.gz MD5 checksum: 8b0582f3001967964343f1fa5fe4c7aa Intel architecture: ftp://ftp.debian.org/pub/debian/dists/proposed-updates/junkbuster_2.0-3= .2_i386.deb MD5 checksum: 7bb42ed33c19f49788d232b13119dc40 Motorola 68xxx architecture: ftp://ftp.debian.org/pub/debian/dists/proposed-updates/junkbuster_2.0-3= .2_m68k.deb MD5 checksum: e5bb0b3e5eae51140bcbd3b43f71b4cb These files will be moved into ftp://ftp.debian.org/debian/dists/hamm/*/binary-$arch/ soon. For not yet released architectures please refer to the appropriate directory ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ . --=20 Debian GNU/Linux . Security Managers . security@debian.org debian-security-announce@lists.debian.org Christian Hudon . Wichert Akkerman . Martin Schulze <chrish@debian.org> . <wakkerma@debian.org> . <joey@debian.org> --n8g4imXOkfNTN/H1 Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: 2.6.3ia iQB1AwUBNkpHVajZR/ntlUftAQHkoAMAgjScMacVgj2DOW0802UeOPQ3l7VtxnZC 9OwKBZRcTDquav4VjuF5q6uQSjnjxWxtEwLd76Ssh50F5FUe/urES3xi4w8zrwAF x1dDNd2RCJx04l+38scxbj07Q6TA+TXO =SGjU -----END PGP SIGNATURE----- --n8g4imXOkfNTN/H1-- -- To UNSUBSCRIBE, email to debian-security-announce-request@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org