安全研究
安全漏洞
GNOME glib Base64编码解码多个整数溢出漏洞
发布日期:2009-03-12
更新日期:2009-03-13
受影响系统:
GNOME glib >= 2.12 stable不受影响系统:
GNOME glib >= 2.11 unstable
GNOME glib 2.20描述:
BUGTRAQ ID: 34100
CVE(CAN) ID: CVE-2008-4316,CVE-2009-0586,CVE-2009-0587,CVE-2009-0585
GLib是GTK+和GNOME工程的基础底层核心程序库,是一个综合用途的轻量级的C程序库。
glib库的Base64编码解码函数在处理超长字符串时没有正确地分配内存,在所有情况下都会使用用户提供值所计算出的长度分配堆内存:
g_malloc(user_supplied_length * 3 / 4 + some_small_num)
由于算术运算的评估次序,长度在除以4之前首先乘以3,因此用于分配长度的计算参数可能溢出,导致分配不足的区域。
<*来源:Will Drewry (wad@google.com)
链接:http://marc.info/?l=oss-security&m=123687411025451&w=2
http://marc.info/?l=full-disclosure&m=123690842910529&w=2
https://www.redhat.com/support/errata/RHSA-2009-0354.html
https://www.redhat.com/support/errata/RHSA-2009-0355.html
https://www.redhat.com/support/errata/RHSA-2009-0358.html
https://www.redhat.com/support/errata/RHSA-2009-0344.html
http://www.debian.org/security/2009/dsa-1748
http://www.debian.org/security/2009/dsa-1747
https://www.redhat.com/support/errata/RHSA-2009-0336.html
http://www.debian.org/security/2009/dsa-1813
http://www.debian.org/security/2009/dsa-1813
*>
建议:
厂商补丁:
Debian
------
Debian已经为此发布了一个安全公告(DSA-1747-1)以及相应补丁:
DSA-1747-1:New glib2.0 packages fix arbitrary code execution
链接:http://www.debian.org/security/2009/dsa-1747
补丁下载:
Source archives:
http://security.debian.org/pool/updates/main/g/glib2.0/glib2.0_2.12.4.orig.tar.gz
Size/MD5 checksum: 3838981 d121999e4cdfdc68621e3eb23f66cd66
http://security.debian.org/pool/updates/main/g/glib2.0/glib2.0_2.12.4-2+etch1.dsc
Size/MD5 checksum: 1499 18cae69e02a1227e09226857626c0533
http://security.debian.org/pool/updates/main/g/glib2.0/glib2.0_2.12.4-2+etch1.diff.gz
Size/MD5 checksum: 18438 9b22fc1fa8d82aded0a08cc9a7a6f55d
Architecture independent packages:
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-data_2.12.4-2+etch1_all.deb
Size/MD5 checksum: 285378 f30d726d7a8aa293c9b4c5b864b61ce6
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-doc_2.12.4-2+etch1_all.deb
Size/MD5 checksum: 737208 275321184f9ed1e0edb0a6a26f477836
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-udeb_2.12.4-2+etch1_alpha.udeb
Size/MD5 checksum: 660018 7eb178037a58b0aa675b02caab127538
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0_2.12.4-2+etch1_alpha.deb
Size/MD5 checksum: 561114 f564925a0a93600dd07e336ab3414077
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-dev_2.12.4-2+etch1_alpha.deb
Size/MD5 checksum: 772822 6617975204dd5a8b96549bab7edb05d4
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0-dbg_2.12.4-2+etch1_alpha.deb
Size/MD5 checksum: 600216 fd6feec3f3d92b19ab6736c059f9adbf
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-dev_2.12.4-2+etch1_amd64.deb
Size/MD5 checksum: 595848 44d3bded85806ec86c1da38350791e39
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0-dbg_2.12.4-2+etch1_amd64.deb
Size/MD5 checksum: 605210 561ab303f654edd1c3da1e854eb1c162
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0_2.12.4-2+etch1_amd64.deb
Size/MD5 checksum: 547570 4796b12af73cbe7c18ce91cf300f9049
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-udeb_2.12.4-2+etch1_amd64.udeb
Size/MD5 checksum: 656440 735a0b44ed7edf2eac961beae0046b43
arm architecture (ARM)
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-udeb_2.12.4-2+etch1_arm.udeb
Size/MD5 checksum: 622256 dc73ea0f82d4268fc00a7cedb0e38ab0
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0_2.12.4-2+etch1_arm.deb
Size/MD5 checksum: 513506 a8d4f32a3193c7c020782c4b838e3494
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-dev_2.12.4-2+etch1_arm.deb
Size/MD5 checksum: 537132 95ba75ae0b010885405b892f4a091c4f
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0-dbg_2.12.4-2+etch1_arm.deb
Size/MD5 checksum: 554820 f2b3e61b465bb077da5d871b73f1064b
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0-dbg_2.12.4-2+etch1_hppa.deb
Size/MD5 checksum: 584818 06d00ef19400440a20a3590332bbebd2
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-dev_2.12.4-2+etch1_hppa.deb
Size/MD5 checksum: 678246 e752013d28a0cd142b272cd0b07d1e01
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0_2.12.4-2+etch1_hppa.deb
Size/MD5 checksum: 577464 5035801a0d2495f4410b0730ef6294f5
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-udeb_2.12.4-2+etch1_hppa.udeb
Size/MD5 checksum: 692998 f8fc11ac6cf2c19cd6428053065edd7e
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0-dbg_2.12.4-2+etch1_i386.deb
Size/MD5 checksum: 572604 dc952ccba42c2e28506e95ffdb328cc9
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0_2.12.4-2+etch1_i386.deb
Size/MD5 checksum: 504146 d47f9ab4a1b92d810b5caebc5eb1bb57
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-dev_2.12.4-2+etch1_i386.deb
Size/MD5 checksum: 542130 3bd53805a2e18efe9ad0517200f40e0e
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-udeb_2.12.4-2+etch1_i386.udeb
Size/MD5 checksum: 617804 814c6becbdead8fc110f03aa38233692
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-udeb_2.12.4-2+etch1_ia64.udeb
Size/MD5 checksum: 775542 5426ed5dde982327419b7c11709831b0
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0_2.12.4-2+etch1_ia64.deb
Size/MD5 checksum: 675700 edc97c9e93fe5551e4a6aabaa639f664
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-dev_2.12.4-2+etch1_ia64.deb
Size/MD5 checksum: 823214 db779a6159a45c7b08ccd976aaabcc89
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0-dbg_2.12.4-2+etch1_ia64.deb
Size/MD5 checksum: 553172 cca719465dd1a5a9b3fca46f2cde29bd
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-udeb_2.12.4-2+etch1_mips.udeb
Size/MD5 checksum: 618746 6dc6beb4d8b103097a86fdf20f7e01cc
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-dev_2.12.4-2+etch1_mips.deb
Size/MD5 checksum: 664972 e666d4f859588ba3502858d488cf389a
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0_2.12.4-2+etch1_mips.deb
Size/MD5 checksum: 519790 91261c5061a4af1ebc716d984a036655
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0-dbg_2.12.4-2+etch1_mips.deb
Size/MD5 checksum: 620362 a25783de84a6fed345196200b72e643b
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-udeb_2.12.4-2+etch1_mipsel.udeb
Size/MD5 checksum: 615858 4266787b97a6c39d583a2f719d49d8fa
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0_2.12.4-2+etch1_mipsel.deb
Size/MD5 checksum: 516978 d07d1c7143a220dc266317ca46d6418a
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-dev_2.12.4-2+etch1_mipsel.deb
Size/MD5 checksum: 660188 487187ec7ad60d5eee8bc7eac7e41172
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0-dbg_2.12.4-2+etch1_mipsel.deb
Size/MD5 checksum: 601544 c602457e3226b7180fbdbc926783d798
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0-dbg_2.12.4-2+etch1_powerpc.deb
Size/MD5 checksum: 604394 e95bb4fc683971d049963f202c1f3b24
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0_2.12.4-2+etch1_powerpc.deb
Size/MD5 checksum: 536720 a93585031b8a6c2cf7972ecf10c9965d
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-dev_2.12.4-2+etch1_powerpc.deb
Size/MD5 checksum: 633886 e33c35a1785eed680dac20753e655889
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-udeb_2.12.4-2+etch1_powerpc.udeb
Size/MD5 checksum: 636080 3c5dbf194f3997a7d75346f4c3ab8b24
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0_2.12.4-2+etch1_s390.deb
Size/MD5 checksum: 560072 50bcc237c745feba70c49de0f02e2b19
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-udeb_2.12.4-2+etch1_s390.udeb
Size/MD5 checksum: 658940 64edce8303048523d35d2dec7e5a2977
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0-dbg_2.12.4-2+etch1_s390.deb
Size/MD5 checksum: 593990 d3acb08fe0726c3ecb33666e3d043829
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-dev_2.12.4-2+etch1_s390.deb
Size/MD5 checksum: 586524 9609be9f39811f46e0fcd1ac37a0b28e
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-udeb_2.12.4-2+etch1_sparc.udeb
Size/MD5 checksum: 626188 b5826dc12267f801fb696fea9d195cef
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0-dbg_2.12.4-2+etch1_sparc.deb
Size/MD5 checksum: 527680 e7407bcc9e83d86ce87fa51fbd701bf8
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0_2.12.4-2+etch1_sparc.deb
Size/MD5 checksum: 523110 1a31a70f5f00493e089e337ceeb65834
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-dev_2.12.4-2+etch1_sparc.deb
Size/MD5 checksum: 590100 989dc5ea3b46bb74e7d1bc8b47a90084
Debian GNU/Linux 5.0 alias lenny
- --------------------------------
Debian (stable)
- ---------------
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/g/glib2.0/glib2.0_2.16.6.orig.tar.gz
Size/MD5 checksum: 6491460 65c594a471406a377bee8171a2ea43d4
http://security.debian.org/pool/updates/main/g/glib2.0/glib2.0_2.16.6-1+lenny1.dsc
Size/MD5 checksum: 1475 59ca34e703bf0a798746cdeca3a2c051
http://security.debian.org/pool/updates/main/g/glib2.0/glib2.0_2.16.6-1+lenny1.diff.gz
Size/MD5 checksum: 32351 22cac59cf4481cdddc9802be93dc4100
Architecture independent packages:
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-data_2.16.6-1+lenny1_all.deb
Size/MD5 checksum: 699192 9edb95995e450eb2609589b2606c8e6b
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-doc_2.16.6-1+lenny1_all.deb
Size/MD5 checksum: 1157604 ab17084a6d7d448c1316d6e247ae5cdc
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/g/glib2.0/libgio-fam_2.16.6-1+lenny1_alpha.deb
Size/MD5 checksum: 48144 42829ec5a479bc1c261e45c5f081cf57
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0-dbg_2.16.6-1+lenny1_alpha.deb
Size/MD5 checksum: 1168176 1fabc7d811618647b73deccc2455c807
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-udeb_2.16.6-1+lenny1_alpha.udeb
Size/MD5 checksum: 1340028 17257a012f6697e578e434f5204ff71c
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0_2.16.6-1+lenny1_alpha.deb
Size/MD5 checksum: 855652 8fb764ffe204dc53cc3c7215a7ce3302
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-dev_2.16.6-1+lenny1_alpha.deb
Size/MD5 checksum: 1305662 d580244555cfb00065dfa4e990329cc6
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0_2.16.6-1+lenny1_amd64.deb
Size/MD5 checksum: 826938 87687e0cd4a03c7fbcaebad25ca07436
http://security.debian.org/pool/updates/main/g/glib2.0/libgio-fam_2.16.6-1+lenny1_amd64.deb
Size/MD5 checksum: 46542 8cbe7a8cd81a83ac4362b85b6c8b563c
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0-dbg_2.16.6-1+lenny1_amd64.deb
Size/MD5 checksum: 1206420 16cfc02b6ff9d1c25ecd72a25c0dd404
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-dev_2.16.6-1+lenny1_amd64.deb
Size/MD5 checksum: 989946 66e6c9941573937ffc015fe4356d1b81
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-udeb_2.16.6-1+lenny1_amd64.udeb
Size/MD5 checksum: 1310078 14bbc4e19f36469df8d57ab454a5daf0
arm architecture (ARM)
http://security.debian.org/pool/updates/main/g/glib2.0/libgio-fam_2.16.6-1+lenny1_arm.deb
Size/MD5 checksum: 44216 193ae5a572f657643336727255903acd
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0-dbg_2.16.6-1+lenny1_arm.deb
Size/MD5 checksum: 1114848 ae22838c5dc08519246d7a47de18fdda
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-dev_2.16.6-1+lenny1_arm.deb
Size/MD5 checksum: 879064 ca385238c2f3cc0e0cf1fd8a4321101c
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0_2.16.6-1+lenny1_arm.deb
Size/MD5 checksum: 754714 fded0b0a29661d508feb4b396769ddb3
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-udeb_2.16.6-1+lenny1_arm.udeb
Size/MD5 checksum: 1241438 ec0eb4cee4d7c35aee435f826cbfa13e
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/g/glib2.0/libgio-fam_2.16.6-1+lenny1_armel.deb
Size/MD5 checksum: 45008 f1b5f41ba2ff4343fe9bc98c23512d7b
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0_2.16.6-1+lenny1_armel.deb
Size/MD5 checksum: 760756 9c220de8a899a48d62edaf159b7a464d
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-dev_2.16.6-1+lenny1_armel.deb
Size/MD5 checksum: 881884 57c1be74d90eea74504ee6f4bc0de710
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0-dbg_2.16.6-1+lenny1_armel.deb
Size/MD5 checksum: 1125068 f2bfe40c3f9e27ed802001e074add3e7
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-udeb_2.16.6-1+lenny1_armel.udeb
Size/MD5 checksum: 1247792 c5ba104a4979a6971bce84769c7debec
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0-dbg_2.16.6-1+lenny1_hppa.deb
Size/MD5 checksum: 1146756 7c27c6a31734fb85f2b35fc754cd47e2
http://security.debian.org/pool/updates/main/g/glib2.0/libgio-fam_2.16.6-1+lenny1_hppa.deb
Size/MD5 checksum: 47768 4542b3e09b7ef54e3ab1fe272a6042f4
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0_2.16.6-1+lenny1_hppa.deb
Size/MD5 checksum: 867244 093cba5e2c82d3b09c157c884a9c09db
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-udeb_2.16.6-1+lenny1_hppa.udeb
Size/MD5 checksum: 1351116 ff89e43dc1f82ea565c50de2319be25a
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-dev_2.16.6-1+lenny1_hppa.deb
Size/MD5 checksum: 1109946 a411fa4e251b11767766725047030b23
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/g/glib2.0/libgio-fam_2.16.6-1+lenny1_i386.deb
Size/MD5 checksum: 44986 4c5a710552b3329cc2e35d3872a79b49
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-udeb_2.16.6-1+lenny1_i386.udeb
Size/MD5 checksum: 1242020 8ade245d65708696056cf5f1d9ee46dd
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0-dbg_2.16.6-1+lenny1_i386.deb
Size/MD5 checksum: 1133696 49867c28e81a7f0f890e3e336a365114
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-dev_2.16.6-1+lenny1_i386.deb
Size/MD5 checksum: 875572 03c8c2e283e9208646ccb9b7f2d23d1c
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0_2.16.6-1+lenny1_i386.deb
Size/MD5 checksum: 757404 2f82e374c1a6d0e2f5c9036d10b3ecaa
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-dev_2.16.6-1+lenny1_ia64.deb
Size/MD5 checksum: 1341098 512e890f3f863073936c2e3fa74a90aa
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-udeb_2.16.6-1+lenny1_ia64.udeb
Size/MD5 checksum: 1517072 f41e9e0d7af732d0631cbdb5f3cfabf9
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0_2.16.6-1+lenny1_ia64.deb
Size/MD5 checksum: 1033016 a10cbb31110f8c08f6a73ec653003e15
http://security.debian.org/pool/updates/main/g/glib2.0/libgio-fam_2.16.6-1+lenny1_ia64.deb
Size/MD5 checksum: 48660 8e30c1662007d7b5fa3e3ca2748875b3
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0-dbg_2.16.6-1+lenny1_ia64.deb
Size/MD5 checksum: 1066564 82eeaa77b3604794fe2d104a80231ac6
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0_2.16.6-1+lenny1_mips.deb
Size/MD5 checksum: 765606 dc38fe41b9ff26a76c5be413921ae675
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-dev_2.16.6-1+lenny1_mips.deb
Size/MD5 checksum: 1109400 d3a8702c9ba35635b91e0a9b28171c9a
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0-dbg_2.16.6-1+lenny1_mips.deb
Size/MD5 checksum: 1208172 c8b057ffbc17d1d22441d60e22385923
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-udeb_2.16.6-1+lenny1_mips.udeb
Size/MD5 checksum: 1249840 57027659c0d9b4ccf61f143830e4be8e
http://security.debian.org/pool/updates/main/g/glib2.0/libgio-fam_2.16.6-1+lenny1_mips.deb
Size/MD5 checksum: 46300 bd0452428e7ad483823709131ca041eb
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0_2.16.6-1+lenny1_mipsel.deb
Size/MD5 checksum: 762054 296ed0568d52e2269858e9bc95781f09
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-dev_2.16.6-1+lenny1_mipsel.deb
Size/MD5 checksum: 1103662 a187d014180c5ca0a90118ec6fbb2d3e
http://security.debian.org/pool/updates/main/g/glib2.0/libgio-fam_2.16.6-1+lenny1_mipsel.deb
Size/MD5 checksum: 46234 04fbb46ead5b0a5b6298daaf3027bdab
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-udeb_2.16.6-1+lenny1_mipsel.udeb
Size/MD5 checksum: 1246236 bb51d0f9d011a392bd30effc5f36cdbe
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0-dbg_2.16.6-1+lenny1_mipsel.deb
Size/MD5 checksum: 1180250 b8dff999366e8668bbb34244ea54c287
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-dev_2.16.6-1+lenny1_powerpc.deb
Size/MD5 checksum: 1036550 298e96d7ca00305320ec37b630072e46
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0_2.16.6-1+lenny1_powerpc.deb
Size/MD5 checksum: 828168 37c583fbc4b92709d36d40f1d94852b9
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0-dbg_2.16.6-1+lenny1_powerpc.deb
Size/MD5 checksum: 1190934 3f426ba1d4f4d02bbfd2a22caf28b07e
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-udeb_2.16.6-1+lenny1_powerpc.udeb
Size/MD5 checksum: 1312094 2ddd933a05b3d11179c6a3d4a35ccabb
http://security.debian.org/pool/updates/main/g/glib2.0/libgio-fam_2.16.6-1+lenny1_powerpc.deb
Size/MD5 checksum: 46412 6ab96dbd649904660c21a296eccb3ca4
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-dev_2.16.6-1+lenny1_s390.deb
Size/MD5 checksum: 976948 312fca5d0c6c295df8bf6205debd4674
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0-dbg_2.16.6-1+lenny1_s390.deb
Size/MD5 checksum: 1203208 efcf9510f437ab4ac17ab4c36390a45f
http://security.debian.org/pool/updates/main/g/glib2.0/libgio-fam_2.16.6-1+lenny1_s390.deb
Size/MD5 checksum: 46418 c4227d7ca4f5d2ecad94280a8ef294ed
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0_2.16.6-1+lenny1_s390.deb
Size/MD5 checksum: 848036 39078eedb2f402c3ecdffc6a48baf223
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-udeb_2.16.6-1+lenny1_s390.udeb
Size/MD5 checksum: 1332566 04c6e0c0dd0c605f78edbb65b1479c69
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-dev_2.16.6-1+lenny1_sparc.deb
Size/MD5 checksum: 944480 6c68c1556414d83568a16ce6bc24d614
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0-dbg_2.16.6-1+lenny1_sparc.deb
Size/MD5 checksum: 1036602 9cc7e6e15911c61406de1c45a1176e29
http://security.debian.org/pool/updates/main/g/glib2.0/libgio-fam_2.16.6-1+lenny1_sparc.deb
Size/MD5 checksum: 45516 498de22f23fcdd99f7c7d1a553042a79
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-udeb_2.16.6-1+lenny1_sparc.udeb
Size/MD5 checksum: 1261410 26e6d6a646ca371aec4042bd7fd23c18
http://security.debian.org/pool/updates/main/g/glib2.0/libglib2.0-0_2.16.6-1+lenny1_sparc.deb
Size/MD5 checksum: 776472 31dfa0d8e3c70cab166b8a632ff2a167
补丁安装方法:
1. 手工安装补丁包:
首先,使用下面的命令来下载补丁软件:
# wget url (url是补丁下载链接地址)
然后,使用下面的命令来安装补丁:
# dpkg -i file.deb (file是相应的补丁名)
2. 使用apt-get自动安装补丁包:
首先,使用下面的命令更新内部数据库:
# apt-get update
然后,使用下面的命令安装更新软件包:
# apt-get upgrade
GNOME
-----
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
http://ocert.org/patches/2008-015/glib-CVE-2008-4316.diff
http://ocert.org/patches/2008-015/gst-plugins-base-CVE-2009-0586.diff
http://ocert.org/patches/2008-015/camel-CVE-2009-0587.diff
http://ocert.org/patches/2008-015/evc-CVE-2009-0587.diff
http://ocert.org/patches/2008-015/libsoup-base64-CVE-2009-0585.diff
RedHat
------
RedHat已经为此发布了一个安全公告(RHSA-2009:0336-01)以及相应补丁:
RHSA-2009:0336-01:Moderate: glib2 security update
链接:https://www.redhat.com/support/errata/RHSA-2009-0336.html
浏览次数:5942
严重程度:0(网友投票)
绿盟科技给您安全的保障