copyright | disclaimer | privacy | contact  
Australia's Leading Computer Emergency Response Team
Search this site

On this site

 > About AusCERT
 > Membership
 > Contact Us
 > PKI Services
 > Publications
 > Sec. Bulletins
 > Conferences
 > News & Media
 > Services
 > Web Log
 > Site Map
 > Site Help
 > Member login


ESB-2009.1457 - [Debian] expat: Denial of service - Remote with user interaction

Date: 29 October 2009
References: ASB-2009.1054  

Click here for printable version
Click here for PGP verifiable version
Hash: SHA1

             AUSCERT External Security Bulletin Redistribution

                 New expat packages fix denial of service
                              29 October 2009


        AusCERT Security Bulletin Summary

Product:           expat
Publisher:         Debian
Operating System:  Debian GNU/Linux 4
                   Debian GNU/Linux 5
Impact/Access:     Denial of Service -- Remote with User Interaction
Resolution:        Patch/Upgrade
CVE Names:         CVE-2009-2625  

Reference:         ASB-2009.1054

Original Bulletin:

- --------------------------BEGIN INCLUDED TEXT--------------------

Hash: SHA1

- - ------------------------------------------------------------------------
Debian Security Advisory DSA-1921-1                              Giuseppe Iuculano
October 28, 2009            
- - ------------------------------------------------------------------------

Package        : expat
Vulnerability  : denial of service
Problem type   : remote
Debian-specific: no
CVE Id         : CVE-2009-2625
Debian Bug     : 551936

Peter Valchev discovered an error in expat, an XML parsing C library,
when parsing certain UTF-8 sequences, which can be exploited to crash an
application using the library.

For the old stable distribution (etch), this problem has been fixed in
version 1.95.8-3.4+etch1.

For the stable distribution (lenny), this problem has been fixed in
version 2.0.1-4+lenny1.

For the testing distribution (squeeze) and the unstable distribution
(sid), this problem will be fixed soon.

We recommend that you upgrade your expat packages.

Upgrade instructions
- - --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 4.0 alias etch
- - -------------------------------

Debian (oldstable)
- - ------------------

Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:
    Size/MD5 checksum:   318349 aff487543845a82fe262e6e2922b4c8e
    Size/MD5 checksum:   413057 b78006808401dff164db95fd8f2499f0
    Size/MD5 checksum:      711 0a87419bbdae53aeacaf08eef449f8b3

alpha architecture (DEC Alpha)
    Size/MD5 checksum:   143212 7b134dfafbbc9bc66ccff9dc2eeff47f
    Size/MD5 checksum:    69412 9d0a43d446692ef43add0360db26c256
    Size/MD5 checksum:    22316 999371a25e7d944716db206d1c4e10cc
    Size/MD5 checksum:    61192 521bb25d4e511f26f63a62c194acf6b0

amd64 architecture (AMD x86_64 (AMD64))
    Size/MD5 checksum:   133646 d6b90212e771f641c21cee38ae37bd08
    Size/MD5 checksum:    56488 494fe3d0c4ac2c85b8b9f2d6ff9803dc
    Size/MD5 checksum:    21488 6125318bcc858833651fc29e003ada22
    Size/MD5 checksum:    64626 5704af163a7c90f06c83da1587c20b16

arm architecture (ARM)
    Size/MD5 checksum:    49414 70ad1f420deebf55461455ec52ba9a2e
    Size/MD5 checksum:   125270 cdfc0a34dad99c9c85c8f11cdada5884
    Size/MD5 checksum:    19760 cfa4b1b4005647b15b22730ede7b9a05
    Size/MD5 checksum:    57582 52acb1f317a52ef9e4429381dce93ba7

hppa architecture (HP PA RISC)
    Size/MD5 checksum:    64780 f9c37fed892741dbd9c27a54e6f8c147
    Size/MD5 checksum:   151792 a8add5beda89448ec1b1584a5f055216
    Size/MD5 checksum:    22646 6729356bed0d898b6660de36bb8a226b
    Size/MD5 checksum:    72970 3b0d2aa031bc6fe388daa5ee8fcc6da6

i386 architecture (Intel ia32)
    Size/MD5 checksum:    54964 e2df0e10b8466ca1f5534145f432b4fe
    Size/MD5 checksum:    21034 6e8dbc3e542af0a3c9b6970014c7e5e4
    Size/MD5 checksum:   128180 ad28064754c7f1fb08035ad626647448
    Size/MD5 checksum:    63076 0554efb1bbae1faa50d1c5c5a0038dfc

ia64 architecture (Intel ia64)
    Size/MD5 checksum:   164942 71ba03af83170f1efb508073c3ace2bc
    Size/MD5 checksum:    25042 f1ce83568dccc86afac7ca26501df87e
    Size/MD5 checksum:    87370 bc39d0e16d8f274834b97ff798620c2c
    Size/MD5 checksum:    95842 16ea105cb9be4e8f34f477942e833d3d

mips architecture (MIPS (Big Endian))
    Size/MD5 checksum:    64688 a0490288615044b9e71d2287db1e3b55
    Size/MD5 checksum:   141886 91a4ed2068294c45ccfa98e17330b858
    Size/MD5 checksum:    21556 e9805d4363f0380bbad732c0889e812f
    Size/MD5 checksum:    56622 9fa9d8b88bf0936795aedfbad1a498ab

mipsel architecture (MIPS (Little Endian))
    Size/MD5 checksum:    21614 4038b82ec3347f53ad7435cd9dbdee5d
    Size/MD5 checksum:    56206 be281b9712278314dde05df7dda3b9a1
    Size/MD5 checksum:   139468 48e8b40dc5101ff8255cec88b0c5a034
    Size/MD5 checksum:    64316 e59d24b012bd3d57ec18a8184801a901

powerpc architecture (PowerPC)
    Size/MD5 checksum:    67616 a4935eb9cf357861e6d22af5d81ca4de
    Size/MD5 checksum:    22912 6f1c43294a9bc041f2024bf86a5a242b
    Size/MD5 checksum:   148128 b7a3a1f85a29bee92889ca55a5d43552
    Size/MD5 checksum:    59454 dbe0efc19ee40ebf818e848ea4de363b

s390 architecture (IBM S/390)
    Size/MD5 checksum:   132490 c9cd7b6caa0c5a04e8f715132b0eb59b
    Size/MD5 checksum:    21388 5ee9487ec0ca34361d9b8cf5830c12f4
    Size/MD5 checksum:    56752 1b352f981450c98f8c00bf4baa2078f9
    Size/MD5 checksum:    64868 f9e54e5d2551451d31a763b13a2c364a

sparc architecture (Sun SPARC/UltraSPARC)
    Size/MD5 checksum:    59802 37e1cad658801c5026fba0ca514ad957
    Size/MD5 checksum:   128542 7229bcce28eba3eaecc264bfce901a53
    Size/MD5 checksum:    20364 6eff0d9ceb56cd2f8b2633fe54cbe5ab
    Size/MD5 checksum:    51888 cadd0f53bb0f10e3ba8571f515216231

Debian GNU/Linux 5.0 alias lenny
- - --------------------------------

Debian (stable)
- - ---------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:
    Size/MD5 checksum:   446456 ee8b492592568805593f81f8cdf2a04c
    Size/MD5 checksum:   133411 b5dc224140f8bcdfeab899c9a2aeaf4f
    Size/MD5 checksum:     1446 4f069e17ff00f0b1fb810560bce5db05

alpha architecture (DEC Alpha)
    Size/MD5 checksum:    24564 7f87bd7e3acb7fa2d22013721fdfa559
    Size/MD5 checksum:    62906 f95bc5aa62d8879afbd425c8fcf6b181
    Size/MD5 checksum:   135812 e4720cf53555b1011a9bb42253199cc2
    Size/MD5 checksum:   221676 826650f73b4d4969d3464d02af036adf

arm architecture (ARM)
    Size/MD5 checksum:   116376 536b22408ff81447bd9a984e4bc756e9
    Size/MD5 checksum:   203596 b46fc0f701c2dd02fbb70a6cae347f47
    Size/MD5 checksum:    52710 d4913705e34f828e76b27019c10337a4
    Size/MD5 checksum:    21998 c77c0e795b5af5d9538388ef8d1a25d8

armel architecture (ARM EABI)
    Size/MD5 checksum:   118426 cf02b38a12f7e8657f49bd8a7b0c2b6e
    Size/MD5 checksum:    22438 673a31f0e726110538bf5d6d53a3c282
    Size/MD5 checksum:    54246 8b263ca48bedce9acdc9d0c4101bf8f9
    Size/MD5 checksum:   212288 b50fa35fc55675d8ed42b39b625fb61a

hppa architecture (HP PA RISC)
    Size/MD5 checksum:   148612 b2e989c2d41537b7eded10ef12bdbbf5
    Size/MD5 checksum:   263104 e0b07e6ec6a833717f2ebf6a0a0b9762
    Size/MD5 checksum:    24772 4ce5b792eb6762d8e8cd26df498f1f66
    Size/MD5 checksum:    69464 8810e4ff889f120e4f51dfba788c1118

i386 architecture (Intel ia32)
    Size/MD5 checksum:   136372 910e7dc6c260cb7061b100738d8a1637
    Size/MD5 checksum:   131890 5091b56525caf7de535b6d5ca76c8f8d
    Size/MD5 checksum:   166714 6371c41f37ac8c15f9c311d6466a263c
    Size/MD5 checksum:    23152 d1e24f461306e329e74b0314a549dad6
    Size/MD5 checksum:   210960 d45ab14f22aedda35b035e608cba7709
    Size/MD5 checksum:    60860 73e491d5110ed35e4c005d244669e766

ia64 architecture (Intel ia64)
    Size/MD5 checksum:    98272 1cc10948dd1323607865151a0591adad
    Size/MD5 checksum:   291648 b2f7fe1850cf5fe6050f96005da1748d
    Size/MD5 checksum:    27380 2fd76be3636984916917998e81a4b9f3
    Size/MD5 checksum:   206108 397ec5dfd3f83c34fc39ff39ae8148fa

mips architecture (MIPS (Big Endian))
    Size/MD5 checksum:    61228 ea9ee5d1bca8efc3f4c0f0d2e9bb3930
    Size/MD5 checksum:    23738 38e25159f47889c901a3757af18f31c2
    Size/MD5 checksum:   234326 6b10c5a87366da9075eb433495ddc8e4
    Size/MD5 checksum:   132730 9949f7271e2ad5755721403b36a9c154

mipsel architecture (MIPS (Little Endian))
    Size/MD5 checksum:   224082 c45b4b489d8fd0325929f892ea39004c
    Size/MD5 checksum:    23774 bf5132a28a20a53aeef6bf12f2aa36c9
    Size/MD5 checksum:    60670 1c234db94cfc29fa5cb21e28cbeac6dc
    Size/MD5 checksum:   131658 06d1a814da4a66b807e3525a29f96e76

powerpc architecture (PowerPC)
    Size/MD5 checksum:    26826 8a7cd66d04cbbd0c3247bcca5182c951
    Size/MD5 checksum:   143872 a275b856d11ac3ce5189b65017e952e3
    Size/MD5 checksum:    64980 dbbf31280a7a727516fca9179da29263
    Size/MD5 checksum:   156368 7cca3cdd70382e3ed1d4d8d8217c4f45
    Size/MD5 checksum:   140358 8bd7bec1ea5c601a475f2e36a98c18cd
    Size/MD5 checksum:   278806 830816c1e396fb4d69696e244d785c44

s390 architecture (IBM S/390)
    Size/MD5 checksum:    24124 27b2ea41753a6576aaebe994f8833a60
    Size/MD5 checksum:   220192 813bf8bf832f774b4c5f3120ea48911a
    Size/MD5 checksum:    61928 af19fa9ec752837bfe87e398a466b7ea
    Size/MD5 checksum:   134458 b2af0c017b461dff94aeded9f70ded94
    Size/MD5 checksum:   173038 0dd72e1ad7913c685a25a88d6565fe39
    Size/MD5 checksum:   134430 389c55e7e57db27e58d9a350b2b3dec7

sparc architecture (Sun SPARC/UltraSPARC)
    Size/MD5 checksum:   125766 7fe69d7a65dcd222370f136ec87c5cec
    Size/MD5 checksum:   218412 e9dba766ea171c5ed3e47846f5f9d1ce
    Size/MD5 checksum:   172190 16d5b9d3449e374ab39ce1109ae974d5
    Size/MD5 checksum:    23126 c01eb7581f2fcb7a90becd0c37cffe5b
    Size/MD5 checksum:   133186 8c74fc1afc688092bee0516283d42537
    Size/MD5 checksum:    57658 409dcc8cd16d56d57a70b7eb8797e052

  These files will probably be moved into the stable distribution on
  its next update.

- - ---------------------------------------------------------------------------------
For apt-get: deb stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list:
Package info: `apt-cache show <pkg>' and<pkg>
Version: GnuPG v1.4.10 (GNU/Linux)


- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

If you believe that your computer system has been compromised or attacked in 
any way, we encourage you to let us know by completing the secure National IT 
Incident Reporting Form at:

Australian Computer Emergency Response Team
The University of Queensland
Qld 4072

Internet Email:
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.