![[LWN Logo]](/images/lwn.banner.gif)
Date: Thu, 26 Aug 1999 08:14:25 +0200
From: Martin Schulze <joey@finlandia.Infodrom.North.DE>
To: Debian Security Announcements <debian-security-announce@lists.debian.org>
Subject: [SECURITY] New versions of epic4 fixes possible DoS vulnerability
--tv2SIFopg1r47n4a
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
---------------------------------------------------------------------------
Debian Security Advisory security@debian.org
http://www.debian.org/security/ Martin Schulze
August 26, 1999
---------------------------------------------------------------------------
We have received a report from the author of epic4 covering a denial
of service vulnerability. All versions of epic4 between version
pre1.034 (including) and version pre2.004-19990718 (excluding) are
vulnerable. They contain code which makes epic4 walk off of a string,
causing the client to crash and possibly display arbitrary characters
on the terminal.
We recommend you upgrade your epic4 packages immediately.
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
Debian GNU/Linux 2.1 alias slink
--------------------------------
This version of Debian was released only for the Intel, the
Motorola 68xxx, the alpha and the Sun sparc architecture.
Source archives:
ftp://ftp.debian.org/debian/dists/proposed-updates/epic4_pre2.003-0slin=
k2.diff.gz
MD5 checksum: 587def2142692d6c813c9aef8b250d0e
ftp://ftp.debian.org/debian/dists/proposed-updates/epic4_pre2.003-0slin=
k2.dsc
MD5 checksum: e90e72db5f162d95bfe0318965fe743a
ftp://ftp.debian.org/debian/dists/proposed-updates/epic4_pre2.003.orig.=
tar.gz
MD5 checksum: 76ceeb97abf12e80df395c0ffb917eb3
Alpha architecture:
ftp://ftp.debian.org/debian/dists/proposed-updates/epic4_pre2.003-0slin=
k2_alpha.deb
MD5 checksum: 836e1f26eda5e01e9eee981cb42f8d92
ftp://ftp.debian.org/debian/dists/proposed-updates/epic4-dbg_pre2.003-0=
slink2_alpha.deb
MD5 checksum: 83e9056fdddb471b3cc4530e46518a29
Intel ia32 architecture:
ftp://ftp.debian.org/debian/dists/proposed-updates/epic4_pre2.003-0slin=
k2_i386.deb
MD5 checksum: de8dee999d738609a14ea698bff83b3a
ftp://ftp.debian.org/debian/dists/proposed-updates/epic4-dbg_pre2.003-0=
slink2_i386.deb
MD5 checksum: 2abf5a40aab6fe335da43577dd8fc2df
Motorola 680x0 architecture:
ftp://ftp.debian.org/debian/dists/proposed-updates/epic4_pre2.003-0slin=
k2_m68k.deb
MD5 checksum: b56b7ed67f788cfc8863609392129262
ftp://ftp.debian.org/debian/dists/proposed-updates/epic4-dbg_pre2.003-0=
slink2_m68k.deb
MD5 checksum: c0882ececb2db804559522beaab025a8
Sun Sparc architecture:
ftp://ftp.debian.org/debian/dists/proposed-updates/epic4_pre2.003-0slin=
k2_sparc.deb
MD5 checksum: e2ec2da59f4e120bc2b46c6c897998ba
ftp://ftp.debian.org/debian/dists/proposed-updates/epic4-dbg_pre2.003-0=
slink2_sparc.deb
MD5 checksum: 8db84c4840db3f81c97bf15b963315fb
Debian GNU/Linux pre2.2 alias potato
------------------------------------
Source archives:
ftp://ftp.debian.org/debian/dists/unstable/main/source/net/epic4_pre2.0=
04-19990718-1.diff.gz
MD5 checksum: f7a7c58fe67d12239acb74cc103f30ac
ftp://ftp.debian.org/debian/dists/unstable/main/source/net/epic4_pre2.0=
04-19990718-1.dsc
MD5 checksum: 370d5f31de63e69ba7c13d3eb0b93b6d
ftp://ftp.debian.org/debian/dists/unstable/main/source/net/epic4_pre2.0=
04-19990718.orig.tar.gz
MD5 checksum: 228babc39a9dcc6327b1c7b6f2e689d7
Alpha architecture:
ftp://ftp.debian.org/debian/dists/unstable/main/binary-alpha/net/epic4_=
pre2.004-19990718-1.deb
MD5 checksum: 57f888cb6a049335900f30e3138ffbcb
ftp://ftp.debian.org/debian/dists/unstable/main/binary-alpha/net/epic4-=
dbg_pre2.004-19990718-1.deb
MD5 checksum: 7e60edcb836350730c981a6da30f5393
ARM architecture:
ftp://ftp.debian.org/debian/dists/unstable/main/binary-arm/net/epic4_pr=
e2.004-19990718-1.deb
MD5 checksum: d96c8e05abdfd5386e42117b5f7eed02
ftp://ftp.debian.org/debian/dists/unstable/main/binary-arm/net/epic4-db=
g_pre2.004-19990718-1.deb
MD5 checksum: 9a4cdf86ab7ac131bb95db494dcde770
Intel ia32 architecture:
ftp://ftp.debian.org/debian/dists/unstable/main/binary-i386/net/epic4_p=
re2.004-19990718-1.deb
MD5 checksum: 61ed5f0568fa3c7457da7a1a7611b311
ftp://ftp.debian.org/debian/dists/unstable/main/binary-i386/net/epic4-d=
bg_pre2.004-19990718-1.deb
MD5 checksum: 9a0361cce15def9c8bf87f0b6320d29e
Motorola 680x0 architecture:
ftp://ftp.debian.org/debian/dists/unstable/main/binary-m68k/net/epic4_p=
re2.004-19990718-1.deb
MD5 checksum: ea40ed1442bfc0e6ddf39119af6b8de2
ftp://ftp.debian.org/debian/dists/unstable/main/binary-m68k/net/epic4-d=
bg_pre2.004-19990718-1.deb
MD5 checksum: 81da2abae81c256f50094f1c926f9251
PowerPC architecture:
ftp://ftp.debian.org/debian/dists/unstable/main/binary-powerpc/net/epic=
4_pre2.004-19990718-1.deb
MD5 checksum: 55f133dcee4fcc345266bc510af47a14
ftp://ftp.debian.org/debian/dists/unstable/main/binary-powerpc/net/epic=
4-dbg_pre2.004-19990718-1.deb
MD5 checksum: 9c3d2cb97da84d61e6a3aebf34834d3f
Sun Sparc architecture:
ftp://ftp.debian.org/debian/dists/unstable/main/binary-sparc/net/epic4_=
pre2.004-19990718-1.deb
MD5 checksum: 211bbc7352257e088f1ba13bedc8c5e0
ftp://ftp.debian.org/debian/dists/unstable/main/binary-sparc/net/epic4-=
dbg_pre2.004-19990718-1.deb
MD5 checksum: 584d2e0470dae72c9f5afc0d2c976906
For not yet released architectures please refer to the appropriate
directory ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ .
--=20
For apt-get: deb http://security.debian.org/ stable updates
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates
Mailing list: debian-security-announce@lists.debian.org
--tv2SIFopg1r47n4a
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
iQCVAwUBN8TbPxRNm5Suj3z1AQGOEwP/VYuuqyQiiZkPLxj5WlQaoIABtywYsEJL
MWPKGQjwERMJ46bWhXnApd3l4p6andE9X6UFkRHcyVMODFFNIiqIVpoF0q9VAd0C
TJfzZDo37B/A4CBGj6iewvOM7y5Og6U8i/cfsJ5z7Q63NJGu9Mom7kPjQfpzbjQN
WhleQRZqb4M=
=lFcb
-----END PGP SIGNATURE-----
--tv2SIFopg1r47n4a--
--
To UNSUBSCRIBE, email to debian-security-announce-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org