Secunia - Stay Secure
Gartner
Home Corporate Website Jobs Mailing Lists RSS Blog New entry Advertise
Software Inspectors
  Scan Online
  Personal (PSI)
  Network (NSI 2.0)
  - NEW -

Solutions For
  Security Professionals
  Security Vendors

Free Solutions For
  Open Communities
  Journalists & Media

Secunia Advisories
  Search
  Historic Advisories
  Listed By Product
  Listed By Vendor
  Statistics / Graphs
  Secunia Research
  Report Vulnerability
  About Advisories

Virus Information
  Chronological List
  Last 10 Virus Alerts
  About Virus Information

Secunia Customers
  Customer Area


Debian update for alsa-driver Advisory Available in German 

Secunia Advisory: SA29054  
Release Date: 2008-02-25

Critical:
Not critical
Impact: Exposure of sensitive information
Where: Local system
Solution Status: Vendor Patch

OS:Debian GNU/Linux 3.1
Debian GNU/Linux 4.0
Debian GNU/Linux unstable alias sid


CVE reference:CVE-2007-4571 (Secunia mirror)
Want to know the next time vulnerabilities are fixed in this product?
- Companies can be alerted via email and SMS!


Description:
Debian has issued an update for alsa-driver. This fixes a vulnerability, which can be exploited by malicious, local users to disclose potentially sensitive information.

For more information:
SA26918

Solution:
Apply updated packages.

-- Debian GNU/Linux 3.1 alias sarge --

Source archives:

http://security.debian.org/pool/updat...-driver/alsa-driver_1.0.8-7sarge1.dsc
Size/MD5 checksum: 856 948be734bc12fb0ff08dfc1955d5e77d
http://security.debian.org/pool/updat...ver/alsa-driver_1.0.8-7sarge1.diff.gz
Size/MD5 checksum: 150046 050e64b0872e80fb3151a4392d80dd08
http://security.debian.org/pool/updat...-driver/alsa-driver_1.0.8.orig.tar.gz
Size/MD5 checksum: 2493810 5d5e44e35ed109e2c293a20bd9d68489
http://security.debian.org/pool/updat...6/alsa-modules-i386_1.0.8+2sarge2.dsc
Size/MD5 checksum: 1121 2e094a561912a0acf6cc5edf3f122ca8
http://security.debian.org/pool/updat...lsa-modules-i386_1.0.8+2sarge2.tar.gz
Size/MD5 checksum: 5249 1604fe719636c98547f287653a7cf0a8

Architecture independent packages:

http://security.debian.org/pool/updat...er/alsa-headers_1.0.8-7sarge1_all.deb
Size/MD5 checksum: 13140 faa9b7ad33aeaa2dd7855616b9744a08
http://security.debian.org/pool/updat...ver/alsa-source_1.0.8-7sarge1_all.deb
Size/MD5 checksum: 2003186 e5d0518e4fce125fe34a3fa22693e462
http://security.debian.org/pool/updat...river/alsa-base_1.0.8-7sarge1_all.deb
Size/MD5 checksum: 113854 7f369a8728e533884cd2ff081047f18a

i386 architecture (Intel ia32)

http://security.debian.org/pool/updat...s-2.4.27-4-386_1.0.8+2sarge2_i386.deb
Size/MD5 checksum: 1262528 ff0e8032f0ea8b5ea174c97a7dd20da7
http://security.debian.org/pool/updat...s-2.4.27-4-686_1.0.8+2sarge2_i386.deb
Size/MD5 checksum: 1369022 2c141d44bb23f0ff23fc4051a064dbe9
http://security.debian.org/pool/updat...odules-2.4-386_1.0.8+2sarge2_i386.deb
Size/MD5 checksum: 4396 7329077b0171010fb61d5c3bc18eb306
http://security.debian.org/pool/updat....4.27-4-k7-smp_1.0.8+2sarge2_i386.deb
Size/MD5 checksum: 1381190 874346a5f9bbce101ce1effbb10209aa
http://security.debian.org/pool/updat...les-2.4-k7-smp_1.0.8+2sarge2_i386.deb
Size/MD5 checksum: 4478 172afe01c05d84d413c730f92265d985
http://security.debian.org/pool/updat...4.27-4-686-smp_1.0.8+2sarge2_i386.deb
Size/MD5 checksum: 1412810 cc8bf0b6f778ca428dd1f2aa219898a7
http://security.debian.org/pool/updat...es-2.4-686-smp_1.0.8+2sarge2_i386.deb
Size/MD5 checksum: 4500 afd217d917c37147ae61f304e250a6fa
http://security.debian.org/pool/updat...odules-2.4-686_1.0.8+2sarge2_i386.deb
Size/MD5 checksum: 4424 d3092f18e1ad781c7f31e25f101a21d8
http://security.debian.org/pool/updat...es-2.4.27-4-k6_1.0.8+2sarge2_i386.deb
Size/MD5 checksum: 1273414 80b20a46c7db9db7f2529980ca0b428d
http://security.debian.org/pool/updat...modules-2.4-k7_1.0.8+2sarge2_i386.deb
Size/MD5 checksum: 4404 3b5b282a073c7c1bf0e00c6e97fb7828
http://security.debian.org/pool/updat...es-2.4.27-4-k7_1.0.8+2sarge2_i386.deb
Size/MD5 checksum: 1341600 5dc6b283f17aa35cfc1ea2f4f00a5805
http://security.debian.org/pool/updat....4.27-4-586tsc_1.0.8+2sarge2_i386.deb
Size/MD5 checksum: 1289658 01d76b0a6ab3ce4d46b313d176692686
http://security.debian.org/pool/updat...les-2.4-586tsc_1.0.8+2sarge2_i386.deb
Size/MD5 checksum: 4416 fd54e30a86bf2c6995a4e805e6ffb340
http://security.debian.org/pool/updat...modules-2.4-k6_1.0.8+2sarge2_i386.deb
Size/MD5 checksum: 4410 5d64373b3207881b0e5fe8736d4c3e00

-- Debian GNU/Linux 4.0 alias etch --

Source archives:

http://security.debian.org/pool/updat...ver/alsa-driver_1.0.13-5etch1.diff.gz
Size/MD5 checksum: 269718 b346005adcdc73426c37065eea9a2c25
http://security.debian.org/pool/updat...driver/alsa-driver_1.0.13.orig.tar.gz
Size/MD5 checksum: 3047163 0d0a4bb89b8b47d6e1d267137c5c8ef8
http://security.debian.org/pool/updat...-driver/alsa-driver_1.0.13-5etch1.dsc
Size/MD5 checksum: 860 e82a3d193fbf5ac715abfbaaaea1b66f

Architecture independent packages:

http://security.debian.org/pool/updat...ver/alsa-source_1.0.13-5etch1_all.deb
Size/MD5 checksum: 2543382 8b7ab44905f0650255d207bc2bcf9de6
http://security.debian.org/pool/updat...river/alsa-base_1.0.13-5etch1_all.deb
Size/MD5 checksum: 172574 d1b52f2b757b7767548eade4e14c512a
http://security.debian.org/pool/updat...inux-sound-base_1.0.13-5etch1_all.deb
Size/MD5 checksum: 28502 c223d863a84d44d783efdce31339728a

-- Debian GNU/Linux unstable alias sid --

Fixed in version 1.0.15-1.

Original Advisory:
http://lists.debian.org/debian-security-announce/2008/msg00069.html

Other References:
SA26918:
http://secunia.com/advisories/26918/


Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.

Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.

1210 Related Secunia Security Advisories, displaying 10

1. Debian update for rdesktop
2. Debian update for php5
3. Debian update for kazehakase
4. Debian update for blender
5. Debian update for b2evolution
6. Debian update for cacti
7. Debian update for asterisk
8. Debian update for kernel
9. Debian update for wordpress
10. Debian update for iceape

Show all related advisories


Send Feedback to Secunia

If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.

Ideas, suggestions, and other feedback are most welcome.








Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Do you think it's important to read Setup/User Guides for applications for use within your network?


See Results   


Most Popular Advisories

1.
Internet Explorer "DisableCaching OfSSLPages" Weakness
2.
Microsoft Windows CE Image Processing Vulnerabilities
3.
Fedora update for sipp
4.
Fedora update for thunderbird
5.
Fedora update for tkimg
6.
Joomla DatsoGallery Component "sub_votepic.ph p" SQL Injection
7.
Fedora update for zoneminder
8.
Sun Solaris Print Service Unspecified Vulnerabilities
9.
SUSE Update for Multiple Packages
10.
Red Hat Directory Server Regular Expression Handler Buffer Overflow





Vulnerability Management - Terms & Conditions - Copyright 2002-2008 Secunia - Compliance - Contact Secunia