Ohita pikanavigointi

• Tietoa Debianista
• Uutisia
• Debianin hankkiminen
• Tuki
• Kehittäjien nurkkaus
• Sivustokartta
• Haku

Debianin tietoturvatiedote

DSA-204-1 kdelibs -- mielivaltaisen ohjelman suorittaminen

Ilmoitettu:

5.12.2002

Vaikutuksen alaiset paketit:

kdelibs

Altis:

Kyllä

Viittaukset tietoturvatietokantoihin:

Mitren CVE-sanakirjassa: CVE-2002-1281, CVE-2002-1282.

Lisätietoa:

KDE-ryhmä on havainnut haavoittuvuuden KIO:n tukemissa eri verkkoprotokollissa. rlogin- ja telnet-protokollien toteutustapa mahdollistaa tietyllä tavalla muotoillun, HTML-sivulla tai HTML-sähköpostissa olevan URL-osoitteen kautta tai muun KIO:ta käyttävän sovelluksen kautta suorittaa järjestelmässä mielivaltaisia komentoja käyttämällä uhrin käyttäjätunnusta alttiilla koneella.

Ongelma on korjattu poistamalla rlogin ja telnet käytöstä nykyisen vakaan jakelun (woody) versiossa 2.2.2-13.woody.5 . Aikaisempi vakaa jakelu (potato) ei ole altis tälle haavoittuvuudelle koska se ei sisällä KDE:tä. Korjausta epävakaan jakelun (sid) paketille ei ole vielä saatavilla.

Suosittelemme päivittämään kdelibs3-paketin välittömästi.

Korjattu:

Debian GNU/Linux 3.0 (woody)

Lähde:

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs_2.2.2-13.woody.5.dsc

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs_2.2.2-13.woody.5.diff.gz

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs_2.2.2.orig.tar.gz

Arkkitehtuuririippumaton komponentti:

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-doc_2.2.2-13.woody.5_all.deb

Alpha:

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs-dev_2.2.2-13.woody.5_alpha.deb

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3_2.2.2-13.woody.5_alpha.deb

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-bin_2.2.2-13.woody.5_alpha.deb

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-cups_2.2.2-13.woody.5_alpha.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libarts_2.2.2-13.woody.5_alpha.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libarts-alsa_2.2.2-13.woody.5_alpha.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libarts-dev_2.2.2-13.woody.5_alpha.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libkmid_2.2.2-13.woody.5_alpha.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-alsa_2.2.2-13.woody.5_alpha.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-dev_2.2.2-13.woody.5_alpha.deb

ARM:

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs-dev_2.2.2-13.woody.5_arm.deb

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3_2.2.2-13.woody.5_arm.deb

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-bin_2.2.2-13.woody.5_arm.deb

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-cups_2.2.2-13.woody.5_arm.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libarts_2.2.2-13.woody.5_arm.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libarts-alsa_2.2.2-13.woody.5_arm.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libarts-dev_2.2.2-13.woody.5_arm.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libkmid_2.2.2-13.woody.5_arm.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-alsa_2.2.2-13.woody.5_arm.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-dev_2.2.2-13.woody.5_arm.deb

Intel IA-32:

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs-dev_2.2.2-13.woody.5_i386.deb

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3_2.2.2-13.woody.5_i386.deb

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-bin_2.2.2-13.woody.5_i386.deb

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-cups_2.2.2-13.woody.5_i386.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libarts_2.2.2-13.woody.5_i386.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libarts-alsa_2.2.2-13.woody.5_i386.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libarts-dev_2.2.2-13.woody.5_i386.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libkmid_2.2.2-13.woody.5_i386.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-alsa_2.2.2-13.woody.5_i386.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-dev_2.2.2-13.woody.5_i386.deb

Intel IA-64:

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs-dev_2.2.2-13.woody.5_ia64.deb

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3_2.2.2-13.woody.5_ia64.deb

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-bin_2.2.2-13.woody.5_ia64.deb

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-cups_2.2.2-13.woody.5_ia64.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libarts_2.2.2-13.woody.5_ia64.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libarts-alsa_2.2.2-13.woody.5_ia64.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libarts-dev_2.2.2-13.woody.5_ia64.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libkmid_2.2.2-13.woody.5_ia64.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-alsa_2.2.2-13.woody.5_ia64.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-dev_2.2.2-13.woody.5_ia64.deb

HPPA:

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs-dev_2.2.2-13.woody.5_hppa.deb

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3_2.2.2-13.woody.5_hppa.deb

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-bin_2.2.2-13.woody.5_hppa.deb

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-cups_2.2.2-13.woody.5_hppa.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libarts_2.2.2-13.woody.5_hppa.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libarts-alsa_2.2.2-13.woody.5_hppa.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libarts-dev_2.2.2-13.woody.5_hppa.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libkmid_2.2.2-13.woody.5_hppa.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-alsa_2.2.2-13.woody.5_hppa.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-dev_2.2.2-13.woody.5_hppa.deb

Motorola 680x0:

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs-dev_2.2.2-13.woody.5_m68k.deb

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3_2.2.2-13.woody.5_m68k.deb

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-bin_2.2.2-13.woody.5_m68k.deb

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-cups_2.2.2-13.woody.5_m68k.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libarts_2.2.2-13.woody.5_m68k.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libarts-alsa_2.2.2-13.woody.5_m68k.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libarts-dev_2.2.2-13.woody.5_m68k.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libkmid_2.2.2-13.woody.5_m68k.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-alsa_2.2.2-13.woody.5_m68k.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-dev_2.2.2-13.woody.5_m68k.deb

Big endian MIPS:

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs-dev_2.2.2-13.woody.5_mips.deb

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3_2.2.2-13.woody.5_mips.deb

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-bin_2.2.2-13.woody.5_mips.deb

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-cups_2.2.2-13.woody.5_mips.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libarts_2.2.2-13.woody.5_mips.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libarts-alsa_2.2.2-13.woody.5_mips.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libarts-dev_2.2.2-13.woody.5_mips.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libkmid_2.2.2-13.woody.5_mips.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-alsa_2.2.2-13.woody.5_mips.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-dev_2.2.2-13.woody.5_mips.deb

Little endian MIPS:

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs-dev_2.2.2-13.woody.5_mipsel.deb

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3_2.2.2-13.woody.5_mipsel.deb

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-bin_2.2.2-13.woody.5_mipsel.deb

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-cups_2.2.2-13.woody.5_mipsel.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libarts_2.2.2-13.woody.5_mipsel.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libarts-alsa_2.2.2-13.woody.5_mipsel.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libarts-dev_2.2.2-13.woody.5_mipsel.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libkmid_2.2.2-13.woody.5_mipsel.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-alsa_2.2.2-13.woody.5_mipsel.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-dev_2.2.2-13.woody.5_mipsel.deb

PowerPC:

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs-dev_2.2.2-13.woody.5_powerpc.deb

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3_2.2.2-13.woody.5_powerpc.deb

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-bin_2.2.2-13.woody.5_powerpc.deb

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-cups_2.2.2-13.woody.5_powerpc.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libarts_2.2.2-13.woody.5_powerpc.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libarts-alsa_2.2.2-13.woody.5_powerpc.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libarts-dev_2.2.2-13.woody.5_powerpc.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libkmid_2.2.2-13.woody.5_powerpc.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-alsa_2.2.2-13.woody.5_powerpc.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-dev_2.2.2-13.woody.5_powerpc.deb

IBM S/390:

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs-dev_2.2.2-13.woody.5_s390.deb

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3_2.2.2-13.woody.5_s390.deb

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-bin_2.2.2-13.woody.5_s390.deb

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-cups_2.2.2-13.woody.5_s390.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libarts_2.2.2-13.woody.5_s390.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libarts-alsa_2.2.2-13.woody.5_s390.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libarts-dev_2.2.2-13.woody.5_s390.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libkmid_2.2.2-13.woody.5_s390.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-alsa_2.2.2-13.woody.5_s390.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-dev_2.2.2-13.woody.5_s390.deb

Sun Sparc:

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs-dev_2.2.2-13.woody.5_sparc.deb

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3_2.2.2-13.woody.5_sparc.deb

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-bin_2.2.2-13.woody.5_sparc.deb

http://security.debian.org/pool/updates/main/k/kdelibs/kdelibs3-cups_2.2.2-13.woody.5_sparc.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libarts_2.2.2-13.woody.5_sparc.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libarts-alsa_2.2.2-13.woody.5_sparc.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libarts-dev_2.2.2-13.woody.5_sparc.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libkmid_2.2.2-13.woody.5_sparc.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-alsa_2.2.2-13.woody.5_sparc.deb

http://security.debian.org/pool/updates/main/k/kdelibs/libkmid-dev_2.2.2-13.woody.5_sparc.deb

Listattujen tiedostojen MD5-tarkistussummat ovat luettavissa alkuperäisestä tiedotteesta.

Tämä sivu on olemassa myös seuraavilla kielillä:

dansk Deutsch English español français 日本語 (Nihongo) Português Русский (Russkij) svenska 中文(简) 中文(HK) 中文(繁)

Oletuskielen asettamisohjeet