===================================================================== CERT-Renater Note d'Information No. 2006/VULN290 _____________________________________________________________________ DATE : 01/06/2006 HARDWARE PLATFORM(S) : / OPERATING SYSTEM(S) : Systems running lynx, lynx-ssl. ====================================================================== - - -------------------------------------------------------------------------- Debian Security Advisory DSA 1076-1 security@debian.org http://www.debian.org/security/ Martin Schulze May 26th, 2006 http://www.debian.org/security/faq - - -------------------------------------------------------------------------- Package : lynx Vulnerability : programming error Problem type : remote Debian-specific: no CVE ID : CVE-2004-1617 BugTraq ID : 11443 Debian Bug : 296340 Michal Zalewski discovered that lynx, the popular text-mode WWW Browser, is not able to grok invalid HTML including a TEXTAREA tag with a large COLS value and a large tag name in an element that is not terminated, and loops forever trying to render the broken HTML. For the old stable distribution (woody) this problem has been fixed in version 2.8.4.1b-3.4. For the stable distribution (sarge) this problem has been fixed in version 2.8.5-2sarge2. For the unstable distribution (sid) this problem has been fixed in version 2.8.5-2sarge2. We recommend that you upgrade your lynx package. Upgrade Instructions - - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given at the end of this advisory: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.0 alias woody - - -------------------------------- Source archives: http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.4.1b-3.4.dsc Size/MD5 checksum: 581 a9853909c61c5ef2fcc8868599f9b875 http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.4.1b-3.4.diff.gz Size/MD5 checksum: 16334 74bce8912c28f979c33055a012cf29d6 http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.4.1b.orig.tar.gz Size/MD5 checksum: 2557510 053a10f76b871e3944c11c7776da7f7a Alpha architecture: http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.4.1b-3.4_alpha.deb Size/MD5 checksum: 1610344 3e1ec04a0c6532506519e8051a0067b6 ARM architecture: http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.4.1b-3.4_arm.deb Size/MD5 checksum: 1487906 a06ad20f4d8a0ce1cc0d59a0dfa24e9b Intel IA-32 architecture: http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.4.1b-3.4_i386.deb Size/MD5 checksum: 1444914 cb6449afd1e3029d06606bf823e0f064 Intel IA-64 architecture: http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.4.1b-3.4_ia64.deb Size/MD5 checksum: 1762966 cb0b05d5cb148372fd2cd3d2e99843cc HP Precision architecture: http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.4.1b-3.4_hppa.deb Size/MD5 checksum: 1555454 79392b2914654a7d4519247d9584e816 Motorola 680x0 architecture: http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.4.1b-3.4_m68k.deb Size/MD5 checksum: 1405980 1df4dff2fc4191ee512811e0ac42c361 Big endian MIPS architecture: http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.4.1b-3.4_mips.deb Size/MD5 checksum: 1508022 d5b58fc5611b1ea1d37bc5a1034478f1 Little endian MIPS architecture: http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.4.1b-3.4_mipsel.deb Size/MD5 checksum: 1504120 1078ef11583d9664fecd2d9d5712ecad PowerPC architecture: http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.4.1b-3.4_powerpc.deb Size/MD5 checksum: 1491256 2967d2f0c3a722b4b42a2b06510aabcc IBM S/390 architecture: http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.4.1b-3.4_s390.deb Size/MD5 checksum: 1463536 5a5692d6d572ef301d052e7e8c62d004 Sun Sparc architecture: http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.4.1b-3.4_sparc.deb Size/MD5 checksum: 1492926 6bb21df62a773736a1f694cedacea3de Debian GNU/Linux 3.1 alias sarge - - -------------------------------- Source archives: http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.5-2sarge2.dsc Size/MD5 checksum: 616 241c00a777c333b7270d8dbdaa4ad210 http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.5-2sarge2.diff.gz Size/MD5 checksum: 17357 22b394977569bbeda207bfb5bcb42175 http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.5.orig.tar.gz Size/MD5 checksum: 2984352 5f516a10596bd52c677f9bfd9579bc28 Alpha architecture: http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.5-2sarge2_alpha.deb Size/MD5 checksum: 1994618 4a23d6234470f59a47100bcd13d18a51 AMD64 architecture: http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.5-2sarge2_amd64.deb Size/MD5 checksum: 1881876 046312043fffdbcf5ad218074e21e119 ARM architecture: http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.5-2sarge2_arm.deb Size/MD5 checksum: 1853176 0d33e5835a479accab8c3282cdc19c14 Intel IA-32 architecture: http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.5-2sarge2_i386.deb Size/MD5 checksum: 1854894 1e525c61aac1e0fac0ddad4d9e15d8f6 Intel IA-64 architecture: http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.5-2sarge2_ia64.deb Size/MD5 checksum: 2128572 78bfa4c383e41d352b67595da80904c9 HP Precision architecture: http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.5-2sarge2_hppa.deb Size/MD5 checksum: 1909746 371fb69c98ff2e510861ba210ec11bda Motorola 680x0 architecture: http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.5-2sarge2_m68k.deb Size/MD5 checksum: 1780836 bdf8b0d6a711cf21202ef86189cfb8bf Big endian MIPS architecture: http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.5-2sarge2_mips.deb Size/MD5 checksum: 1894118 9be5baba4f5e3f99b618553c4252b289 Little endian MIPS architecture: http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.5-2sarge2_mipsel.deb Size/MD5 checksum: 1889604 11840739365387bb4741099f9310c77c PowerPC architecture: http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.5-2sarge2_powerpc.deb Size/MD5 checksum: 1878302 4885a52c8ad1992335f5c9f87ef522cf IBM S/390 architecture: http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.5-2sarge2_s390.deb Size/MD5 checksum: 1866982 8125a8d85817c29d3984fdb2d2ac4df6 Sun Sparc architecture: http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.5-2sarge2_sparc.deb Size/MD5 checksum: 1861484 407b283a4c8656a0ef1a5935780c8204 These files will probably be moved into the stable distribution on its next update. - - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/ - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (GNU/Linux) iD8DBQFEdwhJW5ql+IAeqTIRAr+IAJ9Qn7H5oFJJYyZuN8oaxgUXsZAy+ACgjRn7 aWMRPJtnJ5Xf2D5V0OuRTic= =n7+V - -----END PGP SIGNATURE----- - ---------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - -------------------------------------------------------------------------- Debian Security Advisory DSA 1077-1 security@debian.org http://www.debian.org/security/ Martin Schulze May 26th, 2006 http://www.debian.org/security/faq - - -------------------------------------------------------------------------- Package : lynx-ssl Vulnerability : programming error Problem type : remote Debian-specific: no CVE ID : CVE-2004-1617 BugTraq ID : 11443 Debian Bug : 296340 Michal Zalewski discovered that lynx, the popular text-mode WWW Browser, is not able to grok invalid HTML including a TEXTAREA tag with a large COLS value and a large tag name in an element that is not terminated, and loops forever trying to render the broken HTML. The same code is present in lynx-ssl. For the old stable distribution (woody) this problem has been fixed in version 2.8.4.1b-3.3. The stable distribution (sarge) does not contain lynx-ssl packages anymore. The unstable distribution (sid) does not contain lynx-ssl packages anymore. We recommend that you upgrade your lynx-ssl package. Upgrade Instructions - - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given at the end of this advisory: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.0 alias woody - - -------------------------------- Source archives: http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.4.1b-3.3.dsc Size/MD5 checksum: 611 7ee1218eb5536e5a79b644dd7b56af53 http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.4.1b-3.3.diff.gz Size/MD5 checksum: 89483 c46454ac050fff129e77eb0f4b151517 http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.4.1b.orig.tar.gz Size/MD5 checksum: 2557510 053a10f76b871e3944c11c7776da7f7a Alpha architecture: http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.4.1b-3.3_alpha.deb Size/MD5 checksum: 1617522 9dd7997b45df6331c660e2afca324840 ARM architecture: http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.4.1b-3.3_arm.deb Size/MD5 checksum: 1491938 de3a7656d192e5bca1cb9d3bd1ff84ff Intel IA-32 architecture: http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.4.1b-3.3_i386.deb Size/MD5 checksum: 1450298 ef8c2a423c1530b21a79a834776abba7 Intel IA-64 architecture: http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.4.1b-3.3_ia64.deb Size/MD5 checksum: 1769276 ad79ec138883ce575cb528346fb7b074 HP Precision architecture: http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.4.1b-3.3_hppa.deb Size/MD5 checksum: 1559678 4e725d8701a1721784d490f000da3199 Motorola 680x0 architecture: http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.4.1b-3.3_m68k.deb Size/MD5 checksum: 1410804 f8a1018bc195fc4972cff586e9694163 Big endian MIPS architecture: http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.4.1b-3.3_mips.deb Size/MD5 checksum: 1512074 5c395f3cbda76895a061e79913633853 Little endian MIPS architecture: http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.4.1b-3.3_mipsel.deb Size/MD5 checksum: 1508018 ead159d28f1fb4a60f25e077e4c122f0 PowerPC architecture: http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.4.1b-3.3_powerpc.deb Size/MD5 checksum: 1497258 512c921d1ef663439d51b4ba7cc203ef IBM S/390 architecture: http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.4.1b-3.3_s390.deb Size/MD5 checksum: 1468830 7ccab81df77cd4ffd0553707adf820a6 Sun Sparc architecture: http://security.debian.org/pool/updates/main/l/lynx-ssl/lynx-ssl_2.8.4.1b-3.3_sparc.deb Size/MD5 checksum: 1497292 40f28922fce6ad486d5c46c56fa822f1 These files will probably be moved into the stable distribution on its next update. - - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/ ====================================================================== ========================================================= Les serveurs de référence du CERT-Renater http://www.urec.fr/securite http://www.cru.fr/securite http://www.renater.fr ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 151 bd de l'Hopital | fax : 01-53-94-20-41 + + 75013 Paris | email: certsvp@renater.fr + =========================================================